Skip to content

[Security] Deprecate built-in authentication entry points #42516

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 16, 2021
Merged

[Security] Deprecate built-in authentication entry points #42516

merged 1 commit into from
Aug 16, 2021

Conversation

wouterj
Copy link
Member

@wouterj wouterj commented Aug 12, 2021

Q A
Branch? 5.4
Bug fix? no
New feature? no
Deprecations? yes
Tickets Ref #41613
License MIT
Doc PR tbd

The last item from #41613.

Entry point logic is now included in the related build in authenticators, we should deprecate these unused classes (and remove them in 6.0). The interface has to be kept, as this implemented by the authenticators (and can be used to customize the entry points in an app).

I've also deprecated the retry entry point and included the code in ChannelListener directly. This entry point has never made sense to me, as it's not related to authentication imho.

@wouterj wouterj requested a review from chalasr as a code owner August 12, 2021 19:33
@wouterj wouterj mentioned this pull request Aug 12, 2021
Merged
@wouterj wouterj force-pushed the pull-41613/entry-point branch from 2aa052f to 9ca3cc7 Compare August 12, 2021 19:41
Nyholm
Nyholm requested changes Aug 12, 2021
View reviewed changes
Copy link
Member

@Nyholm Nyholm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you. I've just have one question.

Apart from that Im happy with the PR.

@javiereguiluz javiereguiluz changed the title [Security] Deprecated build-in authentication entry points [Security] Deprecated built-in authentication entry points Aug 13, 2021
@wouterj wouterj force-pushed the pull-41613/entry-point branch from 9ca3cc7 to c85fadd Compare August 14, 2021 18:28
@wouterj
Copy link
Member Author

wouterj commented Aug 14, 2021

Psalm error is expected (due to the BC layer). This PR is ready

@wouterj wouterj force-pushed the pull-41613/entry-point branch 2 times, most recently from 3dd4145 to 85eee2f Compare August 15, 2021 11:39
chalasr
chalasr reviewed Aug 15, 2021
View reviewed changes
@wouterj
[Security] Deprecated build-in authentication entry points
c247b37 
This logic is now included in the authenticators
@wouterj wouterj force-pushed the pull-41613/entry-point branch from 85eee2f to c247b37 Compare August 15, 2021 12:35
@fabpot fabpot changed the title [Security] Deprecated built-in authentication entry points [Security] Deprecate built-in authentication entry points Aug 16, 2021
@fabpot
Copy link
Member

fabpot commented Aug 16, 2021

Thank you @wouterj.

@fabpot fabpot mentioned this pull request Aug 16, 2021
Closed
@fabpot fabpot merged commit 7f63fff into symfony:5.4 Aug 16, 2021
@wouterj wouterj deleted the pull-41613/entry-point branch August 16, 2021 08:06
This was referenced Nov 5, 2021
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Nyholm Nyholm Nyholm requested changes

@fabpot fabpot fabpot approved these changes

@chalasr chalasr chalasr approved these changes

Assignees
No one assigned
Labels
Deprecation Security Status: Reviewed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@wouterj @fabpot @Nyholm @chalasr @carsonbot