Drop support for Symfony < 5.2

Author: mtarld

.github/workflows/unit-tests.yml

@@ -11,7 +11,6 @@ jobs:
         strategy:
             matrix:
                 symfony-version:
-                    - "5.1.*"
                     - "5.2.*"
                 php-version:
                     - "7.2"

.psalm.baseline.xml

@@ -1,13 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<files psalm-version="4.7.0@d4377c0baf3ffbf0b1ec6998e8d1be2a40971005">
+<files psalm-version="4.7.1@cd53e047a58f71f646dd6bf45476076ab07b5d44">
+  <file src="src/Resources/config/routes.php">
+    <InvalidArgument occurrences="2">
+      <code>['league.oauth2_server.controller.authorization', 'indexAction']</code>
+      <code>['league.oauth2_server.controller.token', 'indexAction']</code>
+    </InvalidArgument>
+  </file>
   <file src="src/Resources/config/services.php">
     <ImplicitToStringCast occurrences="1">
       <code>service(GrantConfigurator::class)</code>
     </ImplicitToStringCast>
   </file>
-  <file src="src/Security/Authenticator/OAuth2Authenticator.php">
-    <PossiblyInvalidArgument occurrences="1">
-      <code>$this-&gt;getUserBadge($userIdentifier)</code>
-    </PossiblyInvalidArgument>
-  </file>
 </files>

composer.json

@@ -22,15 +22,15 @@
         "league/oauth2-server": "^8.0",
         "nyholm/psr7": "^1.4",
         "psr/http-factory": "^1.0",
-        "symfony/framework-bundle": "^5.1",
+        "symfony/framework-bundle": "^5.2",
         "symfony/psr-http-message-bridge": "^2.0",
-        "symfony/security-bundle": "^5.1.1"
+        "symfony/security-bundle": "^5.2"
     },
     "require-dev": {
         "ext-pdo": "*",
         "ext-pdo_sqlite": "*",
         "psalm/plugin-symfony": "^2.2",
-        "symfony/browser-kit": "^5.1",
+        "symfony/browser-kit": "^5.2",
         "symfony/phpunit-bridge": "^5.2",
         "vimeo/psalm": "^4.6"
     },

src/Resources/config/services.php

@@ -120,7 +120,7 @@
         // Security layer
         ->set('league.oauth2_server.authenticator.oauth2', OAuth2Authenticator::class)
             ->args([
-                service('league.oauth2-server.psr_http_factory'),
+                service('league.oauth2_server.factory.psr_http'),
                 service(ResourceServer::class),
                 service(UserProviderInterface::class),
                 null,
@@ -305,7 +305,7 @@
             ])
         ->alias(AuthorizationRequestResolveEventFactory::class, 'league.oauth2_server.factory.authorization_request_resolve_event')
 
-        ->set('league.oauth2_server.factory.legacy_oauth2_token', OAuth2TokenFactory::class)
+        ->set('league.oauth2_server.factory.legacy_oauth2_token', LegacyOAuth2TokenFactory::class)
         ->alias(LegacyOAuth2TokenFactory::class, 'league.oauth2_server.factory.legacy_oauth2_token')
 
         // Storage managers

src/Security/Authentication/Token/OAuth2Token.php

@@ -12,6 +12,9 @@
  */
 final class OAuth2Token extends AbstractToken
 {
+    /**
+     * @param list<string> $scopes
+     */
     public function __construct(
         ?UserInterface $user,
         string $accessTokenId,

src/Security/Authenticator/OAuth2Authenticator.php

@@ -7,7 +7,6 @@
 use League\Bundle\OAuth2ServerBundle\Security\Authentication\Token\OAuth2Token;
 use League\Bundle\OAuth2ServerBundle\Security\Exception\OAuth2AuthenticationException;
 use League\Bundle\OAuth2ServerBundle\Security\Exception\OAuth2AuthenticationFailedException;
-use League\Bundle\OAuth2ServerBundle\Security\Passport\Badge\OAuth2Badge;
 use League\Bundle\OAuth2ServerBundle\Security\User\NullUser;
 use League\OAuth2\Server\Exception\OAuthServerException;
 use League\OAuth2\Server\ResourceServer;
@@ -24,7 +23,6 @@
 use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
-use Symfony\Component\Security\Http\Authenticator\Passport\UserPassportInterface;
 use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
 
 /**
@@ -93,15 +91,11 @@ public function authenticate(Request $request): PassportInterface
         /** @var list<string> $scopes */
         $scopes = $psr7Request->getAttribute('oauth_scopes', []);
 
