Merge branch '6.4' into 7.1

nicolas-grekas · nicolas-grekas · commit 0920bb5ca065 · 2025-01-28T16:50:57.000+01:00
* 6.4:
  [HttpClient] Fix processing a NativeResponse after its client has been reset
  [Security] Throw an explicit error when authenticating a token with a null user
  translation to hebrew
diff --git a/src/Symfony/Component/HttpClient/Response/NativeResponse.php b/src/Symfony/Component/HttpClient/Response/NativeResponse.php
@@ -79,7 +79,7 @@ public function __construct(
         };
 
         $this->canary = new Canary(static function () use ($multi, $id) {
-            if (null !== ($host = $multi->openHandles[$id][6] ?? null) && 0 >= --$multi->hosts[$host]) {
+            if (null !== ($host = $multi->openHandles[$id][6] ?? null) && isset($multi->hosts[$host]) && 0 >= --$multi->hosts[$host]) {
                 unset($multi->hosts[$host]);
             }
             unset($multi->openHandles[$id], $multi->handlesActivity[$id]);
@@ -123,7 +123,7 @@ private function open(): void
                 throw new TransportException($msg);
             }
 
-            $this->logger?->info(sprintf('%s for "%s".', $msg, $url ?? $this->url));
+            $this->logger?->info(\sprintf('%s for "%s".', $msg, $url ?? $this->url));
         });
 
         try {
@@ -142,7 +142,7 @@ private function open(): void
                     $this->info['request_header'] = $this->info['url']['path'].$this->info['url']['query'];
                 }
 
-                $this->info['request_header'] = sprintf("> %s %s HTTP/%s \r\n", $context['http']['method'], $this->info['request_header'], $context['http']['protocol_version']);
+                $this->info['request_header'] = \sprintf("> %s %s HTTP/%s \r\n", $context['http']['method'], $this->info['request_header'], $context['http']['protocol_version']);
                 $this->info['request_header'] .= implode("\r\n", $context['http']['header'])."\r\n\r\n";
 
                 if (\array_key_exists('peer_name', $context['ssl']) && null === $context['ssl']['peer_name']) {
@@ -159,7 +159,7 @@ private function open(): void
                     break;
                 }
 
-                $this->logger?->info(sprintf('Redirecting: "%s %s"', $this->info['http_code'], $url ?? $this->url));
+                $this->logger?->info(\sprintf('Redirecting: "%s %s"', $this->info['http_code'], $url ?? $this->url));
             }
         } catch (\Throwable $e) {
             $this->close();
@@ -294,15 +294,15 @@ private static function perform(ClientState $multi, ?array &$responses = null):
 
                 if (null === $e) {
                     if (0 < $remaining) {
-                        $e = new TransportException(sprintf('Transfer closed with %s bytes remaining to read.', $remaining));
+                        $e = new TransportException(\sprintf('Transfer closed with %s bytes remaining to read.', $remaining));
                     } elseif (-1 === $remaining && fwrite($buffer, '-') && '' !== stream_get_contents($buffer, -1, 0)) {
                         $e = new TransportException('Transfer closed with outstanding data remaining from chunked response.');
                     }
                 }
 
                 $multi->handlesActivity[$i][] = null;
                 $multi->handlesActivity[$i][] = $e;
-                if (null !== ($host = $multi->openHandles[$i][6] ?? null) && 0 >= --$multi->hosts[$host]) {
+                if (null !== ($host = $multi->openHandles[$i][6] ?? null) && isset($multi->hosts[$host]) && 0 >= --$multi->hosts[$host]) {
                     unset($multi->hosts[$host]);
                 }
                 unset($multi->openHandles[$i]);
diff --git a/src/Symfony/Component/HttpClient/Tests/HttpClientTestCase.php b/src/Symfony/Component/HttpClient/Tests/HttpClientTestCase.php
@@ -700,4 +700,17 @@ public function testPostToGetRedirect(int $status)
         $this->assertSame('GET', $body['REQUEST_METHOD']);
         $this->assertSame('/', $body['REQUEST_URI']);
     }
+
+    public function testResponseCanBeProcessedAfterClientReset()
+    {
+        $client = $this->getHttpClient(__FUNCTION__);
+        $response = $client->request('GET', 'http://127.0.0.1:8057/timeout-body');
+        $stream = $client->stream($response);
+
+        $response->getStatusCode();
+        $client->reset();
+        $stream->current();
+
+        $this->addToAssertionCount(1);
+    }
 }
diff --git a/src/Symfony/Component/Security/Http/Firewall/ContextListener.php b/src/Symfony/Component/Security/Http/Firewall/ContextListener.php
@@ -123,6 +123,10 @@ public function authenticate(RequestEvent $event): void
         ]);
 
