[FIXED] How to handle Symfony 5.3 deprecations?

Issue

After upgrading Symfony from 4.4 -> 5.3 i get some deprecations which I cant located to solve.

Here are 3 deprecations as example:

User Deprecated: Since symfony/framework-bundle 5.3: The "session.storage.factory.service" service is deprecated, use "session.storage.factory.native", "session.storage.factory.php_bridge" or "session.storage.factory.mock_file" instead.
User Deprecated: Since symfony/security-core 5.3: The "Symfony\Component\Security\Core\Event\AuthenticationFailureEvent" class is deprecated, use "Symfony\Component\Security\Http\Event\LoginFailureEvent"
User Deprecated: Since symfony/http-kernel 5.3: "Symfony\Component\HttpKernel\Event\KernelEvent::isMasterRequest()" is deprecated, use "isMainRequest()" instead.

It's only 3 of more as 30 deprecations. My question is: How is the correct way to solve this warnings. (I need to solve, because I have many Requests/minute and every time this warnings get wrote in dev.log - this file is exploding)

I want to start with the 3rd warning. Here is the trace:

../vendor/symfony/http-kernel/Event/KernelEvent.php:88 {▶}
../vendor/symfony/web-link/EventListener/AddLinkHeaderListener.php:41 {▶}
../vendor/symfony/event-dispatcher/Debug/WrappedListener.php:117 {▶}
../vendor/symfony/event-dispatcher/EventDispatcher.php:230 {▶}
../vendor/symfony/event-dispatcher/EventDispatcher.php:59 {▶}
../vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php:151 {▶}
../vendor/symfony/http-kernel/HttpKernel.php:190 {▶}
../vendor/symfony/http-kernel/HttpKernel.php:178 {▶}
../vendor/symfony/http-kernel/HttpKernel.php:79 {▶}
../vendor/symfony/http-kernel/EventListener/ErrorListener.php:60 {▶}
../vendor/symfony/event-dispatcher/Debug/WrappedListener.php:117 {▶}
../vendor/symfony/event-dispatcher/EventDispatcher.php:230 {▶}
../vendor/symfony/event-dispatcher/EventDispatcher.php:59 {▶}
../vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php:151 {▶}
../vendor/symfony/http-kernel/HttpKernel.php:218 {▶}
../vendor/symfony/http-kernel/HttpKernel.php:90 {▶}
../vendor/symfony/http-kernel/Kernel.php:199 {▶}
../public/index.php:25 {▶}

All files comes directly from symfony, nothing from me, thats why my question where to start to solve this warnings.

Solution

Ok, now im deprecation free but there are some things to now after upgrading from 4.4 to 5.3

To find all warnings I created a new symfony project to compare different files

1. KernelEvent::isMasterRequest()" is deprecated, use "isMainRequest()

   take a look into your file src/Kernel.php - there u can find the deprecated method

2. The "session.storage.factory.service" service is deprecated

   open your framework.yaml and compare with the following code. Maybe it could help you:

   session:
     handler_id: session.handler.native_file
     save_path: '%kernel.project_dir%/var/sessions/%kernel.environment%'
     # 2 Days lifetime (172800 seconds)
     cookie_lifetime: 172800
     cookie_secure: 'auto'
     cookie_samesite: 'lax'
     #storage_id: session.storage.mock_file
     storage_factory_id: session.storage.factory.native  
   

3. The "Symfony\Component\HttpFoundation\Session\SessionInterface are deprecated

   I found this in my old LoginAuthenticator ('App\Security...' by default). Replace it with use Symfony\Component\HttpFoundation\RequestStack; Now u can inject it and make it available as $this->requestStack and then change all $this->session with $this->requestStack->getSession() Done!

4. Most of all other deprecations are in connection with the new authenticator-based system which was introduced in symfony 5.1. U have to edit your security.yaml. I show you my changes:

   security:
       enable_authenticator_manager: true
       password_hashers:
          Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
       providers:
           users_in_memory: { memory: null }
           app_user_provider:
              entity:
                class: App\Entity\User
                property: username
       firewalls:
           main: 
               # default stuff
               provider: app_user_provider
               http_basic: ~
               form_login:
                   default_target_path: mission 
                   use_referer: true
                   target_path_parameter: redirect_url
                   login_path: login
                   check_path: login
               entry_point: form_login
               access_denied_handler: App\Security\AccessDeniedHandler
               custom_authenticator: App\Security\CustomAuthenticator
   

   To make the auth warnings more understandable create a new customauthenicator with the maker bundle. Now you can compare your old Authenticator with the new one and put the new methods into your old Authenticator. There are some changes that you need to make.

Thats it. Most of deprecations should solve now.

Answered By - Daniel Richter