Merge pull request #2063 from willemverspyck/master

XWB · web-flow · commit 1c776967eaac · 2026-01-15T18:36:45.000+01:00
Support Symfony 8 and remove code of unsupported Symfony versions
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -82,10 +82,14 @@ jobs:
             symfony-version: '^6.4'
           - php: '8.4'
             symfony-version: '^7.4'
+          - php: '8.4'
+            symfony-version: '^8.0'
           - php: '8.5'
             symfony-version: '^6.4'
           - php: '8.5'
             symfony-version: '^7.4'
+          - php: '8.5'
+            symfony-version: '^8.0'
       fail-fast: false
 
     steps:
diff --git a/README.md b/README.md
@@ -12,7 +12,7 @@ Installation
 
 All the installation instructions are located in the documentation, check it for a specific version:
 
-* [__2.x__](https://github.com/hwi/HWIOAuthBundle/blob/master/docs/1-setting_up_the_bundle.md) (current) - with support for Symfony: `^6.4` & `^7.4` (PHP: `^8.3`),
+* [__2.x__](https://github.com/hwi/HWIOAuthBundle/blob/master/docs/1-setting_up_the_bundle.md) (current) - with support for Symfony: `^6.4`, `^7.4` and `^8.0` (PHP: `^8.3`),
 
 Documentation
 -------------
diff --git a/composer.json b/composer.json
@@ -95,29 +95,29 @@
     "require": {
         "php":                            "^8.3",
         "symfony/deprecation-contracts":  "^3.0",
-        "symfony/framework-bundle":       "^6.4 || ^7.4",
-        "symfony/http-foundation":        "^6.4 || ^7.4",
-        "symfony/security-bundle":        "^6.4 || ^7.4",
-        "symfony/options-resolver":       "^6.4 || ^7.4",
-        "symfony/form":                   "^6.4 || ^7.4",
-        "symfony/http-client":            "^6.4 || ^7.4",
-        "symfony/routing":                "^6.4 || ^7.4",
-        "symfony/twig-bundle":            "^6.4 || ^7.4"
+        "symfony/framework-bundle":       "^6.4 || ^7.4 || ^8.0",
+        "symfony/http-foundation":        "^6.4 || ^7.4 || ^8.0",
+        "symfony/security-bundle":        "^6.4 || ^7.4 || ^8.0",
+        "symfony/options-resolver":       "^6.4 || ^7.4 || ^8.0",
+        "symfony/form":                   "^6.4 || ^7.4 || ^8.0",
+        "symfony/http-client":            "^6.4 || ^7.4 || ^8.0",
+        "symfony/routing":                "^6.4 || ^7.4 || ^8.0",
+        "symfony/twig-bundle":            "^6.4 || ^7.4 || ^8.0"
     },
 
     "require-dev": {
-        "doctrine/doctrine-bundle":     "^2.4",
-        "doctrine/orm":                 "^2.9",
-        "symfony/browser-kit":          "^6.4 || ^7.4",
-        "symfony/css-selector":         "^6.4 || ^7.4",
-        "symfony/property-access":      "^6.4 || ^7.4",
-        "symfony/validator":            "^6.4 || ^7.4",
-        "symfony/stopwatch":            "^6.4 || ^7.4",
-        "symfony/translation":          "^6.4 || ^7.4",
-        "symfony/yaml":                 "^6.4 || ^7.4",
+        "doctrine/doctrine-bundle":     "^2.4 || ^3.2",
+        "doctrine/orm":                 "^2.9 || ^3.6",
+        "symfony/browser-kit":          "^6.4 || ^7.4 || ^8.0",
+        "symfony/css-selector":         "^6.4 || ^7.4 || ^8.0",
+        "symfony/property-access":      "^6.4 || ^7.4 || ^8.0",
+        "symfony/validator":            "^6.4 || ^7.4 || ^8.0",
+        "symfony/stopwatch":            "^6.4 || ^7.4 || ^8.0",
+        "symfony/translation":          "^6.4 || ^7.4 || ^8.0",
+        "symfony/yaml":                 "^6.4 || ^7.4 || ^8.0",
         "phpunit/phpunit":              "^12.3",
         "friendsofphp/php-cs-fixer":    "^3.23",
-        "symfony/monolog-bundle":       "^3.4",
+        "symfony/monolog-bundle":       "^3.4 || ^4.0",
         "phpstan/phpstan":              "^2.1",
         "phpstan/phpstan-symfony":      "^2.0",
         "phpstan/extension-installer":  "^1.3",
diff --git a/phpstan.neon b/phpstan.neon
@@ -4,16 +4,4 @@ parameters:
         - src/
         - tests/
     excludePaths:
-        - src/Security/Core/Exception/AccountNotLinkedException.php
-        - src/Security/Core/User/OAuthAwareUserProviderInterface.php
-        - src/Security/Http/Firewall/OAuthListener.php
-        - tests/Security/Core/Authentication/Provider/OAuthProviderTest.php
-
         - vendor/*
-    # Symfony <5.4 BC layer
-    reportUnmatchedIgnoredErrors: false
-    ignoreErrors:
-        - '#Parameter \$event of method HWI\\Bundle\\OAuthBundle\\Controller\\Connect\\AbstractController::dispatch\(\) has invalid type Symfony\\Component\\EventDispatcher\\Event.#'
-        - '#Parameter \#2 \$array of function implode expects array<string>, array<int, array\|string\|null> given.#'
-        - '#PHPDoc type DOMNode of property HWI\\Bundle\\OAuthBundle\\OAuth\\Response\\SensioConnectUserResponse::\$data is not covariant with PHPDoc type array of overridden property HWI\\Bundle\\OAuthBundle\\OAuth\\Response\\AbstractUserResponse::\$data#'
-        - '#Call to function method_exists\(\) with Symfony\\Component\\Security\\Http\\Authenticator\\Debug\\TraceableAuthenticator#'
diff --git a/src/Controller/RedirectToServiceController.php b/src/Controller/RedirectToServiceController.php
@@ -14,6 +14,7 @@
 use HWI\Bundle\OAuthBundle\Security\Http\ResourceOwnerMapLocator;
 use HWI\Bundle\OAuthBundle\Security\OAuthUtils;
 use HWI\Bundle\OAuthBundle\Util\DomainWhitelist;
+use HWI\Bundle\OAuthBundle\Util\Parameter;
 use RuntimeException;
 use Symfony\Component\HttpFoundation\Exception\SessionNotFoundException;
 use Symfony\Component\HttpFoundation\RedirectResponse;
@@ -68,7 +69,7 @@ private function storeReturnPath(Request $request, string $authorizationUrl): vo
             $sessionKey = '_security.'.$firewallName.'.target_path';
             $sessionKeyFailure = '_security.'.$firewallName.'.failed_target_path';
 
