Fix up identifier defaulting.

Author: dereuromark

src/Authenticator/AbstractAuthenticator.php

@@ -20,6 +20,7 @@
 use Authentication\Identifier\PasswordIdentifier;
 use Cake\Core\InstanceConfigTrait;
 use Psr\Http\Message\ServerRequestInterface;
+use RuntimeException;
 
 abstract class AbstractAuthenticator implements AuthenticatorInterface
 {
@@ -41,28 +42,38 @@ abstract class AbstractAuthenticator implements AuthenticatorInterface
     /**
      * Identifier instance.
      *
-     * @var \Authentication\Identifier\IdentifierInterface|null
+     * @var \Authentication\Identifier\IdentifierInterface
      */
-    protected ?IdentifierInterface $_identifier = null;
+    protected IdentifierInterface $_identifier;
 
     /**
      * Constructor
      *
      * @param \Authentication\Identifier\IdentifierInterface|null $identifier Identifier instance.
      * @param array<string, mixed> $config Configuration settings.
+     * @throws \RuntimeException When identifier is null and the authenticator doesn't provide a default.
      */
     public function __construct(?IdentifierInterface $identifier, array $config = [])
     {
+        if ($identifier === null) {
+            throw new RuntimeException(
+                sprintf(
+                    'Identifier is required for `%s`. Please provide an identifier instance.',
+                    static::class,
+                ),
+            );
+        }
+
         $this->_identifier = $identifier;
         $this->setConfig($config);
     }
 
     /**
      * Gets the identifier.
      *
-     * @return \Authentication\Identifier\IdentifierInterface|null
+     * @return \Authentication\Identifier\IdentifierInterface
      */
-    public function getIdentifier(): ?IdentifierInterface
+    public function getIdentifier(): IdentifierInterface
     {
         return $this->_identifier;
     }

src/Authenticator/CookieAuthenticator.php

@@ -105,7 +105,6 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
 
         [$username, $tokenHash] = $token;
 
-        assert($this->_identifier !== null);
         $identity = $this->_identifier->identify(compact('username'));
 
         if (!$identity) {

src/Authenticator/EnvironmentAuthenticator.php

@@ -16,6 +16,8 @@
  */
 namespace Authentication\Authenticator;
 
+use Authentication\Identifier\IdentifierFactory;
+use Authentication\Identifier\IdentifierInterface;
 use Authentication\UrlChecker\UrlCheckerTrait;
 use Cake\Routing\Router;
 use Psr\Http\Message\ServerRequestInterface;
@@ -45,6 +47,21 @@ class EnvironmentAuthenticator extends AbstractAuthenticator
         'optionalFields' => [],
     ];
 
+    /**
+     * Constructor
+     *
+     * @param \Authentication\Identifier\IdentifierInterface|null $identifier Identifier instance.
+     * @param array<string, mixed> $config Configuration settings.
+     */
+    public function __construct(?IdentifierInterface $identifier, array $config = [])
+    {
+        if ($identifier === null) {
+            $identifier = IdentifierFactory::create('Authentication.Callback');
+        }
+
+        parent::__construct($identifier, $config);
+    }
+
     /**
      * Get values from the environment variables configured by `fields`.
      *
@@ -153,7 +170,6 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
 
         $data = array_merge($this->_getOptionalData($request), $data);
 
-        assert($this->_identifier !== null);
         $user = $this->_identifier->identify($data);
 
         if (!$user) {

src/Authenticator/FormAuthenticator.php

@@ -159,7 +159,6 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
             ]);
         }
 
-        assert($this->_identifier !== null);
         $user = $this->_identifier->identify($data);
 
         if (!$user) {

src/Authenticator/HttpBasicAuthenticator.php

@@ -81,7 +81,6 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
             return new Result(null, Result::FAILURE_CREDENTIALS_MISSING);
         }
 
-        assert($this->_identifier !== null);
         $user = $this->_identifier->identify([
             PasswordIdentifier::CREDENTIAL_USERNAME => $username,
             PasswordIdentifier::CREDENTIAL_PASSWORD => $password,

src/Authenticator/HttpDigestAuthenticator.php

@@ -94,7 +94,6 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
             return new Result(null, Result::FAILURE_CREDENTIALS_MISSING);
         }
 
-        assert($this->_identifier !== null);
         $user = $this->_identifier->identify([
             PasswordIdentifier::CREDENTIAL_USERNAME => $digest['username'],
         ]);

src/Authenticator/JwtAuthenticator.php

@@ -99,8 +99,7 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
             return new Result(null, Result::FAILURE_CREDENTIALS_INVALID);
         }
 
-        /** @phpstan-ignore-next-line */
-        $result = json_decode(json_encode($result), true);
+        $result = json_decode((string)json_encode($result), true);
 
         $subjectKey = $this->getConfig('subjectKey');
         if (empty($result[$subjectKey])) {
@@ -113,7 +112,6 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
             return new Result($user, Result::SUCCESS);
         }
 
-        assert($this->_identifier !== null);
         $user = $this->_identifier->identify([
             $subjectKey => $result[$subjectKey],
         ]);

src/Authenticator/PrimaryKeySessionAuthenticator.php

@@ -45,7 +45,6 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
             return new Result(null, Result::FAILURE_IDENTITY_NOT_FOUND);
         }
 
-        assert($this->_identifier !== null);
         $user = $this->_identifier->identify([$this->getConfig('identifierKey') => $userId]);
         if (!$user) {
             return new Result(null, Result::FAILURE_IDENTITY_NOT_FOUND);

src/Authenticator/SessionAuthenticator.php

@@ -17,6 +17,8 @@
 
 use ArrayAccess;
 use ArrayObject;
+use Authentication\Identifier\IdentifierFactory;
+use Authentication\Identifier\IdentifierInterface;
 use Authentication\Identifier\PasswordIdentifier;
 use Cake\Http\Exception\UnauthorizedException;
 use Psr\Http\Message\ResponseInterface;
@@ -47,6 +49,25 @@ class SessionAuthenticator extends AbstractAuthenticator implements PersistenceI
         'identityAttribute' => 'identity',
     ];
 
+    /**
+     * Constructor
+     *
+     * @param \Authentication\Identifier\IdentifierInterface|null $identifier Identifier instance.
+     * @param array<string, mixed> $config Configuration settings.
+     */
+    public function __construct(?IdentifierInterface $identifier, array $config = [])
+    {
+        if ($identifier === null) {
+            $identifierConfig = [];
+            if (isset($config['fields'])) {
+                $identifierConfig['fields'] = $config['fields'];
+            }
+            $identifier = IdentifierFactory::create('Authentication.Password', $identifierConfig);
+        }
+
+        parent::__construct($identifier, $config);
+    }
+
     /**
      * Authenticate a user using session data.
      *
@@ -69,7 +90,6 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
             foreach ($this->getConfig('fields') as $key => $field) {
                 $credentials[$key] = $user[$field];
             }
-            assert($this->_identifier !== null);
             $user = $this->_identifier->identify($credentials);
 
             if (!$user) {

src/Authenticator/TokenAuthenticator.php

@@ -142,7 +142,6 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
             return new Result(null, Result::FAILURE_CREDENTIALS_MISSING);
         }
 
-        assert($this->_identifier !== null);
         $user = $this->_identifier->identify([
             TokenIdentifier::CREDENTIAL_TOKEN => $token,
         ]);