Upgrade to cakephp 5.3 / cakephp migrations 5.x / users 16

Author: ajibarra

.github/workflows/ci.yml

@@ -13,7 +13,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-version: ['8.1', '8.2', '8.3']
+        php-version: ['8.2', '8.3', '8.4']
         db-type: [sqlite, mysql, pgsql]
         prefer-lowest: ['']
 
@@ -59,22 +59,22 @@ jobs:
         fi
 
     - name: Setup problem matchers for PHPUnit
-      if: matrix.php-version == '8.1' && matrix.db-type == 'mysql'
+      if: matrix.php-version == '8.2' && matrix.db-type == 'mysql'
       run: echo "::add-matcher::${{ runner.tool_cache }}/phpunit.json"
 
     - name: Run PHPUnit
       run: |
         if [[ ${{ matrix.db-type }} == 'sqlite' ]]; then export DB_URL='sqlite:///:memory:'; fi
         if [[ ${{ matrix.db-type }} == 'mysql' ]]; then export DB_URL='mysql://root:root@127.0.0.1/cakephp?encoding=utf8'; fi
         if [[ ${{ matrix.db-type }} == 'pgsql' ]]; then export DB_URL='postgres://postgres:postgres@127.0.0.1/postgres'; fi
-        if [[ ${{ matrix.php-version }} == '8.1' ]]; then
+        if [[ ${{ matrix.php-version }} == '8.2' ]]; then
           export CODECOVERAGE=1 && vendor/bin/phpunit --display-deprecations --display-incomplete --display-skipped --coverage-clover=coverage.xml
         else
           vendor/bin/phpunit
         fi
 
     - name: Submit code coverage
-      if: matrix.php-version == '8.1'
+      if: matrix.php-version == '8.2'
       uses: codecov/codecov-action@v5
 
   cs-stan:
@@ -87,7 +87,7 @@ jobs:
     - name: Setup PHP
       uses: shivammathur/setup-php@v2
       with:
-        php-version: '8.1'
+        php-version: '8.2'
         extensions: mbstring, intl, apcu
         coverage: none
 

composer.json

@@ -27,12 +27,12 @@
         "source": "https://github.com/CakeDC/cakephp-api"
     },
     "require": {
-        "php": ">=8.1",
+        "php": ">=8.2",
         "ext-json": "*",
-        "cakephp/cakephp": "^5.0",
-        "cakedc/users": "^15.1",
+        "cakephp/cakephp": "^5.1",
+        "cakedc/users": "^16.0",
         "lcobucci/jwt": "^5.5.0",
-        "firebase/php-jwt": "^6.3"
+        "firebase/php-jwt": "^6.3 || ^7.0"
     },
     "require-dev": {
         "cakephp/cakephp-codesniffer": "^4.5",

config/Migrations/20180313201241_initial_jwt_auth.php

@@ -1,4 +1,6 @@
 <?php
+declare(strict_types=1);
+
 /**
  * Copyright 2018 - 2020, Cake Development Corporation (https://www.cakedc.com)
  *
@@ -9,11 +11,11 @@
  * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
  */
 
-use Migrations\AbstractMigration;
+use Migrations\BaseMigration;
 
-class InitialJwtAuth extends AbstractMigration
+class InitialJwtAuth extends BaseMigration
 {
-    public function change()
+    public function change(): void
     {
         $this->table('jwt_refresh_tokens', ['id' => false, 'primary_key' => ['id']])
             ->addColumn('id', 'uuid', [

config/Migrations/20231003201241_auth_store.php

@@ -1,4 +1,6 @@
 <?php
+declare(strict_types=1);
+
 /**
  * Copyright 2018 - 2020, Cake Development Corporation (https://www.cakedc.com)
  *
@@ -9,11 +11,11 @@
  * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
  */
 
-use Migrations\AbstractMigration;
+use Migrations\BaseMigration;
 
-class AuthStore extends AbstractMigration
+class AuthStore extends BaseMigration
 {
-    public function change()
+    public function change(): void
     {
         $this->table('auth_store', ['id' => false, 'primary_key' => ['id']])
             ->addColumn('id', 'string', [

src/ApiInitializer.php

@@ -35,28 +35,39 @@ class ApiInitializer implements AuthorizationServiceProviderInterface
     public function getAuthenticationService(): AuthenticationService
     {
         $service = new AuthenticationService();
-        $service->loadIdentifier('Authentication.JwtSubject', []);
-        $service->loadIdentifier('Authentication.Password', [
-            'resolver' => [
-                'className' => 'Authentication.Orm',
-                'userModel' => 'CakeDC/Users.Users',
-                'finder' => 'active',
-            ],
-        ]);
 
