Merge pull request #7734 from MrPetovan/bug/7709-catch-missing-certainty-bundle-exception

Catch missing Certainty bundle exception when checking for exposed password
This commit is contained in:
Philipp 2019-10-13 15:38:02 +02:00 committed by GitHub
commit d016423a7f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 3 deletions

View file

@ -64,7 +64,6 @@ class Logger extends BaseObject
self::TRACE => 'Trace',
self::DEBUG => 'Debug',
self::DATA => 'Data',
self::ALL => 'All',
];
/**

View file

@ -412,6 +412,7 @@ class User
*
* @param string $password
* @return bool
* @throws Exception
*/
public static function isPasswordExposed($password)
{
@ -420,9 +421,20 @@ class User
'cacheDirectory' => get_temppath() . '/password-exposed-cache/',
]);
$PasswordExposedCHecker = new PasswordExposed\PasswordExposedChecker(null, $cache);
try {
$passwordExposedChecker = new PasswordExposed\PasswordExposedChecker(null, $cache);
return $PasswordExposedCHecker->passwordExposed($password) === PasswordExposed\PasswordStatus::EXPOSED;
return $passwordExposedChecker->passwordExposed($password) === PasswordExposed\PasswordStatus::EXPOSED;
} catch (\Exception $e) {
Logger::error('Password Exposed Exception: ' . $e->getMessage(), [
'code' => $e->getCode(),
'file' => $e->getFile(),
'line' => $e->getLine(),
'trace' => $e->getTraceAsString()
]);
return false;
}
}
/**