8000 Merge branch '5.4' into 6.0 · symfony/symfony@efc16f6 · GitHub
[go: up one dir, main page]
Skip to content

Commit efc16f6

Browse files
chalasrchalasr
committed
Merge branch '5.4' into 6.0
* 5.4: [Security] Deprecate `TokenInterface::isAuthenticated()` and `setAuthenticated()` Include additional errors to slack notifier error message
2 parents fa9f02f + 1834a4d commit efc16f6

35 files changed

+266
-46
lines changed

UPGRADE-5.4.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,3 +30,6 @@ Security
3030
behavior when using `enable_authenticator_manager: true`)
3131
* Deprecate not setting the 5th argument (`$exceptionOnNoToken`) of `AccessListener` to `false`
3232
(this is the default behavior when using `enable_authenticator_manager: true`)
33+
* Deprecate `TokenInterface:isAuthenticated()` and `setAuthenticated()` methods without replacement.
34+
Security tokens won't have an "authenticated" flag anymore, so they will always be considered authenticated
35+
* Deprecate `DeauthenticatedEvent`, use `TokenDeauthenticatedEvent` instead

UPGRADE-6.0.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -322,6 +322,9 @@ Security
322322
`UsernamePasswordFormAuthenticationListener`, `UsernamePasswordJsonAuthenticationListener` and `X509AuthenticationListener`
323323
from security-http, use the new authenticator system instead
324324
* Remove the Guard component, use the new authenticator system instead
325+
* Remove `TokenInterface:isAuthenticated()` and `setAuthenticated()` methods without replacement.
326+
Security tokens won't have an "authenticated" flag anymore, so they will always be considered authenticated
327+
* Remove `DeauthenticatedEvent`, use `TokenDeauthenticatedEvent` instead
325328

326329
SecurityBundle
327330
--------------

src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ public function __invoke(array $record): array
4242

4343
if (null !== $token = $this->getToken()) {
4444
$record['extra'][$this->getKey()] = [
45-
'authenticated' => $token->isAuthenticated(),
45+
'authenticated' => $token->isAuthenticated(false), // @deprecated since Symfony 5.4, always true in 6.0
4646
'roles' => $token->getRoleNames(),
4747
];
4848

src/Symfony/Bridge/Monolog/Tests/Processor/TokenProcessorTest.php

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,6 @@ public function testLegacyProcessor()
3939

4040
$this->assertArrayHasKey('token', $record['extra']);
4141
$this->assertEquals($token->getUsername(), $record['extra']['token']['username']);
42-
$this->assertEquals($token->isAuthenticated(), $record['extra']['token']['authenticated']);
4342
$this->assertEquals(['ROLE_USER'], $record['extra']['token']['roles']);
4443
}
4544

@@ -59,7 +58,6 @@ public function testProcessor()
5958

6059
$this->assertArrayHasKey('token', $record['extra']);
6160
$this->assertEquals($token->getUserIdentifier(), $record['extra']['token']['user_identifier']);
62-
$this->assertEquals($token->isAuthenticated(), $record['extra']['token']['authenticated']);
6361
$this->assertEquals(['ROLE_USER'], $record['extra']['token']['roles']);
6462
}
6563
}

src/Symfony/Bundle/FrameworkBundle/KernelBrowser.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -123,7 +123,7 @@ public function loginUser(object $user, string $firewallContext = 'main'): self
123123
}
124124

125125
$token = new TestBrowserToken($user->getRoles(), $user, $firewallContext);
126-
$token->setAuthenticated(true);
126+
$token->setAuthenticated(true, false);
127127

128128
$container = $this->getContainer();
129129
$container->get('security.untracked_token_storage')->setToken($token);

src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -123,7 +123,7 @@ public function collect(Request $request, Response $response, \Throwable $except
123123

124124
$this->data = [
125125
'enabled' => true,
126-
'authenticated' => $token->isAuthenticated(),
126+
'authenticated' => $token->isAuthenticated(false),
127127
'impersonated' => null !== $impersonatorUser,
128128
'impersonator_user' => $impersonatorUser,
129129
'impersonation_exit_path' => null,

src/Symfony/Component/Notifier/Bridge/Slack/SlackTransport.php

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,9 @@ protected function doSend(MessageInterface $message): SentMessage
9595

