/** * Creates a new account and sets the given password and roles * * @param string $identifier Identifier of the account, must be unique * @param string $password The clear text password * @param array $roleIdentifiers Optionally an array of role identifiers to assign to the new account * @param string $authenticationProviderName Optional name of the authentication provider the account is affiliated with * @param string $passwordHashingStrategy Optional password hashing strategy to use for the password * @return Account A new account, not yet added to the account repository */ public function createAccountWithPassword($identifier, $password, $roleIdentifiers = [], $authenticationProviderName = 'DefaultProvider', $passwordHashingStrategy = 'default') { $account = new Account(); $account->setAccountIdentifier($identifier); $account->setCredentialsSource($this->hashService->hashPassword($password, $passwordHashingStrategy)); $account->setAuthenticationProviderName($authenticationProviderName); $roles = []; foreach ($roleIdentifiers as $roleIdentifier) { $roles[] = $this->policyService->getRole($roleIdentifier); } $account->setRoles($roles); return $account; }
/** * Persists a key to the file system * * @param string $name * @param string $password * @return void * @throws SecurityException */ protected function persistKey($name, $password) { $hashedPassword = $this->hashService->hashPassword($password, $this->passwordHashingStrategy); $keyPathAndFilename = $this->getKeyPathAndFilename($name); if (!is_dir($this->getPath())) { Utility\Files::createDirectoryRecursively($this->getPath()); } $result = file_put_contents($keyPathAndFilename, $hashedPassword); if ($result === false) { throw new SecurityException(sprintf('The key could not be stored ("%s").', $keyPathAndFilename), 1305812921); } }
/** * Sets a new password for the given user * * This method will iterate over all accounts owned by the given user and, if the account uses a UsernamePasswordToken, * sets a new password accordingly. * * @param User $user The user to set the password for * @param string $password A new password * @return void * @api */ public function setUserPassword(User $user, $password) { $tokens = $this->authenticationManager->getTokens(); $indexedTokens = array(); foreach ($tokens as $token) { /** @var TokenInterface $token */ $indexedTokens[$token->getAuthenticationProviderName()] = $token; } foreach ($user->getAccounts() as $account) { /** @var Account $account */ $authenticationProviderName = $account->getAuthenticationProviderName(); if (isset($indexedTokens[$authenticationProviderName]) && $indexedTokens[$authenticationProviderName] instanceof UsernamePassword) { $account->setCredentialsSource($this->hashService->hashPassword($password)); $this->accountRepository->update($account); } } }
/** * @test * @expectedException \Neos\Flow\Security\Exception\MissingConfigurationException */ public function hashPasswordThrowsExceptionIfNoDefaultHashingStrategyIsConfigured() { $mockSettings = ['security' => ['cryptography' => ['hashingStrategies' => ['TestStrategy' => TestHashingStrategy::class]]]]; $this->hashService->injectSettings($mockSettings); $this->hashService->hashPassword('myTestPassword'); }