[Security] tweaked previous commit
This commit is contained in:
Fabien Potencier
parent
b2e553ae1d
commit
c83546d268
@ -20,8 +20,7 @@
|
|||||||
"symfony/icu": "~1.0",
|
"symfony/icu": "~1.0",
|
||||||
"doctrine/common": "~2.2",
|
"doctrine/common": "~2.2",
|
||||||
"twig/twig": "~1.11",
|
"twig/twig": "~1.11",
|
||||||
"psr/log": "~1.0",
|
"psr/log": "~1.0"
|
||||||
"ircmaxell/password-compat": "1.0.*"
|
|
||||||
},
|
},
|
||||||
"replace": {
|
"replace": {
|
||||||
"symfony/browser-kit": "self.version",
|
"symfony/browser-kit": "self.version",
|
||||||
@ -66,7 +65,8 @@
|
|||||||
"doctrine/dbal": "~2.2",
|
"doctrine/dbal": "~2.2",
|
||||||
"doctrine/orm": "~2.2,>=2.2.3",
|
"doctrine/orm": "~2.2,>=2.2.3",
|
||||||
"monolog/monolog": "~1.3",
|
"monolog/monolog": "~1.3",
|
||||||
"propel/propel1": "1.6.*"
|
"propel/propel1": "1.6.*",
|
||||||
|
"ircmaxell/password-compat": "1.0.*"
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
"psr-0": { "Symfony\\": "src/" },
|
"psr-0": { "Symfony\\": "src/" },
|
||||||
|
|||||||
@ -452,42 +452,33 @@ class SecurityExtension extends Extension
|
|||||||
|
|
||||||
// pbkdf2 encoder
|
// pbkdf2 encoder
|
||||||
if ('pbkdf2' === $config['algorithm']) {
|
if ('pbkdf2' === $config['algorithm']) {
|
||||||
$arguments = array(
|
|
||||||
$config['hash_algorithm'],
|
|
||||||
$config['encode_as_base64'],
|
|
||||||
$config['iterations'],
|
|
||||||
$config['key_length'],
|
|
||||||
);
|
|
||||||
|
|
||||||
return array(
|
return array(
|
||||||
'class' => new Parameter('security.encoder.pbkdf2.class'),
|
'class' => new Parameter('security.encoder.pbkdf2.class'),
|
||||||
'arguments' => $arguments,
|
'arguments' => array(
|
||||||
|
$config['hash_algorithm'],
|
||||||
|
$config['encode_as_base64'],
|
||||||
|
$config['iterations'],
|
||||||
|
$config['key_length'],
|
||||||
|
),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
// bcrypt encoder
|
// bcrypt encoder
|
||||||
if ('bcrypt' === $config['algorithm']) {
|
if ('bcrypt' === $config['algorithm']) {
|
||||||
$arguments = array(
|
|
||||||
new Reference('security.secure_random'),
|
|
||||||
$config['cost'],
|
|
||||||
);
|
|
||||||
|
|
||||||
return array(
|
return array(
|
||||||
'class' => new Parameter('security.encoder.bcrypt.class'),
|
'class' => new Parameter('security.encoder.bcrypt.class'),
|
||||||
'arguments' => $arguments,
|
'arguments' => array($config['cost']),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
// message digest encoder
|
// message digest encoder
|
||||||
$arguments = array(
|
|
||||||
$config['algorithm'],
|
|
||||||
$config['encode_as_base64'],
|
|
||||||
$config['iterations'],
|
|
||||||
);
|
|
||||||
|
|
||||||
return array(
|
return array(
|
||||||
'class' => new Parameter('security.encoder.digest.class'),
|
'class' => new Parameter('security.encoder.digest.class'),
|
||||||
'arguments' => $arguments,
|
'arguments' => array(
|
||||||
|
$config['algorithm'],
|
||||||
|
$config['encode_as_base64'],
|
||||||
|
$config['iterations'],
|
||||||
|
),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -160,10 +160,7 @@ abstract class SecurityExtensionTest extends \PHPUnit_Framework_TestCase
|
|||||||
),
|
),
|
||||||
'JMS\FooBundle\Entity\User6' => array(
|
'JMS\FooBundle\Entity\User6' => array(
|
||||||
