[make:user] user entities implement PasswordAuthenticatedUserInterface

Author: jrushlow

src/Doctrine/EntityClassGenerator.php

@@ -15,6 +15,8 @@
 use Symfony\Bundle\MakerBundle\Generator;
 use Symfony\Bundle\MakerBundle\Str;
 use Symfony\Bundle\MakerBundle\Util\ClassNameDetails;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
+use Symfony\Component\Security\Core\User\UserInterface;
 
 /**
  * @internal
@@ -69,6 +71,15 @@ public function generateRepositoryClass(string $repositoryClass, string $entityC
     {
         $shortEntityClass = Str::getShortClassName($entityClass);
         $entityAlias = strtolower($shortEntityClass[0]);
+
+        $passwordUserInterfaceName = UserInterface::class;
+
+        if (interface_exists(PasswordAuthenticatedUserInterface::class)) {
+            $passwordUserInterfaceName = PasswordAuthenticatedUserInterface::class;
+        }
+
+        $interfaceClassNameDetails = new ClassNameDetails($passwordUserInterfaceName, 'Symfony\Component\Security\Core\User');
+
         $this->generator->generateClass(
             $repositoryClass,
             'doctrine/Repository.tpl.php',
@@ -77,6 +88,7 @@ public function generateRepositoryClass(string $repositoryClass, string $entityC
                 'entity_class_name' => $shortEntityClass,
                 'entity_alias' => $entityAlias,
                 'with_password_upgrade' => $withPasswordUpgrade,
+                'password_upgrade_user_interface' => $interfaceClassNameDetails,
                 'doctrine_registry_class' => $this->managerRegistryClassName,
                 'include_example_comments' => $includeExampleComments,
             ]

src/Maker/MakeUser.php

@@ -159,10 +159,8 @@ public function generate(InputInterface $input, ConsoleStyle $io, Generator $gen
             true
         );
         $manipulator->setIo($io);
-        $this->userClassBuilder->addUserInterfaceImplementation(
-            $manipulator,
-            $userClassConfiguration
-        );
+
+        $this->userClassBuilder->addUserInterfaceImplementation($manipulator, $userClassConfiguration);
 
         $generator->dumpFile($classPath, $manipulator->getSourceCode());
 

src/Resources/skeleton/doctrine/Repository.tpl.php

@@ -6,8 +6,9 @@
 use Doctrine\Bundle\DoctrineBundle\Repository\ServiceEntityRepository;
 use <?= $doctrine_registry_class; ?>;
 <?= $with_password_upgrade ? "use Symfony\Component\Security\Core\Exception\UnsupportedUserException;\n" : '' ?>
+<?= ($with_password_upgrade && str_contains($password_upgrade_user_interface->getFullName(), 'Password')) ? sprintf("use %s;\n", $password_upgrade_user_interface->getFullName()) : null ?>
 <?= $with_password_upgrade ? "use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;\n" : '' ?>
-<?= $with_password_upgrade ? "use Symfony\Component\Security\Core\User\UserInterface;\n" : '' ?>
+<?= ($with_password_upgrade && str_contains($password_upgrade_user_interface->getFullName(), '\UserInterface')) ? sprintf("use %s;\n", $password_upgrade_user_interface->getFullName()) : null ?>
 
 /**
  * @method <?= $entity_class_name; ?>|null find($id, $lockMode = null, $lockVersion = null)
@@ -28,7 +29,7 @@ public function __construct(ManagerRegistry $registry)
     /**
      * Used to upgrade (rehash) the user's password automatically over time.
      */
-    public function upgradePassword(UserInterface $user, string $newEncodedPassword): void
+    public function upgradePassword(<?= sprintf('%s ', $password_upgrade_user_interface->getShortName()); ?>$user, string $newEncodedPassword): void
     {
         if (!$user instanceof <?= $entity_class_name ?>) {
             throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', \get_class($user)));

src/Security/UserClassBuilder.php

@@ -13,6 +13,8 @@
 
 use PhpParser\Node;
 use Symfony\Bundle\MakerBundle\Util\ClassSourceManipulator;
+use Symfony\Component\HttpKernel\Kernel;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
 
 /**
@@ -22,21 +24,49 @@
  */
 final class UserClassBuilder
 {
-    public function addUserInterfaceImplementation(ClassSourceManipulator $manipulator, UserClassConfiguration $userClassConfig)
+    public function addUserInterfaceImplementation(ClassSourceManipulator $manipulator, UserClassConfiguration $userClassConfig): void
     {
         $manipulator->addInterface(UserInterface::class);
 
