Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit fd81bb8

Browse filesBrowse files
chalasrchalasr
committed
bug symfony#35060 [Security] Fix missing defaults for auto-migrating encoders (chalasr)
This PR was merged into the 4.4 branch. Discussion ---------- [Security] Fix missing defaults for auto-migrating encoders | Q | A | ------------- | --- | Branch? | 4.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | Fixes symfony#35058 | License | MIT | Doc PR | - Commits ------- 665ef06 [Security] Fix missing defaults for auto-migrating encoders
2 parents aac9ca2 + 665ef06 commit fd81bb8
Copy full SHA for fd81bb8

File tree

2 files changed

+11
-6
lines changed
Filter options

2 files changed

+11
-6
lines changed

‎src/Symfony/Component/Security/Core/Encoder/EncoderFactory.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Encoder/EncoderFactory.php
+6-6Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -144,10 +144,10 @@ private function getEncoderConfigFromAlgorithm(array $config): array
144144
return [
145145
'class' => Pbkdf2PasswordEncoder::class,
146146
'arguments' => [
147-
$config['hash_algorithm'],
148-
$config['encode_as_base64'],
149-
$config['iterations'],
150-
$config['key_length'],
147+
$config['hash_algorithm'] ?? 'sha512',
148+
$config['encode_as_base64'] ?? true,
149+
$config['iterations'] ?? 1000,
150+
$config['key_length'] ?? 40,
151151
],
152152
];
153153

@@ -205,8 +205,8 @@ private function getEncoderConfigFromAlgorithm(array $config): array
205205
'class' => MessageDigestPasswordEncoder::class,
206206
'arguments' => [
207207
$config['algorithm'],
208-
$config['encode_as_base64'],
209-
$config['iterations'],
208+
$config['encode_as_base64'] ?? true,
209+
$config['iterations'] ?? 5000,
210210
],
211211
];
212212
}

‎src/Symfony/Component/Security/Core/Tests/Encoder/EncoderFactoryTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Tests/Encoder/EncoderFactoryTest.php
+5Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -162,6 +162,11 @@ public function testDefaultMigratingEncoders()
162162
(new EncoderFactory([SomeUser::class => ['class' => NativePasswordEncoder::class, 'arguments' => []]]))->getEncoder(SomeUser::class)
163163
);
164164

165+
$this->assertInstanceOf(
166+
MigratingPasswordEncoder::class,
167+
(new EncoderFactory([SomeUser::class => ['algorithm' => 'bcrypt', 'cost' => 11]]))->getEncoder(SomeUser::class)
168+
);
169+
165170
if (!SodiumPasswordEncoder::isSupported()) {
166171
return;
167172
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.