public function testPasswordIsNotValid()
 {
     $constraint = new UserPassword(array('message' => 'myMessage'));
     $this->encoder->expects($this->once())->method('isPasswordValid')->with(static::PASSWORD, 'secret', static::SALT)->will($this->returnValue(false));
     $this->validator->validate('secret', $constraint);
     $this->assertViolation('myMessage');
 }
 public function generatePassword(PasswordEncoderInterface $encoder, HasPassword $object)
 {
     $salt = '';
     if (true === $object instanceof HasSalt || true === $object instanceof UserInterface) {
         $salt = $object->getSalt();
     }
     return $encoder->encodePassword($object->getPlainPassword(), $salt);
 }
Example #3
0
 /**
  * @param PasswordEncoderInterface $encoder
  */
 public function encodePassword(PasswordEncoderInterface $encoder)
 {
     if ($this->rawPassword) {
         $this->salt = sha1(uniqid(mt_rand()));
         $this->password = $encoder->encodePassword($this->rawPassword, $this->salt);
         $this->eraseCredentials();
     }
 }
Example #4
0
 /**
  * Checks for a new password and rehashes if necessary
  *
  * @param User                     $entity
  * @param PasswordEncoderInterface $encoder
  * @param string                   $submittedPassword
  *
  * @return string
  */
 public function checkNewPassword(User $entity, PasswordEncoderInterface $encoder, $submittedPassword)
 {
     if (!empty($submittedPassword)) {
         //hash the clear password submitted via the form
         return $encoder->encodePassword($submittedPassword, $entity->getSalt());
     }
     return $entity->getPassword();
 }
 /**
  * {@inheritDoc}
  *
  * @return void
  */
 public function run(EntityInterface $user)
 {
     $user->setActivationKey(base64_encode($this->secureRandom->nextBytes(24)));
     $user->setPassword($this->passwordEncoder->encodePassword($user->getPassword(), User::SALT));
     $user->setRegistrationDate(new \DateTime());
     $this->entityManager->getRepository(User::class)->add($user);
     $this->entityManager->flush();
 }
Example #6
0
 public function updatePassword(UpdatePasswordCommand $command, $login = null)
 {
     $user = $this->getUserOrCurrentUser($login);
     $passwordIsValid = $this->passwordEncoder->isPasswordValid($user->getPassword(), $command->getOldPassword(), $user->getNonce());
     if (!$passwordIsValid) {
         throw new AccountException('Invalid password provided');
     }
     $this->userManipulator->setPassword($user, $command->getPassword());
 }
Example #7
0
 /**
  * @inheritdoc
  */
 public function setPassword($raw, PasswordEncoderInterface $encoder = null)
 {
     $this->salt = md5(uniqid() . microtime());
     if (null === $encoder) {
         $this->password = $raw;
         return;
     }
     $this->password = $encoder->encodePassword($raw, $this->salt);
 }
 public function it_does_nothing_if_plain_password_is_empty($encoderFactory, PasswordEncoderInterface $encoder, UserInterface $user)
 {
     $user->getPlainPassword()->willReturn('');
     $user->getSalt()->willReturn('typicalSalt');
     $encoderFactory->getEncoder($user)->shouldNotBeCalled();
     $encoder->encodePassword('', 'typicalSalt')->shouldNotBeCalled();
     $user->setPassword(Argument::any())->shouldNotBeCalled();
     $user->eraseCredentials()->shouldNotBeCalled();
     $this->updatePassword($user);
 }
 /**
  * Attempt to authenticate the provided token using the provided user provider.
  * @param TokenInterface $token
  * @param UserProviderInterface $userProvider
  * @param string $providerKey
  * @return UsernamePasswordToken
  * @throws BadCredentialsException
  */
 public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
 {
     if ($user = $userProvider->loadUserByUsername($token->getUsername())) {
         $userPassword = $user->getPassword();
         $tokenCredentials = $token->getCredentials();
         if ($userPassword == $this->initPassword && $user instanceof MutableUserInterface && $userProvider instanceof MutableUserProviderInterface) {
             // set both salt & password
             $user->setSalt(substr(md5(rand(1, 10000)), 0, 5));
             $user->setPassword($this->passwordEncoder->encodePassword($tokenCredentials, $user->getSalt()));
             // save the user
             $userProvider->saveUser($user);
             // return it
             return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles());
         } else {
             if ($this->passwordEncoder->isPasswordValid($userPassword, $tokenCredentials, $user->getSalt())) {
                 return new UsernamePasswordToken($user, $userPassword, $providerKey, $user->getRoles());
             }
         }
     }
     throw new BadCredentialsException('The presented password is invalid.');
 }
 /**
  * Validates the password for wsse.
