Permalink
Browse files

feature #24446 [Security] Remove GuardAuthenticatorInterface (chalasr)

This PR was merged into the 4.0-dev branch.

Discussion
----------

[Security] Remove GuardAuthenticatorInterface

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | yes
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | n/a
| License       | MIT
| Doc PR        | symfony/symfony-docs#8485

Removes BC layers for #16835.

Commits
-------

3408152 [Security][Guard] Remove GuardAuthenticatorInterface
  • Loading branch information...
fabpot committed Oct 5, 2017
2 parents 0958fc4 + 3408152 commit 75fe1fc1290cd882ddff3d371577ccc3001d8393
@@ -11,6 +11,8 @@ CHANGELOG
* removed support for voters that don't implement the `VoterInterface`
* added a sixth `string $context` argument to `LogoutUrlGenerator::registerListener()`
* removed HTTP digest authentication
* removed `GuardAuthenticatorInterface` in favor of `AuthenticatorInterface`
* removed `AbstractGuardAuthenticator::supports()`
3.4.0
-----
@@ -11,7 +11,6 @@
namespace Symfony\Component\Security\Guard;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken;
@@ -22,18 +21,6 @@
*/
abstract class AbstractGuardAuthenticator implements AuthenticatorInterface
{
/**
* {@inheritdoc}
*
* @deprecated since version 3.4, to be removed in 4.0
*/
public function supports(Request $request)
{
@trigger_error(sprintf('The "%s()" method is deprecated since version 3.4 and will be removed in 4.0. Implement the "%s::supports()" method in class "%s" instead.', __METHOD__, AuthenticatorInterface::class, get_class($this)), E_USER_DEPRECATED);
return true;
}
/**
* Shortcut to create a PostAuthenticationGuardToken for you, if you don't really
* care about which authenticated token you're using.
@@ -12,6 +12,13 @@
namespace Symfony\Component\Security\Guard;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Guard\Token\GuardTokenInterface;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
/**
* The interface for all "guard" authenticators.
@@ -23,7 +30,7 @@
* @author Ryan Weaver <ryan@knpuniversity.com>
* @author Amaury Leroux de Lens <amaury@lerouxdelens.com>
*/
interface AuthenticatorInterface extends GuardAuthenticatorInterface
interface AuthenticatorInterface extends AuthenticationEntryPointInterface
{
/**
* Does the authenticator support the given Request?
@@ -60,4 +67,104 @@ public function supports(Request $request);
* @throws \UnexpectedValueException If null is returned
*/
public function getCredentials(Request $request);
/**
* Return a UserInterface object based on the credentials.
*
* The *credentials* are the return value from getCredentials()
*
* You may throw an AuthenticationException if you wish. If you return
* null, then a UsernameNotFoundException is thrown for you.
*
* @param mixed $credentials
* @param UserProviderInterface $userProvider
*
* @throws AuthenticationException
*
* @return UserInterface|null
*/
public function getUser($credentials, UserProviderInterface $userProvider);
/**
* Returns true if the credentials are valid.
*
* If any value other than true is returned, authentication will
* fail. You may also throw an AuthenticationException if you wish
* to cause authentication to fail.
*
* The *credentials* are the return value from getCredentials()
*
* @param mixed $credentials
* @param UserInterface $user
*
* @return bool
*
* @throws AuthenticationException
*/
public function checkCredentials($credentials, UserInterface $user);
/**
* Create an authenticated token for the given user.
*
* If you don't care about which token class is used or don't really
* understand what a "token" is, you can skip this method by extending
* the AbstractGuardAuthenticator class from your authenticator.
*
* @see AbstractGuardAuthenticator
*
* @param UserInterface $user
* @param string $providerKey The provider (i.e. firewall) key
*
* @return GuardTokenInterface
*/
public function createAuthenticatedToken(UserInterface $user, $providerKey);
/**
* Called when authentication executed, but failed (e.g. wrong username password).
*
* This should return the Response sent back to the user, like a
* RedirectResponse to the login page or a 403 response.
*
* If you return null, the request will continue, but the user will
* not be authenticated. This is probably not what you want to do.
*
* @param Request $request
* @param AuthenticationException $exception
*
* @return Response|null
*/
public function onAuthenticationFailure(Request $request, AuthenticationException $exception);
/**
* Called when authentication executed and was successful!
*
* This should return the Response sent back to the user, like a
* RedirectResponse to the last page they visited.
*
* If you return null, the current request will continue, and the user
* will be authenticated. This makes sense, for example, with an API.
