[Form] Add hash_mapping option to PasswordType

Seb33300 · Seb33300 · commit 1f7b15f111c2 · 2022-05-31T21:18:37.000+07:00
diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/password_hasher.php b/src/Symfony/Bundle/SecurityBundle/Resources/config/password_hasher.php
@@ -11,6 +11,11 @@
 
 namespace Symfony\Component\DependencyInjection\Loader\Configurator;
 
+use Symfony\Component\Form\Extension\Core\Type\FormType;
+use Symfony\Component\Form\Extension\Core\Type\PasswordType;
+use Symfony\Component\Form\Extension\PasswordHasher\PasswordHasherExtension;
+use Symfony\Component\Form\Extension\PasswordHasher\Type\FormTypePasswordHasherExtension;
+use Symfony\Component\Form\Extension\PasswordHasher\Type\PasswordTypePasswordHasherExtension;
 use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory;
 use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactoryInterface;
 use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasher;
@@ -27,4 +32,22 @@
         ->alias('security.password_hasher', 'security.user_password_hasher')
         ->alias(UserPasswordHasherInterface::class, 'security.password_hasher')
     ;
+
+    if (class_exists(PasswordHasherExtension::class)) {
+        $container->services()
+            ->set('form.type_extension.form.password_hasher', FormTypePasswordHasherExtension::class)
+            ->args([
+                service('security.password_hasher'),
+                service('property_accessor')->nullOnInvalid(),
+            ])
+            ->tag('form.type_extension', ['extended-type' => FormType::class])
+
+            ->set('form.type_extension.password.password_hasher', PasswordTypePasswordHasherExtension::class)
+            ->args([
+                service('security.password_hasher'),
+                service('property_accessor')->nullOnInvalid(),
+            ])
+            ->tag('form.type_extension', ['extended-type' => PasswordType::class])
+        ;
+    }
 };
diff --git a/src/Symfony/Component/Form/CHANGELOG.md b/src/Symfony/Component/Form/CHANGELOG.md
@@ -1,6 +1,11 @@
 CHANGELOG
 =========
 
