Cadoles/hydra-sql
22
0
Fork 0
Code Issues 5 Pull Requests 3 Projects Releases Wiki Activity

login consent app sql

Browse Source
This commit is contained in:
Rudy Masson
2022-05-03 08:54:45 +02:00
parent e7253acfd8
commit f9a6535906
1652 changed files with 187600 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
vendor/symfony/security-bundle/Resources/config/collectors.php vendored Normal file
View File

@ -0,0 +1,33 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Bundle\SecurityBundle\DataCollector\SecurityDataCollector;
return static function (ContainerConfigurator $container) {
$container->services()
->set('data_collector.security', SecurityDataCollector::class)
->args([
service('security.untracked_token_storage'),
service('security.role_hierarchy'),
service('security.logout_url_generator'),
service('security.access.decision_manager'),
service('security.firewall.map'),
service('debug.security.firewall')->nullOnInvalid(),
])
->tag('data_collector', [
'template' => '@Security/Collector/security.html.twig',
'id' => 'security',
'priority' => 270,
])
;
};

36
vendor/symfony/security-bundle/Resources/config/console.php vendored Normal file
View File

@ -0,0 +1,36 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Bundle\SecurityBundle\Command\UserPasswordEncoderCommand;
use Symfony\Component\PasswordHasher\Command\UserPasswordHashCommand;
return static function (ContainerConfigurator $container) {
$container->services()
->set('security.command.user_password_encoder', UserPasswordEncoderCommand::class)
->args([
service('security.encoder_factory'),
abstract_arg('encoders user classes'),
])
->tag('console.command', ['command' => 'security:encode-password'])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use "security.command.user_password_hash" instead.')
;
$container->services()
->set('security.command.user_password_hash', UserPasswordHashCommand::class)
->args([
service('security.password_hasher_factory'),
abstract_arg('list of user classes'),
])
->tag('console.command')
;
};

28
vendor/symfony/security-bundle/Resources/config/debug_console.php vendored Normal file
View File

@ -0,0 +1,28 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Bundle\SecurityBundle\Command\DebugFirewallCommand;
return static function (ContainerConfigurator $container) {
$container->services()
->set('security.command.debug_firewall', DebugFirewallCommand::class)
->args([
param('security.firewalls'),
service('security.firewall.context_locator'),
tagged_locator('event_dispatcher.dispatcher', 'name'),
[],
false,
])
->tag('console.command', ['command' => 'debug:firewall'])
;
};

56
vendor/symfony/security-bundle/Resources/config/guard.php vendored Normal file
View File

@ -0,0 +1,56 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Component\Security\Guard\Firewall\GuardAuthenticationListener;
use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
use Symfony\Component\Security\Guard\Provider\GuardAuthenticationProvider;
return static function (ContainerConfigurator $container) {
$container->services()
->set('security.authentication.guard_handler', GuardAuthenticatorHandler::class)
->args([
service('security.token_storage'),
service('event_dispatcher')->nullOnInvalid(),
abstract_arg('stateless firewall keys'),
])
->call('setSessionAuthenticationStrategy', [service('security.authentication.session_strategy')])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->alias(GuardAuthenticatorHandler::class, 'security.authentication.guard_handler')
->deprecate('symfony/security-bundle', '5.3', 'The "%alias_id%" alias is deprecated, use the new authenticator system instead.')
->set('security.authentication.provider.guard', GuardAuthenticationProvider::class)
->abstract()
->args([
abstract_arg('Authenticators'),
abstract_arg('User Provider'),
abstract_arg('Provider-shared Key'),
abstract_arg('User Checker'),
service('security.password_hasher'),
])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.listener.guard', GuardAuthenticationListener::class)
->abstract()
->args([
service('security.authentication.guard_handler'),
service('security.authentication.manager'),
abstract_arg('Provider-shared Key'),
abstract_arg('Authenticators'),
service('logger')->nullOnInvalid(),
param('security.authentication.hide_user_not_found'),
])
->tag('monolog.logger', ['channel' => 'security'])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
;
};

30
vendor/symfony/security-bundle/Resources/config/password_hasher.php vendored Normal file
View File

@ -0,0 +1,30 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory;
use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactoryInterface;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasher;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
return static function (ContainerConfigurator $container) {
$container->services()
->set('security.password_hasher_factory', PasswordHasherFactory::class)
->args([[]])
->alias(PasswordHasherFactoryInterface::class, 'security.password_hasher_factory')
->set('security.user_password_hasher', UserPasswordHasher::class)
->args([service('security.password_hasher_factory')])
->alias('security.password_hasher', 'security.user_password_hasher')
->alias(UserPasswordHasherInterface::class, 'security.password_hasher')
;
};

425
vendor/symfony/security-bundle/Resources/config/schema/security-1.0.xsd vendored Normal file
View File

