Introduce ISecureRandom::CHAR_ALPHANUMERIC

Signed-off-by: J0WI <J0WI@users.noreply.github.com>
nextcloud · Jul 8, 2021 · 3b65644 · 3b65644
1 parent 040bc04
commit 3b65644
Show file tree

Hide file tree

Showing 15 changed files with 17 additions and 21 deletions.
diff --git a/apps/dav/lib/CalDAV/Schedule/IMipPlugin.php b/apps/dav/lib/CalDAV/Schedule/IMipPlugin.php
@@ -692,7 +692,7 @@ private function getAbsoluteImagePath($path) {
 	 * @return string
 	 */
 	private function createInvitationToken(Message $iTipMessage, $lastOccurrence):string {
-		$token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS);
+		$token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC);
 
 		/** @var VEvent $vevent */
 		$vevent = $iTipMessage->message->VEVENT;

diff --git a/apps/dav/lib/Controller/DirectController.php b/apps/dav/lib/Controller/DirectController.php
@@ -104,7 +104,7 @@ public function getUrl(int $fileId, int $expirationTime = 60 * 60 * 8): DataResp
 		$direct->setUserId($this->userId);
 		$direct->setFileId($fileId);
 
-		$token = $this->random->generate(60, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS);
+		$token = $this->random->generate(60, ISecureRandom::CHAR_ALPHANUMERIC);
 		$direct->setToken($token);
 		$direct->setExpiration($this->timeFactory->getTime() + $expirationTime);
 

diff --git a/apps/dav/tests/unit/Controller/DirectControllerTest.php b/apps/dav/tests/unit/Controller/DirectControllerTest.php
@@ -131,7 +131,7 @@ public function testGetUrlValid() {
 		$this->random->method('generate')
 			->with(
 				60,
-				ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS
+				ISecureRandom::CHAR_ALPHANUMERIC
 			)->willReturn('superduperlongtoken');
 
 		$this->directMapper->expects($this->once())

diff --git a/apps/federatedfilesharing/lib/TokenHandler.php b/apps/federatedfilesharing/lib/TokenHandler.php
@@ -52,7 +52,7 @@ public function __construct(ISecureRandom $secureRandom) {
 	public function generateToken() {
 		$token = $this->secureRandom->generate(
 			self::TOKEN_LENGTH,
-			ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS);
+			ISecureRandom::CHAR_ALPHANUMERIC);
 		return $token;
 	}
 }
diff --git a/apps/federatedfilesharing/tests/TokenHandlerTest.php b/apps/federatedfilesharing/tests/TokenHandlerTest.php
@@ -49,7 +49,7 @@ public function testGenerateToken() {
 		$this->secureRandom->expects($this->once())->method('generate')
 			->with(
 				$this->expectedTokenLength,
-				ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS
+				ISecureRandom::CHAR_ALPHANUMERIC
 			)
 			->willReturn('mytoken');
 

diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php
@@ -147,7 +147,7 @@ public function getToken($grant_type, $code, $refresh_token, $client_id, $client
 		}
 
 		// Rotate the apptoken (so the old one becomes invalid basically)
-		$newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
+		$newToken = $this->secureRandom->generate(72, ISecureRandom::CHAR_ALPHANUMERIC);
 
 		$appToken = $this->tokenProvider->rotate(
 			$appToken,
@@ -160,7 +160,7 @@ public function getToken($grant_type, $code, $refresh_token, $client_id, $client
 		$this->tokenProvider->updateToken($appToken);
 
 		// Generate a new refresh token and encrypt the new apptoken in the DB
-		$newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
+		$newCode = $this->secureRandom->generate(128, ISecureRandom::CHAR_ALPHANUMERIC);
 		$accessToken->setHashedCode(hash('sha512', $newCode));
 		$accessToken->setEncryptedToken($this->crypto->encrypt($newToken, $newCode));
 		$this->accessTokenMapper->update($accessToken);

diff --git a/apps/settings/lib/Mailer/NewUserMailHelper.php b/apps/settings/lib/Mailer/NewUserMailHelper.php
@@ -104,9 +104,7 @@ public function generateTemplate(IUser $user, $generatePasswordResetToken = fals
 		if ($generatePasswordResetToken) {
 			$token = $this->secureRandom->generate(
 				21,
-				ISecureRandom::CHAR_DIGITS .
-				ISecureRandom::CHAR_LOWER .
-				ISecureRandom::CHAR_UPPER
+				ISecureRandom::CHAR_ALPHANUMERIC
 			);
 			$tokenValue = $this->timeFactory->getTime() . ':' . $token;
 			$mailAddress = (null !== $user->getEMailAddress()) ? $user->getEMailAddress() : '';

