From 4c5138b2cbd0df5aa7aeb1fed3f1ab868042fd2b Mon Sep 17 00:00:00 2001 From: Andrew Nicols Date: Tue, 16 May 2023 10:08:59 +0800 Subject: [PATCH] Switch to ramsey/uuid for token generation --- application/composer.json | 1 + application/composer.lock | 239 +++++++++++++++++- .../src/Controller/MatrixController.php | 2 +- application/src/Traits/GeneralTrait.php | 20 +- 4 files changed, 245 insertions(+), 17 deletions(-) diff --git a/application/composer.json b/application/composer.json index 6475409..4a3b8ea 100644 --- a/application/composer.json +++ b/application/composer.json @@ -13,6 +13,7 @@ "doctrine/doctrine-migrations-bundle": "^3.1", "doctrine/orm": "^2.9", "firebase/php-jwt": "^5.4", + "ramsey/uuid": "^4.7", "symfony/console": "5.3.*", "symfony/dotenv": "5.3.*", "symfony/flex": "^1.3.1", diff --git a/application/composer.lock b/application/composer.lock index 9ac20c8..a4c39e5 100644 --- a/application/composer.lock +++ b/application/composer.lock @@ -4,8 +4,63 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "ba3a4b6454da07522f415e76a2242c53", + "content-hash": "00a2d2213de2a65b8f74758f6289da56", "packages": [ + { + "name": "brick/math", + "version": "0.11.0", + "source": { + "type": "git", + "url": "https://github.com/brick/math.git", + "reference": "0ad82ce168c82ba30d1c01ec86116ab52f589478" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/brick/math/zipball/0ad82ce168c82ba30d1c01ec86116ab52f589478", + "reference": "0ad82ce168c82ba30d1c01ec86116ab52f589478", + "shasum": "" + }, + "require": { + "php": "^8.0" + }, + "require-dev": { + "php-coveralls/php-coveralls": "^2.2", + "phpunit/phpunit": "^9.0", + "vimeo/psalm": "5.0.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "Brick\\Math\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "description": "Arbitrary-precision arithmetic library", + "keywords": [ + "Arbitrary-precision", + "BigInteger", + "BigRational", + "arithmetic", + "bigdecimal", + "bignum", + "brick", + "math" + ], + "support": { + "issues": "https://github.com/brick/math/issues", + "source": "https://github.com/brick/math/tree/0.11.0" + }, + "funding": [ + { + "url": "https://github.com/BenMorel", + "type": "github" + } + ], + "time": "2023-01-15T23:15:59+00:00" + }, { "name": "composer/package-versions-deprecated", "version": "1.11.99.2", @@ -1854,6 +1909,188 @@ }, "time": "2021-07-14T16:41:46+00:00" }, + { + "name": "ramsey/collection", + "version": "1.3.0", + "source": { + "type": "git", + "url": "https://github.com/ramsey/collection.git", + "reference": "ad7475d1c9e70b190ecffc58f2d989416af339b4" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ramsey/collection/zipball/ad7475d1c9e70b190ecffc58f2d989416af339b4", + "reference": "ad7475d1c9e70b190ecffc58f2d989416af339b4", + "shasum": "" + }, + "require": { + "php": "^7.4 || ^8.0", + "symfony/polyfill-php81": "^1.23" + }, + "require-dev": { + "captainhook/plugin-composer": "^5.3", + "ergebnis/composer-normalize": "^2.28.3", + "fakerphp/faker": "^1.21", + "hamcrest/hamcrest-php": "^2.0", + "jangregor/phpstan-prophecy": "^1.0", + "mockery/mockery": "^1.5", + "php-parallel-lint/php-console-highlighter": "^1.0", + "php-parallel-lint/php-parallel-lint": "^1.3", + "phpcsstandards/phpcsutils": "^1.0.0-rc1", + "phpspec/prophecy-phpunit": "^2.0", + "phpstan/extension-installer": "^1.2", + "phpstan/phpstan": "^1.9", + "phpstan/phpstan-mockery": "^1.1", + "phpstan/phpstan-phpunit": "^1.3", + "phpunit/phpunit": "^9.5", + "psalm/plugin-mockery": "^1.1", + "psalm/plugin-phpunit": "^0.18.4", + "ramsey/coding-standard": "^2.0.3", + "ramsey/conventional-commits": "^1.3", + "vimeo/psalm": "^5.4" + }, + "type": "library", + "extra": { + "captainhook": { + "force-install": true + }, + "ramsey/conventional-commits": { + "configFile": "conventional-commits.json" + } + }, + "autoload": { + "psr-4": { + "Ramsey\\Collection\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Ben Ramsey", + "email": "ben@benramsey.com", + "homepage": "https://benramsey.com" + } + ], + "description": "A PHP library for representing and manipulating collections.", + "keywords": [ + "array", + "collection", + "hash", + "map", + "queue", + "set" + ], + "support": { + "issues": "https://github.com/ramsey/collection/issues", + "source": "https://github.com/ramsey/collection/tree/1.3.0" + }, + "funding": [ + { + "url": "https://github.com/ramsey", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/ramsey/collection", + "type": "tidelift" + } + ], + "time": "2022-12-27T19:12:24+00:00" + }, + { + "name": "ramsey/uuid", + "version": "4.7.4", + "source": { + "type": "git", + "url": "https://github.com/ramsey/uuid.git", + "reference": "60a4c63ab724854332900504274f6150ff26d286" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ramsey/uuid/zipball/60a4c63ab724854332900504274f6150ff26d286", + "reference": "60a4c63ab724854332900504274f6150ff26d286", + "shasum": "" + }, + "require": { + "brick/math": "^0.8.8 || ^0.9 || ^0.10 || ^0.11", + "ext-json": "*", + "php": "^8.0", + "ramsey/collection": "^1.2 || ^2.0" + }, + "replace": { + "rhumsaa/uuid": "self.version" + }, + "require-dev": { + "captainhook/captainhook": "^5.10", + "captainhook/plugin-composer": "^5.3", + "dealerdirect/phpcodesniffer-composer-installer": "^0.7.0", + "doctrine/annotations": "^1.8", + "ergebnis/composer-normalize": "^2.15", + "mockery/mockery": "^1.3", + "paragonie/random-lib": "^2", + "php-mock/php-mock": "^2.2", + "php-mock/php-mock-mockery": "^1.3", + "php-parallel-lint/php-parallel-lint": "^1.1", + "phpbench/phpbench": "^1.0", + "phpstan/extension-installer": "^1.1", + "phpstan/phpstan": "^1.8", + "phpstan/phpstan-mockery": "^1.1", + "phpstan/phpstan-phpunit": "^1.1", + "phpunit/phpunit": "^8.5 || ^9", + "ramsey/composer-repl": "^1.4", + "slevomat/coding-standard": "^8.4", + "squizlabs/php_codesniffer": "^3.5", + "vimeo/psalm": "^4.9" + }, + "suggest": { + "ext-bcmath": "Enables faster math with arbitrary-precision integers using BCMath.", + "ext-gmp": "Enables faster math with arbitrary-precision integers using GMP.", + "ext-uuid": "Enables the use of PeclUuidTimeGenerator and PeclUuidRandomGenerator.", + "paragonie/random-lib": "Provides RandomLib for use with the RandomLibAdapter", + "ramsey/uuid-doctrine": "Allows the use of Ramsey\\Uuid\\Uuid as Doctrine field type." + }, + "type": "library", + "extra": { + "captainhook": { + "force-install": true + } + }, + "autoload": { + "files": [ + "src/functions.php" + ], + "psr-4": { + "Ramsey\\Uuid\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "description": "A PHP library for generating and working with universally unique identifiers (UUIDs).", + "keywords": [ + "guid", + "identifier", + "uuid" + ], + "support": { + "issues": "https://github.com/ramsey/uuid/issues", + "source": "https://github.com/ramsey/uuid/tree/4.7.4" + }, + "funding": [ + { + "url": "https://github.com/ramsey", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/ramsey/uuid", + "type": "tidelift" + } + ], + "time": "2023-04-15T23:01:58+00:00" + }, { "name": "symfony/cache", "version": "v5.3.14", diff --git a/application/src/Controller/MatrixController.php b/application/src/Controller/MatrixController.php index 9e2e2c3..2003c6a 100644 --- a/application/src/Controller/MatrixController.php +++ b/application/src/Controller/MatrixController.php @@ -97,7 +97,7 @@ public function login(string $serverID, Request $request) : JsonResponse { $response['refresh_token'] = $token->getRefreshToken(); } - $token->setAccessToken($this->generateToken('access-token')); + $token->setAccessToken($this->generateToken()); $entityManager->persist($token); $entityManager->flush(); diff --git a/application/src/Traits/GeneralTrait.php b/application/src/Traits/GeneralTrait.php index bd485e8..0b8835a 100644 --- a/application/src/Traits/GeneralTrait.php +++ b/application/src/Traits/GeneralTrait.php @@ -2,8 +2,9 @@ namespace App\Traits; -use Symfony\Component\HttpFoundation\Request; use App\Service\ApiCheck; +use Ramsey\Uuid\Uuid; +use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\JsonResponse; trait GeneralTrait { @@ -43,21 +44,10 @@ public function authHttpCheck(array $requestMethod, Request $request, bool $doAu /** * Generates a unique token. * - * @param string $extra * @return string */ - private function generateToken(string $extra = null): string { - $string = hash('sha256', $extra.date("Ymdhms")); - $token = null; - $previousPosition = 0; - for ($i = 0; $i < strlen($string); $i++) { - $randomDashedPosition = (int)rand(1, 10); - if (($randomDashedPosition > 3) && (($i % $randomDashedPosition) === 0)) { - $previousPosition = (int)($previousPosition + $randomDashedPosition); - $token = substr_replace($token ?? $string, '-', $previousPosition, 1); - } - } - return $token; + private function generateToken(): string { + return Uuid::uuid4()->toString(); } /** @@ -178,4 +168,4 @@ private function loginIdentifierType(object $identifier = null): array { } return $response; } -} \ No newline at end of file +}