Decouple `IdentityHandler` from `Authenticator`

[dakur]

We use custom authenticators (independent on Nette\Security\Authenticator interface) which produce instances of Nette\Security\IIdentity so that it can be used for User#login($identity) afterwards. Inside of the identity, there is an object which need to be (de)serialized in a special way. IdentityHandler seems perfect for this job.

Sadly, in current implementation, IdentityHandler is only applied if it's implemented within Authenticator, but not standalone. As a workaround, I can:

• create fake authenticator implementing the Nette one and IdentityHandler as well (see below)
• don't use User at all

Example of fake authenticator:

class Authenticator implements \Nette\Security\Authenticator
{
    public function authenticate(...)
    {
        throw new Exception('Don\'t use me for authentication');
    }

    public function sleepIdentity(...) { ... } // real work
    public function wakeupIdentity(...) { ... } // real work

Suggestion

Support IdentityHandler on its own with a configuration param. User will require it from DI then.

namespace App;

class IdentityHandler implements \Nette\Security\IdentityHandler
{
    public function sleep(...) { ... } // real work
    public function wakeup(...){ ... } // real work
}

security:
    identityHandler: App\IdentityHandler

[jkuchar]

Actually all what is needed is to receive IdentityHandler here as a separate service from DI.

There is no BC break, as there was only one IdentityHandler & Authenticator it will return the same class anyway. :-)