9696
$result = $response->toArray(false);
9797
if (!$result['ok']) {
98-
throw new TransportException(sprintf('Unable to post the Slack message: "%s".', $result['error']), $response);
98+
$errors = isset($result['errors']) ? ' ('.implode('|', $result['errors']).')' : '';
99+
100+
throw new TransportException(sprintf('Unable to post the Slack message: "%s"%s.', $result['error'], $errors), $response);
99101
}
100102

101103
$sentMessage = new SentMessage($message, (string) $this);

src/Symfony/Component/Notifier/Bridge/Slack/Tests/SlackTransportTest.php

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -239,4 +239,32 @@ public function testSendIncludesContentTypeWithCharset()
239239

240240
$transport->send(new ChatMessage('testMessage'));
241241
}
242+
243+
public function testSendWithErrorsIncluded()
244+
{
245+
$response = $this->createMock(ResponseInterface::class);
246+
247+
$response->expects($this->exactly(2))
248+
->method('getStatusCode')
249+
->willReturn(200);
250+
251+
$response->expects($this->once())
252+
->method('getContent')
253+
->willReturn(json_encode([
254+
'ok' => false,
255+
'error' => 'invalid_blocks',
256+
'errors' => ['no more than 50 items allowed [json-pointer:/blocks]'],
257+
]));
258+
259+
$client = new MockHttpClient(function () use ($response): ResponseInterface {
260+
return $response;
261+
});
262+
263+
$transport = $this->createTransport($client, 'testChannel');
264+
265+
$this->expectException(TransportException::class);
266+
$this->expectExceptionMessage('Unable to post the Slack message: "invalid_blocks" (no more than 50 items allowed [json-pointer:/blocks]).');
267+
268+
$transport->send(new ChatMessage('testMessage'));
269+
}
242270
}

src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php

Lines changed: 21 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -96,7 +96,12 @@ public function getUser()
9696
*/
9797
public function setUser(string|\Stringable|UserInterface $user)
9898
{
99-
if (null === $this->user) {
99+
// @deprecated since Symfony 5.4, remove the whole block if/elseif/else block in 6.0
100+
if (1 < \func_num_args() && !func_get_arg(1)) {
101+
// ContextListener checks if the user has changed on its own and calls `setAuthenticated()` subsequently,
102+
// avoid doing the same checks twice
103+
$changed = false;
104+
} elseif (null === $this->user) {
100105
$changed = false;
101106
} elseif ($this->user instanceof UserInterface) {
102107
if (!$user instanceof UserInterface) {
@@ -110,18 +115,25 @@ public function setUser(string|\Stringable|UserInterface $user)
110115
$changed = (string) $this->user !== (string) $user;
111116
}
112117

118+
// @deprecated since Symfony 5.4
113119
if ($changed) {
114-
$this->setAuthenticated(false);
120+
$this->setAuthenticated(false, false);
115121
}
116122

117123
$this->user = $user;
118124
}
119125

120126
/**
121127
* {@inheritdoc}
128+
*
129+
* @deprecated since Symfony 5.4
122130
*/
123131
public function isAuthenticated()
124132
{
133+
if (1 > \func_num_args() || func_get_arg(0)) {
134+
trigger_deprecation('symfony/security-core', '5.4', 'Method "%s()" is deprecated. In version 6.0, security tokens won\'t have an "authenticated" flag anymore and will always be considered authenticated.', __METHOD__);
135+
}
136+
125137
return $this->authenticated;
126138
}
127139

@@ -130,6 +142,10 @@ public function isAuthenticated()
130142
*/
131143
public function setAuthenticated(bool $authenticated)
132144
{
145+
if (2 > \func_num_args() || func_get_arg(1)) {
146+
trigger_deprecation('symfony/security-core', '5.4', 'Method "%s()" is deprecated. In version 6.0, security tokens won\'t have an "authenticated" state anymore and will always be considered as authenticated.', __METHOD__);
147+
}
148+
133149
$this->authenticated = $authenticated;
134150
}
135151

@@ -264,6 +280,9 @@ final public function unserialize(string $serialized)
264280
$this->__unserialize(unserialize($serialized));
265281
}
266282

283+
/**
284+
* @deprecated since Symfony 5.4
285+
*/
267286
private function hasUserChanged(UserInterface $user): bool
268287
{
269288
if (!($this->user instanceof UserInterface)) {

src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,8 @@ public function __construct(string $secret, string|\Stringable|UserInterface $us
3232

3333
$this->secret = $secret;
3434
$this->setUser($user);
35-
$this->setAuthenticated(true);
35+
// @deprecated since Symfony 5.4
36+
$this->setAuthenticated(true, false);
3637
}
3738

