Remove shims that have been moved to Shim plugin.

Controller/Component/Auth/FallbackPasswordHasher.php

@@ -1,87 +0,0 @@
-<?php
-
-App::uses('AbstractPasswordHasher', 'Controller/Component/Auth');
-App::uses('PasswordHasherFactory', 'Tools.Controller/Component/Auth');
-/**
- * A backport of the 3.x FallbackPasswordHasher class.
- *
- * @author Mark Scherer
- * @license http://opensource.org/licenses/mit-license.php MIT
- */
-class FallbackPasswordHasher extends AbstractPasswordHasher {
-
-	/**
-	 * Default config for this object.
-	 *
-	 * @var array
-	 */
-	protected $_defaultConfig = ['hashers' => []];
-
-	/**
-	 * Holds the list of password hasher objects that will be used
-	 *
-	 * @var array
-	 */
-	protected $_hashers = [];
-
-	/**
-	 * Constructor
-	 *
-	 * @param array $config configuration options for this object. Requires the
-	 * `hashers` key to be present in the array with a list of other hashers to be
-	 * used
-	 */
-	public function __construct(array $config = []) {
-		$config += $this->_defaultConfig;
-		parent::__construct($config);
-		foreach ($this->_config['hashers'] as $key => $hasher) {
-			if (!is_string($hasher)) {
-				$hasher += ['className' => $key, ];
-			}
-			$this->_hashers[] = PasswordHasherFactory::build($hasher);
-		}
-	}
-
-	/**
-	 * Generates password hash.
-	 *
-	 * Uses the first password hasher in the list to generate the hash
-	 *
-	 * @param string $password Plain text password to hash.
-	 * @return string Password hash
-	 */
-	public function hash($password) {
-		return $this->_hashers[0]->hash($password);
-	}
-
-	/**
-	 * Verifies that the provided password corresponds to its hashed version
-	 *
-	 * This will iterate over all configured hashers until one of them returns
-	 * true.
-	 *
-	 * @param string $password Plain text password to hash.
-	 * @param string $hashedPassword Existing hashed password.
-	 * @return bool True if hashes match else false.
-	 */
-	public function check($password, $hashedPassword) {
-		foreach ($this->_hashers as $hasher) {
-			if ($hasher->check($password, $hashedPassword)) {
-				return true;
-			}
-		}
-		return false;
-	}
-
-	/**
-	 * Returns true if the password need to be rehashed, with the first hasher present
-	 * in the list of hashers
-	 *
-	 * @param string $password The password to verify
-	 * @return bool
-	 */
-	public function needsRehash($password) {
-		return $this->_hashers[0]->needsRehash($password);
-	}
-
-}

Controller/Component/Auth/ModernPasswordHasher.php

@@ -1,80 +0,0 @@
-<?php
-
-App::uses('AbstractPasswordHasher', 'Controller/Component/Auth');
-
-/**
- * Modern password hashing class for PHP5.5+.
- * A backport of the 3.x DefaultPasswordHasher class.
- *
- * This requires either PHP5.5+ or the password_hash() shim from
- * https://github.com/ircmaxell/password_compat
- * If you don't use composer, you can also directly use the class in this repo:
- *   require CakePlugin::path('Tools') . 'Lib/Bootstrap/Password.php';
- * You would then require it in your bootstrap.php.
- * But the preferred way would be a composer dependency.
- *
- * @author Mark Scherer
- * @license http://opensource.org/licenses/mit-license.php MIT
- * @link http://www.dereuromark.de/2011/08/25/working-with-passwords-in-cakephp/
- */
-class ModernPasswordHasher extends AbstractPasswordHasher {
-
-	/**
-	 * Constructor
-	 *
-	 * @param array $config Array of config.
-	 */
-	public function __construct($config = []) {
-		if (!function_exists('password_hash')) {
-			throw new CakeException('password_hash() is not available.');
-		}
-		parent::__construct($config);
-	}
-
-	/**
-	 * Default config for this object.
-	 *
-	 * @var array
-	 */
-	protected $_config = [
-		'salt' => null,
-		'cost' => 10,
-		'hashType' => PASSWORD_BCRYPT
-	];
-
-	/**
-	 * Generates password hash.
-	 *
-	 * @param string $password Plain text password to hash.
-	 * @return string Password hash.
-	 * @link http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#using-bcrypt-for-passwords
-	 */
-	public function hash($password) {
-		$options = ['cost' => $this->_config['cost'], 'salt' => $this->_config['salt']];
-		$options = array_filter($options);
-		return password_hash($password, $this->_config['hashType'], $options);
-	}
-
-	/**
-	 * Check hash. Generate hash for user provided password and check against existing hash.
-	 *
-	 * @param string $password Plain text password to hash.
-	 * @param string Existing hashed password.
-	 * @return bool True if hashes match else false.
-	 */
-	public function check($password, $hashedPassword) {
-		return password_verify($password, $hashedPassword);
-	}
-
-	/**
-	 * Returns true if the password need to be rehashed, due to the password being
-	 * created with anything else than the passwords currently generated by this class.
-	 *
-	 * @param string $password The password hash to verify.
-	 * @return bool True if it needs rehashing.
-	 */
-	public function needsRehash($currentHash) {
-		return password_needs_rehash($currentHash, $this->_config['hashType']);
-	}
-
-}

