symfony · nicolas-grekas · Jul 11, 2017 · Jul 3, 2017 · chalasr · Jul 9, 2017
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
@@ -245,7 +245,7 @@ private function createFirewalls($config, ContainerBuilder $container)
         foreach ($providerIds as $userProviderId) {
             $userProviders[] = new Reference($userProviderId);
         }
-        $arguments[1] = $userProviders;
+        $arguments[1] = new IteratorArgument($userProviders);
         $definition->setArguments($arguments);
 
         $customUserChecker = false;
@@ -613,7 +613,7 @@ private function createUserDaoProvider($name, $provider, ContainerBuilder $conta
 
             $container
                 ->setDefinition($name, new ChildDefinition('security.user.provider.chain'))
-                ->addArgument($providers);
+                ->addArgument(new IteratorArgument($providers));
 
             return $name;
         }

diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
@@ -12,6 +12,7 @@
 namespace Symfony\Bundle\SecurityBundle\Tests\DependencyInjection;
 
 use PHPUnit\Framework\TestCase;
+use Symfony\Component\DependencyInjection\Argument\IteratorArgument;
 use Symfony\Component\DependencyInjection\Reference;
 use Symfony\Bundle\SecurityBundle\SecurityBundle;
 use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension;
@@ -57,10 +58,10 @@ public function testUserProviders()
         $this->assertEquals(array(), array_diff($providers, $expectedProviders));
 
         // chain provider
-        $this->assertEquals(array(array(
+        $this->assertEquals(array(new IteratorArgument(array(
             new Reference('security.user.provider.concrete.service'),
             new Reference('security.user.provider.concrete.basic'),
-        )), $container->getDefinition('security.user.provider.concrete.chain')->getArguments());
+        ))), $container->getDefinition('security.user.provider.concrete.chain')->getArguments());
     }
 
     public function testFirewalls()

diff --git a/src/Symfony/Component/Security/Core/Tests/User/ChainUserProviderTest.php b/src/Symfony/Component/Security/Core/Tests/User/ChainUserProviderTest.php
@@ -172,6 +172,26 @@ public function testSupportsClassWhenNotSupported()
         $this->assertFalse($provider->supportsClass('foo'));
     }
 
+    public function testAcceptsTraversable()
+    {
+        $provider1 = $this->getProvider();
+        $provider1
+            ->expects($this->once())
+            ->method('refreshUser')
+            ->will($this->throwException(new UnsupportedUserException('unsupported')))
+        ;
+
+        $provider2 = $this->getProvider();
+        $provider2
+            ->expects($this->once())
+            ->method('refreshUser')
+            ->will($this->returnValue($account = $this->getAccount()))
+        ;
+
+        $provider = new ChainUserProvider(new \ArrayObject(array($provider1, $provider2)));
+        $this->assertSame($account, $provider->refreshUser($this->getAccount()));
+    }
+
     protected function getAccount()
     {
         return $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();

diff --git a/src/Symfony/Component/Security/Core/User/ChainUserProvider.php b/src/Symfony/Component/Security/Core/User/ChainUserProvider.php
@@ -26,7 +26,10 @@ class ChainUserProvider implements UserProviderInterface
 {
     private $providers;
 
-    public function __construct(array $providers)
+    /**
+     * @param iterable|UserProviderInterface[] $providers
+     */
+    public function __construct($providers)
     {
         $this->providers = $providers;
     }
@@ -36,6 +39,10 @@ public function __construct(array $providers)
      */
     public function getProviders()
     {
+        if ($this->providers instanceof \Traversable) {
+            return iterator_to_array($this->providers);
+        }
+
         return $this->providers;
     }
 

diff --git a/src/Symfony/Component/Security/Http/Firewall/ContextListener.php b/src/Symfony/Component/Security/Http/Firewall/ContextListener.php
@@ -44,18 +44,20 @@ class ContextListener implements ListenerInterface
     private $registered;
     private $trustResolver;
 
-    public function __construct(TokenStorageInterface $tokenStorage, array $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, AuthenticationTrustResolverInterface $trustResolver = null)
+    /**
+     * @param TokenStorageInterface                     $tokenStorage
+     * @param iterable|UserProviderInterface[]          $userProviders
+     * @param string                                    $contextKey
+     * @param LoggerInterface|null                      $logger
+     * @param EventDispatcherInterface|null             $dispatcher
+     * @param AuthenticationTrustResolverInterface|null $trustResolver
+     */
+    public function __construct(TokenStorageInterface $tokenStorage, $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, AuthenticationTrustResolverInterface $trustResolver = null)
     {
         if (empty($contextKey)) {
             throw new \InvalidArgumentException('$contextKey must not be empty.');
         }
 
-        foreach ($userProviders as $userProvider) {
-            if (!$userProvider instanceof UserProviderInterface) {
-                throw new \InvalidArgumentException(sprintf('User provider "%s" must implement "Symfony\Component\Security\Core\User\UserProviderInterface".', get_class($userProvider)));
-            }
-        }
-
         $this->tokenStorage = $tokenStorage;
         $this->userProviders = $userProviders;
         $this->contextKey = $contextKey;
@@ -158,6 +160,10 @@ protected function refreshUser(TokenInterface $token)
         $userNotFoundByProvider = false;
 
         foreach ($this->userProviders as $provider) {
+            if (!$provider instanceof UserProviderInterface) {
+                throw new \InvalidArgumentException(sprintf('User provider "%s" must implement "%s".', get_class($provider), UserProviderInterface::class));
+            }
+
             try {
                 $refreshedUser = $provider->refreshUser($user);
                 $token->setUser($refreshedUser);

diff --git a/src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php b/src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php
@@ -53,11 +53,7 @@ public function testItRequiresContextKey()
      */
     public function testUserProvidersNeedToImplementAnInterface()
     {
-        new ContextListener(
-            $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock(),
-            array(new \stdClass()),
-            'key123'
-        );
+        $this->handleEventWithPreviousSession(new TokenStorage(), array(new \stdClass()));
     }
 
     public function testOnKernelResponseWillAddSession()
@@ -287,6 +283,15 @@ public function testRuntimeExceptionIsThrownIfNoSupportingUserProviderWasRegiste
         $this->handleEventWithPreviousSession(new TokenStorage(), array(new NotSupportingUserProvider(), new NotSupportingUserProvider()));
     }
 
+    public function testAcceptsProvidersAsTraversable()
+    {
+        $tokenStorage = new TokenStorage();
+        $refreshedUser = new User('foobar', 'baz');
+        $this->handleEventWithPreviousSession($tokenStorage, new \ArrayObject(array(new NotSupportingUserProvider(), new SupportingUserProvider($refreshedUser))));
+
+        $this->assertSame($refreshedUser, $tokenStorage->getToken()->getUser());
+    }
+
     protected function runSessionOnKernelResponse($newToken, $original = null)
     {
         $session = new Session(new MockArraySessionStorage());
@@ -315,7 +320,7 @@ protected function runSessionOnKernelResponse($newToken, $original = null)
         return $session;
     }
 
-    private function handleEventWithPreviousSession(TokenStorageInterface $tokenStorage, array $userProviders)
+    private function handleEventWithPreviousSession(TokenStorageInterface $tokenStorage, $userProviders)
     {
         $session = new Session(new MockArraySessionStorage());
         $session->set('_security_context_key', serialize(new UsernamePasswordToken(new User('foo', 'bar'), '', 'context_key')));