feature #14721 [Security] Configuring a user checker per firewall (iltar)

This PR was squashed before being merged into the 2.8 branch (closes #14721).

Discussion
----------

[Security] Configuring a user checker per firewall

_Changed my base branch to avoid issues, closed old PR_

| Q             | A
| ------------- | ---
| Bug fix?      | no
| New feature?  | yes
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed ticket | #11090 and helps #14673
| License       | MIT
| Doc PR        | symfony/symfony-docs/pull/5530

This pull request adds support for a configurable user checker per firewall. An example could be:

```yml
services:
    app.user_checker:
        class: App\Security\UserChecker
        arguments:
            - "@request_stack"

security:
    firewalls:
        secured_area:
            pattern: ^/
            anonymous: ~
            basic_auth: ~
            user_checker: app.user_checker

```
The above example will use the `UserChecker` defined as `app.user_checker`. If the `user_checker` option is left empty, `security.user_checker` will  be used. If the `user_checkers` option is not defined, it will fall back to the original behavior to not break backwards compatibility and will validate using the existing `UserChecker`: `security.user_checker`.

I left the default argument in the service definitions to be `security.user_checker` to include backwards compatibility for people who for some reason don't have the extension executed. You can obtain the checker for a specific firewall by appending the firewall name to it. For the firewall `secured_area`, this would be `security.user_checker.secured_area`.

Commits
-------

76bc662 [Security] Configuring a user checker per firewall

1 files changed, 9 insertions, 2 deletions

diff --git a/Core/User/UserCheckerInterface.php b/Core/User/UserCheckerInterface.php
index 3dd8d51..62ea9f0 100644
--- a/Core/User/UserCheckerInterface.php
+++ b/Core/User/UserCheckerInterface.php
@@ -11,10 +11,13 @@
 
 namespace Symfony\Component\Security\Core\User;
 
+use Symfony\Component\Security\Core\Exception\AccountStatusException;
+
 /**
- * UserCheckerInterface checks user account when authentication occurs.
+ * Implement to throw AccountStatusException during the authentication process.
  *
- * This should not be used to make authentication decisions.
+ * Can be used when you want to check the account status, e.g when the account is
+ * disabled or blocked. This should not be used to make authentication decisions.
  *
  * @author Fabien Potencier <fabien@symfony.com>
  */
@@ -24,6 +27,8 @@ interface UserCheckerInterface
      * Checks the user account before authentication.
      *
      * @param UserInterface $user a UserInterface instance
+     *
+     * @throws AccountStatusException
      */
     public function checkPreAuth(UserInterface $user);
 
@@ -31,6 +36,8 @@ interface UserCheckerInterface
      * Checks the user account after authentication.
      *
      * @param UserInterface $user a UserInterface instance
+     *
+     * @throws AccountStatusException
      */
     public function checkPostAuth(UserInterface $user);
 }