/**
* {@inheritdoc}
*/
public function generate()
{
// Obtain a random string of 32 hex characters.
$hex = bin2hex(Crypt::randomBytes(16));
// The variable names $time_low, $time_mid, $time_hi_and_version,
// $clock_seq_hi_and_reserved, $clock_seq_low, and $node correlate to
// the fields defined in RFC 4122 section 4.1.2.
//
// Use characters 0-11 to generate 32-bit $time_low and 16-bit $time_mid.
$time_low = substr($hex, 0, 8);
$time_mid = substr($hex, 8, 4);
// Use characters 12-15 to generate 16-bit $time_hi_and_version.
// The 4 most significant bits are the version number (0100 == 0x4).
// We simply skip character 12 from $hex, and concatenate the strings.
$time_hi_and_version = '4' . substr($hex, 13, 3);
// Use characters 16-17 to generate 8-bit $clock_seq_hi_and_reserved.
// The 2 most significant bits are set to one and zero respectively.
$clock_seq_hi_and_reserved = base_convert(substr($hex, 16, 2), 16, 10);
$clock_seq_hi_and_reserved &= 0b111111;
$clock_seq_hi_and_reserved |= 0b10000000;
// Use characters 18-19 to generate 8-bit $clock_seq_low.
$clock_seq_low = substr($hex, 18, 2);
// Use characters 20-31 to generate 48-bit $node.
$node = substr($hex, 20);
// Re-combine as a UUID. $clock_seq_hi_and_reserved is still an integer.
$uuid = sprintf('%s-%s-%s-%02x%s-%s', $time_low, $time_mid, $time_hi_and_version, $clock_seq_hi_and_reserved, $clock_seq_low, $node);
return $uuid;
}
/**
* Tests \Drupal\Component\Utility\Crypt::randomBytes().
*/
public function testRandomBytes()
{
for ($i = 1; $i < 10; $i++) {
$count = rand(10, 10000);
// Check that different values are being generated.
$this->assertNotEquals(Crypt::randomBytes($count), Crypt::randomBytes($count));
// Check the length.
$this->assertEquals(strlen(Crypt::randomBytes($count)), $count);
}
}
/**
* {@inheritdoc}
*/
public function form(array $form, FormStateInterface $form_state)
{
$form = parent::form($form, $form_state);
$api_key = $this->entity;
$hex = isset($api_key->key) ? $api_key->key : substr(hash('sha256', Crypt::randomBytes(16)), 0, 32);
$form['label'] = array('#type' => 'textfield', '#title' => $this->t('Machine Name'), '#maxlength' => 255, '#default_value' => $api_key->label(), '#description' => $this->t("Machine Name for the API Key."), '#required' => TRUE);
$form['key'] = array('#type' => 'textfield', '#title' => $this->t('API Key'), '#maxlength' => 42, '#default_value' => $hex, '#description' => $this->t("The generated API Key for an user."), '#required' => TRUE);
$form['user_uuid'] = array('#type' => 'select', '#multiple' => FALSE, '#options' => self::get_user(), '#description' => $this->t("Please select the User who gets authenticated with that API Key."), '#default_value' => $api_key->user_uuid);
$form['id'] = array('#type' => 'machine_name', '#default_value' => $api_key->id(), '#machine_name' => array('exists' => '\\Drupal\\api_key_auth\\Entity\\ApiKey::load'), '#disabled' => !$api_key->isNew());
/* You will need additional form elements for your custom properties. */
return $form;
}
/**
* {@inheritdoc}
*/
public function generate()
{
$hex = substr(hash('sha256', Crypt::randomBytes(16)), 0, 32);
// The field names refer to RFC 4122 section 4.1.2.
$time_low = substr($hex, 0, 8);
$time_mid = substr($hex, 8, 4);
$time_hi_and_version = base_convert(substr($hex, 12, 4), 16, 10);
$time_hi_and_version &= 0xfff;
$time_hi_and_version |= 4 << 12;
$clock_seq_hi_and_reserved = base_convert(substr($hex, 16, 4), 16, 10);
$clock_seq_hi_and_reserved &= 0x3f;
$clock_seq_hi_and_reserved |= 0x80;
$clock_seq_low = substr($hex, 20, 2);
$nodes = substr($hex, 20);
$uuid = sprintf('%s-%s-%04x-%02x%02x-%s', $time_low, $time_mid, $time_hi_and_version, $clock_seq_hi_and_reserved, $clock_seq_low, $nodes);
return $uuid;
}
/**
* #pre_render callback to generate a placeholder.
*
* Ensures the same token is used for all instances, hence resulting in the
* same placeholder for all places rendering the status messages for this
* request (e.g. in multiple blocks). This ensures we can put the rendered
* messages in all placeholders in one go.
* Also ensures the same context key is used for the #post_render_cache
* property, this ensures that if status messages are rendered multiple times,
* their individual (but identical!) #post_render_cache properties are merged,
* ensuring the callback is only invoked once.
*
* @see ::renderMessages()
* @param array $element
* A renderable array.
*
* @return array
* The updated renderable array containing the placeholder.
*/
public static function generatePlaceholder(array $element)
{
$plugin_id = 'status_messages';
$callback = get_class() . '::renderMessages';
try {
$hash_salt = Settings::getHashSalt();
} catch (\RuntimeException $e) {
// Status messages are also shown during the installer, at which time no
// hash salt is defined yet.