Controller/Component/Auth/PasswordHasherFactory.php

@@ -1,40 +0,0 @@
-<?php
-
-/**
- * Builds password hashing objects
- *
- * Backported from 3.x
- */
-class PasswordHasherFactory {
-
-	/**
-	 * Returns password hasher object out of a hasher name or a configuration array
-	 *
-	 * @param string|array $passwordHasher Name of the password hasher or an array with
-	 * at least the key `className` set to the name of the class to use
-	 * @return \Cake\Auth\AbstractPasswordHasher Password hasher instance
-	 * @throws \RuntimeException If password hasher class not found or
-	 *   it does not extend Cake\Auth\AbstractPasswordHasher
-	 */
-	public static function build($passwordHasher) {
-		$config = [];
-		if (is_string($passwordHasher)) {
-			$class = $passwordHasher;
-		} else {
-			$class = $passwordHasher['className'];
-			$config = $passwordHasher;
-			unset($config['className']);
-		}
-
-		list($plugin, $class) = pluginSplit($class, true);
-		$className = $class . 'PasswordHasher';
-		App::uses($className, $plugin . 'Controller/Component/Auth');
-		if (!class_exists($className)) {
-			throw new CakeException(sprintf('Password hasher class "%s" was not found.', $class));
-		}
-		if (!is_subclass_of($className, 'AbstractPasswordHasher')) {
-			throw new CakeException('Password hasher must extend AbstractPasswordHasher class.');
-		}
-		return new $className($config);
-	}
-}

