/**
* Builds an user entity destination.
*
* @param array $configuration
* A configuration array containing information about the plugin instance.
* @param string $plugin_id
* The plugin_id for the plugin instance.
* @param mixed $plugin_definition
* The plugin implementation definition.
* @param MigrationInterface $migration
* The migration.
* @param EntityStorageInterface $storage
* The storage for this entity type.
* @param array $bundles
* The list of bundles this entity type has.
* @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
* The entity manager service.
* @param \Drupal\Core\Password\PasswordInterface $password
* The password service.
*/
public function __construct(array $configuration, $plugin_id, $plugin_definition, MigrationInterface $migration, EntityStorageInterface $storage, array $bundles, EntityManagerInterface $entity_manager, FieldTypePluginManagerInterface $field_type_manager, PasswordInterface $password)
{
parent::__construct($configuration, $plugin_id, $plugin_definition, $migration, $storage, $bundles, $entity_manager, $field_type_manager);
// Since password records from the earlier schema already was hashed we
// disable hashing so that passwords stay intact.
$this->password = $password;
$this->password->disablePasswordHashing();
$this->storage->resetCache();
}
/**
* {@inheritdoc}
*/
public function hash($password)
{
$hash = $this->originalPassword->hash($password);
// Allow prefixing only if the service was asked to prefix. Check also if
// the $password pattern is conforming to a MD5 result.
if ($this->enabled && preg_match('/^[0-9a-f]{32}$/', $password)) {
$hash = 'U' . $hash;
}
return $hash;
}
/**
* {@inheritdoc}
* @throws \Drupal\migrate\MigrateException
*/
public function import(Row $row, array $old_destination_id_values = array())
{
if ($this->password) {
if ($this->password instanceof MigratePassword) {
$this->password->enableMd5Prefixing();
} else {
throw new MigrateException('Password service has been altered by another module, aborting.');
}
}
$ids = parent::import($row, $old_destination_id_values);
if ($this->password) {
$this->password->disableMd5Prefixing();
}
return $ids;
}
/**
* Tests the authenticate method with a correct password and new password hash.
*
* @covers ::authenticate
*/
public function testAuthenticateWithCorrectPasswordAndNewPasswordHash()
{
$this->testUser->expects($this->once())->method('id')->will($this->returnValue(1));
$this->testUser->expects($this->once())->method('setPassword')->with($this->password);
$this->testUser->expects($this->once())->method('save');
$this->userStorage->expects($this->once())->method('loadByProperties')->with(array('name' => $this->username))->will($this->returnValue(array($this->testUser)));
$this->passwordService->expects($this->once())->method('check')->with($this->password, $this->testUser->getPassword())->will($this->returnValue(TRUE));
$this->passwordService->expects($this->once())->method('needsRehash')->with($this->testUser->getPassword())->will($this->returnValue(TRUE));
$this->assertsame(1, $this->userAuth->authenticate($this->username, $this->password));
}
/**
* {@inheritdoc}
* @throws \Drupal\migrate\MigrateException
*/
public function import(Row $row, array $old_destination_id_values = array())
{
if ($this->password) {
if ($this->password instanceof MigratePassword) {
$this->password->enableMd5Prefixing();
} else {
throw new MigrateException('Password service has been altered by another module, aborting.');
}
}
// Do not overwrite the root account password.
if ($row->getDestinationProperty('uid') == 1) {
$row->removeDestinationProperty('pass');
}
$ids = parent::import($row, $old_destination_id_values);
if ($this->password) {
$this->password->disableMd5Prefixing();
}
return $ids;
}
/**
* {@inheritdoc}
*/
public function authenticate($username, $password)
{
$uid = FALSE;
if (!empty($username) && strlen($password) > 0) {
$account_search = $this->entityManager->getStorage('user')->loadByProperties(array('name' => $username));
if ($account = reset($account_search)) {
if ($this->passwordChecker->check($password, $account->getPassword())) {
// Successful authentication.
$uid = $account->id();
// Update user to new password scheme if needed.
if ($this->passwordChecker->needsRehash($account->getPassword())) {
$account->setPassword($password);
$account->save();
}
}
}
}
return $uid;
}
/**
* {@inheritdoc}
*/
protected function save(ContentEntityInterface $entity, array $old_destination_id_values = array())
{
// Do not overwrite the root account password.
if ($entity->id() != 1) {
// Set the pre_hashed password so that the PasswordItem field does not hash
// already hashed passwords. If the md5_passwords configuration option is
// set we need to rehash the password and prefix with a U.
// @see \Drupal\Core\Field\Plugin\Field\FieldType\PasswordItem::preSave()
$entity->pass->pre_hashed = TRUE;
if (isset($this->configuration['md5_passwords'])) {
$entity->pass->value = 'U' . $this->password->hash($entity->pass->value);
}
}
return parent::save($entity, $old_destination_id_values);
}
/**
* Implements the PhpassHashedPassword::getCountLog2() method.
*
* @todo: Revisit this whole alternate password service:
* https://www.drupal.org/node/2540594.
*/
public function getCountLog2($setting)
{
return $this->originalPassword->getCountLog2($setting);
}
