[Ldap] cast to string when checking empty passwords
This commit is contained in:
ismail1432
Nicolas Grekas
parent
677d9aa8be
commit
f276989b48
@ -71,7 +71,7 @@ class LdapBindAuthenticationProvider extends UserAuthenticationProvider
|
||||
$username = $token->getUsername();
|
||||
$password = $token->getCredentials();
|
||||
|
||||
if ('' === $password) {
|
||||
if ('' === (string) $password) {
|
||||
throw new BadCredentialsException('The presented password must not be empty.');
|
||||
}
|
||||
|
||||
|
||||
@ -39,6 +39,23 @@ class LdapBindAuthenticationProviderTest extends TestCase
|
||||
$reflection->invoke($provider, new User('foo', null), new UsernamePasswordToken('foo', '', 'key'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException
|
||||
* @expectedExceptionMessage The presented password must not be empty.
|
||||
*/
|
||||
public function testNullPasswordShouldThrowAnException()
|
||||
{
|
||||
$userProvider = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserProviderInterface')->getMock();
|
||||
$ldap = $this->getMockBuilder('Symfony\Component\Ldap\LdapClientInterface')->getMock();
|
||||
$userChecker = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserCheckerInterface')->getMock();
|
||||
|
||||
$provider = new LdapBindAuthenticationProvider($userProvider, $userChecker, 'key', $ldap);
|
||||
$reflection = new \ReflectionMethod($provider, 'checkAuthentication');
|
||||
$reflection->setAccessible(true);
|
||||
|
||||
$reflection->invoke($provider, new User('foo', null), new UsernamePasswordToken('foo', null, 'key'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException
|
||||
* @expectedExceptionMessage The presented password is invalid.
|
||||
|
||||
Reference in New Issue
Block a user