symfony
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Resources/config/authenticators.xml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Resources/config/authenticators.xml
+3-3Lines changed: 3 additions & 3 deletions b/‎src/Symfony/Bundle/SecurityBundle/Resources/config/authenticators.xml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Resources/config/authenticators.xml
+3-3Lines changed: 3 additions & 3 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticationGuardToken.php
Copy file name to clipboard
+71Lines changed: 71 additions & 0 deletions b/‎src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticationGuardToken.php
Copy file name to clipboard
+71Lines changed: 71 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Core/Tests/Authentication/Authenticator/HttpBasicAuthenticatorTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Tests/Authentication/Authenticator/HttpBasicAuthenticatorTest.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Core/Tests/Authentication/Authenticator/HttpBasicAuthenticatorTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Tests/Authentication/Authenticator/HttpBasicAuthenticatorTest.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Core/composer.json
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/composer.json
-1Lines changed: 0 additions & 1 deletion b/‎src/Symfony/Component/Security/Core/composer.json
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/composer.json
-1Lines changed: 0 additions & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php
+9-1Lines changed: 9 additions & 1 deletion b/‎src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php
+9-1Lines changed: 9 additions & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Guard/GuardAuthenticatorHandler.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/GuardAuthenticatorHandler.php
+2-122Lines changed: 2 additions & 122 deletions b/‎src/Symfony/Component/Security/Guard/GuardAuthenticatorHandler.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/GuardAuthenticatorHandler.php
+2-122Lines changed: 2 additions & 122 deletions
diff --git a/‎src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php
+2-1Lines changed: 2 additions & 1 deletion b/‎src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php
+2-1Lines changed: 2 additions & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Guard/Token/PreAuthenticationGuardToken.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/Token/PreAuthenticationGuardToken.php
+2-48Lines changed: 2 additions & 48 deletions b/‎src/Symfony/Component/Security/Guard/Token/PreAuthenticationGuardToken.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/Token/PreAuthenticationGuardToken.php
+2-48Lines changed: 2 additions & 48 deletions
diff --git a/‎src/Symfony/Component/Security/Guard/composer.json
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/composer.json
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Guard/composer.json
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/composer.json
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Core/Authentication/Authenticator/AbstractAuthenticator.php renamed to ‎src/Symfony/Component/Security/Http/Authentication/Authenticator/AbstractAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authentication/Authenticator/AbstractAuthenticator.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Core/Authentication/Authenticator/AbstractAuthenticator.php renamed to ‎src/Symfony/Component/Security/Http/Authentication/Authenticator/AbstractAuthenticator.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authentication/Authenticator/AbstractAuthenticator.php
+1-1Lines changed: 1 addition & 1 deletion
@@ -20,7 +20,7 @@
         </service>
 
         <service id="security.authenticator.http_basic"
-                 class="Symfony\Component\Security\Core\Authentication\Authenticator\HttpBasicAuthenticator"
+                 class="Symfony\Component\Security\Http\Authentication\Authenticator\HttpBasicAuthenticator"
                  abstract="true">
             <argument type="abstract">realm name</argument>
             <argument type="abstract">user provider</argument>
@@ -29,7 +29,7 @@
         </service>
 
         <service id="security.authenticator.form_login"
-                 class="Symfony\Component\Security\Core\Authentication\Authenticator\FormLoginAuthenticator"
+                 class="Symfony\Component\Security\Http\Authentication\Authenticator\FormLoginAuthenticator"
                  abstract="true">
             <argument type="service" id="security.http_utils" />
             <argument /> <!-- csrf token generator -->
@@ -39,7 +39,7 @@
         </service>
 
         <service id="security.authenticator.anonymous"
-                 class="Symfony\Component\Security\Core\Authentication\Authenticator\AnonymousAuthenticator"
+                 class="Symfony\Component\Security\Http\Authentication\Authenticator\AnonymousAuthenticator"
                  abstract="true">
             <argument /> <!-- secret -->
             <argument type="service" id="security.token_storage" />
 
@@ -52,7 +52,7 @@
                 <argument type="service" id="event_dispatcher" />
             </call>
         </service>
-        <service id="security.authentication.manager.guard" class="Symfony\Component\Security\Core\Authentication\GuardAuthenticationManager">
+        <service id="security.authentication.manager.guard" class="Symfony\Component\Security\Http\Authentication\GuardAuthenticationManager">
             <argument /> <!-- guard authenticators -->
             <argument type="service" id="Symfony\Component\Security\Core\User\UserCheckerInterface" /> <!-- User Checker -->
             <argument>%security.authentication.manager.erase_credentials%</argument>
 