@ -0,0 +1,425 @@
<?xml version="1.0" encoding="UTF-8" ?>
<xsd:schema xmlns="http://symfony.com/schema/dic/security"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
targetNamespace="http://symfony.com/schema/dic/security"
elementFormDefault="qualified">
<xsd:element name="config" type="config" />
<xsd:complexType name="config">
<xsd:choice maxOccurs="unbounded">
<xsd:element name="access-decision-manager" type="access_decision_manager" minOccurs="0" maxOccurs="1" />
<xsd:element name="encoders" type="encoders" minOccurs="0" maxOccurs="1" />
<xsd:element name="encoder" type="encoder" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="password_hashers" type="password_hashers" minOccurs="0" maxOccurs="1" />
<xsd:element name="password_hasher" type="password_hasher" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="providers" type="providers" minOccurs="0" maxOccurs="1" />
<xsd:element name="provider" type="provider" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="firewalls" type="firewalls" minOccurs="0" maxOccurs="1" />
<xsd:element name="firewall" type="firewall" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="rule" type="rule" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="role" type="role" minOccurs="0" maxOccurs="unbounded" />
</xsd:choice>
<xsd:attribute name="access-denied-url" type="xsd:string" />
<xsd:attribute name="session-fixation-strategy" type="session_fixation_strategy" />
<xsd:attribute name="hide-user-not-found" type="xsd:boolean" />
<xsd:attribute name="always-authenticate-before-granting" type="xsd:boolean" />
<xsd:attribute name="erase-credentials" type="xsd:boolean" />
<xsd:attribute name="enable-authenticator-manager" type="xsd:boolean" />
</xsd:complexType>
<xsd:complexType name="encoders">
<xsd:sequence>
<xsd:element name="encoder" type="encoder" minOccurs="1" maxOccurs="unbounded" />
</xsd:sequence>
</xsd:complexType>
<xsd:complexType name="password_hashers">
<xsd:sequence>
<xsd:element name="password_hasher" type="password_hasher" minOccurs="1" maxOccurs="unbounded" />
</xsd:sequence>
</xsd:complexType>
<xsd:complexType name="providers">
<xsd:sequence>
<xsd:element name="provider" type="provider" minOccurs="1" maxOccurs="unbounded" />
</xsd:sequence>
</xsd:complexType>
<xsd:complexType name="firewalls">
<xsd:sequence>
<xsd:element name="firewall" type="firewall" minOccurs="1" maxOccurs="unbounded" />
</xsd:sequence>
</xsd:complexType>
<xsd:simpleType name="session_fixation_strategy">
<xsd:restriction base="xsd:string">
<xsd:enumeration value="none" />
<xsd:enumeration value="migrate" />
<xsd:enumeration value="invalidate" />
</xsd:restriction>
</xsd:simpleType>
<xsd:complexType name="access_decision_manager">
<xsd:attribute name="strategy" type="access_decision_manager_strategy" />
<xsd:attribute name="service" type="xsd:string" />
<xsd:attribute name="strategy-service" type="xsd:string" />
<xsd:attribute name="allow-if-all-abstain" type="xsd:boolean" />
<xsd:attribute name="allow-if-equal-granted-denied" type="xsd:boolean" />
</xsd:complexType>
<xsd:simpleType name="access_decision_manager_strategy">
<xsd:restriction base="xsd:string">
<xsd:enumeration value="affirmative" />
<xsd:enumeration value="consensus" />
<xsd:enumeration value="unanimous" />
<xsd:enumeration value="priority" />
</xsd:restriction>
</xsd:simpleType>
<xsd:complexType name="encoder">
<xsd:sequence>
<xsd:element name="migrate-from" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
</xsd:sequence>
<xsd:attribute name="class" type="xsd:string" use="required" />
<xsd:attribute name="algorithm" type="xsd:string" />
<xsd:attribute name="hash-algorithm" type="xsd:string" />
<xsd:attribute name="key-length" type="xsd:string" />
<xsd:attribute name="ignore-case" type="xsd:boolean" />
<xsd:attribute name="encode-as-base64" type="xsd:boolean" />
<xsd:attribute name="iterations" type="xsd:string" />
<xsd:attribute name="cost" type="xsd:integer" />
<xsd:attribute name="memory-cost" type="xsd:string" />
<xsd:attribute name="time-cost" type="xsd:string" />
<xsd:attribute name="id" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="password_hasher">
<xsd:sequence>
<xsd:element name="migrate-from" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
</xsd:sequence>
<xsd:attribute name="class" type="xsd:string" use="required" />
<xsd:attribute name="algorithm" type="xsd:string" />
<xsd:attribute name="hash-algorithm" type="xsd:string" />
<xsd:attribute name="key-length" type="xsd:string" />
<xsd:attribute name="ignore-case" type="xsd:boolean" />
<xsd:attribute name="encode-as-base64" type="xsd:boolean" />
<xsd:attribute name="iterations" type="xsd:string" />
<xsd:attribute name="cost" type="xsd:integer" />
<xsd:attribute name="memory-cost" type="xsd:string" />
<xsd:attribute name="time-cost" type="xsd:string" />
<xsd:attribute name="id" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="provider">
<xsd:choice minOccurs="0" maxOccurs="1">
<xsd:element name="chain" type="chain" />
<xsd:element name="memory" type="memory" />
<xsd:element name="ldap" type="ldap" />
<!-- allow factories to use dynamic elements -->
<xsd:any processContents="lax" />
</xsd:choice>
<xsd:attribute name="name" type="xsd:string" use="required" />
<xsd:attribute name="id" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="chain">
<xsd:sequence minOccurs="0" maxOccurs="unbounded">
<xsd:element name="provider" type="xsd:string" />
</xsd:sequence>
<xsd:attribute name="providers" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="memory">
<xsd:sequence>
<xsd:element name="user" type="user" minOccurs="1" maxOccurs="unbounded" />
</xsd:sequence>
</xsd:complexType>
<xsd:complexType name="user">
<xsd:attribute name="identifier" type="xsd:string" />
<xsd:attribute name="name" type="xsd:string" />
<xsd:attribute name="password" type="xsd:string" />
<xsd:attribute name="roles" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="ldap">
<xsd:choice minOccurs="0" maxOccurs="unbounded">
<xsd:element name="extra-field" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="default-role" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
</xsd:choice>
<xsd:attribute name="service" type="xsd:string" use="required" />
<xsd:attribute name="base-dn" type="xsd:string" use="required" />
<xsd:attribute name="search-dn" type="xsd:string" />
<xsd:attribute name="search-password" type="xsd:string" />
<xsd:attribute name="uid-key" type="xsd:string" />
<xsd:attribute name="filter" type="xsd:string" />
<xsd:attribute name="password-attribute" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="firewall">
<xsd:choice maxOccurs="unbounded">
<xsd:element name="logout" type="logout" minOccurs="0" maxOccurs="1" />
<xsd:element name="switch-user" type="switch_user" minOccurs="0" maxOccurs="1" />
<xsd:element name="anonymous" type="anonymous" minOccurs="0" maxOccurs="1" />
<xsd:element name="form-login" type="form_login" minOccurs="0" maxOccurs="1" />
<xsd:element name="form-login-ldap" type="form_login_ldap" minOccurs="0" maxOccurs="1" />
<xsd:element name="guard" type="guard" minOccurs="0" maxOccurs="1" />
<xsd:element name="http-basic" type="http_basic" minOccurs="0" maxOccurs="1" />
<xsd:element name="http-basic-ldap" type="http_basic_ldap" minOccurs="0" maxOccurs="1" />
<xsd:element name="json-login" type="json_login" minOccurs="0" maxOccurs="1" />
<xsd:element name="json-login-ldap" type="json_login_ldap" minOccurs="0" maxOccurs="1" />
<xsd:element name="login-throttling" type="login_throttling" minOccurs="0" maxOccurs="1" />
<xsd:element name="remember-me" type="remember_me" minOccurs="0" maxOccurs="1" />
<xsd:element name="remote-user" type="remote_user" minOccurs="0" maxOccurs="1" />
<xsd:element name="x509" type="x509" minOccurs="0" maxOccurs="1" />
<xsd:element name="required-badge" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
<!-- allow factories to use dynamic elements -->
<xsd:any processContents="lax" minOccurs="0" maxOccurs="unbounded" />
</xsd:choice>
<xsd:attribute name="name" type="xsd:string" use="required" />
<xsd:attribute name="pattern" type="xsd:string" />
<xsd:attribute name="host" type="xsd:string" />
<xsd:attribute name="methods" type="xsd:string" />
<xsd:attribute name="security" type="xsd:boolean" />
<xsd:attribute name="user-checker" type="xsd:string" />
<xsd:attribute name="request-matcher" type="xsd:string" />
<xsd:attribute name="access-denied-url" type="xsd:string" />
<xsd:attribute name="access-denied-handler" type="xsd:string" />
<xsd:attribute name="entry-point" type="xsd:string" />
<xsd:attribute name="provider" type="xsd:string" />
