admin/ludikevent_crm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: ajouter log détaillé sur SSO InvalidState pour diagnostic

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Serreau Jovann
2026-03-26 09:46:49 +01:00
parent 6b882639b1
commit 31b28e5df2
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/Security/KeycloakAuthenticator.php
View File

@@ -19,18 +19,21 @@ use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPasspor
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
use Symfony\Component\Uid\Uuid; use Symfony\Component\Uid\Uuid;
use KnpU\OAuth2ClientBundle\Security\Exception\InvalidStateAuthenticationException; use KnpU\OAuth2ClientBundle\Security\Exception\InvalidStateAuthenticationException;
use Psr\Log\LoggerInterface;
class KeycloakAuthenticator extends OAuth2Authenticator implements AuthenticationEntryPointInterface class KeycloakAuthenticator extends OAuth2Authenticator implements AuthenticationEntryPointInterface
{ {
private $clientRegistry; private $clientRegistry;
private $entityManager; private $entityManager;
private $router; private $router;
private $logger;
public function __construct(ClientRegistry $clientRegistry, EntityManagerInterface $entityManager, RouterInterface $router) public function __construct(ClientRegistry $clientRegistry, EntityManagerInterface $entityManager, RouterInterface $router, LoggerInterface $logger)
{ {
$this->clientRegistry = $clientRegistry; $this->clientRegistry = $clientRegistry;
$this->entityManager = $entityManager; $this->entityManager = $entityManager;
$this->router = $router; $this->router = $router;
$this->logger = $logger;
} }
public function supports(Request $request): ?bool public function supports(Request $request): ?bool
@@ -93,6 +96,11 @@ class KeycloakAuthenticator extends OAuth2Authenticator implements Authenticatio
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
{ {
if ($exception instanceof InvalidStateAuthenticationException) { if ($exception instanceof InvalidStateAuthenticationException) {
$this->logger->error('SSO Invalid State', [
'session_id' => $request->getSession()->getId(),
'has_session' => $request->hasSession(),
'state_param' => $request->query->get('state'),
]);
return new RedirectResponse($this->router->generate('app_home')); return new RedirectResponse($this->router->generate('app_home'));
} }