8000 [Security] Fix best encoder not wired using migrate_from · symfony/symfony@4132a60 · GitHub
[go: up one dir, main page]
Skip to content

Commit 4132a60

Browse files
author
Robin Chalas
committed
[Security] Fix best encoder not wired using migrate_from
1 parent 7ed6d35 commit 4132a60

File tree

2 files changed

+5
-4
lines changed

2 files changed

+5
-4
lines changed

src/Symfony/Component/Security/Core/Encoder/EncoderFactory.php

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -114,7 +114,9 @@ private function getEncoderConfigFromAlgorithm(array $config): array
114114
}
115115

116116
if ($fromEncoders = ($config['migrate_from'] ?? false)) {
117-
$encoderChain = [];
117+
unset($config['migrate_from']);
118+
$encoderChain = [$this->createEncoder($config, true)];
119+
118120
foreach ($fromEncoders as $name) {
119121
if ($encoder = $this->encoders[$name] ?? false) {
120122
$encoder = $encoder instanceof PasswordEncoderInterface ? $encoder : $this->createEncoder($encoder, true);

src/Symfony/Component/Security/Core/Tests/Encoder/EncoderFactoryTest.php

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -143,9 +143,7 @@ public function testMigrateFrom()
143143

144144
$factory = new EncoderFactory([
145145
'digest_encoder' => $digest = new MessageDigestPasswordEncoder('sha256'),
146-
'pbdkf2' => $digest = new MessageDigestPasswordEncoder('sha256'),
147-
'bcrypt_encoder' => ['algorithm' => 'bcrypt'],
148-
SomeUser::class => ['algorithm' => 'sodium', 'migrate_from' => ['bcrypt_encoder', 'digest_encoder']],
146+
SomeUser::class => ['algorithm' => 'sodium', 'migrate_from' => ['bcrypt', 'digest_encoder']],
149147
]);
150148

151149
$encoder = $factory->getEncoder(SomeUser::class);
@@ -154,6 +152,7 @@ public function testMigrateFrom()
154152
$this->assertTrue($encoder->isPasswordValid((new SodiumPasswordEncoder())->encodePassword('foo', null), 'foo', null));
155153
$this->assertTrue($encoder->isPasswordValid((new NativePasswordEncoder(null, null, null, \PASSWORD_BCRYPT))->encodePassword('foo', null), 'foo', null));
156154
$this->assertTrue($encoder->isPasswordValid($digest->encodePassword('foo', null), 'foo', null));
155+
$this->assertStringStartsWith(SODIUM_CRYPTO_PWHASH_STRPREFIX, $encoder->encodePassword('foo', null));
157156
}
158157

159158
public function testDefaultMigratingEncoders()

0 commit comments

Comments
 (0)
0