New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[make:registration] drop guard authentication support #1243
Changes from 7 commits
977835c
7c25f0b
13348d5
340ab01
824451f
ef75722
97fcbb1
caaae50
0d96a67
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -11,10 +11,13 @@ | |
|
||
namespace Symfony\Bundle\MakerBundle\Security; | ||
|
||
use Symfony\Bundle\MakerBundle\Security\Model\Authenticator; | ||
use Symfony\Bundle\MakerBundle\Security\Model\AuthenticatorType; | ||
use Symfony\Bundle\MakerBundle\Str; | ||
use Symfony\Bundle\MakerBundle\Validator; | ||
use Symfony\Component\Console\Style\SymfonyStyle; | ||
use Symfony\Component\Security\Core\User\UserInterface; | ||
use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface; | ||
|
||
/** | ||
* @internal | ||
|
@@ -140,22 +143,57 @@ public function guessPasswordField(SymfonyStyle $io, string $userClass): string | |
); | ||
} | ||
|
||
public function getAuthenticatorClasses(array $firewallData): array | ||
/** | ||
* @param array<string, array<string, mixed>> $firewalls Config data from security.firewalls | ||
* | ||
* @return Authenticator[] | ||
*/ | ||
public function getAuthenticatorsFromConfig(array $firewalls): array | ||
{ | ||
if (isset($firewallData['guard'])) { | ||
return array_filter($firewallData['guard']['authenticators'] ?? [], static fn ($authenticator) => class_exists($authenticator)); | ||
} | ||
$authenticators = []; | ||
|
||
if (isset($firewallData['custom_authenticator'])) { | ||
$authenticators = $firewallData['custom_authenticator']; | ||
if (\is_string($authenticators)) { | ||
$authenticators = [$authenticators]; | ||
// Iterate of each firewall that exists e.g. security.firewalls.main | ||
foreach ($firewalls as $firewallName => $firewallConfig) { | ||
if (!\is_array($firewallConfig)) { | ||
continue; | ||
} | ||
|
||
return array_filter($authenticators, static fn ($authenticator) => class_exists($authenticator)); | ||
foreach ($firewallConfig as $potentialAuthenticator => $configData) { | ||
if (null === ($authenticator = AuthenticatorType::tryFrom($potentialAuthenticator))) { | ||
// This entry is probably security.firewalls.main.lazy or security.firewalls.main.providers | ||
continue; | ||
} | ||
|
||
if (AuthenticatorType::CUSTOM !== $authenticator) { | ||
// We found a "built in" authenticator - "form_login", "json_login", etc... | ||
$authenticators[] = new Authenticator($authenticator, $firewallName); | ||
|
||
continue; | ||
} | ||
|
||
// custom_authenticators can be set as a string or an array in security.yaml | ||
if (\is_string($configData)) { | ||
$configData = [$configData]; | ||
} | ||
|
||
foreach ($configData as $customAuthenticatorClass) { | ||
// if (!class_exists($customAuthenticatorClass)) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'm not sure if we should check if the authenticator exists and that it implements There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I'm actually a bit lost in this method. We're looping over the keys under a firewall, right? And the first if statement with
Won't |
||
// continue; | ||
// } | ||
|
||
// $isValidAuthenticator = (new \ReflectionClass($customAuthenticatorClass)) | ||
// ->implementsInterface(AuthenticatorInterface::class) | ||
// ; | ||
|
||
// if ($isValidAuthenticator) { | ||
// We found an actual authenticator and not something else | ||
$authenticators[] = new Authenticator($authenticator, $firewallName, $customAuthenticatorClass); | ||
// } | ||
} | ||
} | ||
} | ||
|
||
return []; | ||
return $authenticators; | ||
} | ||
|
||
public function guessPasswordSetter(SymfonyStyle $io, string $userClass): string | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
<?php | ||
|
||
/* | ||
* This file is part of the Symfony MakerBundle package. | ||
* | ||
* (c) Fabien Potencier <fabien@symfony.com> | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
*/ | ||
|
||
namespace Symfony\Bundle\MakerBundle\Security\Model; | ||
|
||
/** | ||
* @author Jesse Rushlow<jr@rushlow.dev> | ||
* | ||
* @internal | ||
*/ | ||
final class Authenticator | ||
{ | ||
public function __construct( | ||
public AuthenticatorType $type, | ||
public string $firewallName, | ||
public ?string $authenticatorClass = null, | ||
) { | ||
} | ||
|
||
/** | ||
* Useful for asking questions like "Which authenticator do you want to use?". | ||
*/ | ||
public function __toString(): string | ||
{ | ||
return sprintf( | ||
'"%s" in the "%s" firewall', | ||
$this->authenticatorClass ?? $this->type->value, | ||
$this->firewallName, | ||
); | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
<?php | ||
|
||
/* | ||
* This file is part of the Symfony MakerBundle package. | ||
* | ||
* (c) Fabien Potencier <fabien@symfony.com> | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
*/ | ||
|
||
namespace Symfony\Bundle\MakerBundle\Security\Model; | ||
|
||
/** | ||
* @author Jesse Rushlow <jr@rushlow.dev> | ||
* | ||
* @internal | ||
*/ | ||
enum AuthenticatorType: string | ||
{ | ||
case FORM_LOGIN = 'form_login'; | ||
case JSON_LOGIN = 'json_login'; | ||
case HTTP_BASIC = 'http_basic'; | ||
case LOGIN_LINK = 'login_link'; | ||
case ACCESS_TOKEN = 'access_token'; | ||
case X509 = 'x509'; | ||
case REMOTE_USER = 'remote_user'; | ||
|
||
case CUSTOM = 'custom_authenticator'; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this stuff still need to be dynamic?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Dunno, I thought it was a good idea 2 years ago :D
I'll check haha If it doesn't - ill refactor the template before hitting the big ol merge buttonnope, i think i was going for "if they use another hasher interface..." but thats their problem to change the hasher signature here...done