diff options
| author | Fabien Potencier <fabien.potencier@gmail.com> | 2016-09-13 17:06:01 -0700 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2016-09-13 17:06:01 -0700 |
| commit | 178ee8b06c268dd6e803d0ef05267ced2bab582d (patch) | |
| tree | 7acf00450764cedfce35cd1fcfae2b39cedca47d /Core | |
| parent | 52847d3a196e38c482e77edece9b6e317b0023a4 (diff) | |
| parent | eba38024cb3320cca78f91a75402b42c01dae96c (diff) | |
| download | symfony-security-178ee8b06c268dd6e803d0ef05267ced2bab582d.zip symfony-security-178ee8b06c268dd6e803d0ef05267ced2bab582d.tar.gz symfony-security-178ee8b06c268dd6e803d0ef05267ced2bab582d.tar.bz2 | |
feature #19843 [Security] Allow run-time configuration of hash algo (nicolas-grekas)
This PR was merged into the 3.2-dev branch.
Discussion
----------
[Security] Allow run-time configuration of hash algo
| Q | A
| ------------- | ---
| Branch? | master
| New feature? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Required if we want run-time config with env vars. See #19681
Commits
-------
7903a46 [Security] Allow run-time configuration of hash algo
Diffstat (limited to 'Core')
| -rw-r--r-- | Core/Encoder/EncoderFactory.php | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/Core/Encoder/EncoderFactory.php b/Core/Encoder/EncoderFactory.php index 0568d41..7794b2f 100644 --- a/Core/Encoder/EncoderFactory.php +++ b/Core/Encoder/EncoderFactory.php @@ -69,6 +69,9 @@ class EncoderFactory implements EncoderFactoryInterface */ private function createEncoder(array $config) { + if (isset($config['algorithm'])) { + $config = $this->getEncoderConfigFromAlgorithm($config); + } if (!isset($config['class'])) { throw new \InvalidArgumentException(sprintf('"class" must be set in %s.', json_encode($config))); } @@ -80,4 +83,41 @@ class EncoderFactory implements EncoderFactoryInterface return $reflection->newInstanceArgs($config['arguments']); } + + private function getEncoderConfigFromAlgorithm($config) + { + switch ($config['algorithm']) { + case 'plaintext': + return array( + 'class' => PlaintextPasswordEncoder::class, + 'arguments' => array($config['ignore_case']), + ); + + case 'pbkdf2': + return array( + 'class' => Pbkdf2PasswordEncoder::class, + 'arguments' => array( + $config['hash_algorithm'], + $config['encode_as_base64'], + $config['iterations'], + $config['key_length'], + ), + ); + + case 'bcrypt': + return array( + 'class' => BCryptPasswordEncoder::class, + 'arguments' => array($config['cost']), + ); + } + + return array( + 'class' => MessageDigestPasswordEncoder::class, + 'arguments' => array( + $config['algorithm'], + $config['encode_as_base64'], + $config['iterations'], + ), + ); + } } |