From 83d687cc461b4bdae9ffc6efda97464093cae739 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89mile=20Perron?= Date: Wed, 10 Jan 2024 14:40:34 -0500 Subject: [PATCH] feat: add support for partitioned cookies (#368) * feat: add partitioned cookie configuration option * docs: add mention of 'partitioned' option in README * fix: throw LogicException when partitioned option is used in Symfony < 6.4 * style: add trailing comma to Cookie instantiation --- DependencyInjection/Configuration.php | 1 + EventListener/AttachRefreshTokenOnSuccessListener.php | 9 ++++++++- EventListener/LogoutEventListener.php | 1 + README.md | 1 + .../Functional/DependencyInjection/ConfigurationTest.php | 1 + .../GesdinetJWTRefreshTokenExtensionTest.php | 3 +++ 6 files changed, 15 insertions(+), 1 deletion(-) diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php index aef81626..3c2b2d37 100644 --- a/DependencyInjection/Configuration.php +++ b/DependencyInjection/Configuration.php @@ -105,6 +105,7 @@ public function getConfigTreeBuilder(): TreeBuilder ->scalarNode('domain')->defaultNull()->end() ->scalarNode('http_only')->defaultTrue()->end() ->scalarNode('secure')->defaultTrue()->end() + ->scalarNode('partitioned')->defaultFalse()->end() ->scalarNode('remove_token_from_body')->defaultTrue()->end() ->end() ->end() diff --git a/EventListener/AttachRefreshTokenOnSuccessListener.php b/EventListener/AttachRefreshTokenOnSuccessListener.php index 1e2c1866..415022ba 100644 --- a/EventListener/AttachRefreshTokenOnSuccessListener.php +++ b/EventListener/AttachRefreshTokenOnSuccessListener.php @@ -19,6 +19,7 @@ use Symfony\Component\HttpFoundation\Cookie; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\HttpFoundation\RequestStack; +use Symfony\Component\HttpKernel\Kernel; class AttachRefreshTokenOnSuccessListener { @@ -95,9 +96,14 @@ public function __construct( 'http_only' => true, 'secure' => true, 'remove_token_from_body' => true, + 'partitioned' => false, ], $cookieSettings); $this->returnExpiration = $returnExpiration; $this->returnExpirationParameterName = $returnExpirationParameterName; + + if ($this->cookieSettings['partitioned'] && Kernel::VERSION < '6.4') { + throw new \LogicException(sprintf('The `partitioned` option for cookies is only available for Symfony 6.4 and above. You are currently on version %s', Kernel::VERSION)); + } } public function attachRefreshToken(AuthenticationSuccessEvent $event): void @@ -160,7 +166,8 @@ public function attachRefreshToken(AuthenticationSuccessEvent $event): void $this->cookieSettings['secure'], $this->cookieSettings['http_only'], false, - $this->cookieSettings['same_site'] + $this->cookieSettings['same_site'], + $this->cookieSettings['partitioned'], ) ); diff --git a/EventListener/LogoutEventListener.php b/EventListener/LogoutEventListener.php index cfd1df4c..68c574bc 100644 --- a/EventListener/LogoutEventListener.php +++ b/EventListener/LogoutEventListener.php @@ -41,6 +41,7 @@ public function __construct( 'domain' => null, 'http_only' => true, 'secure' => true, + 'partitioned' => false, 'remove_token_from_body' => true, ], $cookieSettings); $this->logout_firewall_context = $logout_firewall_context; diff --git a/README.md b/README.md index 87a1323b..4f90b85a 100644 --- a/README.md +++ b/README.md @@ -400,6 +400,7 @@ gesdinet_jwt_refresh_token: domain: null # default value http_only: true # default value secure: true # default value + partitioned: false # default value remove_token_from_body: true # default value ``` diff --git a/Tests/Functional/DependencyInjection/ConfigurationTest.php b/Tests/Functional/DependencyInjection/ConfigurationTest.php index eae5ea0d..621f2f41 100644 --- a/Tests/Functional/DependencyInjection/ConfigurationTest.php +++ b/Tests/Functional/DependencyInjection/ConfigurationTest.php @@ -45,6 +45,7 @@ public function test_custom_configuration_is_valid(): void 'domain' => 'example.com', 'secure' => false, 'http_only' => false, + 'partitioned' => true, ], ], ]); diff --git a/Tests/Functional/DependencyInjection/GesdinetJWTRefreshTokenExtensionTest.php b/Tests/Functional/DependencyInjection/GesdinetJWTRefreshTokenExtensionTest.php index 2cb27aff..c804ffb8 100644 --- a/Tests/Functional/DependencyInjection/GesdinetJWTRefreshTokenExtensionTest.php +++ b/Tests/Functional/DependencyInjection/GesdinetJWTRefreshTokenExtensionTest.php @@ -37,6 +37,7 @@ public function test_container_is_loaded_with_default_configuration(): void 'domain' => null, 'secure' => true, 'http_only' => true, + 'partitioned' => false, 'remove_token_from_body' => true, ], ); @@ -68,6 +69,7 @@ public function test_container_is_loaded_with_custom_configuration(): void 'domain' => 'example.com', 'secure' => false, 'http_only' => false, + 'partitioned' => true, ], ]); @@ -88,6 +90,7 @@ public function test_container_is_loaded_with_custom_configuration(): void 'domain' => 'example.com', 'secure' => false, 'http_only' => false, + 'partitioned' => true, 'remove_token_from_body' => true, ], );