From 677953067f2bb5502a70f0d004f1ac844b18a128 Mon Sep 17 00:00:00 2001
From: emkael <emkael@tlen.pl>
Date: Mon, 16 Jan 2017 22:04:43 +0100
Subject:  * Facebook support

---
 .../McryptPseudoRandomStringGenerator.php          | 68 +++++++++++++++++
 .../OpenSslPseudoRandomStringGenerator.php         | 67 ++++++++++++++++
 .../PseudoRandomStringGeneratorInterface.php       | 45 +++++++++++
 .../PseudoRandomStringGeneratorTrait.php           | 58 ++++++++++++++
 .../UrandomPseudoRandomStringGenerator.php         | 89 ++++++++++++++++++++++
 5 files changed, 327 insertions(+)
 create mode 100644 lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/McryptPseudoRandomStringGenerator.php
 create mode 100644 lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/OpenSslPseudoRandomStringGenerator.php
 create mode 100644 lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/PseudoRandomStringGeneratorInterface.php
 create mode 100644 lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/PseudoRandomStringGeneratorTrait.php
 create mode 100644 lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/UrandomPseudoRandomStringGenerator.php

(limited to 'lib/facebook-graph-sdk/src/Facebook/PseudoRandomString')

diff --git a/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/McryptPseudoRandomStringGenerator.php b/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/McryptPseudoRandomStringGenerator.php
new file mode 100644
index 0000000..63c271f
--- /dev/null
+++ b/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/McryptPseudoRandomStringGenerator.php
@@ -0,0 +1,68 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\PseudoRandomString;
+
+use Facebook\Exceptions\FacebookSDKException;
+
+class McryptPseudoRandomStringGenerator implements PseudoRandomStringGeneratorInterface
+{
+    use PseudoRandomStringGeneratorTrait;
+
+    /**
+     * @const string The error message when generating the string fails.
+     */
+    const ERROR_MESSAGE = 'Unable to generate a cryptographically secure pseudo-random string from mcrypt_create_iv(). ';
+
+    /**
+     * @throws FacebookSDKException
+     */
+    public function __construct()
+    {
+        if (!function_exists('mcrypt_create_iv')) {
+            throw new FacebookSDKException(
+                static::ERROR_MESSAGE .
+                'The function mcrypt_create_iv() does not exist.'
+            );
+        }
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getPseudoRandomString($length)
+    {
+        $this->validateLength($length);
+
+        $binaryString = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
+
+        if ($binaryString === false) {
+            throw new FacebookSDKException(
+                static::ERROR_MESSAGE .
+                'mcrypt_create_iv() returned an error.'
+            );
+        }
+
+        return $this->binToHex($binaryString, $length);
+    }
+}
diff --git a/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/OpenSslPseudoRandomStringGenerator.php b/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/OpenSslPseudoRandomStringGenerator.php
new file mode 100644
index 0000000..f4ea6b8
--- /dev/null
+++ b/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/OpenSslPseudoRandomStringGenerator.php
@@ -0,0 +1,67 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\PseudoRandomString;
+
+use Facebook\Exceptions\FacebookSDKException;
+
+class OpenSslPseudoRandomStringGenerator implements PseudoRandomStringGeneratorInterface
+{
+    use PseudoRandomStringGeneratorTrait;
+
+    /**
+     * @const string The error message when generating the string fails.
+     */
+    const ERROR_MESSAGE = 'Unable to generate a cryptographically secure pseudo-random string from openssl_random_pseudo_bytes().';
+
+    /**
+     * @throws FacebookSDKException
+     */
+    public function __construct()
+    {
+        if (!function_exists('openssl_random_pseudo_bytes')) {
+            throw new FacebookSDKException(static::ERROR_MESSAGE . 'The function openssl_random_pseudo_bytes() does not exist.');
+        }
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getPseudoRandomString($length)
+    {
+        $this->validateLength($length);
+
+        $wasCryptographicallyStrong = false;
+        $binaryString = openssl_random_pseudo_bytes($length, $wasCryptographicallyStrong);
+
+        if ($binaryString === false) {
+            throw new FacebookSDKException(static::ERROR_MESSAGE . 'openssl_random_pseudo_bytes() returned an unknown error.');
+        }
+
+        if ($wasCryptographicallyStrong !== true) {
+            throw new FacebookSDKException(static::ERROR_MESSAGE . 'openssl_random_pseudo_bytes() returned a pseudo-random string but it was not cryptographically secure and cannot be used.');
