From 599050daead688a447e82c0b71bea14c2828b2fb Mon Sep 17 00:00:00 2001 From: MatTheCat Date: Sat, 31 Aug 2024 11:10:59 +0200 Subject: [PATCH] [SecurityBundle] Deprecate XML-configured custom authenticators and providers under security namespace --- UPGRADE-7.4.md | 41 +++++++++++++++++++ .../Bundle/SecurityBundle/CHANGELOG.md | 31 ++++++++++++++ .../XmlCustomAuthenticatorTest.php | 31 ++++++++++---- .../XmlCustomProviderTest.php | 31 ++++++++++---- .../Bundle/SecurityBundle/composer.json | 2 +- .../Loader/XmlFileLoader.php | 4 ++ 6 files changed, 123 insertions(+), 17 deletions(-) create mode 100644 UPGRADE-7.4.md diff --git a/UPGRADE-7.4.md b/UPGRADE-7.4.md new file mode 100644 index 000000000000..2333b9799f64 --- /dev/null +++ b/UPGRADE-7.4.md @@ -0,0 +1,41 @@ +UPGRADE FROM 7.3 to 7.4 +======================= + +Symfony 7.4 is a minor release. According to the Symfony release process, there should be no significant +backward compatibility breaks. Minor backward compatibility breaks are prefixed in this document with +`[BC BREAK]`, make sure your code is compatible with these entries before upgrading. +Read more about this in the [Symfony documentation](https://symfony.com/doc/7.4/setup/upgrade_minor.html). + +If you're upgrading from a version below 7.3, follow the [7.3 upgrade guide](UPGRADE-7.3.md) first. +string in `UserInterface::getUserIdentifier()` + +SecurityBundle +-------------- + + * Deprecate XML-configured custom authenticators and providers under security namespace; they must now have their own: + + ```diff + + + https://symfony.com/schema/dic/security/security-1.0.xsd + + http://example.com/schema http://example.com/schema.xsd"> + + + + + + - + - + - + + + + + + + + + + ``` diff --git a/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md b/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md index 77aa957331bd..644e22bf2ba3 100644 --- a/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md +++ b/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md @@ -1,6 +1,37 @@ CHANGELOG ========= +7.4 +--- + +* Deprecate XML-configured custom authenticators and providers under security namespace; they must now have their own: + + ```diff + + + https://symfony.com/schema/dic/security/security-1.0.xsd + + http://example.com/schema http://example.com/schema.xsd"> + + + + + + - + - + - + + + + + + + + + + ``` + 7.3 --- diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomAuthenticatorTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomAuthenticatorTest.php index e57cda13ff78..47d92b6ba7db 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomAuthenticatorTest.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomAuthenticatorTest.php @@ -12,6 +12,7 @@ namespace Symfony\Bundle\SecurityBundle\Tests\DependencyInjection; use PHPUnit\Framework\TestCase; +use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait; use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension; use Symfony\Bundle\SecurityBundle\Tests\DependencyInjection\Fixtures\Authenticator\CustomAuthenticator; use Symfony\Component\Config\FileLocator; @@ -20,10 +21,12 @@ class XmlCustomAuthenticatorTest extends TestCase { + use ExpectDeprecationTrait; + /** - * @dataProvider provideXmlConfigurationFile + * @group legacy */ - public function testCustomProviderElement(string $configurationFile) + public function testCustomAuthenticatorElementUnderSecurityNamespace() { $container = new ContainerBuilder(); $container->setParameter('kernel.debug', false); @@ -33,18 +36,30 @@ public function testCustomProviderElement(string $configurationFile) $security->addAuthenticatorFactory(new CustomAuthenticator()); $container->registerExtension($security); - (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load($configurationFile); + $this->expectDeprecation('Since symfony/security-bundle 7.4: Custom authenticators must now be namespaced; please update your security configuration "custom" tag.'); + (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load('custom_authenticator_under_security_namespace.xml'); $container->getCompilerPassConfig()->setRemovingPasses([]); $container->getCompilerPassConfig()->setAfterRemovingPasses([]); $container->compile(); - - $this->addToAssertionCount(1); } - public static function provideXmlConfigurationFile(): iterable + public function testCustomAuthenticatorElementUnderOwnNamespace() { - yield 'Custom authenticator element under SecurityBundle’s namespace' => ['custom_authenticator_under_security_namespace.xml']; - yield 'Custom authenticator element under its own namespace' => ['custom_authenticator_under_own_namespace.xml']; + $container = new ContainerBuilder(); + $container->setParameter('kernel.debug', false); + $container->register('cache.system', \stdClass::class); + + $security = new SecurityExtension(); + $security->addAuthenticatorFactory(new CustomAuthenticator()); + $container->registerExtension($security); + + (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load('custom_authenticator_under_own_namespace.xml'); + + $container->getCompilerPassConfig()->setRemovingPasses([]); + $container->getCompilerPassConfig()->setAfterRemovingPasses([]); + $container->compile(); + + $this->addToAssertionCount(1); } } diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomProviderTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomProviderTest.php index a3f59fc299a2..88d46720ff38 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomProviderTest.