bug #34802 [Security] Check UserInterface::getPassword is not null be…

…fore calling needsRehash (dbrekelmans)

This PR was squashed before being merged into the 4.4 branch (closes #34802).

Discussion
----------

[Security] Check UserInterface::getPassword is not null before calling needsRehash

| Q             | A
| ------------- | ---
| Branch?       | 4.4
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Tickets       | -
| License       | MIT
| Doc PR        | -

`Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface::needsRehash()` expects a string as the input argument. In some cases `Symfony\Component\Security\Core\User\UserInterface::getPassword()` is used as the input argument, but this function can return `null` resulting in a potential type error.

Commits
-------

8e4cf49 [Security] Check UserInterface::getPassword is not null before calling needsRehash

src/Symfony/Component/Security/Core/Encoder/UserPasswordEncoder.php

@@ -56,6 +56,10 @@ public function isPasswordValid(UserInterface $user, $raw)
      */
     public function needsRehash(UserInterface $user): bool
     {
+        if (null === $user->getPassword()) {
+            return false;
+        }
+
         $encoder = $this->encoderFactory->getEncoder($user);
 
         return method_exists($encoder, 'needsRehash') && $encoder->needsRehash($user->getPassword());