feature #36575 [Security] Require entry_point to be configured with multiple authenticators (wouterj)

fabpot · fabpot · commit a114f8d2277f · 2020-04-30T15:22:09.000+02:00
This PR was squashed before being merged into the 5.1-dev branch. Discussion ---------- [Security] Require entry_point to be configured with multiple authenticators | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | tbd See @weaverryan's comment at #33558 (comment): > I have it on my list to look at the entrypoint stuff more closely. But my gut reaction is this: let's fix them (or try to... or maybe in a PR after this) :). What I mean is this: > > - It's always been confusing that your firewall may have multiple auth mechanisms that have their own "entry point"... and one is chosen seemingly at random :). I know it's not random, but why does the entrypoint from `form_login` "win" over `http_basic` if I have both defined under my firewall? > > - Since we're moving to a new system, why not throw an exception the _moment_ that a firewall has multiple entrypoints available to it. Then we _force_ the user to choose the _one_ entrypoint that should be used. --- **Before** (one authenticator) ```yaml security: enable_authenticator_manager: true firewalls: main: form_login: ... # form login is your entry point ``` **After** Same as before --- **Before** (multiple authenticators) ```yaml security: enable_authenticator_manager: true firewalls: main: http_basic: ... form_login: ... # for some reason, FormLogin is now your entry point! (config order doesn't matter) ``` **After** ```yaml security: enable_authenticator_manager: true firewalls: main: http_basic: ... form_login: ... entry_point: form_login ``` --- **Before** (custom entry point service) ```yaml security: enable_authenticator_manager: true firewalls: main: http_basic: ... form_login: ... entry_point: App\Security\CustomEntryPoint ``` **After** Same as before Commits ------- 7e86169 [Security] Require entry_point to be configured with multiple authenticators
diff --git a/UPGRADE-5.1.md b/UPGRADE-5.1.md
@@ -109,6 +109,14 @@ Routing
  * Added argument `$priority` to `RouteCollection::add()`
  * Deprecated the `RouteCompiler::REGEX_DELIMITER` constant
 
+SecurityBundle
+--------------
+
+ * Marked the `AbstractFactory`, `AnonymousFactory`, `FormLoginFactory`, `FormLoginLdapFactory`, `GuardAuthenticationFactory`,
+   `HttpBasicFactory`, `HttpBasicLdapFactory`, `JsonLoginFactory`, `JsonLoginLdapFactory`, `RememberMeFactory`, `RemoteUserFactory`
+   and `X509Factory` as `@internal`. Instead of extending these classes, create your own implementation based on
+   `SecurityFactoryInterface`.
+
 Security
 --------
 
diff --git a/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md b/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md
@@ -6,6 +6,8 @@ CHANGELOG
 
  * Added XSD for configuration
  * Added security configuration for priority-based access decision strategy
+ * Marked the `AbstractFactory`, `AnonymousFactory`, `FormLoginFactory`, `FormLoginLdapFactory`, `GuardAuthenticationFactory`, `HttpBasicFactory`, `HttpBasicLdapFactory`, `JsonLoginFactory`, `JsonLoginLdapFactory`, `RememberMeFactory`, `RemoteUserFactory` and `X509Factory` as `@internal`
+ * Renamed method `AbstractFactory#createEntryPoint()` to `AbstractFactory#createDefaultEntryPoint()`
 
 5.0.0
 -----
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php
@@ -23,6 +23,8 @@
  * @author Fabien Potencier <fabien@symfony.com>
  * @author Lukas Kahwe Smith <smith@pooteeweet.org>
  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
+ *
+ * @internal
  */
 abstract class AbstractFactory implements SecurityFactoryInterface
 {
@@ -65,7 +67,7 @@ public function create(ContainerBuilder $container, string $id, array $config, s
         }
 
         // create entry point if applicable (optional)
-        $entryPointId = $this->createEntryPoint($container, $id, $config, $defaultEntryPointId);
+        $entryPointId = $this->createDefaultEntryPoint($container, $id, $config, $defaultEntryPointId);
 
         return [$authProviderId, $listenerId, $entryPointId];
     }
@@ -126,7 +128,7 @@ abstract protected function getListenerId();
      *
      * @return string|null the entry point id
      */
-    protected function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId)
+    protected function createDefaultEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId)
     {
         return $defaultEntryPointId;
     }
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AnonymousFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AnonymousFactory.php
@@ -18,6 +18,8 @@
 
