Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[PasswordHasher] Fix usage of PasswordHasherAdapter in PasswordHasherFactory #42321

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 29, 2021
Merged

[PasswordHasher] Fix usage of PasswordHasherAdapter in PasswordHasherFactory #42321

merged 1 commit into from
Jul 29, 2021

Conversation

peter17
Copy link
Contributor

@peter17 peter17 commented Jul 29, 2021

Q A
Branch? 5.3
Bug fix? yes
New feature? no
Deprecations? no
Tickets Fix explained below
License MIT

Using migrate_from with a PasswordEncoderInterface was working fine in Symfony 5.2. It Symfony 5.3, it resulted in an error, because getHasherConfigFromAlgorithm would access it before it is decorated with the adapter.

Full stack-trace:

TypeError:
Argument 1 passed to Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory::createHasher() must be of the type array, object given, called in /var/www/html/vendor/symfony/password-hasher/Hasher/PasswordHasherFactory.php on line 157

  at vendor/symfony/password-hasher/Hasher/PasswordHasherFactory.php:73
  at Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory->createHasher(object(LegacyPasswordEncoder), true)
     (vendor/symfony/password-hasher/Hasher/PasswordHasherFactory.php:157)
  at Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory->getHasherConfigFromAlgorithm(array('algorithm' => 'native', 'cost' => 15, 'hash_algorithm' => 'sha512', 'key_length' => 40, 'ignore_case' => false, 'encode_as_base64' => true, 'iterations' => 5000, 'memory_cost' => null, 'time_cost' => null))
     (vendor/symfony/password-hasher/Hasher/PasswordHasherFactory.php:77)
  at Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory->createHasher(array('algorithm' => 'native', 'cost' => 15, 'migrate_from' => array('legacy'), 'hash_algorithm' => 'sha512', 'key_length' => 40, 'ignore_case' => false, 'encode_as_base64' => true, 'iterations' => 5000, 'memory_cost' => null, 'time_cost' => null), true)
     (vendor/symfony/password-hasher/Hasher/PasswordHasherFactory.php:137)
  at Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory->getHasherConfigFromAlgorithm(array('algorithm' => 'native', 'cost' => 15, 'migrate_from' => array('legacy'), 'hash_algorithm' => 'sha512', 'key_length' => 40, 'ignore_case' => false, 'encode_as_base64' => true, 'iterations' => 5000, 'memory_cost' => null, 'time_cost' => null))
     (vendor/symfony/password-hasher/Hasher/PasswordHasherFactory.php:77)
  at Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory->createHasher(array('algorithm' => 'auto', 'cost' => 15, 'migrate_from' => array('legacy'), 'hash_algorithm' => 'sha512', 'key_length' => 40, 'ignore_case' => false, 'encode_as_base64' => true, 'iterations' => 5000, 'memory_cost' => null, 'time_cost' => null))
     (vendor/symfony/password-hasher/Hasher/PasswordHasherFactory.php:113)
  at Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory->createHasherUsingAdapter('App\\Entity\\User')
     (vendor/symfony/password-hasher/Hasher/PasswordHasherFactory.php:65)
  at Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory->getPasswordHasher(object(User))
     (vendor/symfony/security-core/Authentication/Provider/DaoAuthenticationProvider.php:100)
  at Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider->checkAuthentication(object(User), object(UsernamePasswordToken))
     (vendor/symfony/security-core/Authentication/Provider/UserAuthenticationProvider.php:86)
  at Symfony\Component\Security\Core\Authentication\Provider\UserAuthenticationProvider->authenticate(object(UsernamePasswordToken))
     (vendor/symfony/security-core/Authentication/AuthenticationProviderManager.php:88)
  at Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager->authenticate(object(UsernamePasswordToken))
     (vendor/symfony/security-http/Firewall/UsernamePasswordFormAuthenticationListener.php:108)
  at Symfony\Component\Security\Http\Firewall\UsernamePasswordFormAuthenticationListener->attemptAuthentication(object(Request))
     (vendor/symfony/security-http/Firewall/AbstractAuthenticationListener.php:136)
  at Symfony\Component\Security\Http\Firewall\AbstractAuthenticationListener->authenticate(object(RequestEvent))
     (vendor/symfony/security-bundle/Debug/WrappedLazyListener.php:49)
  at Symfony\Bundle\SecurityBundle\Debug\WrappedLazyListener->authenticate(object(RequestEvent))
     (vendor/symfony/security-http/Firewall/AbstractListener.php:26)
  at Symfony\Component\Security\Http\Firewall\AbstractListener->__invoke(object(RequestEvent))
     (vendor/symfony/security-bundle/Debug/TraceableFirewallListener.php:62)
  at Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener->callListeners(object(RequestEvent), object(Generator))
     (vendor/symfony/security-http/Firewall.php:86)
  at Symfony\Component\Security\Http\Firewall->onKernelRequest(object(RequestEvent), 'kernel.request', object(TraceableEventDispatcher))
     (vendor/symfony/event-dispatcher/Debug/WrappedListener.php:117)
  at Symfony\Component\EventDispatcher\Debug\WrappedListener->__invoke(object(RequestEvent), 'kernel.request', object(TraceableEventDispatcher))
     (vendor/symfony/event-dispatcher/EventDispatcher.php:230)
  at Symfony\Component\EventDispatcher\EventDispatcher->callListeners(array(object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener)), 'kernel.request', object(RequestEvent))
     (vendor/symfony/event-dispatcher/EventDispatcher.php:59)
  at Symfony\Component\EventDispatcher\EventDispatcher->dispatch(object(RequestEvent), 'kernel.request')
     (vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php:151)
  at Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher->dispatch(object(RequestEvent), 'kernel.request')
     (vendor/symfony/http-kernel/HttpKernel.php:133)
  at Symfony\Component\HttpKernel\HttpKernel->handleRaw(object(Request), 1)
     (vendor/symfony/http-kernel/HttpKernel.php:79)
  at Symfony\Component\HttpKernel\HttpKernel->handle(object(Request), 1, true)
     (vendor/symfony/http-kernel/Kernel.php:199)
  at Symfony\Component\HttpKernel\Kernel->handle(object(Request))
     (public/index.php:20)

