From 9a2787e89a432e1b3b6c6a4fd861a33eb683aef8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gr=C3=A9goire=20Pineau?= <lyrixx@lyrixx.info>
Date: Sat, 6 Apr 2019 21:16:20 +0200
Subject: [PATCH] [Validator] Add an option to disable
 NotCompromisedPasswordValidator

---
 .../DependencyInjection/Configuration.php             |  4 ++++
 .../DependencyInjection/FrameworkExtension.php        |  5 +++++
 .../FrameworkBundle/Resources/config/validator.xml    |  1 +
 .../Constraints/NotCompromisedPasswordValidator.php   |  8 +++++++-
 .../NotCompromisedPasswordValidatorTest.php           | 11 +++++++++++
 5 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
index f50c951a3e98..15636fb1e616 100644
--- a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
+++ b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
@@ -834,6 +834,10 @@ private function addValidationSection(ArrayNodeDefinition $rootNode)
                                 ->end()
                             ->end()
                         ->end()
+                        ->booleanNode('disable_not_compromised_password')
+                            ->defaultFalse()
+                            ->info('Disable NotCompromisedPassword Validator: the value will always be valid.')
+                        ->end()
                         ->arrayNode('auto_mapping')
                             ->useAttributeAsKey('namespace')
                             ->normalizeKeys(false)
diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
index a4e33ba7443f..765abe077d1e 100644
--- a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
+++ b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
@@ -1229,6 +1229,11 @@ private function registerValidationConfiguration(array $config, ContainerBuilder
         if (!$propertyInfoEnabled || !$config['auto_mapping'] || !class_exists(PropertyInfoLoader::class)) {
             $container->removeDefinition('validator.property_info_loader');
         }
+
+        $container
+            ->getDefinition('validator.not_compromised_password')
+            ->setArgument(2, $config['disable_not_compromised_password'])
+        ;
     }
 
     private function registerValidatorMapping(ContainerBuilder $container, array $config, array &$files)
diff --git a/src/Symfony/Bundle/FrameworkBundle/Resources/config/validator.xml b/src/Symfony/Bundle/FrameworkBundle/Resources/config/validator.xml
index 95e35d54ce2e..3c018ade2faf 100644
--- a/src/Symfony/Bundle/FrameworkBundle/Resources/config/validator.xml
+++ b/src/Symfony/Bundle/FrameworkBundle/Resources/config/validator.xml
@@ -64,6 +64,7 @@
         <service id="validator.not_compromised_password" class="Symfony\Component\Validator\Constraints\NotCompromisedPasswordValidator">
             <argument type="service" id="http_client" on-invalid="null" />
             <argument>%kernel.charset%</argument>
+            <argument type="constant">false</argument>
             <tag name="validator.constraint_validator" alias="Symfony\Component\Validator\Constraints\NotCompromisedPasswordValidator" />
         </service>
 
diff --git a/src/Symfony/Component/Validator/Constraints/NotCompromisedPasswordValidator.php b/src/Symfony/Component/Validator/Constraints/NotCompromisedPasswordValidator.php
index a432e90fc04e..c248ef8b5c57 100644
--- a/src/Symfony/Component/Validator/Constraints/NotCompromisedPasswordValidator.php
+++ b/src/Symfony/Component/Validator/Constraints/NotCompromisedPasswordValidator.php
@@ -32,8 +32,9 @@ class NotCompromisedPasswordValidator extends ConstraintValidator
 
     private $httpClient;
     private $charset;
+    private $disabled;
 
-    public function __construct(HttpClientInterface $httpClient = null, string $charset = 'UTF-8')
+    public function __construct(HttpClientInterface $httpClient = null, string $charset = 'UTF-8', bool $disabled = false)
     {
         if (null === $httpClient && !class_exists(HttpClient::class)) {
             throw new \LogicException(sprintf('The "%s" class requires the "HttpClient" component. Try running "composer require symfony/http-client".', self::class));
@@ -41,6 +42,7 @@ public function __construct(HttpClientInterface $httpClient = null, string $char
 
         $this->httpClient = $httpClient ?? HttpClient::create();
         $this->charset = $charset;
+        $this->disabled = $disabled;
     }
 
     /**
@@ -54,6 +56,10 @@ public function validate($value, Constraint $constraint)
             throw new UnexpectedTypeException($constraint, NotCompromisedPassword::class);
         }
 
+        if ($this->disabled) {
+            return;
+        }
+
         if (null !== $value && !is_scalar($value) && !(\is_object($value) && method_exists($value, '__toString'))) {
             throw new UnexpectedTypeException($value, 'string');
         }
diff --git a/src/Symfony/Component/Validator/Tests/Constraints/NotCompromisedPasswordValidatorTest.php b/src/Symfony/Component/Validator/Tests/Constraints/NotCompromisedPasswordValidatorTest.php
index 3ea3f821e0ac..8f0ecd2ecf5c 100644
--- a/src/Symfony/Component/Validator/Tests/Constraints/NotCompromisedPasswordValidatorTest.php
+++ b/src/Symfony/Component/Validator/Tests/Constraints/NotCompromisedPasswordValidatorTest.php
@@ -60,6 +60,17 @@ public function testEmptyStringIsValid()
         $this->assertNoViolation();
     }
 
+    public function testInvalidPasswordButDisabled()
+    {
+        $r = new \ReflectionProperty($this->validator, 'disabled');
+        $r->setAccessible(true);
+        $r->setValue($this->validator, true);
+
+        $this->validator->validate(self::PASSWORD_LEAKED, new NotCompromisedPassword());
+
+        $this->assertNoViolation();
+    }
+
     public function testInvalidPassword()
     {
         $constraint = new NotCompromisedPassword();