 /**
  * @author Wouter de Jong <wouter@wouterj.nl>
+ *
+ * @internal
  */
 class AnonymousFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface
 {
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/CustomAuthenticatorFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/CustomAuthenticatorFactory.php
@@ -15,6 +15,12 @@
 use Symfony\Component\Config\Definition\Builder\NodeDefinition;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 
+/**
+ * @author Wouter de Jong <wouter@wouterj.nl>
+ *
+ * @internal
+ * @experimental in Symfony 5.1
+ */
 class CustomAuthenticatorFactory implements AuthenticatorFactoryInterface, SecurityFactoryInterface
 {
     public function create(ContainerBuilder $container, string $id, array $config, string $userProvider, ?string $defaultEntryPoint)
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/EntryPointFactoryInterface.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/EntryPointFactoryInterface.php
@@ -23,5 +23,5 @@ interface EntryPointFactoryInterface
     /**
      * Creates the entry point and returns the service ID.
      */
-    public function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId): string;
+    public function createEntryPoint(ContainerBuilder $container, string $id, array $config): ?string;
 }
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginFactory.php
@@ -22,6 +22,8 @@
  *
  * @author Fabien Potencier <fabien@symfony.com>
  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
+ *
+ * @internal
  */
 class FormLoginFactory extends AbstractFactory implements AuthenticatorFactoryInterface, EntryPointFactoryInterface
 {
@@ -90,7 +92,12 @@ protected function createListener(ContainerBuilder $container, string $id, array
         return $listenerId;
     }
 
-    public function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPoint): string
+    protected function createDefaultEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId)
+    {
+        return $this->createEntryPoint($container, $id, $config);
+    }
+
+    public function createEntryPoint(ContainerBuilder $container, string $id, array $config): string
     {
         $entryPointId = 'security.authentication.form_entry_point.'.$id;
         $container
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginLdapFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginLdapFactory.php
@@ -22,6 +22,8 @@
  *
  * @author Grégoire Pineau <lyrixx@lyrixx.info>
  * @author Charles Sarrazin <charles@sarraz.in>
+ *
+ * @internal
  */
 class FormLoginLdapFactory extends FormLoginFactory
 {
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/GuardAuthenticationFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/GuardAuthenticationFactory.php
@@ -23,6 +23,8 @@
  * Configures the "guard" authentication provider key under a firewall.
  *
  * @author Ryan Weaver <ryan@knpuniversity.com>
+ *
+ * @internal
  */
 class GuardAuthenticationFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface, EntryPointFactoryInterface
 {
@@ -111,9 +113,15 @@ public function createAuthenticator(ContainerBuilder $container, string $firewal
         return $authenticatorIds;
     }
 
-    public function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId): string
+    public function createEntryPoint(ContainerBuilder $container, string $id, array $config): ?string
     {
-        return $this->determineEntryPoint($defaultEntryPointId, $config);
+        try {
+            return $this->determineEntryPoint(null, $config);
+        } catch (\LogicException $e) {
+            // ignore the exception, the new system prefers setting "entry_point" over "guard.entry_point"
+        }
+
+        return null;
     }
 
     private function determineEntryPoint(?string $defaultEntryPointId, array $config): string
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/HttpBasicFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/HttpBasicFactory.php
@@ -20,8 +20,10 @@
  * HttpBasicFactory creates services for HTTP basic authentication.
  *
  * @author Fabien Potencier <fabien@symfony.com>
+ *
+ * @internal
  */
-class HttpBasicFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface
+class HttpBasicFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface, EntryPointFactoryInterface
 {
     public function create(ContainerBuilder $container, string $id, array $config, string $userProvider, ?string $defaultEntryPoint)
     {
@@ -34,7 +36,10 @@ public function create(ContainerBuilder $container, string $id, array $config, s
         ;
 
