feature #42198 [Security] Deprecate PassportInterface (chalasr)

fabpot · fabpot · commit 810599d2f0fd · 2021-08-06T13:29:45.000+02:00
This PR was merged into the 5.4 branch. Discussion ---------- [Security] Deprecate `PassportInterface` | Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | no | New feature? | no | Deprecations? | yes | Tickets | - | License | MIT | Doc PR | - As explained in #42181, the right extension point is badges, not passports. Also renames `AuthenticatorInterface::createAuthenticatedToken()` to `createToken()` because of the signature change and the recent abandon of the `authenticated` state for tokens. Commits ------- a446030 [Security] Deprecate `PassportInterface`
diff --git a/UPGRADE-5.4.md b/UPGRADE-5.4.md
@@ -52,3 +52,26 @@ Security
  * Deprecate `DeauthenticatedEvent`, use `TokenDeauthenticatedEvent` instead
  * Deprecate `CookieClearingLogoutHandler`, `SessionLogoutHandler` and `CsrfTokenClearingLogoutHandler`.
    Use `CookieClearingLogoutListener`, `SessionLogoutListener` and `CsrfTokenClearingLogoutListener` instead
+ * Deprecate `AuthenticatorInterface::createAuthenticatedToken()`, use `AuthenticatorInterface::createToken()` instead
+ * Deprecate `PassportInterface` and `UserPassportInterface`, use `Passport` instead.
+   As such, the return type declaration of `AuthenticatorInterface::authenticate()` will change to `Passport` in 6.0
+
+   Before:
+   ```php
+   class MyAuthenticator implements AuthenticatorInterface
+   {
+       public function authenticate(Request $request): PassportInterface
+       {
+       }
+   }
+   ```
+
+   After:
+   ```php
+   class MyAuthenticator implements AuthenticatorInterface
+   {
+       public function authenticate(Request $request): Passport
+       {
+       }
+   }
+   ```
diff --git a/UPGRADE-6.0.md b/UPGRADE-6.0.md
@@ -328,6 +328,29 @@ Security
  * Remove `DeauthenticatedEvent`, use `TokenDeauthenticatedEvent` instead
  * Remove `CookieClearingLogoutHandler`, `SessionLogoutHandler` and `CsrfTokenClearingLogoutHandler`.
    Use `CookieClearingLogoutListener`, `SessionLogoutListener` and `CsrfTokenClearingLogoutListener` instead
+ * Remove `AuthenticatorInterface::createAuthenticatedToken()`, use `AuthenticatorInterface::createToken()` instead
+ * Remove `PassportInterface` and `UserPassportInterface`, use `Passport` instead.
+   Also, the return type declaration of `AuthenticatorInterface::authenticate()` was changed to `Passport`
+
+   Before:
+   ```php
+   class MyAuthenticator implements AuthenticatorInterface
+   {
+       public function authenticate(Request $request): PassportInterface
+       {
+       }
+   }
+   ```
+
+   After:
+   ```php
+   class MyAuthenticator implements AuthenticatorInterface
+   {
+       public function authenticate(Request $request): Passport
+       {
+       }
+   }
+   ```
 
 SecurityBundle
 --------------
diff --git a/src/Symfony/Component/Ldap/Security/LdapAuthenticator.php b/src/Symfony/Component/Ldap/Security/LdapAuthenticator.php
@@ -16,6 +16,7 @@
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 
 /**
@@ -53,17 +54,31 @@ public function supports(Request $request): ?bool
         return $this->authenticator->supports($request);
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
         $passport = $this->authenticator->authenticate($request);
         $passport->addBadge(new LdapBadge($this->ldapServiceId, $this->dnString, $this->searchDn, $this->searchPassword, $this->queryString));
 
         return $passport;
     }
 
+    /**
+     * @deprecated since Symfony 5.4, use {@link createToken()} instead
+     */
     public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
     {
-        return $this->authenticator->createAuthenticatedToken($passport, $firewallName);
+        trigger_deprecation('symfony/ldap', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);
+
+        return $this->createToken($passport, $firewallName);
+    }
+
+    public function createToken(PassportInterface $passport, string $firewallName): TokenInterface
+    {
+        // @deprecated since Symfony 5.4, in 6.0 change to:
+        // return $this->authenticator->createToken($passport, $firewallName);
+        return method_exists($this->authenticator, 'createToken')
+            ? $this->authenticator->createToken($passport, $firewallName)
+            : $this->authenticator->createAuthenticatedToken($passport, $firewallName);
     }
 
     public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
diff --git a/src/Symfony/Component/Security/Core/Exception/AuthenticationExpiredException.php b/src/Symfony/Component/Security/Core/Exception/AuthenticationExpiredException.php
@@ -12,7 +12,7 @@
 namespace Symfony\Component\Security\Core\Exception;
 
