#fix-exception-rehash pull identifier correctly, there could be many

steinkel · steinkel · commit 2efdb6253c43 · 2025-11-25T18:17:05.000Z
diff --git a/src/Controller/Component/LoginComponent.php b/src/Controller/Component/LoginComponent.php
@@ -16,6 +16,7 @@
 
 use Authentication\AuthenticationServiceInterface;
 use Authentication\Authenticator\ResultInterface;
+use Authentication\Identifier\IdentifierCollection;
 use Cake\Controller\Component;
 use Cake\Core\Configure;
 use Cake\Datasource\EntityInterface;
@@ -195,25 +196,37 @@ protected function handlePasswordRehash($service, $user, \Cake\Http\ServerReques
         $identifiersNames = (array)Configure::read('Auth.PasswordRehash.identifiers');
         foreach ($identifiersNames as $identifierName) {
             if (!$service->identifiers()->has($identifierName)) {
+                Log::warning("Error saving user id $user->id password after rehashing: identifier $identifierName not found. Check your Auth.PasswordRehash.identifiers configuration.");
                 continue;
             }
             /**
              * @var \Authentication\Identifier\AbstractIdentifier|null $checker
              */
             $checker = $service->identifiers()->get($identifierName);
             $this->saveRehashedPassword($checker, $request, $user);
-            break;
         }
 
         // new way to define identifiers, inside the authenticators
         $authenticatorNames = (array)Configure::read('Auth.PasswordRehash.authenticators');
-        foreach ($authenticatorNames as $authenticatorName) {
+        foreach ($authenticatorNames as $authenticatorName => $identifierName) {
+            if (!$service->authenticators()->has($authenticatorName)) {
+                Log::warning("Error saving user id $user->id password after rehashing: authenticator $authenticatorName not found. Check your Auth.PasswordRehash.authenticators configuration.");
+                continue;
+            }
+            /**
+             * @var IdentifierCollection $identifierCollection
+             */
+            $identifierCollection = $service->authenticators()->get($authenticatorName)->getIdentifier();
+            if (!$identifierCollection->has($identifierName)) {
+                Log::warning("Error saving user id $user->id password after rehashing: identifier $identifierName not found. Check your Auth.PasswordRehash.authenticators configuration.");
+                continue;
+            }
+
             /**
              * @var \Authentication\Identifier\AbstractIdentifier|null $checker
              */
-            $checker = $service->authenticators()->get($authenticatorName)->getIdentifier();
+            $checker = $identifierCollection->get($identifierName);
             $this->saveRehashedPassword($checker, $request, $user);
-            break;
         }
     }
 