$hash_salt = Crypt::randomBytes(8);
}
$key = $plugin_id . $element['#display'];
$context = ['display' => $element['#display'], 'token' => Crypt::hmacBase64($key, $hash_salt)];
$placeholder = static::renderer()->generateCachePlaceholder($callback, $context);
$element['#post_render_cache'] = [$callback => [$key => $context]];
$element['#markup'] = $placeholder;
return $element;
}
/**
* {@inheritdoc}
*/
public function boot()
{
if ($this->booted) {
return $this;
}
// Start a page timer:
Timer::start('page');
// Ensure that findSitePath is set.
if (!$this->sitePath) {
throw new \Exception('Kernel does not have site path set before calling boot()');
}
// Initialize the container.
$this->initializeContainer();
// Ensure mt_rand() is reseeded to prevent random values from one page load
// being exploited to predict random values in subsequent page loads.
$seed = unpack("L", Crypt::randomBytes(4));
mt_srand($seed[1]);
$this->booted = TRUE;
return $this;
}
/**
* {@inheritdoc}
*/
public function boot()
{
if ($this->booted) {
return $this;
}
// Ensure that findSitePath is set.
if (!$this->sitePath) {
throw new \Exception('Kernel does not have site path set before calling boot()');
}
// Initialize the FileCacheFactory component. We have to do it here instead
// of in \Drupal\Component\FileCache\FileCacheFactory because we can not use
// the Settings object in a component.
$configuration = Settings::get('file_cache');
// Provide a default configuration, if not set.
if (!isset($configuration['default'])) {
$configuration['default'] = ['class' => '\\Drupal\\Component\\FileCache\\FileCache', 'cache_backend_class' => NULL, 'cache_backend_configuration' => []];
// @todo Use extension_loaded('apcu') for non-testbot
// https://www.drupal.org/node/2447753.
if (function_exists('apc_fetch')) {
$configuration['default']['cache_backend_class'] = '\\Drupal\\Component\\FileCache\\ApcuFileCacheBackend';
}
}
FileCacheFactory::setConfiguration($configuration);
FileCacheFactory::setPrefix(Settings::getApcuPrefix('file_cache', $this->root));
$this->bootstrapContainer = new $this->bootstrapContainerClass(Settings::get('bootstrap_container_definition', $this->defaultBootstrapContainerDefinition));
// Initialize the container.
$this->initializeContainer();
// Ensure mt_rand() is reseeded to prevent random values from one page load
// being exploited to predict random values in subsequent page loads.
$seed = unpack("L", Crypt::randomBytes(4));
mt_srand($seed[1]);
$this->booted = TRUE;
return $this;
}
/**
* Generates a random base 64-encoded salt prefixed with settings for the hash.
*
* Proper use of salts may defeat a number of attacks, including:
* - The ability to try candidate passwords against multiple hashes at once.
* - The ability to use pre-hashed lists of candidate passwords.
* - The ability to determine whether two users have the same (or different)
* password without actually having to guess one of the passwords.
*
* @return String
* A 12 character string containing the iteration count and a random salt.
*/
protected function generateSalt()
{
$output = '$S$';
// We encode the final log2 iteration count in base 64.
$output .= static::$ITOA64[$this->countLog2];
// 6 bytes is the standard salt for a portable phpass hash.
$output .= $this->base64Encode(Crypt::randomBytes(6), 6);
return $output;
}
/**
* Get a random base 64 encoded string.
*
* @return string
*/
protected function getNonce()
{
return Crypt::hashBase64(uniqid(mt_rand(), TRUE) . Crypt::randomBytes(55));
}
/**
* {@inheritdoc}
*/
public function boot()
{
if ($this->booted) {
return $this;
}
// Start a page timer:
Timer::start('page');
// Load legacy and other functional code.
require_once DRUPAL_ROOT . '/core/includes/common.inc';
require_once DRUPAL_ROOT . '/core/includes/database.inc';
require_once DRUPAL_ROOT . '/core/includes/path.inc';
require_once DRUPAL_ROOT . '/core/includes/module.inc';
require_once DRUPAL_ROOT . '/core/includes/theme.inc';
require_once DRUPAL_ROOT . '/core/includes/pager.inc';
require_once DRUPAL_ROOT . '/core/includes/menu.inc';
require_once DRUPAL_ROOT . '/core/includes/tablesort.inc';
require_once DRUPAL_ROOT . '/core/includes/file.inc';
require_once DRUPAL_ROOT . '/core/includes/unicode.inc';
require_once DRUPAL_ROOT . '/core/includes/form.inc';
require_once DRUPAL_ROOT . '/core/includes/mail.inc';
require_once DRUPAL_ROOT . '/core/includes/errors.inc';
require_once DRUPAL_ROOT . '/core/includes/schema.inc';
require_once DRUPAL_ROOT . '/core/includes/entity.inc';
// Ensure that findSitePath is set.
if (!$this->sitePath) {
throw new \Exception('Kernel does not have site path set before calling boot()');
}
// Initialize the container.
$this->initializeContainer();
// Ensure mt_rand() is reseeded to prevent random values from one page load
// being exploited to predict random values in subsequent page loads.
$seed = unpack("L", Crypt::randomBytes(4));
mt_srand($seed[1]);
$this->container->get('stream_wrapper_manager')->register();
$this->booted = TRUE;
return $this;
}
