Clean up dormant code after identify option removal

dereuromark · dereuromark · commit a3f120a33fc3 · 2026-02-01T09:05:08.000+01:00
Remove fields config and constructor from SessionAuthenticator
since they were only used by the removed identify logic.
Remove redundant constructor override from
PrimaryKeySessionAuthenticator. Simplify tests.
diff --git a/docs/en/authenticators.rst b/docs/en/authenticators.rst
@@ -18,8 +18,6 @@ Configuration options:
 
 -  **sessionKey**: The session key for the user data, default is
    ``Auth``
--  **fields**: Allows you to map the ``username`` field to the unique
-   identifier in your user storage. Defaults to ``username``.
 
 PrimaryKeySession
 =================
diff --git a/docs/es/authenticators.rst b/docs/es/authenticators.rst
@@ -18,8 +18,6 @@ Opciones de configuración:
 
 -  **sessionKey**: Key para los datos de usuario, por defecto es
    ``Auth``
--  **fields**: Permite mapear el campo ``username`` al identificador único
-   en su almacenamiento de usuario. Por defecto es ``username``.
 
 Form
 ====
diff --git a/docs/fr/authenticators.rst b/docs/fr/authenticators.rst
@@ -19,9 +19,6 @@ Les options de configuration:
 
 -  **sessionKey**: La clé de session pour les données de l'utilisateur, par
    défaut ``Auth``.
--  **fields**: Vous permet de mapper le champ ``username`` à l'identifiant
-   unique dans votre système de stockage des utilisateurs. Vaut ``username`` par
-   défaut.
 
 Form
 ====
diff --git a/docs/ja/authenticators.rst b/docs/ja/authenticators.rst
@@ -14,8 +14,6 @@ Authenticatorは、リクエストを認証操作に変換する処理を行い
 設定オプション:
 
 -  **sessionKey**: ユーザーのセッションキー, デフォルトは ``Auth``
--  **fields**: ``username`` フィールドをユーザストレージ内の一意の識別しに写像することができます。
-   デフォルトは ``username`` です。
 
 `Form`
 =========
diff --git a/src/Authenticator/PrimaryKeySessionAuthenticator.php b/src/Authenticator/PrimaryKeySessionAuthenticator.php
@@ -58,21 +58,6 @@ class PrimaryKeySessionAuthenticator extends SessionAuthenticator
         'idField' => 'id',
     ];
 
-    /**
-     * Constructor
-     *
-     * Bypasses SessionAuthenticator's default PasswordIdentifier creation
-     * to allow lazy initialization of the TokenIdentifier in getIdentifier().
-     *
-     * @param \Authentication\Identifier\IdentifierInterface|null $identifier Identifier instance.
-     * @param array<string, mixed> $config Configuration settings.
-     */
-    public function __construct(?IdentifierInterface $identifier, array $config = [])
-    {
-        $this->_identifier = $identifier;
-        $this->setConfig($config);
-    }
-
     /**
      * Gets the identifier.
      *
diff --git a/src/Authenticator/SessionAuthenticator.php b/src/Authenticator/SessionAuthenticator.php
@@ -17,9 +17,6 @@
 
 use ArrayAccess;
 use ArrayObject;
-use Authentication\Identifier\IdentifierFactory;
-use Authentication\Identifier\IdentifierInterface;
-use Authentication\Identifier\PasswordIdentifier;
 use Cake\Http\Exception\UnauthorizedException;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
@@ -31,39 +28,19 @@ class SessionAuthenticator extends AbstractAuthenticator implements PersistenceI
 {
     /**
      * Default config for this object.
-     * - `fields` The fields to use to verify a user by.
      * - `sessionKey` Session key.
+     * - `impersonateSessionKey` Session key for impersonation.
+     * - `identityAttribute` Request attribute for the identity.
      *
      * @var array
      */
     protected array $_defaultConfig = [
-        'fields' => [
-            PasswordIdentifier::CREDENTIAL_USERNAME => 'username',
-        ],
+        'fields' => [],
         'sessionKey' => 'Auth',
         'impersonateSessionKey' => 'AuthImpersonate',
         'identityAttribute' => 'identity',
     ];
 
