Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-03-04 18:54:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/7.0.x'

Browse Source
This commit is contained in:
Josh Cummings 2026-03-03 18:18:24 -07:00
commit 94829a1551
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
core/src/main/java/org/springframework/security/authentication/dao/DaoAuthenticationProvider.java
View File

@ -16,6 +16,7 @@
package org.springframework.security.authentication.dao;
import java.util.Objects;
import java.util.function.Supplier;
import org.jspecify.annotations.Nullable;
@ -43,6 +44,7 @@ import org.springframework.util.function.SingletonSupplier;
*
* @author Ben Alex
* @author Rob Winch
* @author Andrey Litvitski
*/
public class DaoAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
@ -131,7 +133,8 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
throw new CompromisedPasswordException("The provided password is compromised, please change your password");
}
String existingEncodedPassword = user.getPassword();
boolean upgradeEncoding = existingEncodedPassword != null && this.userDetailsPasswordService != null
boolean upgradeEncoding = existingEncodedPassword != null
&& !Objects.equals(this.userDetailsPasswordService, UserDetailsPasswordService.NOOP)
&& this.passwordEncoder.get().upgradeEncoding(existingEncodedPassword);
if (upgradeEncoding) {
String newPassword = this.passwordEncoder.get().encode(presentedPassword);