         // entry point
-        $entryPointId = $this->createEntryPoint($container, $id, $config, $defaultEntryPoint);
+        $entryPointId = $defaultEntryPoint;
+        if (null === $entryPointId) {
+            $entryPointId = $this->createEntryPoint($container, $id, $config);
+        }
 
         // listener
         $listenerId = 'security.authentication.listener.basic.'.$id;
@@ -77,12 +82,8 @@ public function addConfiguration(NodeDefinition $node)
         ;
     }
 
-    protected function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPoint)
+    public function createEntryPoint(ContainerBuilder $container, string $id, array $config): string
     {
-        if (null !== $defaultEntryPoint) {
-            return $defaultEntryPoint;
-        }
-
         $entryPointId = 'security.authentication.basic_entry_point.'.$id;
         $container
             ->setDefinition($entryPointId, new ChildDefinition('security.authentication.basic_entry_point'))
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/HttpBasicLdapFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/HttpBasicLdapFactory.php
@@ -23,6 +23,8 @@
  * @author Fabien Potencier <fabien@symfony.com>
  * @author Grégoire Pineau <lyrixx@lyrixx.info>
  * @author Charles Sarrazin <charles@sarraz.in>
+ *
+ * @internal
  */
 class HttpBasicLdapFactory extends HttpBasicFactory
 {
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/JsonLoginFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/JsonLoginFactory.php
@@ -19,6 +19,8 @@
  * JsonLoginFactory creates services for JSON login authentication.
  *
  * @author Kévin Dunglas <dunglas@gmail.com>
+ *
+ * @internal
  */
 class JsonLoginFactory extends AbstractFactory implements AuthenticatorFactoryInterface
 {
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/JsonLoginLdapFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/JsonLoginLdapFactory.php
@@ -19,6 +19,8 @@
 
 /**
  * JsonLoginLdapFactory creates services for json login ldap authentication.
+ *
+ * @internal
  */
 class JsonLoginLdapFactory extends JsonLoginFactory
 {
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php
@@ -20,6 +20,9 @@
 use Symfony\Component\HttpFoundation\Cookie;
 use Symfony\Component\Security\Http\EventListener\RememberMeLogoutListener;
 
+/**
+ * @internal
+ */
 class RememberMeFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface
 {
     protected $options = [
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RemoteUserFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RemoteUserFactory.php
@@ -21,6 +21,8 @@
  *
  * @author Fabien Potencier <fabien@symfony.com>
  * @author Maxime Douailin <maxime.douailin@gmail.com>
+ *
+ * @internal
  */
 class RemoteUserFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface
 {
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/X509Factory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/X509Factory.php
@@ -20,6 +20,8 @@
  * X509Factory creates services for X509 certificate authentication.
  *
  * @author Fabien Potencier <fabien@symfony.com>
+ *
+ * @internal
  */
 class X509Factory implements SecurityFactoryInterface, AuthenticatorFactoryInterface
 {
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
@@ -39,6 +39,7 @@
 use Symfony\Component\Security\Core\User\ChainUserProvider;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 use Symfony\Component\Security\Http\Controller\UserValueResolver;
+use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
 use Twig\Extension\AbstractExtension;
 
 /**
@@ -519,6 +520,7 @@ private function createAuthenticationListeners(ContainerBuilder $container, stri
     {
         $listeners = [];
         $hasListeners = false;
+        $entryPoints = [];
 
         foreach ($this->listenerPositions as $position) {
             foreach ($this->factories[$position] as $factory) {
@@ -541,8 +543,8 @@ private function createAuthenticationListeners(ContainerBuilder $container, stri
                             $authenticationProviders[] = $authenticators;
                         }
 
-                        if ($factory instanceof EntryPointFactoryInterface) {
-                            $defaultEntryPoint = $factory->createEntryPoint($container, $id, $firewall[$key], $defaultEntryPoint);
+                        if ($factory instanceof EntryPointFactoryInterface && ($entryPoint = $factory->createEntryPoint($container, $id, $firewall[$key], null))) {
+                            $entryPoints[$key] = $entryPoint;
                         }
                     } else {
                         list($provider, $listenerId, $defaultEntryPoint) = $factory->create($container, $id, $firewall[$key], $userProvider, $defaultEntryPoint);
@@ -555,6 +557,19 @@ private function createAuthenticationListeners(ContainerBuilder $container, stri
             }
         }
 
