« Previous | Next » 

Revision 2aa6a024


Added by Bastian Waidelich over 9 years ago

[BUGFIX] Use ActionRequest to validate authentication tokens

Currently the security context passes the HTTP Request to
TokenInterface::updateCredentials() in updateTokens().
This has the disadvantage that authentication tokens can
only access raw GET / POST parameters from the HTTP request.
Arguments that are only available through routing are not accessible.

This change adjusts Security/Context, TokenInterface and the provided
implementations accordingly.

Change-Id: I8937d044a7837d8db0fdca342fd7b94d2eadd0ad
Fixes: #36997
Releases: 1.1

  • added
  • modified
  • copied
  • renamed
  • deleted