Introduce ISecureRandom::CHAR_ALPHANUMERICtags/v23.0.0beta1
@@ -692,7 +692,7 @@ class IMipPlugin extends SabreIMipPlugin { | |||
* @return string | |||
*/ | |||
private function createInvitationToken(Message $iTipMessage, $lastOccurrence):string { | |||
$token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS); | |||
$token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC); | |||
/** @var VEvent $vevent */ | |||
$vevent = $iTipMessage->message->VEVENT; |
@@ -104,7 +104,7 @@ class DirectController extends OCSController { | |||
$direct->setUserId($this->userId); | |||
$direct->setFileId($fileId); | |||
$token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS); | |||
$token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC); | |||
$direct->setToken($token); | |||
$direct->setExpiration($this->timeFactory->getTime() + $expirationTime); | |||
@@ -131,7 +131,7 @@ class DirectControllerTest extends TestCase { | |||
$this->random->method('generate') | |||
->with( | |||
60, | |||
ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS | |||
ISecureRandom::CHAR_ALPHANUMERIC | |||
)->willReturn('superduperlongtoken'); | |||
$this->directMapper->expects($this->once()) |
@@ -394,7 +394,7 @@ class EncryptAll { | |||
* @return string password | |||
*/ | |||
protected function generateOneTimePassword($uid) { | |||
$password = $this->secureRandom->generate(8); | |||
$password = $this->secureRandom->generate(16, ISecureRandom::CHAR_HUMAN_READABLE); | |||
$this->userPasswords[$uid] = $password; | |||
return $password; | |||
} |
@@ -52,7 +52,7 @@ class TokenHandler { | |||
public function generateToken() { | |||
$token = $this->secureRandom->generate( | |||
self::TOKEN_LENGTH, | |||
ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS); | |||
ISecureRandom::CHAR_ALPHANUMERIC); | |||
return $token; | |||
} | |||
} |
@@ -49,7 +49,7 @@ class TokenHandlerTest extends \Test\TestCase { | |||
$this->secureRandom->expects($this->once())->method('generate') | |||
->with( | |||
$this->expectedTokenLength, | |||
ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS | |||
ISecureRandom::CHAR_ALPHANUMERIC | |||
) | |||
->willReturn('mytoken'); | |||
@@ -147,7 +147,7 @@ class OauthApiController extends Controller { | |||
} | |||
// Rotate the apptoken (so the old one becomes invalid basically) | |||
$newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS); | |||
$newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_ALPHANUMERIC); | |||
$appToken = $this->tokenProvider->rotate( | |||
$appToken, | |||
@@ -160,7 +160,7 @@ class OauthApiController extends Controller { | |||
$this->tokenProvider->updateToken($appToken); | |||
// Generate a new refresh token and encrypt the new apptoken in the DB | |||
$newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS); | |||
$newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_ALPHANUMERIC); | |||
$accessToken->setHashedCode(hash('sha512', $newCode)); | |||
$accessToken->setEncryptedToken($this->crypto->encrypt($newToken, $newCode)); | |||
$this->accessTokenMapper->update($accessToken); |
@@ -104,9 +104,7 @@ class NewUserMailHelper { | |||
if ($generatePasswordResetToken) { | |||
$token = $this->secureRandom->generate( | |||
21, | |||
ISecureRandom::CHAR_DIGITS . | |||
ISecureRandom::CHAR_LOWER . | |||
ISecureRandom::CHAR_UPPER | |||
ISecureRandom::CHAR_ALPHANUMERIC | |||
); | |||
$tokenValue = $this->timeFactory->getTime() . ':' . $token; | |||
$mailAddress = (null !== $user->getEMailAddress()) ? $user->getEMailAddress() : ''; |
@@ -129,11 +129,7 @@ class NewUserMailHelperTest extends TestCase { | |||
$this->secureRandom | |||
->expects($this->once()) | |||
->method('generate') | |||
->with(21, | |||
ISecureRandom::CHAR_DIGITS . | |||
ISecureRandom::CHAR_LOWER . | |||
ISecureRandom::CHAR_UPPER | |||
) | |||
->with(21, ISecureRandom::CHAR_ALPHANUMERIC) | |||
->willReturn('MySuperLongSecureRandomToken'); | |||
$this->timeFactory | |||
->expects($this->once()) |
@@ -224,7 +224,7 @@ class ShareByMailProvider implements IShareProvider { | |||
$password = $passwordEvent->getPassword(); | |||
if ($password === null) { | |||
$password = $this->secureRandom->generate(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS); | |||
$password = $this->secureRandom->generate(8, ISecureRandom::CHAR_HUMAN_READABLE); | |||
} | |||
return $password; |
@@ -301,7 +301,7 @@ class ShareByMailProviderTest extends TestCase { | |||
$this->secureRandom->expects($this->once()) | |||
->method('generate') | |||
->with(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS) | |||
->with(8, ISecureRandom::CHAR_HUMAN_READABLE) | |||
->willReturn('autogeneratedPassword'); | |||
$this->eventDispatcher->expects($this->once()) | |||
->method('dispatchTyped') |
@@ -575,7 +575,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { | |||
} | |||
if (empty($this->requestId)) { | |||
$validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS; | |||
$validChars = ISecureRandom::CHAR_ALPHANUMERIC; | |||
$this->requestId = $this->secureRandom->generate(20, $validChars); | |||
} | |||
@@ -108,7 +108,7 @@ class File implements ICache { | |||
// unique id to avoid chunk collision, just in case | |||
$uniqueId = \OC::$server->getSecureRandom()->generate( | |||
16, | |||
ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER | |||
ISecureRandom::CHAR_ALPHANUMERIC | |||
); | |||
// use part file to prevent hasKey() to find the key |
@@ -162,7 +162,7 @@ class MySQL extends AbstractDatabase { | |||
$this->dbUser = $adminUser; | |||
//create a random password so we don't need to store the admin password in the config file | |||
$this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER); | |||
$this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_ALPHANUMERIC); | |||
$this->createDBUser($connection); | |||
@@ -31,6 +31,7 @@ namespace OC\Setup; | |||
use OC\DatabaseException; | |||
use OC\DB\Connection; | |||
use OC\DB\QueryBuilder\Literal; | |||
use OCP\Security\ISecureRandom; | |||
class PostgreSQL extends AbstractDatabase { | |||
public $dbprettyname = 'PostgreSQL'; | |||
@@ -66,7 +67,7 @@ class PostgreSQL extends AbstractDatabase { | |||
//add prefix to the postgresql user name to prevent collisions | |||
$this->dbUser = 'oc_' . strtolower($username); | |||
//create a new password so we don't need to store the admin config in the config file | |||
$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_DIGITS); | |||
$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC); | |||
$this->createDBUser($connection); | |||
} |
@@ -47,6 +47,7 @@ interface ISecureRandom { | |||
public const CHAR_LOWER = 'abcdefghijklmnopqrstuvwxyz'; | |||
public const CHAR_DIGITS = '0123456789'; | |||
public const CHAR_SYMBOLS = '!\"#$%&\\\'()*+,-./:;<=>?@[\]^_`{|}~'; | |||
public const CHAR_ALPHANUMERIC = self::CHAR_UPPER . self::CHAR_LOWER . self::CHAR_DIGITS; | |||
/** | |||
* Characters that can be used for <code>generate($length, $characters)</code>, to |