From 38d674b6150ebd638f7c517b19790ac631f8dc35 Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Wed, 5 Jul 2023 17:49:26 +0200
Subject: [PATCH 1/2] Fix some return types in tests

---
 Tests/DataCollector/SecurityDataCollectorTest.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Tests/DataCollector/SecurityDataCollectorTest.php b/Tests/DataCollector/SecurityDataCollectorTest.php
index b092b8a1..9e12116a 100644
--- a/Tests/DataCollector/SecurityDataCollectorTest.php
+++ b/Tests/DataCollector/SecurityDataCollectorTest.php
@@ -434,7 +434,7 @@ private function getRoleHierarchy()
 
 final class DummyVoter implements VoterInterface
 {
-    public function vote(TokenInterface $token, $subject, array $attributes)
+    public function vote(TokenInterface $token, $subject, array $attributes): int
     {
     }
 }

From 8f432fae02bd908c1decea70a359d85a9be37f2c Mon Sep 17 00:00:00 2001
From: Maxime Steinhausser <maxime.steinhausser@gmail.com>
Date: Mon, 18 Sep 2023 17:40:31 +0200
Subject: [PATCH 2/2] [SecurityBundle][PasswordHasher] Fix password migration
 with custom hasher service with security bundle config

---
 DependencyInjection/SecurityExtension.php     |  5 +++-
 .../SecurityExtensionTest.php                 | 27 +++++++++++++++++++
 2 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/DependencyInjection/SecurityExtension.php b/DependencyInjection/SecurityExtension.php
index d64b2c38..c165024b 100644
--- a/DependencyInjection/SecurityExtension.php
+++ b/DependencyInjection/SecurityExtension.php
@@ -848,7 +848,10 @@ private function createHasher(array $config)
     {
         // a custom hasher service
         if (isset($config['id'])) {
-            return new Reference($config['id']);
+            return $config['migrate_from'] ?? false ? [
+                'instance' => new Reference($config['id']),
+                'migrate_from' => $config['migrate_from'],
+            ] : new Reference($config['id']);
         }
 
         if ($config['migrate_from'] ?? false) {
diff --git a/Tests/DependencyInjection/SecurityExtensionTest.php b/Tests/DependencyInjection/SecurityExtensionTest.php
index 71ca327c..eef68e4c 100644
--- a/Tests/DependencyInjection/SecurityExtensionTest.php
+++ b/Tests/DependencyInjection/SecurityExtensionTest.php
@@ -881,6 +881,33 @@ public function testLegacyAuthorizationManagerSignature()
         $this->assertEquals('%security.access.always_authenticate_before_granting%', (string) $args[3]);
     }
 
+    public function testCustomHasherWithMigrateFrom()
+    {
+        $container = $this->getRawContainer();
+
+        $container->loadFromExtension('security', [
+            'enable_authenticator_manager' => true,
+            'password_hashers' => [
+                'legacy' => 'md5',
+                'App\User' => [
+                    'id' => 'App\Security\CustomHasher',
+                    'migrate_from' => 'legacy',
+                ],
+            ],
+            'firewalls' => ['main' => ['http_basic' => true]],
+        ]);
+
+        $container->compile();
+
+        $hashersMap = $container->getDefinition('security.password_hasher_factory')->getArgument(0);
+
+        $this->assertArrayHasKey('App\User', $hashersMap);
+        $this->assertEquals($hashersMap['App\User'], [
+            'instance' => new Reference('App\Security\CustomHasher'),
+            'migrate_from' => ['legacy'],
+        ]);
+    }
+
     protected function getRawContainer()
     {
         $container = new ContainerBuilder();