Merge branch 'next-38794/deprecate-authorize-endpoint' into 'trunk'

NEXT-38794 - Deprecate /api/oauth/authorize route in AuthController

See merge request shopware/6/product/platform!14993

changelog/_unreleased/2024-10-10-deprecate-auth-endpoint.md

@@ -0,0 +1,10 @@
+---
+title: Deprecate unused auth endpoint
+issue: NEXT-38794
+---
+# API
+* Deprecated `\Core\Framework\Api\Controller\AuthController::authorize` method (API route `/api/oauth/authorize`). It will be removed without replacement with the next major version.
+
+___
+# Next Major Version Changes
+* Removed `\Core\Framework\Api\Controller\AuthController::authorize` method (API route `/api/oauth/authorize`) without replacement.

src/Core/Framework/Api/Controller/AuthController.php

@@ -4,6 +4,7 @@
 
 use League\OAuth2\Server\AuthorizationServer;
 use Shopware\Core\Framework\Api\Controller\Exception\AuthThrottledException;
+use Shopware\Core\Framework\Feature;
 use Shopware\Core\Framework\Log\Package;
 use Shopware\Core\Framework\RateLimiter\Exception\RateLimitExceededException;
 use Shopware\Core\Framework\RateLimiter\RateLimiter;
@@ -28,9 +29,13 @@ public function __construct(
     ) {
     }
 
+    /**
+     * @deprecated tag:v6.7.0 - Remove endpoint "/api/oauth/authorize"
+     */
     #[Route(path: '/api/oauth/authorize', name: 'api.oauth.authorize', defaults: ['auth_required' => false], methods: ['POST'])]
     public function authorize(Request $request): void
     {
+        Feature::triggerDeprecationOrThrow('v6.7.0.0', Feature::deprecatedMethodMessage(__CLASS__, __METHOD__, 'v6.7.0.0'));
     }
 
     #[Route(path: '/api/oauth/token', name: 'api.oauth.token', defaults: ['auth_required' => false], methods: ['POST'])]