'class' => new Parameter('security.encoder.bcrypt.class'),
|
'class' => new Parameter('security.encoder.bcrypt.class'),
|
||||||
'arguments' => array(
|
'arguments' => array(15),
|
||||||
new Reference('security.secure_random'),
|
|
||||||
15,
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)), $container->getDefinition('security.encoder_factory.generic')->getArguments());
|
)), $container->getDefinition('security.encoder_factory.generic')->getArguments());
|
||||||
}
|
}
|
||||||
|
|||||||
@ -4,11 +4,13 @@ CHANGELOG
|
|||||||
2.3.0
|
2.3.0
|
||||||
-----
|
-----
|
||||||
|
|
||||||
|
* [BC BREAK] the BCrypt encoder constructor signature has changed (the first argument was removed)
|
||||||
* added RequestContext::getQueryString()
|
* added RequestContext::getQueryString()
|
||||||
|
|
||||||
2.2.0
|
2.2.0
|
||||||
-----
|
-----
|
||||||
|
|
||||||
|
* Added BCrypt password encoder
|
||||||
* [DEPRECATION] Several route settings have been renamed (the old ones will be removed in 3.0):
|
* [DEPRECATION] Several route settings have been renamed (the old ones will be removed in 3.0):
|
||||||
|
|
||||||
* The `pattern` setting for a route has been deprecated in favor of `path`
|
* The `pattern` setting for a route has been deprecated in favor of `path`
|
||||||
|
|||||||
@ -46,9 +46,7 @@ class BCryptPasswordEncoder extends BasePasswordEncoder
|
|||||||
*/
|
*/
|
||||||
public function encodePassword($raw, $salt)
|
public function encodePassword($raw, $salt)
|
||||||
{
|
{
|
||||||
return password_hash($raw, PASSWORD_BCRYPT, array(
|
return password_hash($raw, PASSWORD_BCRYPT, array('cost' => $this->cost));
|
||||||
'cost' => $this->cost,
|
|
||||||
));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -19,8 +19,7 @@
|
|||||||
"php": ">=5.3.3",
|
"php": ">=5.3.3",
|
||||||
"symfony/event-dispatcher": "~2.1",
|
"symfony/event-dispatcher": "~2.1",
|
||||||
"symfony/http-foundation": ">=2.1,<2.4-dev",
|
"symfony/http-foundation": ">=2.1,<2.4-dev",
|
||||||
"symfony/http-kernel": ">=2.1,<=2.3-dev",
|
"symfony/http-kernel": ">=2.1,<=2.3-dev"
|
||||||
"ircmaxell/password-compat": "1.0.*"
|
|
||||||
},
|
},
|
||||||
"require-dev": {
|
"require-dev": {
|
||||||
"symfony/form": "~2.0",
|
"symfony/form": "~2.0",
|
||||||
@ -28,7 +27,8 @@
|
|||||||
"symfony/validator": ">=2.2,<2.4-dev",
|
"symfony/validator": ">=2.2,<2.4-dev",
|
||||||
"doctrine/common": "~2.2",
|
"doctrine/common": "~2.2",
|
||||||
"doctrine/dbal": "~2.2",
|
"doctrine/dbal": "~2.2",
|
||||||
"psr/log": "~1.0"
|
"psr/log": "~1.0",
|
||||||
|
"ircmaxell/password-compat": "1.0.*"
|
||||||
},
|
},
|
||||||
"suggest": {
|
"suggest": {
|
||||||
"symfony/class-loader": "2.2.*",
|
"symfony/class-loader": "2.2.*",
|
||||||
@ -36,7 +36,8 @@
|
|||||||
"symfony/form": "2.2.*",
|
"symfony/form": "2.2.*",
|
||||||
"symfony/validator": "2.2.*",
|
"symfony/validator": "2.2.*",
|
||||||
"symfony/routing": "2.2.*",
|
"symfony/routing": "2.2.*",
|
||||||
"doctrine/dbal": "to use the built-in ACL implementation"
|
"doctrine/dbal": "to use the built-in ACL implementation",
|
||||||
|
"ircmaxell/password-compat": "1.0.*"
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
"psr-0": { "Symfony\\Component\\Security\\": "" }
|
"psr-0": { "Symfony\\Component\\Security\\": "" }
|
||||||
|
|||||||
Reference in New Issue
Block a user