-            if (!empty($param) && $targetUrl = $request->get($param)) {
+            if (!empty($param) && $targetUrl = Parameter::get($request, $param)) {
                 if (!$this->domainWhitelist->isValidTargetUrl($targetUrl)) {
                     throw new AccessDeniedHttpException('Not allowed to redirect to '.$targetUrl);
                 }
diff --git a/src/DependencyInjection/Configuration.php b/src/DependencyInjection/Configuration.php
@@ -149,7 +149,6 @@ public function getConfigTreeBuilder(): TreeBuilder
 
     private function addResourceOwnersConfiguration(ArrayNodeDefinition $node): void
     {
-        /* @phpstan-ignore-next-line */
         $node
             ->fixXmlConfig('resource_owner')
             ->children()
diff --git a/src/OAuth/Response/SensioConnectUserResponse.php b/src/OAuth/Response/SensioConnectUserResponse.php
@@ -28,6 +28,8 @@ final class SensioConnectUserResponse extends AbstractUserResponse
 {
     /**
      * @var DOMNode
+     *
+     * @phpstan-ignore-next-line
      */
     protected $data;
 
diff --git a/src/Resources/config/oauth.php b/src/Resources/config/oauth.php
@@ -19,16 +19,11 @@
 use HWI\Bundle\OAuthBundle\Security\Http\Authentication\AuthenticationFailureHandler;
 use HWI\Bundle\OAuthBundle\Security\Http\EntryPoint\OAuthEntryPoint;
 use HWI\Bundle\OAuthBundle\Security\Http\Firewall\AbstractRefreshAccessTokenListener;
-use HWI\Bundle\OAuthBundle\Security\Http\Firewall\OAuthListener;
 use HWI\Bundle\OAuthBundle\Security\OAuthUtils;
 
 return static function (ContainerConfigurator $containerConfigurator): void {
     $services = $containerConfigurator->services();
 
-    $services->set('hwi_oauth.authentication.listener.oauth', OAuthListener::class)
-        ->abstract()
-        ->parent('security.authentication.listener.abstract');
-
     $services->set('hwi_oauth.authentication.entry_point.oauth', OAuthEntryPoint::class)
         ->args([
             service('http_kernel'),
diff --git a/src/Security/Http/Authenticator/OAuthAuthenticator.php b/src/Security/Http/Authenticator/OAuthAuthenticator.php
@@ -18,6 +18,7 @@
 use HWI\Bundle\OAuthBundle\Security\Core\User\OAuthAwareUserProviderInterface;
 use HWI\Bundle\OAuthBundle\Security\Http\Authenticator\Passport\Badge\OAuthTokenBadge;
 use HWI\Bundle\OAuthBundle\Security\Http\ResourceOwnerMapInterface;
+use HWI\Bundle\OAuthBundle\Util\Parameter;
 use LogicException;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
@@ -113,7 +114,7 @@ public function authenticate(Request $request): Passport
         }
 
         $resourceOwner->isCsrfTokenValid(
-            $this->extractCsrfTokenFromState($request->get('state'))
+            $this->extractCsrfTokenFromState(Parameter::get($request, 'state'))
         );
 