         $service->loadAuthenticator('Authentication.Session', [
             'sessionKey' => 'Auth',
+            'identifier' => [
+                'Authentication.Password' => [
+                    'resolver' => [
+                        'className' => 'Authentication.Orm',
+                        'userModel' => 'CakeDC/Users.Users',
+                        'finder' => 'active',
+                    ],
+                ],
+            ],
         ]);
         $service->loadAuthenticator('CakeDC/Auth.Form', [
-            // 'sessionKey' => 'Auth',
+            'identifier' => [
+                'Authentication.Password' => [
+                    'resolver' => [
+                        'className' => 'Authentication.Orm',
+                        'userModel' => 'CakeDC/Users.Users',
+                        'finder' => 'active',
+                    ],
+                ],
+            ],
         ]);
 
-        $service->loadIdentifier('Authentication.Token', [
-            'dataField' => 'token',
-            'tokenField' => 'api_token',
-        ]);
         $service->loadAuthenticator('Authentication.Token', [
             'queryParam' => 'token',
+            'identifier' => [
+                'Authentication.Token' => [
+                    'dataField' => 'token',
+                    'tokenField' => 'api_token',
+                ],
+            ],
         ]);
 
         $service->loadAuthenticator('Authentication.Jwt', [
@@ -66,6 +77,9 @@ public function getAuthenticationService(): AuthenticationService
             'algorithm' => 'HS512',
             'returnPayload' => false,
             'secretKey' => Configure::read('Api.Jwt.AccessToken.secret'),
+            'identifier' => [
+                'Authentication.JwtSubject' => [],
+            ],
         ]);
 
         return $service;

src/Model/Entity/AuthStore.php

@@ -10,8 +10,8 @@
  *
  * @property string $id
  * @property array|null $store
- * @property \Cake\I18n\FrozenTime $created
- * @property \Cake\I18n\FrozenTime $modified
+ * @property \Cake\I18n\DateTime $created
+ * @property \Cake\I18n\DateTime $modified
  */
 class AuthStore extends Entity
 {

src/Rbac/ApiRbac.php

@@ -68,7 +68,7 @@ class ApiRbac implements RbacInterface
      *
      * @param array $config Class configuration
      */
-    public function __construct($config = [])
+    public function __construct(array $config = [])
     {
         if (!isset($config['log'])) {
             $config['log'] = Configure::read('debug');

src/Rbac/CachedApiRbac.php

@@ -32,14 +32,14 @@ class CachedApiRbac extends ApiRbac
      *
      * @var array[] rules array
      */
-    protected $permissionsMap = [];
+    protected array $permissionsMap = [];
 
     /**
      * CachedApiRbac constructor.
      *
      * @param array $config Class configuration
      */
-    public function __construct($config = [])
+    public function __construct(array $config = [])
     {
         parent::__construct($config);
         $this->permissionsMap = Cache::remember('api_permissions_map', function () {
@@ -52,7 +52,7 @@ public function __construct($config = [])
      *
      * @return array
      */
-    public function buildPermissionsMap()
+    public function buildPermissionsMap(): array
     {
         $asArray = function ($permission, $key, $default = null) {
             if ($default !== null && !array_key_exists($key, $permission)) {
@@ -95,7 +95,7 @@ public function buildPermissionsMap()
      * @param \Psr\Http\Message\ServerRequestInterface $request request
      * @return bool true if there is a match in permissions
      */
-    public function checkPermissions($user, ServerRequestInterface $request)
+    public function checkPermissions(array|\ArrayAccess $user, ServerRequestInterface $request): bool
     {
         $roleField = $this->getConfig('role_field');
         $defaultRole = $this->getConfig('default_role');

src/Rbac/Permissions/AbstractProvider.php

@@ -35,7 +35,7 @@ abstract class AbstractProvider
      *
      * @param array $config config
      */
-    public function __construct($config = [])
+    public function __construct(array $config = [])
     {
         $this->setConfig($config);
         $this->defaultPermissions = [
@@ -82,12 +82,12 @@ public function __construct($config = [])
      *
      * @return array Array of permissions
      */
-    abstract public function getPermissions();
+    abstract public function getPermissions(): array;
 
     /**
      * @return array
      */
-    public function getDefaultPermissions()
+    public function getDefaultPermissions(): array
     {
         return $this->defaultPermissions;
     }
@@ -96,7 +96,7 @@ public function getDefaultPermissions()
      * @param array $defaultPermissions default permissions
      * @return void
      */
-    public function setDefaultPermissions($defaultPermissions)
+    public function setDefaultPermissions(array $defaultPermissions): void
     {
         $this->defaultPermissions = $defaultPermissions;
     }

src/Rbac/Permissions/ApiConfigProvider.php

@@ -35,7 +35,7 @@ class ApiConfigProvider extends AbstractProvider
      *
      * @return array Array of permissions
      */
-    public function getPermissions()
+    public function getPermissions(): array
     {
         $autoload = $this->getConfig('autoload_config');
         if ($autoload) {
@@ -53,7 +53,7 @@ public function getPermissions()
      * @param string $key name of the configuration file to read permissions from
      * @return array permissions
      */
-    protected function _loadPermissions($key)
+    protected function _loadPermissions(string $key): array
     {
         $permissions = null;
         try {