<xsd:attribute name="stateless" type="xsd:boolean" />
<xsd:attribute name="context" type="xsd:string" />
<xsd:attribute name="lazy" type="xsd:boolean" />
<!-- allow factories to use dynamic elements -->
<xsd:anyAttribute processContents="lax" />
</xsd:complexType>
<xsd:complexType name="logout">
<xsd:sequence>
<xsd:element name="delete-cookie" type="delete_cookie" minOccurs="0" maxOccurs="unbounded" />
</xsd:sequence>
<xsd:attribute name="csrf-parameter" type="xsd:string" />
<xsd:attribute name="csrf-token-generator" type="xsd:string" />
<xsd:attribute name="csrf-token-id" type="xsd:string" />
<xsd:attribute name="path" type="xsd:string" />
<xsd:attribute name="target" type="xsd:string" />
<xsd:attribute name="success-handler" type="xsd:string" />
<xsd:attribute name="invalidate-session" type="xsd:boolean" />
</xsd:complexType>
<xsd:complexType name="delete_cookie">
<xsd:attribute name="name" type="xsd:string" use="required" />
<xsd:attribute name="path" type="xsd:string" />
<xsd:attribute name="domain" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="switch_user">
<xsd:attribute name="provider" type="xsd:string" />
<xsd:attribute name="parameter" type="xsd:string" />
<xsd:attribute name="role" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="anonymous">
<xsd:attribute name="lazy" type="xsd:boolean" />
<xsd:attribute name="secret" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="factory" abstract="true">
<xsd:attribute name="check-path" type="xsd:string" />
<xsd:attribute name="use-forward" type="xsd:boolean" />
<xsd:attribute name="require-previous-session" type="xsd:boolean" />
</xsd:complexType>
<xsd:attributeGroup name="success-handler-options">
<xsd:attribute name="always-use-default-target-path" type="xsd:boolean" />
<xsd:attribute name="default-target-path" type="xsd:string" />
<xsd:attribute name="target-path-parameter" type="xsd:string" />
<xsd:attribute name="use-referer" type="xsd:boolean" />
</xsd:attributeGroup>
<xsd:attributeGroup name="failure-handler-options">
<xsd:attribute name="failure-path" type="xsd:string" />
<xsd:attribute name="failure-forward" type="xsd:boolean" />
<xsd:attribute name="failure-path-parameter" type="xsd:string" />
</xsd:attributeGroup>
<xsd:attributeGroup name="ldap-factory">
<xsd:attribute name="service" type="xsd:string" />
<xsd:attribute name="dn-string" type="xsd:string" />
<xsd:attribute name="query-string" type="xsd:string" />
<xsd:attribute name="search-dn" type="xsd:string" />
<xsd:attribute name="search-password" type="xsd:string" />
</xsd:attributeGroup>
<xsd:complexType name="form_login">
<xsd:complexContent>
<xsd:extension base="factory">
<xsd:attribute name="login-path" type="xsd:string" />
<xsd:attribute name="username-parameter" type="xsd:string" />
<xsd:attribute name="password-parameter" type="xsd:string" />
<xsd:attribute name="csrf-parameter" type="xsd:string" />
<xsd:attribute name="csrf-token-id" type="xsd:string" />
<xsd:attribute name="post-only" type="xsd:boolean" />
<xsd:attribute name="csrf-token-generator" type="xsd:string" />
<xsd:attribute name="enable-csrf" type="xsd:boolean" />
<xsd:attributeGroup ref="success-handler-options" />
<xsd:attributeGroup ref="failure-handler-options" />
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
<xsd:complexType name="form_login_ldap">
<xsd:complexContent>
<xsd:extension base="form_login">
<xsd:attributeGroup ref="ldap-factory" />
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
<xsd:complexType name="guard">
<xsd:sequence>
<xsd:element name="authenticator" type="xsd:string" minOccurs="1" maxOccurs="unbounded" />
</xsd:sequence>
<xsd:attribute name="provider" type="xsd:string" />
<xsd:attribute name="entry-point" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="http_basic">
<xsd:attribute name="provider" type="xsd:string" />
<xsd:attribute name="realm" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="http_basic_ldap">
<xsd:complexContent>
<xsd:extension base="http_basic">
<xsd:attributeGroup ref="ldap-factory" />
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
<xsd:complexType name="json_login">
<xsd:complexContent>
<xsd:extension base="factory">
<xsd:attribute name="username-path" type="xsd:string" />
<xsd:attribute name="password-path" type="xsd:string" />
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
<xsd:complexType name="json_login_ldap">
<xsd:complexContent>
<xsd:extension base="json_login">
<xsd:attributeGroup ref="ldap-factory" />
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
<xsd:complexType name="login_link">
<xsd:choice minOccurs="0" maxOccurs="unbounded">
<xsd:element name="signature-property" type="xsd:string" />
</xsd:choice>
<xsd:attribute name="check-route" type="xsd:string" />
<xsd:attribute name="check-post-only" type="xsd:boolean" />
<xsd:attribute name="lifetime" type="xsd:integer" />
<xsd:attribute name="max-uses" type="xsd:integer" />
<xsd:attribute name="used-link-cache" type="xsd:string" />
<xsd:attribute name="success-handler" type="xsd:string" />
<xsd:attribute name="failure-handler" type="xsd:string" />
<xsd:attribute name="provider" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="login_throttling">
<xsd:attribute name="limiter" type="xsd:string" />
<xsd:attribute name="max-attempts" type="xsd:integer" />
</xsd:complexType>
<xsd:complexType name="remember_me">
<xsd:sequence minOccurs="0">
<xsd:choice minOccurs="0" maxOccurs="unbounded">
<xsd:element name="user-provider" type="xsd:string" />
</xsd:choice>
<xsd:element name="token-provider" type="remember_me_token_provider" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" />
<xsd:attribute name="lifetime" type="xsd:integer" />
<xsd:attribute name="path" type="xsd:string" />
<xsd:attribute name="domain" type="xsd:string" />
<xsd:attribute name="http-only" type="xsd:boolean" />
<xsd:attribute name="always-remember-me" type="xsd:boolean" />
<xsd:attribute name="remember-me-parameter" type="xsd:string" />
<xsd:attribute name="secret" type="xsd:string" use="required" />
<xsd:attribute name="service" type="xsd:string" />
<xsd:attribute name="token-provider" type="xsd:string" />
<xsd:attribute name="token-verifier" type="xsd:string" />
<xsd:attribute name="catch-exceptions" type="xsd:boolean" />
<xsd:attribute name="secure" type="remember_me_secure" />
<xsd:attribute name="samesite" type="remember_me_samesite" />
</xsd:complexType>
<xsd:complexType name="remember_me_token_provider">
<xsd:sequence>
<xsd:element name="doctrine" type="remember_me_token_provider_doctrine" />
</xsd:sequence>
<xsd:attribute name="service" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="remember_me_token_provider_doctrine">
<xsd:attribute name="enabled" type="xsd:boolean" />
<xsd:attribute name="connection" type="xsd:string" />
</xsd:complexType>
<xsd:simpleType name="remember_me_secure">
<xsd:restriction base="xsd:string">
<xsd:enumeration value="true" />
<xsd:enumeration value="false" />
<xsd:enumeration value="auto" />
</xsd:restriction>
</xsd:simpleType>
<xsd:simpleType name="remember_me_samesite">
<xsd:restriction base="xsd:string">
<xsd:enumeration value="null" />
<xsd:enumeration value="lax" />
<xsd:enumeration value="strict" />
<xsd:enumeration value="none" />
</xsd:restriction>
</xsd:simpleType>
<xsd:complexType name="remote_user">
<xsd:attribute name="provider" type="xsd:string" />
<xsd:attribute name="user" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="x509">
<xsd:attribute name="provider" type="xsd:string" />
<xsd:attribute name="user" type="xsd:string" />
<xsd:attribute name="credentials" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="rule">
<xsd:choice>
<xsd:element name="ip" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="method" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="role" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="allow-if" type="xsd:string" minOccurs="0" maxOccurs="1" />
</xsd:choice>
<xsd:attribute name="requires-channel" type="xsd:string" />
<xsd:attribute name="path" type="xsd:string" />
<xsd:attribute name="host" type="xsd:string" />
<xsd:attribute name="port" type="xsd:integer" />
<xsd:attribute name="role" type="xsd:string" />
<xsd:attribute name="methods" type="xsd:string" />
<xsd:attribute name="allow-if" type="xsd:string" />
</xsd:complexType>
<xsd:complexType name="role">
<xsd:simpleContent>
<xsd:extension base="xsd:string">
<xsd:attribute name="id" type="xsd:string" use="required" />
<xsd:attribute name="value" type="xsd:string" />
</xsd:extension>
</xsd:simpleContent>
</xsd:complexType>
</xsd:schema>

