From b5321041823a031d5fe0a43804cc86cdcd1d4ed5 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Thu, 12 May 2022 12:37:15 +0200 Subject: [PATCH 1/3] Fix password generation Signed-off-by: Vincent Petry --- lib/Generator.php | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/lib/Generator.php b/lib/Generator.php index 1328054a..60aa54fc 100644 --- a/lib/Generator.php +++ b/lib/Generator.php @@ -52,7 +52,12 @@ public function __construct(PasswordPolicyConfig $config, * @throws HintException */ public function generate(): string { - $lenght = $this->config->getMinLength(); + $minLength = $this->config->getMinLength(); + if ($minLength < 8) { + // 8 minimum so we don't generate too short passwords + $minLength = 8; + } + $lenght = $minLength; $password = ''; $chars = ''; @@ -86,6 +91,12 @@ public function generate(): string { try { $this->validator->validate($password); + + if ($password === null || $password === '') { + // something went wrong + break; + } + $found = true; break; } catch (HintException $e) { @@ -93,7 +104,7 @@ public function generate(): string { * Invalid so lets go for another round * Reset the length so we don't run below zero */ - $lenght = $this->config->getMinLength(); + $lenght = $minLength; } } From 2ab7d2d21a0b8347b6394a5b8b93d57779459ae4 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Thu, 12 May 2022 13:46:37 +0200 Subject: [PATCH 2/3] Fix old typo in length Signed-off-by: Vincent Petry --- lib/Generator.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/Generator.php b/lib/Generator.php index 60aa54fc..062f0f9c 100644 --- a/lib/Generator.php +++ b/lib/Generator.php @@ -57,7 +57,7 @@ public function generate(): string { // 8 minimum so we don't generate too short passwords $minLength = 8; } - $lenght = $minLength; + $length = $minLength; $password = ''; $chars = ''; @@ -67,19 +67,19 @@ public function generate(): string { if ($this->config->getEnforceUpperLowerCase()) { $password .= $this->random->generate(1, ISecureRandom::CHAR_UPPER); $password .= $this->random->generate(1, ISecureRandom::CHAR_LOWER); - $lenght -= 2; + $length -= 2; $chars .= ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER; } if ($this->config->getEnforceNumericCharacters()) { $password .= $this->random->generate(1, ISecureRandom::CHAR_DIGITS); - $lenght -= 1; + $length -= 1; $chars .= ISecureRandom::CHAR_DIGITS; } if ($this->config->getEnforceSpecialCharacters()) { $password .= $this->random->generate(1, ISecureRandom::CHAR_SYMBOLS); - $lenght -= 1; + $length -= 1; $chars .= ISecureRandom::CHAR_SYMBOLS; } @@ -87,7 +87,7 @@ public function generate(): string { $chars = ISecureRandom::CHAR_HUMAN_READABLE; } - $password .= $chars = $this->random->generate($lenght, $chars); + $password .= $chars = $this->random->generate($length, $chars); try { $this->validator->validate($password); @@ -104,7 +104,7 @@ public function generate(): string { * Invalid so lets go for another round * Reset the length so we don't run below zero */ - $lenght = $minLength; + $length = $minLength; } } From c308ff033546b7d269eafca5918836f35a3fd8f7 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Thu, 12 May 2022 13:47:40 +0200 Subject: [PATCH 3/3] Use max() function for more compact code! Signed-off-by: Vincent Petry --- lib/Generator.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/lib/Generator.php b/lib/Generator.php index 062f0f9c..ca9ea63f 100644 --- a/lib/Generator.php +++ b/lib/Generator.php @@ -52,11 +52,7 @@ public function __construct(PasswordPolicyConfig $config, * @throws HintException */ public function generate(): string { - $minLength = $this->config->getMinLength(); - if ($minLength < 8) { - // 8 minimum so we don't generate too short passwords - $minLength = 8; - } + $minLength = max($this->config->getMinLength(), 8); $length = $minLength; $password = '';