TomaHost/Chamilo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upgrade 1-11.38

Browse Source
This commit is contained in:
xesmyd
2026-03-30 14:10:30 +02:00
parent f2a7e6d1fc
commit ac648ef29d
24665 changed files with 69682 additions and 2205004 deletions
Download Patch File Download Diff File Expand all files Collapse all files
vendor/symfony/security/Http/RememberMe/TokenBasedRememberMeServices.php
Vendored
+18 -16
View File
@@ -31,7 +31,7 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
*/
protected function processAutoLoginCookie(array $cookieParts, Request $request)
{
if (count($cookieParts) !== 4) {
if (4 !== \count($cookieParts)) {
throw new AuthenticationException('The cookie is invalid.');
}
@@ -50,7 +50,7 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
}
if (!$user instanceof UserInterface) {
throw new \RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', get_class($user)));
throw new \RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', \get_class($user)));
}
if (true !== hash_equals($this->generateCookieHash($class, $username, $expires, $user->getPassword()), $hash)) {
@@ -71,7 +71,7 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
{
$user = $token->getUser();
$expires = time() + $this->options['lifetime'];
$value = $this->generateCookieValue(get_class($user), $user->getUsername(), $expires, $user->getPassword());
$value = $this->generateCookieValue(\get_class($user), $user->getUsername(), $expires, $user->getPassword());
$response->headers->setCookie(
new Cookie(
@@ -81,7 +81,9 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
$this->options['path'],
$this->options['domain'],
$this->options['secure'],
$this->options['httponly']
$this->options['httponly'],
false,
$this->options['samesite']
)
);
}
@@ -89,10 +91,10 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
/**
* Generates the cookie value.
*
* @param string $class
* @param string $username The username
* @param int $expires The Unix timestamp when the cookie expires
* @param string $password The encoded password
* @param string $class
* @param string $username The username
* @param int $expires The Unix timestamp when the cookie expires
* @param string|null $password The encoded password
*
* @return string
*/
@@ -100,26 +102,26 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
{
// $username is encoded because it might contain COOKIE_DELIMITER,
// we assume other values don't
return $this->encodeCookie(array(
return $this->encodeCookie([
$class,
base64_encode($username),
$expires,
$this->generateCookieHash($class, $username, $expires, $password),
));
]);
}
/**
* Generates a hash for the cookie to ensure it is not being tempered with.
* Generates a hash for the cookie to ensure it is not being tampered with.
*
* @param string $class
* @param string $username The username
* @param int $expires The Unix timestamp when the cookie expires
* @param string $password The encoded password
* @param string $class
* @param string $username The username
* @param int $expires The Unix timestamp when the cookie expires
* @param string|null $password The encoded password
*
* @return string
*/
protected function generateCookieHash($class, $username, $expires, $password)
{
return hash_hmac('sha256', $class.$username.$expires.$password, $this->getSecret());
return hash_hmac('sha256', $class.self::COOKIE_DELIMITER.$username.self::COOKIE_DELIMITER.$expires.self::COOKIE_DELIMITER.$password, $this->getSecret());
}
}