Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 665ef06

Browse filesBrowse files
chalasrchalasr
committed
[Security] Fix missing defaults for auto-migrating encoders
1 parent 6dc0c38 commit 665ef06
Copy full SHA for 665ef06

File tree

Expand file treeCollapse file tree

2 files changed

+11
-6
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+11
-6
lines changed

‎src/Symfony/Component/Security/Core/Encoder/EncoderFactory.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Encoder/EncoderFactory.php
+6-6Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -144,10 +144,10 @@ private function getEncoderConfigFromAlgorithm(array $config): array
144144
return [
145145
'class' => Pbkdf2PasswordEncoder::class,
146146
'arguments' => [
147-
$config['hash_algorithm'],
148-
$config['encode_as_base64'],
149-
$config['iterations'],
150-
$config['key_length'],
147+
$config['hash_algorithm'] ?? 'sha512',
148+
$config['encode_as_base64'] ?? true,
149+
$config['iterations'] ?? 1000,
150+
$config['key_length'] ?? 40,
151151
],
152152
];
153153

@@ -205,8 +205,8 @@ private function getEncoderConfigFromAlgorithm(array $config): array
205205
'class' => MessageDigestPasswordEncoder::class,
206206
'arguments' => [
207207
$config['algorithm'],
208-
$config['encode_as_base64'],
209-
$config['iterations'],
208+
$config['encode_as_base64'] ?? true,
209+
$config['iterations'] ?? 5000,
210210
],
211211
];
212212
}

‎src/Symfony/Component/Security/Core/Tests/Encoder/EncoderFactoryTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Tests/Encoder/EncoderFactoryTest.php
+5Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -162,6 +162,11 @@ public function testDefaultMigratingEncoders()
162162
(new EncoderFactory([SomeUser::class => ['class' => NativePasswordEncoder::class, 'arguments' => []]]))->getEncoder(SomeUser::class)
163163
);
164164

165+
$this->assertInstanceOf(
166+
MigratingPasswordEncoder::class,
167+
(new EncoderFactory([SomeUser::class => ['algorithm' => 'bcrypt', 'cost' => 11]]))->getEncoder(SomeUser::class)
168+
);
169+
165170
if (!SodiumPasswordEncoder::isSupported()) {
166171
return;
167172
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.