Merge branch '5.2' into 5.x

xabbuh · xabbuh · commit 824a7c44aca9 · 2021-05-01T16:00:17.000+02:00
* 5.2:
  run tests against doctrine/persistence 2.2 again
  [Security] Do not try to rehash null-passwords
  Small phpdoc imporvement
diff --git a/EventListener/PasswordMigratingListener.php b/EventListener/PasswordMigratingListener.php
@@ -58,6 +58,10 @@ public function onLoginSuccess(LoginSuccessEvent $event): void
         }
 
         $user = $passport->getUser();
+        if (null === $user->getPassword()) {
+            return;
+        }
+
         $passwordHasher = $this->hasherFactory instanceof EncoderFactoryInterface ? $this->hasherFactory->getEncoder($user) : $this->hasherFactory->getPasswordHasher($user);
         if (!$passwordHasher->needsRehash($user->getPassword())) {
             return;
diff --git a/Tests/EventListener/PasswordMigratingListenerTest.php b/Tests/EventListener/PasswordMigratingListenerTest.php
@@ -110,6 +110,16 @@ public function testUpgradeWithoutUpgrader()
         $this->listener->onLoginSuccess($event);
     }
 
+    public function testUserWithoutPassword()
+    {
+        $this->user = new User('test', null);
+
+        $this->encoderFactory->expects($this->never())->method('getEncoder');
+
+        $event = $this->createEvent(new SelfValidatingPassport(new UserBadge('test', function () { return $this->user; }), [new PasswordUpgradeBadge('pa$$word')]));
+        $this->listener->onLoginSuccess($event);
+    }
+
     private function createPasswordUpgrader()
     {
         return $this->getMockForAbstractClass(TestMigratingUserProvider::class);
