Skip to content

[Security] Deprecate PassportInterface #42198

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 6, 2021
Merged

[Security] Deprecate PassportInterface #42198

merged 1 commit into from
Aug 6, 2021

Conversation

chalasr
Copy link
Member

@chalasr chalasr commented Jul 19, 2021
edited
Loading

Q A
Branch? 5.4
Bug fix? no
New feature? no
Deprecations? yes
Tickets -
License MIT
Doc PR -

As explained in #42181, the right extension point is badges, not passports.

Also renames AuthenticatorInterface::createAuthenticatedToken() to createToken() because of the signature change and the recent abandon of the authenticated state for tokens.

@chalasr chalasr requested a review from wouterj as a code owner July 19, 2021 19:13
@carsonbot carsonbot changed the title [Security] Deprecate PassportInterface Deprecate PassportInterface Jul 19, 2021
@carsonbot carsonbot changed the title Deprecate PassportInterface [Security] Deprecate PassportInterface Jul 19, 2021
@chalasr chalasr force-pushed the burn-passport-inter branch from b001801 to 0652225 Compare July 19, 2021 19:13
@wouterj wouterj added this to the 5.4 milestone Jul 19, 2021
@wouterj wouterj changed the title [Security] Deprecate PassportInterface [WIP] [Security] Deprecate PassportInterface Jul 19, 2021
@chalasr chalasr force-pushed the burn-passport-inter branch from 0652225 to c1c2d5b Compare July 21, 2021 10:00
stof
stof reviewed Jul 21, 2021
View reviewed changes
src/Symfony/Component/Security/Http/Authenticator/AuthenticatorInterface.php
*/
public function authenticate(Request $request): PassportInterface;
public function authenticate(Request $request); /*: Passport;*/
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, maybe we should keep the existing return type while documenting the new one, instead of widening the explicit return type now (the new one is only documented anyway).

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 if the DebugClassLoader still correctly reports the deprecation.

Copy link
Member Author

@chalasr chalasr Jul 23, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Keeping the return type would forbid upgrading userland authenticators on PHP versions prior to 7.4 https://3v4l.org/LcLRN#veol

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see much issue in requiring a user to be on PHP 7.4 to fix a deprecation (i.e. it's not breaking support for older versions, it's just triggering a deprecation if you stay on : PassportInterface). They would need PHP 8 anyways if they want to upgrade to Symfony 6 and even PHP 7.4 will be eom when we release Symfony 5.4.

Copy link
Member Author

@chalasr chalasr Jul 24, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pushing our users to upgrade their PHP versions has never been our take, at least not by making symfony upgrades harder. Moreover, that would break our CI on 7.2 given that core authenticators have been upgraded.

@chalasr chalasr force-pushed the burn-passport-inter branch 5 times, most recently from e2dfd5f to db572e3 Compare July 23, 2021 22:36
@chalasr chalasr changed the title [WIP] [Security] Deprecate PassportInterface [Security] Deprecate PassportInterface Jul 23, 2021
@chalasr chalasr force-pushed the burn-passport-inter branch from db572e3 to 234a423 Compare July 23, 2021 23:37
@chalasr
Copy link
Member Author

chalasr commented Jul 24, 2021

Renamed createAuthenticatedToken() to createToken because of the argument type change which is BC breaking on PHP < 7.4.
That seems to be a good move anyway as 6.0 does not have authenticated tokens, just tokens (#42050).

PR is ready.

@chalasr chalasr force-pushed the burn-passport-inter branch from 234a423 to a446030 Compare August 6, 2021 11:22
@fabpot
Copy link
Member

fabpot commented Aug 6, 2021

Thank you @chalasr.

@fabpot fabpot mentioned this pull request Aug 6, 2021
Closed
@fabpot fabpot merged commit 810599d into symfony:5.4 Aug 6, 2021
@chalasr chalasr deleted the burn-passport-inter branch August 6, 2021 11:32
@mbabker mbabker mentioned this pull request Aug 11, 2021
Merged
This was referenced Nov 5, 2021
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stof stof stof left review comments

@wouterj wouterj wouterj left review comments

@fabpot fabpot fabpot approved these changes

Assignees
No one assigned
Labels
Deprecation Security Status: Reviewed
Projects
None yet
Milestone
5.4
Development

Successfully merging this pull request may close these issues.
5 participants
@chalasr @fabpot @stof @wouterj @carsonbot