Merge branch '6.4' into 7.0

nicolas-grekas · nicolas-grekas · commit 9ef76e3dc367 · 2023-11-07T16:10:37.000+01:00
* 6.4:
  [WebProfilerBundle][TwigBundle] Add conflicts with 7.0
  Check whether secrets are empty and mark them all as sensitive
  [HttpKernel] Add `ControllerResolver::allowControllers()` to define which callables are legit controllers when the `_check_controller_is_allowed` request attribute is set
diff --git a/Authenticator/RememberMeAuthenticator.php b/Authenticator/RememberMeAuthenticator.php
@@ -19,6 +19,7 @@
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\Exception\CookieTheftException;
+use Symfony\Component\Security\Core\Exception\InvalidArgumentException;
 use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
 use Symfony\Component\Security\Core\Exception\UserNotFoundException;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
@@ -51,6 +52,10 @@ class RememberMeAuthenticator implements InteractiveAuthenticatorInterface
 
     public function __construct(RememberMeHandlerInterface $rememberMeHandler, #[\SensitiveParameter] string $secret, TokenStorageInterface $tokenStorage, string $cookieName, LoggerInterface $logger = null)
     {
+        if (!$secret) {
+            throw new InvalidArgumentException('A non-empty secret is required.');
+        }
+
         $this->rememberMeHandler = $rememberMeHandler;
         $this->secret = $secret;
         $this->tokenStorage = $tokenStorage;
diff --git a/RateLimiter/DefaultLoginRateLimiter.php b/RateLimiter/DefaultLoginRateLimiter.php
@@ -36,9 +36,10 @@ final class DefaultLoginRateLimiter extends AbstractRequestRateLimiter
      */
     public function __construct(RateLimiterFactory $globalFactory, RateLimiterFactory $localFactory, #[\SensitiveParameter] string $secret = '')
     {
-        if ('' === $secret) {
+        if (!$secret) {
             throw new InvalidArgumentException('A non-empty secret is required.');
         }
+
         $this->globalFactory = $globalFactory;
         $this->localFactory = $localFactory;
         $this->secret = $secret;

Original file line number	Diff line number	Diff line change
`@@ -36,9 +36,10 @@ final class DefaultLoginRateLimiter extends AbstractRequestRateLimiter`
`36`	`36`	`*/`
`37`	`37`	`public function __construct(RateLimiterFactory $globalFactory, RateLimiterFactory $localFactory, #[\SensitiveParameter] string $secret = '')`
`38`	`38`	`{`
`39`		`- if ('' === $secret) {`
	`39`	`+ if (!$secret) {`
`40`	`40`	`throw new InvalidArgumentException('A non-empty secret is required.');`
`41`	`41`	`}`
	`42`	`+`
`42`	`43`	`$this->globalFactory = $globalFactory;`
`43`	`44`	`$this->localFactory = $localFactory;`
`44`	`45`	`$this->secret = $secret;`