8000 bug #34428 [Security] Fix best encoder not wired using migrate_from (… · symfony/symfony@76d3112 · GitHub
[go: up one dir, main page]
Skip to content

Commit 76d3112

Browse files
author
Robin Chalas
committed
bug #34428 [Security] Fix best encoder not wired using migrate_from (chalasr)
This PR was merged into the 4.4 branch. Discussion ---------- [Security] Fix best encoder not wired using migrate_from | Q | A | ------------- | --- | Branch? | 4.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - Thanks @wouterj for spotting it. Commits ------- 4132a60 [Security] Fix best encoder not wired using migrate_from
2 parents b4ca84c + 4132a60 commit 76d3112

File tree

2 files changed

+5
-4
lines changed

2 files changed

+5
-4
lines changed

src/Symfony/Component/Security/Core/Encoder/EncoderFactory.php

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -114,7 +114,9 @@ private function getEncoderConfigFromAlgorithm(array $config): array
114114
}
115115

116116
if ($fromEncoders = ($config['migrate_from'] ?? false)) {
117-
$encoderChain = [];
117+
unset($config['migrate_from']);
118+
$encoderChain = [$this->createEncoder($config, true)];
119+
118120
foreach ($fromEncoders as $name) {
119121
if ($encoder = $this->encoders[$name] ?? false) {
120122
$encoder = $encoder instanceof PasswordEncoderInterface ? $encoder : $this->createEncoder($encoder, true);

src/Symfony/Component/Security/Core/Tests/Encoder/EncoderFactoryTest.php

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -143,9 +143,7 @@ public function testMigrateFrom()
143143

144144
$factory = new EncoderFactory([
145145
'digest_encoder' => $digest = new MessageDigestPasswordEncoder('sha256'),
146-
'pbdkf2' => $digest = new MessageDigestPasswordEncoder('sha256'),
147-
'bcrypt_encoder' => ['algorithm' => 'bcrypt'],
148-
SomeUser::class => ['algorithm' => 'sodium', 'migrate_from' => ['bcrypt_encoder', 'digest_encoder']],
146+
SomeUser::class => ['algorithm' => 'sodium', 'migrate_from' => ['bcrypt', 'digest_encoder']],
149147
]);
150148

151149
$encoder = $factory->getEncoder(SomeUser::class);
@@ -154,6 +152,7 @@ public function testMigrateFrom()
154152
$this->assertTrue($encoder->isPasswordValid((new SodiumPasswordEncoder())->encodePassword('foo', null), 'foo', null));
155153
$this->assertTrue($encoder->isPasswordValid((new NativePasswordEncoder(null, null, null, \PASSWORD_BCRYPT))->encodePassword('foo', null), 'foo', null));
156154
$this->assertTrue($encoder->isPasswordValid($digest->encodePassword('foo', null), 'foo', null));
155+
$this->assertStringStartsWith(SODIUM_CRYPTO_PWHASH_STRPREFIX, $encoder->encodePassword('foo', null));
157156
}
158157

159158
public function testDefaultMigratingEncoders()

0 commit comments

Comments
 (0)
0