293
vendor/symfony/security-bundle/Resources/config/security.php vendored Normal file
View File

@ -0,0 +1,293 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Bundle\SecurityBundle\CacheWarmer\ExpressionCacheWarmer;
use Symfony\Bundle\SecurityBundle\EventListener\FirewallListener;
use Symfony\Bundle\SecurityBundle\Security\FirewallConfig;
use Symfony\Bundle\SecurityBundle\Security\FirewallContext;
use Symfony\Bundle\SecurityBundle\Security\FirewallMap;
use Symfony\Bundle\SecurityBundle\Security\LazyFirewallContext;
use Symfony\Component\Ldap\Security\LdapUserProvider;
use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactoryInterface;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManager;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
use Symfony\Component\Security\Core\Authorization\AuthorizationChecker;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use Symfony\Component\Security\Core\Authorization\ExpressionLanguage;
use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter;
use Symfony\Component\Security\Core\Authorization\Voter\ExpressionVoter;
use Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter;
use Symfony\Component\Security\Core\Authorization\Voter\RoleVoter;
use Symfony\Component\Security\Core\Encoder\EncoderFactory;
use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoder;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
use Symfony\Component\Security\Core\Role\RoleHierarchy;
use Symfony\Component\Security\Core\Role\RoleHierarchyInterface;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Core\User\ChainUserProvider;
use Symfony\Component\Security\Core\User\InMemoryUserChecker;
use Symfony\Component\Security\Core\User\InMemoryUserProvider;
use Symfony\Component\Security\Core\User\MissingUserProvider;
use Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
use Symfony\Component\Security\Http\Controller\UserValueResolver;
use Symfony\Component\Security\Http\Firewall;
use Symfony\Component\Security\Http\FirewallMapInterface;
use Symfony\Component\Security\Http\HttpUtils;
use Symfony\Component\Security\Http\Impersonate\ImpersonateUrlGenerator;
use Symfony\Component\Security\Http\Logout\LogoutUrlGenerator;
use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategy;
use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
return static function (ContainerConfigurator $container) {
$container->parameters()
->set('security.role_hierarchy.roles', [])
;
$container->services()
->set('security.authorization_checker', AuthorizationChecker::class)
->public()
->args([
service('security.token_storage'),
service('security.access.decision_manager'),
param('security.access.always_authenticate_before_granting'),
])
->tag('container.private', ['package' => 'symfony/security-bundle', 'version' => '5.3'])
->alias(AuthorizationCheckerInterface::class, 'security.authorization_checker')
->set('security.token_storage', UsageTrackingTokenStorage::class)
->public()
->args([
service('security.untracked_token_storage'),
service_locator([
'request_stack' => service('request_stack'),
]),
])
->tag('kernel.reset', ['method' => 'disableUsageTracking'])
->tag('kernel.reset', ['method' => 'setToken'])
->tag('container.private', ['package' => 'symfony/security-bundle', 'version' => '5.3'])
->alias(TokenStorageInterface::class, 'security.token_storage')
->set('security.untracked_token_storage', TokenStorage::class)
->set('security.helper', Security::class)
->args([service_locator([
'security.token_storage' => service('security.token_storage'),
'security.authorization_checker' => service('security.authorization_checker'),
])])
->alias(Security::class, 'security.helper')
->set('security.user_value_resolver', UserValueResolver::class)
->args([
service('security.token_storage'),
])
->tag('controller.argument_value_resolver', ['priority' => 40])
// Authentication related services
->set('security.authentication.trust_resolver', AuthenticationTrustResolver::class)
->set('security.authentication.session_strategy', SessionAuthenticationStrategy::class)
->args([param('security.authentication.session_strategy.strategy')])
->alias(SessionAuthenticationStrategyInterface::class, 'security.authentication.session_strategy')
->set('security.authentication.session_strategy_noop', SessionAuthenticationStrategy::class)
->args(['none'])
->set('security.encoder_factory.generic', EncoderFactory::class)
->args([
[],
])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use "security.password_hasher_factory" instead.')
->alias('security.encoder_factory', 'security.encoder_factory.generic')
->deprecate('symfony/security-bundle', '5.3', 'The "%alias_id%" service is deprecated, use "security.password_hasher_factory" instead.')
->alias(EncoderFactoryInterface::class, 'security.encoder_factory')
->deprecate('symfony/security-bundle', '5.3', 'The "%alias_id%" service is deprecated, use "'.PasswordHasherFactoryInterface::class.'" instead.')
->set('security.user_password_encoder.generic', UserPasswordEncoder::class)
->args([service('security.encoder_factory')])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use "security.user_password_hasher" instead.')
->alias('security.password_encoder', 'security.user_password_encoder.generic')
->public()
->deprecate('symfony/security-bundle', '5.3', 'The "%alias_id%" service is deprecated, use "security.password_hasher"" instead.')
->alias(UserPasswordEncoderInterface::class, 'security.password_encoder')
->deprecate('symfony/security-bundle', '5.3', 'The "%alias_id%" service is deprecated, use "'.UserPasswordHasherInterface::class.'" instead.')
->set('security.user_checker', InMemoryUserChecker::class)
->set('security.expression_language', ExpressionLanguage::class)
->args([service('cache.security_expression_language')->nullOnInvalid()])
->set('security.authentication_utils', AuthenticationUtils::class)
->args([service('request_stack')])
->alias(AuthenticationUtils::class, 'security.authentication_utils')
// Authorization related services
->set('security.access.decision_manager', AccessDecisionManager::class)
->args([[]])
->alias(AccessDecisionManagerInterface::class, 'security.access.decision_manager')
->set('security.role_hierarchy', RoleHierarchy::class)
->args([param('security.role_hierarchy.roles')])
->alias(RoleHierarchyInterface::class, 'security.role_hierarchy')
// Security Voters
->set('security.access.simple_role_voter', RoleVoter::class)
->tag('security.voter', ['priority' => 245])
->set('security.access.authenticated_voter', AuthenticatedVoter::class)
->args([service('security.authentication.trust_resolver')])
->tag('security.voter', ['priority' => 250])
->set('security.access.role_hierarchy_voter', RoleHierarchyVoter::class)
->args([service('security.role_hierarchy')])
->tag('security.voter', ['priority' => 245])
->set('security.access.expression_voter', ExpressionVoter::class)
->args([
service('security.expression_language'),
service('security.authentication.trust_resolver'),
service('security.authorization_checker'),
service('security.role_hierarchy')->nullOnInvalid(),
])
->tag('security.voter', ['priority' => 245])
->set('security.impersonate_url_generator', ImpersonateUrlGenerator::class)
->args([
service('request_stack'),
service('security.firewall.map'),
service('security.token_storage'),
])
// Firewall related services
->set('security.firewall', FirewallListener::class)
->args([
service('security.firewall.map'),
service('event_dispatcher'),
service('security.logout_url_generator'),
])
->tag('kernel.event_subscriber')
->alias(Firewall::class, 'security.firewall')
->set('security.firewall.map', FirewallMap::class)
->args([
abstract_arg('Firewall context locator'),
abstract_arg('Request matchers'),
])
->alias(FirewallMapInterface::class, 'security.firewall.map')
->set('security.firewall.context', FirewallContext::class)
->abstract()
->args([
[],
service('security.exception_listener'),
abstract_arg('LogoutListener'),
abstract_arg('FirewallConfig'),
])
->set('security.firewall.lazy_context', LazyFirewallContext::class)
->abstract()
->args([
[],
service('security.exception_listener'),
abstract_arg('LogoutListener'),
abstract_arg('FirewallConfig'),
service('security.untracked_token_storage'),
])
->set('security.firewall.config', FirewallConfig::class)
->abstract()
->args([
abstract_arg('name'),
abstract_arg('user_checker'),
abstract_arg('request_matcher'),
false, // security enabled
false, // stateless
null,
null,
null,
null,
null,
[], // listeners
null, // switch_user
])
->set('security.logout_url_generator', LogoutUrlGenerator::class)
->args([
service('request_stack')->nullOnInvalid(),
service('router')->nullOnInvalid(),
service('security.token_storage')->nullOnInvalid(),
])
// Provisioning
->set('security.user.provider.missing', MissingUserProvider::class)
->abstract()
->args([
abstract_arg('firewall'),
])
->set('security.user.provider.in_memory', InMemoryUserProvider::class)
->abstract()
->set('security.user.provider.ldap', LdapUserProvider::class)
->abstract()
->args([
abstract_arg('security.ldap.ldap'),
abstract_arg('base dn'),
abstract_arg('search dn'),
abstract_arg('search password'),
abstract_arg('default_roles'),
abstract_arg('uid key'),
abstract_arg('filter'),
abstract_arg('password_attribute'),
abstract_arg('extra_fields (email etc)'),
])
->set('security.user.provider.chain', ChainUserProvider::class)
->abstract()
->set('security.http_utils', HttpUtils::class)
->args([
service('router')->nullOnInvalid(),
service('router')->nullOnInvalid(),
])
->alias(HttpUtils::class, 'security.http_utils')
// Validator
->set('security.validator.user_password', UserPasswordValidator::class)
->args([
service('security.token_storage'),
service('security.password_hasher_factory'),
])
->tag('validator.constraint_validator', ['alias' => 'security.validator.user_password'])
// Cache
->set('cache.security_expression_language')
->parent('cache.system')
->private()
->tag('cache.pool')
// Cache Warmers
->set('security.cache_warmer.expression', ExpressionCacheWarmer::class)
->args([
[],
service('security.expression_language'),
])
->tag('kernel.cache_warmer')
;
};

172
vendor/symfony/security-bundle/Resources/config/security_authenticator.php vendored Normal file
View File

@ -0,0 +1,172 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Bundle\SecurityBundle\Security\UserAuthenticator;
use Symfony\Component\DependencyInjection\ServiceLocator;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticatorManager;
use Symfony\Component\Security\Http\Authentication\NoopAuthenticationManager;
use Symfony\Component\Security\Http\Authentication\UserAuthenticatorInterface;
use Symfony\Component\Security\Http\Authenticator\FormLoginAuthenticator;
use Symfony\Component\Security\Http\Authenticator\HttpBasicAuthenticator;
use Symfony\Component\Security\Http\Authenticator\JsonLoginAuthenticator;
use Symfony\Component\Security\Http\Authenticator\RemoteUserAuthenticator;
use Symfony\Component\Security\Http\Authenticator\X509Authenticator;
use Symfony\Component\Security\Http\Event\CheckPassportEvent;
use Symfony\Component\Security\Http\EventListener\CheckCredentialsListener;
use Symfony\Component\Security\Http\EventListener\LoginThrottlingListener;
use Symfony\Component\Security\Http\EventListener\PasswordMigratingListener;
use Symfony\Component\Security\Http\EventListener\SessionStrategyListener;
use Symfony\Component\Security\Http\EventListener\UserCheckerListener;
use Symfony\Component\Security\Http\EventListener\UserProviderListener;
use Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListener;
return static function (ContainerConfigurator $container) {
$container->services()
// Manager
->set('security.authenticator.manager', AuthenticatorManager::class)
->abstract()
->args([
abstract_arg('authenticators'),
service('security.token_storage'),
service('event_dispatcher'),
abstract_arg('provider key'),
service('logger')->nullOnInvalid(),
param('security.authentication.manager.erase_credentials'),
param('security.authentication.hide_user_not_found'),
abstract_arg('required badges'),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.authenticator.managers_locator', ServiceLocator::class)
->args([[]])
->set('security.user_authenticator', UserAuthenticator::class)
->args([
service('security.firewall.map'),
service('security.authenticator.managers_locator'),
service('request_stack'),
])
->alias(UserAuthenticatorInterface::class, 'security.user_authenticator')
->set('security.authentication.manager', NoopAuthenticationManager::class)
->alias(AuthenticationManagerInterface::class, 'security.authentication.manager')
->deprecate('symfony/security-bundle', '5.3', 'The "%alias_id%" alias is deprecated, use the new authenticator system instead.')
->set('security.firewall.authenticator', AuthenticatorManagerListener::class)
->abstract()
->args([
abstract_arg('authenticator manager'),
])
// Listeners
->set('security.listener.check_authenticator_credentials', CheckCredentialsListener::class)
->args([
service('security.password_hasher_factory'),
])
->tag('kernel.event_subscriber')
->set('security.listener.user_provider', UserProviderListener::class)
->args([
service('security.user_providers'),
])
->tag('kernel.event_listener', ['event' => CheckPassportEvent::class, 'priority' => 1024, 'method' => 'checkPassport'])
->set('security.listener.user_provider.abstract', UserProviderListener::class)
->abstract()
->args([
abstract_arg('user provider'),
])
->set('security.listener.password_migrating', PasswordMigratingListener::class)
->args([
service('security.password_hasher_factory'),
])
->tag('kernel.event_subscriber')
->set('security.listener.user_checker', UserCheckerListener::class)
->abstract()
->args([
abstract_arg('user checker'),
])
->set('security.listener.session', SessionStrategyListener::class)
->abstract()
->args([
service('security.authentication.session_strategy'),
])
->set('security.listener.login_throttling', LoginThrottlingListener::class)
->abstract()
->args([
service('request_stack'),
abstract_arg('request rate limiter'),
])
// Authenticators
->set('security.authenticator.http_basic', HttpBasicAuthenticator::class)
->abstract()
->args([
abstract_arg('realm name'),
abstract_arg('user provider'),
service('logger')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.authenticator.form_login', FormLoginAuthenticator::class)
->abstract()
->args([
service('security.http_utils'),
abstract_arg('user provider'),
abstract_arg('authentication success handler'),
abstract_arg('authentication failure handler'),
abstract_arg('options'),
])
->set('security.authenticator.json_login', JsonLoginAuthenticator::class)
->abstract()
->args([
service('security.http_utils'),
abstract_arg('user provider'),
abstract_arg('authentication success handler'),
abstract_arg('authentication failure handler'),
abstract_arg('options'),
service('property_accessor')->nullOnInvalid(),
])
->call('setTranslator', [service('translator')->ignoreOnInvalid()])
->set('security.authenticator.x509', X509Authenticator::class)
->abstract()
->args([
abstract_arg('user provider'),
service('security.token_storage'),
abstract_arg('firewall name'),
abstract_arg('user key'),
abstract_arg('credentials key'),
service('logger')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.authenticator.remote_user', RemoteUserAuthenticator::class)
->abstract()
->args([
abstract_arg('user provider'),
service('security.token_storage'),
abstract_arg('firewall name'),
abstract_arg('user key'),
service('logger')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
;
};

