Add support for the new remember-me system for the programmatic login

Author: stof

DependencyInjection/Compiler/InjectRememberMeServicesPass.php

@@ -34,7 +34,9 @@ public function process(ContainerBuilder $container)
         $firewallName = $container->getParameter('fos_user.firewall_name');
         $loginManager = $container->getDefinition('fos_user.security.login_manager');
 
-        if ($container->hasDefinition('security.authentication.rememberme.services.persistent.'.$firewallName)) {
+        if ($container->has('security.authenticator.remember_me_handler.'.$firewallName)) {
+            $loginManager->replaceArgument(4, new Reference('security.authenticator.remember_me_handler.'.$firewallName));
+        } elseif ($container->hasDefinition('security.authentication.rememberme.services.persistent.'.$firewallName)) {
             $loginManager->replaceArgument(4, new Reference('security.authentication.rememberme.services.persistent.'.$firewallName));
         } elseif ($container->hasDefinition('security.authentication.rememberme.services.simplehash.'.$firewallName)) {
             $loginManager->replaceArgument(4, new Reference('security.authentication.rememberme.services.simplehash.'.$firewallName));

Security/LoginManager.php

@@ -17,6 +17,7 @@
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\User\UserCheckerInterface;
+use Symfony\Component\Security\Http\RememberMe\RememberMeHandlerInterface;
 use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
 use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
 
@@ -48,23 +49,27 @@ class LoginManager implements LoginManagerInterface
     private $requestStack;
 
     /**
-     * @var RememberMeServicesInterface
+     * @var RememberMeHandlerInterface|RememberMeServicesInterface|null
      */
-    private $rememberMeService;
+    private $rememberMeHandler;
 
     /**
-     * LoginManager constructor.
+     * @param RememberMeHandlerInterface|RememberMeServicesInterface|null $rememberMeHandler
      */
     public function __construct(TokenStorageInterface $tokenStorage, UserCheckerInterface $userChecker,
                                 SessionAuthenticationStrategyInterface $sessionStrategy,
                                 RequestStack $requestStack,
-                                RememberMeServicesInterface $rememberMeService = null
+                                $rememberMeHandler = null
     ) {
+        if (null !== $rememberMeHandler && !$rememberMeHandler instanceof RememberMeHandlerInterface && !$rememberMeHandler instanceof RememberMeServicesInterface) {
+            throw new \TypeError(sprintf('Argument 2 passed to "%s()" must be an instance of "%s|%s|null", "%s" given.', __METHOD__, RememberMeHandlerInterface::class, RememberMeServicesInterface::class, \is_object($rememberMeHandler) ? \get_class($rememberMeHandler) : \gettype($rememberMeHandler)));
+        }
+
         $this->tokenStorage = $tokenStorage;
         $this->userChecker = $userChecker;
         $this->sessionStrategy = $sessionStrategy;
         $this->requestStack = $requestStack;
-        $this->rememberMeService = $rememberMeService;
+        $this->rememberMeHandler = $rememberMeHandler;
     }
 
     /**
@@ -80,8 +85,10 @@ final public function logInUser($firewallName, UserInterface $user, Response $re
         if (null !== $request) {
             $this->sessionStrategy->onAuthentication($request, $token);
 
-            if (null !== $response && null !== $this->rememberMeService) {
-                $this->rememberMeService->loginSuccess($request, $response, $token);
+            if (null !== $response && $this->rememberMeHandler instanceof RememberMeServicesInterface) {
+                $this->rememberMeHandler->loginSuccess($request, $response, $token);
+            } elseif ($this->rememberMeHandler instanceof RememberMeHandlerInterface) {
+                $this->rememberMeHandler->createRememberMeCookie($user);
             }
         }
 

Tests/Security/LoginManagerTest.php

@@ -11,9 +11,17 @@
 
 namespace FOS\UserBundle\Tests\Security;
 
+use FOS\UserBundle\Model\UserInterface;
 use FOS\UserBundle\Security\LoginManager;
 use PHPUnit\Framework\TestCase;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Http\RememberMe\RememberMeHandlerInterface;
+use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
+use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
 
 class LoginManagerTest extends TestCase
 {
@@ -23,66 +31,79 @@ public function testLogInUserWithRequestStack()
         $loginManager->logInUser('main', $this->mockUser());
     }
 
