[Form] Add hash_mapping option to PasswordType

Seb33300 · Seb33300 · commit c417f150f85d · 2022-10-21T10:46:08.000+07:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,7 @@ CHANGELOG
  * Deprecate calling `Button/Form::setParent()`, `ButtonBuilder/FormConfigBuilder::setDataMapper()`, `TransformationFailedException::setInvalidMessage()` without arguments
  * Change the signature of `FormConfigBuilderInterface::setDataMapper()` to `setDataMapper(?DataMapperInterface)`
  * Change the signature of `FormInterface::setParent()` to `setParent(?self)`
+ * Add `PasswordHasherExtension` with support for `hash_property_path` option in `PasswordType`
 
 6.1
 ---
diff --git a/Extension/PasswordHasher/EventListener/PasswordHasherListener.php b/Extension/PasswordHasher/EventListener/PasswordHasherListener.php
@@ -0,0 +1,82 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Extension\PasswordHasher\EventListener;
+
+use Symfony\Component\Form\Exception\InvalidConfigurationException;
+use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
+use Symfony\Component\Form\FormEvent;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+use Symfony\Component\PropertyAccess\PropertyAccess;
+use Symfony\Component\PropertyAccess\PropertyAccessorInterface;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
+
+/**
+ * @author Sébastien Alfaiate <s.alfaiate@webarea.fr>
+ */
+class PasswordHasherListener
+{
+    private array $passwords = [];
+
+    public function __construct(
+        private UserPasswordHasherInterface $passwordHasher,
+        private ?PropertyAccessorInterface $propertyAccessor = null,
+    ) {
+        $this->propertyAccessor ??= PropertyAccess::createPropertyAccessor();
+    }
+
+    public function registerPassword(FormEvent $event)
+    {
+        $form = $event->getForm();
+        $parentForm = $form->getParent();
+        $mapped = $form->getConfig()->getMapped();
+
+        if ($parentForm && $parentForm->getConfig()->getType()->getInnerType() instanceof RepeatedType) {
+            $mapped = $parentForm->getConfig()->getMapped();
+            $parentForm = $parentForm->getParent();
+        }
+
+        if ($mapped) {
+            throw new InvalidConfigurationException('The "hash_property_path" option cannot be used on mapped field.');
+        }
+
+        if (!($user = $parentForm?->getData()) || !$user instanceof PasswordAuthenticatedUserInterface) {
+            throw new InvalidConfigurationException(sprintf('The "hash_property_path" option only supports "%s" objects, "%s" given.', PasswordAuthenticatedUserInterface::class, get_debug_type($user)));
+        }
+
+        $this->passwords[] = [
+            'user' => $user,
+            'property_path' => $form->getConfig()->getOption('hash_property_path'),
+            'password' => $event->getData(),
+        ];
+    }
+
+    public function hashPasswords(FormEvent $event)
+    {
+        $form = $event->getForm();
+
+        if (!$form->isRoot()) {
+            return;
+        }
+
+        if ($form->isValid()) {
+            foreach ($this->passwords as $password) {
+                $this->propertyAccessor->setValue(
+                    $password['user'],
+                    $password['property_path'],
+                    $this->passwordHasher->hashPassword($password['user'], $password['password'])
+                );
+            }
+        }
+
+        $this->passwords = [];
+    }
+}
diff --git a/Extension/PasswordHasher/PasswordHasherExtension.php b/Extension/PasswordHasher/PasswordHasherExtension.php
@@ -0,0 +1,36 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Extension\PasswordHasher;
+
+use Symfony\Component\Form\AbstractExtension;
+use Symfony\Component\Form\Extension\PasswordHasher\EventListener\PasswordHasherListener;
+
+/**
+ * Integrates the PasswordHasher component with the Form library.