70
vendor/symfony/security-bundle/Resources/config/security_authenticator_login_link.php vendored Normal file
View File

@ -0,0 +1,70 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Bundle\SecurityBundle\LoginLink\FirewallAwareLoginLinkHandler;
use Symfony\Component\Security\Core\Signature\ExpiredSignatureStorage;
use Symfony\Component\Security\Core\Signature\SignatureHasher;
use Symfony\Component\Security\Http\Authenticator\LoginLinkAuthenticator;
use Symfony\Component\Security\Http\LoginLink\LoginLinkHandler;
use Symfony\Component\Security\Http\LoginLink\LoginLinkHandlerInterface;
return static function (ContainerConfigurator $container) {
$container->services()
->set('security.authenticator.login_link', LoginLinkAuthenticator::class)
->abstract()
->args([
abstract_arg('the login link handler instance'),
service('security.http_utils'),
abstract_arg('authentication success handler'),
abstract_arg('authentication failure handler'),
abstract_arg('options'),
])
->set('security.authenticator.abstract_login_link_handler', LoginLinkHandler::class)
->abstract()
->args([
service('router'),
abstract_arg('user provider'),
abstract_arg('signature hasher'),
abstract_arg('options'),
])
->set('security.authenticator.abstract_login_link_signature_hasher', SignatureHasher::class)
->args([
service('property_accessor'),
abstract_arg('signature properties'),
'%kernel.secret%',
abstract_arg('expired signature storage'),
abstract_arg('max signature uses'),
])
->set('security.authenticator.expired_login_link_storage', ExpiredSignatureStorage::class)
->abstract()
->args([
abstract_arg('cache pool service'),
abstract_arg('expired login link storage'),
])
->set('security.authenticator.cache.expired_links')
->parent('cache.app')
->private()
->set('security.authenticator.firewall_aware_login_link_handler', FirewallAwareLoginLinkHandler::class)
->args([
service('security.firewall.map'),
tagged_locator('security.authenticator.login_linker', 'firewall'),
service('request_stack'),
])
->alias(LoginLinkHandlerInterface::class, 'security.authenticator.firewall_aware_login_link_handler')
;
};

98
vendor/symfony/security-bundle/Resources/config/security_authenticator_remember_me.php vendored Normal file
View File

@ -0,0 +1,98 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Bundle\SecurityBundle\RememberMe\FirewallAwareRememberMeHandler;
use Symfony\Component\Security\Core\Signature\SignatureHasher;
use Symfony\Component\Security\Http\Authenticator\RememberMeAuthenticator;
use Symfony\Component\Security\Http\EventListener\CheckRememberMeConditionsListener;
use Symfony\Component\Security\Http\EventListener\RememberMeListener;
use Symfony\Component\Security\Http\RememberMe\PersistentRememberMeHandler;
use Symfony\Component\Security\Http\RememberMe\RememberMeHandlerInterface;
use Symfony\Component\Security\Http\RememberMe\SignatureRememberMeHandler;
return static function (ContainerConfigurator $container) {
$container->services()
->set('security.authenticator.remember_me_signature_hasher', SignatureHasher::class)
->args([
service('property_accessor'),
abstract_arg('signature properties'),
'%kernel.secret%',
null,
null,
])
->set('security.authenticator.signature_remember_me_handler', SignatureRememberMeHandler::class)
->abstract()
->args([
abstract_arg('signature hasher'),
abstract_arg('user provider'),
service('request_stack'),
abstract_arg('options'),
service('logger')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.authenticator.persistent_remember_me_handler', PersistentRememberMeHandler::class)
->abstract()
->args([
abstract_arg('token provider'),
param('kernel.secret'),
abstract_arg('user provider'),
service('request_stack'),
abstract_arg('options'),
service('logger')->nullOnInvalid(),
abstract_arg('token verifier'),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.authenticator.firewall_aware_remember_me_handler', FirewallAwareRememberMeHandler::class)
->args([
service('security.firewall.map'),
tagged_locator('security.remember_me_handler', 'firewall'),
service('request_stack'),
])
->alias(RememberMeHandlerInterface::class, 'security.authenticator.firewall_aware_remember_me_handler')
->set('security.listener.check_remember_me_conditions', CheckRememberMeConditionsListener::class)
->abstract()
->args([
abstract_arg('options'),
service('logger')->nullOnInvalid(),
])
->set('security.listener.remember_me', RememberMeListener::class)
->abstract()
->args([
abstract_arg('remember me handler'),
service('logger')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.authenticator.remember_me', RememberMeAuthenticator::class)
->abstract()
->args([
abstract_arg('remember me handler'),
param('kernel.secret'),
service('security.token_storage'),
abstract_arg('options'),
service('logger')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
// Cache
->set('cache.security_token_verifier')
->parent('cache.system')
->private()
->tag('cache.pool')
;
};

41
vendor/symfony/security-bundle/Resources/config/security_debug.php vendored Normal file
View File

@ -0,0 +1,41 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener;
use Symfony\Bundle\SecurityBundle\EventListener\VoteListener;
use Symfony\Component\Security\Core\Authorization\TraceableAccessDecisionManager;
return static function (ContainerConfigurator $container) {
$container->services()
->set('debug.security.access.decision_manager', TraceableAccessDecisionManager::class)
->decorate('security.access.decision_manager')
->args([
service('debug.security.access.decision_manager.inner'),
])
->set('debug.security.voter.vote_listener', VoteListener::class)
->args([
service('debug.security.access.decision_manager'),
])
->tag('kernel.event_subscriber')
->set('debug.security.firewall', TraceableFirewallListener::class)
->args([
service('security.firewall.map'),
service('event_dispatcher'),
service('security.logout_url_generator'),
])
->tag('kernel.event_subscriber')
->alias('security.firewall', 'debug.security.firewall')
;
};

150
vendor/symfony/security-bundle/Resources/config/security_legacy.php vendored Normal file
View File