+        }
+
+        return $this->binToHex($binaryString, $length);
+    }
+}
diff --git a/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/PseudoRandomStringGeneratorInterface.php b/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/PseudoRandomStringGeneratorInterface.php
new file mode 100644
index 0000000..970330c
--- /dev/null
+++ b/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/PseudoRandomStringGeneratorInterface.php
@@ -0,0 +1,45 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\PseudoRandomString;
+
+/**
+ * Interface
+ *
+ * @package Facebook
+ */
+interface PseudoRandomStringGeneratorInterface
+{
+    /**
+     * Get a cryptographically secure pseudo-random string of arbitrary length.
+     *
+     * @see http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/
+     *
+     * @param int $length The length of the string to return.
+     *
+     * @return string
+     *
+     * @throws \Facebook\Exceptions\FacebookSDKException|\InvalidArgumentException
+     */
+    public function getPseudoRandomString($length);
+}
diff --git a/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/PseudoRandomStringGeneratorTrait.php b/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/PseudoRandomStringGeneratorTrait.php
new file mode 100644
index 0000000..a41ce59
--- /dev/null
+++ b/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/PseudoRandomStringGeneratorTrait.php
@@ -0,0 +1,58 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\PseudoRandomString;
+
+trait PseudoRandomStringGeneratorTrait
+{
+    /**
+     * Validates the length argument of a random string.
+     *
+     * @param int $length The length to validate.
+     *
+     * @throws \InvalidArgumentException
+     */
+    public function validateLength($length)
+    {
+        if (!is_int($length)) {
+            throw new \InvalidArgumentException('getPseudoRandomString() expects an integer for the string length');
+        }
+
+        if ($length < 1) {
+            throw new \InvalidArgumentException('getPseudoRandomString() expects a length greater than 1');
+        }
+    }
+
+    /**
+     * Converts binary data to hexadecimal of arbitrary length.
+     *
+     * @param string $binaryData The binary data to convert to hex.
+     * @param int    $length     The length of the string to return.
+     *
+     * @return string
+     */
+    public function binToHex($binaryData, $length)
+    {
+        return mb_substr(bin2hex($binaryData), 0, $length);
+    }
+}
diff --git a/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/UrandomPseudoRandomStringGenerator.php b/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/UrandomPseudoRandomStringGenerator.php
new file mode 100644
index 0000000..0f9cacd
--- /dev/null
+++ b/lib/facebook-graph-sdk/src/Facebook/PseudoRandomString/UrandomPseudoRandomStringGenerator.php
@@ -0,0 +1,89 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\PseudoRandomString;
+
+use Facebook\Exceptions\FacebookSDKException;
+
+class UrandomPseudoRandomStringGenerator implements PseudoRandomStringGeneratorInterface
+{
+
+    use PseudoRandomStringGeneratorTrait;
+
+    /**
+     * @const string The error message when generating the string fails.
+     */
+    const ERROR_MESSAGE = 'Unable to generate a cryptographically secure pseudo-random string from /dev/urandom. ';
+
+    /**
+     * @throws FacebookSDKException
+     */
+    public function __construct()
+    {
+        if (ini_get('open_basedir')) {
+            throw new FacebookSDKException(
+                static::ERROR_MESSAGE .
+                'There is an open_basedir constraint that prevents access to /dev/urandom.'
+            );
+        }
+
+        if (!is_readable('/dev/urandom')) {
+            throw new FacebookSDKException(
+                static::ERROR_MESSAGE .
+                'Unable to read from /dev/urandom.'
+            );
+        }
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getPseudoRandomString($length)
+    {
+        $this->validateLength($length);
+
+        $stream = fopen('/dev/urandom', 'rb');
+        if (!is_resource($stream)) {
+            throw new FacebookSDKException(
+                static::ERROR_MESSAGE .
+                'Unable to open stream to /dev/urandom.'
+            );
+        }
+
+        if (!defined('HHVM_VERSION')) {
+            stream_set_read_buffer($stream, 0);
+        }
+
+        $binaryString = fread($stream, $length);
+        fclose($stream);
+
+        if (!$binaryString) {
+            throw new FacebookSDKException(
+                static::ERROR_MESSAGE .
+                'Stream to /dev/urandom returned no data.'
+            );
+        }
+
+        return $this->binToHex($binaryString, $length);
+    }
+}
-- 
cgit v1.2.3