@@ -0,0 +1,71 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Authentication\Token;
+
+/**
+ * The token used by the guard auth system before authentication.
+ *
+ * The GuardAuthenticationListener creates this, which is then consumed
+ * immediately by the GuardAuthenticationProvider. If authentication is
+ * successful, a different authenticated token is returned
+ *
+ * @author Ryan Weaver <ryan@knpuniversity.com>
+ */
+class PreAuthenticationGuardToken extends AbstractToken
+{
+    private $credentials;
+    private $guardProviderKey;
+    private $providerKey;
+
+    /**
+     * @param mixed       $credentials
+     * @param string      $guardProviderKey Unique key that bind this token to a specific AuthenticatorInterface
+     * @param string|null $providerKey      The general provider key (when using with HTTP, this is the firewall name)
+     */
+    public function __construct($credentials, string $guardProviderKey, ?string $providerKey = null)
+    {
+        $this->credentials = $credentials;
+        $this->guardProviderKey = $guardProviderKey;
+        $this->providerKey = $providerKey;
+
+        parent::__construct([]);
+
+        // never authenticated
+        parent::setAuthenticated(false);
+    }
+
+    public function getProviderKey(): ?string
+    {
+        return $this->providerKey;
+    }
+
+    public function getGuardProviderKey()
+    {
+        return $this->guardProviderKey;
+    }
+
+    /**
+     * Returns the user credentials, which might be an array of anything you
+     * wanted to put in there (e.g. username, password, favoriteColor).
+     *
+     * @return mixed The user credentials
+     */
+    public function getCredentials()
+    {
+        return $this->credentials;
+    }
+
+    public function setAuthenticated(bool $authenticated)
+    {
+        throw new \LogicException('The PreAuthenticationGuardToken is *never* authenticated.');
+    }
+}
@@ -5,7 +5,7 @@
 use PHPUnit\Framework\MockObject\MockObject;
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\Security\Core\Authentication\Authenticator\HttpBasicAuthenticator;
+use Symfony\Component\Security\Http\Authentication\Authenticator\HttpBasicAuthenticator;
 use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
 use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;
 use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 
@@ -20,7 +20,6 @@
         "symfony/event-dispatcher-contracts": "^1.1|^2",
         "symfony/polyfill-php80": "^1.15",
         "symfony/service-contracts": "^1.1.6|^2",
-        "symfony/security-guard": "^4.4",
         "symfony/deprecation-contracts": "^2.1"
     },
     "require-dev": {
 
@@ -15,9 +15,12 @@
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpKernel\Event\RequestEvent;
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
+use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticationGuardToken;
 use Symfony\Component\Security\Guard\AuthenticatorInterface;
 use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
+use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken as GuardPreAuthenticationGuardToken;
 use Symfony\Component\Security\Http\Firewall\AbstractListener;
+use Symfony\Component\Security\Http\Firewall\GuardManagerListenerTrait;
 use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
 
 /**
@@ -30,7 +33,7 @@
  */
 class GuardAuthenticationListener extends AbstractListener
 {
-    use GuardAuthenticatorListenerTrait;
+    use GuardManagerListenerTrait;
 
     private $guardHandler;
     private $authenticationManager;
@@ -101,6 +104,11 @@ public function setRememberMeServices(RememberMeServicesInterface $rememberMeSer
         $this->rememberMeServices = $rememberMeServices;
     }
 
+    protected function createPreAuthenticatedToken($credentials, string $uniqueGuardKey, string $providerKey): PreAuthenticationGuardToken
+    {
+        return new GuardPreAuthenticationGuardToken($credentials, $uniqueGuardKey, $providerKey);
+    }
+
     protected function getGuardKey(string $key): string
     {
         // get a key that's unique to *this* guard authenticator
 
@@ -11,17 +11,7 @@
 
 namespace Symfony\Component\Security\Guard;
 
-use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\Security\Core\Authentication\Authenticator\AuthenticatorInterface as CoreAuthenticatorInterface;
-use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
-use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
-use Symfony\Component\Security\Core\Exception\AuthenticationException;
-use Symfony\Component\Security\Core\User\UserInterface;
-use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
-use Symfony\Component\Security\Http\SecurityEvents;
-use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
-use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
+use Symfony\Component\Security\Http\Authentication\GuardAuthenticatorHandler as CoreAuthenticatorHandlerAlias;
 
 /**
  * A utility class that does much of the *work* during the guard authentication process.
@@ -33,116 +23,6 @@
  *
  * @final
  */
-class GuardAuthenticatorHandler
+class GuardAuthenticatorHandler extends CoreAuthenticatorHandlerAlias
 {
-    private $tokenStorage;
-    private $dispatcher;
-    private $sessionStrategy;
-    private $statelessProviderKeys;
-
-    /**
-     * @param array $statelessProviderKeys An array of provider/firewall keys that are "stateless" and so do not need the session migrated on success
-     */
-    public function __construct(TokenStorageInterface $tokenStorage, EventDispatcherInterface $eventDispatcher = null, array $statelessProviderKeys = [])
-    {
-        $this->tokenStorage = $tokenStorage;
-        $this->dispatcher = $eventDispatcher;
-        $this->statelessProviderKeys = $statelessProviderKeys;
-    }
-
-    /**
-     * Authenticates the given token in the system.
-     */
-    public function authenticateWithToken(TokenInterface $token, Request $request, string $providerKey = null)
-    {
-        $this->migrateSession($request, $token, $providerKey);
-        $this->tokenStorage->setToken($token);
-
-        if (null !== $this->dispatcher) {
-            $loginEvent = new InteractiveLoginEvent($request, $token);
-            $this->dispatcher->dispatch($loginEvent, SecurityEvents::INTERACTIVE_LOGIN);
-        }
-    }
-
-    /**
-     * Returns the "on success" response for the given GuardAuthenticator.
-     *
-     * @param CoreAuthenticatorInterface|AuthenticatorInterface $guardAuthenticator
-     */
-    public function handleAuthenticationSuccess(TokenInterface $token, Request $request, $guardAuthenticator, string $providerKey): ?Response
-    {
-        if (!$guardAuthenticator instanceof AuthenticatorInterface && !$guardAuthenticator instanceof CoreAuthenticatorInterface) {
-            throw new \UnexpectedValueException('Invalid guard authenticator passed to '.__METHOD__.'. Expected AuthenticatorInterface of either Security Core or Security Guard.');
-        }
-
-        $response = $guardAuthenticator->onAuthenticationSuccess($request, $token, $providerKey);
-
-        // check that it's a Response or null
-        if ($response instanceof Response || null === $response) {
-            return $response;
-        }
-
-        throw new \UnexpectedValueException(sprintf('The "%s::onAuthenticationSuccess()" method must return null or a Response object. You returned "%s".', \get_class($guardAuthenticator), get_debug_type($response)));
-    }
-
-    /**
-     * Convenience method for authenticating the user and returning the
-     * Response *if any* for success.
-     *
-     * @param CoreAuthenticatorInterface|AuthenticatorInterface $authenticator
-     */
-    public function authenticateUserAndHandleSuccess(UserInterface $user, Request $request, $authenticator, string $providerKey): ?Response
-    {
-        if (!$authenticator instanceof AuthenticatorInterface && !$authenticator instanceof CoreAuthenticatorInterface) {
-            throw new \UnexpectedValueException('Invalid guard authenticator passed to '.__METHOD__.'. Expected AuthenticatorInterface of either Security Core or Security Guard.');
-        }
-
-        // create an authenticated token for the User
-        $token = $authenticator->createAuthenticatedToken($user, $providerKey);
-        // authenticate this in the system
-        $this->authenticateWithToken($token, $request, $providerKey);
-
-        // return the success metric
-        return $this->handleAuthenticationSuccess($token, $request, $authenticator, $providerKey);
-    }
-
-    /**
-     * Handles an authentication failure and returns the Response for the
-     * GuardAuthenticator.
-     *
-     * @param CoreAuthenticatorInterface|AuthenticatorInterface $guardAuthenticator
-     */
-    public function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, $guardAuthenticator, string $providerKey): ?Response
-    {
-        if (!$guardAuthenticator instanceof AuthenticatorInterface && !$guardAuthenticator instanceof CoreAuthenticatorInterface) {
-            throw new \UnexpectedValueException('Invalid guard authenticator passed to '.__METHOD__.'. Expected AuthenticatorInterface of either Security Core or Security Guard.');
-        }
-
-        $response = $guardAuthenticator->onAuthenticationFailure($request, $authenticationException);
-        if ($response instanceof Response || null === $response) {
-            // returning null is ok, it means they want the request to continue
-            return $response;
-        }
-
-        throw new \UnexpectedValueException(sprintf('The "%s::onAuthenticationFailure()" method must return null or a Response object. You returned "%s".', \get_class($guardAuthenticator), get_debug_type($response)));
-    }
-
-    /**
-     * Call this method if your authentication token is stored to a session.
-     *
-     * @final
-     */
-    public function setSessionAuthenticationStrategy(SessionAuthenticationStrategyInterface $sessionStrategy)
-    {
-        $this->sessionStrategy = $sessionStrategy;
-    }
-
-    private function migrateSession(Request $request, TokenInterface $token, ?string $providerKey)
-    {
-        if (\in_array($providerKey, $this->statelessProviderKeys, true) || !$this->sessionStrategy || !$request->hasSession() || !$request->hasPreviousSession()) {
-            return;
-        }
-
-        $this->sessionStrategy->onAuthentication($request, $token);
-    }
 }
@@ -11,6 +11,7 @@
 
