diff options
| author | Nicolas Grekas <nicolas.grekas@gmail.com> | 2015-10-07 09:44:07 +0200 |
|---|---|---|
| committer | Nicolas Grekas <nicolas.grekas@gmail.com> | 2015-10-07 09:44:07 +0200 |
| commit | 82a1ebbc0f0a570b28d5ede8243733c20971564c (patch) | |
| tree | 8f5c8b38de75c2eb26bf7412cd714b6756c9738f /Csrf | |
| parent | 4e3ea9f244ad465865c2384f3d9ba2f89361d364 (diff) | |
| parent | 5d74e1996313fc483fed9d4040acfa7f7b4fd297 (diff) | |
| download | symfony-security-82a1ebbc0f0a570b28d5ede8243733c20971564c.zip symfony-security-82a1ebbc0f0a570b28d5ede8243733c20971564c.tar.gz symfony-security-82a1ebbc0f0a570b28d5ede8243733c20971564c.tar.bz2 | |
Merge branch '2.8'
Conflicts:
composer.json
src/Symfony/Bundle/FrameworkBundle/Resources/config/annotations.xml
src/Symfony/Bundle/FrameworkBundle/Resources/config/routing.xml
src/Symfony/Bundle/FrameworkBundle/Resources/config/security_csrf.xml
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/Security/Core/composer.json
src/Symfony/Component/Security/Csrf/composer.json
src/Symfony/Component/Security/Http/composer.json
src/Symfony/Component/Security/composer.json
src/Symfony/Component/Translation/PluralizationRules.php
src/Symfony/Component/VarDumper/Exception/ThrowingCasterException.php
Diffstat (limited to 'Csrf')
| -rw-r--r-- | Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php | 14 | ||||
| -rw-r--r-- | Csrf/TokenGenerator/UriSafeTokenGenerator.php | 20 | ||||
| -rw-r--r-- | Csrf/composer.json | 3 |
3 files changed, 6 insertions, 31 deletions
diff --git a/Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php b/Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php index 1b325e5..320dfc8 100644 --- a/Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php +++ b/Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php @@ -28,11 +28,6 @@ class UriSafeTokenGeneratorTest extends \PHPUnit_Framework_TestCase private static $bytes; /** - * @var \PHPUnit_Framework_MockObject_MockObject - */ - private $random; - - /** * @var UriSafeTokenGenerator */ private $generator; @@ -44,23 +39,16 @@ class UriSafeTokenGeneratorTest extends \PHPUnit_Framework_TestCase protected function setUp() { - $this->random = $this->getMock('Symfony\Component\Security\Core\Util\SecureRandomInterface'); - $this->generator = new UriSafeTokenGenerator($this->random, self::ENTROPY); + $this->generator = new UriSafeTokenGenerator(self::ENTROPY); } protected function tearDown() { - $this->random = null; $this->generator = null; } public function testGenerateToken() { - $this->random->expects($this->once()) - ->method('nextBytes') - ->with(self::ENTROPY / 8) - ->will($this->returnValue(self::$bytes)); - $token = $this->generator->generateToken(); $this->assertTrue(ctype_print($token), 'is printable'); diff --git a/Csrf/TokenGenerator/UriSafeTokenGenerator.php b/Csrf/TokenGenerator/UriSafeTokenGenerator.php index edeb435..f331803 100644 --- a/Csrf/TokenGenerator/UriSafeTokenGenerator.php +++ b/Csrf/TokenGenerator/UriSafeTokenGenerator.php @@ -11,9 +11,6 @@ namespace Symfony\Component\Security\Csrf\TokenGenerator; -use Symfony\Component\Security\Core\Util\SecureRandomInterface; -use Symfony\Component\Security\Core\Util\SecureRandom; - /** * Generates CSRF tokens. * @@ -24,13 +21,6 @@ use Symfony\Component\Security\Core\Util\SecureRandom; class UriSafeTokenGenerator implements TokenGeneratorInterface { /** - * The generator for random values. - * - * @var SecureRandomInterface - */ - private $random; - - /** * The amount of entropy collected for each token (in bits). * * @var int @@ -40,14 +30,10 @@ class UriSafeTokenGenerator implements TokenGeneratorInterface /** * Generates URI-safe CSRF tokens. * - * @param SecureRandomInterface|null $random The random value generator used for - * generating entropy - * @param int $entropy The amount of entropy collected for - * each token (in bits) + * @param int $entropy The amount of entropy collected for each token (in bits) */ - public function __construct(SecureRandomInterface $random = null, $entropy = 256) + public function __construct($entropy = 256) { - $this->random = $random ?: new SecureRandom(); $this->entropy = $entropy; } @@ -59,7 +45,7 @@ class UriSafeTokenGenerator implements TokenGeneratorInterface // Generate an URI safe base64 encoded string that does not contain "+", // "/" or "=" which need to be URL encoded and make URLs unnecessarily // longer. - $bytes = $this->random->nextBytes($this->entropy / 8); + $bytes = random_bytes($this->entropy / 8); return rtrim(strtr(base64_encode($bytes), '+/', '-_'), '='); } diff --git a/Csrf/composer.json b/Csrf/composer.json index c87d418..41dc21c 100644 --- a/Csrf/composer.json +++ b/Csrf/composer.json @@ -17,7 +17,8 @@ ], "require": { "php": ">=5.5.9", - "symfony/security-core": "~2.8|~3.0" + "symfony/security-core": "~2.8|~3.0", + "paragonie/random_compat" : "~1.0" }, "require-dev": { "symfony/phpunit-bridge": "~2.8|~3.0", |