feat(41755): update authentication configuration to use specific identifier keys for each authenticator

Author: arodu

config/users.php

@@ -210,13 +210,34 @@
             'Form' => [
                 'className' => 'CakeDC/Auth.Form',
                 'urlChecker' => 'Authentication.CakeRouter',
+                'identifier' => [
+                    'Authentication.Password' => [
+                        'fields' => [
+                            'username' => ['username', 'email'],
+                            'password' => 'password',
+                        ],
+                        'resolver' => [
+                            'className' => 'Authentication.Orm',
+                            'finder' => 'active',
+                        ],
+                    ],
+                ],
             ],
             'Token' => [
                 'className' => 'Authentication.Token',
                 'skipTwoFactorVerify' => true,
                 'header' => null,
                 'queryParam' => 'api_key',
                 'tokenPrefix' => null,
+                'identifier' => [
+                    'Authentication.Token' => [
+                        'tokenField' => 'api_token',
+                        'resolver' => [
+                            'className' => 'Authentication.Orm',
+                            'finder' => 'active',
+                        ],
+                    ],
+                ],
             ],
             'Cookie' => [
                 'className' => 'CakeDC/Auth.Cookie',
@@ -231,6 +252,11 @@
             'Social' => [
                 'className' => 'CakeDC/Users.Social',
                 'skipTwoFactorVerify' => true,
+                'identifier' => [
+                    'CakeDC/Users.Social' => [
+                        'authFinder' => 'active',
+                    ],
+                ],
             ],
             'SocialPendingEmail' => [
                 'className' => 'CakeDC/Users.SocialPendingEmail',
@@ -244,31 +270,6 @@
                 ],
             ]
         ],
-        'Identifiers' => [
-            'Password' => [
-                'className' => 'Authentication.Password',
-                'fields' => [
-                    'username' => ['username', 'email'],
-                    'password' => 'password',
-                ],
-                'resolver' => [
-                    'className' => 'Authentication.Orm',
-                    'finder' => 'active',
-                ],
-            ],
-            'Social' => [
-                'className' => 'CakeDC/Users.Social',
-                'authFinder' => 'active',
-            ],
-            'Token' => [
-                'className' => 'Authentication.Token',
-                'tokenField' => 'api_token',
-                'resolver' => [
-                    'className' => 'Authentication.Orm',
-                    'finder' => 'active',
-                ],
-            ],
-        ],
         'Authorization' => [
             'enable' => true,
             'serviceLoader' => \CakeDC\Users\Loader\AuthorizationServiceLoader::class,

src/Loader/AuthenticationServiceLoader.php

@@ -52,6 +52,18 @@ public function __invoke(ServerRequestInterface $request)
     protected function loadIdentifiers($service)
     {
         $identifiers = Configure::read('Auth.Identifiers');
+
+        if (empty($identifiers)) {
+            return;
+        }
+
+        deprecationWarning(
+            '15.2.0',
+            'Configuring identifiers globally via `Auth.Identifiers` is deprecated. ' .
+                'Please move each identifier\'s configuration into the `identifier` key within its specific authenticator under `Auth.Authenticators`. ' .
+                'For example, the `Auth.Identifiers.Password` configuration should now be placed inside `Auth.Authenticators.Form.identifier`.',
+        );
+
         foreach ($identifiers as $key => $item) {
             [$identifier, $options] = $this->_getItemLoadData($item, $key);
 

src/Model/Behavior/RegisterBehavior.php

@@ -146,10 +146,10 @@ public function activateUser(EntityInterface $user)
     public function buildValidator(\Cake\Event\EventInterface $event, Validator $validator, $name)
     {
         if ($name === 'default') {
-            return $this->_emailValidator($validator, $this->validateEmail);
+            $validator = $this->_emailValidator($validator, $this->validateEmail);
         }
 
-        return $validator;
+        $event->setResult($validator);
     }
 
     /**

tests/TestCase/Controller/Traits/BaseTrait.php

@@ -187,10 +187,11 @@ protected function _mockRequestGet($withSession = false)
      */
     protected function _mockFlash()
     {
-        $this->Trait->Flash = $this->getMockBuilder('Cake\Controller\Component\FlashComponent')
+        $flash = $this->getMockBuilder('Cake\Controller\Component\FlashComponent')
                 ->addMethods(['error', 'success'])
                 ->disableOriginalConstructor()
                 ->getMock();
+        $this->Trait->components()->set('Flash', $flash);
     }
 
