-
-
Notifications
You must be signed in to change notification settings - Fork 9.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security] Deprecate the old authentication mechanisms #41247
Conversation
src/Symfony/Bundle/SecurityBundle/Resources/config/security_authenticator.php
Outdated
Show resolved
Hide resolved
Needs some work to make it green. |
d9d281b
to
03edd82
Compare
Why 5.3? That's for 5.4 to me. |
The reasoning is similar to #39308: I'm almost certain that we didn't yet test all uses of the old authentication system on the new one. So I want to buy us time to add the missing features/cases in 5.4, before removing the old system in 6.0. Deprecating the old system gives us the most chance to get this type of feedback from bigger applications. |
Got it, thanks. |
This PR misses deprecating some service definitions, I'm going to finish it tonight. |
This is ready. Note: this PR deprecates the main part of the old system, but it's not exhaustive: there are some classes which won't be needed in 6.0 that this PR does not deprecate. e.g. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wow, thanks Robin! I feel very sorry for you after seeing all the SecurityBundle tests that needed fixes as well..
Why it's not an issue? Fixing the deprecations introduced here implies that you are not using the remaining to-be-deprecated stuff anymore, thus you won't be bothered for the same topic in the next minor.
Is this also the reason for not having trigger_deprecation()
calls in almost all Guard component classes?
src/Symfony/Component/Security/Core/Authentication/AuthenticationManagerInterface.php
Outdated
Show resolved
Hide resolved
src/Symfony/Component/Security/Core/Authentication/AuthenticationManagerInterface.php
Show resolved
Hide resolved
src/Symfony/Bundle/SecurityBundle/Resources/config/security_authenticator.php
Outdated
Show resolved
Hide resolved
ddcdb9a
to
93d4baf
Compare
@wouterj Nope, that was a mistake. It's fixed now.
I asked @nicolas-grekas who confirmed that we have to skip triggering in this case. Thanks for the review! |
Thank you @chalasr. |
Now that the authenticator system proven working well and is considered stable, we can deprecate the old authentication listeners as well as the Guard component (+ integrations).