Skip to content

Improve documentation of PasswordUpgraderInterface #60009

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 20, 2025
Merged

Improve documentation of PasswordUpgraderInterface #60009

merged 1 commit into from
Mar 20, 2025

Conversation

stof
Copy link
Member

@stof stof commented Mar 20, 2025

Q A
Branch? 7.3
Bug fix? no
New feature? no
Deprecations? no
Issues n/a
License MIT

Implementations of PasswordUpgraderInterface can be called with a user instance that they don't support and are expected to handle it gracefully.
Handling it gracefully can be done either by being silent or by throwing an UnsupportedUserException.

This is a follow-up of #51283 to document that throwing UnsupportedUserException is actually fine for implementations as the way to handle unsupported users, as shown by the implementation of the ChainUserProvider:

symfony/src/Symfony/Component/Security/Core/User/ChainUserProvider.php

Lines 107 to 113 in 07e020a

if ($provider instanceof PasswordUpgraderInterface) {
try {
$provider->upgradePassword($user, $newHashedPassword);
} catch (UnsupportedUserException) {
// ignore: password upgrades are opportunistic
}
}

@stof stof requested a review from chalasr as a code owner March 20, 2025 11:24
@carsonbot carsonbot added this to the 7.3 milestone Mar 20, 2025
@stof
Copy link
Member Author

stof commented Mar 20, 2025

Note that the LdapUserProvider and EntityUserProvider in core are already relying on the fact that throwing an UnsupportedUserException is allowed.

@stof stof mentioned this pull request Mar 20, 2025
Merged
@nicolas-grekas nicolas-grekas merged commit 5a9a351 into 7.3 Mar 20, 2025
17 of 19 checks passed
@nicolas-grekas nicolas-grekas deleted the stof-patch-1 branch March 20, 2025 16:31
@nicolas-grekas
Copy link
Member

Thank you @stof

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xabbuh xabbuh xabbuh approved these changes

@VincentLanglet VincentLanglet VincentLanglet approved these changes

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

Assignees
No one assigned
Labels
Status: Reviewed
Projects
None yet
Milestone
7.3
Development

Successfully merging this pull request may close these issues.
5 participants
@stof @nicolas-grekas @xabbuh @VincentLanglet @carsonbot