Merge branch '4.1'

* 4.1:
  SCA: removed unused variables
  Remove duplicate condition
  fix useless space in docblock
  remove unneeded tearDown method
  [Intl] Update the ICU data to 63.1
  [FrameworkBundle] Fix broken exception message
  [Messenger] send using the routing_key for AMQP transport
  also clean away the NO_AUTO_CACHE_CONTROL_HEADER if we have no session
  [TwigBundle] Fix usage of TwigBundle without FrameworkBundle
  Revert "fixed CS"
  [Serializer] Reduce class discriminator overhead
  Skip empty proxy code
  [Security] Fix "exclude-from-classmap"
  [Security] Removed unsed trait import
  [Config] Fix @method annotation
  add missing double-quotes to extra_fields output message
  [DI] Default undefined env to empty string during compile
  Convert InsufficientAuthenticationException to HttpException

Author: nicolas-grekas

Guard/Authenticator/AbstractFormLoginAuthenticator.php

@@ -16,7 +16,6 @@
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\Security;
 use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
-use Symfony\Component\Security\Http\Util\TargetPathTrait;
 
 /**
  * A base class to make form login authentication easier!
@@ -25,8 +24,6 @@
  */
 abstract class AbstractFormLoginAuthenticator extends AbstractGuardAuthenticator
 {
-    use TargetPathTrait;
-
     /**
      * Return the URL to the login page.
      *

Guard/Tests/Authenticator/FormLoginAuthenticatorTest.php

@@ -91,12 +91,6 @@ protected function setUp()
             ->setDefaultSuccessRedirectUrl(self::DEFAULT_SUCCESS_URL)
         ;
     }
-
-    protected function tearDown()
-    {
-        $this->request = null;
-        $this->requestWithSession = null;
-    }
 }
 
 class TestFormLoginAuthenticator extends AbstractFormLoginAuthenticator

Http/Firewall/ExceptionListener.php

@@ -17,6 +17,7 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+use Symfony\Component\HttpKernel\Exception\HttpException;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
 use Symfony\Component\HttpKernel\KernelEvents;
 use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
@@ -171,7 +172,7 @@ private function handleLogoutException(LogoutException $exception): void
     private function startAuthentication(Request $request, AuthenticationException $authException): Response
     {
         if (null === $this->authenticationEntryPoint) {
-            throw $authException;
+            throw new HttpException(Response::HTTP_UNAUTHORIZED, $authException->getMessage(), $authException, array(), $authException->getCode());
         }
 
         if (null !== $this->logger) {

Http/Tests/Firewall/ExceptionListenerTest.php

@@ -15,6 +15,7 @@
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
+use Symfony\Component\HttpKernel\Exception\HttpException;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
 use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
@@ -30,15 +31,15 @@ class ExceptionListenerTest extends TestCase
     /**
      * @dataProvider getAuthenticationExceptionProvider
      */
-    public function testAuthenticationExceptionWithoutEntryPoint(\Exception $exception, \Exception $eventException = null)
+    public function testAuthenticationExceptionWithoutEntryPoint(\Exception $exception, \Exception $eventException)
     {
         $event = $this->createEvent($exception);
 
         $listener = $this->createExceptionListener();
         $listener->onKernelException($event);
 
         $this->assertNull($event->getResponse());
-        $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException());
+        $this->assertEquals($eventException, $event->getException());
     }
 
     /**
@@ -63,11 +64,11 @@ public function testAuthenticationExceptionWithEntryPoint(\Exception $exception)
     public function getAuthenticationExceptionProvider()
     {
         return array(
-            array(new AuthenticationException()),
-            array(new \LogicException('random', 0, $e = new AuthenticationException()), $e),
-            array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AuthenticationException())), $e),
-            array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AccessDeniedException())), $e),
-            array(new AuthenticationException('random', 0, new \LogicException())),
+            array($e = new AuthenticationException(), new HttpException(Response::HTTP_UNAUTHORIZED, '', $e, array(), 0)),
+            array(new \LogicException('random', 0, $e = new AuthenticationException()), new HttpException(Response::HTTP_UNAUTHORIZED, '', $e, array(), 0)),
+            array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AuthenticationException())), new HttpException(Response::HTTP_UNAUTHORIZED, 'embed', $e, array(), 0)),
+            array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AccessDeniedException())), new HttpException(Response::HTTP_UNAUTHORIZED, 'embed', $e, array(), 0)),
+            array($e = new AuthenticationException('random', 0, new \LogicException()), new HttpException(Response::HTTP_UNAUTHORIZED, 'random', $e, array(), 0)),
         );
     }
 

composer.json

@@ -50,7 +50,10 @@
     "autoload": {
         "psr-4": { "Symfony\\Component\\Security\\": "" },
         "exclude-from-classmap": [
-            "/Tests/"
+            "/Core/Tests/",
+            "/Csrf/Tests/",
+            "/Guard/Tests/",
+            "/Http/Tests/"
         ]
     },
     "minimum-stability": "dev",