diff options
| author | Julien Veyssier <eneiluj@posteo.net> | 2020-12-17 21:45:58 +0300 |
|---|---|---|
| committer | Julien Veyssier <eneiluj@posteo.net> | 2020-12-17 22:14:13 +0300 |
| commit | c542b38d5ae2f081a3787cb9ac66772d720f4e15 (patch) | |
| tree | 3c19bdface466f1cf0dab57f0c996c3964a15d32 /lib | |
| parent | 59aeb822e1526591518478b6e427ad167298fd70 (diff) | |
refs #4549 put uppercase letters in bridge bot password
Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/MatterbridgeManager.php | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/lib/MatterbridgeManager.php b/lib/MatterbridgeManager.php index 555b164dc..89f253bca 100644 --- a/lib/MatterbridgeManager.php +++ b/lib/MatterbridgeManager.php @@ -288,7 +288,7 @@ class MatterbridgeManager { $botUserId = 'bridge-bot'; // check if user exists and create it if necessary if (!$this->userManager->userExists($botUserId)) { - $pass = md5((string)mt_rand()); + $pass = $this->generatePassword(); $this->config->setAppValue('spreed', 'bridge_bot_password', $pass); $botUser = $this->userManager->createUser($botUserId, $pass); // set avatar @@ -326,7 +326,7 @@ class MatterbridgeManager { if ($isBridgeEnabled) { // generate app token for the bot - $appToken = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS); + $appToken = $this->generatePassword(); $botPassword = $this->config->getAppValue('spreed', 'bridge_bot_password', ''); $generatedToken = $this->tokenProvider->generateToken( $appToken, @@ -347,6 +347,23 @@ class MatterbridgeManager { ]; } + private function generatePassword(): string { + // remove \ because it messes with Matterbridge toml file parsing + $symbols = str_replace('\\', '', ISecureRandom::CHAR_SYMBOLS); + + // make sure we have at least one of all categories + $upper = $this->random->generate(1, ISecureRandom::CHAR_UPPER); + $lower = $this->random->generate(1, ISecureRandom::CHAR_LOWER); + $digit = $this->random->generate(1, ISecureRandom::CHAR_DIGITS); + $symbol = $this->random->generate(1, $symbols); + + $randomString = $this->random->generate(68, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS . $symbols); + + $password = $upper . $lower . $digit . $symbol . $randomString; + $password = str_shuffle($password); + return $password; + } + /** * Actually generate the matterbridge configuration file content for one bridge (one room) * It basically add a pair of sections for each part: authentication and target channel |