feature #42050 [Security] Deprecate TokenInterface::isAuthenticated() (chalasr)

derrabus · derrabus · commit 0a5712a552dc · 2021-07-14T18:32:50.000+02:00
This PR was merged into the 5.4 branch. Discussion ---------- [Security] Deprecate `TokenInterface::isAuthenticated()` | Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | - | License | MIT | Doc PR | todo From symfony/symfony#41613 (comment) > all unauthenticated token use-cases have been replaced with passports (and the removal of anonymous). This means that if you have a token, it should always be authenticated. Commits ------- 33b8fbdd8a [Security] Deprecate `TokenInterface::isAuthenticated()` and `setAuthenticated()`
diff --git a/Provider/GuardAuthenticationProvider.php b/Provider/GuardAuthenticationProvider.php
@@ -93,7 +93,7 @@ public function authenticate(TokenInterface $token)
 
             // this should never happen - but technically, the token is
             // authenticated... so it could just be returned
-            if ($token->isAuthenticated()) {
+            if ($token->isAuthenticated(false)) {
                 return $token;
             }
 
diff --git a/Token/PostAuthenticationGuardToken.php b/Token/PostAuthenticationGuardToken.php
@@ -49,7 +49,7 @@ public function __construct(UserInterface $user, string $providerKey, array $rol
 
         // this token is meant to be used after authentication success, so it is always authenticated
         // you could set it as non authenticated later if you need to
-        $this->setAuthenticated(true);
+        $this->setAuthenticated(true, false);
     }
 
     /**
diff --git a/Token/PreAuthenticationGuardToken.php b/Token/PreAuthenticationGuardToken.php
@@ -42,7 +42,7 @@ public function __construct($credentials, string $guardProviderKey)
 
         parent::__construct([]);
 
-        // never authenticated
+        // @deprecated since Symfony 5.4
         parent::setAuthenticated(false);
     }
 
@@ -62,6 +62,9 @@ public function getCredentials()
         return $this->credentials;
     }
 
+    /**
+     * @deprecated since Symfony 5.4
+     */
     public function setAuthenticated(bool $authenticated)
     {
         throw new \LogicException('The PreAuthenticationGuardToken is *never* authenticated.');

Original file line number	Diff line number	Diff line change
`@@ -93,7 +93,7 @@ public function authenticate(TokenInterface $token)`
`93`	`93`
`94`	`94`	`// this should never happen - but technically, the token is`
`95`	`95`	`// authenticated... so it could just be returned`
`96`		`- if ($token->isAuthenticated()) {`
	`96`	`+ if ($token->isAuthenticated(false)) {`
`97`	`97`	`return $token;`
`98`	`98`	`}`
`99`	`99`
Original file line number	Diff line number	Diff line change
`@@ -49,7 +49,7 @@ public function __construct(UserInterface $user, string $providerKey, array $rol`
`49`	`49`
`50`	`50`	`// this token is meant to be used after authentication success, so it is always authenticated`
`51`	`51`	`// you could set it as non authenticated later if you need to`
`52`		`- $this->setAuthenticated(true);`
	`52`	`+ $this->setAuthenticated(true, false);`
`53`	`53`	`}`
`54`	`54`
`55`	`55`	`/**`
Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,7 @@ public function __construct($credentials, string $guardProviderKey)`
`42`	`42`
`43`	`43`	`parent::__construct([]);`
`44`	`44`
`45`		`- // never authenticated`
	`45`	`+ // @deprecated since Symfony 5.4`
`46`	`46`	`parent::setAuthenticated(false);`
`47`	`47`	`}`
`48`	`48`
`@@ -62,6 +62,9 @@ public function getCredentials()`
`62`	`62`	`return $this->credentials;`
`63`	`63`	`}`
`64`	`64`
	`65`	`+ /**`
	`66`	`+ * @deprecated since Symfony 5.4`
	`67`	`+ */`
`65`	`68`	`public function setAuthenticated(bool $authenticated)`
`66`	`69`	`{`
`67`	`70`	`throw new \LogicException('The PreAuthenticationGuardToken is never authenticated.');`