-    /**
-     * Constructor
-     *
-     * @param \Authentication\Identifier\IdentifierInterface|null $identifier Identifier instance.
-     * @param array<string, mixed> $config Configuration settings.
-     */
-    public function __construct(?IdentifierInterface $identifier, array $config = [])
-    {
-        if ($identifier === null) {
-            $identifierConfig = [];
-            if (isset($config['fields'])) {
-                $identifierConfig['fields'] = $config['fields'];
-            }
-            $identifier = IdentifierFactory::create('Authentication.Password', $identifierConfig);
-        }
-
-        parent::__construct($identifier, $config);
-    }
-
     /**
      * Authenticate a user using session data.
      *
diff --git a/tests/TestCase/Authenticator/SessionAuthenticatorTest.php b/tests/TestCase/Authenticator/SessionAuthenticatorTest.php
@@ -19,8 +19,6 @@
 use ArrayObject;
 use Authentication\Authenticator\Result;
 use Authentication\Authenticator\SessionAuthenticator;
-use Authentication\Identifier\IdentifierFactory;
-use Authentication\Identifier\PasswordIdentifier;
 use Authentication\Test\TestCase\AuthenticationTestCase as TestCase;
 use Cake\Http\Exception\UnauthorizedException;
 use Cake\Http\Response;
@@ -42,11 +40,6 @@ class SessionAuthenticatorTest extends TestCase
         'core.Users',
     ];
 
-    /**
-     * @var \Authentication\Identifier\IdentifierInterface
-     */
-    protected $identifier;
-
     protected $sessionMock;
 
     /**
@@ -56,8 +49,6 @@ public function setUp(): void
     {
         parent::setUp();
 
-        $this->identifier = IdentifierFactory::create('Authentication.Password');
-
         $this->sessionMock = $this->getMockBuilder(Session::class)
             ->disableOriginalConstructor()
             ->onlyMethods(['read', 'write', 'delete', 'renew', 'check'])
@@ -83,91 +74,7 @@ public function testAuthenticateSuccess()
 
         $request = $request->withAttribute('session', $this->sessionMock);
 
-        $authenticator = new SessionAuthenticator($this->identifier);
-        $result = $authenticator->authenticate($request);
-
-        $this->assertInstanceOf(Result::class, $result);
-        $this->assertSame(Result::SUCCESS, $result->getStatus());
-    }
-
-    /**
-     * Test authentication
-     *
-     * @return void
-     */
-    public function testAuthenticateSuccessWithoutCollection()
-    {
-        $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']);
-
-        $this->sessionMock->expects($this->once())
-            ->method('read')
-            ->with('Auth')
-            ->willReturn([
-                'username' => 'mariano',
-                'password' => 'password',
-            ]);
-
-        $request = $request->withAttribute('session', $this->sessionMock);
-
-        $authenticator = new SessionAuthenticator(null, [
-            'identifier' => 'Authentication.Password',
-        ]);
-        $result = $authenticator->authenticate($request);
-
-        $this->assertInstanceOf(Result::class, $result);
-        $this->assertSame(Result::SUCCESS, $result->getStatus());
-    }
-
-    /**
-     * Test authentication
-     *
-     * @return void
-     */
-    public function testAuthenticateSuccessWithoutCollectionButObject()
-    {
-        $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']);
-
-        $this->sessionMock->expects($this->once())
-            ->method('read')
-            ->with('Auth')
-            ->willReturn([
-                'username' => 'mariano',
-                'password' => 'password',
-            ]);
-
-        $request = $request->withAttribute('session', $this->sessionMock);
-
-        $authenticator = new SessionAuthenticator(null, [
-            'identifier' => new PasswordIdentifier(),
-        ]);
-        $result = $authenticator->authenticate($request);
-
-        $this->assertInstanceOf(Result::class, $result);
-        $this->assertSame(Result::SUCCESS, $result->getStatus());
-    }
-
-    /**
-     * Test authentication
-     *
-     * @return void
-     */
-    public function testAuthenticateSuccessWithDirectCollection()
-    {
-        $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']);
-
-        $this->sessionMock->expects($this->once())
-            ->method('read')
-            ->with('Auth')
-            ->willReturn([
-                'username' => 'mariano',
-                'password' => 'password',
-            ]);
-
-        $request = $request->withAttribute('session', $this->sessionMock);
-
-        $authenticator = new SessionAuthenticator(null, [
-            'identifier' => IdentifierFactory::create('Authentication.Password'),
-        ]);
+        $authenticator = new SessionAuthenticator(null);
         $result = $authenticator->authenticate($request);
 
