Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 7884f97

Browse filesBrowse files
wouterjwouterj
committed
[Security] Disallow passing a UserInterface to Passport
This was deprecated in 5.2, with a warning that support would be dropped in 5.3 (due to the experimental state).
1 parent 7cc5cef commit 7884f97
Copy full SHA for 7884f97

File tree

5 files changed

+6
-36
lines changed
Filter options

5 files changed

+6
-36
lines changed

‎UPGRADE-5.3.md

Copy file name to clipboardExpand all lines: UPGRADE-5.3.md
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,7 @@ Routing
8787
Security
8888
--------
8989

90+
* [BC break] Remove support for passing a `UserInterface` implementation to `Passport`, use the `UserBadge` instead.
9091
* Deprecate `UserInterface::getPassword()`
9192
If your `getPassword()` method does not return `null` (i.e. you are using password-based authentication),
9293
you should implement `PasswordAuthenticatedUserInterface`.

‎src/Symfony/Component/Security/CHANGELOG.md

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ CHANGELOG
44
5.3
55
---
66

7+
* [BC break] Remove support for passing a `UserInterface` implementation to `Passport`, use the `UserBadge` instead.
78
* Add `PasswordAuthenticatedUserInterface` for user classes that use passwords
89
* Add `LegacyPasswordAuthenticatedUserInterface` for user classes that use user-provided salts in addition to passwords
910
* Deprecate all classes in the `Core\Encoder\` sub-namespace, use the `PasswordHasher` component instead

‎src/Symfony/Component/Security/Http/Authenticator/Passport/Passport.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authenticator/Passport/Passport.php
+2-12Lines changed: 2 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -32,23 +32,13 @@ class Passport implements UserPassportInterface
3232
private $attributes = [];
3333

3434
/**
35-
* @param UserBadge $userBadge
3635
* @param CredentialsInterface $credentials the credentials to check for this authentication, use
3736
* SelfValidatingPassport if no credentials should be checked
3837
* @param BadgeInterface[] $badges
3938
*/
40-
public function __construct($userBadge, CredentialsInterface $credentials, array $badges = [])
39+
public function __construct(UserBadge $userBadge, CredentialsInterface $credentials, array $badges = [])
4140
{
42-
if ($userBadge instanceof UserInterface) {
43-
trigger_deprecation('symfony/security-http', '5.2', 'The 1st argument of "%s" must be an instance of "%s", support for "%s" will be removed in symfony/security-http 5.3.', __CLASS__, UserBadge::class, UserInterface::class);
44-
45-
$this->user = $userBadge;
46-
} elseif ($userBadge instanceof UserBadge) {
47-
$this->addBadge($userBadge);
48-
} else {
49-
throw new \TypeError(sprintf('Argument 1 of "%s" must be an instance of "%s", "%s" given.', __METHOD__, UserBadge::class, get_debug_type($userBadge)));
50-
}
51-
41+
$this->addBadge($userBadge);
5242
$this->addBadge($credentials);
5343
foreach ($badges as $badge) {
5444
$this->addBadge($badge);

‎src/Symfony/Component/Security/Http/Authenticator/Passport/SelfValidatingPassport.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authenticator/Passport/SelfValidatingPassport.php
+2-12Lines changed: 2 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -26,21 +26,11 @@
2626
class SelfValidatingPassport extends Passport
2727
{
2828
/**
29-
* @param UserBadge $userBadge
3029
* @param BadgeInterface[] $badges
3130
*/
32-
public function __construct($userBadge, array $badges = [])
31+
public function __construct(UserBadge $userBadge, array $badges = [])
3332
{
34-
if ($userBadge instanceof UserInterface) {
35-
trigger_deprecation('symfony/security-http', '5.2', 'The 1st argument of "%s" must be an instance of "%s", support for "%s" will be removed in symfony/security-http 5.3.', __CLASS__, UserBadge::class, UserInterface::class);
36-
37-
$this->user = $userBadge;
38-
} elseif ($userBadge instanceof UserBadge) {
39-
$this->addBadge($userBadge);
40-
} else {
41-
throw new \TypeError(sprintf('Argument 1 of "%s" must be an instance of "%s", "%s" given.', __METHOD__, UserBadge::class, get_debug_type($userBadge)));
42-
}
43-
33+
$this->addBadge($userBadge);
4434
foreach ($badges as $badge) {
4535
$this->addBadge($badge);
4636
}

‎src/Symfony/Component/Security/Http/Tests/EventListener/UserProviderListenerTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Tests/EventListener/UserProviderListenerTest.php
-12Lines changed: 0 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -61,16 +61,4 @@ public function provideCompletePassports()
6161
{
6262
yield [new SelfValidatingPassport(new UserBadge('wouter', function () {}))];
6363
}
64-
65-
/**
66-
* @group legacy
67-
*/
68-
public function testLegacyUserPassport()
69-
{
70-
$passport = new SelfValidatingPassport($user = $this->createMock(UserInterface::class));
71-
$this->listener->checkPassport(new CheckPassportEvent($this->createMock(AuthenticatorInterface::class), $passport));
72-
73-
$this->assertFalse($passport->hasBadge(UserBadge::class));
74-
$this->assertSame($user, $passport->getUser());
75-
}
7664
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.