Skip to content

Commit fef06f2

Browse files
fabpotfabpot
committed
feature #41247 [Security] Deprecate the old authentication mechanisms (chalasr)
This PR was merged into the 5.3-dev branch. Discussion ---------- [Security] Deprecate the old authentication mechanisms | Q | A | ------------- | --- | Branch? | 5.3 | Bug fix? | no | New feature? | no | Deprecations? | yes/ | Tickets | #39308 | License | MIT | Doc PR | todo Now that the authenticator system proven working well and is considered stable, we can deprecate the old authentication listeners as well as the Guard component (+ integrations). Commits ------- 0bb3964 [Security] Deprecate the old authentication mechanisms
2 parents 4382181 + 0bb3964 commit fef06f2

File tree

190 files changed

+2042
-141
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

190 files changed

+2042
-141
lines changed

UPGRADE-5.3.md

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -205,6 +205,15 @@ Security
205205
* Deprecate all classes in the `Core\Encoder\` sub-namespace, use the `PasswordHasher` component instead
206206
* Deprecated voters that do not return a valid decision when calling the `vote` method
207207
* [BC break] Add optional array argument `$badges` to `UserAuthenticatorInterface::authenticateUser()`
208+
* Deprecate `AuthenticationManagerInterface`, `AuthenticationProviderManager`, `AnonymousAuthenticationProvider`,
209+
`AuthenticationProviderInterface`, `DaoAuthenticationProvider`, `LdapBindAuthenticationProvider`,
210+
`PreAuthenticatedAuthenticationProvider`, `RememberMeAuthenticationProvider`, `UserAuthenticationProvider` and
211+
`AuthenticationFailureEvent` from security-core, use the new authenticator system instead
212+
* Deprecate `AbstractAuthenticationListener`, `AbstractPreAuthenticatedListener`, `AnonymousAuthenticationListener`,
213+
`BasicAuthenticationListener`, `RememberMeListener`, `RemoteUserAuthenticationListener`,
214+
`UsernamePasswordFormAuthenticationListener`, `UsernamePasswordJsonAuthenticationListener` and `X509AuthenticationListener`
215+
from security-http, use the new authenticator system instead
216+
* Deprecate the Guard component, use the new authenticator system instead
208217

209218
SecurityBundle
210219
--------------
@@ -218,6 +227,10 @@ SecurityBundle
218227
* Deprecate the `security.user_password_encoder.generic` service, the `security.password_encoder` and the `Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface` aliases,
219228
use `security.user_password_hasher`, `security.password_hasher` and `Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface` instead
220229
* Deprecate the public `security.authorization_checker` and `security.token_storage` services to private
230+
* Not setting the `enable_authenticator_manager` config option to `true` is deprecated
231+
* Deprecate the `security.authentication.provider.*` services, use the new authenticator system instead
232+
* Deprecate the `security.authentication.listener.*` services, use the new authenticator system instead
233+
* Deprecate the Guard component integration, use the new authenticator system instead
221234

222235
Serializer
223236
----------

UPGRADE-6.0.md

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -293,6 +293,15 @@ Security
293293
`DefaultAuthenticationSuccessHandler`.
294294
* Removed the `AbstractRememberMeServices::$providerKey` property in favor of `AbstractRememberMeServices::$firewallName`
295295
* `AccessDecisionManager` now throw an exception when a voter does not return a valid decision.
296+
* Remove `AuthenticationManagerInterface`, `AuthenticationProviderManager`, `AnonymousAuthenticationProvider`,
297+
`AuthenticationProviderInterface`, `DaoAuthenticationProvider`, `LdapBindAuthenticationProvider`,
298+
`PreAuthenticatedAuthenticationProvider`, `RememberMeAuthenticationProvider`, `UserAuthenticationProvider` and
299+
`AuthenticationFailureEvent` from security-core, use the new authenticator system instead
300+
* Remove `AbstractAuthenticationListener`, `AbstractPreAuthenticatedListener`, `AnonymousAuthenticationListener`,
301+
`BasicAuthenticationListener`, `RememberMeListener`, `RemoteUserAuthenticationListener`,
302+
`UsernamePasswordFormAuthenticationListener`, `UsernamePasswordJsonAuthenticationListener` and `X509AuthenticationListener`
303+
from security-http, use the new authenticator system instead
304+
* Remove the Guard component, use the new authenticator system instead
296305