diff --git a/apps/settings/tests/Mailer/NewUserMailHelperTest.php b/apps/settings/tests/Mailer/NewUserMailHelperTest.php
@@ -129,11 +129,7 @@ public function testGenerateTemplateWithPasswordResetToken() {
 		$this->secureRandom
 			->expects($this->once())
 			->method('generate')
-			->with(21,
-				ISecureRandom::CHAR_DIGITS .
-				ISecureRandom::CHAR_LOWER .
-				ISecureRandom::CHAR_UPPER
-			)
+			->with(21, ISecureRandom::CHAR_ALPHANUMERIC)
 			->willReturn('MySuperLongSecureRandomToken');
 		$this->timeFactory
 			->expects($this->once())

diff --git a/apps/sharebymail/lib/ShareByMailProvider.php b/apps/sharebymail/lib/ShareByMailProvider.php
@@ -224,7 +224,7 @@ protected function autoGeneratePassword($share) {
 
 		$password = $passwordEvent->getPassword();
 		if ($password === null) {
-			$password = $this->secureRandom->generate(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS);
+			$password = $this->secureRandom->generate(8, ISecureRandom::CHAR_HUMAN_READABLE);
 		}
 
 		return $password;

diff --git a/apps/sharebymail/tests/ShareByMailProviderTest.php b/apps/sharebymail/tests/ShareByMailProviderTest.php
@@ -301,7 +301,7 @@ public function testCreateSendPasswordByMailWithEnforcedPasswordProtection() {
 
 		$this->secureRandom->expects($this->once())
 			->method('generate')
-			->with(8, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS)
+			->with(8, ISecureRandom::CHAR_HUMAN_READABLE)
 			->willReturn('autogeneratedPassword');
 		$this->eventDispatcher->expects($this->once())
 			->method('dispatchTyped')

diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php
@@ -575,7 +575,7 @@ public function getId(): string {
 		}
 
 		if (empty($this->requestId)) {
-			$validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS;
+			$validChars = ISecureRandom::CHAR_ALPHANUMERIC;
 			$this->requestId = $this->secureRandom->generate(20, $validChars);
 		}
 

diff --git a/lib/private/Cache/File.php b/lib/private/Cache/File.php
@@ -108,7 +108,7 @@ public function set($key, $value, $ttl = 0) {
 		// unique id to avoid chunk collision, just in case
 		$uniqueId = \OC::$server->getSecureRandom()->generate(
 			16,
-			ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER
+			ISecureRandom::CHAR_ALPHANUMERIC
 		);
 
 		// use part file to prevent hasKey() to find the key

diff --git a/lib/private/Setup/MySQL.php b/lib/private/Setup/MySQL.php
@@ -162,7 +162,7 @@ private function createSpecificUser($username, $connection) {
 						$this->dbUser = $adminUser;
 
 						//create a random password so we don't need to store the admin password in the config file
-						$this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER);
+						$this->dbPassword = $this->random->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);
 
 						$this->createDBUser($connection);
 

diff --git a/lib/private/Setup/PostgreSQL.php b/lib/private/Setup/PostgreSQL.php
@@ -31,6 +31,7 @@
 use OC\DatabaseException;
 use OC\DB\Connection;
 use OC\DB\QueryBuilder\Literal;
+use OCP\Security\ISecureRandom;
 
 class PostgreSQL extends AbstractDatabase {
 	public $dbprettyname = 'PostgreSQL';
@@ -66,7 +67,7 @@ public function setupDatabase($username) {
 				//add prefix to the postgresql user name to prevent collisions
 				$this->dbUser = 'oc_' . strtolower($username);
 				//create a new password so we don't need to store the admin config in the config file
-				$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_DIGITS);
+				$this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC);
 
 				$this->createDBUser($connection);
 			}

diff --git a/lib/public/Security/ISecureRandom.php b/lib/public/Security/ISecureRandom.php
@@ -47,6 +47,7 @@ interface ISecureRandom {
 	public const CHAR_LOWER = 'abcdefghijklmnopqrstuvwxyz';
 	public const CHAR_DIGITS = '0123456789';
 	public const CHAR_SYMBOLS = '!\"#$%&\\\'()*+,-./:;<=>?@[\]^_`{|}~';
+	public const CHAR_ALPHANUMERIC = self::CHAR_UPPER . self::CHAR_LOWER . self::CHAR_DIGITS;
 
 	/**
 	 * Characters that can be used for <code>generate($length, $characters)</code>, to