bug #39389 [Security]  Move the handleAuthenticationSuccess logic outside try/catch...
authorJérémy Derussé <jeremy@derusse.com>
Tue, 12 Jan 2021 08:13:20 +0000 (09:13 +0100)
committerJérémy Derussé <jeremy@derusse.com>
Tue, 12 Jan 2021 08:13:20 +0000 (09:13 +0100)
commit5dff21b45b68e9fadc17e89c553a25abb642e7eb
tree1a2a01b2f67ea3cf5ee5f57bc6b2011fc1cdde6c
parent84ce026ffad922a809ce019a5df65559aaab446f
parentda5c39ec2e65ed4e58b08577e8de29e06ef65a33
bug #39389 [Security]  Move the handleAuthenticationSuccess logic outside try/catch block (jderusse)

This PR was merged into the 5.2 branch.

Discussion
----------

[Security]  Move the handleAuthenticationSuccess logic outside try/catch block

| Q             | A
| ------------- | ---
| Branch?       | 5.2
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Tickets       | -
| License       | MIT
| Doc PR        | -

The current implementation of `AuthenticationManager` handle the `handleAuthenticationSuccess` logic in a try/catch block which triggers the `handleAuthenticationFailure` in case of failure.

Which could leads to inconsistency and unexpected behavior. The authentication is either successfully or failure, but can't be both in the same request.

Commits
-------

da5c39ec2e Move AuthenticationSuccessEvent outside try/catch block