+ *
+ * @author Sébastien Alfaiate <s.alfaiate@webarea.fr>
+ */
+class PasswordHasherExtension extends AbstractExtension
+{
+    public function __construct(
+        private PasswordHasherListener $passwordHasherListener,
+    ) {
+    }
+
+    protected function loadTypeExtensions(): array
+    {
+        return [
+            new Type\FormTypePasswordHasherExtension($this->passwordHasherListener),
+            new Type\PasswordTypePasswordHasherExtension($this->passwordHasherListener),
+        ];
+    }
+}
diff --git a/Extension/PasswordHasher/Type/FormTypePasswordHasherExtension.php b/Extension/PasswordHasher/Type/FormTypePasswordHasherExtension.php
@@ -0,0 +1,39 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Extension\PasswordHasher\Type;
+
+use Symfony\Component\Form\AbstractTypeExtension;
+use Symfony\Component\Form\Extension\Core\Type\FormType;
+use Symfony\Component\Form\Extension\PasswordHasher\EventListener\PasswordHasherListener;
+use Symfony\Component\Form\FormBuilderInterface;
+use Symfony\Component\Form\FormEvents;
+
+/**
+ * @author Sébastien Alfaiate <s.alfaiate@webarea.fr>
+ */
+class FormTypePasswordHasherExtension extends AbstractTypeExtension
+{
+    public function __construct(
+        private PasswordHasherListener $passwordHasherListener,
+    ) {
+    }
+
+    public function buildForm(FormBuilderInterface $builder, array $options)
+    {
+        $builder->addEventListener(FormEvents::POST_SUBMIT, [$this->passwordHasherListener, 'hashPasswords']);
+    }
+
+    public static function getExtendedTypes(): iterable
+    {
+        return [FormType::class];
+    }
+}
diff --git a/Extension/PasswordHasher/Type/PasswordTypePasswordHasherExtension.php b/Extension/PasswordHasher/Type/PasswordTypePasswordHasherExtension.php
@@ -0,0 +1,54 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Extension\PasswordHasher\Type;
+
+use Symfony\Component\Form\AbstractTypeExtension;
+use Symfony\Component\Form\Extension\Core\Type\PasswordType;
+use Symfony\Component\Form\Extension\PasswordHasher\EventListener\PasswordHasherListener;
+use Symfony\Component\Form\FormBuilderInterface;
+use Symfony\Component\Form\FormEvents;
+use Symfony\Component\OptionsResolver\OptionsResolver;
+use Symfony\Component\PropertyAccess\PropertyPath;
+
+/**
+ * @author Sébastien Alfaiate <s.alfaiate@webarea.fr>
+ */
+class PasswordTypePasswordHasherExtension extends AbstractTypeExtension
+{
+    public function __construct(
+        private PasswordHasherListener $passwordHasherListener,
+    ) {
+    }
+
+    public function buildForm(FormBuilderInterface $builder, array $options)
+    {
+        if ($options['hash_property_path']) {
+            $builder->addEventListener(FormEvents::POST_SUBMIT, [$this->passwordHasherListener, 'registerPassword']);
+        }
+    }
+
+    public function configureOptions(OptionsResolver $resolver)
+    {
+        $resolver->setDefaults([
+            'hash_property_path' => null,
+        ]);
+
+        $resolver->setAllowedTypes('hash_property_path', ['null', 'string', PropertyPath::class]);
+
+        $resolver->setInfo('hash_property_path', 'A valid PropertyAccess syntax where the hashed password will be set.');
+    }
+
+    public static function getExtendedTypes(): iterable
+    {
+        return [PasswordType::class];
+    }
+}
diff --git a/Tests/Extension/PasswordHasher/Type/PasswordTypePasswordHasherExtensionTest.php b/Tests/Extension/PasswordHasher/Type/PasswordTypePasswordHasherExtensionTest.php
@@ -0,0 +1,145 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Tests\Extension\PasswordHasher\Type;
+
+use PHPUnit\Framework\MockObject\MockObject;
+use Symfony\Component\Form\Exception\InvalidConfigurationException;
+use Symfony\Component\Form\Extension\PasswordHasher\EventListener\PasswordHasherListener;
+use Symfony\Component\Form\Extension\PasswordHasher\PasswordHasherExtension;
+use Symfony\Component\Form\Test\TypeTestCase;
+use Symfony\Component\Form\Tests\Fixtures\User;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasher;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
+
+class PasswordTypePasswordHasherExtensionTest extends TypeTestCase