@ -0,0 +1,150 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager;
use Symfony\Component\Security\Core\Authentication\Provider\AnonymousAuthenticationProvider;
use Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider;
use Symfony\Component\Security\Core\Authentication\Provider\LdapBindAuthenticationProvider;
use Symfony\Component\Security\Core\Authentication\Provider\PreAuthenticatedAuthenticationProvider;
use Symfony\Component\Security\Http\Firewall\AnonymousAuthenticationListener;
use Symfony\Component\Security\Http\Firewall\BasicAuthenticationListener;
use Symfony\Component\Security\Http\Firewall\RemoteUserAuthenticationListener;
use Symfony\Component\Security\Http\Firewall\UsernamePasswordFormAuthenticationListener;
use Symfony\Component\Security\Http\Firewall\UsernamePasswordJsonAuthenticationListener;
use Symfony\Component\Security\Http\Firewall\X509AuthenticationListener;
return static function (ContainerConfigurator $container) {
$container->services()
// Authentication related services
->set('security.authentication.manager', AuthenticationProviderManager::class)
->args([
abstract_arg('providers'),
param('security.authentication.manager.erase_credentials'),
])
->call('setEventDispatcher', [service('event_dispatcher')])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->alias(AuthenticationManagerInterface::class, 'security.authentication.manager')
->deprecate('symfony/security-bundle', '5.3', 'The "%alias_id%" alias is deprecated, use the new authenticator system instead.')
->set('security.authentication.listener.anonymous', AnonymousAuthenticationListener::class)
->args([
service('security.untracked_token_storage'),
abstract_arg('Key'),
service('logger')->nullOnInvalid(),
service('security.authentication.manager'),
])
->tag('monolog.logger', ['channel' => 'security'])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.provider.anonymous', AnonymousAuthenticationProvider::class)
->args([abstract_arg('Key')])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.listener.form', UsernamePasswordFormAuthenticationListener::class)
->parent('security.authentication.listener.abstract')
->abstract()
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.listener.x509', X509AuthenticationListener::class)
->abstract()
->args([
service('security.token_storage'),
service('security.authentication.manager'),
abstract_arg('Provider-shared Key'),
abstract_arg('x509 user'),
abstract_arg('x509 credentials'),
service('logger')->nullOnInvalid(),
service('event_dispatcher')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.listener.json', UsernamePasswordJsonAuthenticationListener::class)
->abstract()
->args([
service('security.token_storage'),
service('security.authentication.manager'),
service('security.http_utils'),
abstract_arg('Provider-shared Key'),
abstract_arg('Failure handler'),
abstract_arg('Success Handler'),
[], // Options
service('logger')->nullOnInvalid(),
service('event_dispatcher')->nullOnInvalid(),
service('property_accessor')->nullOnInvalid(),
])
->call('setTranslator', [service('translator')->ignoreOnInvalid()])
->tag('monolog.logger', ['channel' => 'security'])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.listener.remote_user', RemoteUserAuthenticationListener::class)
->abstract()
->args([
service('security.token_storage'),
service('security.authentication.manager'),
abstract_arg('Provider-shared Key'),
abstract_arg('REMOTE_USER server env var'),
service('logger')->nullOnInvalid(),
service('event_dispatcher')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.listener.basic', BasicAuthenticationListener::class)
->abstract()
->args([
service('security.token_storage'),
service('security.authentication.manager'),
abstract_arg('Provider-shared Key'),
abstract_arg('Entry Point'),
service('logger')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.provider.dao', DaoAuthenticationProvider::class)
->abstract()
->args([
abstract_arg('User Provider'),
abstract_arg('User Checker'),
abstract_arg('Provider-shared Key'),
service('security.password_hasher_factory'),
param('security.authentication.hide_user_not_found'),
])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.provider.ldap_bind', LdapBindAuthenticationProvider::class)
->abstract()
->args([
abstract_arg('User Provider'),
abstract_arg('UserChecker'),
abstract_arg('Provider-shared Key'),
abstract_arg('LDAP'),
abstract_arg('Base DN'),
param('security.authentication.hide_user_not_found'),
abstract_arg('search dn'),
abstract_arg('search password'),
])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.provider.pre_authenticated', PreAuthenticatedAuthenticationProvider::class)
->abstract()
->args([
abstract_arg('User Provider'),
abstract_arg('UserChecker'),
])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
;
};

183
vendor/symfony/security-bundle/Resources/config/security_listeners.php vendored Normal file
View File

@ -0,0 +1,183 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Component\Security\Http\AccessMap;
use Symfony\Component\Security\Http\Authentication\CustomAuthenticationFailureHandler;
use Symfony\Component\Security\Http\Authentication\CustomAuthenticationSuccessHandler;
use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler;
use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler;
use Symfony\Component\Security\Http\EntryPoint\BasicAuthenticationEntryPoint;
use Symfony\Component\Security\Http\EntryPoint\FormAuthenticationEntryPoint;
use Symfony\Component\Security\Http\EntryPoint\RetryAuthenticationEntryPoint;
use Symfony\Component\Security\Http\EventListener\CookieClearingLogoutListener;
use Symfony\Component\Security\Http\EventListener\DefaultLogoutListener;
use Symfony\Component\Security\Http\EventListener\SessionLogoutListener;
use Symfony\Component\Security\Http\Firewall\AccessListener;
use Symfony\Component\Security\Http\Firewall\ChannelListener;
use Symfony\Component\Security\Http\Firewall\ContextListener;
use Symfony\Component\Security\Http\Firewall\ExceptionListener;
use Symfony\Component\Security\Http\Firewall\LogoutListener;
use Symfony\Component\Security\Http\Firewall\SwitchUserListener;
return static function (ContainerConfigurator $container) {
$container->services()
->set('security.authentication.basic_entry_point', BasicAuthenticationEntryPoint::class)
->deprecate('symfony/security-bundle', '5.4', 'The "%service_id%" service is deprecated, the logic is contained in the authenticators.')
->set('security.authentication.retry_entry_point', RetryAuthenticationEntryPoint::class)
->deprecate('symfony/security-bundle', '5.4', 'The "%service_id%" service is deprecated, the logic is integrated directly in "security.channel_listener".')
->args([
inline_service('int')->factory([service('router.request_context'), 'getHttpPort']),
inline_service('int')->factory([service('router.request_context'), 'getHttpsPort']),
])
->set('security.channel_listener', ChannelListener::class)
->args([
service('security.access_map'),
service('logger')->nullOnInvalid(),
inline_service('int')->factory([service('router.request_context'), 'getHttpPort']),
inline_service('int')->factory([service('router.request_context'), 'getHttpsPort']),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.access_map', AccessMap::class)
->set('security.context_listener', ContextListener::class)
->args([
service('security.untracked_token_storage'),
[],
abstract_arg('Provider Key'),
service('logger')->nullOnInvalid(),
service('event_dispatcher')->nullOnInvalid(),
service('security.authentication.trust_resolver'),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.logout_listener', LogoutListener::class)
->abstract()
->args([
service('security.token_storage'),
service('security.http_utils'),
abstract_arg('event dispatcher'),
[], // Options
])
->set('security.logout.listener.session', SessionLogoutListener::class)
->abstract()
->set('security.logout.listener.cookie_clearing', CookieClearingLogoutListener::class)
->abstract()
->set('security.logout.listener.default', DefaultLogoutListener::class)
->abstract()
->args([
service('security.http_utils'),
abstract_arg('target url'),
])
->set('security.authentication.form_entry_point', FormAuthenticationEntryPoint::class)
->abstract()
->args([
service('http_kernel'),
])
->set('security.authentication.listener.abstract')
->abstract()
->args([
service('security.token_storage'),
service('security.authentication.manager'),
service('security.authentication.session_strategy'),
service('security.http_utils'),
abstract_arg('Provider-shared Key'),
service('security.authentication.success_handler'),
service('security.authentication.failure_handler'),
[],
service('logger')->nullOnInvalid(),
service('event_dispatcher')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.authentication.custom_success_handler', CustomAuthenticationSuccessHandler::class)
->abstract()
->args([
abstract_arg('The custom success handler service'),
[], // Options
abstract_arg('Provider-shared Key'),
])
->set('security.authentication.success_handler', DefaultAuthenticationSuccessHandler::class)
->abstract()
->args([
service('security.http_utils'),
[], // Options
])
->set('security.authentication.custom_failure_handler', CustomAuthenticationFailureHandler::class)
->abstract()
->args([
abstract_arg('The custom failure handler service'),
[], // Options
])
->set('security.authentication.failure_handler', DefaultAuthenticationFailureHandler::class)
->abstract()
->args([
service('http_kernel'),
service('security.http_utils'),
[], // Options
service('logger')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.exception_listener', ExceptionListener::class)
->abstract()
->args([
service('security.token_storage'),
service('security.authentication.trust_resolver'),
service('security.http_utils'),
abstract_arg('Provider-shared Key'),
service('security.authentication.entry_point')->nullOnInvalid(),
param('security.access.denied_url'),
service('security.access.denied_handler')->nullOnInvalid(),
service('logger')->nullOnInvalid(),
false, // Stateless
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.authentication.switchuser_listener', SwitchUserListener::class)
->abstract()
->args([
service('security.token_storage'),
abstract_arg('User Provider'),
abstract_arg('User Checker'),
abstract_arg('Provider Key'),
service('security.access.decision_manager'),
service('logger')->nullOnInvalid(),
'_switch_user',
'ROLE_ALLOWED_TO_SWITCH',
service('event_dispatcher')->nullOnInvalid(),
false, // Stateless
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.access_listener', AccessListener::class)
->args([
service('security.token_storage'),
service('security.access.decision_manager'),
service('security.access_map'),
service('security.authentication.manager'),
])
->tag('monolog.logger', ['channel' => 'security'])
;
};