Lib/Bootstrap/Password.php

@@ -1,282 +0,0 @@
-<?php
-/**
- * A Compatibility library with PHP 5.5's simplified password hashing API.
- *
- * Include it via require:
- *   require CakePlugin::path('Tools') . 'Lib/Bootstrap/Password.php';
- *
- * @author Anthony Ferrara <ircmaxell@php.net>
- * @license http://opensource.org/licenses/mit-license.html MIT
- * @copyright 2012 The Authors
- */
-
-namespace {
-
-if (!defined('PASSWORD_DEFAULT')) {
-
-    define('PASSWORD_BCRYPT', 1);
-    define('PASSWORD_DEFAULT', PASSWORD_BCRYPT);
-
-    /**
-     * Hash the password using the specified algorithm
-     *
-     * @param string $password The password to hash
-     * @param int    $algo     The algorithm to use (Defined by PASSWORD_* constants)
-     * @param array  $options  The options for the algorithm to use
-     *
-     * @return string|false The hashed password, or false on error.
-     */
-    function password_hash($password, $algo, array $options = []) {
-        if (!function_exists('crypt')) {
-            trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING);
-            return null;
-        }
-        if (!is_string($password)) {
-            trigger_error("password_hash(): Password must be a string", E_USER_WARNING);
-            return null;
-        }
-        if (!is_int($algo)) {
-            trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING);
-            return null;
-        }
-        $resultLength = 0;
-        switch ($algo) {
-            case PASSWORD_BCRYPT:
-                // Note that this is a C constant, but not exposed to PHP, so we don't define it here.
-                $cost = 10;
-                if (isset($options['cost'])) {
-                    $cost = $options['cost'];
-                    if ($cost < 4 || $cost > 31) {
-                        trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING);
-                        return null;
-                    }
-                }
-                // The length of salt to generate
-                $raw_salt_len = 16;
-                // The length required in the final serialization
-                $required_salt_len = 22;
-                $hash_format = sprintf("$2y$%02d$", $cost);
-                // The expected length of the final crypt() output
-                $resultLength = 60;
-                break;
-            default:
-                trigger_error(sprintf("password_hash(): Unknown password hashing algorithm: %s", $algo), E_USER_WARNING);
-                return null;
-        }
-        $salt_requires_encoding = false;
-        if (isset($options['salt'])) {
-            switch (gettype($options['salt'])) {
-                case 'NULL':
-                case 'boolean':
-                case 'integer':
-                case 'double':
-                case 'string':
-                    $salt = (string) $options['salt'];
-                    break;
-                case 'object':
-                    if (method_exists($options['salt'], '__tostring')) {
-                        $salt = (string) $options['salt'];
-                        break;
-                    }
-                case 'array':
-                case 'resource':
-                default:
-                    trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING);
-                    return null;
-            }
-            if (PasswordCompat\binary\_strlen($salt) < $required_salt_len) {
-                trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", PasswordCompat\binary\_strlen($salt), $required_salt_len), E_USER_WARNING);
-                return null;
-            } elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) {
-                $salt_requires_encoding = true;
-            }
-        } else {
-            $buffer = '';
-            $buffer_valid = false;
-            if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) {
-                $buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM);
-                if ($buffer) {
-                    $buffer_valid = true;
-                }
-            }
-            if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) {
-                $buffer = openssl_random_pseudo_bytes($raw_salt_len);
-                if ($buffer) {
-                    $buffer_valid = true;
-                }
-            }
-            if (!$buffer_valid && @is_readable('/dev/urandom')) {
-                $f = fopen('/dev/urandom', 'r');
-                $read = PasswordCompat\binary\_strlen($buffer);
-                while ($read < $raw_salt_len) {
-                    $buffer .= fread($f, $raw_salt_len - $read);
-                    $read = PasswordCompat\binary\_strlen($buffer);
-                }
-                fclose($f);
-                if ($read >= $raw_salt_len) {
-                    $buffer_valid = true;
-                }
-            }
-            if (!$buffer_valid || PasswordCompat\binary\_strlen($buffer) < $raw_salt_len) {
-                $bl = PasswordCompat\binary\_strlen($buffer);
-                for ($i = 0; $i < $raw_salt_len; $i++) {
-                    if ($i < $bl) {
-                        $buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255));
