[Ldap] cast to string when checking empty passwords

ismail1432 · fabpot · commit 1ebe2034134a · 2018-05-24T15:26:23.000+02:00
diff --git a/src/Symfony/Component/Security/Core/Authentication/Provider/LdapBindAuthenticationProvider.php b/src/Symfony/Component/Security/Core/Authentication/Provider/LdapBindAuthenticationProvider.php
@@ -82,7 +82,7 @@ protected function checkAuthentication(UserInterface $user, UsernamePasswordToke
         $username = $token->getUsername();
         $password = $token->getCredentials();
 
-        if ('' === $password) {
+        if ('' === (string) $password) {
             throw new BadCredentialsException('The presented password must not be empty.');
         }
 
diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/LdapBindAuthenticationProviderTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/Provider/LdapBindAuthenticationProviderTest.php
@@ -45,6 +45,23 @@ public function testEmptyPasswordShouldThrowAnException()
         $reflection->invoke($provider, new User('foo', null), new UsernamePasswordToken('foo', '', 'key'));
     }
 
+    /**
+     * @expectedException        \Symfony\Component\Security\Core\Exception\BadCredentialsException
+     * @expectedExceptionMessage The presented password must not be empty.
+     */
+    public function testNullPasswordShouldThrowAnException()
+    {
+        $userProvider = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserProviderInterface')->getMock();
+        $ldap = $this->getMockBuilder('Symfony\Component\Ldap\LdapClientInterface')->getMock();
+        $userChecker = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserCheckerInterface')->getMock();
+
+        $provider = new LdapBindAuthenticationProvider($userProvider, $userChecker, 'key', $ldap);
+        $reflection = new \ReflectionMethod($provider, 'checkAuthentication');
+        $reflection->setAccessible(true);
+
+        $reflection->invoke($provider, new User('foo', null), new UsernamePasswordToken('foo', null, 'key'));
+    }
+
     /**
      * @expectedException        \Symfony\Component\Security\Core\Exception\BadCredentialsException
      * @expectedExceptionMessage The presented password is invalid.

Original file line number	Diff line number	Diff line change
`@@ -82,7 +82,7 @@ protected function checkAuthentication(UserInterface $user, UsernamePasswordToke`
`82`	`82`	`$username = $token->getUsername();`
`83`	`83`	`$password = $token->getCredentials();`
`84`	`84`
`85`		`- if ('' === $password) {`
	`85`	`+ if ('' === (string) $password) {`
`86`	`86`	`throw new BadCredentialsException('The presented password must not be empty.');`
`87`	`87`	`}`
`88`	`88`