         $accessToken = $resourceOwner->getAccessToken(
diff --git a/src/Security/Http/Firewall/OAuthListener.php b/src/Security/Http/Firewall/OAuthListener.php
diff --git a/src/Security/Http/Firewall/RefreshAccessTokenListener.php b/src/Security/Http/Firewall/RefreshAccessTokenListener.php
@@ -40,7 +40,7 @@ protected function refreshToken(OAuthToken $token): OAuthToken
             return $this->authenticator->refreshToken($token);
         }
 
-        if ($this->authenticator instanceof TraceableAuthenticator && method_exists($this->authenticator, 'getAuthenticator')) {
+        if ($this->authenticator instanceof TraceableAuthenticator) {
             $authenticator = $this->authenticator->getAuthenticator();
 
             if ($authenticator instanceof OAuthAuthenticator) {
diff --git a/src/Security/Http/ResourceOwnerMap.php b/src/Security/Http/ResourceOwnerMap.php
@@ -13,6 +13,7 @@
 
 use HWI\Bundle\OAuthBundle\OAuth\ResourceOwnerInterface;
 use HWI\Bundle\OAuthBundle\OAuth\State\State;
+use HWI\Bundle\OAuthBundle\Util\Parameter;
 use Psr\Container\NotFoundExceptionInterface;
 use Symfony\Component\DependencyInjection\ServiceLocator;
 use Symfony\Component\HttpFoundation\Request;
@@ -76,7 +77,7 @@ public function getResourceOwnerByRequest(Request $request): ?array
 
                 // save the round-tripped state to the resource owner
                 if (null !== $resourceOwner) {
-                    $resourceOwner->storeState(new State($request->get('state'), false));
+                    $resourceOwner->storeState(new State(Parameter::get($request, 'state'), false));
                 }
 
                 return [$resourceOwner, $checkPath];
diff --git a/src/Util/Parameter.php b/src/Util/Parameter.php
@@ -0,0 +1,22 @@
+<?php
+
+/*
+ * This file is part of the HWIOAuthBundle package.
+ *
+ * (c) Hardware Info <opensource@hardware.info>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace HWI\Bundle\OAuthBundle\Util;
+
+use Symfony\Component\HttpFoundation\Request;
+
+final class Parameter
+{
+    public static function get(Request $request, string $field): ?string
+    {
+        return $request->query->get($field) ?? $request->request->get($field);
+    }
+}
diff --git a/tests/App/config/config_v6.yaml b/tests/App/config/config_v6.yaml
@@ -100,6 +100,5 @@ hwi_oauth:
 
 twig:
     strict_variables: '%kernel.debug%'
-    exception_controller: ~
     paths:
         '%kernel.project_dir%/templates': 'Acme'
diff --git a/tests/Controller/RedirectToServiceControllerTest.php b/tests/Controller/RedirectToServiceControllerTest.php
@@ -61,7 +61,7 @@ public function testTargetUrlIsCorrect(): void
 
     public function testTargetPathParameter(): void
     {
-        $this->request->attributes->set($this->targetPathParameter, 'https://domain.com/target/path');
+        $this->request->query->set($this->targetPathParameter, 'https://domain.com/target/path');
 
         $this->session->expects($this->once())
             ->method('set')
@@ -111,7 +111,7 @@ public function testThrowAccessDeniedExceptionForNonWhitelistedTargetPath(): voi
         $this->expectException(AccessDeniedHttpException::class);
         $this->expectExceptionMessage('Not allowed to redirect to /malicious/target/path');
 
-        $this->request->attributes->set($this->targetPathParameter, '/malicious/target/path');
+        $this->request->query->set($this->targetPathParameter, '/malicious/target/path');
 
         $this->session->expects($this->never())
             ->method('set')
diff --git a/tests/Security/Core/Authentication/Provider/OAuthProviderTest.php b/tests/Security/Core/Authentication/Provider/OAuthProviderTest.php

Original file line number	Diff line number	Diff line change
`@@ -149,7 +149,6 @@ public function getConfigTreeBuilder(): TreeBuilder`
`149`	`149`
`150`	`150`	`private function addResourceOwnersConfiguration(ArrayNodeDefinition $node): void`
`151`	`151`	`{`
`152`		`- /* @phpstan-ignore-next-line */`
`153`	`152`	`$node`
`154`	`153`	`->fixXmlConfig('resource_owner')`
`155`	`154`	`->children()`
Original file line number	Diff line number	Diff line change
`@@ -28,6 +28,8 @@ final class SensioConnectUserResponse extends AbstractUserResponse`
`28`	`28`	`{`
`29`	`29`	`/**`
`30`	`30`	`* @var DOMNode`
	`31`	`+ *`
	`32`	`+ * @phpstan-ignore-next-line`
`31`	`33`	`*/`
`32`	`34`	`protected $data;`
`33`	`35`