Prevent empty identifier for user entity

thephpleague · May 16, 2024 · d2ebd4f · d2ebd4f
1 parent 98651dd
commit d2ebd4f
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 2 deletions.
diff --git a/src/Converter/UserConverter.php b/src/Converter/UserConverter.php
@@ -10,6 +10,19 @@
 
 final class UserConverter implements UserConverterInterface
 {
+ public const DEFAULT_ANONYMOUS_USER_IDENTIFIER = 'anonymous';
+
+ /** @var non-empty-string */
+ private string $anonymousUserIdentifier;
+
+ /**
+ * @param non-empty-string $anonymousUserIdentifier
+ */
+ public function __construct(string $anonymousUserIdentifier = self::DEFAULT_ANONYMOUS_USER_IDENTIFIER)
+ {
+ $this->anonymousUserIdentifier = $anonymousUserIdentifier;
+ }
+
  /**
  * @psalm-suppress DeprecatedMethod
  * @psalm-suppress UndefinedInterfaceMethod
@@ -20,11 +33,14 @@ public function toLeague(?UserInterface $user): UserEntityInterface
  if ($user instanceof UserInterface) {
  $identifier = method_exists($user, 'getUserIdentifier') ? $user->getUserIdentifier() : $user->getUsername();
  if ('' === $identifier) {
- throw new \RuntimeException('Emtpy identifier not allowed');
+ $identifier = $this->anonymousUserIdentifier;
  }
- $userEntity->setIdentifier($identifier);
+ } else {
+ $identifier = $this->anonymousUserIdentifier;
  }
 
+ $userEntity->setIdentifier($identifier);
+
  return $userEntity;
  }
 }
diff --git a/src/DependencyInjection/Configuration.php b/src/DependencyInjection/Configuration.php
@@ -5,6 +5,7 @@
 namespace League\Bundle\OAuth2ServerBundle\DependencyInjection;
 
 use Defuse\Crypto\Key;
+use League\Bundle\OAuth2ServerBundle\Converter\UserConverter;
 use League\Bundle\OAuth2ServerBundle\Model\AbstractClient;
 use League\Bundle\OAuth2ServerBundle\Model\Client;
 use Symfony\Component\Config\Definition\Builder\NodeDefinition;
@@ -31,6 +32,11 @@ public function getConfigTreeBuilder(): TreeBuilder
  ->defaultValue('ROLE_OAUTH2_')
  ->cannotBeEmpty()
  ->end()
+ ->scalarNode('anonymous_user_identifier')
+ ->info('Set a default user identifier for anonymous users')
+ ->defaultValue(UserConverter::DEFAULT_ANONYMOUS_USER_IDENTIFIER)
+ ->cannotBeEmpty()
+ ->end()
  ->end();
 
  return $treeBuilder;

diff --git a/src/DependencyInjection/LeagueOAuth2ServerExtension.php b/src/DependencyInjection/LeagueOAuth2ServerExtension.php
@@ -8,6 +8,7 @@
 use League\Bundle\OAuth2ServerBundle\AuthorizationServer\GrantTypeInterface;
 use League\Bundle\OAuth2ServerBundle\Command\CreateClientCommand;
 use League\Bundle\OAuth2ServerBundle\Command\GenerateKeyPairCommand;
+use League\Bundle\OAuth2ServerBundle\Converter\UserConverter;
 use League\Bundle\OAuth2ServerBundle\DBAL\Type\Grant as GrantType;
 use League\Bundle\OAuth2ServerBundle\DBAL\Type\RedirectUri as RedirectUriType;
 use League\Bundle\OAuth2ServerBundle\DBAL\Type\Scope as ScopeType;
@@ -68,6 +69,9 @@ public function load(array $configs, ContainerBuilder $container)
  $container->findDefinition(OAuth2Authenticator::class)
  ->setArgument(3, $config['role_prefix']);
 
+ $container->findDefinition(UserConverter::class)
+ ->setArgument(0, $config['anonymous_user_identifier']);
+
  $container->registerForAutoconfiguration(GrantTypeInterface::class)
  ->addTag('league.oauth2_server.authorization_server.grant');