diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feature #40487 [Security] Remove deprecated support for passing a UserInterface implementation to Passport (wouterj)

Browse Source 
This PR was merged into the 5.3-dev branch.

Discussion
----------

[Security] Remove deprecated support for passing a UserInterface implementation to Passport

| Q             | A
| ------------- | ---
| Branch?       | 5.x
| Bug fix?      | no
| New feature?  | no
| Deprecations? | no
| Tickets       | -
| License       | MIT
| Doc PR        | -

In https://github.com/symfony/symfony/pull/37846#pullrequestreview-473047140 , we agreed to have a deprecation path of only one minor release as the `Passport` feature is still experimental.

Commits
-------

99cf2a3a71 [Security] Disallow passing a UserInterface to Passport
This commit is contained in:
Fabien Potencier 2021-03-17 07:03:40 +01:00
commit 2c37d6fd39
5 changed files with 6 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
UPGRADE-5.3.md
View File

@ -91,6 +91,7 @@ Security
If you are using the `isAccountNonLocked()`, `isAccountNonExpired()` or `isCredentialsNonExpired()` method, consider re-implementing If you are using the `isAccountNonLocked()`, `isAccountNonExpired()` or `isCredentialsNonExpired()` method, consider re-implementing
them in your own user class, as they are not part of the `InMemoryUser` API them in your own user class, as they are not part of the `InMemoryUser` API
* Deprecate class `UserChecker`, use `InMemoryUserChecker` or your own implementation instead * Deprecate class `UserChecker`, use `InMemoryUserChecker` or your own implementation instead
* [BC break] Remove support for passing a `UserInterface` implementation to `Passport`, use the `UserBadge` instead.
* Deprecate `UserInterface::getPassword()` * Deprecate `UserInterface::getPassword()`
If your `getPassword()` method does not return `null` (i.e. you are using password-based authentication), If your `getPassword()` method does not return `null` (i.e. you are using password-based authentication),
you should implement `PasswordAuthenticatedUserInterface`. you should implement `PasswordAuthenticatedUserInterface`.

1
src/Symfony/Component/Security/CHANGELOG.md
View File

@ -6,6 +6,7 @@ CHANGELOG
* Deprecate class `User`, use `InMemoryUser` instead * Deprecate class `User`, use `InMemoryUser` instead
* Deprecate class `UserChecker`, use `InMemoryUserChecker` or your own implementation instead * Deprecate class `UserChecker`, use `InMemoryUserChecker` or your own implementation instead
* [BC break] Remove support for passing a `UserInterface` implementation to `Passport`, use the `UserBadge` instead.
* Add `PasswordAuthenticatedUserInterface` for user classes that use passwords * Add `PasswordAuthenticatedUserInterface` for user classes that use passwords
* Add `LegacyPasswordAuthenticatedUserInterface` for user classes that use user-provided salts in addition to passwords * Add `LegacyPasswordAuthenticatedUserInterface` for user classes that use user-provided salts in addition to passwords
* Deprecate all classes in the `Core\Encoder\` sub-namespace, use the `PasswordHasher` component instead * Deprecate all classes in the `Core\Encoder\` sub-namespace, use the `PasswordHasher` component instead

12
src/Symfony/Component/Security/Http/Authenticator/Passport/Passport.php
View File

@ -32,23 +32,13 @@ class Passport implements UserPassportInterface
private $attributes = []; private $attributes = [];
/** /**
* @param UserBadge $userBadge
* @param CredentialsInterface $credentials the credentials to check for this authentication, use * @param CredentialsInterface $credentials the credentials to check for this authentication, use
* SelfValidatingPassport if no credentials should be checked * SelfValidatingPassport if no credentials should be checked
* @param BadgeInterface[] $badges * @param BadgeInterface[] $badges
*/ */
public function __construct($userBadge, CredentialsInterface $credentials, array $badges = []) public function __construct(UserBadge $userBadge, CredentialsInterface $credentials, array $badges = [])
{ {
if ($userBadge instanceof UserInterface) {
trigger_deprecation('symfony/security-http', '5.2', 'The 1st argument of "%s" must be an instance of "%s", support for "%s" will be removed in symfony/security-http 5.3.', __CLASS__, UserBadge::class, UserInterface::class);
$this->user = $userBadge;
} elseif ($userBadge instanceof UserBadge) {
$this->addBadge($userBadge); $this->addBadge($userBadge);
} else {
throw new \TypeError(sprintf('Argument 1 of "%s" must be an instance of "%s", "%s" given.', __METHOD__, UserBadge::class, get_debug_type($userBadge)));
}
$this->addBadge($credentials); $this->addBadge($credentials);
foreach ($badges as $badge) { foreach ($badges as $badge) {
$this->addBadge($badge); $this->addBadge($badge);

12
src/Symfony/Component/Security/Http/Authenticator/Passport/SelfValidatingPassport.php
View File

@ -26,21 +26,11 @@ use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
class SelfValidatingPassport extends Passport class SelfValidatingPassport extends Passport
{ {
/** /**
* @param UserBadge $userBadge
* @param BadgeInterface[] $badges * @param BadgeInterface[] $badges
*/ */
public function __construct($userBadge, array $badges = []) public function __construct(UserBadge $userBadge, array $badges = [])
{ {
if ($userBadge instanceof UserInterface) {
trigger_deprecation('symfony/security-http', '5.2', 'The 1st argument of "%s" must be an instance of "%s", support for "%s" will be removed in symfony/security-http 5.3.', __CLASS__, UserBadge::class, UserInterface::class);
$this->user = $userBadge;
} elseif ($userBadge instanceof UserBadge) {
$this->addBadge($userBadge); $this->addBadge($userBadge);
} else {
throw new \TypeError(sprintf('Argument 1 of "%s" must be an instance of "%s", "%s" given.', __METHOD__, UserBadge::class, get_debug_type($userBadge)));
}
foreach ($badges as $badge) { foreach ($badges as $badge) {
$this->addBadge($badge); $this->addBadge($badge);
} }

12
src/Symfony/Component/Security/Http/Tests/EventListener/UserProviderListenerTest.php
View File

@ -61,16 +61,4 @@ class UserProviderListenerTest extends TestCase
{ {
yield [new SelfValidatingPassport(new UserBadge('wouter', function () {}))]; yield [new SelfValidatingPassport(new UserBadge('wouter', function () {}))];
} }
/**
* @group legacy
*/
public function testLegacyUserPassport()
{
$passport = new SelfValidatingPassport($user = $this->createMock(UserInterface::class));
$this->listener->checkPassport(new CheckPassportEvent($this->createMock(AuthenticatorInterface::class), $passport));
$this->assertFalse($passport->hasBadge(UserBadge::class));
$this->assertSame($user, $passport->getUser());
}
} }