-    public function testLogInUserWithRememberMeAndRequestStack()
+    public function testLogInUserWithRememberMeHandler()
     {
-        $response = $this->getMockBuilder('Symfony\Component\HttpFoundation\Response')->getMock();
+        if (!interface_exists(RememberMeHandlerInterface::class)) {
+            $this->markTestSkipped('This test requires Symfony 5.3+.');
+        }
 
-        $loginManager = $this->createLoginManager('main', $response);
-        $loginManager->logInUser('main', $this->mockUser(), $response);
+        $response = new Response();
+        $user = $this->mockUser();
+
+        $rememberMeHandler = $this->createMock(RememberMeHandlerInterface::class);
+        $rememberMeHandler->expects($this->once())
+            ->method('createRememberMeCookie')
+            ->with($user);
+
+        $loginManager = $this->createLoginManager('main', $rememberMeHandler);
+        $loginManager->logInUser('main', $user, $response);
     }
 
     /**
-     * @param string $firewallName
-     *
-     * @return LoginManager
+     * @group legacy
      */
-    private function createLoginManager($firewallName, Response $response = null)
+    public function testLogInUserWithRememberMeService()
     {
-        $tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
+        if (!interface_exists(RememberMeServicesInterface::class)) {
+            $this->markTestSkipped('This test does not support Symfony 6+.');
+        }
+
+        $response = new Response();
+
+        $rememberMeService = $this->createMock(RememberMeServicesInterface::class);
+        $rememberMeService
+            ->expects($this->once())
+            ->method('loginSuccess')
+            ->with($this->isInstanceOf(Request::class), $response, $this->isInstanceOf(TokenInterface::class));
+
+        $loginManager = $this->createLoginManager('main', $rememberMeService);
+        $loginManager->logInUser('main', $this->mockUser(), $response);
+    }
 
+    /**
+     * @param RememberMeHandlerInterface|RememberMeServicesInterface|null $rememberMeHandler
+     */
+    private function createLoginManager(string $firewallName, $rememberMeHandler = null): LoginManager
+    {
+        $tokenStorage = $this->getMockBuilder(TokenStorageInterface::class)->getMock();
         $tokenStorage
             ->expects($this->once())
             ->method('setToken')
-            ->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'));
+            ->with($this->isInstanceOf(TokenInterface::class));
 
         $userChecker = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserCheckerInterface')->getMock();
         $userChecker
             ->expects($this->once())
             ->method('checkPreAuth')
-            ->with($this->isInstanceOf('FOS\UserBundle\Model\UserInterface'));
+            ->with($this->isInstanceOf(UserInterface::class));
 
-        $request = $this->getMockBuilder('Symfony\Component\HttpFoundation\Request')->getMock();
+        $request = new Request();
 
-        $sessionStrategy = $this->getMockBuilder('Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface')->getMock();
+        $sessionStrategy = $this->getMockBuilder(SessionAuthenticationStrategyInterface::class)->getMock();
         $sessionStrategy
             ->expects($this->once())
             ->method('onAuthentication')
-            ->with($request, $this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'));
+            ->with($request, $this->isInstanceOf(TokenInterface::class));
 
-        $requestStack = $this->getMockBuilder('Symfony\Component\HttpFoundation\RequestStack')->getMock();
-        $requestStack
-            ->expects($this->once())
-            ->method('getCurrentRequest')
-            ->will($this->returnValue($request));
-
-        $rememberMe = null;
-        if (null !== $response) {
-            $rememberMe = $this->getMockBuilder('Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface')->getMock();
-            $rememberMe
-                ->expects($this->once())
-                ->method('loginSuccess')
-                ->with($request, $response, $this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'));
-        }
+        $requestStack = new RequestStack();
+        $requestStack->push($request);
 
-        return new LoginManager($tokenStorage, $userChecker, $sessionStrategy, $requestStack, $rememberMe);
+        return new LoginManager($tokenStorage, $userChecker, $sessionStrategy, $requestStack, $rememberMeHandler);
     }
 
-    /**
-     * @return mixed
-     */
-    private function mockUser()
+    private function mockUser(): UserInterface
     {
-        $user = $this->getMockBuilder('FOS\UserBundle\Model\UserInterface')->getMock();
+        $user = $this->getMockBuilder(UserInterface::class)->getMock();
         $user
             ->expects($this->once())
             ->method('getRoles')