66
vendor/symfony/security-bundle/Resources/config/security_rememberme.php vendored Normal file
View File

@ -0,0 +1,66 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Component\Security\Core\Authentication\Provider\RememberMeAuthenticationProvider;
use Symfony\Component\Security\Core\Authentication\RememberMe\InMemoryTokenProvider;
use Symfony\Component\Security\Http\Firewall\RememberMeListener;
use Symfony\Component\Security\Http\RememberMe\PersistentTokenBasedRememberMeServices;
use Symfony\Component\Security\Http\RememberMe\ResponseListener;
use Symfony\Component\Security\Http\RememberMe\TokenBasedRememberMeServices;
return static function (ContainerConfigurator $container) {
$container->services()
->set('security.authentication.listener.rememberme', RememberMeListener::class)
->abstract()
->args([
service('security.untracked_token_storage'),
service('security.authentication.rememberme'),
service('security.authentication.manager'),
service('logger')->nullOnInvalid(),
service('event_dispatcher')->nullOnInvalid(),
abstract_arg('Catch exception flag set in RememberMeFactory'),
service('security.authentication.session_strategy'),
])
->tag('monolog.logger', ['channel' => 'security'])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.authentication.provider.rememberme', RememberMeAuthenticationProvider::class)
->abstract()
->args([abstract_arg('User Checker')])
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
->set('security.rememberme.token.provider.in_memory', InMemoryTokenProvider::class)
->set('security.authentication.rememberme.services.abstract')
->abstract()
->args([
[], // User Providers
abstract_arg('Shared Token Key'),
abstract_arg('Shared Provider Key'),
[], // Options
service('logger')->nullOnInvalid(),
])
->tag('monolog.logger', ['channel' => 'security'])
->set('security.authentication.rememberme.services.persistent', PersistentTokenBasedRememberMeServices::class)
->parent('security.authentication.rememberme.services.abstract')
->abstract()
->set('security.authentication.rememberme.services.simplehash', TokenBasedRememberMeServices::class)
->parent('security.authentication.rememberme.services.abstract')
->abstract()
->set('security.rememberme.response_listener', ResponseListener::class)
->tag('kernel.event_subscriber')
;
};

32
vendor/symfony/security-bundle/Resources/config/templating_twig.php vendored Normal file
View File

@ -0,0 +1,32 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Bridge\Twig\Extension\LogoutUrlExtension;
use Symfony\Bridge\Twig\Extension\SecurityExtension;
return static function (ContainerConfigurator $container) {
$container->services()
->set('twig.extension.logout_url', LogoutUrlExtension::class)
->args([
service('security.logout_url_generator'),
])
->tag('twig.extension')
->set('twig.extension.security', SecurityExtension::class)
->args([
service('security.authorization_checker')->ignoreOnInvalid(),
service('security.impersonate_url_generator')->ignoreOnInvalid(),
])
->tag('twig.extension')
;
};

1
vendor/symfony/security-bundle/Resources/views/Collector/icon.svg vendored Normal file
View File

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="#AAA" d="M21 20.4V22H3v-1.6c0-3.7 2.4-6.9 5.8-8-1.7-1.1-2.9-3-2.9-5.2 0-3.4 2.7-6.1 6.1-6.1s6.1 2.7 6.1 6.1c0 2.2-1.2 4.1-2.9 5.2 3.4 1.1 5.8 4.3 5.8 8z"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 257 B

441
vendor/symfony/security-bundle/Resources/views/Collector/security.html.twig vendored Normal file
View File

