Gets the random string used to salt generated nonces
| public getNonceSalt ( ) : string | ||
| return | string | |
public function testLoadsFullJsonConfig()
{
$obj = new SqrlConfiguration();
$obj->load(__DIR__ . '/Resources/allOptional.json');
$this->assertEquals(array(1), $obj->getAcceptedVersions());
$this->assertEquals('otherdomain.com', $obj->getDomain());
$this->assertEquals('sqrl.php', $obj->getAuthenticationPath());
$this->assertEquals('My Example Server', $obj->getFriendlyName());
$this->assertTrue($obj->getSecure());
$this->assertTrue($obj->getAnonAllowed());
$this->assertEquals(9, $obj->getNonceMaxAge());
$this->assertEquals(250, $obj->getQrHeight());
$this->assertEquals(5, $obj->getQrPadding());
$this->assertEquals('gibberish data', $obj->getNonceSalt());
}
/**
* Generates a random, one time use key to be used in the sqrl validation
*
* The implementation of this may get more complicated depending on the
* requirements detailed in any reference implementation. Users wanting to
* make this library more (or less) secure should override this function
* to strengthen (or weaken) the randomness of the generation.
*
* @param int $action [Optional] The type of action this nonce is being generated for
* @param string $key [Optional] The public key associated with the nonce
* @param string $previousNonce [Optional] The previous nonce in the transaction that should be associated to this nonce
*
* @return string
*/
protected function generateNonce($action = 0, $key = '', $previousNonce = '')
{
$this->nonce = hash_hmac('sha256', uniqid('', true), $this->configuration->getNonceSalt());
$this->store->storeNonce($this->nonce, $action, $key, $previousNonce);
return $this->nonce;
}