+        if ($entryPoints) {
+            // we can be sure the authenticator system is enabled
+            if (null !== $defaultEntryPoint) {
+                return $entryPoints[$defaultEntryPoint] ?? $defaultEntryPoint;
+            }
+
+            if (1 === \count($entryPoints)) {
+                return current($entryPoints);
+            }
+
+            throw new InvalidConfigurationException(sprintf('Because you have multiple authenticators in firewall "%s", you need to set the "entry_point" key to one of your authenticators (%s) or a service ID implementing "%s". The "entry_point" determines what should happen (e.g. redirect to "/login") when an anonymous user tries to access a protected page.', $id, implode(', ', $entryPoints), AuthenticationEntryPointInterface::class));
+        }
+
         if (false === $hasListeners) {
             throw new InvalidConfigurationException(sprintf('No authentication listener registered for firewall "%s".', $id));
         }

Original file line number	Diff line number	Diff line change
`@@ -23,6 +23,8 @@`
`23`	`23`	`* @author Fabien Potencier <[email protected]>`
`24`	`24`	`* @author Lukas Kahwe Smith <[email protected]>`
`25`	`25`	`* @author Johannes M. Schmitt <[email protected]>`
	`26`	`+ *`
	`27`	`+ * @internal`
`26`	`28`	`*/`
`27`	`29`	`abstract class AbstractFactory implements SecurityFactoryInterface`
`28`	`30`	`{`
`@@ -65,7 +67,7 @@ public function create(ContainerBuilder $container, string $id, array $config, s`
`65`	`67`	`}`
`66`	`68`
`67`	`69`	`// create entry point if applicable (optional)`
`68`		`- $entryPointId = $this->createEntryPoint($container, $id, $config, $defaultEntryPointId);`
	`70`	`+ $entryPointId = $this->createDefaultEntryPoint($container, $id, $config, $defaultEntryPointId);`
`69`	`71`
`70`	`72`	`return [$authProviderId, $listenerId, $entryPointId];`
`71`	`73`	`}`
`@@ -126,7 +128,7 @@ abstract protected function getListenerId();`
`126`	`128`	`*`
`127`	`129`	`* @return string\|null the entry point id`
`128`	`130`	`*/`
`129`		`- protected function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId)`
	`131`	`+ protected function createDefaultEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId)`
`130`	`132`	`{`
`131`	`133`	`return $defaultEntryPointId;`
`132`	`134`	`}`
Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,8 @@`
`18`	`18`
`19`	`19`	`/**`
`20`	`20`	`* @author Wouter de Jong <[email protected]>`
	`21`	`+ *`
	`22`	`+ * @internal`
`21`	`23`	`*/`
`22`	`24`	`class AnonymousFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface`
`23`	`25`	`{`
Original file line number	Diff line number	Diff line change
`@@ -23,5 +23,5 @@ interface EntryPointFactoryInterface`
`23`	`23`	`/**`
`24`	`24`	`* Creates the entry point and returns the service ID.`
`25`	`25`	`*/`
`26`		`- public function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId): string;`
	`26`	`+ public function createEntryPoint(ContainerBuilder $container, string $id, array $config): ?string;`
`27`	`27`	`}`
Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,8 @@`
`22`	`22`	`*`
`23`	`23`	`* @author Fabien Potencier <[email protected]>`
`24`	`24`	`* @author Johannes M. Schmitt <[email protected]>`
	`25`	`+ *`
	`26`	`+ * @internal`
`25`	`27`	`*/`
`26`	`28`	`class FormLoginFactory extends AbstractFactory implements AuthenticatorFactoryInterface, EntryPointFactoryInterface`
`27`	`29`	`{`
`@@ -90,7 +92,12 @@ protected function createListener(ContainerBuilder $container, string $id, array`
`90`	`92`	`return $listenerId;`
`91`	`93`	`}`
`92`	`94`
`93`		`- public function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPoint): string`