 /**
- * AuthenticationExpiredException is thrown when an authenticated token becomes un-authenticated between requests.
+ * AuthenticationExpiredException is thrown when an authentication token becomes un-authenticated between requests.
  *
  * In practice, this is due to the User changing between requests (e.g. password changes),
  * causes the token to become un-authenticated.
diff --git a/src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php b/src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php
@@ -74,11 +74,12 @@ public function __construct(iterable $authenticators, TokenStorageInterface $tok
      */
     public function authenticateUser(UserInterface $user, AuthenticatorInterface $authenticator, Request $request, array $badges = []): ?Response
     {
-        // create an authenticated token for the User
+        // create an authentication token for the User
         // @deprecated since 5.3, change to $user->getUserIdentifier() in 6.0
-        $token = $authenticator->createAuthenticatedToken($passport = new SelfValidatingPassport(new UserBadge(method_exists($user, 'getUserIdentifier') ? $user->getUserIdentifier() : $user->getUsername(), function () use ($user) { return $user; }), $badges), $this->firewallName);
+        $passport = new SelfValidatingPassport(new UserBadge(method_exists($user, 'getUserIdentifier') ? $user->getUserIdentifier() : $user->getUsername(), function () use ($user) { return $user; }), $badges);
+        $token = method_exists($authenticator, 'createToken') ? $authenticator->createToken($passport, $this->firewallName) : $authenticator->createAuthenticatedToken($passport, $this->firewallName);
 
-        // announce the authenticated token
+        // announce the authentication token
         $token = $this->eventDispatcher->dispatch(new AuthenticationTokenCreatedEvent($token, $passport))->getAuthenticatedToken();
 
         // authenticate this in the system
@@ -189,10 +190,10 @@ private function executeAuthenticator(AuthenticatorInterface $authenticator, Req
                 throw new BadCredentialsException(sprintf('Authentication failed; Some badges marked as required by the firewall config are not available on the passport: "%s".', implode('", "', $missingRequiredBadges)));
             }
 
-            // create the authenticated token
-            $authenticatedToken = $authenticator->createAuthenticatedToken($passport, $this->firewallName);
+            // create the authentication token
+            $authenticatedToken = method_exists($authenticator, 'createToken') ? $authenticator->createToken($passport, $this->firewallName) : $authenticator->createAuthenticatedToken($passport, $this->firewallName);
 
-            // announce the authenticated token
+            // announce the authentication token
             $authenticatedToken = $this->eventDispatcher->dispatch(new AuthenticationTokenCreatedEvent($authenticatedToken, $passport))->getAuthenticatedToken();
 
             if (true === $this->eraseCredentials) {
diff --git a/src/Symfony/Component/Security/Http/Authenticator/AbstractAuthenticator.php b/src/Symfony/Component/Security/Http/Authenticator/AbstractAuthenticator.php
@@ -13,6 +13,7 @@
 
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Exception\LogicException;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 use Symfony\Component\Security\Http\Authenticator\Passport\UserPassportInterface;
 use Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken;
@@ -30,12 +31,23 @@ abstract class AbstractAuthenticator implements AuthenticatorInterface
      *
      * @return PostAuthenticationToken
      */
+    public function createToken(Passport $passport, string $firewallName): TokenInterface
+    {
+        return new PostAuthenticationToken($passport->getUser(), $firewallName, $passport->getUser()->getRoles());
+    }
+
+    /**
+     * @deprecated since Symfony 5.4, use {@link createToken()} instead
+     */
     public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
     {
+        // @deprecated since Symfony 5.4
         if (!$passport instanceof UserPassportInterface) {
-            throw new LogicException(sprintf('Passport does not contain a user, overwrite "createAuthenticatedToken()" in "%s" to create a custom authenticated token.', static::class));
+            throw new LogicException(sprintf('Passport does not contain a user, overwrite "createToken()" in "%s" to create a custom authentication token.', static::class));
         }
 
-        return new PostAuthenticationToken($passport->getUser(), $firewallName, $passport->getUser()->getRoles());
+        trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);
+
+        return $this->createToken($passport, $firewallName);
     }
 }
diff --git a/src/Symfony/Component/Security/Http/Authenticator/AbstractPreAuthenticatedAuthenticator.php b/src/Symfony/Component/Security/Http/Authenticator/AbstractPreAuthenticatedAuthenticator.php
@@ -22,6 +22,7 @@
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\PreAuthenticatedUserBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 
@@ -84,7 +85,7 @@ public function supports(Request $request): ?bool
         return true;
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
         // @deprecated since 5.3, change to $this->userProvider->loadUserByIdentifier() in 6.0
         $method = 'loadUserByIdentifier';
@@ -100,7 +101,17 @@ public function authenticate(Request $request): PassportInterface
         );
     }
 
