fix issue sonata-project#1191

davidromani · davidromani · commit ccf5d623217e · 2020-08-20T19:40:47.000+02:00
diff --git a/src/DependencyInjection/Configuration.php b/src/DependencyInjection/Configuration.php
@@ -68,6 +68,11 @@ public function getConfigTreeBuilder()
                     ->children()
                         ->scalarNode('server')->cannotBeEmpty()->end()
                         ->scalarNode('enabled')->defaultFalse()->end()
+                        ->arrayNode('ip_white_list')
+                            ->prototype('scalar')->end()
+                            ->info('IPs for which 2FA will be skipped.')
+                            ->setDeprecated('The "%node%" option is deprecated. Use "trusted_ip_list" instead with the same values.')
+                        ->end()
                         ->arrayNode('trusted_ip_list')
                             ->prototype('scalar')->end()
                             ->defaultValue(['127.0.0.1'])
diff --git a/src/DependencyInjection/SonataUserExtension.php b/src/DependencyInjection/SonataUserExtension.php
@@ -174,11 +174,22 @@ public function configureGoogleAuthenticator($config, ContainerBuilder $containe
 
         if (!class_exists('Google\Authenticator\GoogleAuthenticator')
             && !class_exists('Sonata\GoogleAuthenticator\GoogleAuthenticator')) {
-            throw new \RuntimeException('Please add ``sonata-project/google-authenticator`` package');
+            throw new \RuntimeException('Please add "sonata-project/google-authenticator" package');
         }
 
         $container->setParameter('sonata.user.google.authenticator.forced_for_role', $config['google_authenticator']['forced_for_role']);
-        $container->setParameter('sonata.user.google.authenticator.trusted_ip_list', $config['google_authenticator']['trusted_ip_list']);
+
+        // NEXT_MAJOR: Remove this checks and only set the `trusted_ip_list`.
+        if (\count($config['google_authenticator']['ip_white_list']) > 0 && $config['google_authenticator']['trusted_ip_list'] !== ['127.0.0.1']) {
+            throw new \LogicException('Please use only "trusted_ip_list" parameter, "ip_white_list" is deprecated.');
+        }
+        $trustedIpList = $config['google_authenticator']['trusted_ip_list'];
+        if (\count($config['google_authenticator']['ip_white_list']) > 0) {
+            $trustedIpList = $config['google_authenticator']['ip_white_list'];
+        }
+        // NEXT_MAJOR: Remove `sonata.user.google.authenticator.ip_white_list` parameter.
+        $container->setParameter('sonata.user.google.authenticator.ip_white_list', $trustedIpList);
+        $container->setParameter('sonata.user.google.authenticator.trusted_ip_list', $trustedIpList);
 
         $container->getDefinition('sonata.user.google.authenticator.provider')
             ->replaceArgument(0, $config['google_authenticator']['server']);
diff --git a/tests/DependencyInjection/ConfigurationTest.php b/tests/DependencyInjection/ConfigurationTest.php
@@ -42,6 +42,7 @@ public function testDefault(): void
             ],
             'google_authenticator' => [
                 'enabled' => false,
+                'ip_white_list' => [],
                 'trusted_ip_list' => ['127.0.0.1'],
                 'forced_for_role' => ['ROLE_ADMIN'],
             ],
