diff options
| author | Pierre du Plessis <pierre@pcservice.co.za> | 2015-09-23 22:36:53 +0200 |
|---|---|---|
| committer | Pierre du Plessis <pierre@pcservice.co.za> | 2015-10-06 20:09:25 +0200 |
| commit | 5d74e1996313fc483fed9d4040acfa7f7b4fd297 (patch) | |
| tree | 995d510e3345cc6cb771338ff20ab3ea0f95dd80 /Csrf/TokenGenerator | |
| parent | ce07ac56f610bc9ca1ef11fddf90d38d3b72f85e (diff) | |
| download | symfony-security-5d74e1996313fc483fed9d4040acfa7f7b4fd297.zip symfony-security-5d74e1996313fc483fed9d4040acfa7f7b4fd297.tar.gz symfony-security-5d74e1996313fc483fed9d4040acfa7f7b4fd297.tar.bz2 | |
Deprecate the SecureRandom class
Diffstat (limited to 'Csrf/TokenGenerator')
| -rw-r--r-- | Csrf/TokenGenerator/UriSafeTokenGenerator.php | 26 |
1 files changed, 10 insertions, 16 deletions
diff --git a/Csrf/TokenGenerator/UriSafeTokenGenerator.php b/Csrf/TokenGenerator/UriSafeTokenGenerator.php index edeb435..fa5a722 100644 --- a/Csrf/TokenGenerator/UriSafeTokenGenerator.php +++ b/Csrf/TokenGenerator/UriSafeTokenGenerator.php @@ -12,7 +12,6 @@ namespace Symfony\Component\Security\Csrf\TokenGenerator; use Symfony\Component\Security\Core\Util\SecureRandomInterface; -use Symfony\Component\Security\Core\Util\SecureRandom; /** * Generates CSRF tokens. @@ -24,13 +23,6 @@ use Symfony\Component\Security\Core\Util\SecureRandom; class UriSafeTokenGenerator implements TokenGeneratorInterface { /** - * The generator for random values. - * - * @var SecureRandomInterface - */ - private $random; - - /** * The amount of entropy collected for each token (in bits). * * @var int @@ -40,15 +32,17 @@ class UriSafeTokenGenerator implements TokenGeneratorInterface /** * Generates URI-safe CSRF tokens. * - * @param SecureRandomInterface|null $random The random value generator used for - * generating entropy - * @param int $entropy The amount of entropy collected for - * each token (in bits) + * @param int $entropy The amount of entropy collected for each token (in bits) */ - public function __construct(SecureRandomInterface $random = null, $entropy = 256) + public function __construct($entropy = 256) { - $this->random = $random ?: new SecureRandom(); - $this->entropy = $entropy; + if ($entropy instanceof SecureRandomInterface || func_num_args() === 2) { + @trigger_error('The '.__METHOD__.' method now requires the entropy to be given as the first argument. The SecureRandomInterface will be removed in 3.0.', E_USER_DEPRECATED); + + $this->entropy = func_num_args() === 2 ? func_get_arg(1) : 256; + } else { + $this->entropy = $entropy; + } } /** @@ -59,7 +53,7 @@ class UriSafeTokenGenerator implements TokenGeneratorInterface // Generate an URI safe base64 encoded string that does not contain "+", // "/" or "=" which need to be URL encoded and make URLs unnecessarily // longer. - $bytes = $this->random->nextBytes($this->entropy / 8); + $bytes = random_bytes($this->entropy / 8); return rtrim(strtr(base64_encode($bytes), '+/', '-_'), '='); } |