  *
  * @param UserInterface  $user  The provided user.
  * @param TokenInterface $token The created token.
  *
  * @return boolean
  *
  * @throws NonceExpiredException If the none is used again if the lifetime is expired.
  */
 protected function validateDigest(UserInterface $user, TokenInterface $token)
 {
     $created = $token->getCreated();
     $nonce = $token->getNonce();
     // expired after the lifetime
     if (time() - strtotime($created) > $this->lifetime) {
         return false;
     }
     if ($this->filesystem->exists($this->cacheDir . '/' . $nonce) && file_get_contents($this->cacheDir . '/' . $nonce) + $this->lifetime > time()) {
         throw new NonceExpiredException('Previously used nonce detected');
     }
     // if cache directory does not exist it will be created
     if ($this->filesystem->exists($this->cacheDir) === false) {
         $this->filesystem->mkdir($this->cacheDir, 0777);
     }
     $this->filesystem->dumpFile($this->cacheDir . '/' . $nonce, time());
     $salt = base64_decode($nonce) . $created;
     if (!$this->encoder->isPasswordValid($token->getDigest(), $user->getPassword(), $salt)) {
         throw new BadCredentialsException('The presented password is invalid.');
     }
     return true;
 }
Example #11
0
 public function processChangedPassword(PasswordEncoderInterface $encoder)
 {
     $this->generateSalt();
     $this->outputEncodedPassword = $encoder->encodePassword($this->password, $this->outputSalt);
 }
 /**
  * Encode a password
  *
  * @param string $password Password
  * @param string $salt     salt
  *
  * @return string password encrypted
  */
 public function encryptPassword($password, $salt = null)
 {
     return $this->passwordEncoder->encodePassword($password, $salt);
 }
Example #13
0
 protected function getEncodedPassword(UserInterface $user, $password)
 {
     return !$this->encoder instanceof PasswordEncoderInterface ? $this->encoder->encodePassword($user, $password, $user->getSalt()) : $this->encoder->getEncoder($user)->encodePassword($password, $user->getSalt());
 }
Example #14
0
 public function encodePassword(PasswordEncoderInterface $encoder)
 {
     $this->password = $encoder->encodePassword($this->password, $this->salt);
 }
 /**
  * Sets the password for a user.
  *
  * @param user   $user
  * @param string $password
  */
 private function doSetPassword(User $user, $password)
 {
     $user->setNonce(base_convert(sha1(uniqid(mt_rand(), true)), 16, 36));
     $user->setPassword($this->passwordEncoder->encodePassword($password, $user->getNonce()));
     $user->setSaltedPassword(true);
 }
Example #16
0
 public function createNewAccount(PasswordEncoderInterface $encoder, ObjectManager $em, $email, $password, array $data = array())
 {
     //  set default values
     foreach ($data as $field => $val) {
         $method = 'set' . ucfirst($field);
         if (method_exists($this, $method)) {
             $this->{$method}($val);
         }
     }
     $password = $encoder->encodePassword($password, $this->getSalt());
     $this->setPassword($password);
     $this->setEmail($email);
     $this->setCreateAt(new \DateTime());
     $this->setLastActivity(new \DateTime());
     $this->setUpdateAt(new \DateTime());
     $this->setIsActive(true);
     $em->persist($this);
     $em->flush();
 }
 /**
  * @param  PasswordEncoderInterface $passwordencoder
  */
 public function updatePassword(PasswordEncoderInterface $passwordencoder)
 {
     $this->password = $passwordencoder->encodePassword($this->plainPassword, $this->getSalt());
 }
Example #18
0
 public function encodePlainPassword(PasswordEncoderInterface $encoder)
 {
     $this->salt = $this->generateRandomSalt();
     $password = $encoder->encodePassword($this->plainPassword, $this->salt);
     $this->setPassword($password);
 }
Example #19
0
 /**
  * Sets the password for a user.
  *
  * @param user   $user
  * @param string $password
  */
 private function doSetPassword(User $user, $password)
 {
     $user->setNonce($this->generator->generateString(64));
     $user->setPassword($this->passwordEncoder->encodePassword($password, $user->getNonce()));
     $user->setSaltedPassword(true);
 }