     /**
@@ -288,11 +289,14 @@ protected function _mockAuthentication($user = null, $failures = [], $identifier
 
         $controller = new Controller($this->Trait->getRequest());
         $registry = new ComponentRegistry($controller);
-        $this->Trait->Authentication = new AuthenticationComponent($registry, [
+
+        $authentication = new AuthenticationComponent($registry, [
             'loginRedirect' => $this->successLoginRedirect,
             'logoutRedirect' => $this->logoutRedirect,
             'loginAction' => $this->loginAction,
         ]);
+
+        $this->Trait->components()->set('Authentication', $authentication);
     }
 
     /**

tests/TestCase/Controller/Traits/LoginTraitTest.php

@@ -235,10 +235,11 @@ public function testLoginGet()
             ->method('is')
             ->with('post')
             ->will($this->returnValue(false));
-        $this->Trait->Flash = $this->getMockBuilder('Cake\Controller\Component\FlashComponent')
+        $flash = $this->getMockBuilder('Cake\Controller\Component\FlashComponent')
             ->addMethods(['error'])
             ->disableOriginalConstructor()
             ->getMock();
+        $this->Trait->components()->set('Flash', $flash);
 
         $this->Trait->Flash->expects($this->never())
             ->method('error');
@@ -297,10 +298,11 @@ public function testLogout()
         $this->Trait->expects($this->once())
             ->method('redirect')
             ->with($this->logoutRedirect);
-        $this->Trait->Flash = $this->getMockBuilder('Cake\Controller\Component\FlashComponent')
+        $flash = $this->getMockBuilder('Cake\Controller\Component\FlashComponent')
             ->addMethods(['success'])
             ->disableOriginalConstructor()
             ->getMock();
+        $this->Trait->components()->set('Flash', $flash);
         $this->Trait->Flash->expects($this->once())
             ->method('success')
             ->with('You\'ve successfully logged out');

tests/TestCase/Controller/Traits/OneTimePasswordVerifyTraitTest.php

@@ -111,10 +111,11 @@ public function testVerifyNotEnabled()
     public function testVerifyGetShowQR()
     {
         Configure::write('OneTimePasswordAuthenticator.login', true);
-        $this->Trait->OneTimePasswordAuthenticator = $this->getMockBuilder(OneTimePasswordAuthenticatorComponent::class)
+        $oneTimePasswordAuthenticator = $this->getMockBuilder(OneTimePasswordAuthenticatorComponent::class)
             ->disableOriginalConstructor()
             ->onlyMethods(['createSecret', 'getQRCodeImageAsDataUri'])
             ->getMock();
+        $this->Trait->components()->set('OneTimePasswordAuthenticator', $oneTimePasswordAuthenticator);
 
         $request = $this->getMockBuilder(ServerRequest::class)
             ->onlyMethods(['is', 'getData', 'getSession'])
@@ -161,11 +162,12 @@ public function testVerifyGetGeneratesNewSecret()
     {
         Configure::write('OneTimePasswordAuthenticator.login', true);
 
-        $this->Trait->OneTimePasswordAuthenticator = $this
+        $oneTimePasswordAuthenticator = $this
             ->getMockBuilder(OneTimePasswordAuthenticatorComponent::class)
             ->disableOriginalConstructor()
             ->onlyMethods(['createSecret', 'getQRCodeImageAsDataUri'])
             ->getMock();
+        $this->Trait->components()->set('OneTimePasswordAuthenticator', $oneTimePasswordAuthenticator);
 
         $request = $this->getMockBuilder(ServerRequest::class)
             ->onlyMethods(['is', 'getData', 'getSession'])
@@ -222,11 +224,12 @@ public function testVerifyGetDoesNotGenerateNewSecret()
     {
         Configure::write('OneTimePasswordAuthenticator.login', true);
 
-        $this->Trait->OneTimePasswordAuthenticator = $this
+        $oneTimePasswordAuthenticator = $this
             ->getMockBuilder(OneTimePasswordAuthenticatorComponent::class)
             ->disableOriginalConstructor()
             ->onlyMethods(['createSecret', 'getQRCodeImageAsDataUri'])
             ->getMock();
+        $this->Trait->components()->set('OneTimePasswordAuthenticator', $oneTimePasswordAuthenticator);
 
         $request = $this->getMockBuilder(ServerRequest::class)
             ->onlyMethods(['is', 'getData', 'getSession'])