IBX-665: Bumped Symfony dependency to 5.3

composer.json

@@ -19,17 +19,17 @@
         "ext-simplexml": "*",
         "ext-xmlwriter": "*",
         "ezsystems/ezplatform-kernel": "^1.3@dev",
-        "symfony/http-kernel": "^5.0",
-        "symfony/dependency-injection": "^5.0",
-        "symfony/routing": "^5.0",
-        "symfony/http-foundation": "^5.0",
-        "symfony/config": "^5.0",
-        "symfony/yaml": "^5.0",
-        "symfony/event-dispatcher": "^5.0",
-        "symfony/security-csrf": "^5.0",
-        "symfony/expression-language": "^5.0",
-        "symfony/form": "^5.0",
-        "symfony/security-bundle": "^5.0",
+        "symfony/http-kernel": "^5.3",
+        "symfony/dependency-injection": "^5.3",
+        "symfony/routing": "^5.3",
+        "symfony/http-foundation": "^5.3",
+        "symfony/config": "^5.3",
+        "symfony/yaml": "^5.3",
+        "symfony/event-dispatcher": "^5.3",
+        "symfony/security-csrf": "^5.3",
+        "symfony/expression-language": "^5.3",
+        "symfony/form": "^5.3",
+        "symfony/security-bundle": "^5.3",
         "hautelook/templated-uri-bundle": "^3.2",
         "lexik/jwt-authentication-bundle": "^2.8"
     },
@@ -41,8 +41,8 @@
         "phpunit/phpunit": "^8.5",
         "matthiasnoback/symfony-dependency-injection-test": "^4.1",
         "nyholm/psr7": "^1.1",
-        "symfony/http-client": "^5.0",
-        "symfony/browser-kit": "^5.0"
+        "symfony/http-client": "^5.3",
+        "symfony/browser-kit": "^5.3"
     },
     "scripts": {
         "fix-cs": "@php ./vendor/bin/php-cs-fixer fix -v --show-progress=estimating"

src/bundle/Resources/config/security.yml

@@ -13,7 +13,6 @@ services:
             - ~ # Will be replaced at compile time by security provider key
             - "@event_dispatcher"
             - "@ezpublish.config.resolver"
-            - "@session.storage"
             - "@?logger"
             - "%ibexa.rest.authentication_min_delay_time%"
             - "%ibexa.rest.authentication_max_delay_time%"

src/lib/Server/Security/RestAuthenticator.php

@@ -15,7 +15,6 @@
 use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\HttpFoundation\Session\Storage\SessionStorageInterface;
 use Symfony\Component\HttpKernel\Event\RequestEvent;
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@@ -68,11 +67,6 @@ class RestAuthenticator implements AuthenticatorInterface
      */
     private $configResolver;
 
-    /**
-     * @var \Symfony\Component\HttpFoundation\Session\Storage\SessionStorageInterface
-     */
-    private $sessionStorage;
-
     /**
      * @var \Symfony\Component\Security\Http\Logout\LogoutHandlerInterface[]
      */
@@ -94,7 +88,6 @@ public function __construct(
         $providerKey,
         EventDispatcherInterface $dispatcher,
         ConfigResolverInterface $configResolver,
-        SessionStorageInterface $sessionStorage,
         LoggerInterface $logger = null,
         $minSleepTime = self::DEFAULT_MIN_SLEEP_VALUE,
         $maxSleepTime = self::DEFAULT_MAX_SLEEP_VALUE
@@ -104,7 +97,6 @@ public function __construct(
         $this->providerKey = $providerKey;
         $this->dispatcher = $dispatcher;
         $this->configResolver = $configResolver;
-        $this->sessionStorage = $sessionStorage;
         $this->logger = $logger;
         $this->minSleepTime = !is_int($minSleepTime) ? self::DEFAULT_MIN_SLEEP_VALUE : $minSleepTime;
         $this->maxSleepTime = !is_int($maxSleepTime) ? self::DEFAULT_MAX_SLEEP_VALUE : $maxSleepTime;
@@ -226,7 +218,7 @@ public function logout(Request $request)
         // generation of a new session id.
         // REST logout must indeed clear the session cookie.
         // See \EzSystems\EzPlatformRest\Server\Security\RestLogoutHandler
-        $this->sessionStorage->clear();
+        $request->getSession()->clear();
 
         $token = $this->tokenStorage->getToken();
         foreach ($this->logoutHandlers as $handler) {

tests/lib/Server/Security/RestSessionBasedAuthenticatorTest.php

@@ -15,7 +15,8 @@
 use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\HttpFoundation\Session\Storage\SessionStorageInterface;
+use Symfony\Component\HttpFoundation\Session\Session;
+use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\User\UserInterface;
@@ -53,11 +54,6 @@ class RestSessionBasedAuthenticatorTest extends TestCase
      */
     private $configResolver;
 
-    /**
-     * @var \PHPUnit\Framework\MockObject\MockObject
-     */
-    private $sessionStorage;
-
     /**
      * @var \PHPUnit\Framework\MockObject\MockObject
      */
@@ -75,15 +71,13 @@ protected function setUp(): void
         $this->authenticationManager = $this->createMock(AuthenticationManagerInterface::class);
         $this->eventDispatcher = $this->createMock(EventDispatcherInterface::class);
         $this->configResolver = $this->createMock(ConfigResolverInterface::class);
-        $this->sessionStorage = $this->createMock(SessionStorageInterface::class);
         $this->logger = $this->createMock(LoggerInterface::class);
         $this->authenticator = new RestAuthenticator(
             $this->tokenStorage,
             $this->authenticationManager,
             self::PROVIDER_KEY,
             $this->eventDispatcher,
             $this->configResolver,
-            $this->sessionStorage,
             $this->logger
         );
     }
@@ -534,6 +528,8 @@ public function testLogout()
             ->willReturn($token);
 
         $request = new Request();
+        $request->setSession(new Session(new MockArraySessionStorage()));
+
         $logoutHandler1 = $this->createMock(LogoutHandlerInterface::class);
         $logoutHandler1
             ->expects($this->once())