🔃 [EngCom] Public Pull Requests - 2.1-develop

Accepted Public Pull Requests:
 - #14168: [Backport 2.1] Added mage/translate component to customers's ajax login (by @ccasciotti)
 - #13886: #5463 - Use specified hashing algo in \Magento\Framework\Encryption\Encryptor::getHash (by @k4emic)


Fixed GitHub Issues:
 - #5463: The ability to store passwords using different hashing algorithms is limited (reported by @maderlock) has been fixed in #13886 by @k4emic in 2.1-develop branch
   Related commits:
     1. 86dd6ec

Author: magento-engcom-team

app/code/Magento/Customer/view/frontend/web/js/action/login.js

@@ -8,9 +8,10 @@ define(
         'jquery',
         'mage/storage',
         'Magento_Ui/js/model/messageList',
-        'Magento_Customer/js/customer-data'
+        'Magento_Customer/js/customer-data',
+        'mage/translate'
     ],
-    function($, storage, globalMessageList, customerData) {
+    function($, storage, globalMessageList, customerData, $t) {
         'use strict';
         var callbacks = [],
             action = function(loginData, redirectUrl, isGlobal, messageContainer) {
@@ -39,7 +40,9 @@ define(
                         }
                     }
                 }).fail(function () {
-                    messageContainer.addErrorMessage({'message': 'Could not authenticate. Please try again later'});
+                    messageContainer.addErrorMessage({
+                        'message': $t('Could not authenticate. Please try again later')
+                    });
                     callbacks.forEach(function(callback) {
                         callback(loginData);
                     });

lib/internal/Magento/Framework/Encryption/Encryptor.php

@@ -143,7 +143,7 @@ public function validateCipher($version)
     public function getHash($password, $salt = false, $version = self::HASH_VERSION_LATEST)
     {
         if ($salt === false) {
-            return $this->hash($password);
+            return $this->hash($password, $version);
         }
         if ($salt === true) {
             $salt = self::DEFAULT_SALT_LENGTH;
@@ -155,7 +155,7 @@ public function getHash($password, $salt = false, $version = self::HASH_VERSION_
         return implode(
             self::DELIMITER,
             [
-                $this->hash($salt . $password),
+                $this->hash($salt . $password, $version),
                 $salt,
                 $version
             ]

lib/internal/Magento/Framework/Encryption/Test/Unit/EncryptorTest.php

@@ -207,4 +207,32 @@ public function testValidateKey()
         $this->assertEquals($expectedEncryptedData, $actualEncryptedData);
         $this->assertEquals($crypt->decrypt($expectedEncryptedData), $actual->decrypt($actualEncryptedData));
     }
+
+    public function testUseSpecifiedHashingAlgoDataProvider()
+    {
+        return [
+            ['password', 'salt', Encryptor::HASH_VERSION_MD5,
+             '67a1e09bb1f83f5007dc119c14d663aa:salt:0'],
+            ['password', 'salt', Encryptor::HASH_VERSION_SHA256,
+             '13601bda4ea78e55a07b98866d2be6be0744e3866f13c00c811cab608a28f322:salt:1'],
+            ['password', false, Encryptor::HASH_VERSION_MD5,
+             '5f4dcc3b5aa765d61d8327deb882cf99'],
+            ['password', false, Encryptor::HASH_VERSION_SHA256,
+             '5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8']
+        ];
+    }
+
+    /**
+     * @dataProvider testUseSpecifiedHashingAlgoDataProvider
+     *
+     * @param $password
+     * @param $salt
+     * @param $hashAlgo
+     * @param $expected
+     */
+    public function testGetHashMustUseSpecifiedHashingAlgo($password, $salt, $hashAlgo, $expected)
+    {
+        $hash = $this->_model->getHash($password, $salt, $hashAlgo);
+        $this->assertEquals($expected, $hash);
+    }
 }