[POC][Security] Introduce GuardAuthenticationManager to make guards first-class security

by @wouterj

Some issues have been detected in this pull request

Issues that can be fixed by applying a patch

Review the proposed patch then download it to apply it manually or execute the following command from the repository root directory:

curl https://fabbot.io/patch/symfony/symfony/33558/7799078b5c91a03ea1c6eb0e42e8d29b826e5416/cs.diff | patch -p0
diff -ru src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
--- src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php	2020-02-12 23:09:58.488168148 +0000
+++ src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php	2020-02-12 23:10:05.457887788 +0000
@@ -11,8 +11,8 @@
 
 namespace Symfony\Bundle\SecurityBundle\DependencyInjection;
 
-use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\EntrypointFactoryInterface;
 use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AuthenticatorFactoryInterface;
+use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\EntrypointFactoryInterface;
 use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\RememberMeFactory;
 use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\SecurityFactoryInterface;
 use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\UserProvider\UserProviderFactoryInterface;
@@ -30,7 +30,6 @@
 use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
 use Symfony\Component\DependencyInjection\Reference;
 use Symfony\Component\HttpKernel\DependencyInjection\Extension;
-use Symfony\Component\HttpKernel\KernelEvents;
 use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
 use Symfony\Component\Security\Core\Encoder\NativePasswordEncoder;
 use Symfony\Component\Security\Core\Encoder\SodiumPasswordEncoder;
@@ -234,7 +233,7 @@
         $arguments[1] = $userProviderIteratorsArgument = new IteratorArgument($userProviders);
         $contextListenerDefinition->setArguments($arguments);
 
-        if (count($userProviders) > 1) {
+        if (\count($userProviders) > 1) {
             $container->setDefinition('security.user_providers', new Definition(ChainUserProvider::class, [$userProviderIteratorsArgument]))
                 ->setPublic(false);
         } else {
diff -ru src/Symfony/Component/Security/Core/Tests/Authentication/Authenticator/HttpBasicAuthenticatorTest.php src/Symfony/Component/Security/Core/Tests/Authentication/Authenticator/HttpBasicAuthenticatorTest.php
--- src/Symfony/Component/Security/Core/Tests/Authentication/Authenticator/HttpBasicAuthenticatorTest.php	2020-02-12 23:09:59.768116662 +0000
+++ src/Symfony/Component/Security/Core/Tests/Authentication/Authenticator/HttpBasicAuthenticatorTest.php	2020-02-12 23:10:05.554883886 +0000
@@ -5,12 +5,12 @@
 use PHPUnit\Framework\MockObject\MockObject;
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\Security\Http\Authenticator\HttpBasicAuthenticator;
 use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
 use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface;
 use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
+use Symfony\Component\Security\Http\Authenticator\HttpBasicAuthenticator;
 
 class HttpBasicAuthenticatorTest extends TestCase
 {
diff -ru src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php
--- src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php	2020-02-12 23:09:59.968108617 +0000
+++ src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php	2020-02-12 23:10:05.690878416 +0000
@@ -16,14 +16,12 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Event\RequestEvent;
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
-use Symfony\Component\Security\Http\Authenticator\Token\PreAuthenticationToken;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Guard\AuthenticatorInterface;
 use Symfony\Component\Security\Guard\GuardHandler;
 use Symfony\Component\Security\Guard\Token\PreAuthenticationToken as GuardPreAuthenticationGuardToken;
 use Symfony\Component\Security\Http\Firewall\AbstractListener;
-use Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListenerTrait;
 use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
 
 /**
@@ -75,7 +73,6 @@
             $this->logger->debug('Checking for guard authentication credentials.', $context);
         }
 
-
         $guardAuthenticators = [];
         foreach ($this->authenticators as $key => $authenticator) {
             if (null !== $this->logger) {
@@ -124,7 +121,7 @@
     protected function executeGuardAuthenticators(array $guardAuthenticators, RequestEvent $event): void
     {
         foreach ($guardAuthenticators as $key => $guardAuthenticator) {
-            $uniqueGuardKey = $this->providerKey.'_'.$key;;
+            $uniqueGuardKey = $this->providerKey.'_'.$key;
 
