From 9db1160c67ca7f2d0c72e0b3b34845606b5f0ee2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tomas=20Jovai=C5=A1as?= Date: Thu, 21 Jun 2018 11:40:07 +0300 Subject: [PATCH] Remove setting response after failed authentication --- CHANGELOG.md | 9 +++++++++ README.md | 14 +++++++------- src/Listener/BearerListener.php | 15 +-------------- 3 files changed, 17 insertions(+), 21 deletions(-) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..7ebc8fc --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,9 @@ +# Changelog +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) +and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). + +## 1.0.0 +### Changed +- `\Paysera\BearerAuthenticationBundle\Listener\BearerListener` not does not return 403 response after failing to authenticate user diff --git a/README.md b/README.md index 6a19a0f..4092d85 100644 --- a/README.md +++ b/README.md @@ -1,19 +1,19 @@ -#Bearer Authentication Bundle +# Bearer Authentication Bundle -##Install +## Install Add bundle to `AppKernel.php`: -``` +```php $bundles = [ ... new Paysera\BearerAuthenticationBundle\PayseraBearerAuthenticationBundle(), ]; ``` -##Samples +## Samples -Sample security.yml -``` +Sample `security.yml` +```yml security: providers: bearer_user: @@ -27,7 +27,7 @@ security: ``` All bearer handlers must be tagged with: -``` +```xml ``` and implement `\Paysera\BearerAuthenticationBundle\Security\User\HandlerInterface` diff --git a/src/Listener/BearerListener.php b/src/Listener/BearerListener.php index 1f69094..48016c7 100644 --- a/src/Listener/BearerListener.php +++ b/src/Listener/BearerListener.php @@ -3,7 +3,6 @@ namespace Paysera\BearerAuthenticationBundle\Listener; use Psr\Log\LoggerInterface; -use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\HeaderBag; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\Security\Http\Firewall\ListenerInterface; @@ -11,7 +10,6 @@ use Paysera\BearerAuthenticationBundle\Security\Authentication\Token\BearerToken; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; -use Paysera\BearerAuthenticationBundle\Security\Authentication\Token\BearerTokenInterface; class BearerListener implements ListenerInterface { @@ -58,20 +56,9 @@ public function handle(GetResponseEvent $event) try { $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); - - return; - } catch (AuthenticationException $e) { + } catch (AuthenticationException $exception) { $this->logger->debug('authentication failed for token', [$token]); - if ($token instanceof BearerTokenInterface) { - $this->tokenStorage->setToken(null); - } - $response = new Response; - $response->setStatusCode(403); - $event->setResponse($response); } - $response = new Response; - $response->setStatusCode(403); - $event->setResponse($response); } private function fixAuthHeader(HeaderBag $headers)