Cadoles/hydra-sql
22
0
Fork 0
Code Issues 4 Pull Requests 2 Projects Releases Wiki Activity

issue-19: séparation des exceptions pour éviter les erreurs génériques, message personalisé par type d'erreur

Browse Source
This commit is contained in:
Rudy Masson
2023-06-19 15:56:55 +02:00
parent 5aacd981b4
commit 3e45119684
13 changed files with 143 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/Security/Hasher/PasswordEncoder.php
View File

@ -2,8 +2,9 @@
namespace App\Security\Hasher;
use App\SQLLogin\Exception\InvalidSQLLoginConfigurationException;
use App\SQLLogin\Exception\InvalidSQLPasswordException;
use App\SQLLogin\Exception\SecurityPatternConfigurationException;
use Psr\Log\LoggerInterface;
use Symfony\Component\PasswordHasher\Exception\InvalidPasswordException;
use Symfony\Component\PasswordHasher\Hasher\CheckPasswordLengthTrait;
use Symfony\Component\PasswordHasher\LegacyPasswordHasherInterface;
@ -19,7 +20,7 @@ class PasswordEncoder implements LegacyPasswordHasherInterface
protected array $hashAlgoLegacy;
protected array $securityPattern;
public function __construct(?string $pepper, string $hashAlgoLegacy, string $securityPattern)
public function __construct(?string $pepper, string $hashAlgoLegacy, string $securityPattern, private LoggerInterface $loggerInterface)
{
$this->pepper = $pepper;
$this->hashAlgoLegacy = explode(',', $hashAlgoLegacy);
@ -88,7 +89,8 @@ class PasswordEncoder implements LegacyPasswordHasherInterface
foreach ($this->securityPattern as $term) {
if (self::PEPPER_PATTERN !== $term && self::PASSWORD_PATTERN !== $term && self::SALT_PATTERN !== $term) {
throw new InvalidSQLLoginConfigurationException();
$this->loggerInterface->critical('La configuration du security pattern est invalide, les termes autorisés sont : '.self::PASSWORD_PATTERN.', '.self::SALT_PATTERN.' et '.self::PEPPER_PATTERN);
throw new SecurityPatternConfigurationException();
}
}
$completedPlainPassword = '';