/** * Redirects to the Neos backend on the given site, passing a one-time login token * * @param Site $site * @return void */ public function switchSiteAction($site) { $token = Algorithms::generateRandomToken(32); $this->loginTokenCache->set($token, $this->currentSession->getId()); $siteUri = $this->linkingService->createSiteUri($this->controllerContext, $site); $loginUri = $this->controllerContext->getUriBuilder()->reset()->uriFor('tokenLogin', ['token' => $token], 'Login', 'TYPO3.Neos'); $this->redirectToUri($siteUri . $loginUri); }
/** * Fetch the token or generate a new random token * * @return string */ public function getToken() { $token = $this->cache->get($this->tokenName); if ($token === FALSE) { $token = Algorithms::generateRandomToken(20); $this->storeToken($token); } return $token; }
/** * Redirects to the Neos backend on the given hostname, passing a one-time login token * * @param string $hostname * @return void */ public function switchSiteAction($hostname) { $token = Algorithms::generateRandomToken(32); $this->loginTokenCache->set($token, $this->currentSession->getId()); $requestUri = $this->controllerContext->getRequest()->getHttpRequest()->getUri(); $baseUri = $this->controllerContext->getRequest()->getHttpRequest()->getBaseUri(); $uri = $this->controllerContext->getUriBuilder()->reset()->uriFor('tokenLogin', ['token' => $token], 'Login', 'TYPO3.Neos'); $uri = sprintf('%s://%s%s%s', $requestUri->getScheme(), $hostname, rtrim($baseUri->getPath(), '/'), $uri); $this->redirectToUri($uri); }
/** * Returns the current CSRF protection token. A new one is created when needed, depending on the configured CSRF * protection strategy. * * @return string * @Flow\Session(autoStart=true) */ public function getCsrfProtectionToken() { if ($this->initialized === false) { $this->initialize(); } if (count($this->csrfProtectionTokens) === 1 && $this->csrfProtectionStrategy !== self::CSRF_ONE_PER_URI) { reset($this->csrfProtectionTokens); return key($this->csrfProtectionTokens); } $newToken = Algorithms::generateRandomToken(16); $this->csrfProtectionTokens[$newToken] = true; return $newToken; }
/** * @test */ public function generateRandomTokenGeneratesRandomToken() { $this->assertRegExp('/^[[:xdigit:]]{64}$/', Algorithms::generateRandomToken(32)); }
/** * Returns the encryption key from the persistent cache or Data/Persistent directory. If none exists, a new * encryption key will be generated and stored in the cache. * * @return string The configured encryption key stored in Data/Persistent/EncryptionKey */ protected function getEncryptionKey() { if ($this->encryptionKey === null) { $this->encryptionKey = $this->cache->get('encryptionKey'); } if ($this->encryptionKey === false && file_exists(FLOW_PATH_DATA . 'Persistent/EncryptionKey')) { $this->encryptionKey = file_get_contents(FLOW_PATH_DATA . 'Persistent/EncryptionKey'); } if ($this->encryptionKey === false) { $this->encryptionKey = UtilityAlgorithms::generateRandomToken(48); $this->cache->set('encryptionKey', $this->encryptionKey); } return $this->encryptionKey; }