diff --git a/CHANGELOG.md b/CHANGELOG.md index 77aa9573..1d69d188 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,28 @@ CHANGELOG ========= +7.4 +--- + + * Register alias for argument for password hasher when its key is not a class name: + + With the following configuration: + ```yaml + security: + password_hashers: + recovery_code: auto + ``` + + It is possible to inject the `recovery_code` password hasher in a service: + + ```php + public function __construct( + #[Target('recovery_code')] + private readonly PasswordHasherInterface $passwordHasher, + ) { + } + ``` + 7.3 --- diff --git a/DependencyInjection/SecurityExtension.php b/DependencyInjection/SecurityExtension.php index 1711964b..0d41e3db 100644 --- a/DependencyInjection/SecurityExtension.php +++ b/DependencyInjection/SecurityExtension.php @@ -49,6 +49,7 @@ use Symfony\Component\PasswordHasher\Hasher\Pbkdf2PasswordHasher; use Symfony\Component\PasswordHasher\Hasher\PlaintextPasswordHasher; use Symfony\Component\PasswordHasher\Hasher\SodiumPasswordHasher; +use Symfony\Component\PasswordHasher\PasswordHasherInterface; use Symfony\Component\Routing\Loader\ContainerLoader; use Symfony\Component\Security\Core\Authorization\Strategy\AffirmativeStrategy; use Symfony\Component\Security\Core\Authorization\Strategy\ConsensusStrategy; @@ -706,6 +707,17 @@ private function createHashers(array $hashers, ContainerBuilder $container): voi $hasherMap = []; foreach ($hashers as $class => $hasher) { $hasherMap[$class] = $this->createHasher($hasher); + // The key is not a class, so we register an alias for argument to + // ease getting the hasher + if (!class_exists($class) && !interface_exists($class)) { + $id = 'security.password_hasher.'.$class; + $container + ->register($id, PasswordHasherInterface::class) + ->setFactory([new Reference('security.password_hasher_factory'), 'getPasswordHasher']) + ->setArgument(0, $class) + ; + $container->registerAliasForArgument($id, PasswordHasherInterface::class, $class); + } } $container diff --git a/Tests/DependencyInjection/SecurityExtensionTest.php b/Tests/DependencyInjection/SecurityExtensionTest.php index d0f3549a..4999fff7 100644 --- a/Tests/DependencyInjection/SecurityExtensionTest.php +++ b/Tests/DependencyInjection/SecurityExtensionTest.php @@ -29,6 +29,7 @@ use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\RequestMatcher\PathRequestMatcher; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\PasswordHasher\PasswordHasherInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\User\InMemoryUserChecker; @@ -883,7 +884,7 @@ public function testCustomHasherWithMigrateFrom() $container->loadFromExtension('security', [ 'password_hashers' => [ 'legacy' => 'md5', - 'App\User' => [ + TestUserChecker::class => [ 'id' => 'App\Security\CustomHasher', 'migrate_from' => 'legacy', ], @@ -895,11 +896,19 @@ public function testCustomHasherWithMigrateFrom() $hashersMap = $container->getDefinition('security.password_hasher_factory')->getArgument(0); - $this->assertArrayHasKey('App\User', $hashersMap); - $this->assertEquals($hashersMap['App\User'], [ + $this->assertArrayHasKey(TestUserChecker::class, $hashersMap); + $this->assertEquals($hashersMap[TestUserChecker::class], [ 'instance' => new Reference('App\Security\CustomHasher'), 'migrate_from' => ['legacy'], ]); + + $legacyAlias = \sprintf('%s $%s', PasswordHasherInterface::class, 'legacy'); + $this->assertTrue($container->hasAlias($legacyAlias)); + $definition = $container->getDefinition((string) $container->getAlias($legacyAlias)); + $this->assertSame(PasswordHasherInterface::class, $definition->getClass()); + + $this->assertFalse($container->hasAlias(\sprintf('%s $%s', PasswordHasherInterface::class, 'symfonyBundleSecurityBundleTestsDependencyInjectionTestUserChecker'))); + $this->assertFalse($container->hasAlias(\sprintf('.