merge 11.next including changelog changes, improve flash message loca…

…tion in case of nulls

CHANGELOG.md

@@ -9,12 +9,48 @@ Releases for CakePHP 5
     * Migrated old UserShell into command classes
     * Added documentation about commands
 
-Releases for CakePHP 4.3
--------------
+Releases for CakePHP 4.5
+------------------------
+* 11.3.3
+  * Add display of unauthorized url in flash message when debug is true
+
+* 11.3.2
+  * Improve documentation, coding standards
+
+* 11.3.1
+  * Merge changes from diverged branches, including link generator and keep CakePHP 4.5 compatibility
+
+* 11.3.0
+  * Require CakePHP ^4.5
+
+Releases for CakePHP 4.4
+------------------------
+* 11.2.5
+  * Fix failed tests and code standards
+
+* 11.2.4
+  * Fix dependencies, require CakePHP 4.4.*
+
+* 11.2.3
+  * Improved documentation
+  * Deprecate (broken) compatibility with Linkedin Oauth based connector, they only provide compatibility with OpenID Connect now
+  * Add Dutch translation by Stefan
+  * Add `linkGenerator` for emails, useful for API driven apps
+  * Fix CakePHP 4.5 deprecations
+  * Fix webauthn loading issues
+
+* 11.2.2
+  * Fix issue with password rehash with a custom password field
+
+* 11.2.1
+  * Use UsersUrl and unify url building for login action
 
 * 11.2.0
   * Feature/microsoft login by @arodu in #1000
-  * add more events into login component (before login, after login failure) by @rochamarcelo in #1007
+  * Add more events into login component (before login, after login failure) by @rochamarcelo in #1007
+
+* 11.1.1
+  * Use url builder for login redirect
 
 * 11.1.0
   * German (de) by @LordSimal
@@ -24,8 +60,22 @@ Releases for CakePHP 4.3
   * Switched tests to new cakephp schema
   * Update to PHPUnit 9.5
 
+* There are NO tags for 10.x we jumped from 9.x to 11.x
+
 Releases for CakePHP 4
--------------
+----------------------
+* 9.3.1
+  * Add CI tests for PHP 8.1
+  * Add events `EVENT_BEFORE_LOGIN`, `EVENT_AFTER_LOGIN_FAILURE`
+
+* 9.3.0
+  * Improve documentation
+  * Add webauthn as two factor authentication
+
+* 9.2.1
+  * Improve documentation
+  * Fix change password issue
+
 * 9.2.0
   * Switch to github actions
   * New event AfterEmailTokenValidation
@@ -68,9 +118,13 @@ Releases for CakePHP 4
    * Migrated usage of AuthComponent to Authorization/Authentication plugins.
 
 Releases for CakePHP 3
--------------
+----------------------
+* 8.5.2
+  * Add optional merge configuration option
+
 * 8.5.1
   * Added new `UsersAuthComponent::EVENT_SOCIAL_LOGIN_EXISTING_ACCOUNT`
+
 * 8.5.0
   * Added new `UsersAuthComponent::EVENT_BEFORE_SOCIAL_LOGIN_REDIRECT`
   * Added finder to get existing social account
@@ -86,10 +140,10 @@ Releases for CakePHP 3
 * 8.2.1
   * Fix scope in facebook social login
 
-* 8.2
+* 8.2.0
   * Removed deprecations for CakePHP 3.7
 
-* 8.1
+* 8.1.0
   * Added Yubico U2F Authentication
 
 * 8.0.3
@@ -236,7 +290,7 @@ Releases for CakePHP 3
   * Link social accounts in profile
 
 Releases for CakePHP 2
--------------
+----------------------
 
 * 2.1.3
   * Fixed unit tests for compatibility with CakePHP 2.7

src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php

@@ -17,6 +17,7 @@
 use Authorization\Exception\ForbiddenException;
 use Authorization\Exception\MissingIdentityException;
 use Authorization\Middleware\UnauthorizedHandler\CakeRedirectHandler;
+use Cake\Core\Configure;
 use Cake\Http\ServerRequest;
 use Cake\Http\Session;
 use Cake\Routing\Router;
@@ -60,6 +61,7 @@ public function handle(
         $response = parent::handle($exception, $request, $options);
         $session = $request->getAttribute('session');
         if ($session instanceof Session) {
+            $options['request'] = $request;
             $this->addFlashMessage($session, $options);
         }
 
@@ -116,12 +118,18 @@ protected function addFlashMessage(Session $session, $options): void
     protected function createFlashMessage($options): array
     {
         $message = (array)($options['flash'] ?? []);
+        $unauthorizedUrl = '';
+        if (Configure::read('debug')) {
+            $request = $options['request'] ?? null;
+            $uri = $request?->getUri();
+            $unauthorizedUrl = __d('cake_d_c/users', 'Location = {0}', $uri);
+        }
 
         return $message + [
-                'message' => __d('cake_d_c/users', 'You are not authorized to access that location.'),
-                'key' => 'flash',
-                'element' => 'flash/error',
-                'params' => [],
-            ];
+            'message' => __d('cake_d_c/users', 'You are not authorized to access that location.') . $unauthorizedUrl,
+            'key' => 'flash',
+            'element' => 'flash/error',
+            'params' => [],
+        ];
     }
 }

tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php

@@ -54,12 +54,24 @@ public function loginAsUserId($id)
      */
     public function testRedirectToLogin()
     {
+        Configure::write('debug', false);
         $this->enableRetainFlashMessages();
         $this->get('/pages/home');
+
         $this->assertRedirectContains('/login?redirect=%2Fpages%2Fhome');
         $this->assertFlashMessage('You are not authorized to access that location.');
     }
 
+    public function testRedirectToLoginDebug()
+    {
+        Configure::write('debug', true);
+        $this->enableRetainFlashMessages();
+        $this->get('/pages/home');
+
+        $this->assertRedirectContains('/login?redirect=%2Fpages%2Fhome');
+        $this->assertFlashMessage('You are not authorized to access that location.Location = http://localhost/pages/home');
+    }
+
     /**
      * Test login action with get request
      *