[Security] Disabled the BCryptPasswordEncoder tests for PHP versions lower than 5.3.7.
See https://github.com/ircmaxell/password_compat/issues/10#issuecomment-11203833.
This commit is contained in:
parent
1c61996a5b
commit
3beaf52ef7
@ -46,7 +46,17 @@ class BCryptPasswordEncoder extends BasePasswordEncoder
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* {@inheritdoc}
|
* Encodes the raw password.
|
||||||
|
*
|
||||||
|
* It doesn't work with PHP versions lower than 5.3.7, since
|
||||||
|
* the password compat library uses CRYPT_BLOWFISH hash type with
|
||||||
|
* the "$2y$" salt prefix (which is not available in the early PHP versions).
|
||||||
|
* @see https://github.com/ircmaxell/password_compat/issues/10#issuecomment-11203833
|
||||||
|
*
|
||||||
|
* @param string $raw The password to encode
|
||||||
|
* @param string $salt The salt
|
||||||
|
*
|
||||||
|
* @return string The encoded password
|
||||||
*/
|
*/
|
||||||
public function encodePassword($raw, $salt)
|
public function encodePassword($raw, $salt)
|
||||||
{
|
{
|
||||||
|
@ -47,6 +47,8 @@ class BCryptPasswordEncoderTest extends \PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
public function testResultLength()
|
public function testResultLength()
|
||||||
{
|
{
|
||||||
|
$this->skipIfPhpVersionIsNotSupported();
|
||||||
|
|
||||||
$encoder = new BCryptPasswordEncoder(self::VALID_COST);
|
$encoder = new BCryptPasswordEncoder(self::VALID_COST);
|
||||||
$result = $encoder->encodePassword(self::PASSWORD, null);
|
$result = $encoder->encodePassword(self::PASSWORD, null);
|
||||||
$this->assertEquals(60, strlen($result));
|
$this->assertEquals(60, strlen($result));
|
||||||
@ -54,9 +56,18 @@ class BCryptPasswordEncoderTest extends \PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
public function testValidation()
|
public function testValidation()
|
||||||
{
|
{
|
||||||
|
$this->skipIfPhpVersionIsNotSupported();
|
||||||
|
|
||||||
$encoder = new BCryptPasswordEncoder(self::VALID_COST);
|
$encoder = new BCryptPasswordEncoder(self::VALID_COST);
|
||||||
$result = $encoder->encodePassword(self::PASSWORD, null);
|
$result = $encoder->encodePassword(self::PASSWORD, null);
|
||||||
$this->assertTrue($encoder->isPasswordValid($result, self::PASSWORD, null));
|
$this->assertTrue($encoder->isPasswordValid($result, self::PASSWORD, null));
|
||||||
$this->assertFalse($encoder->isPasswordValid($result, 'anotherPassword', null));
|
$this->assertFalse($encoder->isPasswordValid($result, 'anotherPassword', null));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function skipIfPhpVersionIsNotSupported()
|
||||||
|
{
|
||||||
|
if (version_compare(phpversion(), '5.3.7', '<')) {
|
||||||
|
$this->markTestSkipped('Requires PHP >= 5.3.7');
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user