3839
/**

src/Symfony/Component/Security/Core/Authentication/Token/NullToken.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,11 +55,21 @@ public function getUserIdentifier(): string
5555
return '';
5656
}
5757

58+
/**
59+
* @deprecated since Symfony 5.4
60+
*/
5861
public function isAuthenticated()
5962
{
63+
if (0 === \func_num_args() || func_get_arg(0)) {
64+
trigger_deprecation('symfony/security-core', '5.4', 'Method "%s()" is deprecated. In version 6.0, security tokens won\'t have an "authenticated" flag anymore and will always be considered authenticated.', __METHOD__);
65+
}
66+
6067
return true;
6168
}
6269

70+
/**
71+
* @deprecated since Symfony 5.4
72+
*/
6373
public function setAuthenticated(bool $isAuthenticated)
6474
{
6575
throw new \BadMethodCallException('Cannot change authentication state of NullToken.');

src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ public function __construct(string|\Stringable|UserInterface $user, mixed $crede
3939
$this->firewallName = $firewallName;
4040

4141
if ($roles) {
42-
$this->setAuthenticated(true);
42+
$this->setAuthenticated(true, false);
4343
}
4444
}
4545

src/Symfony/Component/Security/Core/Authentication/Token/RememberMeToken.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ public function __construct(UserInterface $user, string $firewallName, string $s
4444
$this->secret = $secret;
4545

4646
$this->setUser($user);
47-
parent::setAuthenticated(true);
47+
parent::setAuthenticated(true, false);
4848
}
4949

5050
/**
@@ -56,7 +56,7 @@ public function setAuthenticated(bool $authenticated)
5656
throw new \LogicException('You cannot set this token to authenticated after creation.');
5757
}
5858

59-
parent::setAuthenticated(false);
59+
parent::setAuthenticated(false, false);
6060
}
6161

6262
/**

src/Symfony/Component/Security/Core/Authentication/Token/TokenInterface.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -67,11 +67,15 @@ public function setUser(string|\Stringable|UserInterface $user);
6767
* Returns whether the user is authenticated or not.
6868
*
6969
* @return bool true if the token has been authenticated, false otherwise
70+
*
71+
* @deprecated since Symfony 5.4. In 6.0, security tokens will always be considered authenticated
7072
*/
7173
public function isAuthenticated();
7274

7375
/**
7476
* Sets the authenticated flag.
77+
*
78+
* @deprecated since Symfony 5.4. In 6.0, security tokens will always be considered authenticated
7579
*/
7680
public function setAuthenticated(bool $isAuthenticated);
7781

src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ public function __construct(string|\Stringable|UserInterface $user, mixed $crede
3535
$this->credentials = $credentials;
3636
$this->firewallName = $firewallName;
3737

38-
parent::setAuthenticated(\count($roles) > 0);
38+
parent::setAuthenticated(\count($roles) > 0, false);
3939
}
4040

4141
/**
@@ -47,7 +47,7 @@ public function setAuthenticated(bool $isAuthenticated)
4747
throw new \LogicException('Cannot set this token to trusted after instantiation.');
4848
}
4949

50-
parent::setAuthenticated(false);
50+
parent::setAuthenticated(false, false);
5151
}
5252

5353
/**

src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,12 @@ final public function isGranted(mixed $attribute, mixed $subject = null): bool
6262

6363
$token = new NullToken();
6464
} else {
65-
if ($this->alwaysAuthenticate || !$token->isAuthenticated()) {
65+
$authenticated = true;
66+
// @deprecated since Symfony 5.4
67+
if ($this->alwaysAuthenticate || !$authenticated = $token->isAuthenticated(false)) {
68+
if (!($authenticated ?? true)) {
69+
trigger_deprecation('symfony/core', '5.4', 'Returning false from "%s()" is deprecated and won\'t have any effect in Symfony 6.0 as security tokens will always be considered authenticated.');
70+
}
6671
$this->tokenStorage->setToken($token = $this->authenticationManager->authenticate($token));
6772
}
6873
}

src/Symfony/Component/Security/Core/CHANGELOG.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ CHANGELOG
1414

1515
* Deprecate setting the 4th argument (`$alwaysAuthenticate`) to `true` and not setting the
1616
5th argument (`$exceptionOnNoToken`) to `false` of `AuthorizationChecker`
17+
* Deprecate methods `TokenInterface::isAuthenticated()` and `setAuthenticated`,
18+
tokens will always be considered authenticated in 6.0
1719