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/XmlCustomProviderTest.php @@ -12,6 +12,7 @@ namespace Symfony\Bundle\SecurityBundle\Tests\DependencyInjection; use PHPUnit\Framework\TestCase; +use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait; use Symfony\Bundle\SecurityBundle\DependencyInjection\SecurityExtension; use Symfony\Bundle\SecurityBundle\Tests\DependencyInjection\Fixtures\UserProvider\CustomProvider; use Symfony\Component\Config\FileLocator; @@ -20,10 +21,12 @@ class XmlCustomProviderTest extends TestCase { + use ExpectDeprecationTrait; + /** - * @dataProvider provideXmlConfigurationFile + * @group legacy */ - public function testCustomProviderElement(string $configurationFile) + public function testCustomProviderElementUnderSecurityNamespace() { $container = new ContainerBuilder(); $container->setParameter('kernel.debug', false); @@ -33,18 +36,30 @@ public function testCustomProviderElement(string $configurationFile) $security->addUserProviderFactory(new CustomProvider()); $container->registerExtension($security); - (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load($configurationFile); + $this->expectDeprecation('Since symfony/security-bundle 7.4: Custom providers must now be namespaced; please update your security configuration "custom" tag.'); + (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load('custom_provider_under_security_namespace.xml'); $container->getCompilerPassConfig()->setRemovingPasses([]); $container->getCompilerPassConfig()->setAfterRemovingPasses([]); $container->compile(); - - $this->addToAssertionCount(1); } - public static function provideXmlConfigurationFile(): iterable + public function testCustomProviderElementUnderOwnNamespace() { - yield 'Custom provider element under SecurityBundle’s namespace' => ['custom_provider_under_security_namespace.xml']; - yield 'Custom provider element under its own namespace' => ['custom_provider_under_own_namespace.xml']; + $container = new ContainerBuilder(); + $container->setParameter('kernel.debug', false); + $container->register('cache.system', \stdClass::class); + + $security = new SecurityExtension(); + $security->addUserProviderFactory(new CustomProvider()); + $container->registerExtension($security); + + (new XmlFileLoader($container, new FileLocator(__DIR__.'/Fixtures/xml')))->load('custom_provider_under_own_namespace.xml'); + + $container->getCompilerPassConfig()->setRemovingPasses([]); + $container->getCompilerPassConfig()->setAfterRemovingPasses([]); + $container->compile(); + + $this->addToAssertionCount(1); } } diff --git a/src/Symfony/Bundle/SecurityBundle/composer.json b/src/Symfony/Bundle/SecurityBundle/composer.json index 7459b0175b95..fc9af64486f7 100644 --- a/src/Symfony/Bundle/SecurityBundle/composer.json +++ b/src/Symfony/Bundle/SecurityBundle/composer.json @@ -21,7 +21,7 @@ "ext-xml": "*", "symfony/clock": "^6.4|^7.0", "symfony/config": "^7.3", - "symfony/dependency-injection": "^6.4.11|^7.1.4", + "symfony/dependency-injection": "^7.2", "symfony/event-dispatcher": "^6.4|^7.0", "symfony/http-kernel": "^6.4|^7.0", "symfony/http-foundation": "^6.4|^7.0", diff --git a/src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php b/src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php index f596980663f1..21a5e14bac1a 100644 --- a/src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php +++ b/src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php @@ -458,6 +458,8 @@ private function parseFileToDOM(string $file): \DOMDocument try { $dom = XmlUtils::loadFile($file, $this->validateSchema(...)); } catch (\InvalidArgumentException $e) { + // When starting the 8.0 branch, this whole catch block should be replaced by the line below: + // throw new InvalidArgumentException(\sprintf('Unable to parse file "%s": ', $file).$e->getMessage(), $e->getCode(), $e); $invalidSecurityElements = []; $errors = explode("\n", $e->getMessage()); foreach ($errors as $i => $error) { @@ -477,6 +479,8 @@ private function parseFileToDOM(string $file): \DOMDocument continue; } if ('provider' === $parent->localName || 'firewall' === $parent->localName) { + trigger_deprecation('symfony/security-bundle', '7.4', 'Custom %s must now be namespaced; please update your security configuration "%s" tag.', 'provider' === $parent->localName ? 'providers' : 'authenticators', $tagName); + unset($errors[$errorIndex]); } }