+6.2
+---
+
+* Add a `hash_mapping` option to `PasswordType`
+
 6.1
 ---
 
diff --git a/src/Symfony/Component/Form/Extension/PasswordHasher/EventListener/PasswordHasherListener.php b/src/Symfony/Component/Form/Extension/PasswordHasher/EventListener/PasswordHasherListener.php
@@ -0,0 +1,80 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Extension\PasswordHasher\EventListener;
+
+use Symfony\Component\Form\Exception\InvalidConfigurationException;
+use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
+use Symfony\Component\Form\FormEvent;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+use Symfony\Component\PropertyAccess\PropertyAccess;
+use Symfony\Component\PropertyAccess\PropertyAccessorInterface;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
+
+/**
+ * @author Sébastien Alfaiate <s.alfaiate@webarea.fr>
+ */
+class PasswordHasherListener
+{
+    private $passwordHasher;
+    private $propertyAccessor;
+
+    private static $passwords = [];
+
+    public function __construct(UserPasswordHasherInterface $passwordHasher, PropertyAccessorInterface $propertyAccessor = null)
+    {
+        $this->passwordHasher = $passwordHasher;
+        $this->propertyAccessor = $propertyAccessor ?? PropertyAccess::createPropertyAccessor();
+    }
+
+    public function registerPassword(FormEvent $event)
+    {
+        $form = $event->getForm();
+        $parentForm = $form->getParent();
+        $mapped = $form->getConfig()->getMapped();
+
+        if ($parentForm && $parentForm->getConfig()->getType()->getInnerType() instanceof RepeatedType) {
+            $mapped = $parentForm->getConfig()->getMapped();
+            $parentForm = $parentForm->getParent();
+        }
+
+        if ($mapped) {
+            throw new InvalidConfigurationException('The hash_mapping option cannot be used on mapped field.');
+        }
+
+        if (!$parentForm || !($user = $parentForm->getData()) || !($user instanceof PasswordAuthenticatedUserInterface)) {
+            throw new InvalidConfigurationException('The hash_mapping option only supports PasswordAuthenticatedUserInterface objects.');
+        }
+
+        self::$passwords[] = [
+            'user' => $user,
+            'property_path' => $form->getConfig()->getOption('hash_mapping'),
+            'hashed_password' => $this->passwordHasher->hashPassword($user, $event->getData()),
+        ];
+    }
+
+    public function hashPasswords(FormEvent $event)
+    {
+        $form = $event->getForm();
+
+        if (!$form->isRoot()) {
+            return;
+        }
+
+        if ($form->isValid()) {
+            foreach (self::$passwords as $password) {
+                $this->propertyAccessor->setValue($password['user'], $password['property_path'], $password['hashed_password']);
+            }
+        }
+
+        self::$passwords = [];
+    }
+}
diff --git a/src/Symfony/Component/Form/Extension/PasswordHasher/PasswordHasherExtension.php b/src/Symfony/Component/Form/Extension/PasswordHasher/PasswordHasherExtension.php
@@ -0,0 +1,45 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Extension\PasswordHasher;
+
+use Symfony\Component\Form\AbstractExtension;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+use Symfony\Component\PropertyAccess\PropertyAccess;
+use Symfony\Component\PropertyAccess\PropertyAccessorInterface;
+
+/**
+ * Integrates the PasswordHasher component with the Form library.
+ *
+ * @author Sébastien Alfaiate <s.alfaiate@webarea.fr>
+ */
+class PasswordHasherExtension extends AbstractExtension
+{
+    private $passwordHasher;
+    private $propertyAccessor;
+
+    public function __construct(UserPasswordHasherInterface $passwordHasher, PropertyAccessorInterface $propertyAccessor = null)
+    {
+        $this->passwordHasher = $passwordHasher;
+        $this->propertyAccessor = $propertyAccessor ?? PropertyAccess::createPropertyAccessor();
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function loadTypeExtensions(): array
+    {
+        return [
+            new Type\FormTypePasswordHasherExtension($this->passwordHasher, $this->propertyAccessor),
+            new Type\PasswordTypePasswordHasherExtension($this->passwordHasher, $this->propertyAccessor),
+        ];
+    }
+}
diff --git a/src/Symfony/Component/Form/Extension/PasswordHasher/Type/FormTypePasswordHasherExtension.php b/src/Symfony/Component/Form/Extension/PasswordHasher/Type/FormTypePasswordHasherExtension.php
@@ -0,0 +1,52 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Extension\PasswordHasher\Type;
+
+use Symfony\Component\Form\AbstractTypeExtension;
+use Symfony\Component\Form\Extension\Core\Type\FormType;
+use Symfony\Component\Form\Extension\PasswordHasher\EventListener\PasswordHasherListener;
+use Symfony\Component\Form\FormBuilderInterface;
+use Symfony\Component\Form\FormEvents;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+use Symfony\Component\PropertyAccess\PropertyAccess;
+use Symfony\Component\PropertyAccess\PropertyAccessorInterface;
+
+/**
+ * @author Sébastien Alfaiate <s.alfaiate@webarea.fr>
+ */
+class FormTypePasswordHasherExtension extends AbstractTypeExtension
+{
+    private $passwordHasher;
+    private $propertyAccessor;
+
+    public function __construct(UserPasswordHasherInterface $passwordHasher, PropertyAccessorInterface $propertyAccessor = null)
+    {
+        $this->passwordHasher = $passwordHasher;
+        $this->propertyAccessor = $propertyAccessor ?? PropertyAccess::createPropertyAccessor();
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function buildForm(FormBuilderInterface $builder, array $options)
+    {
+        $builder->addEventListener(FormEvents::POST_SUBMIT, [new PasswordHasherListener($this->passwordHasher, $this->propertyAccessor), 'hashPasswords']);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public static function getExtendedTypes(): iterable
+    {
+        return [FormType::class];
+    }
+}
diff --git a/src/Symfony/Component/Form/Extension/PasswordHasher/Type/PasswordTypePasswordHasherExtension.php b/src/Symfony/Component/Form/Extension/PasswordHasher/Type/PasswordTypePasswordHasherExtension.php
@@ -0,0 +1,65 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Extension\PasswordHasher\Type;
+
+use Symfony\Component\Form\AbstractTypeExtension;
+use Symfony\Component\Form\Extension\Core\Type\PasswordType;
+use Symfony\Component\Form\Extension\PasswordHasher\EventListener\PasswordHasherListener;
+use Symfony\Component\Form\FormBuilderInterface;
+use Symfony\Component\Form\FormEvents;
+use Symfony\Component\OptionsResolver\OptionsResolver;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+use Symfony\Component\PropertyAccess\PropertyAccess;
+use Symfony\Component\PropertyAccess\PropertyAccessorInterface;
+
+/**
+ * @author Sébastien Alfaiate <s.alfaiate@webarea.fr>
+ */
+class PasswordTypePasswordHasherExtension extends AbstractTypeExtension
+{
+    private $passwordHasher;
+    private $propertyAccessor;
+
+    public function __construct(UserPasswordHasherInterface $passwordHasher, PropertyAccessorInterface $propertyAccessor = null)
+    {
+        $this->passwordHasher = $passwordHasher;
+        $this->propertyAccessor = $propertyAccessor ?? PropertyAccess::createPropertyAccessor();
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function buildForm(FormBuilderInterface $builder, array $options)
+    {
+        if ($options['hash_mapping']) {
+            $builder->addEventListener(FormEvents::POST_SUBMIT, [new PasswordHasherListener($this->passwordHasher, $this->propertyAccessor), 'registerPassword']);
+        }
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function configureOptions(OptionsResolver $resolver)
+    {
+        $resolver->setDefaults([
+            'hash_mapping' => null,
+        ]);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public static function getExtendedTypes(): iterable
+    {
+        return [PasswordType::class];
+    }
+}
diff --git a/src/Symfony/Component/Form/Tests/Extension/PasswordHasher/Type/PasswordTypePasswordHasherExtensionTest.php b/src/Symfony/Component/Form/Tests/Extension/PasswordHasher/Type/PasswordTypePasswordHasherExtensionTest.php
diff --git a/src/Symfony/Component/Form/Tests/Fixtures/User.php b/src/Symfony/Component/Form/Tests/Fixtures/User.php
diff --git a/src/Symfony/Component/Form/composer.json b/src/Symfony/Component/Form/composer.json
