Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-10 12:23:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '6.0.x'

Browse Source 
Closes gh-12964
This commit is contained in:
Marcus Da Coregio 2023-04-04 10:21:52 -03:00
commit 5e2dd0351d
2 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
core/src/main/java/org/springframework/security/authentication/dao/DaoAuthenticationProvider.java
View File

@ -61,7 +61,16 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
private UserDetailsPasswordService userDetailsPasswordService;
public DaoAuthenticationProvider() {
setPasswordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
this(PasswordEncoderFactories.createDelegatingPasswordEncoder());
}
/**
* Creates a new instance using the provided {@link PasswordEncoder}
* @param passwordEncoder the {@link PasswordEncoder} to use. Cannot be null.
* @since 6.0.3
*/
public DaoAuthenticationProvider(PasswordEncoder passwordEncoder) {
setPasswordEncoder(passwordEncoder);
}
@Override

7
core/src/test/java/org/springframework/security/authentication/dao/DaoAuthenticationProviderTests.java
View File

@ -441,6 +441,13 @@ public class DaoAuthenticationProviderTests {
assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> provider.authenticate(token));
}
@Test
public void constructWhenPasswordEncoderProvidedThenSets() {
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider(
NoOpPasswordEncoder.getInstance());
assertThat(daoAuthenticationProvider.getPasswordEncoder()).isSameAs(NoOpPasswordEncoder.getInstance());
}
/**
* This is an explicit test for SEC-2056. It is intentionally ignored since this test
* is not deterministic and {@link #testUserNotFoundEncodesPassword()} ensures that