My confguration in security.yml:

    encoders:
        legacy:
            id: 'App\Utils\LegacyPasswordEncoder'
        App\Entity\User:
            algorithm: auto
            cost: 15
            migrate_from:
                - legacy

@peter17 peter17 requested a review from chalasr as a code owner July 29, 2021 14:11
@carsonbot
Copy link

Hey!

I see that this is your first PR. That is great! Welcome!

Symfony has a contribution guide which I suggest you to read.

In short:

  • Always add tests
  • Keep backward compatibility (see https://symfony.com/bc).
  • Bug fixes must be submitted against the lowest maintained branch where they apply (see https://symfony.com/releases)
  • Features and deprecations must be submitted against the 5.4 branch.

Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change.

When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor!
If this PR is merged in a lower version branch, it will be merged up to all maintained branches within a few days.

I am going to sit back now and wait for the reviews.

Cheers!

Carsonbot

@carsonbot carsonbot added this to the 5.3 milestone Jul 29, 2021
@peter17 peter17 mentioned this pull request Jul 29, 2021
Closed
@derrabus
Copy link
Member

Can you provide a test case for your change?

@carsonbot carsonbot changed the title Fix usage of PasswordHasherAdapter in PasswordHasherFactory [PasswordHasher] Fix usage of PasswordHasherAdapter in PasswordHasherFactory Jul 29, 2021
@peter17 peter17 force-pushed the patch-1 branch 2 times, most recently from 8ee821e to 744d651 Compare July 29, 2021 16:04
@peter17
Copy link
Contributor Author

peter17 commented Jul 29, 2021

@derrabus I added a test. On branch 5.3, this test fails with:

TypeError: Argument 1 passed to Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory::createHasher() must be of the type array, object given, called in symfony/src/Symfony/Component/PasswordHasher/Hasher/PasswordHasherFactory.php on line 146

And it passes with my patch. Regards

@derrabus
Copy link
Member

Good catch, thanks @peter17.

@derrabus derrabus merged commit c522cc9 into symfony:5.3 Jul 29, 2021
@chalasr chalasr mentioned this pull request Aug 26, 2021
Closed
@fabpot fabpot mentioned this pull request Aug 30, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@derrabus derrabus derrabus approved these changes

@chalasr chalasr chalasr approved these changes

Assignees
No one assigned
Labels
Bug PasswordHasher Status: Reviewed
Projects
None yet
Milestone
5.3
Development

Successfully merging this pull request may close these issues.
4 participants
@peter17 @carsonbot @derrabus @chalasr