Deprecation: #85796 - Salted passwords cleanups
See forge#85796
Description
These methods have been marked as deprecated:
TYPO3\CMS\ Saltedpasswords\ Salt\ Salt Factory:: get Salting Instance () - Use
Saltto retrieve a hash instance of for a given password hash. UseFactory->get () Saltto retrieve an instance of the configured default hash algorithm for a given context. See the method comments for usage details.Factory->get Default Hash Instance () TYPO3\CMS\ Saltedpasswords\ Salt\ Salt Factory:: determine Salting Hashing Method () - Use
Saltinstead.Factory->get Default Hash Instance () TYPO3\CMS\ Saltedpasswords\ Salt\ Salt Factory:: set Preferred Hashing Method () - This method was only used for unit testing and has been marked as deprecated without substitution since
object instances of
Saltcan now be properly mocked. UseFactory Prophecyto do that in unit tests that haveSaltas dependency.Factory TYPO3\CMS\ Saltedpasswords\ Utility\ Salted Passwords Utility->get Number Of Backend Users With Insecure Password () - This internal method is unused and there is no new implementation to substitute it.
Impact
Calling one of the above methods will trigger a PHP
E_ error and a fatal PHP error in TYPO3 v10.
Affected Installations
Most instances are not affected by this change if they don't have custom authentication
services loaded that add magic with stored local password hashes, and if they don't use
the
Salt in own extension which is a seldom use case.
The extension scanner will find usages in extensions.
Migration
Use the new factory methods as outlined in the description section.