config->getEnforceHaveIBeenPwned($context)) { $hash = sha1($password); $range = substr($hash, 0, 5); $needle = strtoupper(substr($hash, 5)); $client = $this->clientService->newClient(); try { $response = $client->get( 'https://api.pwnedpasswords.com/range/' . $range, [ 'timeout' => 5, 'headers' => [ 'Add-Padding' => 'true' ] ] ); } catch (\Exception $e) { $this->logger->info('Could not connect to HaveIBeenPwned API', ['exception' => $e]); return; } $result = $response->getBody(); if (is_resource($result)) { $result = stream_get_contents($result); } elseif ($result === null) { $this->logger->info('Could not read content from HaveIBeenPwned API, body was null'); return; } $result = preg_replace('/^([0-9A-Z]+:0)$/m', '', $result); if (str_contains($result, $needle)) { $message = 'Password is present in compromised password list. Please choose a different password.'; $message_t = $this->l->t( 'Password is present in compromised password list. Please choose a different password.' ); throw new HintException($message, $message_t); } } } }