             $this->executeGuardAuthenticator($uniqueGuardKey, $guardAuthenticator, $event);
 
diff -ru src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php
--- src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php	2020-02-12 23:10:00.357092970 +0000
+++ src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php	2020-02-12 23:10:05.788874474 +0000
@@ -11,25 +11,22 @@
 
 namespace Symfony\Component\Security\Guard\Provider;
 
-use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\HttpKernel\Event\RequestEvent;
-use Symfony\Component\Security\Core\Exception\BadCredentialsException;
-use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
-use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
-use Symfony\Component\Security\Core\User\UserInterface;
-use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
-use Symfony\Component\Security\Http\Authentication\AuthenticatorManagerTrait;
 use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\Exception\AuthenticationExpiredException;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
+use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
+use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
 use Symfony\Component\Security\Core\User\UserCheckerInterface;
+use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 use Symfony\Component\Security\Guard\AuthenticatorInterface;
+use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
 use Symfony\Component\Security\Guard\Token\GuardTokenInterface;
 use Symfony\Component\Security\Guard\Token\PreAuthenticationToken;
+use Symfony\Component\Security\Http\Authentication\AuthenticatorManagerTrait;
 use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
 
 /**
diff -ru src/Symfony/Component/Security/Guard/Token/PreAuthenticationToken.php src/Symfony/Component/Security/Guard/Token/PreAuthenticationToken.php
--- src/Symfony/Component/Security/Guard/Token/PreAuthenticationToken.php	2020-02-12 23:10:01.347053148 +0000
+++ src/Symfony/Component/Security/Guard/Token/PreAuthenticationToken.php	2020-02-12 23:10:06.087862447 +0000
@@ -11,8 +11,6 @@
 
 namespace Symfony\Component\Security\Guard\Token;
 
-use Symfony\Component\Security\Http\Authenticator\Token\PreAuthenticationToken as CorePreAuthenticationGuardToken;
-
 /**
  * The token used by the guard auth system before authentication.
  *
diff -ru src/Symfony/Component/Security/Http/Authentication/AuthenticatorHandler.php src/Symfony/Component/Security/Http/Authentication/AuthenticatorHandler.php
--- src/Symfony/Component/Security/Http/Authentication/AuthenticatorHandler.php	2020-02-12 23:10:01.716038305 +0000
+++ src/Symfony/Component/Security/Http/Authentication/AuthenticatorHandler.php	2020-02-12 23:10:06.160859511 +0000
@@ -13,12 +13,12 @@
 
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Guard\AuthenticatorInterface as GuardAuthenticatorInterface;
+use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
 use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
 use Symfony\Component\Security\Http\SecurityEvents;
 use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
diff -ru src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php
--- src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php	2020-02-12 23:10:02.189019279 +0000
+++ src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php	2020-02-12 23:10:06.238856373 +0000
@@ -12,18 +12,18 @@
 namespace Symfony\Component\Security\Http\Authentication;
 
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
-use Symfony\Component\Security\Core\Exception\BadCredentialsException;
-use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
-use Symfony\Component\Security\Core\User\UserInterface;
-use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
-use Symfony\Component\Security\Http\Authenticator\Token\PreAuthenticationToken;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\AuthenticationEvents;
 use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
 use Symfony\Component\Security\Core\Event\AuthenticationSuccessEvent;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\Exception\AuthenticationExpiredException;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 use Symfony\Component\Security\Core\Exception\ProviderNotFoundException;
+use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
+use Symfony\Component\Security\Http\Authenticator\Token\PreAuthenticationToken;
 use Symfony\Component\Security\Http\Event\VerifyAuthenticatorCredentialsEvent;
 use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
 

0
Common Typos

0
License Headers

0
Pull Request Contributor Headers

0
JSON Files Syntax

0
File Permissions

0
Merge Commits