Merge branch '3.x' into 3.next

.phive/phars.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phive xmlns="https://phar.io/phive">
-  <phar name="phpstan" version="1.10.22" installed="1.10.22" location="./tools/phpstan" copy="false"/>
-  <phar name="psalm" version="5.13.1" installed="5.13.1" location="./tools/psalm" copy="false"/>
+  <phar name="phpstan" version="1.10.56" installed="1.10.56" location="./tools/phpstan" copy="false"/>
+  <phar name="psalm" version="5.20.0" installed="5.20.0" location="./tools/psalm" copy="false"/>
 </phive>

docs/en/contents.rst

@@ -17,3 +17,4 @@ Contents
     /url-checkers
     /view-helper
     /migration-from-the-authcomponent
+    /upgrade-2-to-3

docs/en/upgrade-2-to-3.rst

@@ -0,0 +1,21 @@
+Upgrading from 2.x to 3.x
+#########################
+
+.. code-block:: console
+
+    composer require cakephp/authentication:^3.0 -W
+
+or adjust your ``composer.json`` file manually and perform ``composer update -W``
+
+Breaking changes
+================
+
+- Type declarations were added to all function parameter and returns where possible. These are intended
+  to match the docblock annotations, but include fixes for incorrect annotations.
+- Type declarations were added to all class properties where possible. These also include some fixes for
+  incorrect annotations.
+- ``\Authentication\Identifier\IdentifierInterface::CREDENTIAL_USERNAME`` was moved to ``\Authentication\Identifier\AbstractIdentifier::CREDENTIAL_USERNAME``.
+- ``\Authentication\Identifier\IdentifierInterface::CREDENTIAL_PASSWORD`` was moved to ``\Authentication\Identifier\AbstractIdentifier::CREDENTIAL_PASSWORD``.
+- ``\Authentication\Identifier\IdentifierInterface::CREDENTIAL_TOKEN`` was moved to ``\Authentication\Identifier\TokenIdentifier::CREDENTIAL_TOKEN``.
+- ``\Authentication\Identifier\IdentifierInterface::CREDENTIAL_JWT_SUBJECT`` was moved to ``\Authentication\Identifier\JwtSubjectIdentifier::CREDENTIAL_JWT_SUBJECT``.
+- ``AuthenticationMiddleware`` cannot be configured anymore. Configuration needs to happen on the ``AuthenticationService`` object.

psalm-baseline.xml

@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<files psalm-version="5.20.0@3f284e96c9d9be6fe6b15c79416e1d1903dcfef4">
+  <file src="src/AuthenticationService.php">
+    <RiskyTruthyFalsyComparison>
+      <code><![CDATA[empty($parsed['host'])]]></code>
+      <code><![CDATA[empty($parsed['scheme'])]]></code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+  <file src="src/Authenticator/CookieAuthenticator.php">
+    <RiskyTruthyFalsyComparison>
+      <code>empty($identity)</code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+  <file src="src/Authenticator/EnvironmentAuthenticator.php">
+    <RiskyTruthyFalsyComparison>
+      <code>empty($data)</code>
+      <code>empty($user)</code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+  <file src="src/Authenticator/FormAuthenticator.php">
+    <RiskyTruthyFalsyComparison>
+      <code>empty($user)</code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+  <file src="src/Authenticator/HttpDigestAuthenticator.php">
+    <RiskyTruthyFalsyComparison>
+      <code>empty($digest)</code>
+      <code>empty($user)</code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+  <file src="src/Authenticator/JwtAuthenticator.php">
+    <RiskyTruthyFalsyComparison>
+      <code>empty($user)</code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+  <file src="src/Authenticator/Result.php">
+    <RiskyTruthyFalsyComparison>
+      <code>empty($data)</code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+  <file src="src/Authenticator/SessionAuthenticator.php">
+    <RiskyTruthyFalsyComparison>
+      <code>empty($user)</code>
+      <code>empty($user)</code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+  <file src="src/Authenticator/TokenAuthenticator.php">
+    <RiskyTruthyFalsyComparison>
+      <code>empty($headerLine)</code>
+      <code>empty($queryParam)</code>
+      <code>empty($user)</code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+  <file src="src/Identifier/IdentifierCollection.php">
+    <RiskyTruthyFalsyComparison>
+      <code>$result</code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+  <file src="src/Middleware/AuthenticationMiddleware.php">
+    <RiskyTruthyFalsyComparison>
+      <code>$url</code>
+    </RiskyTruthyFalsyComparison>
+  </file>
+</files>

psalm.xml

@@ -7,6 +7,7 @@
     findUnusedPsalmSuppress="true"
     findUnusedBaselineEntry="true"
     findUnusedCode="false"
+    errorBaseline="psalm-baseline.xml"
 >
     <projectFiles>
         <directory name="src" />