Fix RememberMe with null password

jderusse · jderusse · commit c713200521c3 · 2020-01-14T13:04:40.000+01:00
diff --git a/src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeServices.php b/src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeServices.php
@@ -53,7 +53,7 @@ protected function processAutoLoginCookie(array $cookieParts, Request $request)
             throw new \RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', \get_class($user)));
         }
 
-        if (true !== hash_equals($this->generateCookieHash($class, $username, $expires, $user->getPassword()), $hash)) {
+        if (true !== hash_equals($this->generateCookieHash($class, $username, $expires, $user->getPassword() ?? ''), $hash)) {
             throw new AuthenticationException('The cookie\'s hash is invalid.');
         }
 
@@ -71,7 +71,7 @@ protected function onLoginSuccess(Request $request, Response $response, TokenInt
     {
         $user = $token->getUser();
         $expires = time() + $this->options['lifetime'];
-        $value = $this->generateCookieValue(\get_class($user), $user->getUsername(), $expires, $user->getPassword());
+        $value = $this->generateCookieValue(\get_class($user), $user->getUsername(), $expires, $user->getPassword() ?? '');
 
         $response->headers->setCookie(
             new Cookie(

Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,7 @@ protected function processAutoLoginCookie(array $cookieParts, Request $request)`
`53`	`53`	`throw new \RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', \get_class($user)));`
`54`	`54`	`}`
`55`	`55`
`56`		`- if (true !== hash_equals($this->generateCookieHash($class, $username, $expires, $user->getPassword()), $hash)) {`
	`56`	`+ if (true !== hash_equals($this->generateCookieHash($class, $username, $expires, $user->getPassword() ?? ''), $hash)) {`
`57`	`57`	`throw new AuthenticationException('The cookie\'s hash is invalid.');`
`58`	`58`	`}`
`59`	`59`
`@@ -71,7 +71,7 @@ protected function onLoginSuccess(Request $request, Response $response, TokenInt`
`71`	`71`	`{`
`72`	`72`	`$user = $token->getUser();`
`73`	`73`	`$expires = time() + $this->options['lifetime'];`
`74`		`- $value = $this->generateCookieValue(\get_class($user), $user->getUsername(), $expires, $user->getPassword());`
	`74`	`+ $value = $this->generateCookieValue(\get_class($user), $user->getUsername(), $expires, $user->getPassword() ?? '');`
`75`	`75`
`76`	`76`	`$response->headers->setCookie(`
`77`	`77`	`new Cookie(`