Rename AuthenticatingListener

wouterj · wouterj · commit fba19b8f2dfa · 2020-04-20T14:20:56.000+02:00
diff --git a/EventListener/VerifyAuthenticatorCredentialsListener.php b/EventListener/VerifyAuthenticatorCredentialsListener.php
@@ -4,6 +4,7 @@
 
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
 use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 use Symfony\Component\Security\Core\Exception\LogicException;
 use Symfony\Component\Security\Http\Authenticator\CustomAuthenticatedInterface;
 use Symfony\Component\Security\Http\Authenticator\PasswordAuthenticatedInterface;
@@ -19,7 +20,7 @@
  * @final
  * @experimental in 5.1
  */
-class AuthenticatingListener implements EventSubscriberInterface
+class VerifyAuthenticatorCredentialsListener implements EventSubscriberInterface
 {
     private $encoderFactory;
 
@@ -28,22 +29,22 @@ public function __construct(EncoderFactoryInterface $encoderFactory)
         $this->encoderFactory = $encoderFactory;
     }
 
-    public static function getSubscribedEvents(): array
-    {
-        return [VerifyAuthenticatorCredentialsEvent::class => ['onAuthenticating', 128]];
-    }
-
     public function onAuthenticating(VerifyAuthenticatorCredentialsEvent $event): void
     {
         $authenticator = $event->getAuthenticator();
         if ($authenticator instanceof PasswordAuthenticatedInterface) {
             // Use the password encoder to validate the credentials
             $user = $event->getUser();
-            $event->setCredentialsValid($this->encoderFactory->getEncoder($user)->isPasswordValid(
-                $user->getPassword(),
-                $authenticator->getPassword($event->getCredentials()),
-                $user->getSalt()
-            ));
+            $presentedPassword = $authenticator->getPassword($event->getCredentials());
+            if ('' === $presentedPassword) {
+                throw new BadCredentialsException('The presented password cannot be empty.');
+            }
+
+            if (null === $user->getPassword()) {
+                return;
+            }
+
+            $event->setCredentialsValid($this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt()));
 
             return;
         }
@@ -65,4 +66,9 @@ public function onAuthenticating(VerifyAuthenticatorCredentialsEvent $event): vo
 
         throw new LogicException(sprintf('Authenticator %s does not have valid credentials. Authenticators must implement one of the authenticated interfaces (%s, %s or %s).', \get_class($authenticator), PasswordAuthenticatedInterface::class, TokenAuthenticatedInterface::class, CustomAuthenticatedInterface::class));
     }
+
+    public static function getSubscribedEvents(): array
+    {
+        return [VerifyAuthenticatorCredentialsEvent::class => ['onAuthenticating', 128]];
+    }
 }
