Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Proposal] Refactor to work in the same way as the proposed revision of Zend\Validator #3

Closed
weierophinney opened this issue Dec 31, 2019 · 1 comment
Closed

[Proposal] Refactor to work in the same way as the proposed revision of Zend\Validator #3

weierophinney opened this issue Dec 31, 2019 · 1 comment

Comments

@weierophinney
Copy link
Member

Authentication adapter and validator are the same.
The authentication service provides input to adapter, which validates the identity and returns a result.
With the proposed revision of Zend\Validator, we also have the ability to chain adapters and aggregate results which can be useful in Zend\Authentication. We could add these missing features to the Zend\Authentication component.

As adapters validate identity, they could be renamed to Validator or moved to Zend\Validator, which would make Zend\Authentication dependent on Zend\Validator ?

Currently, the content of Zend\Authentication\Result::identity is not clear if the result is not valid. Most of time, it returns null, but sometimes it returns an empty array, or the provided identity.
The documentation says two different things about this:

getIdentity() returns the identity of the authentication attempt.

$identity is the value representing the authenticated identity. This may be any PHP type; typically you will see a string username or token, or an object type specific to the application or login module you utilize. When the result represents a failure to authenticate, this will often be null; some systems will provide a default identity in such cases.

So, on authentication failure, should the getIdentity() method always return the identity of the authentication attempt, or can it return whatever it wants?
I think it should not return identity if the authentication fails, as this method is intended to provide identity to the storage on successful authentication.

To sum up, I would like the Zend\Authentication component to :

  • Defines a Result interface modeling the results of authentication; it would compose the identity validated which will be use in authentication storage (only if authentication succeeded, otherwise it throws an error or returns null), authentication status, and, if present, any authentication error messages.
  • Defines validators (adapters) which define a single validate() (authenticate()) method, accepting both a value and optional context, and return a Result instance.
  • Defines a ResultAggregate interface for aggregating several results, as is necessary in a ValidatorChain (AdapterChain); Result instances would be pushed upon an aggregate.

What do you think of this proposal ?

Originally posted by @ghost at zendframework/zend-authentication#32
@weierophinney weierophinney mentioned this issue Dec 31, 2019
Open
@alexmerlin
Copy link
Member

Closing issue due to being inactive for more than 1 year.

@alexmerlin alexmerlin closed this as not planned Won't fix, can't repro, duplicate, stale Dec 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@weierophinney @alexmerlin