297306
SecurityBundle
298307
--------------
@@ -304,6 +313,10 @@ SecurityBundle
304313
* Remove the `security.user_password_encoder.generic` service, the `security.password_encoder` and the `Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface` aliases,
305314
use `security.user_password_hasher`, `security.password_hasher` and `Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface` instead
306315
* The `security.authorization_checker` and `security.token_storage` services are now private
316+
* Not setting the `enable_authenticator_manager` option to `true` now throws an exception
317+
* Remove the `security.authentication.provider.*` services, use the new authenticator system instead
318+
* Remove the `security.authentication.listener.*` services, use the new authenticator system instead
319+
* Remove the Guard component integration, use the new authenticator system instead
307320

308321
Serializer
309322
----------

src/Symfony/Bundle/FrameworkBundle/Tests/Functional/app/Security/config.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@ services:
88
- container.service_subscriber
99

1010
security:
11+
enable_authenticator_manager: true
12+
1113
providers:
1214
main:
1315
memory:
@@ -30,3 +32,6 @@ security:
3032
form_login:
3133
check_path: /custom/login/check
3234
provider: custom
35+
36+
access_control:
37+
- { path: '^/main/user_profile$', roles: IS_AUTHENTICATED_FULLY }

src/Symfony/Bundle/SecurityBundle/CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,10 @@ CHANGELOG
1717
* Deprecate the `security.user_password_encoder.generic` service, the `security.password_encoder` and the `Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface` aliases,
1818
use `security.user_password_hasher`, `security.password_hasher` and `Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface` instead
1919
* Deprecate the public `security.authorization_checker` and `security.token_storage` services to private
20+
* Not setting the `enable_authenticator_manager` config option to `true` is deprecated
21+
* Deprecate the `security.authentication.provider.*` services, use the new authenticator system instead
22+
* Deprecate the `security.authentication.listener.*` services, use the new authenticator system instead
23+
* Deprecate the Guard component integration, use the new authenticator system instead
2024

2125
5.2.0
2226
-----

src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AnonymousFactory.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,8 @@
2121
* @author Wouter de Jong <wouter@wouterj.nl>
2222
*
2323
* @internal
24+
*
25+
* @deprecated since Symfony 5.3, use the new authenticator system instead
2426
*/
2527
class AnonymousFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface
2628
{

src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -130,6 +130,8 @@ public function load(array $configs, ContainerBuilder $container)
130130
$container->getDefinition('security.authorization_checker')->setArgument(4, false);
131131
$container->getDefinition('security.authorization_checker')->setArgument(5, false);
132132
} else {
133+
trigger_deprecation('symfony/security-bundle', '5.3', 'Not setting the "security.enable_authenticator_manager" config option to true is deprecated.');
134+
133135
$loader->load('security_legacy.php');
134136
}
135137

src/Symfony/Bundle/SecurityBundle/Resources/config/guard.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,8 +24,10 @@
2424
abstract_arg('stateless firewall keys'),
2525
])
2626
->call('setSessionAuthenticationStrategy', [service('security.authentication.session_strategy')])
27+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
2728

2829
->alias(GuardAuthenticatorHandler::class, 'security.authentication.guard_handler')
30+
->deprecate('symfony/security-bundle', '5.3', 'The "%alias_id%" alias is deprecated, use the new authenticator system instead.')
2931

3032
->set('security.authentication.provider.guard', GuardAuthenticationProvider::class)
3133
->abstract()
@@ -36,6 +38,7 @@
3638
abstract_arg('User Checker'),
3739
service('security.password_hasher'),
3840
])
41+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
3942