	`95`	`+ protected function createDefaultEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId)`
	`96`	`+ {`
	`97`	`+ return $this->createEntryPoint($container, $id, $config);`
	`98`	`+ }`
	`99`	`+`
	`100`	`+ public function createEntryPoint(ContainerBuilder $container, string $id, array $config): string`
`94`	`101`	`{`
`95`	`102`	`$entryPointId = 'security.authentication.form_entry_point.'.$id;`
`96`	`103`	`$container`
Original file line number	Diff line number	Diff line change
`@@ -20,8 +20,10 @@`
`20`	`20`	`* HttpBasicFactory creates services for HTTP basic authentication.`
`21`	`21`	`*`
`22`	`22`	`* @author Fabien Potencier <[email protected]>`
	`23`	`+ *`
	`24`	`+ * @internal`
`23`	`25`	`*/`
`24`		`-class HttpBasicFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface`
	`26`	`+class HttpBasicFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface, EntryPointFactoryInterface`
`25`	`27`	`{`
`26`	`28`	`public function create(ContainerBuilder $container, string $id, array $config, string $userProvider, ?string $defaultEntryPoint)`
`27`	`29`	`{`
`@@ -34,7 +36,10 @@ public function create(ContainerBuilder $container, string $id, array $config, s`
`34`	`36`	`;`
`35`	`37`
`36`	`38`	`// entry point`
`37`		`- $entryPointId = $this->createEntryPoint($container, $id, $config, $defaultEntryPoint);`
	`39`	`+ $entryPointId = $defaultEntryPoint;`
	`40`	`+ if (null === $entryPointId) {`
	`41`	`+ $entryPointId = $this->createEntryPoint($container, $id, $config);`
	`42`	`+ }`
`38`	`43`
`39`	`44`	`// listener`
`40`	`45`	`$listenerId = 'security.authentication.listener.basic.'.$id;`
`@@ -77,12 +82,8 @@ public function addConfiguration(NodeDefinition $node)`
`77`	`82`	`;`
`78`	`83`	`}`
`79`	`84`
`80`		`- protected function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPoint)`
	`85`	`+ public function createEntryPoint(ContainerBuilder $container, string $id, array $config): string`
`81`	`86`	`{`
`82`		`- if (null !== $defaultEntryPoint) {`
`83`		`- return $defaultEntryPoint;`
`84`		`- }`
`85`		`-`
`86`	`87`	`$entryPointId = 'security.authentication.basic_entry_point.'.$id;`
`87`	`88`	`$container`
`88`	`89`	`->setDefinition($entryPointId, new ChildDefinition('security.authentication.basic_entry_point'))`
Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,8 @@`
`19`	`19`	`* JsonLoginFactory creates services for JSON login authentication.`
`20`	`20`	`*`
`21`	`21`	`* @author Kévin Dunglas <[email protected]>`
	`22`	`+ *`
	`23`	`+ * @internal`
`22`	`24`	`*/`
`23`	`25`	`class JsonLoginFactory extends AbstractFactory implements AuthenticatorFactoryInterface`
`24`	`26`	`{`
Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,9 @@`
`20`	`20`	`use Symfony\Component\HttpFoundation\Cookie;`
`21`	`21`	`use Symfony\Component\Security\Http\EventListener\RememberMeLogoutListener;`
`22`	`22`
	`23`	`+/**`
	`24`	`+ * @internal`
	`25`	`+ */`
`23`	`26`	`class RememberMeFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface`
`24`	`27`	`{`
`25`	`28`	`protected $options = [`
Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,8 @@`
`21`	`21`	`*`
`22`	`22`	`* @author Fabien Potencier <[email protected]>`
`23`	`23`	`* @author Maxime Douailin <[email protected]>`
	`24`	`+ *`
	`25`	`+ * @internal`
`24`	`26`	`*/`
`25`	`27`	`class RemoteUserFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface`
`26`	`28`	`{`
Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,8 @@`
`20`	`20`	`* X509Factory creates services for X509 certificate authentication.`
`21`	`21`	`*`
`22`	`22`	`* @author Fabien Potencier <[email protected]>`
	`23`	`+ *`
	`24`	`+ * @internal`
`23`	`25`	`*/`
`24`	`26`	`class X509Factory implements SecurityFactoryInterface, AuthenticatorFactoryInterface`
`25`	`27`	`{`