Commits · symfony/symfony

…s and validation errors together (lyrixx) This PR was merged into the 6.3 branch. Discussion ---------- [HttpKernel] Merge PartialDenormalizationException errors and validation errors together | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | | License | MIT | Doc PR | no needed Commits ------- fef4883 [HttpKernel] Merge PartialDenormalizationException errors and validation errors together

…ion errors together

* 6.2: [HttpClient] fix proxied redirects in curl client Fix serializer normalize attribute context Bump Symfony version to 6.2.10 Update VERSION for 6.2.9 Update CHANGELOG for 6.2.9 [Intl] Update the ICU data to 73.1 [Console] Restoring the ability to output unicode text to the Win10 console [Mailer] Add brifge documentation

* 5.4: [HttpClient] fix proxied redirects in curl client [Intl] Update the ICU data to 73.1 [Console] Restoring the ability to output unicode text to the Win10 console [Mailer] Add brifge documentation

…t content disposition. (Cyb0rk) This PR was squashed before being merged into the 6.3 branch. Discussion ---------- [Mime] Added getDispostion() to TextPart to get current content disposition. | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | N/A | License | MIT | Doc PR | N/A Added getDispostion() in TextPart to get current content disposition. It would be nice to get the current content disposition in TextPart. This is needed to determine if an attachment is inline or not. Commits ------- 09f0049 [Mime] Added getDispostion() to TextPart to get current content disposition.

…sition.

…::normalize` to match `NormalizerInterface::normalize` (mpdude) This PR was merged into the 6.3 branch. Discussion ---------- [Serializer] Update return type for `NormalizableInterface::normalize` to match `NormalizerInterface::normalize` | Q | A | ------------- | --- | Branch? | 6.3 for features | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | | License | MIT | Doc PR | When implementing `NormalizableInterface::normalize` in a class like so ... ```php use Symfony\Component\Serializer\Normalizer\NormalizableInterface; use Symfony\Component\Serializer\Normalizer\NormalizerInterface; class MyClass implements NormalizableInterface { ... public function normalize(NormalizerInterface $normalizer, string $format = null, array $context = []): array|string|int|float|bool { return $normalizer->normalize(['some_key' => $this->someProperty], $format, $context); } } ``` ... then Psalm complains because the return types indicated by both interfaces (`NormalizerInterface` vs. `NormalizableInterface`) don't match. IMHO, my code is a valid use case and the allowed return types should be identical. Caution: This is probably not OK to merge according to the BC promise. Please advise how to change the return type in a compliant manner. Commits ------- b3ecd10 Update return type for NormalizableInterface::normalize to match NormalizerInterface::normalize

This PR was squashed before being merged into the 6.3 branch. Discussion ---------- [VarDumper] Add missing return types | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | Contribution for #47551 | License | MIT | Doc PR | Contribution on the issue #47551 concerning the **VarDumper** component. The type is added on PHPDoc when BC risk is present, else native type is used (private methods / tests). Commits ------- 208df61 [VarDumper] Add missing return types

… (cedric-anne) This PR was merged into the 6.3 branch. Discussion ---------- [Mailer] Allow overriding default eSMTP authenticators | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | Fix #49701 | License | MIT | Doc PR | symfony/symfony-docs#... TODO SMTP authentication using OAuth token on Azure servers is really long, due to high latency responses from the SMTP server (probably to prevent brute-force attacks). Indeed, a `AUTH LOGIN` command is sent first, and have to wait for about 5 seconds get the error response back. Then a `RSET` command is sent and also have to wait for about 5 seconds get a response back. The `AUTH XOAUTH2` command is then sent and all is fast after that. Adding the ability to override default eSMTP authenticators will permit developers to explicitely define that only `XOAUTH2` authenticator has to be used, to prevent high latency in SMTP authentication. I will update the documentation once new methods signatures will be validated. Commits ------- bb656d0 [Mailer] Allow overriding default eSMTP authenticators

This PR was squashed before being merged into the 6.3 branch. Discussion ---------- [Serializer] Add Debug command | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | | License | MIT | Doc PR | symfony/symfony-docs#...   ![Capture d’écran du 2022-12-09 12-15-18](https://user-images.githubusercontent.com/8329789/206690406-fd9152a7-2af3-4b3a-8bb7-5112ab4c28c4.png) Commits ------- 2b5980d [Serializer] Add Debug command