%s $%s', PasswordHasherInterface::class, TestUserChecker::class))); } public function testAuthenticatorsDecoration() diff --git a/composer.json b/composer.json index 7459b017..614769d2 100644 --- a/composer.json +++ b/composer.json @@ -16,53 +16,43 @@ } ], "require": { - "php": ">=8.2", + "php": ">=8.4", "composer-runtime-api": ">=2.1", "ext-xml": "*", - "symfony/clock": "^6.4|^7.0", - "symfony/config": "^7.3", - "symfony/dependency-injection": "^6.4.11|^7.1.4", - "symfony/event-dispatcher": "^6.4|^7.0", - "symfony/http-kernel": "^6.4|^7.0", - "symfony/http-foundation": "^6.4|^7.0", - "symfony/password-hasher": "^6.4|^7.0", - "symfony/security-core": "^7.3", - "symfony/security-csrf": "^6.4|^7.0", - "symfony/security-http": "^7.3", + "symfony/clock": "^7.4|^8.0", + "symfony/config": "^7.4|^8.0", + "symfony/dependency-injection": "^7.4|^8.0", + "symfony/event-dispatcher": "^7.4|^8.0", + "symfony/http-kernel": "^7.4|^8.0", + "symfony/http-foundation": "^7.4|^8.0", + "symfony/password-hasher": "^7.4|^8.0", + "symfony/security-core": "^7.4|^8.0", + "symfony/security-csrf": "^7.4|^8.0", + "symfony/security-http": "^7.4|^8.0", "symfony/service-contracts": "^2.5|^3" }, "require-dev": { - "symfony/asset": "^6.4|^7.0", - "symfony/browser-kit": "^6.4|^7.0", - "symfony/console": "^6.4|^7.0", - "symfony/css-selector": "^6.4|^7.0", - "symfony/dom-crawler": "^6.4|^7.0", - "symfony/expression-language": "^6.4|^7.0", - "symfony/form": "^6.4|^7.0", - "symfony/framework-bundle": "^6.4|^7.0", - "symfony/http-client": "^6.4|^7.0", - "symfony/ldap": "^6.4|^7.0", - "symfony/process": "^6.4|^7.0", - "symfony/rate-limiter": "^6.4|^7.0", - "symfony/serializer": "^6.4|^7.0", - "symfony/translation": "^6.4|^7.0", - "symfony/twig-bundle": "^6.4|^7.0", - "symfony/twig-bridge": "^6.4|^7.0", - "symfony/validator": "^6.4|^7.0", - "symfony/yaml": "^6.4|^7.0", + "symfony/asset": "^7.4|^8.0", + "symfony/browser-kit": "^7.4|^8.0", + "symfony/console": "^7.4|^8.0", + "symfony/css-selector": "^7.4|^8.0", + "symfony/dom-crawler": "^7.4|^8.0", + "symfony/expression-language": "^7.4|^8.0", + "symfony/form": "^7.4|^8.0", + "symfony/framework-bundle": "^7.4|^8.0", + "symfony/http-client": "^7.4|^8.0", + "symfony/ldap": "^7.4|^8.0", + "symfony/process": "^7.4|^8.0", + "symfony/rate-limiter": "^7.4|^8.0", + "symfony/serializer": "^7.4|^8.0", + "symfony/translation": "^7.4|^8.0", + "symfony/twig-bundle": "^7.4|^8.0", + "symfony/twig-bridge": "^7.4|^8.0", + "symfony/validator": "^7.4|^8.0", + "symfony/yaml": "^7.4|^8.0", "twig/twig": "^3.12", "web-token/jwt-library": "^3.3.2|^4.0" }, - "conflict": { - "symfony/browser-kit": "<6.4", - "symfony/console": "<6.4", - "symfony/framework-bundle": "<6.4", - "symfony/http-client": "<6.4", - "symfony/ldap": "<6.4", - "symfony/serializer": "<6.4", - "symfony/twig-bundle": "<6.4", - "symfony/validator": "<6.4" - }, "autoload": { "psr-4": { "Symfony\\Bundle\\SecurityBundle\\": "" }, "exclude-from-classmap": [