         if ($token instanceof TokenInterface) {
+            if (!$token->getUser()) {
+                throw new \UnexpectedValueException(\sprintf('Cannot authenticate a "%s" token because it doesn\'t store a user.', $token::class));
+            }
+
             $originalToken = $token;
             $token = $this->refreshUser($token);
 
diff --git a/src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php b/src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php
@@ -36,6 +36,7 @@
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 use Symfony\Component\Security\Http\Firewall\ContextListener;
+use Symfony\Component\Security\Http\Tests\Fixtures\NullUserToken;
 use Symfony\Contracts\Service\ServiceLocatorTrait;
 
 class ContextListenerTest extends TestCase
@@ -58,6 +59,30 @@ public function testUserProvidersNeedToImplementAnInterface()
         $this->handleEventWithPreviousSession([new \stdClass()]);
     }
 
+    public function testTokenReturnsNullUser()
+    {
+        $tokenStorage = new TokenStorage();
+        $tokenStorage->setToken(new NullUserToken());
+
+        $session = new Session(new MockArraySessionStorage());
+        $session->set('_security_context_key', serialize($tokenStorage->getToken()));
+
+        $request = new Request();
+        $request->setSession($session);
+        $request->cookies->set('MOCKSESSID', true);
+
+        $listener = new ContextListener($tokenStorage, [], 'context_key');
+
+        $this->expectException(\UnexpectedValueException::class);
+        $this->expectExceptionMessage('Cannot authenticate a "Symfony\Component\Security\Http\Tests\Fixtures\NullUserToken" token because it doesn\'t store a user.');
+
+        $listener->authenticate(new RequestEvent(
+            $this->createMock(HttpKernelInterface::class),
+            $request,
+            HttpKernelInterface::MAIN_REQUEST,
+        ));
+    }
+
     public function testOnKernelResponseWillAddSession()
     {
         $session = $this->runSessionOnKernelResponse(
diff --git a/src/Symfony/Component/Security/Http/Tests/Fixtures/NullUserToken.php b/src/Symfony/Component/Security/Http/Tests/Fixtures/NullUserToken.php
@@ -0,0 +1,23 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Tests\Fixtures;
+
+use Symfony\Component\Security\Core\Authentication\Token\AbstractToken;
+use Symfony\Component\Security\Core\User\UserInterface;
+
+class NullUserToken extends AbstractToken
+{
+    public function getUser(): ?UserInterface
+    {
+        return null;
+    }
+}
diff --git a/src/Symfony/Component/Validator/Resources/translations/validators.he.xlf b/src/Symfony/Component/Validator/Resources/translations/validators.he.xlf
@@ -136,7 +136,7 @@
             </trans-unit>
             <trans-unit id="37" resname="This is not a valid IP address.">
                 <source>This value is not a valid IP address.</source>
-                <target state="needs-review-translation">ערך זה אינו כתובת IP תקפה.</target>
+                <target>ערך זה אינו כתובת IP תקפה.</target>
             </trans-unit>
             <trans-unit id="38">
                 <source>This value is not a valid language.</source>
@@ -192,7 +192,7 @@
             </trans-unit>
             <trans-unit id="51" resname="No temporary folder was configured in php.ini.">
                 <source>No temporary folder was configured in php.ini, or the configured folder does not exist.</source>
-                <target state="needs-review-translation">לא הוגדרה תיקייה זמנית ב-php.ini, או שהתיקייה המוגדרת אינה קיימת.</target>
+                <target>לא הוגדרה תיקייה זמנית ב-php.ini, או שהתיקייה המוגדרת אינה קיימת.</target>
             </trans-unit>
             <trans-unit id="52">
                 <source>Cannot write temporary file to disk.</source>
@@ -224,7 +224,7 @@
             </trans-unit>
             <trans-unit id="59" resname="This is not a valid International Bank Account Number (IBAN).">
                 <source>This value is not a valid International Bank Account Number (IBAN).</source>
-                <target state="needs-review-translation">ערך זה אינו מספר חשבון בנק בינלאומי (IBAN) תקף.</target>
+                <target>ערך זה אינו מספר זה"ב (IBAN) תקף.</target>
             </trans-unit>
             <trans-unit id="60">
                 <source>This value is not a valid ISBN-10.</source>
@@ -312,15 +312,15 @@
             </trans-unit>
             <trans-unit id="81" resname="This is not a valid Business Identifier Code (BIC).">