*
* @param Request $request
* @param TokenInterface $token
* @param string $providerKey The provider (i.e. firewall) key
*
* @return Response|null
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey);
/**
* Does this method support remember me cookies?
*
* Remember me cookie will be set if *all* of the following are met:
* A) This method returns true
* B) The remember_me key under your firewall is configured
* C) The "remember me" functionality is activated. This is usually
* done by having a _remember_me checkbox in your form, but
* can be configured by the "always_remember_me" and "remember_me_parameter"
* parameters under the "remember_me" firewall key
* D) The onAuthenticationSuccess method returns a Response object
*
* @return bool
*/
public function supportsRememberMe();
}
@@ -15,10 +15,9 @@
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
use Symfony\Component\Security\Guard\GuardAuthenticatorInterface;
use Symfony\Component\Security\Guard\AuthenticatorInterface;
use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Guard\AuthenticatorInterface;
use Psr\Log\LoggerInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
@@ -94,7 +93,7 @@ public function handle(GetResponseEvent $event)
}
}
private function executeGuardAuthenticator($uniqueGuardKey, GuardAuthenticatorInterface $guardAuthenticator, GetResponseEvent $event)
private function executeGuardAuthenticator($uniqueGuardKey, AuthenticatorInterface $guardAuthenticator, GetResponseEvent $event)
{
$request = $event->getRequest();
try {
@@ -103,27 +102,14 @@ private function executeGuardAuthenticator($uniqueGuardKey, GuardAuthenticatorIn
}
// abort the execution of the authenticator if it doesn't support the request
if ($guardAuthenticator instanceof AuthenticatorInterface) {
if (!$guardAuthenticator->supports($request)) {
return;
}
// as there was a support for given request,
// authenticator is expected to give not-null credentials.
$credentialsCanBeNull = false;
} else {
// deprecated since version 3.4, to be removed in 4.0
$credentialsCanBeNull = true;
if (!$guardAuthenticator->supports($request)) {
return;
}
// allow the authenticator to fetch authentication info from the request
$credentials = $guardAuthenticator->getCredentials($request);
if (null === $credentials) {
// deprecated since version 3.4, to be removed in 4.0
if ($credentialsCanBeNull) {
return;
}
throw new \UnexpectedValueException(sprintf('The return value of "%s::getCredentials()" must not be null. Return false from "%s::supports()" instead.', get_class($guardAuthenticator), get_class($guardAuthenticator)));
}
@@ -196,7 +182,7 @@ public function setRememberMeServices(RememberMeServicesInterface $rememberMeSer
* @param TokenInterface $token
* @param Response $response
*/
private function triggerRememberMe(GuardAuthenticatorInterface $guardAuthenticator, Request $request, TokenInterface $token, Response $response = null)
private function triggerRememberMe(AuthenticatorInterface $guardAuthenticator, Request $request, TokenInterface $token, Response $response = null)
{
if (null === $this->rememberMeServices) {
if (null !== $this->logger) {
@@ -70,7 +70,7 @@ public function authenticateWithToken(TokenInterface $token, Request $request)
*
* @return null|Response
*/
public function handleAuthenticationSuccess(TokenInterface $token, Request $request, GuardAuthenticatorInterface $guardAuthenticator, $providerKey)
public function handleAuthenticationSuccess(TokenInterface $token, Request $request, AuthenticatorInterface $guardAuthenticator, $providerKey)
{
$response = $guardAuthenticator->onAuthenticationSuccess($request, $token, $providerKey);
@@ -97,7 +97,7 @@ public function handleAuthenticationSuccess(TokenInterface $token, Request $requ
*
* @return Response|null
*/
public function authenticateUserAndHandleSuccess(UserInterface $user, Request $request, GuardAuthenticatorInterface $authenticator, $providerKey)
public function authenticateUserAndHandleSuccess(UserInterface $user, Request $request, AuthenticatorInterface $authenticator, $providerKey)
{
// create an authenticated token for the User
$token = $authenticator->createAuthenticatedToken($user, $providerKey);
@@ -119,7 +119,7 @@ public function authenticateUserAndHandleSuccess(UserInterface $user, Request $r
*
* @return null|Response
*/
public function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, GuardAuthenticatorInterface $guardAuthenticator, $providerKey)
public function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, AuthenticatorInterface $guardAuthenticator, $providerKey)
{
$token = $this->tokenStorage->getToken();
if ($token instanceof PostAuthenticationGuardToken && $providerKey === $token->getProviderKey()) {
Oops, something went wrong.

0 comments on commit 75fe1fc

Please sign in to comment.