public function testPasswordIsNotValid() { $constraint = new UserPassword(array('message' => 'myMessage')); $this->encoder->expects($this->once())->method('isPasswordValid')->with(static::PASSWORD, 'secret', static::SALT)->will($this->returnValue(false)); $this->validator->validate('secret', $constraint); $this->assertViolation('myMessage'); }
public function generatePassword(PasswordEncoderInterface $encoder, HasPassword $object) { $salt = ''; if (true === $object instanceof HasSalt || true === $object instanceof UserInterface) { $salt = $object->getSalt(); } return $encoder->encodePassword($object->getPlainPassword(), $salt); }
/** * @param PasswordEncoderInterface $encoder */ public function encodePassword(PasswordEncoderInterface $encoder) { if ($this->rawPassword) { $this->salt = sha1(uniqid(mt_rand())); $this->password = $encoder->encodePassword($this->rawPassword, $this->salt); $this->eraseCredentials(); } }
/** * Checks for a new password and rehashes if necessary * * @param User $entity * @param PasswordEncoderInterface $encoder * @param string $submittedPassword * * @return string */ public function checkNewPassword(User $entity, PasswordEncoderInterface $encoder, $submittedPassword) { if (!empty($submittedPassword)) { //hash the clear password submitted via the form return $encoder->encodePassword($submittedPassword, $entity->getSalt()); } return $entity->getPassword(); }
/** * {@inheritDoc} * * @return void */ public function run(EntityInterface $user) { $user->setActivationKey(base64_encode($this->secureRandom->nextBytes(24))); $user->setPassword($this->passwordEncoder->encodePassword($user->getPassword(), User::SALT)); $user->setRegistrationDate(new \DateTime()); $this->entityManager->getRepository(User::class)->add($user); $this->entityManager->flush(); }
public function updatePassword(UpdatePasswordCommand $command, $login = null) { $user = $this->getUserOrCurrentUser($login); $passwordIsValid = $this->passwordEncoder->isPasswordValid($user->getPassword(), $command->getOldPassword(), $user->getNonce()); if (!$passwordIsValid) { throw new AccountException('Invalid password provided'); } $this->userManipulator->setPassword($user, $command->getPassword()); }
/** * @inheritdoc */ public function setPassword($raw, PasswordEncoderInterface $encoder = null) { $this->salt = md5(uniqid() . microtime()); if (null === $encoder) { $this->password = $raw; return; } $this->password = $encoder->encodePassword($raw, $this->salt); }
public function it_does_nothing_if_plain_password_is_empty($encoderFactory, PasswordEncoderInterface $encoder, UserInterface $user) { $user->getPlainPassword()->willReturn(''); $user->getSalt()->willReturn('typicalSalt'); $encoderFactory->getEncoder($user)->shouldNotBeCalled(); $encoder->encodePassword('', 'typicalSalt')->shouldNotBeCalled(); $user->setPassword(Argument::any())->shouldNotBeCalled(); $user->eraseCredentials()->shouldNotBeCalled(); $this->updatePassword($user); }
/** * Attempt to authenticate the provided token using the provided user provider. * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param string $providerKey * @return UsernamePasswordToken * @throws BadCredentialsException */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { if ($user = $userProvider->loadUserByUsername($token->getUsername())) { $userPassword = $user->getPassword(); $tokenCredentials = $token->getCredentials(); if ($userPassword == $this->initPassword && $user instanceof MutableUserInterface && $userProvider instanceof MutableUserProviderInterface) { // set both salt & password $user->setSalt(substr(md5(rand(1, 10000)), 0, 5)); $user->setPassword($this->passwordEncoder->encodePassword($tokenCredentials, $user->getSalt())); // save the user $userProvider->saveUser($user); // return it return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles()); } else { if ($this->passwordEncoder->isPasswordValid($userPassword, $tokenCredentials, $user->getSalt())) { return new UsernamePasswordToken($user, $userPassword, $providerKey, $user->getRoles()); } } } throw new BadCredentialsException('The presented password is invalid.'); }
/** * Validates the password for wsse. * * @param UserInterface $user The provided user. * @param TokenInterface $token The created token. * * @return boolean * * @throws NonceExpiredException If the none is used again if the lifetime is expired. */ protected function validateDigest(UserInterface $user, TokenInterface $token) { $created = $token->getCreated(); $nonce = $token->getNonce(); // expired after the lifetime if (time() - strtotime($created) > $this->lifetime) { return false; } if ($this->filesystem->exists($this->cacheDir . '/' . $nonce) && file_get_contents($this->cacheDir . '/' . $nonce) + $this->lifetime > time()) { throw new NonceExpiredException('Previously used nonce detected'); } // if cache directory does not exist it will be created if ($this->filesystem->exists($this->cacheDir) === false) { $this->filesystem->mkdir($this->cacheDir, 0777); } $this->filesystem->dumpFile($this->cacheDir . '/' . $nonce, time()); $salt = base64_decode($nonce) . $created; if (!$this->encoder->isPasswordValid($token->getDigest(), $user->getPassword(), $salt)) { throw new BadCredentialsException('The presented password is invalid.'); } return true; }
public function processChangedPassword(PasswordEncoderInterface $encoder) { $this->generateSalt(); $this->outputEncodedPassword = $encoder->encodePassword($this->password, $this->outputSalt); }
/** * Encode a password * * @param string $password Password * @param string $salt salt * * @return string password encrypted */ public function encryptPassword($password, $salt = null) { return $this->passwordEncoder->encodePassword($password, $salt); }
protected function getEncodedPassword(UserInterface $user, $password) { return !$this->encoder instanceof PasswordEncoderInterface ? $this->encoder->encodePassword($user, $password, $user->getSalt()) : $this->encoder->getEncoder($user)->encodePassword($password, $user->getSalt()); }
public function encodePassword(PasswordEncoderInterface $encoder) { $this->password = $encoder->encodePassword($this->password, $this->salt); }
/** * Sets the password for a user. * * @param user $user * @param string $password */ private function doSetPassword(User $user, $password) { $user->setNonce(base_convert(sha1(uniqid(mt_rand(), true)), 16, 36)); $user->setPassword($this->passwordEncoder->encodePassword($password, $user->getNonce())); $user->setSaltedPassword(true); }
public function createNewAccount(PasswordEncoderInterface $encoder, ObjectManager $em, $email, $password, array $data = array()) { // set default values foreach ($data as $field => $val) { $method = 'set' . ucfirst($field); if (method_exists($this, $method)) { $this->{$method}($val); } } $password = $encoder->encodePassword($password, $this->getSalt()); $this->setPassword($password); $this->setEmail($email); $this->setCreateAt(new \DateTime()); $this->setLastActivity(new \DateTime()); $this->setUpdateAt(new \DateTime()); $this->setIsActive(true); $em->persist($this); $em->flush(); }
/** * @param PasswordEncoderInterface $passwordencoder */ public function updatePassword(PasswordEncoderInterface $passwordencoder) { $this->password = $passwordencoder->encodePassword($this->plainPassword, $this->getSalt()); }
public function encodePlainPassword(PasswordEncoderInterface $encoder) { $this->salt = $this->generateRandomSalt(); $password = $encoder->encodePassword($this->plainPassword, $this->salt); $this->setPassword($password); }
/** * Sets the password for a user. * * @param user $user * @param string $password */ private function doSetPassword(User $user, $password) { $user->setNonce($this->generator->generateString(64)); $user->setPassword($this->passwordEncoder->encodePassword($password, $user->getNonce())); $user->setSaltedPassword(true); }