-                    } else {
-                        $buffer .= chr(mt_rand(0, 255));
-                    }
-                }
-            }
-            $salt = $buffer;
-            $salt_requires_encoding = true;
-        }
-        if ($salt_requires_encoding) {
-            // encode string with the Base64 variant used by crypt
-            $base64_digits =
-                'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
-            $bcrypt64_digits =
-                './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
-
-            $base64_string = base64_encode($salt);
-            $salt = strtr(rtrim($base64_string, '='), $base64_digits, $bcrypt64_digits);
-        }
-        $salt = PasswordCompat\binary\_substr($salt, 0, $required_salt_len);
-
-        $hash = $hash_format . $salt;
-
-        $ret = crypt($password, $hash);
-
-        if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != $resultLength) {
-            return false;
-        }
-
-        return $ret;
-    }
-
-    /**
-     * Get information about the password hash. Returns an array of the information
-     * that was used to generate the password hash.
-     *
-     * array(
-     *    'algo' => 1,
-     *    'algoName' => 'bcrypt',
-     *    'options' => array(
-     *        'cost' => 10,
-     *    ),
-     * )
-     *
-     * @param string $hash The password hash to extract info from
-     *
-     * @return array The array of information about the hash.
-     */
-    function password_get_info($hash) {
-        $return = [
-            'algo' => 0,
-            'algoName' => 'unknown',
-            'options' => [],
-        ];
-        if (PasswordCompat\binary\_substr($hash, 0, 4) == '$2y$' && PasswordCompat\binary\_strlen($hash) == 60) {
-            $return['algo'] = PASSWORD_BCRYPT;
-            $return['algoName'] = 'bcrypt';
-            list($cost) = sscanf($hash, "$2y$%d$");
-            $return['options']['cost'] = $cost;
-        }
-        return $return;
-    }
-
-    /**
-     * Determine if the password hash needs to be rehashed according to the options provided
-     *
-     * If the answer is true, after validating the password using password_verify, rehash it.
-     *
-     * @param string $hash    The hash to test
-     * @param int    $algo    The algorithm used for new password hashes
-     * @param array  $options The options array passed to password_hash
-     *
-     * @return boolean True if the password needs to be rehashed.
-     */
-    function password_needs_rehash($hash, $algo, array $options = []) {
-        $info = password_get_info($hash);
-        if ($info['algo'] != $algo) {
-            return true;
-        }
-        switch ($algo) {
-            case PASSWORD_BCRYPT:
-                $cost = isset($options['cost']) ? $options['cost'] : 10;
-                if ($cost != $info['options']['cost']) {
-                    return true;
-                }
-                break;
-        }
-        return false;
-    }
-
-    /**
-     * Verify a password against a hash using a timing attack resistant approach
-     *
-     * @param string $password The password to verify
-     * @param string $hash     The hash to verify against
-     *
-     * @return boolean If the password matches the hash
-     */
-    function password_verify($password, $hash) {
-        if (!function_exists('crypt')) {
-            trigger_error("Crypt must be loaded for password_verify to function", E_USER_WARNING);
-            return false;
-        }
-        $ret = crypt($password, $hash);
-        if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != PasswordCompat\binary\_strlen($hash) || PasswordCompat\binary\_strlen($ret) <= 13) {
-            return false;
-        }
-
-        $status = 0;
-        for ($i = 0; $i < PasswordCompat\binary\_strlen($ret); $i++) {
-            $status |= (ord($ret[$i]) ^ ord($hash[$i]));
-        }
-
-        return $status === 0;
-    }
-}
-
-}
-
-namespace PasswordCompat\binary {
-    /**
-     * Count the number of bytes in a string
-     *
-     * We cannot simply use strlen() for this, because it might be overwritten by the mbstring extension.
-     * In this case, strlen() will count the number of *characters* based on the internal encoding. A
-     * sequence of bytes might be regarded as a single multibyte character.
-     *
-     * @param string $binary_string The input string
-     *
-     * @internal
-     * @return int The number of bytes
-     */
-    function _strlen($binary_string) {
-           if (function_exists('mb_strlen')) {
-               return mb_strlen($binary_string, '8bit');
-           }
-           return strlen($binary_string);
-    }
-
-    /**
-     * Get a substring based on byte limits
-     *
-     * @see _strlen()
-     *
-     * @param string $binary_string The input string
-     * @param int    $start
-     * @param int    $length
-     *
-     * @internal
-     * @return string The substring
-     */
-    function _substr($binary_string, $start, $length) {
-       if (function_exists('mb_substr')) {
-           return mb_substr($binary_string, $start, $length, '8bit');
-       }
-       return substr($binary_string, $start, $length);
-   }
-
-}