+    /**
+     * @deprecated since Symfony 5.4, use {@link createToken()} instead
+     */
     public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
+    {
+        trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);
+
+        return $this->createToken($passport, $firewallName);
+    }
+
+    public function createToken(Passport $passport, string $firewallName): TokenInterface
     {
         return new PreAuthenticatedToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());
     }
diff --git a/src/Symfony/Component/Security/Http/Authenticator/AuthenticatorInterface.php b/src/Symfony/Component/Security/Http/Authenticator/AuthenticatorInterface.php
@@ -15,6 +15,7 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 
 /**
@@ -23,6 +24,10 @@
  * @author Ryan Weaver <ryan@symfonycasts.com>
  * @author Amaury Leroux de Lens <amaury@lerouxdelens.com>
  * @author Wouter de Jong <wouter@wouterj.nl>
+ *
+ * @method TokenInterface createToken(Passport $passport, string $firewallName) Creates a token for the given user.
+ *                                                                              If you don't care about which token class is used, you can skip this method by extending
+ *                                                                              the AbstractAuthenticator class from your authenticator.
  */
 interface AuthenticatorInterface
 {
@@ -47,8 +52,10 @@ public function supports(Request $request): ?bool;
      * a UserNotFoundException when the user cannot be found).
      *
      * @throws AuthenticationException
+     *
+     * @return Passport
      */
-    public function authenticate(Request $request): PassportInterface;
+    public function authenticate(Request $request); /*: Passport;*/
 
     /**
      * Create an authenticated token for the given user.
@@ -60,6 +67,8 @@ public function authenticate(Request $request): PassportInterface;
      * @see AbstractAuthenticator
      *
      * @param PassportInterface $passport The passport returned from authenticate()
+     *
+     * @deprecated since Symfony 5.4, use {@link createToken()} instead
      */
     public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface;
 
diff --git a/src/Symfony/Component/Security/Http/Authenticator/FormLoginAuthenticator.php b/src/Symfony/Component/Security/Http/Authenticator/FormLoginAuthenticator.php
@@ -77,7 +77,7 @@ public function supports(Request $request): bool
             && $this->httpUtils->checkRequestPath($request, $this->options['check_path']);
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
         $credentials = $this->getCredentials($request);
 
@@ -106,9 +106,19 @@ public function authenticate(Request $request): PassportInterface
     }
 
     /**
-     * @param Passport $passport
+     * @deprecated since Symfony 5.4, use {@link createToken()} instead
      */
     public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
+    {
+        trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);
+
+        return $this->createToken($passport, $firewallName);
+    }
+
+    /**
+     * @return UsernamePasswordToken
+     */
+    public function createToken(Passport $passport, string $firewallName): TokenInterface
     {
         return new UsernamePasswordToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());
     }
diff --git a/src/Symfony/Component/Security/Http/Authenticator/HttpBasicAuthenticator.php b/src/Symfony/Component/Security/Http/Authenticator/HttpBasicAuthenticator.php
@@ -84,9 +84,16 @@ public function authenticate(Request $request): PassportInterface
     }
 
     /**
-     * @param Passport $passport
+     * @deprecated since Symfony 5.4, use {@link createToken()} instead
      */
     public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
+    {
+        trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);
+
+        return $this->createToken($passport, $firewallName);
+    }
+
+    public function createToken(Passport $passport, string $firewallName): TokenInterface
     {
         return new UsernamePasswordToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());
     }
diff --git a/src/Symfony/Component/Security/Http/Authenticator/JsonLoginAuthenticator.php b/src/Symfony/Component/Security/Http/Authenticator/JsonLoginAuthenticator.php
@@ -110,7 +110,17 @@ public function authenticate(Request $request): PassportInterface
         return $passport;
     }
 