+{
+    /**
+     * @var MockObject&UserPasswordHasherInterface
+     */
+    protected $passwordHasher;
+
+    protected function setUp(): void
+    {
+        if (!interface_exists(PasswordAuthenticatedUserInterface::class)) {
+            $this->markTestSkipped('PasswordAuthenticatedUserInterface not available.');
+        }
+
+        $this->passwordHasher = $this->createMock(UserPasswordHasher::class);
+
+        parent::setUp();
+    }
+
+    protected function getExtensions()
+    {
+        return array_merge(parent::getExtensions(), [
+            new PasswordHasherExtension(new PasswordHasherListener($this->passwordHasher)),
+        ]);
+    }
+
+    public function testPasswordHashSuccess()
+    {
+        $user = new User();
+
+        $plainPassword = 'PlainPassword';
+        $hashedPassword = 'HashedPassword';
+
+        $this->passwordHasher
+            ->expects($this->once())
+            ->method('hashPassword')
+            ->with($user, $plainPassword)
+            ->willReturn($hashedPassword)
+        ;
+
+        $this->assertNull($user->getPassword());
+
+        $form = $this->factory
+            ->createBuilder('Symfony\Component\Form\Extension\Core\Type\FormType', $user)
+            ->add('plainPassword', 'Symfony\Component\Form\Extension\Core\Type\PasswordType', [
+                'hash_property_path' => 'password',
+                'mapped' => false,
+            ])
+            ->getForm()
+        ;
+
+        $form->submit(['plainPassword' => $plainPassword]);
+
+        $this->assertTrue($form->isValid());
+        $this->assertSame($user->getPassword(), $hashedPassword);
+    }
+
+    public function testPasswordHashOnInvalidForm()
+    {
+        $user = new User();
+
+        $this->passwordHasher
+            ->expects($this->never())
+            ->method('hashPassword')
+        ;
+
+        $this->assertNull($user->getPassword());
+
+        $form = $this->factory
+            ->createBuilder('Symfony\Component\Form\Extension\Core\Type\FormType', $user)
+            ->add('plainPassword', 'Symfony\Component\Form\Extension\Core\Type\PasswordType', [
+                'hash_property_path' => 'password',
+                'mapped' => false,
+            ])
+            ->add('integer', 'Symfony\Component\Form\Extension\Core\Type\IntegerType', [
+                'mapped' => false,
+            ])
+            ->getForm()
+        ;
+
+        $form->submit([
+            'plainPassword' => 'PlainPassword',
+            'integer' => 'text',
+        ]);
+
+        $this->assertFalse($form->isValid());
+        $this->assertNull($user->getPassword());
+    }
+
+    public function testPasswordHashOnInvalidData()
+    {
+        $this->expectException(InvalidConfigurationException::class);
+        $this->expectExceptionMessage('The "hash_property_path" option only supports "Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface" objects, "array" given.');
+
+        $form = $this->factory
+            ->createBuilder('Symfony\Component\Form\Extension\Core\Type\FormType', [])
+            ->add('plainPassword', 'Symfony\Component\Form\Extension\Core\Type\PasswordType', [
+                'hash_property_path' => 'password',
+                'mapped' => false,
+            ])
+            ->getForm()
+        ;
+
+        $form->submit(['plainPassword' => 'PlainPassword']);
+    }
+
+    public function testPasswordHashOnMappedFieldForbidden()
+    {
+        $this->expectException(InvalidConfigurationException::class);
+        $this->expectExceptionMessage('The "hash_property_path" option cannot be used on mapped field.');
+
+        $form = $this->factory
+            ->createBuilder('Symfony\Component\Form\Extension\Core\Type\FormType', new User())
+            ->add('password', 'Symfony\Component\Form\Extension\Core\Type\PasswordType', [
+                'hash_property_path' => 'password',
+                'mapped' => true,
+            ])
+            ->getForm()
+        ;
+
+        $form->submit(['password' => 'PlainPassword']);
+    }
+}
diff --git a/Tests/Fixtures/User.php b/Tests/Fixtures/User.php
diff --git a/composer.json b/composer.json
