drop support for non-boolean return values from checkCredentials()

xabbuh · xabbuh · commit 74b6a4c729d2 · 2019-08-27T09:27:34.000+02:00
diff --git a/src/Symfony/Component/Security/CHANGELOG.md b/src/Symfony/Component/Security/CHANGELOG.md
@@ -4,6 +4,8 @@ CHANGELOG
 5.0.0
 -----
 
+ * Implementations of `Guard\AuthenticatorInterface::checkCredentials()` must return
+   a boolean value now. Please explicitly return `false` to indicate invalid credentials.
  * The `LdapUserProvider` class has been removed, use `Symfony\Component\Ldap\Security\LdapUserProvider` instead.
  * The `FirewallMapInterface::getListeners()` method must return an array of 3 elements.
  * Removed the `ContextListener::setLogoutOnUserChange()` method.
diff --git a/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php b/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php
@@ -115,7 +115,7 @@ private function authenticateViaGuard(AuthenticatorInterface $guardAuthenticator
         $this->userChecker->checkPreAuth($user);
         if (true !== $checkCredentialsResult = $guardAuthenticator->checkCredentials($token->getCredentials(), $user)) {
             if (false !== $checkCredentialsResult) {
-                @trigger_error(sprintf('%s::checkCredentials() must return a boolean value. You returned %s. This behavior is deprecated in Symfony 4.4 and will trigger a TypeError in Symfony 5.', \get_class($guardAuthenticator), \is_object($checkCredentialsResult) ? \get_class($checkCredentialsResult) : \gettype($checkCredentialsResult)), E_USER_DEPRECATED);
+                throw new \TypeError(sprintf('%s::checkCredentials() must return a boolean value.', \get_class($guardAuthenticator)));
             }
 
             throw new BadCredentialsException(sprintf('Authentication failed because %s::checkCredentials() did not return true.', \get_class($guardAuthenticator)));
diff --git a/src/Symfony/Component/Security/Guard/Tests/Provider/GuardAuthenticationProviderTest.php b/src/Symfony/Component/Security/Guard/Tests/Provider/GuardAuthenticationProviderTest.php
@@ -119,13 +119,9 @@ public function testCheckCredentialsReturningFalseFailsAuthentication()
         $provider->authenticate($this->preAuthenticationToken);
     }
 
-    /**
-     * @group legacy
-     * @expectedDeprecation %s::checkCredentials() must return a boolean value. You returned NULL. This behavior is deprecated in Symfony 4.4 and will trigger a TypeError in Symfony 5.
-     */
     public function testCheckCredentialsReturningNonTrueFailsAuthentication()
     {
-        $this->expectException('Symfony\Component\Security\Core\Exception\BadCredentialsException');
+        $this->expectException(\TypeError::class);
         $providerKey = 'my_uncool_firewall';
 
         $authenticator = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();

Original file line number	Diff line number	Diff line change
`@@ -115,7 +115,7 @@ private function authenticateViaGuard(AuthenticatorInterface $guardAuthenticator`
`115`	`115`	`$this->userChecker->checkPreAuth($user);`
`116`	`116`	`if (true !== $checkCredentialsResult = $guardAuthenticator->checkCredentials($token->getCredentials(), $user)) {`
`117`	`117`	`if (false !== $checkCredentialsResult) {`
`118`		`- @trigger_error(sprintf('%s::checkCredentials() must return a boolean value. You returned %s. This behavior is deprecated in Symfony 4.4 and will trigger a TypeError in Symfony 5.', \get_class($guardAuthenticator), \is_object($checkCredentialsResult) ? \get_class($checkCredentialsResult) : \gettype($checkCredentialsResult)), E_USER_DEPRECATED);`
	`118`	`+ throw new \TypeError(sprintf('%s::checkCredentials() must return a boolean value.', \get_class($guardAuthenticator)));`
`119`	`119`	`}`
`120`	`120`
`121`	`121`	`throw new BadCredentialsException(sprintf('Authentication failed because %s::checkCredentials() did not return true.', \get_class($guardAuthenticator)));`
Original file line number	Diff line number	Diff line change
`@@ -119,13 +119,9 @@ public function testCheckCredentialsReturningFalseFailsAuthentication()`
`119`	`119`	`$provider->authenticate($this->preAuthenticationToken);`
`120`	`120`	`}`
`121`	`121`
`122`		`- /**`
`123`		`- * @group legacy`
`124`		`- * @expectedDeprecation %s::checkCredentials() must return a boolean value. You returned NULL. This behavior is deprecated in Symfony 4.4 and will trigger a TypeError in Symfony 5.`
`125`		`- */`
`126`	`122`	`public function testCheckCredentialsReturningNonTrueFailsAuthentication()`
`127`	`123`	`{`
`128`		`- $this->expectException('Symfony\Component\Security\Core\Exception\BadCredentialsException');`
	`124`	`+ $this->expectException(\TypeError::class);`
`129`	`125`	`$providerKey = 'my_uncool_firewall';`
`130`	`126`
`131`	`127`	`$authenticator = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();`