Issue #3456738 by cmlara, Anybody, andrewbelcher, Berdir, catch: BC break in...

Issue #3456738 by cmlara, Anybody, andrewbelcher, Berdir, catch: BC break in login auth changes from #3444978

(cherry picked from commit e015f808)

core/modules/user/src/Controller/UserAuthenticationController.php

@@ -201,7 +201,7 @@ public function login(Request $request) {
         $authenticated = $this->userAuth->authenticateAccount($account, $credentials['pass']) ? $account->id() : FALSE;
       }
       else {
-        $authenticated = $this->userAuth->authenticateAccount($credentials['name'], $credentials['pass']);
+        $authenticated = $this->userAuth->authenticate($credentials['name'], $credentials['pass']);
       }
       if ($authenticated) {
         $this->userFloodControl->clear('user.http_login', $this->getLoginFloodIdentifier($request, $credentials['name']));

core/modules/user/src/Form/UserLoginForm.php

@@ -246,6 +246,13 @@ public function validateAuthentication(array &$form, FormStateInterface $form_st
         if ($this->userAuth instanceof UserAuthenticationInterface) {
           $form_state->set('uid', $this->userAuth->authenticateAccount($account, $password) ? $account->id() : FALSE);
         }
+        // The userAuth object is decorated by an object that that has not
+        // been upgraded to the new UserAuthenticationInterface. Fallback
+        // to the authenticate() method.
+        else {
+          $uid = $this->userAuth->authenticate($form_state->getValue('name'), $password);
+          $form_state->set('uid', $uid);
+        }
       }
       elseif (!$this->userAuth instanceof UserAuthenticationInterface) {
         $uid = $this->userAuth->authenticate($form_state->getValue('name'), $password);

core/modules/user/tests/modules/user_auth_decorator_test/src/UserAuthDecorator.php

+<?php
+
+namespace Drupal\user_auth_decorator_test;
+
+use Drupal\user\UserAuthInterface;
+
+/**
+ * Helper to validate UserAuthInterface BC layers are functional.
+ */
+class UserAuthDecorator implements UserAuthInterface {
+
+  /**
+   * Constructs a UserAuthDecorator object.
+   *
+   * @param \Drupal\user\UserAuthInterface $inner
+   *   The inner User.Auth service.
+   */
+  public function __construct(protected UserAuthInterface $inner) {
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function authenticate($username, #[\SensitiveParameter] $password) {
+    return $this->inner->authenticate($username, $password);
+  }
+
+}

core/modules/user/tests/modules/user_auth_decorator_test/user_auth_decorator_test.info.yml

+name: 'User Auth Service decorated only with UserAuthInterface'
+type: module
+description: 'Support module for user authentication testing.'
+package: Testing
+version: VERSION

core/modules/user/tests/modules/user_auth_decorator_test/user_auth_decorator_test.services.yml

+services:
+  user_auth_decorator.user.auth:
+    class: \Drupal\user_auth_decorator_test\UserAuthDecorator
+    decorates: user.auth
+    arguments:
+      - '@user_auth_decorator.user.auth.inner'

core/modules/user/tests/src/Functional/Rest/UserJsonBasicAuthDecoratedTest.php

+<?php
+
+declare(strict_types=1);
+
+namespace Drupal\Tests\user\Functional\Rest;
+
+use Drupal\user_auth_decorator_test\UserAuthDecorator;
+
+/**
+ * Run UserJsonBasicAuthTest with a user.auth decorator.
+ *
+ * @group rest
+ * @group #slow
+ */
+class UserJsonBasicAuthDecoratedTest extends UserJsonBasicAuthTest {
+  /**
+   * Modules to install.
+   *
+   * @var array
+   */
+  protected static $modules = ['user_auth_decorator_test'];
+
+  /**
+   * Test that the UserAuthDecorator is providing user.auth.
+   */
+  public function testServiceDecorated(): void {
+    $service = \Drupal::service('user.auth');
+    $this->assertInstanceOf(UserAuthDecorator::class, $service);
+  }
+
+}

core/modules/user/tests/src/Functional/UserLoginDecoratedTest.php

+<?php
+
+declare(strict_types=1);
+
+namespace Drupal\Tests\user\Functional;
+
+use Drupal\user_auth_decorator_test\UserAuthDecorator;
+
+/**
+ * Ensure that login works as expected with a decorator.
+ *
+ * The decorator does not implement UserAuthenticationInterface.
+ *
+ * @group user
+ */
+class UserLoginDecoratedTest extends UserLoginTest {
+
+  /**
+   * Modules to install.
+   *
+   * @var array
+   */
+  protected static $modules = ['user_auth_decorator_test'];
+
+  /**
+   * Test that the UserAuthDecorator is providing user.auth.
+   */
+  public function testServiceDecorated(): void {
+    $service = \Drupal::service('user.auth');
+    $this->assertInstanceOf(UserAuthDecorator::class, $service);
+  }
+
+}

core/modules/user/tests/src/Functional/UserLoginHttpDecoratedTest.php

+<?php
+
+declare(strict_types=1);
+
+namespace Drupal\Tests\user\Functional;
+
+use Drupal\user_auth_decorator_test\UserAuthDecorator;
+
+/**
+ * Tests login and password reset via direct HTTP with a user.auth decorator.
+ *
+ * The decorator does not implement UserAuthenticationInterface.
+ *
+ * @group user
+ */
+class UserLoginHttpDecoratedTest extends UserLoginHttpTest {
+
+  /**
+   * Modules to install.
+   *
+   * @var array
+   */
+  protected static $modules = ['user_auth_decorator_test'];
+
+  /**
+   * Test that the UserAuthDecorator is providing user.auth.
+   */
+  public function testServiceDecorated(): void {
+    $service = \Drupal::service('user.auth');
+    $this->assertInstanceOf(UserAuthDecorator::class, $service);
+  }
+
+}