IBX-5705: Fixed InteractiveLoginToken by setting original token (#274)

For more details see https://issues.ibexa.co/browse/IBX-5705 and #274 --------- Co-Authored-By: Paweł Niedzielski <[email protected]>
ibexa · Sep 19, 2023 · 90c5d66 · 90c5d66
1 parent f020797
commit 90c5d66
Show file tree

Hide file tree

Showing 3 changed files with 53 additions and 16 deletions.
diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon
@@ -12625,11 +12625,6 @@ parameters:
 			count: 1
 			path: src/lib/MVC/Symfony/Security/InteractiveLoginToken.php
 
-		-
-			message: "#^Method Ibexa\\\\Core\\\\MVC\\\\Symfony\\\\Security\\\\InteractiveLoginToken\\:\\:__unserialize\\(\\) has parameter \\$serialized with no type specified\\.$#"
-			count: 1
-			path: src/lib/MVC/Symfony/Security/InteractiveLoginToken.php
-
 		-
 			message: "#^Method Ibexa\\\\Core\\\\MVC\\\\Symfony\\\\Security\\\\User\\:\\:__construct\\(\\) has parameter \\$roles with no value type specified in iterable type array\\.$#"
 			count: 1
@@ -63384,4 +63379,3 @@ parameters:
 			message: "#^Method Ibexa\\\\Tests\\\\Core\\\\Specification\\\\Content\\\\ContentTypeSpecificationTest\\:\\:providerForIsSatisfiedBy\\(\\) return type has no value type specified in iterable type array\\.$#"
 			count: 1
 			path: tests/lib/Specification/Content/ContentTypeSpecificationTest.php
-
diff --git a/src/lib/MVC/Symfony/Security/EventListener/SecurityListener.php b/src/lib/MVC/Symfony/Security/EventListener/SecurityListener.php
@@ -139,6 +139,7 @@ public function onInteractiveLogin(BaseInteractiveLoginEvent $event)
             $providerKey,
             $token->getRoleNames()
         );
+        $interactiveToken->setOriginalToken($token);
         $interactiveToken->setAttributes($token->getAttributes());
         $this->tokenStorage->setToken($interactiveToken);
     }

diff --git a/src/lib/MVC/Symfony/Security/InteractiveLoginToken.php b/src/lib/MVC/Symfony/Security/InteractiveLoginToken.php
@@ -6,6 +6,7 @@
  */
 namespace Ibexa\Core\MVC\Symfony\Security;
 
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 
 /**
@@ -14,32 +15,73 @@
  */
 class InteractiveLoginToken extends UsernamePasswordToken
 {
-    /** @var string */
-    private $originalTokenType;
+    private ?TokenInterface $originalToken = null;
+
+    private string $originalTokenType;
 
     public function __construct(UserInterface $user, $originalTokenType, $credentials, $providerKey, array $roles = [])
     {
         parent::__construct($user, $credentials, $providerKey, $roles);
+
         $this->originalTokenType = $originalTokenType;
     }
 
-    /**
-     * @return string
-     */
-    public function getOriginalTokenType()
+    public function getOriginalTokenType(): string
     {
         return $this->originalTokenType;
     }
 
+    /**
+     * @return array{
+     *     string,
+     *     mixed,
+     *     null|\Symfony\Component\Security\Core\Authentication\Token\TokenInterface
+     * } $data
+     */
     public function __serialize(): array
     {
-        return [$this->originalTokenType, parent::__serialize()];
+        return [
+            $this->originalTokenType,
+            parent::__serialize(),
+            $this->originalToken,
+        ];
     }
 
-    public function __unserialize($serialized): void
+    /**
+     * @param array{
+     *     string,
+     *     mixed,
+     *     2?: \Symfony\Component\Security\Core\Authentication\Token\TokenInterface
+     * } $data
+     */
+    public function __unserialize(array $data): void
     {
-        [$this->originalTokenType, $parentStr] = $serialized;
-        parent::__unserialize($parentStr);
+        if (isset($data[2])) {
+            [$this->originalTokenType, $parentData, $this->originalToken] = $data;
+        } else {
+            [$this->originalTokenType, $parentData] = $data;
+        }
+
+        parent::__unserialize($parentData);
+    }
+
+    public function setOriginalToken(TokenInterface $token): void
+    {
+        $this->originalToken = $token;
+    }
+
+    public function getOriginalToken(): ?TokenInterface
+    {
+        return $this->originalToken;
+    }
+
+    public function isAuthenticated(): bool
+    {
+        if (null !== $this->originalToken) {
+            return $this->originalToken->isAuthenticated();
+        }
+
+        return parent::isAuthenticated();
     }
 }