4043
->set('security.authentication.listener.guard', GuardAuthenticationListener::class)
4144
->abstract()
@@ -48,5 +51,6 @@
4851
param('security.authentication.hide_user_not_found'),
4952
])
5053
->tag('monolog.logger', ['channel' => 'security'])
54+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
5155
;
5256
};

src/Symfony/Bundle/SecurityBundle/Resources/config/security_authenticator.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -62,6 +62,7 @@
6262

6363
->set('security.authentication.manager', NoopAuthenticationManager::class)
6464
->alias(AuthenticationManagerInterface::class, 'security.authentication.manager')
65+
->deprecate('symfony/security-bundle', '5.3', 'The "%alias_id%" alias is deprecated, use the new authenticator system instead.')
6566

6667
->set('security.firewall.authenticator', AuthenticatorManagerListener::class)
6768
->abstract()

src/Symfony/Bundle/SecurityBundle/Resources/config/security_authenticator_login_link.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,6 @@
7373
service('doctrine'),
7474
abstract_arg('user entity class name'),
7575
])
76-
76+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
7777
;
7878
};

src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -49,9 +49,11 @@
4949
service('security.authentication.manager'),
5050
])
5151
->tag('monolog.logger', ['channel' => 'security'])
52+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
5253

5354
->set('security.authentication.provider.anonymous', AnonymousAuthenticationProvider::class)
5455
->args([abstract_arg('Key')])
56+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
5557

5658
->set('security.authentication.retry_entry_point', RetryAuthenticationEntryPoint::class)
5759
->args([
@@ -161,6 +163,7 @@
161163
->set('security.authentication.listener.form', UsernamePasswordFormAuthenticationListener::class)
162164
->parent('security.authentication.listener.abstract')
163165
->abstract()
166+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
164167

165168
->set('security.authentication.listener.x509', X509AuthenticationListener::class)
166169
->abstract()
@@ -174,6 +177,7 @@
174177
service('event_dispatcher')->nullOnInvalid(),
175178
])
176179
->tag('monolog.logger', ['channel' => 'security'])
180+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
177181

178182
->set('security.authentication.listener.json', UsernamePasswordJsonAuthenticationListener::class)
179183
->abstract()
@@ -191,6 +195,7 @@
191195
])
192196
->call('setTranslator', [service('translator')->ignoreOnInvalid()])
193197
->tag('monolog.logger', ['channel' => 'security'])
198+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
194199

195200
->set('security.authentication.listener.remote_user', RemoteUserAuthenticationListener::class)
196201
->abstract()
@@ -203,6 +208,7 @@
203208
service('event_dispatcher')->nullOnInvalid(),
204209
])
205210
->tag('monolog.logger', ['channel' => 'security'])
211+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
206212

207213
->set('security.authentication.listener.basic', BasicAuthenticationListener::class)
208214
->abstract()
@@ -214,6 +220,7 @@
214220
service('logger')->nullOnInvalid(),
215221
])
216222
->tag('monolog.logger', ['channel' => 'security'])
223+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
217224

218225
->set('security.authentication.provider.dao', DaoAuthenticationProvider::class)
219226
->abstract()
@@ -224,6 +231,7 @@
224231
service('security.password_hasher_factory'),
225232
param('security.authentication.hide_user_not_found'),
226233
])
234+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
227235

228236
->set('security.authentication.provider.ldap_bind', LdapBindAuthenticationProvider::class)
229237
->abstract()
@@ -237,13 +245,15 @@
237245
abstract_arg('search dn'),
238246
abstract_arg('search password'),
239247
])
248+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
240249

241250
->set('security.authentication.provider.pre_authenticated', PreAuthenticatedAuthenticationProvider::class)
242251
->abstract()
243252
->args([
244253
abstract_arg('User Provider'),
245254
abstract_arg('UserChecker'),
246255
])
256+
->deprecate('symfony/security-bundle', '5.3', 'The "%service_id%" service is deprecated, use the new authenticator system instead.')
247257

248258
->set('security.exception_listener', ExceptionListener::class)
249259
->abstract()

0 commit comments

Comments
 (0)