[Security] Do not make PasswordUpgraderInterface a generic

symfony · fabpot · Aug 5, 2023 · Aug 5, 2023 · Aug 5, 2023 · d473b909e8a77a2bb03c94a4f6564f2e020f09e7
commit d473b909e8a77a2bb03c94a4f6564f2e020f09e7
@@ -125,7 +125,7 @@ public function upgradePassword(PasswordAuthenticatedUserInterface $user, string
         }
 
         $repository = $this->getRepository();
-        if ($repository instanceof PasswordUpgraderInterface) {
+        if ($user instanceof PasswordAuthenticatedUserInterface && $repository instanceof PasswordUpgraderInterface) {
             $repository->upgradePassword($user, $newHashedPassword);
         }
     }

@@ -13,8 +13,6 @@
 
 /**
  * @author Nicolas Grekas <p@tchwork.com>
- *
- * @template TUser of PasswordAuthenticatedUserInterface
  */
 interface PasswordUpgraderInterface
 {
@@ -24,8 +22,6 @@ interface PasswordUpgraderInterface
      * This method should persist the new password in the user storage and update the $user object accordingly.
      * Because you don't want your users not being able to log in, this method should be opportunistic:
      * it's fine if it does nothing or if it fails without throwing any exception.
-     *
-     * @param TUser $user
      */
     public function upgradePassword(PasswordAuthenticatedUserInterface $user, string $newHashedPassword): void;
 }