Test/Case/Controller/Component/Auth/FallbackPasswordHasherTest.php

@@ -1,226 +0,0 @@
-<?php
-/**
- * FallbackPasswordHasher file
- *
- */
-App::uses('FallbackPasswordHasher', 'Tools.Controller/Component/Auth');
-App::uses('MyCakeTestCase', 'Tools.TestSuite');
-App::uses('Controller', 'Controller');
-App::uses('CakeRequest', 'Network');
-App::uses('CakeResponse', 'Network');
-App::uses('Model', 'Model');
-App::uses('CakeSession', 'Model/Datasource');
-
-if (!defined('PASSWORD_BCRYPT')) {
-	require CakePlugin::path('Tools') . 'Lib/Bootstrap/Password.php';
-}
-
-/**
- * Test case for FallbackPasswordHasher
- *
- */
-class FallbackPasswordHasherTest extends MyCakeTestCase {
-
-	public $fixtures = ['plugin.tools.tools_auth_user'];
-
-	public $Controller;
-
-	public $request;
-
-	/**
-	 * Setup
-	 *
-	 * @return void
-	 */
-	public function setUp() {
-		parent::setUp();
-
-		$this->Controller = new TestFallbackPasswordHasherController(new CakeRequest(), new CakeResponse());
-		$this->Controller->constructClasses();
-		$this->Controller->startupProcess();
-
-		// Modern pwd account
-		$this->Controller->TestFallbackPasswordHasherUser->create();
-		$user = array(
-			'username' => 'itisme',
-			'email' => '',
-			'pwd' => 'secure123456'
-		);
-		$res = $this->Controller->TestFallbackPasswordHasherUser->save($user);
-		$this->assertTrue((bool)$res);
-
-		// Old pwd account
-		$this->Controller->TestFallbackPasswordHasherUser->create();
-		$user = array(
-			'username' => 'itwasme',
-			'email' => '',
-			'password' => Security::hash('123456', null, true)
-		);
-		$res = $this->Controller->TestFallbackPasswordHasherUser->save($user);
-		$this->assertTrue((bool)$res);
-
-		CakeSession::delete('Auth');
-
-		//var_dump($this->Controller->TestFallbackPasswordHasherUser->find('all'));
-	}
-
-	public function tearDown() {
-		parent::tearDown();
-	}
-
-	/**
-	 * @return void
-	 */
-	public function testBasics() {
-		$this->Controller->request->data = array(
-			'TestFallbackPasswordHasherUser' => array(
-				'username' => 'itisme',
-				'password' => 'xyz'
-			),
-		);
-		$result = $this->Controller->Auth->login();
-		$this->assertFalse($result);
-	}
-
-	/**
-	 * @return void
-	 */
-	public function testLogin() {
-		$this->Controller->request->data = array(
-			'TestFallbackPasswordHasherUser' => array(
-				'username' => 'itisme',
-				'password' => 'secure123456'
-			),
-		);
-		$result = $this->Controller->Auth->login();
-		$this->assertTrue($result);
-
-		// This could be done in login() action after successfully logging in.
-		$hash = $this->Controller->TestFallbackPasswordHasherUser->hash('secure123456');
-		$this->assertFalse($this->Controller->TestFallbackPasswordHasherUser->needsRehash($hash));
-	}
-
-	/**
-	 * @return void
-	 */
-	public function testLoginOld() {
-		$this->Controller->request->data = array(
-			'TestFallbackPasswordHasherUser' => array(
-				'username' => 'itwasme',
-				'password' => '123456'
-			),
-		);
-		$result = $this->Controller->Auth->login();
