diff --git a/UPGRADE-7.4.md b/UPGRADE-7.4.md
new file mode 100644
index 0000000000000..2333b9799f64c
--- /dev/null
+++ b/UPGRADE-7.4.md
@@ -0,0 +1,41 @@
+UPGRADE FROM 7.3 to 7.4
+=======================
+
+Symfony 7.4 is a minor release. According to the Symfony release process, there should be no significant
+backward compatibility breaks. Minor backward compatibility breaks are prefixed in this document with
+`[BC BREAK]`, make sure your code is compatible with these entries before upgrading.
+Read more about this in the [Symfony documentation](https://symfony.com/doc/7.4/setup/upgrade_minor.html).
+
+If you're upgrading from a version below 7.3, follow the [7.3 upgrade guide](UPGRADE-7.3.md) first.
+string in `UserInterface::getUserIdentifier()`
+
+SecurityBundle
+--------------
+
+ * Deprecate XML-configured custom authenticators and providers under security namespace; they must now have their own:
+
+ ```diff
+
+ + https://symfony.com/schema/dic/security/security-1.0.xsd
+ + http://example.com/schema http://example.com/schema.xsd">
+ +
+
+
+
+ -
+ -
+ -
+ +
+ +
+ +
+
+
+
+ ```
diff --git a/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md b/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md
index 77aa957331bd1..644e22bf2ba32 100644
--- a/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md
+++ b/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md
@@ -1,6 +1,37 @@
CHANGELOG
=========
+7.4
+---
+
+* Deprecate XML-configured custom authenticators and providers under security namespace; they must now have their own:
+
+ ```diff
+
+ + https://symfony.com/schema/dic/security/security-1.0.xsd
+ + http://example.com/schema http://example.com/schema.xsd">
+ +
+
+
+
+ -
+ -
+ -
+ +
+ +
+ +
+
+
+
+ ```
+
7.3
---
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomAuthenticatorTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomAuthenticatorTest.php
index e57cda13ff78d..47d92b6ba7db0 100644
--- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomAuthenticatorTest.php
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomAuthenticatorTest.php
@@ -12,6 +12,7 @@
namespace Symfony\Bundle\SecurityBundle\Tests\DependencyInjection;
use PHPUnit\Framework\TestCase;
+use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension;
use Symfony\Bundle\SecurityBundle\Tests\DependencyInjection\Fixtures\Authenticator\CustomAuthenticator;
use Symfony\Component\Config\FileLocator;
@@ -20,10 +21,12 @@
class XmlCustomAuthenticatorTest extends TestCase
{
+ use ExpectDeprecationTrait;
+
/**
- * @dataProvider provideXmlConfigurationFile
+ * @group legacy
*/
- public function testCustomProviderElement(string $configurationFile)
+ public function testCustomAuthenticatorElementUnderSecurityNamespace()
{
$container = new ContainerBuilder();
$container->setParameter('kernel.debug', false);
@@ -33,18 +36,30 @@ public function testCustomProviderElement(string $configurationFile)
$security->addAuthenticatorFactory(new CustomAuthenticator());
$container->registerExtension($security);
- (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load($configurationFile);
+ $this->expectDeprecation('Since symfony/security-bundle 7.4: Custom authenticators must now be namespaced; please update your security configuration "custom" tag.');
+ (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load('custom_authenticator_under_security_namespace.xml');
$container->getCompilerPassConfig()->setRemovingPasses([]);
$container->getCompilerPassConfig()->setAfterRemovingPasses([]);
$container->compile();
-
- $this->addToAssertionCount(1);
}
- public static function provideXmlConfigurationFile(): iterable
+ public function testCustomAuthenticatorElementUnderOwnNamespace()
{
- yield 'Custom authenticator element under SecurityBundle’s namespace' => ['custom_authenticator_under_security_namespace.xml'];
- yield 'Custom authenticator element under its own namespace' => ['custom_authenticator_under_own_namespace.xml'];
+ $container = new ContainerBuilder();
+ $container->setParameter('kernel.debug', false);
+ $container->register('cache.system', \stdClass::class);
+
+ $security = new SecurityExtension();
+ $security->addAuthenticatorFactory(new CustomAuthenticator());
+ $container->registerExtension($security);
+
+ (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load('custom_authenticator_under_own_namespace.xml');
+
+ $container->getCompilerPassConfig()->setRemovingPasses([]);
+ $container->getCompilerPassConfig()->setAfterRemovingPasses([]);
+ $container->compile();
+
+ $this->addToAssertionCount(1);
}
}
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomProviderTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomProviderTest.php
index a3f59fc299a24..88d46720ff381 100644
--- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomProviderTest.php
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomProviderTest.php
@@ -12,6 +12,7 @@
namespace Symfony\Bundle\SecurityBundle\Tests\DependencyInjection;
use PHPUnit\Framework\TestCase;
+use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension;
use Symfony\Bundle\SecurityBundle\Tests\DependencyInjection\Fixtures\UserProvider\CustomProvider;
use Symfony\Component\Config\FileLocator;
@@ -20,10 +21,12 @@
class XmlCustomProviderTest extends TestCase
{
+ use ExpectDeprecationTrait;
+
/**
- * @dataProvider provideXmlConfigurationFile
+ * @group legacy
*/
- public function testCustomProviderElement(string $configurationFile)
+ public function testCustomProviderElementUnderSecurityNamespace()
{
$container = new ContainerBuilder();
$container->setParameter('kernel.debug', false);
@@ -33,18 +36,30 @@ public function testCustomProviderElement(string $configurationFile)
$security->addUserProviderFactory(new CustomProvider());
$container->registerExtension($security);
- (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load($configurationFile);
+ $this->expectDeprecation('Since symfony/security-bundle 7.4: Custom providers must now be namespaced; please update your security configuration "custom" tag.');
+ (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load('custom_provider_under_security_namespace.xml');
$container->getCompilerPassConfig()->setRemovingPasses([]);
$container->getCompilerPassConfig()->setAfterRemovingPasses([]);
$container->compile();
-
- $this->addToAssertionCount(1);
}
- public static function provideXmlConfigurationFile(): iterable
+ public function testCustomProviderElementUnderOwnNamespace()
{
- yield 'Custom provider element under SecurityBundle’s namespace' => ['custom_provider_under_security_namespace.xml'];
- yield 'Custom provider element under its own namespace' => ['custom_provider_under_own_namespace.xml'];
+ $container = new ContainerBuilder();
+ $container->setParameter('kernel.debug', false);
+ $container->register('cache.system', \stdClass::class);
+
+ $security = new SecurityExtension();
+ $security->addUserProviderFactory(new CustomProvider());
+ $container->registerExtension($security);
+
+ (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load('custom_provider_under_own_namespace.xml');
+
+ $container->getCompilerPassConfig()->setRemovingPasses([]);
+ $container->getCompilerPassConfig()->setAfterRemovingPasses([]);
+ $container->compile();
+
+ $this->addToAssertionCount(1);
}
}
diff --git a/src/Symfony/Bundle/SecurityBundle/composer.json b/src/Symfony/Bundle/SecurityBundle/composer.json
index 7459b0175b95f..fc9af64486f7e 100644
--- a/src/Symfony/Bundle/SecurityBundle/composer.json
+++ b/src/Symfony/Bundle/SecurityBundle/composer.json
@@ -21,7 +21,7 @@
"ext-xml": "*",
"symfony/clock": "^6.4|^7.0",
"symfony/config": "^7.3",
- "symfony/dependency-injection": "^6.4.11|^7.1.4",
+ "symfony/dependency-injection": "^7.2",
"symfony/event-dispatcher": "^6.4|^7.0",
"symfony/http-kernel": "^6.4|^7.0",
"symfony/http-foundation": "^6.4|^7.0",
diff --git a/src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php b/src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php
index f596980663f15..21a5e14bac1a2 100644
--- a/src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php
+++ b/src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php
@@ -458,6 +458,8 @@ private function parseFileToDOM(string $file): \DOMDocument
try {
$dom = XmlUtils::loadFile($file, $this->validateSchema(...));
} catch (\InvalidArgumentException $e) {
+ // When starting the 8.0 branch, this whole catch block should be replaced by the line below:
+ // throw new InvalidArgumentException(\sprintf('Unable to parse file "%s": ', $file).$e->getMessage(), $e->getCode(), $e);
$invalidSecurityElements = [];
$errors = explode("\n", $e->getMessage());
foreach ($errors as $i => $error) {
@@ -477,6 +479,8 @@ private function parseFileToDOM(string $file): \DOMDocument
continue;
}
if ('provider' === $parent->localName || 'firewall' === $parent->localName) {
+ trigger_deprecation('symfony/security-bundle', '7.4', 'Custom %s must now be namespaced; please update your security configuration "%s" tag.', 'provider' === $parent->localName ? 'providers' : 'authenticators', $tagName);
+
unset($errors[$errorIndex]);
}
}