Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
OXDEV-1820 Fix constant problem.
There is a problem with the mixed usage of constants and strings. Therefor you get the error
"The password requested hash algorithm: "1" is not available." although PASSWORD_DEFAULT password hashing is available.
  • Loading branch information
Gregor Hyneck committed Mar 27, 2019
1 parent 2d9a83d commit a3d432a
Show file tree
Hide file tree
Showing 4 changed files with 12 additions and 12 deletions.
2 changes: 1 addition & 1 deletion source/Application/Model/User.php
Expand Up @@ -2001,7 +2001,7 @@ public function setPassword($password = null)
*/
private function hashPassword(string $password): string
{
$algorithm = Registry::getConfig()->getConfigParam('passwordHashingAlgorithm') ?? PASSWORD_DEFAULT;
$algorithm = Registry::getConfig()->getConfigParam('passwordHashingAlgorithm') ?? 'PASSWORD_BCRYPT';
$passwordServiceBridge = $this->getContainer()->get(PasswordServiceBridgeInterface::class);

return $passwordServiceBridge->hash($password, $algorithm);
Expand Down
Expand Up @@ -18,7 +18,7 @@ class PasswordHashStrategiesArray implements ArrayAccess
/**
* @var array
*/
private $container = [];
private $strategies = [];

/**
* @param mixed $offset
Expand All @@ -34,7 +34,7 @@ public function offsetSet($offset, $value)
throw new \RuntimeException('The array key must be set');
}

$this->container[$offset] = $value;
$this->strategies[$offset] = $value;
}

/**
Expand All @@ -44,15 +44,15 @@ public function offsetSet($offset, $value)
*/
public function offsetExists($offset): bool
{
return isset($this->container[$offset]);
return isset($this->strategies[$offset]);
}

/**
* @param mixed $offset
*/
public function offsetUnset($offset)
{
unset($this->container[$offset]);
unset($this->strategies[$offset]);
}

/**
Expand All @@ -62,9 +62,9 @@ public function offsetUnset($offset)
*/
public function offsetGet($offset): PasswordHashStrategyInterface
{
if (!isset($this->container[$offset])) {
if (!isset($this->strategies[$offset])) {
throw new \RuntimeException('The requested password hash strategy is not available: ' . $offset);
}
return $this->container[$offset] ?? null;
return $this->strategies[$offset] ?? null;
}
}
6 changes: 3 additions & 3 deletions source/Internal/Password/services.yaml
Expand Up @@ -13,9 +13,9 @@ services:
OxidEsales\EshopCommunity\Internal\Password\Service\PasswordHashServiceInterface:
class: OxidEsales\EshopCommunity\Internal\Password\Service\PasswordHashService
calls:
- [addPasswordHashStrategy, [PASSWORD_BCRYPT, "@OxidEsales\\EshopCommunity\\Internal\\Password\\Strategy\\PasswordHashBcryptStrategy"]]
- [addPasswordHashStrategy, [PASSWORD_ARGON2I, "@OxidEsales\\EshopCommunity\\Internal\\Password\\Strategy\\PasswordHashArgon2IStrategy"]]
- [addPasswordHashStrategy, [PASSWORD_ARGON2ID, "@OxidEsales\\EshopCommunity\\Internal\\Password\\Strategy\\PasswordHashArgon2IdStrategy"]]
- [addPasswordHashStrategy, ['PASSWORD_BCRYPT', "@OxidEsales\\EshopCommunity\\Internal\\Password\\Strategy\\PasswordHashBcryptStrategy"]]
- [addPasswordHashStrategy, ['PASSWORD_ARGON2I', "@OxidEsales\\EshopCommunity\\Internal\\Password\\Strategy\\PasswordHashArgon2IStrategy"]]
- [addPasswordHashStrategy, ['PASSWORD_ARGON2ID', "@OxidEsales\\EshopCommunity\\Internal\\Password\\Strategy\\PasswordHashArgon2IdStrategy"]]

OxidEsales\EshopCommunity\Internal\Password\Service\PasswordVerificationServiceInterface:
class: OxidEsales\EshopCommunity\Internal\Password\Service\PasswordVerificationService
Expand Down
4 changes: 2 additions & 2 deletions source/config.inc.php.dist
Expand Up @@ -195,8 +195,8 @@ $this->aSlaveHosts = null;
$this->blDelSetupDir = true;

/**
* Supported values are the PASSWORD_* constants available in your PHP version.
* Some of the hashing algorithms may not be available on your system.
* Supported values are the strings PASSWORD_BCRYPT, PASSWORD_ARGON2I and PASSWORD_ARGON2ID.
* Some of the hashing algorithms may not be available on your system depending on your PHP version.
*/
$this->passwordHashingAlgorithm = 'PASSWORD_BCRYPT';

Expand Down

0 comments on commit a3d432a

Please sign in to comment.