merged branch TerjeBr/persistent-token-provider (PR #7534)

fabpot · fabpot · commit c65b482a690c · 2013-04-01T09:55:23.000+02:00
This PR was merged into the 2.2 branch. Discussion ---------- [Security/Http/RememberMe] PersistentTokenBasedRememberMeServices bugfix | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | License | MIT The database and debug layer cannot handle raw random strings. It may contain invalid ut8 characters and whatnot. So, in order to avoid a lot of database bugs, we must base64_encode the random strings. Commits ------- 751abe1 Doctrine cannot handle bare random non-utf8 strings
diff --git a/src/Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices.php b/src/Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
@@ -99,7 +99,7 @@ protected function processAutoLoginCookie(array $cookieParts, Request $request)
         }
 
         $series = $persistentToken->getSeries();
-        $tokenValue = $this->secureRandom->nextBytes(64);
+        $tokenValue = base64_encode($this->secureRandom->nextBytes(64));
         $this->tokenProvider->updateToken($series, $tokenValue, new \DateTime());
         $request->attributes->set(self::COOKIE_ATTR_NAME,
             new Cookie(
@@ -121,8 +121,8 @@ protected function processAutoLoginCookie(array $cookieParts, Request $request)
      */
     protected function onLoginSuccess(Request $request, Response $response, TokenInterface $token)
     {
-        $series = $this->secureRandom->nextBytes(64);
-        $tokenValue = $this->secureRandom->nextBytes(64);
+        $series = base64_encode($this->secureRandom->nextBytes(64));
+        $tokenValue = base64_encode($this->secureRandom->nextBytes(64));
 
         $this->tokenProvider->createNewToken(
             new PersistentToken(