@ -0,0 +1,441 @@
{% extends '@WebProfiler/Profiler/layout.html.twig' %}
{% block page_title 'Security' %}
{% block toolbar %}
{% if collector.firewall %}
{% set color_code = collector.enabled and not collector.authenticatorManagerEnabled ? 'yellow' %}
{% set icon %}
{{ include('@Security/Collector/icon.svg') }}
<span class="sf-toolbar-value">{{ collector.user|default('n/a') }}</span>
{% endset %}
{% set text %}
{% if collector.impersonated %}
<div class="sf-toolbar-info-group">
<div class="sf-toolbar-info-piece">
<b>Impersonator</b>
<span>{{ collector.impersonatorUser }}</span>
</div>
</div>
{% endif %}
<div class="sf-toolbar-info-group">
{% if collector.enabled %}
{% if collector.token %}
<div class="sf-toolbar-info-piece">
<b>Logged in as</b>
<span>{{ collector.user }}</span>
</div>
<div class="sf-toolbar-info-piece">
<b>Authenticated</b>
<span class="sf-toolbar-status sf-toolbar-status-{{ collector.authenticated ? 'green' : 'yellow' }}">{{ collector.authenticated ? 'Yes' : 'No' }}</span>
</div>
<div class="sf-toolbar-info-piece">
<b>Roles</b>
<span>
{% set remainingRoles = collector.roles|slice(1) %}
{{ collector.roles|first }}
{% if remainingRoles is not empty %}
+
<abbr title="{{ remainingRoles|join(', ') }}">
{{ remainingRoles|length }} more
</abbr>
{% endif %}
</span>
</div>
<div class="sf-toolbar-info-piece">
<b>Token class</b>
<span>{{ collector.tokenClass|abbr_class }}</span>
</div>
{% else %}
<div class="sf-toolbar-info-piece">
<b>Authenticated</b>
<span class="sf-toolbar-status sf-toolbar-status-yellow">No</span>
</div>
{% endif %}
{% if collector.firewall %}
<div class="sf-toolbar-info-piece">
<b>Firewall name</b>
<span>{{ collector.firewall.name }}</span>
</div>
{% endif %}
{% if collector.token and collector.logoutUrl %}
<div class="sf-toolbar-info-piece">
<b>Actions</b>
<span>
<a href="{{ collector.logoutUrl }}">Logout</a>
{% if collector.impersonated and collector.impersonationExitPath %}
| <a href="{{ collector.impersonationExitPath }}">Exit impersonation</a>
{% endif %}
</span>
</div>
{% endif %}
{% else %}
<div class="sf-toolbar-info-piece">
<span>The security is disabled.</span>
</div>
{% endif %}
</div>
{% endset %}
{{ include('@WebProfiler/Profiler/toolbar_item.html.twig', { link: profiler_url, status: color_code }) }}
{% endif %}
{% endblock %}
{% block menu %}
<span class="label {{ not collector.firewall or not collector.token ? 'disabled' }}">
<span class="icon">{{ include('@Security/Collector/icon.svg') }}</span>
<strong>Security</strong>
</span>
{% endblock %}
{% block panel %}
<h2>Security</h2>
{% if collector.enabled %}
<div class="sf-tabs">
<div class="tab {{ collector.token is empty ? 'disabled' }}">
<h3 class="tab-title">Token</h3>
<div class="tab-content">
{% if collector.token %}
<div class="metrics">
<div class="metric">
<span class="value">{{ collector.user == 'anon.' ? 'Anonymous' : collector.user }}</span>
<span class="label">Username</span>
</div>
<div class="metric">
<span class="value">{{ include('@WebProfiler/Icon/' ~ (collector.authenticated ? 'yes' : 'no') ~ '.svg') }}</span>
<span class="label">Authenticated</span>
</div>
</div>
<table>
<thead>
<tr>
<th scope="col" class="key">Property</th>
<th scope="col">Value</th>
</tr>
</thead>
<tbody>
<tr>
<th>Roles</th>
<td>
{{ collector.roles is empty ? 'none' : profiler_dump(collector.roles, maxDepth=1) }}
{% if not collector.authenticated and collector.roles is empty %}
<p class="help">User is not authenticated probably because they have no roles.</p>
{% endif %}
</td>
</tr>
{% if collector.supportsRoleHierarchy %}
<tr>
<th>Inherited Roles</th>
<td>{{ collector.inheritedRoles is empty ? 'none' : profiler_dump(collector.inheritedRoles, maxDepth=1) }}</td>
</tr>
{% endif %}
{% if collector.token %}
<tr>
<th>Token</th>
<td>{{ profiler_dump(collector.token) }}</td>
</tr>
{% endif %}
</tbody>
</table>
{% elseif collector.enabled %}
<div class="empty">
<p>There is no security token.</p>
</div>
{% endif %}
</div>
</div>
<div class="tab {{ collector.firewall.security_enabled is empty ? 'disabled' }}">
<h3 class="tab-title">Firewall</h3>
<div class="tab-content">
{% if collector.firewall %}
<div class="metrics">
<div class="metric">
<span class="value">{{ collector.firewall.name }}</span>
<span class="label">Name</span>
</div>
<div class="metric">
<span class="value">{{ include('@WebProfiler/Icon/' ~ (collector.firewall.security_enabled ? 'yes' : 'no') ~ '.svg') }}</span>
<span class="label">Security enabled</span>
</div>
<div class="metric">
<span class="value">{{ include('@WebProfiler/Icon/' ~ (collector.firewall.stateless ? 'yes' : 'no') ~ '.svg') }}</span>
<span class="label">Stateless</span>
</div>
{% if collector.authenticatorManagerEnabled == false %}
<div class="metric">
<span class="value">{{ include('@WebProfiler/Icon/' ~ (collector.firewall.allows_anonymous ? 'yes' : 'no') ~ '.svg') }}</span>
<span class="label">Allows anonymous</span>
</div>
{% endif %}
</div>
{% if collector.firewall.security_enabled %}
<h4>Configuration</h4>
<table>
<thead>
<tr>
<th scope="col" class="key">Key</th>
<th scope="col">Value</th>
</tr>
</thead>
<tbody>
<tr>
<th>provider</th>
<td>{{ collector.firewall.provider ?: '(none)' }}</td>
</tr>
<tr>
<th>context</th>
<td>{{ collector.firewall.context ?: '(none)' }}</td>
</tr>
<tr>
<th>entry_point</th>
<td>{{ collector.firewall.entry_point ?: '(none)' }}</td>
</tr>
<tr>
<th>user_checker</th>
<td>{{ collector.firewall.user_checker ?: '(none)' }}</td>
</tr>
<tr>
<th>access_denied_handler</th>
<td>{{ collector.firewall.access_denied_handler ?: '(none)' }}</td>
</tr>
<tr>
<th>access_denied_url</th>
<td>{{ collector.firewall.access_denied_url ?: '(none)' }}</td>
</tr>
{% if collector.authenticatorManagerEnabled %}
<tr>
<th>authenticators</th>
<td>{{ collector.firewall.authenticators is empty ? '(none)' : profiler_dump(collector.firewall.authenticators, maxDepth=1) }}</td>
</tr>
{% else %}
<tr>
<th>listeners</th>
<td>{{ collector.firewall.listeners is empty ? '(none)' : profiler_dump(collector.firewall.listeners, maxDepth=1) }}</td>
</tr>
{% endif %}
</tbody>
</table>
{% endif %}
{% endif %}
</div>
</div>
<div class="tab {{ collector.listeners|default([]) is empty ? 'disabled' }}">
<h3 class="tab-title">Listeners</h3>
<div class="tab-content">
{% if collector.listeners|default([]) is empty %}
<div class="empty">
<p>No security listeners have been recorded. Check that debugging is enabled in the kernel.</p>
</div>
{% else %}
<table>
<thead>
<tr>
<th>Listener</th>
<th>Duration</th>
<th>Response</th>
</tr>
</thead>
{% set previous_event = (collector.listeners|first) %}
{% for listener in collector.listeners %}
{% if loop.first or listener != previous_event %}
{% if not loop.first %}
</tbody>
{% endif %}
<tbody>
{% set previous_event = listener %}
{% endif %}
<tr>
<td class="font-normal">{{ profiler_dump(listener.stub) }}</td>
<td class="no-wrap">{{ '%0.2f'|format(listener.time * 1000) }} ms</td>
<td class="font-normal">{{ listener.response ? profiler_dump(listener.response) : '(none)' }}</td>
</tr>
{% if loop.last %}
</tbody>
{% endif %}
{% endfor %}
</table>
{% endif %}
</div>
</div>
<div class="tab {{ collector.authenticators|default([]) is empty ? 'disabled' }}">
<h3 class="tab-title">Authenticators</h3>
<div class="tab-content">
{% if collector.authenticators|default([]) is not empty %}
<table>
<thead>
<tr>
<th>Authenticator</th>
<th>Supports</th>
<th>Duration</th>
<th>Passport</th>
</tr>
</thead>
{% set previous_event = (collector.listeners|first) %}
{% for authenticator in collector.authenticators %}
{% if loop.first or authenticator != previous_event %}
{% if not loop.first %}
</tbody>
{% endif %}
<tbody>
{% set previous_event = authenticator %}
{% endif %}
<tr>
<td class="font-normal">{{ profiler_dump(authenticator.stub) }}</td>
<td class="no-wrap">{{ include('@WebProfiler/Icon/' ~ (authenticator.supports ? 'yes' : 'no') ~ '.svg') }}</td>
<td class="no-wrap">{{ '%0.2f'|format(authenticator.duration * 1000) }} ms</td>
<td class="font-normal">{{ authenticator.passport ? profiler_dump(authenticator.passport) : '(none)' }}</td>
</tr>
{% if loop.last %}
</tbody>
{% endif %}
{% endfor %}
</table>
{% else %}
<div class="empty">
<p>No authenticators have been recorded. Check previous profiles on your authentication endpoint.</p>
</div>
{% endif %}
</div>
</div>
<div class="tab {{ collector.accessDecisionLog|default([]) is empty ? 'disabled' }}">
<h3 class="tab-title">Access Decision</h3>
<div class="tab-content">
{% if collector.voters|default([]) is not empty %}
<div class="metrics">
<div class="metric">
<span class="value">{{ collector.voterStrategy|default('unknown') }}</span>
<span class="label">Strategy</span>
</div>
</div>
<table class="voters">
<thead>
<tr>
<th>#</th>
<th>Voter class</th>
</tr>
</thead>
<tbody>
{% for voter in collector.voters %}
<tr>
<td class="font-normal text-small text-muted nowrap">{{ loop.index }}</td>
<td class="font-normal">{{ profiler_dump(voter) }}</td>
</tr>
{% endfor %}
</tbody>
</table>
{% endif %}
{% if collector.accessDecisionLog|default([]) is not empty %}
<h2>Access decision log</h2>
<table class="decision-log">
<col style="width: 30px">
<col style="width: 120px">
<col style="width: 25%">
<col style="width: 60%">
<thead>
<tr>
<th>#</th>
<th>Result</th>
<th>Attributes</th>
<th>Object</th>
</tr>
</thead>
<tbody>
{% for decision in collector.accessDecisionLog %}
<tr class="voter_result">
<td class="font-normal text-small text-muted nowrap">{{ loop.index }}</td>
<td class="font-normal">
{{ decision.result
? '<span class="label status-success same-width">GRANTED</span>'
: '<span class="label status-error same-width">DENIED</span>'
}}
</td>
<td>
{% if decision.attributes|length == 1 %}
{% set attribute = decision.attributes|first %}
{% if attribute.expression is defined %}
Expression: <pre><code>{{ attribute.expression }}</code></pre>
{% elseif attribute.type == 'string' %}
{{ attribute }}
{% else %}
{{ profiler_dump(attribute) }}
{% endif %}
{% else %}
{{ profiler_dump(decision.attributes) }}
{% endif %}
</td>
<td>{{ profiler_dump(decision.seek('object')) }}</td>
</tr>
<tr class="voter_details">
<td></td>
<td colspan="3">
{% if decision.voter_details is not empty %}
{% set voter_details_id = 'voter-details-' ~ loop.index %}
<div id="{{ voter_details_id }}" class="sf-toggle-content sf-toggle-hidden">
<table>
<tbody>
{% for voter_detail in decision.voter_details %}
<tr>
<td class="font-normal">{{ profiler_dump(voter_detail['class']) }}</td>
{% if collector.voterStrategy == 'unanimous' %}
<td class="font-normal text-small">attribute {{ voter_detail['attributes'][0] }}</td>
{% endif %}
<td class="font-normal text-small">
{% if voter_detail['vote'] == constant('Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::ACCESS_GRANTED') %}
ACCESS GRANTED
{% elseif voter_detail['vote'] == constant('Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::ACCESS_ABSTAIN') %}
ACCESS ABSTAIN
{% elseif voter_detail['vote'] == constant('Symfony\\Component\\Security\\Core\\Authorization\\Voter\\VoterInterface::ACCESS_DENIED') %}
ACCESS DENIED
{% else %}
unknown ({{ voter_detail['vote'] }})
{% endif %}
</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
<a class="btn btn-link text-small sf-toggle" data-toggle-selector="#{{ voter_details_id }}" data-toggle-alt-content="Hide voter details">Show voter details</a>
{% endif %}
</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
{% endif %}
</div>
</div>
{% endif %}
{% endblock %}