-		$this->assertTrue($result);
-
-		// This could be done in login() action after successfully logging in.
-		$hash = Security::hash('123456', null, true);
-		$this->assertTrue($this->Controller->TestFallbackPasswordHasherUser->needsRehash($hash));
-	}
-
-}
-
-class TestFallbackPasswordHasherController extends Controller {
-
-	public $uses = array('Tools.TestFallbackPasswordHasherUser');
-
-	public $components = array('Auth');
-
-	public function beforeFilter() {
-		parent::beforeFilter();
-
-		$options = array(
-			'className' => 'Tools.Fallback',
-			'hashers' => array(
-				'Tools.Modern', 'Simple'
-				//'Tools.Modern' => array('userModel' => 'Tools.TestFallbackPasswordHasherUser'), 'Simple' => array('userModel' => 'Tools.TestFallbackPasswordHasherUser')
-			)
-		);
-		$this->Auth->authenticate = array(
-			'Form' => array(
-				'passwordHasher' => $options,
-				'fields' => array(
-					'username' => 'username',
-					'password' => 'password'
-				),
-				'userModel' => 'Tools.TestFallbackPasswordHasherUser'
-			)
-		);
-	}
-
-}
-
-class TestFallbackPasswordHasherUser extends Model {
-
-	public $useTable = 'tools_auth_users';
-
-	/**
-	 * TestFallbackPasswordHasherUser::beforeSave()
-	 *
-	 * @param array $options
-	 * @return bool Success
-	 */
-	public function beforeSave($options = array()) {
-		if (!empty($this->data[$this->alias]['pwd'])) {
-			$this->data[$this->alias]['password'] = $this->hash($this->data[$this->alias]['pwd']);
-		}
-		return true;
-	}
-
-	/**
-	 * @param string $pwd
-	 * @return string Hash
-	 */
-	public function hash($pwd) {
-		$options = array(
-			'className' => 'Tools.Fallback',
-			'hashers' => array(
-				'Tools.Modern', 'Simple'
-			)
-		);
-		$passwordHasher = $this->_getPasswordHasher($options);
-		return $passwordHasher->hash($pwd);
-	}
-
-	/**
-	 * @param string $pwd
-	 * @return bool Success
-	 */
-	public function needsRehash($pwd) {
-		$options = array(
-			'className' => 'Tools.Fallback',
-			'hashers' => array(
-				'Tools.Modern', 'Simple'
-			)
-		);
-		$passwordHasher = $this->_getPasswordHasher($options);
-		return $passwordHasher->needsRehash($pwd);
-	}
-
-	/**
-	 * PasswordableBehavior::_getPasswordHasher()
-	 *
-	 * @param mixed $hasher Name or options array.
-	 * @return PasswordHasher
-	 */
-	protected function _getPasswordHasher($hasher) {
-		$class = $hasher;
-		$config = [];
-		if (is_array($hasher)) {
-			$class = $hasher['className'];
-			unset($hasher['className']);
-			$config = $hasher;
-		}
-		list($plugin, $class) = pluginSplit($class, true);
-		$className = $class . 'PasswordHasher';
-		App::uses($className, $plugin . 'Controller/Component/Auth');
-		if (!class_exists($className)) {
-			throw new CakeException(sprintf('Password hasher class "%s" was not found.', $class));
-		}
-		if (!is_subclass_of($className, 'AbstractPasswordHasher')) {
-			throw new CakeException('Password hasher must extend AbstractPasswordHasher class.');
-		}
-		return new $className($config);
-	}
-
-}