This PR was merged into the 6.3 branch. Discussion ---------- [BrowserKit] Add proper exception hierarchy | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes  | Deprecations? | no  | Tickets | | License | MIT | Doc PR | n/a Back in the day, we didn't always create exception class hierarchies for "small" component. But with time, the BrowserKit defined two of them, without the same convention as the other components. Let's fix that. Commits ------- cf0f9ab [BrowserKit] Add proper exception hierarchy

This PR was squashed before being merged into the 5.4 branch. Discussion ---------- [HttpClient] fix proxied redirects in curl client | Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - When using the `CurlHttpClient` with a proxy defined using the options array, the proxy isn't used after the first request on redirects. The `CURLOPT_PROXY` option is overwritten in the redirect resolver, but the `$options` variable isn't present in that case which causes it to be overwritten with environment variables or nothing, which disables the proxy. I don't know why the proxy option gets rewritten with every redirect, since the same curl handle is used, it should not be necessary to set it again. It also wasn't set before the original commit which introduced this bug (9e5305e). I've removed that part, but I can also change it to pass on the reference to the `$options` variable, which also fixes the issue. In that case, I would suggest moving the validation of the environment variable to a separate function to avoid duplicating that part. I've also added a test case that fails for the curl client without the fix but succeeds for the other clients and the curl client with both possible fixes. Commits ------- 9854226 [HttpClient] fix proxied redirects in curl client

This PR was merged into the 5.4 branch. Discussion ---------- [Intl] Update the ICU data to 73.1 | Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - Upgrade INTL data to ICU 73.1 Commits ------- 2fd9666 [Intl] Update the ICU data to 73.1

…and `#[MapQueryString]` to map Request input to typed objects (Koc) This PR was merged into the 6.3 branch. Discussion ---------- [HttpKernel] Create Attributes `#[MapRequestPayload]` and `#[MapQueryString]` to map Request input to typed objects | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | #36037, #36093, #45628, #47425, #49002, #49134 | License | MIT | Doc PR | TBD Yet another variation of how we can map raw Request data to typed objects with validation. We can even build OpenApi Specification based on this DTO classes using [NelmioApiDocBundle](https://github.com/nelmio/NelmioApiDocBundle). ## Usage Example 🔧 ### `#[MapRequestPayload]` ```php class PostProductReviewPayload { public function __construct( #[Assert\NotBlank] #[Assert\Length(min: 10, max: 500)] public readonly string $comment, #[Assert\GreaterThanOrEqual(1)] #[Assert\LessThanOrEqual(5)] public readonly int $rating, ) { } } class PostJsonApiController { public function __invoke( #[MapRequestPayload] PostProductReviewPayload $payload, ): Response { // $payload is validated and fully typed representation of the request body $request->getContent() // or $request->request->all() } } ``` ### `#[MapQueryString]` ```php class GetOrdersQuery { public function __construct( #[Assert\Valid] public readonly ?GetOrdersFilter $filter, #[Assert\LessThanOrEqual(500)] public readonly int $limit = 25, #[Assert\LessThanOrEqual(10_000)] public readonly int $offset = 0, ) { } } class GetOrdersFilter { public function __construct( #[Assert\Choice(['placed', 'shipped', 'delivered'])] public readonly ?string $status, public readonly ?float $total, ) { } } class GetApiController { public function __invoke( #[MapQueryString] GetOrdersQuery $query, ): Response { // $query is validated and fully typed representation of the query string $request->query->all() } } ``` ### Exception handling 💥 - Validation errors will result in an HTTP 422 response, accompanied by a serialized `ConstraintViolationList`. - Malformed data will be responded to with an HTTP 400 error. - Unsupported deserialization formats will be responded to with an HTTP 415 error. ## Comparison to another implementations 📑 Differences to #49002: - separate Attributes for explicit definition of the used source - no need to define which class use to map because Attributes already associated with typed argument - used ArgumentValueResolver mechanism instead of Subscribers - functional tests Differences to #49134: - it is possible to map whole query string to object, not per parameter - there is validation of the mapped object - supports both `$request->getContent()` and `$request->request->all()` mapping - functional tests Differences to #45628: - separate Attributes for explicit definition of the used source - supports `$request->request->all()` and `$request->query->all()` mapping - Exception handling opt-in - functional tests ## Bonus part 🎁 - Extracted `UnsupportedFormatException` which thrown when there is no decoder for a given format Commits ------- d987093 [HttpKernel] Create Attributes `#[MapRequestPayload]` and `#[MapQueryString]` to map Request input to typed objects

…String]` to map Request input to typed objects

This PR was squashed before being merged into the 6.3 branch. Discussion ---------- [Serializer] Add missing return types | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | Contribution for #47551 | License | MIT | Doc PR | Contribution on the issue #47551 concerning the **Serializer** component. The type is added on PHPDoc when BC risk is present, else native type is used (private methods / tests). Commits ------- d9f2365 [Serializer] Add missing return types

…kalineskou) This PR was merged into the 6.2 branch. Discussion ---------- [Serializer] Fix serializer normalize attribute context | Q | A | ------------- | --- | Branch? | 6.2  | Bug fix? | yes | New feature? | no  | Deprecations? | no  | Tickets | Fix #...  | License | MIT | Doc PR | symfony/symfony-docs#...   Before 6.2.8 property attribute`#[Context(normalizationContext: [AbstractObjectNormalizer::SKIP_NULL_VALUES => true])]` was working correctly Before this PR #49525 `updateData` was using the `$attributeContext` but it got changed to using `$context` (which ignored the attribute context) Fixed the `testNormalizeUsesContextAttributeForPropertiesInConstructorWithSerializedPath` test also since `Context` attribute class was never used in the file (the date was still in `d-m-Y` format when the format key was `m-d-Y`) Would have ported it to 5.4, but it was not added in that branch. Latest commit for this file in 5.4 https://github.com/symfony/symfony/blob/6ae4ac9b9f46203b3ebae3c4c52edd546709bdb1/src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php#L205 Commits ------- 942a184 Fix serializer normalize attribute context

…vincentchalamon) This PR was squashed before being merged into the 6.3 branch. Discussion ---------- [Security] Add OidcUserInfoTokenHandler and OidcUser | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | N/A | License | MIT | Doc PR | symfony/symfony-docs#17463 Hi, This PR aims to complete [the previous one](#46428) from `@Spomky` with an AccessTokenHandler ready-to-use with an OIDC server (Keycloak, Auth0). ## TODO - [x] Rebase from 6.3 - [x] Rebase from #48285 - [x] Rebase from #48594 - [x] Write doc (symfony/symfony-docs#17463) - [x] Add TokenHandlerFactory - [x] Add ServiceTokenHandlerFactory for BC layer - [x] Add OidcUserInfoTokenHandlerFactory - [x] Add OidcTokenHandlerFactory (using web-token/jwt-*) - [x] Implement OidcUser to keep user claims from OIDC server - [x] Update doc PR about claims usage in a custom UserProvider - [x] ~Update doc PR about OidcUserProvider usage~ (abandonned) ## Usage ```yaml # usage with a custom client security: firewalls: main: pattern: ^/ access_token: token_handler: oidc_user_info: client: oidc.client ``` ```yaml # usage with generic HttpClient security: firewalls: main: pattern: ^/ access_token: token_handler: oidc_user_info: claim: email client: base_uri: https://www.example.com/realms/demo/protocol/openid-connect/userinfo ``` ```yaml # usage with token decode (no call to OIDC server) security: firewalls: main: pattern: ^/ access_token: token_handler: oidc: signature: # Algorithm used to sign the JWS algorithm: 'HS256' # A JSON-encoded JWK key: '{"kty":"...","k":"..."}' ``` ```php # usage with a custom UserProvider class CustomUserProvider implements UserProviderInterface { public function loadUserByIdentifier(string $identifier, array $claims = []): UserInterface { // do some magic } } ``` Commits ------- 99a35f0 [Security] Add OidcUserInfoTokenHandler and OidcUser

released v6.2.9

This PR was merged into the 6.3 branch. Discussion ---------- [Notifier] Add options to Telegram Bridge | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes | Deprecations? | no  | Tickets | | License | MIT | Doc PR | symfony/symfony-docs#...  Discord, Mastodon and other notifier have possibility to send photo. Telegram can send photo too but not the bridge. With this small change, this is now possible. Commits ------- 4ebb994 [Notifier] Add options to Telegram Bridge

Commits on Apr 15, 2023

Commits on Apr 14, 2023

Commits on Apr 13, 2023