ZxcvbnKeyAnalyzer fix in case on dep error

Spomky · Spomky · commit bd2c116ebd11 · 2022-05-30T14:19:12.000+02:00
diff --git a/src/Component/KeyManagement/Analyzer/ZxcvbnKeyAnalyzer.php b/src/Component/KeyManagement/Analyzer/ZxcvbnKeyAnalyzer.php
@@ -7,6 +7,7 @@
 use function is_string;
 use Jose\Component\Core\JWK;
 use ParagonIE\ConstantTime\Base64UrlSafe;
+use Throwable;
 use ZxcvbnPhp\Zxcvbn;
 
 final class ZxcvbnKeyAnalyzer implements KeyAnalyzer
@@ -27,25 +28,28 @@ public function analyze(JWK $jwk, MessageBag $bag): void
             return;
         }
         $zxcvbn = new Zxcvbn();
-        $strength = $zxcvbn->passwordStrength($k);
-
-        switch (true) {
-            case $strength['score'] < 3:
-                $bag->add(
-                    Message::high(
-                        'The octet string is weak and easily guessable. Please change your key as soon as possible.'
-                    )
-                );
-
-                break;
-
-            case $strength['score'] === 3:
-                $bag->add(Message::medium('The octet string is safe, but a longer key is preferable.'));
-
-                break;
-
-            default:
-                break;
+        try {
+            $strength = $zxcvbn->passwordStrength($k);
+            switch (true) {
+                case $strength['score'] < 3:
+                    $bag->add(
+                        Message::high(
+                            'The octet string is weak and easily guessable. Please change your key as soon as possible.'
+                        )
+                    );
+
+                    break;
+
+                case $strength['score'] === 3:
+                    $bag->add(Message::medium('The octet string is safe, but a longer key is preferable.'));
+
+                    break;
+
+                default:
+                    break;
+            }
+        } catch (Throwable) {
+            $bag->add(Message::medium('The test of the weakness cannot be performed.'));
         }
     }
 }
