[Security] PlainTextPasswordEncoder::isPasswordValid() throws an exception when the user has no password set (password is null)

**Symfony version(s) affected**: 4.4

**Description**  
Actually PlainTextPasswordEnocder::isPasswordValid() throws an exception when the user has no password set (password is null)

**How to reproduce**  

When UserInterface::password is null and the encoder is PlainTextPasswordEncoder an exception is thrown 
![image](https://user-images.githubusercontent.com/33282931/71169444-354e9e80-2259-11ea-99b1-2f5163225d2e.png)

**Possible Solution**  

I think PlainTextPasswordEnocder::isPasswordValid() should return false when the user's password is null.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

[Security] PlainTextPasswordEncoder::isPasswordValid() throws an exception when the user has no password set (password is null) #35040

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

[Security] PlainTextPasswordEncoder::isPasswordValid() throws an exception when the user has no password set (password is null) #35040

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions