/** * Check to see if a provided password is valid. * * @param Entity\Oauth $oauth * @param string $requestPassword * * @return bool */ protected function isValidPassword(Entity\Oauth $oauth, $requestPassword) { if (!Blowfish::detect($oauth->getPassword())) { return false; } // We have a Blowfish hash, verify return password_verify($requestPassword, $oauth->getPassword()); }