                 <source>This value is not a valid Business Identifier Code (BIC).</source>
-                <target state="needs-review-translation">ערך זה אינו קוד מזהה עסקי (BIC) תקף.</target>
+                <target>ערך זה אינו קוד מזהה עסקי (BIC) תקף.</target>
             </trans-unit>
             <trans-unit id="82">
                 <source>Error</source>
                 <target>שגיאה</target>
             </trans-unit>
             <trans-unit id="83" resname="This is not a valid UUID.">
                 <source>This value is not a valid UUID.</source>
-                <target state="needs-review-translation">ערך זה אינו UUID תקף.</target>
+                <target>ערך זה אינו UUID תקף.</target>
             </trans-unit>
             <trans-unit id="84">
                 <source>This value should be a multiple of {{ compared_value }}.</source>
@@ -404,39 +404,39 @@
             </trans-unit>
             <trans-unit id="104">
                 <source>The filename is too long. It should have {{ filename_max_length }} character or less.|The filename is too long. It should have {{ filename_max_length }} characters or less.</source>
-                <target state="needs-review-translation">שם הקובץ ארוך מדי. עליו להכיל {{ filename_max_length }} תווים או פחות.</target>
+                <target>שם הקובץ ארוך מדי. עליו להכיל {{ filename_max_length }} תווים או פחות.</target>
             </trans-unit>
             <trans-unit id="105">
                 <source>The password strength is too low. Please use a stronger password.</source>
-                <target state="needs-review-translation">חוזק הסיסמה נמוך מדי. אנא השתמש בסיסמה חזקה יותר.</target>
+                <target>חוזק הסיסמה נמוך מדי. אנא השתמש בסיסמה חזקה יותר.</target>
             </trans-unit>
             <trans-unit id="106">
                 <source>This value contains characters that are not allowed by the current restriction-level.</source>
-                <target state="needs-review-translation">הערך כולל תווים שאינם מותרים על פי רמת ההגבלה הנוכחית.</target>
+                <target>הערך כולל תווים שאינם מותרים על פי רמת ההגבלה הנוכחית.</target>
             </trans-unit>
             <trans-unit id="107">
                 <source>Using invisible characters is not allowed.</source>
-                <target state="needs-review-translation">אסור להשתמש בתווים בלתי נראים.</target>
+                <target>אסור להשתמש בתווים בלתי נראים.</target>
             </trans-unit>
             <trans-unit id="108">
                 <source>Mixing numbers from different scripts is not allowed.</source>
-                <target state="needs-review-translation">אסור לערבב מספרים מתסריטים שונים.</target>
+                <target>אסור לערבב מספרים מסקריפטים שונים.</target>
             </trans-unit>
             <trans-unit id="109">
                 <source>Using hidden overlay characters is not allowed.</source>
-                <target state="needs-review-translation">אסור להשתמש בתווים מוסתרים של חפיפה.</target>
+                <target>אסור להשתמש בתווים חופפים נסתרים.</target>
             </trans-unit>
             <trans-unit id="110">
                 <source>The extension of the file is invalid ({{ extension }}). Allowed extensions are {{ extensions }}.</source>
-                <target state="needs-review-translation">סיומת הקובץ אינה תקינה ({{ extension }}). הסיומות המותרות הן {{ extensions }}.</target>
+                <target>סיומת הקובץ אינה תקינה ({{ extension }}). הסיומות המותרות הן {{ extensions }}.</target>
             </trans-unit>
             <trans-unit id="111">
                 <source>The detected character encoding is invalid ({{ detected }}). Allowed encodings are {{ encodings }}.</source>
-                <target state="needs-review-translation">קידוד התווים שזוהה אינו חוקי ({{ detected }}). הקידודים המותרים הם {{ encodings }}.</target>
+                <target>קידוד התווים שזוהה אינו חוקי ({{ detected }}). הקידודים המותרים הם {{ encodings }}.</target>
             </trans-unit>
             <trans-unit id="112">
                 <source>This value is not a valid MAC address.</source>
-                <target state="needs-review-translation">ערך זה אינו כתובת MAC תקפה.</target>
+                <target>ערך זה אינו כתובת MAC תקפה.</target>
             </trans-unit>
             <trans-unit id="113">
                 <source>This URL is missing a top-level domain.</source>