         $this->addGetUsername($manipulator, $userClassConfig);
 
         $this->addGetRoles($manipulator, $userClassConfig);
 
-        $this->addGetPassword($manipulator, $userClassConfig);
-
-        $this->addGetSalt($manipulator, $userClassConfig);
+        $this->addPasswordImplementation($manipulator, $userClassConfig);
 
         $this->addEraseCredentials($manipulator, $userClassConfig);
     }
 
+    private function addPasswordImplementation(ClassSourceManipulator $manipulator, UserClassConfiguration $userClassConfig): void
+    {
+        if (60000 > Kernel::VERSION_ID) {
+            // Add methods required to fulfill the UserInterface contract
+            $this->addGetPassword($manipulator, $userClassConfig);
+            $this->addGetSalt($manipulator, $userClassConfig);
+
+            // Symfony >=5.3 uses "@see PasswordAuthenticatedInterface" for getPassword()
+            if (interface_exists(PasswordAuthenticatedUserInterface::class)) {
+                $manipulator->addUseStatementIfNecessary(PasswordAuthenticatedUserInterface::class);
+            }
+
+            // Future proof the entity for >= Symfony 6 && the entity will check passwords
+            if ($userClassConfig->hasPassword() && interface_exists(PasswordAuthenticatedUserInterface::class)) {
+                $manipulator->addInterface(PasswordAuthenticatedUserInterface::class);
+            }
+
+            return;
+        }
+
+        // Future proof >= Symfony 6.0
+        if (!$userClassConfig->hasPassword()) {
+            return;
+        }
+
+        $manipulator->addInterface(PasswordAuthenticatedUserInterface::class);
+
+        $this->addGetPassword($manipulator, $userClassConfig);
+    }
+
     private function addGetUsername(ClassSourceManipulator $manipulator, UserClassConfiguration $userClassConfig)
     {
         if ($userClassConfig->isEntity()) {
@@ -161,16 +191,18 @@ private function addGetRoles(ClassSourceManipulator $manipulator, UserClassConfi
 
     private function addGetPassword(ClassSourceManipulator $manipulator, UserClassConfiguration $userClassConfig)
     {
+        $seeInterface = interface_exists(PasswordAuthenticatedUserInterface::class) ? '@see PasswordAuthenticatedUserInterface' : '@see UserInterface';
+
         if (!$userClassConfig->hasPassword()) {
             // add an empty method only
             $builder = $manipulator->createMethodBuilder(
                 'getPassword',
                 'string',
                 true,
                 [
-                    'This method is not needed for apps that do not check user passwords.',
+                    'This method can be removed in Symfony 6.0 - is not needed for apps that do not check user passwords.',
                     '',
-                    '@see UserInterface',
+                    $seeInterface,
                 ]
             );
 
@@ -221,9 +253,8 @@ private function addGetPassword(ClassSourceManipulator $manipulator, UserClassCo
             'string',
             false,
             [
-                '@see UserInterface',
-            ],
-            true
+                $seeInterface,
+            ]
         );
     }
 
@@ -236,7 +267,7 @@ private function addGetSalt(ClassSourceManipulator $manipulator, UserClassConfig
             ];
         } else {
             $methodDescription = [
-                'This method is not needed for apps that do not check user passwords.',
+                'This method can be removed in Symfony 6.0 - is not needed for apps that do not check user passwords.',
             ];
         }
 

tests/Maker/MakeUserTest.php

@@ -27,7 +27,7 @@ public function getTestDetails()
                 'y', // entity
                 'email', // identity property
                 'y', // with password
-                'y', // argon
+                'y', // argon   @TODO This should only be done in <5.0
             ])
             ->addExtraDependencies('doctrine')
             ->setFixtureFilesPath(__DIR__.'/../fixtures/MakeUserEntityPassword')
@@ -37,6 +37,20 @@ public function getTestDetails()
             ->updateSchemaAfterCommand(),
         ];
 