1820
5.3
1921
---

src/Symfony/Component/Security/Core/Tests/Authentication/Token/AbstractTokenTest.php

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,7 @@ public function getUsername()
4141

4242
public function getRoles()
4343
{
44+
return [];
4445
}
4546

4647
public function getPassword()
@@ -104,6 +105,9 @@ public function testConstructor()
104105
$this->assertEquals(['ROLE_FOO'], $token->getRoleNames());
105106
}
106107

108+
/**
109+
* @group legacy
110+
*/
107111
public function testAuthenticatedFlag()
108112
{
109113
$token = new ConcreteToken();
@@ -158,6 +162,7 @@ public function getUsers()
158162
}
159163

160164
/**
165+
* @group legacy
161166
* @dataProvider getUserChanges
162167
*/
163168
public function testSetUserSetsAuthenticatedToFalseWhenUserChanges($firstUser, $secondUser)
@@ -190,6 +195,7 @@ public function getUserChanges()
190195
}
191196

192197
/**
198+
* @group legacy
193199
* @dataProvider getUsers
194200
*/
195201
public function testSetUserDoesNotSetAuthenticatedToFalseWhenUserDoesNotChange($user)
@@ -205,6 +211,9 @@ public function testSetUserDoesNotSetAuthenticatedToFalseWhenUserDoesNotChange($
205211
$this->assertTrue($token->isAuthenticated());
206212
}
207213

214+
/**
215+
* @group legacy
216+
*/
208217
public function testIsUserChangedWhenSerializing()
209218
{
210219
$token = new ConcreteToken(['ROLE_ADMIN']);

src/Symfony/Component/Security/Core/Tests/Authentication/Token/AnonymousTokenTest.php

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,13 +18,19 @@ class AnonymousTokenTest extends TestCase
1818
{
1919
public function testConstructor()
2020
{
21-
$token = new AnonymousToken('foo', 'bar');
22-
$this->assertTrue($token->isAuthenticated());
23-
2421
$token = new AnonymousToken('foo', 'bar', ['ROLE_FOO']);
2522
$this->assertEquals(['ROLE_FOO'], $token->getRoleNames());
2623
}
2724

25+
/**
26+
* @group legacy
27+
*/
28+
public function testIsAuthenticated()
29+
{
30+
$token = new AnonymousToken('foo', 'bar');
31+
$this->assertTrue($token->isAuthenticated());
32+
}
33+
2834
public function testGetKey()
2935
{
3036
$token = new AnonymousToken('foo', 'bar');

src/Symfony/Component/Security/Core/Tests/Authentication/Token/PreAuthenticatedTokenTest.php

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -18,11 +18,7 @@ class PreAuthenticatedTokenTest extends TestCase
1818
{
1919
public function testConstructor()
2020
{
21-
$token = new PreAuthenticatedToken('foo', 'bar', 'key');
22-
$this->assertFalse($token->isAuthenticated());
23-
2421
$token = new PreAuthenticatedToken('foo', 'bar', 'key', ['ROLE_FOO']);
25-
$this->assertTrue($token->isAuthenticated());
2622
$this->assertEquals(['ROLE_FOO'], $token->getRoleNames());
2723
$this->assertEquals('key', $token->getFirewallName());
2824
}
@@ -45,4 +41,13 @@ public function testEraseCredentials()
4541
$token->eraseCredentials();
4642
$this->assertEquals('', $token->getCredentials());
4743
}
44+
45+
/**
46+
* @group legacy
47+
*/
48+
public function testIsAuthenticated()
49+
{
50+
$token = new PreAuthenticatedToken('foo', 'bar', 'key');
51+
$this->assertFalse($token->isAuthenticated());
52+
}
4853
}

src/Symfony/Component/Security/Core/Tests/Authentication/Token/RememberMeTokenTest.php

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,15 @@ public function testConstructor()
2626
$this->assertEquals('foo', $token->getSecret());
2727
$this->assertEquals(['ROLE_FOO'], $token->getRoleNames());
2828
$this->assertSame($user, $token->getUser());
29+
}
30+
31+
/**
32+
* @group legacy
33+
*/
34+
public function testIsAuthenticated()
35+
{
36+
$user = $this->getUser();
37+
$token = new RememberMeToken($user, 'fookey', 'foo');
2938
$this->assertTrue($token->isAuthenticated());
3039
}
3140

0 commit comments

Comments
 (0)
0