Skip to content

Commit

Permalink
[Security] SwitchUser: add dynamic redirection path
Browse files Browse the repository at this point in the history
  • Loading branch information
@94noni
94noni committed Apr 2, 2024
1 parent 4b659cb commit 6db6f82
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 1 deletion.
5 changes: 5 additions & 0 deletions src/Symfony/Component/Security/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,11 @@ CHANGELOG

The CHANGELOG for version 5.4 and newer can be found in the security sub-packages (e.g. `Http/`).

7.1
---

* Add a request query string `_redirect_path` handled in `SwitchUserListener` to control the redirection path post switch user. It takes precedence over the `SwitchUserListener $targetRoute` value if any.

5.3
---

Expand Down
6 changes: 5 additions & 1 deletion src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,7 @@ public function supports(Request $request): ?bool
}

$request->attributes->set('_switch_user_username', $username);
$request->attributes->set('_switch_user_redirect_path', $request->query->get('_redirect_path'));

return true;
}
Expand All @@ -106,6 +107,9 @@ public function authenticate(RequestEvent $event): void
$username = $request->attributes->get('_switch_user_username');
$request->attributes->remove('_switch_user_username');

$redirectPath = $request->attributes->get('_switch_user_redirect_path');
$request->attributes->remove('_switch_user_redirect_path');

if (null === $this->tokenStorage->getToken()) {
throw new AuthenticationCredentialsNotFoundException('Could not find original Token object.');
}
Expand All @@ -124,7 +128,7 @@ public function authenticate(RequestEvent $event): void
if (!$this->stateless) {
$request->query->remove($this->usernameParameter);
$request->server->set('QUERY_STRING', http_build_query($request->query->all(), '', '&'));
$response = new RedirectResponse($this->urlGenerator && $this->targetRoute ? $this->urlGenerator->generate($this->targetRoute) : $request->getUri(), 302);
$response = new RedirectResponse((null !== $redirectPath) ? $redirectPath : ($this->urlGenerator && $this->targetRoute ? $this->urlGenerator->generate($this->targetRoute) : $request->getUri()), 302);

$event->setResponse($response);
}
Expand Down

0 comments on commit 6db6f82

Please sign in to comment.