Require authentication v4 and conflict with older majors (#335)

* Require authentication v4 and conflict with older majors

The LoginLink authenticator and identifier follow cakephp/authentication v4's
current API (matching method signatures, CakePHP 5.1+). Move the dev requirement
to v4 and declare a conflict with anything below 4.0, so consumers cannot pair
this plugin with an incompatible authentication major.

* Port LoginLink to authentication v4

Authentication v4 made the authenticator's identifier nullable, removed
IdentifierCollection, and typed the abstract identifier's default config:

- use getIdentifier() instead of the now-nullable identifier property
- type LoginLinkIdentifier's default config as a string-keyed array
- construct the identifier directly in the authenticator test (no collection)

Author: dereuromark

composer.json

@@ -31,11 +31,14 @@
 		"cakephp/cakephp": "^5.1.1",
 		"dereuromark/cakephp-shim": "^3.0.0"
 	},
+	"conflict": {
+		"cakephp/authentication": "<4.0.0"
+	},
 	"require-dev": {
 		"fig-r/psr2r-sniffer": "dev-master",
 		"mobiledetect/mobiledetectlib": "^4.8.09",
 		"phpunit/phpunit": "^11.5 || ^12.1 || ^13.0",
-		"cakephp/authentication": "^3.1.0",
+		"cakephp/authentication": "^4.0.0",
 		"yangqi/htmldom": "^1.0"
 	},
 	"suggest": {

src/Authenticator/LoginLinkAuthenticator.php

@@ -35,7 +35,7 @@ public function authenticate(ServerRequestInterface $request): ResultInterface {
 		$user = $this->getUserFromToken($token);
 
 		if (!$user) {
-			return new Result(null, ResultInterface::FAILURE_IDENTITY_NOT_FOUND, $this->_identifier->getErrors());
+			return new Result(null, ResultInterface::FAILURE_IDENTITY_NOT_FOUND, $this->getIdentifier()->getErrors());
 		}
 
 		return new Result($user, ResultInterface::SUCCESS);
@@ -77,7 +77,7 @@ protected function getUserFromToken(string $token): ?EntityInterface {
 		}
 
 		/** @var \Cake\ORM\Entity $identity */
-		$identity = $this->_identifier->identify([$this->getConfig('identifierKey') => $tokenEntity->user_id]);
+		$identity = $this->getIdentifier()->identify([$this->getConfig('identifierKey') => $tokenEntity->user_id]);
 		$email = $tokenEntity->content;
 		if ($email && $identity && $identity->get('email') && $email !== $identity->get('email')) {
 			return null;

src/Identifier/LoginLinkIdentifier.php

@@ -16,7 +16,7 @@ class LoginLinkIdentifier extends AbstractIdentifier {
 	/**
 	 * Default configuration.
 	 *
-	 * @var array
+	 * @var array<string, mixed>
 	 */
 	protected array $_defaultConfig = [
 		'idField' => 'id',

tests/TestCase/Authenticator/LoginLinkAuthenticatorTest.php

@@ -4,10 +4,10 @@
 
 use ArrayAccess;
 use Authentication\Authenticator\Result;
-use Authentication\Identifier\IdentifierCollection;
 use Cake\Http\ServerRequestFactory;
 use Cake\TestSuite\TestCase;
 use Tools\Authenticator\LoginLinkAuthenticator;
+use Tools\Identifier\LoginLinkIdentifier;
 
 class LoginLinkAuthenticatorTest extends TestCase {
 
@@ -22,11 +22,9 @@ class LoginLinkAuthenticatorTest extends TestCase {
 	];
 
 	/**
-	 * Identifier Collection
-	 *
-	 * @var \Authentication\Identifier\IdentifierCollection;
+	 * @var \Tools\Identifier\LoginLinkIdentifier
 	 */
-	public $identifiers;
+	protected $identifier;
 
 	/**
 	 * @var \Cake\Http\ServerRequest
@@ -39,12 +37,10 @@ class LoginLinkAuthenticatorTest extends TestCase {
 	public function setUp(): void {
 		parent::setUp();
 
-		$this->identifiers = new IdentifierCollection([
-			'Tools.LoginLink' => [
-				'resolver' => [
-					'className' => 'Authentication.Orm',
-					'userModel' => 'ToolsUsers',
-				],
+		$this->identifier = new LoginLinkIdentifier([
+			'resolver' => [
+				'className' => 'Authentication.Orm',
+				'userModel' => 'ToolsUsers',
 			],
 		]);
 	}
@@ -65,7 +61,7 @@ public function testAuthenticate() {
 			'token' => '123',
 		]);
 
-		$authenticator = new LoginLinkAuthenticator($this->identifiers);
+		$authenticator = new LoginLinkAuthenticator($this->identifier);
 
 		$result = $authenticator->authenticate($this->request);
 		$this->assertInstanceOf(Result::class, $result);