+    /**
+     * @deprecated since Symfony 5.4, use {@link createToken()} instead
+     */
     public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
+    {
+        trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);
+
+        return $this->createToken($passport, $firewallName);
+    }
+
+    public function createToken(Passport $passport, string $firewallName): TokenInterface
     {
         return new UsernamePasswordToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());
     }
diff --git a/src/Symfony/Component/Security/Http/Authenticator/Passport/PassportInterface.php b/src/Symfony/Component/Security/Http/Authenticator/Passport/PassportInterface.php
@@ -21,6 +21,8 @@
  * passport.
  *
  * @author Wouter de Jong <wouter@wouterj.nl>
+ *
+ * @deprecated since Symfony 5.4, use {@link Passport} instead
  */
 interface PassportInterface
 {
diff --git a/src/Symfony/Component/Security/Http/Authenticator/Passport/UserPassportInterface.php b/src/Symfony/Component/Security/Http/Authenticator/Passport/UserPassportInterface.php
@@ -18,6 +18,8 @@
  * Represents a passport for a Security User.
  *
  * @author Wouter de Jong <wouter@wouterj.nl>
+ *
+ * @deprecated since Symfony 5.4, use {@link Passport} instead
  */
 interface UserPassportInterface extends PassportInterface
 {
diff --git a/src/Symfony/Component/Security/Http/Authenticator/RememberMeAuthenticator.php b/src/Symfony/Component/Security/Http/Authenticator/RememberMeAuthenticator.php
@@ -22,6 +22,7 @@
 use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
 use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 use Symfony\Component\Security\Http\RememberMe\RememberMeDetails;
@@ -95,7 +96,17 @@ public function authenticate(Request $request): PassportInterface
         }));
     }
 
+    /**
+     * @deprecated since Symfony 5.4, use {@link createToken()} instead
+     */
     public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
+    {
+        trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);
+
+        return $this->createToken($passport, $firewallName);
+    }
+
+    public function createToken(Passport $passport, string $firewallName): TokenInterface
     {
         return new RememberMeToken($passport->getUser(), $firewallName, $this->secret);
     }
diff --git a/src/Symfony/Component/Security/Http/Authenticator/Token/PostAuthenticationToken.php b/src/Symfony/Component/Security/Http/Authenticator/Token/PostAuthenticationToken.php
@@ -40,7 +40,7 @@ public function __construct(UserInterface $user, string $firewallName, array $ro
     }
 
     /**
-     * This is meant to be only an authenticated token, where credentials
+     * This is meant to be only a token, where credentials
      * have already been used and are thus cleared.
      *
      * {@inheritdoc}
diff --git a/src/Symfony/Component/Security/Http/CHANGELOG.md b/src/Symfony/Component/Security/Http/CHANGELOG.md
@@ -8,6 +8,7 @@ CHANGELOG
  * Deprecate `DeauthenticatedEvent`, use `TokenDeauthenticatedEvent` instead
  * Deprecate `CookieClearingLogoutHandler`, `SessionLogoutHandler` and `CsrfTokenClearingLogoutHandler`.
    Use `CookieClearingLogoutListener`, `SessionLogoutListener` and `CsrfTokenClearingLogoutListener` instead
+ * Deprecate `PassportInterface` and `UserPassportInterface`, use `Passport` instead
 
 5.3
 ---
diff --git a/src/Symfony/Component/Security/Http/Event/LoginSuccessEvent.php b/src/Symfony/Component/Security/Http/Event/LoginSuccessEvent.php
@@ -24,8 +24,8 @@
 /**
  * This event is dispatched after authentication has successfully completed.
  *
- * At this stage, the authenticator created an authenticated token
- * and generated an authentication success response. Listeners to
+ * At this stage, the authenticator created a token and
+ * generated an authentication success response. Listeners to
  * this event can do actions related to successful authentication
  * (such as migrating the password).
  *
diff --git a/src/Symfony/Component/Security/Http/Tests/Authentication/AuthenticatorManagerTest.php b/src/Symfony/Component/Security/Http/Tests/Authentication/AuthenticatorManagerTest.php

Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@`
`12`	`12`	`namespace Symfony\Component\Security\Core\Exception;`
`13`	`13`
`14`	`14`	`/**`
`15`		`- * AuthenticationExpiredException is thrown when an authenticated token becomes un-authenticated between requests.`
	`15`	`+ * AuthenticationExpiredException is thrown when an authentication token becomes un-authenticated between requests.`
`16`	`16`	`*`
`17`	`17`	`* In practice, this is due to the User changing between requests (e.g. password changes),`
`18`	`18`	`* causes the token to become un-authenticated.`
Original file line number	Diff line number	Diff line change
`@@ -77,7 +77,7 @@ public function supports(Request $request): bool`
`77`	`77`	`&& $this->httpUtils->checkRequestPath($request, $this->options['check_path']);`
`78`	`78`	`}`
`79`	`79`
`80`		`- public function authenticate(Request $request): PassportInterface`
	`80`	`+ public function authenticate(Request $request): Passport`
`81`	`81`	`{`
`82`	`82`	`$credentials = $this->getCredentials($request);`
`83`	`83`
`@@ -106,9 +106,19 @@ public function authenticate(Request $request): PassportInterface`
`106`	`106`	`}`
`107`	`107`
`108`	`108`	`/**`
`109`		`- * @param Passport $passport`
	`109`	`+ * @deprecated since Symfony 5.4, use {@link createToken()} instead`
`110`	`110`	`*/`
`111`	`111`	`public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface`
	`112`	`+ {`
	`113`	`+ trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);`
	`114`	`+`
	`115`	`+ return $this->createToken($passport, $firewallName);`
	`116`	`+ }`
	`117`	`+`
	`118`	`+ /**`
	`119`	`+ * @return UsernamePasswordToken`
	`120`	`+ */`
	`121`	`+ public function createToken(Passport $passport, string $firewallName): TokenInterface`
`112`	`122`	`{`
`113`	`123`	`return new UsernamePasswordToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());`
`114`	`124`	`}`
Original file line number	Diff line number	Diff line change
`@@ -84,9 +84,16 @@ public function authenticate(Request $request): PassportInterface`
`84`	`84`	`}`
`85`	`85`
`86`	`86`	`/**`
`87`		`- * @param Passport $passport`
	`87`	`+ * @deprecated since Symfony 5.4, use {@link createToken()} instead`
`88`	`88`	`*/`
`89`	`89`	`public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface`
	`90`	`+ {`
	`91`	`+ trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);`
	`92`	`+`
	`93`	`+ return $this->createToken($passport, $firewallName);`
	`94`	`+ }`
	`95`	`+`
	`96`	`+ public function createToken(Passport $passport, string $firewallName): TokenInterface`
`90`	`97`	`{`
`91`	`98`	`return new UsernamePasswordToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());`
`92`	`99`	`}`
Original file line number	Diff line number	Diff line change
`@@ -110,7 +110,17 @@ public function authenticate(Request $request): PassportInterface`
`110`	`110`	`return $passport;`
`111`	`111`	`}`
`112`	`112`
	`113`	`+ /**`
	`114`	`+ * @deprecated since Symfony 5.4, use {@link createToken()} instead`
	`115`	`+ */`
`113`	`116`	`public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface`
	`117`	`+ {`
	`118`	`+ trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);`
	`119`	`+`
	`120`	`+ return $this->createToken($passport, $firewallName);`
	`121`	`+ }`
	`122`	`+`
	`123`	`+ public function createToken(Passport $passport, string $firewallName): TokenInterface`
`114`	`124`	`{`
`115`	`125`	`return new UsernamePasswordToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());`
`116`	`126`	`}`
Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,8 @@`
`21`	`21`	`* passport.`
`22`	`22`	`*`
`23`	`23`	`* @author Wouter de Jong <[email protected]>`
	`24`	`+ *`
	`25`	`+ * @deprecated since Symfony 5.4, use {@link Passport} instead`
`24`	`26`	`*/`
`25`	`27`	`interface PassportInterface`
`26`	`28`	`{`
Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,8 @@`
`18`	`18`	`* Represents a passport for a Security User.`
`19`	`19`	`*`
`20`	`20`	`* @author Wouter de Jong <[email protected]>`
	`21`	`+ *`
	`22`	`+ * @deprecated since Symfony 5.4, use {@link Passport} instead`
`21`	`23`	`*/`
`22`	`24`	`interface UserPassportInterface extends PassportInterface`
`23`	`25`	`{`
Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,7 @@ public function __construct(UserInterface $user, string $firewallName, array $ro`
`40`	`40`	`}`
`41`	`41`
`42`	`42`	`/**`
`43`		`- * This is meant to be only an authenticated token, where credentials`
	`43`	`+ * This is meant to be only a token, where credentials`
`44`	`44`	`* have already been used and are thus cleared.`
`45`	`45`	`*`
`46`	`46`	`* {@inheritdoc}`
Original file line number	Diff line number	Diff line change
`@@ -24,8 +24,8 @@`
`24`	`24`	`/**`
`25`	`25`	`* This event is dispatched after authentication has successfully completed.`
`26`	`26`	`*`
`27`		`- * At this stage, the authenticator created an authenticated token`
`28`		`- * and generated an authentication success response. Listeners to`
	`27`	`+ * At this stage, the authenticator created a token and`
	`28`	`+ * generated an authentication success response. Listeners to`
`29`	`29`	`* this event can do actions related to successful authentication`
`30`	`30`	`* (such as migrating the password).`
`31`	`31`	`*`