From b244a064cdd8fed9cc6f1080c96c075fd21dbe3f Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Thu, 17 Feb 2022 20:29:41 +0100 Subject: [PATCH] [Security/Http] Fix getting password-upgrader when user-loader is a closure --- .../Http/EventListener/PasswordMigratingListener.php | 4 +++- .../Tests/EventListener/PasswordMigratingListenerTest.php | 5 ++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/Symfony/Component/Security/Http/EventListener/PasswordMigratingListener.php b/src/Symfony/Component/Security/Http/EventListener/PasswordMigratingListener.php index 2c667230079a8..2650d45841bb3 100644 --- a/src/Symfony/Component/Security/Http/EventListener/PasswordMigratingListener.php +++ b/src/Symfony/Component/Security/Http/EventListener/PasswordMigratingListener.php @@ -79,7 +79,9 @@ public function onLoginSuccess(LoginSuccessEvent $event): void $userLoader = $userBadge->getUserLoader(); if (\is_array($userLoader) && $userLoader[0] instanceof PasswordUpgraderInterface) { $passwordUpgrader = $userLoader[0]; - } else { + } elseif (!$userLoader instanceof \Closure + || !($passwordUpgrader = (new \ReflectionFunction($userLoader))->getClosureThis()) instanceof PasswordUpgraderInterface + ) { return; } } diff --git a/src/Symfony/Component/Security/Http/Tests/EventListener/PasswordMigratingListenerTest.php b/src/Symfony/Component/Security/Http/Tests/EventListener/PasswordMigratingListenerTest.php index da61fa59166fb..9f8e218e70714 100644 --- a/src/Symfony/Component/Security/Http/Tests/EventListener/PasswordMigratingListenerTest.php +++ b/src/Symfony/Component/Security/Http/Tests/EventListener/PasswordMigratingListenerTest.php @@ -111,13 +111,16 @@ public function testUpgradeWithoutUpgrader() $userLoader = $this->getMockForAbstractClass(TestMigratingUserProvider::class); $userLoader->expects($this->any())->method('loadUserByIdentifier')->willReturn($this->user); - $userLoader->expects($this->once()) + $userLoader->expects($this->exactly(2)) ->method('upgradePassword') ->with($this->user, 'new-hash') ; $event = $this->createEvent(new SelfValidatingPassport(new UserBadge('test', [$userLoader, 'loadUserByIdentifier']), [new PasswordUpgradeBadge('pa$$word')])); $this->listener->onLoginSuccess($event); + + $event = $this->createEvent(new SelfValidatingPassport(new UserBadge('test', \Closure::fromCallable([$userLoader, 'loadUserByIdentifier'])), [new PasswordUpgradeBadge('pa$$word')])); + $this->listener->onLoginSuccess($event); } public function testUserWithoutPassword()