Original file line number	Diff line number	Diff line change
`@@ -79,7 +79,7 @@ public function __construct(`
`79`	`79`	`};`
`80`	`80`
`81`	`81`	`$this->canary = new Canary(static function () use ($multi, $id) {`
`82`		`- if (null !== ($host = $multi->openHandles[$id][6] ?? null) && 0 >= --$multi->hosts[$host]) {`
	`82`	`+ if (null !== ($host = $multi->openHandles[$id][6] ?? null) && isset($multi->hosts[$host]) && 0 >= --$multi->hosts[$host]) {`
`83`	`83`	`unset($multi->hosts[$host]);`
`84`	`84`	`}`
`85`	`85`	`unset($multi->openHandles[$id], $multi->handlesActivity[$id]);`
`@@ -123,7 +123,7 @@ private function open(): void`
`123`	`123`	`throw new TransportException($msg);`
`124`	`124`	`}`
`125`	`125`
`126`		`- $this->logger?->info(sprintf('%s for "%s".', $msg, $url ?? $this->url));`
	`126`	`+ $this->logger?->info(\sprintf('%s for "%s".', $msg, $url ?? $this->url));`
`127`	`127`	`});`
`128`	`128`
`129`	`129`	`try {`
`@@ -142,7 +142,7 @@ private function open(): void`
`142`	`142`	`$this->info['request_header'] = $this->info['url']['path'].$this->info['url']['query'];`
`143`	`143`	`}`
`144`	`144`
`145`		`- $this->info['request_header'] = sprintf("> %s %s HTTP/%s \r\n", $context['http']['method'], $this->info['request_header'], $context['http']['protocol_version']);`
	`145`	`+ $this->info['request_header'] = \sprintf("> %s %s HTTP/%s \r\n", $context['http']['method'], $this->info['request_header'], $context['http']['protocol_version']);`
`146`	`146`	`$this->info['request_header'] .= implode("\r\n", $context['http']['header'])."\r\n\r\n";`
`147`	`147`
`148`	`148`	`if (\array_key_exists('peer_name', $context['ssl']) && null === $context['ssl']['peer_name']) {`
`@@ -159,7 +159,7 @@ private function open(): void`
`159`	`159`	`break;`
`160`	`160`	`}`
`161`	`161`
`162`		`- $this->logger?->info(sprintf('Redirecting: "%s %s"', $this->info['http_code'], $url ?? $this->url));`
	`162`	`+ $this->logger?->info(\sprintf('Redirecting: "%s %s"', $this->info['http_code'], $url ?? $this->url));`
`163`	`163`	`}`
`164`	`164`	`} catch (\Throwable $e) {`
`165`	`165`	`$this->close();`
`@@ -294,15 +294,15 @@ private static function perform(ClientState $multi, ?array &$responses = null):`
`294`	`294`
`295`	`295`	`if (null === $e) {`
`296`	`296`	`if (0 < $remaining) {`
`297`		`- $e = new TransportException(sprintf('Transfer closed with %s bytes remaining to read.', $remaining));`
	`297`	`+ $e = new TransportException(\sprintf('Transfer closed with %s bytes remaining to read.', $remaining));`
`298`	`298`	`} elseif (-1 === $remaining && fwrite($buffer, '-') && '' !== stream_get_contents($buffer, -1, 0)) {`
`299`	`299`	`$e = new TransportException('Transfer closed with outstanding data remaining from chunked response.');`
`300`	`300`	`}`
`301`	`301`	`}`
`302`	`302`
`303`	`303`	`$multi->handlesActivity[$i][] = null;`
`304`	`304`	`$multi->handlesActivity[$i][] = $e;`
`305`		`- if (null !== ($host = $multi->openHandles[$i][6] ?? null) && 0 >= --$multi->hosts[$host]) {`
	`305`	`+ if (null !== ($host = $multi->openHandles[$i][6] ?? null) && isset($multi->hosts[$host]) && 0 >= --$multi->hosts[$host]) {`
`306`	`306`	`unset($multi->hosts[$host]);`
`307`	`307`	`}`
`308`	`308`	`unset($multi->openHandles[$i]);`