-        $passport = new SelfValidatingPassport($this->getUserBadge($userIdentifier));
-
-        // BC Layer for 5.1 version
-        if (!method_exists($passport, 'setAttribute')) {
-            $passport->addBadge(new OAuth2Badge($accessTokenId, $scopes));
-        } else {
-            $passport->setAttribute('accessTokenId', $accessTokenId);
-            $passport->setAttribute('scopes', $scopes);
-        }
+        $passport = new SelfValidatingPassport(new UserBadge($userIdentifier, function (string $userIdentifier): UserInterface {
+            return '' !== $userIdentifier ? $this->userProvider->loadUserByUsername($userIdentifier) : new NullUser();
+        }));
+        $passport->setAttribute('accessTokenId', $accessTokenId);
+        $passport->setAttribute('scopes', $scopes);
 
         return $passport;
     }
@@ -111,25 +105,15 @@ public function authenticate(Request $request): PassportInterface
      */
     public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
     {
-        if (!$passport instanceof UserPassportInterface) {
-            throw new \RuntimeException(sprintf('Cannot create a OAuth2 authenticated token. $passport should be a %s', UserPassportInterface::class));
+        if (!$passport instanceof Passport) {
+            throw new \RuntimeException(sprintf('Cannot create a OAuth2 authenticated token. $passport should be a %s', Passport::class));
         }
 
-        // BC Layer for 5.1 version
-        /** @var Passport $passport */
-        if (!method_exists($passport, 'getAttribute')) {
-            /** @var OAuth2Badge $oauth2Badge */
-            $oauth2Badge = $passport->getBadge(OAuth2Badge::class);
-
-            $accessTokenId = $oauth2Badge->getAccessTokenId();
-            $scopes = $oauth2Badge->getScopes();
-        } else {
-            /** @var string $accessTokenId */
-            $accessTokenId = $passport->getAttribute('accessTokenId');
+        /** @var string $accessTokenId */
+        $accessTokenId = $passport->getAttribute('accessTokenId');
 
-            /** @var list<string> $scopes */
-            $scopes = $passport->getAttribute('scopes');
-        }
+        /** @var list<string> $scopes */
+        $scopes = $passport->getAttribute('scopes');
 
         $token = new OAuth2Token($passport->getUser(), $accessTokenId, $scopes, $this->rolePrefix);
         $token->setAuthenticated(true);
@@ -151,21 +135,4 @@ public function onAuthenticationFailure(Request $request, AuthenticationExceptio
 
         throw new UnauthorizedHttpException('Bearer', $exception->getMessage(), $exception);
     }
-
-    /**
-     * @return UserBadge|UserInterface
-     */
-    private function getUserBadge(string $userIdentifier)
-    {
-        $getUserCallable = function (string $userIdentifier): UserInterface {
-            return '' !== $userIdentifier ? $this->userProvider->loadUserByUsername($userIdentifier) : new NullUser();
-        };
-
-        // BC Layer for 5.1 version
-        if (!class_exists(UserBadge::class)) {
-            return $getUserCallable($userIdentifier);
-        }
-
-        return new UserBadge($userIdentifier, $getUserCallable);
-    }
 }

src/Security/Passport/Badge/OAuth2Badge.php

@@ -6,7 +6,6 @@
 
 use League\Bundle\OAuth2ServerBundle\Security\Authenticator\OAuth2Authenticator;
 use League\Bundle\OAuth2ServerBundle\Security\Exception\OAuth2AuthenticationFailedException;
-use League\Bundle\OAuth2ServerBundle\Security\Passport\Badge\OAuth2Badge;
 use League\Bundle\OAuth2ServerBundle\Security\User\NullUser;
 use League\OAuth2\Server\Exception\OAuthServerException;
 use League\OAuth2\Server\ResourceServer;
@@ -96,21 +95,10 @@ public function testAuthenticateCreatePassport(): void
         /** @var Passport $passport */
         $passport = $authenticator->authenticate(new Request());
 
-        // BC Layer for 5.1 version
-        if (!method_exists(Passport::class, 'getAttribute')) {
-            /** @var OAuth2Badge $oauth2Badge */
-            $oauth2Badge = $passport->getBadge(OAuth2Badge::class);
-            $this->assertSame('accessTokenId', $oauth2Badge->getAccessTokenId());
-            $this->assertSame(['scope_one', 'scope_two'], $oauth2Badge->getScopes());
-        } else {
-            $this->assertSame('accessTokenId', $passport->getAttribute('accessTokenId'));
-            $this->assertSame(['scope_one', 'scope_two'], $passport->getAttribute('scopes'));
-        }
+        $this->assertSame('accessTokenId', $passport->getAttribute('accessTokenId'));
+        $this->assertSame(['scope_one', 'scope_two'], $passport->getAttribute('scopes'));
 
-        // BC Layer for 5.1 version
-        if (class_exists(UserBadge::class)) {
-            $passport->getUser();
-        }
+        $passport->getUser();
     }
 
     public function testAuthenticateCreatePassportWithNullUser(): void
@@ -161,14 +149,8 @@ public function testCreateAuthenticatedToken(): void
         }
 
         $passport = new SelfValidatingPassport($userBadge);
-
-        // BC Layer for 5.1 version
-        if (!method_exists($passport, 'setAttribute')) {
-            $passport->addBadge(new OAuth2Badge('accessTokenId', ['scope_one', 'scope_two']));
-        } else {
-            $passport->setAttribute('accessTokenId', 'accessTokenId');
-            $passport->setAttribute('scopes', ['scope_one', 'scope_two']);
-        }
+        $passport->setAttribute('accessTokenId', 'accessTokenId');
+        $passport->setAttribute('scopes', ['scope_one', 'scope_two']);
 
         $authenticator = new OAuth2Authenticator(
             $this->createMock(HttpMessageFactoryInterface::class),