8000 bug #35060 [Security] Fix missing defaults for auto-migrating encoder… · symfony/symfony@fd81bb8 · GitHub
[go: up one dir, main page]
Skip to content

Commit fd81bb8

Browse files
chalasrchalasr
committed
bug #35060 [Security] Fix missing defaults for auto-migrating encoders (chalasr)
This PR was merged into the 4.4 branch. Discussion ---------- [Security] Fix missing defaults for auto-migrating encoders | Q | A | ------------- | --- | Branch? | 4.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | Fixes #35058 | License | MIT | Doc PR | - Commits ------- 665ef06 [Security] Fix missing defaults for auto-migrating encoders
2 parents aac9ca2 + 665ef06 commit fd81bb8

File tree

2 files changed

+11
-6
lines changed

2 files changed

+11
-6
lines changed

src/Symfony/Component/Security/Core/Encoder/EncoderFactory.php

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -144,10 +144,10 @@ private function getEncoderConfigFromAlgorithm(array $config): array
144144
return [
145145
'class' => Pbkdf2PasswordEncoder::class,
146146
'arguments' => [
147-
$config['hash_algorithm'],
148-
$config['encode_as_base64'],
149-
$config['iterations'],
150-
$config['key_length'],
147+
$config['hash_algorithm'] ?? 'sha512',
148+
$config['encode_as_base64'] ?? true,
149+
$config['iterations'] ?? 1000,
150+
$config['key_length'] ?? 40,
151151
],
152152
];
153153

@@ -205,8 +205,8 @@ private function getEncoderConfigFromAlgorithm(array $config): array
205205
'class' => MessageDigestPasswordEncoder::class,
206206
'arguments' => [
207207
$config['algorithm'],
208-
$config['encode_as_base64'],
209-
$config['iterations'],
208+
$config['encode_as_base64'] ?? true,
209+
$config['iterations'] ?? 5000,
210210
],
211211
];
212212
}

src/Symfony/Component/Security/Core/Tests/Encoder/EncoderFactoryTest.php

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -162,6 +162,11 @@ public function testDefaultMigratingEncoders()
162162
(new EncoderFactory([SomeUser::class => ['class' => NativePasswordEncoder::class, 'arguments' => []]]))->getEncoder(SomeUser::class)
163163
);
164164

165+
$this->assertInstanceOf(
166+
MigratingPasswordEncoder::class,
167+
(new EncoderFactory([SomeUser::class => ['algorithm' => 'bcrypt', 'cost' => 11]]))->getEncoder(SomeUser::class)
168+
);
169+
165170
if (!SodiumPasswordEncoder::isSupported()) {
166171
return;
167172
}

0 commit comments

Comments
 (0)
0