+        yield 'user_security_entity_with_password_authenticated_user_interface' => [MakerTestDetails::createTest(
+            $this->getMakerInstance(MakeUser::class),
+            [
+                // user class name
+                'User',
+                'y', // entity
+                'email', // identity property
+                'y', // with password
+            ])
+            ->addRequiredPackageVersion('symfony/security-bundle', '>=5.3')
+            ->addExtraDependencies('doctrine')
+            ->setFixtureFilesPath(__DIR__.'/../fixtures/MakeUserEntityPasswordAuthenticatedUserInterface'),
+        ];
+
         yield 'user_security_model_no_password' => [MakerTestDetails::createTest(
             $this->getMakerInstance(MakeUser::class),
             [

tests/Security/UserClassBuilderTest.php

@@ -15,6 +15,7 @@
 use Symfony\Bundle\MakerBundle\Security\UserClassBuilder;
 use Symfony\Bundle\MakerBundle\Security\UserClassConfiguration;
 use Symfony\Bundle\MakerBundle\Util\ClassSourceManipulator;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
 
 class UserClassBuilderTest extends TestCase
 {
@@ -33,7 +34,15 @@ public function testAddUserInterfaceImplementation(UserClassConfiguration $userC
         $classBuilder = new UserClassBuilder();
         $classBuilder->addUserInterfaceImplementation($manipulator, $userClassConfig);
 
-        $expectedPath = __DIR__.'/fixtures/expected/'.$expectedFilename;
+        $expectedPath = __DIR__.'/fixtures/expected';
+
+        // Can be removed when < Symfony 6 support is dropped.
+        if (!interface_exists(PasswordAuthenticatedUserInterface::class)) {
+            $expectedPath = sprintf('%s/legacy', $expectedPath);
+        }
+
+        $expectedPath = sprintf('%s/%s', $expectedPath, $expectedFilename);
+
         if (!file_exists($expectedPath)) {
             throw new \Exception(sprintf('Expected file missing: "%s"', $expectedPath));
         }

tests/Security/fixtures/expected/UserEntityEmailWithPassword.php

@@ -3,12 +3,13 @@
 namespace App\Entity;
 
 use Doctrine\ORM\Mapping as ORM;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
 
 /**
  * @ORM\Entity()
  */
-class User implements UserInterface
+class User implements UserInterface, PasswordAuthenticatedUserInterface
 {
     /**
      * @ORM\Id
@@ -80,11 +81,11 @@ public function setRoles(array $roles): self
     }
 
     /**
-     * @see UserInterface
+     * @see PasswordAuthenticatedUserInterface
      */
     public function getPassword(): string
     {
-        return (string) $this->password;
+        return $this->password;
     }
 
     public function setPassword(string $password): self

tests/Security/fixtures/expected/UserEntityUser_nameWithPassword.php

@@ -3,12 +3,13 @@
 namespace App\Entity;
 
 use Doctrine\ORM\Mapping as ORM;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
 
 /**
  * @ORM\Entity()
  */
-class User implements UserInterface
+class User implements UserInterface, PasswordAuthenticatedUserInterface
 {
     /**
      * @ORM\Id
@@ -75,11 +76,11 @@ public function setRoles(array $roles): self
     }
 
     /**
-     * @see UserInterface
+     * @see PasswordAuthenticatedUserInterface
      */
     public function getPassword(): string
     {
-        return (string) $this->password;
+        return $this->password;
     }
 
     public function setPassword(string $password): self

tests/Security/fixtures/expected/UserEntityUsernameNoPassword.php

@@ -3,6 +3,7 @@
 namespace App\Entity;
 
 use Doctrine\ORM\Mapping as ORM;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
 
 /**
@@ -69,17 +70,17 @@ public function setRoles(array $roles): self
     }
 
     /**
-     * This method is not needed for apps that do not check user passwords.
+     * This method can be removed in Symfony 6.0 - is not needed for apps that do not check user passwords.
      *
-     * @see UserInterface
+     * @see PasswordAuthenticatedUserInterface
      */
     public function getPassword(): ?string
     {
         return null;
     }
 
     /**
-     * This method is not needed for apps that do not check user passwords.
+     * This method can be removed in Symfony 6.0 - is not needed for apps that do not check user passwords.
      *
      * @see UserInterface
      */

tests/Security/fixtures/expected/UserEntityUsernameWithPassword.php

@@ -3,12 +3,13 @@
 namespace App\Entity;
 
 use Doctrine\ORM\Mapping as ORM;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
 use Symfony\Component\Security\Core\User\UserInterface;
 
 /**
  * @ORM\Entity()
  */
-class User implements UserInterface
+class User implements UserInterface, PasswordAuthenticatedUserInterface
 {
     /**
      * @ORM\Id
@@ -75,11 +76,11 @@ public function setRoles(array $roles): self
     }
 
     /**
-     * @see UserInterface
+     * @see PasswordAuthenticatedUserInterface
      */
     public function getPassword(): string
     {
-        return (string) $this->password;
+        return $this->password;
     }
 
     public function setPassword(string $password): self