Problem/Motivation

Issues such as #3055260: [PP-1] Disable CSRF token check for non-CSRF vulnerable authentication providers require the AuthenticationManager provide some way for other services to determine which authentication plugin "won" in authenticating the current request. Various other parts of the routing and even image derivative generation systems use the request's attributes ParameterBag for storing computed data about the request. Let's do the same here.

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

Release notes snippet

Issue fork drupal-3253911

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

bradjones1 created an issue. See original summary.

bradjones1 opened merge request !1533

bradjones1’s picture

bradjones1
Primary language English
commented
Status: Active » Needs review
bradjones1’s picture

bradjones1
Primary language English
commented

This is also helpful for event subscribers/hook_user_login() implementations that might only do things when a user logs in over the web (gets a session) vs. say, a native app.

Version: 9.4.x-dev » 9.5.x-dev

Drupal 9.4.0-alpha1 was released on May 6, 2022, which means new developments and disruptive changes should now be targeted for the 9.5.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

bradjones1’s picture

bradjones1
Primary language English
commented
Parent issue: » #2371629: [meta] Finalize Session and User Authentication API

Version: 9.5.x-dev » 10.1.x-dev

Drupal 9.5.0-beta2 and Drupal 10.0.0-beta2 were released on September 29, 2022, which means new developments and disruptive changes should now be targeted for the 10.1.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

smustgrave’s picture

smustgrave commented
Category: Task » Feature request
Status: Needs review » Needs work
Issue tags: +Needs Review Queue Initiative, +Needs tests

This issue is being reviewed by the kind folks in Slack, #needs-review-queue-initiative. We are working to keep the size of Needs Review queue [2700+ issues] to around 400 (1 month or less), following Review a patch or merge request as a guide.

Seems like a feature request but if you disagree let me know.

Seems like this could use a simple test coverage showing the existence of the plugin ID

Version: 10.1.x-dev » 11.x-dev

Drupal core is moving towards using a “main” branch. As an interim step, a new 11.x branch has been opened, as Drupal.org infrastructure cannot currently fully support a branch named main. New developments and disruptive changes should now be targeted for the 11.x branch, which currently accepts only minor-version allowed changes. For more information, see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 11.x-dev » main

Drupal core is now using the main branch as the primary development branch. New developments and disruptive changes should now be targeted to the main branch.

Read more in the announcement.