Test/Case/Controller/Component/Auth/ModernPasswordHasherTest.php

@@ -1,181 +0,0 @@
-<?php
-/**
- * ModernPasswordHasher file
- *
- */
-App::uses('ModernPasswordHasher', 'Tools.Controller/Component/Auth');
-App::uses('MyCakeTestCase', 'Tools.TestSuite');
-App::uses('Controller', 'Controller');
-App::uses('CakeRequest', 'Network');
-App::uses('CakeResponse', 'Network');
-App::uses('Model', 'Model');
-App::uses('CakeSession', 'Model/Datasource');
-
-if (!defined('PASSWORD_BCRYPT')) {
-	require CakePlugin::path('Tools') . 'Lib/Bootstrap/Password.php';
-}
-
-/**
- * Test case for ModernPasswordHasher
- *
- */
-class ModernPasswordHasherTest extends MyCakeTestCase {
-
-	public $fixtures = ['plugin.tools.tools_auth_user'];
-
-	public $Controller;
-
-	public $request;
-
-	/**
-	 * Setup
-	 *
-	 * @return void
-	 */
-	public function setUp() {
-		parent::setUp();
-
-		$this->Controller = new TestModernPasswordHasherController(new CakeRequest(), new CakeResponse());
-		$this->Controller->constructClasses();
-		$this->Controller->startupProcess();
-
-		// Modern pwd account
-		$this->Controller->TestModernPasswordHasherUser->create();
-		$user = array(
-			'username' => 'itisme',
-			'email' => '',
-			'pwd' => 'secure123456'
-		);
-		$res = $this->Controller->TestModernPasswordHasherUser->save($user);
-		$this->assertTrue((bool)$res);
-
-		CakeSession::delete('Auth');
-	}
-
-	/**
-	 * @return void
-	 */
-	public function tearDown() {
-		parent::tearDown();
-	}
-
-	/**
-	 * @return void
-	 */
-	public function testBasics() {
-		$this->Controller->request->data = array(
-			'TestModernPasswordHasherUser' => array(
-				'username' => 'itisme',
-				'password' => 'xyz'
-			),
-		);
-		$result = $this->Controller->Auth->login();
-		$this->assertFalse($result);
-	}
-
-	/**
-	 * @return void
-	 */
-	public function testLogin() {
-		$this->Controller->request->data = array(
-			'TestModernPasswordHasherUser' => array(
-				'username' => 'itisme',
-				'password' => 'secure123456'
-			),
-		);
-		$result = $this->Controller->Auth->login();
-		$this->assertTrue($result);
-
-		// This could be done in login() action after successfully logging in.
-		$hash = $this->Controller->TestModernPasswordHasherUser->hash('secure123456');
-		$this->assertFalse($this->Controller->TestModernPasswordHasherUser->needsRehash($hash));
-	}
-
-}
-
-class TestModernPasswordHasherController extends Controller {
-
-	public $uses = array('Tools.TestModernPasswordHasherUser');
-
-	public $components = array('Auth');
-
-	/**
-	 * @return void
-	 */
-	public function beforeFilter() {
-		parent::beforeFilter();
-
-		$this->Auth->authenticate = array(
-			'Form' => array(
-				'passwordHasher' => 'Tools.Modern',
-				'fields' => array(
-					'username' => 'username',
-					'password' => 'password'
-				),
-				'userModel' => 'Tools.TestModernPasswordHasherUser'
-			)
-		);
-	}
-
-}
-
-class TestModernPasswordHasherUser extends Model {
-
-	public $useTable = 'tools_auth_users';
-
-	/**
-	 * TestModernPasswordHasherUser::beforeSave()
-	 *
-	 * @param array $options
-	 * @return bool Success
-	 */
-	public function beforeSave($options = array()) {
-		if (!empty($this->data[$this->alias]['pwd'])) {
-			$this->data[$this->alias]['password'] = $this->hash($this->data[$this->alias]['pwd']);
-		}
-		return true;
-	}
-
-	/**
-	 * @param string $pwd
-	 * @return string Hash
-	 */
-	public function hash($pwd) {
-		$passwordHasher = $this->_getPasswordHasher('Tools.Modern');
-		return $passwordHasher->hash($pwd);
-	}
-
-	/**
-	 * @param string $pwd
-	 * @return bool Success
-	 */
-	public function needsRehash($pwd) {
-		$passwordHasher = $this->_getPasswordHasher('Tools.Modern');
-		return $passwordHasher->needsRehash($pwd);
-	}
-
-	/**
-	 * @param mixed $hasher Name or options array.
-	 * @return PasswordHasher
-	 */
-	protected function _getPasswordHasher($hasher) {
-		$class = $hasher;
-		$config = [];
-		if (is_array($hasher)) {
-			$class = $hasher['className'];
-			unset($hasher['className']);
-			$config = $hasher;
-		}
-		list($plugin, $class) = pluginSplit($class, true);
-		$className = $class . 'PasswordHasher';
-		App::uses($className, $plugin . 'Controller/Component/Auth');
-		if (!class_exists($className)) {
-			throw new CakeException(sprintf('Password hasher class "%s" was not found.', $class));
-		}
-		if (!is_subclass_of($className, 'AbstractPasswordHasher')) {
-			throw new CakeException('Password hasher must extend AbstractPasswordHasher class.');
-		}
-		return new $className($config);
-	}
-
-}

Test/Case/Model/Behavior/PasswordableBehaviorTest.php

@@ -631,7 +631,7 @@ class PasswordableBehaviorTest extends CakeTestCase {
 			'allowSame' => false,
 			'current' => false,
 			'authType' => 'Blowfish',
-			'passwordHasher' => 'Tools.Modern'
+			'passwordHasher' => 'Shim.Modern'
 		]);
 		$this->User->create();
 		$data = [
@@ -754,7 +754,7 @@ class PasswordableBehaviorTest extends CakeTestCase {
 			'allowSame' => false,
 			'current' => false,
 			'authType' => 'Blowfish',
-			'passwordHasher' => 'Tools.Modern'
+			'passwordHasher' => 'Shim.Modern'
 		]);
 
 		$hash =  password_hash('foobar', PASSWORD_BCRYPT);