 namespace Symfony\Component\Security\Guard\Provider;
 
+use Symfony\Component\Security\Http\Authentication\GuardAuthenticationManagerTrait;
 use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
@@ -30,7 +31,7 @@
  */
 class GuardAuthenticationProvider implements AuthenticationProviderInterface
 {
-    use GuardAuthenticationProviderTrait;
+    use GuardAuthenticationManagerTrait;
 
     /**
      * @var AuthenticatorInterface[]
 
@@ -11,7 +11,7 @@
 
 namespace Symfony\Component\Security\Guard\Token;
 
-use Symfony\Component\Security\Core\Authentication\Token\AbstractToken;
+use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticationGuardToken as CorePreAuthenticationGuardToken;
 
 /**
  * The token used by the guard auth system before authentication.
@@ -22,52 +22,6 @@
  *
  * @author Ryan Weaver <ryan@knpuniversity.com>
  */
-class PreAuthenticationGuardToken extends AbstractToken implements GuardTokenInterface
+class PreAuthenticationGuardToken extends CorePreAuthenticationGuardToken implements GuardTokenInterface
 {
-    private $credentials;
-    private $guardProviderKey;
-    private $providerKey;
-
-    /**
-     * @param mixed       $credentials
-     * @param string      $guardProviderKey Unique key that bind this token to a specific AuthenticatorInterface
-     * @param string|null $providerKey      The general provider key (when using with HTTP, this is the firewall name)
-     */
-    public function __construct($credentials, string $guardProviderKey, ?string $providerKey = null)
-    {
-        $this->credentials = $credentials;
-        $this->guardProviderKey = $guardProviderKey;
-        $this->providerKey = $providerKey;
-
-        parent::__construct([]);
-
-        // never authenticated
-        parent::setAuthenticated(false);
-    }
-
-    public function getProviderKey(): ?string
-    {
-        return $this->providerKey;
-    }
-
-    public function getGuardProviderKey()
-    {
-        return $this->guardProviderKey;
-    }
-
-    /**
-     * Returns the user credentials, which might be an array of anything you
-     * wanted to put in there (e.g. username, password, favoriteColor).
-     *
-     * @return mixed The user credentials
-     */
-    public function getCredentials()
-    {
-        return $this->credentials;
-    }
-
-    public function setAuthenticated(bool $authenticated)
-    {
-        throw new \LogicException('The PreAuthenticationGuardToken is *never* authenticated.');
-    }
 }
@@ -17,7 +17,7 @@
     ],
     "require": {
         "php": "^7.2.5",
-        "symfony/security-core": "^5.0",
+        "symfony/security-core": "^5.1",
         "symfony/security-http": "^4.4.1|^5.0.1",
         "symfony/polyfill-php80": "^1.15"
     },
 
@@ -9,7 +9,7 @@
  * file that was distributed with this source code.
  */
 
-namespace Symfony\Component\Security\Core\Authentication\Authenticator;
+namespace Symfony\Component\Security\Http\Authentication\Authenticator;
 
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\User\UserInterface;