         $this->assertInstanceOf(Result::class, $result);
@@ -190,7 +97,7 @@ public function testAuthenticateFailure()
 
         $request = $request->withAttribute('session', $this->sessionMock);
 
-        $authenticator = new SessionAuthenticator($this->identifier);
+        $authenticator = new SessionAuthenticator(null);
         $result = $authenticator->authenticate($request);
 
         $this->assertInstanceOf(Result::class, $result);
@@ -207,7 +114,7 @@ public function testPersistIdentity()
         $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']);
         $request = $request->withAttribute('session', $this->sessionMock);
         $response = new Response();
-        $authenticator = new SessionAuthenticator($this->identifier);
+        $authenticator = new SessionAuthenticator(null);
 
         $data = new ArrayObject(['username' => 'florian']);
 
@@ -250,7 +157,7 @@ public function testClearIdentity()
         $request = $request->withAttribute('session', $this->sessionMock);
         $response = new Response();
 
-        $authenticator = new SessionAuthenticator($this->identifier);
+        $authenticator = new SessionAuthenticator(null);
 
         $this->sessionMock->expects($this->once())
             ->method('delete')
@@ -279,7 +186,7 @@ public function testImpersonate()
         $request = $request->withAttribute('session', $this->sessionMock);
         $response = new Response();
 
-        $authenticator = new SessionAuthenticator($this->identifier);
+        $authenticator = new SessionAuthenticator(null);
         $AuthUsers = TableRegistry::getTableLocator()->get('AuthUsers');
         $impersonator = $AuthUsers->newEntity([
             'username' => 'mariano',
@@ -318,7 +225,7 @@ public function testImpersonateAlreadyImpersonating()
         $request = $request->withAttribute('session', $this->sessionMock);
         $response = new Response();
 
-        $authenticator = new SessionAuthenticator($this->identifier);
+        $authenticator = new SessionAuthenticator(null);
         $impersonator = new ArrayObject([
             'username' => 'mariano',
             'password' => 'password',
@@ -352,7 +259,7 @@ public function testStopImpersonating()
         $request = $request->withAttribute('session', $this->sessionMock);
         $response = new Response();
 
-        $authenticator = new SessionAuthenticator($this->identifier);
+        $authenticator = new SessionAuthenticator(null);
 
         $impersonator = new ArrayObject([
             'username' => 'mariano',
@@ -399,7 +306,7 @@ public function testStopImpersonatingNotImpersonating()
         $request = $request->withAttribute('session', $this->sessionMock);
         $response = new Response();
 
-        $authenticator = new SessionAuthenticator($this->identifier);
+        $authenticator = new SessionAuthenticator(null);
 
         $this->sessionMock->expects($this->once())
             ->method('check')
@@ -436,7 +343,7 @@ public function testIsImpersonating()
         $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']);
         $request = $request->withAttribute('session', $this->sessionMock);
 
-        $authenticator = new SessionAuthenticator($this->identifier);
+        $authenticator = new SessionAuthenticator(null);
 
         $this->sessionMock->expects($this->once())
             ->method('check')
