deprecate the $secret argument of the PersistentRememberMeHandler constructor

xabbuh · fabpot · commit be0bc78b2a2d · 2023-04-08T19:01:58.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,7 @@ CHANGELOG
 
  * Add `RememberMeBadge` to `JsonLoginAuthenticator` and enable reading parameter in JSON request body
  * Add argument `$exceptionCode` to `#[IsGranted]`
+ * Deprecate passing a secret as the 2nd argument to the constructor of `Symfony\Component\Security\Http\RememberMe\PersistentRememberMeHandler`
 
 6.2
 ---
diff --git a/RememberMe/PersistentRememberMeHandler.php b/RememberMe/PersistentRememberMeHandler.php
@@ -35,8 +35,45 @@ final class PersistentRememberMeHandler extends AbstractRememberMeHandler
     private TokenProviderInterface $tokenProvider;
     private ?TokenVerifierInterface $tokenVerifier;
 
-    public function __construct(TokenProviderInterface $tokenProvider, #[\SensitiveParameter] string $secret, UserProviderInterface $userProvider, RequestStack $requestStack, array $options, LoggerInterface $logger = null, TokenVerifierInterface $tokenVerifier = null)
+    /**
+     * @param UserProviderInterface       $userProvider
+     * @param RequestStack                $requestStack
+     * @param array                       $options
+     * @param LoggerInterface|null        $logger
+     * @param TokenVerifierInterface|null $tokenVerifier
+     */
+    public function __construct(TokenProviderInterface $tokenProvider, #[\SensitiveParameter] $userProvider, $requestStack, $options, $logger = null, $tokenVerifier = null)
     {
+        if (\is_string($userProvider)) {
+            trigger_deprecation('symfony/security-http', '6.3', 'Calling "%s()" with the secret as the second argument is deprecated. The argument will be dropped in 7.0.', __CLASS__);
+
+            $userProvider = $requestStack;
+            $requestStack = $options;
+            $options = $logger;
+            $logger = $tokenVerifier;
+            $tokenVerifier = \func_num_args() > 6 ? func_get_arg(6) : null;
+        }
+
+        if (!$userProvider instanceof UserProviderInterface) {
+            throw new \TypeError(sprintf('Argument 2 passed to "%s()" must be an instance of "%s", "%s" given.', __CLASS__, UserProviderInterface::class, get_debug_type($userProvider)));
+        }
+
+        if (!$requestStack instanceof RequestStack) {
+            throw new \TypeError(sprintf('Argument 3 passed to "%s()" must be an instance of "%s", "%s" given.', __CLASS__, RequestStack::class, get_debug_type($userProvider)));
+        }
+
+        if (!\is_array($options)) {
+            throw new \TypeError(sprintf('Argument 4 passed to "%s()" must be an array, "%s" given.', __CLASS__, get_debug_type($userProvider)));
+        }
+
+        if (null !== $logger && !$logger instanceof LoggerInterface) {
+            throw new \TypeError(sprintf('Argument 5 passed to "%s()" must be an instance of "%s", "%s" given.', __CLASS__, LoggerInterface::class, get_debug_type($userProvider)));
+        }
+
+        if (null !== $tokenVerifier && !$tokenVerifier instanceof TokenVerifierInterface) {
+            throw new \TypeError(sprintf('Argument 6 passed to "%s()" must be an instance of "%s", "%s" given.', __CLASS__, TokenVerifierInterface::class, get_debug_type($userProvider)));
+        }
+
         parent::__construct($userProvider, $requestStack, $options, $logger);
 
         if (!$tokenVerifier && $tokenProvider instanceof TokenVerifierInterface) {
diff --git a/Tests/RememberMe/PersistentRememberMeHandlerTest.php b/Tests/RememberMe/PersistentRememberMeHandlerTest.php
@@ -42,7 +42,7 @@ protected function setUp(): void
         $this->requestStack = new RequestStack();
         $this->request = Request::create('/login');
         $this->requestStack->push($this->request);
-        $this->handler = new PersistentRememberMeHandler($this->tokenProvider, 'secret', $this->userProvider, $this->requestStack, []);
+        $this->handler = new PersistentRememberMeHandler($this->tokenProvider, $this->userProvider, $this->requestStack, []);
     }
 
     public function testCreateRememberMeCookie()
@@ -104,7 +104,7 @@ public function testConsumeRememberMeCookieValid()
     public function testConsumeRememberMeCookieValidByValidatorWithoutUpdate()
     {
         $verifier = $this->createMock(TokenVerifierInterface::class);
-        $handler = new PersistentRememberMeHandler($this->tokenProvider, 'secret', $this->userProvider, $this->requestStack, [], null, $verifier);
+        $handler = new PersistentRememberMeHandler($this->tokenProvider, $this->userProvider, $this->requestStack, [], null, $verifier);
 
         $persistentToken = new PersistentToken(InMemoryUser::class, 'wouter', 'series1', 'tokenvalue', new \DateTime('30 seconds'));
 

Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,7 @@ protected function setUp(): void`
`42`	`42`	`$this->requestStack = new RequestStack();`
`43`	`43`	`$this->request = Request::create('/login');`
`44`	`44`	`$this->requestStack->push($this->request);`
`45`		`- $this->handler = new PersistentRememberMeHandler($this->tokenProvider, 'secret', $this->userProvider, $this->requestStack, []);`
	`45`	`+ $this->handler = new PersistentRememberMeHandler($this->tokenProvider, $this->userProvider, $this->requestStack, []);`
`46`	`46`	`}`
`47`	`47`
`48`	`48`	`public function testCreateRememberMeCookie()`
`@@ -104,7 +104,7 @@ public function testConsumeRememberMeCookieValid()`
`104`	`104`	`public function testConsumeRememberMeCookieValidByValidatorWithoutUpdate()`
`105`	`105`	`{`
`106`	`106`	`$verifier = $this->createMock(TokenVerifierInterface::class);`
`107`		`- $handler = new PersistentRememberMeHandler($this->tokenProvider, 'secret', $this->userProvider, $this->requestStack, [], null, $verifier);`
	`107`	`+ $handler = new PersistentRememberMeHandler($this->tokenProvider, $this->userProvider, $this->requestStack, [], null, $verifier);`
`108`	`108`
`109`	`109`	`$persistentToken = new PersistentToken(InMemoryUser::class, 'wouter', 'series1', 'tokenvalue', new \DateTime('30 seconds'));`
`110`	`110`