From 7fe7f893df83f5b05d2bc1cb7a58cd5cbe331a1f Mon Sep 17 00:00:00 2001 From: Philipp Date: Fri, 10 Dec 2021 23:29:14 +0100 Subject: [PATCH 1/5] Bump pragmarx/recovery to 0.2.1 --- composer.json | 2 +- composer.lock | 80 +++++---------------------------------------------- 2 files changed, 8 insertions(+), 74 deletions(-) diff --git a/composer.json b/composer.json index ac2a15cfe..d4433b9b7 100644 --- a/composer.json +++ b/composer.json @@ -48,7 +48,7 @@ "pear/console_table": "^1.3", "phpseclib/phpseclib": "^2.0", "pragmarx/google2fa": "^5.0", - "pragmarx/recovery": "^0.1.0", + "pragmarx/recovery": "^0.2", "psr/container": "^1.0", "seld/cli-prompt": "^1.0", "smarty/smarty": "^3.1", diff --git a/composer.lock b/composer.lock index 796938639..cbe26a08f 100644 --- a/composer.lock +++ b/composer.lock @@ -3158,26 +3158,26 @@ }, { "name": "pragmarx/recovery", - "version": "v0.1.0", + "version": "v0.2.1", "source": { "type": "git", "url": "https://github.com/antonioribeiro/recovery.git", - "reference": "e16573a1ae5345cc3b100eec6d0296a1a15a90fe" + "reference": "b5ce4082f059afac6761714a84497816f45271cc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/antonioribeiro/recovery/zipball/e16573a1ae5345cc3b100eec6d0296a1a15a90fe", - "reference": "e16573a1ae5345cc3b100eec6d0296a1a15a90fe", + "url": "https://api.github.com/repos/antonioribeiro/recovery/zipball/b5ce4082f059afac6761714a84497816f45271cc", + "reference": "b5ce4082f059afac6761714a84497816f45271cc", "shasum": "" }, "require": { - "php": "~7.0", + "php": ">=7.0", "pragmarx/random": "~0.1" }, "require-dev": { "phpunit/phpunit": ">=5.4.3", "squizlabs/php_codesniffer": "^2.3", - "tightenco/collect": "^5" + "tightenco/collect": "^5.0" }, "suggest": { "tightenco/collect": "Allows to generate recovery codes as collections" @@ -3218,7 +3218,7 @@ "recovery codes", "two factor auth" ], - "time": "2017-09-19T16:58:00+00:00" + "time": "2021-08-15T12:26:51+00:00" }, { "name": "psr/cache", @@ -5209,12 +5209,6 @@ "testing", "xunit" ], - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2021-12-05T09:12:13+00:00" }, { @@ -5265,12 +5259,6 @@ "filesystem", "iterator" ], - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2021-12-02T12:48:52+00:00" }, { @@ -5379,12 +5367,6 @@ "keywords": [ "template" ], - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2020-10-26T05:33:50+00:00" }, { @@ -5688,12 +5670,6 @@ ], "description": "Looks up which function or method a line of code belongs to", "homepage": "https://github.com/sebastianbergmann/code-unit-reverse-lookup/", - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2020-09-28T05:30:19+00:00" }, { @@ -5758,12 +5734,6 @@ "compare", "equality" ], - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2020-10-26T15:49:45+00:00" }, { @@ -5873,12 +5843,6 @@ "unidiff", "unified diff" ], - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2020-10-26T13:10:38+00:00" }, { @@ -5932,12 +5896,6 @@ "environment", "hhvm" ], - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2020-09-28T05:52:38+00:00" }, { @@ -6171,12 +6129,6 @@ ], "description": "Traverses array structures and object graphs to enumerate all referenced objects", "homepage": "https://github.com/sebastianbergmann/object-enumerator/", - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2020-10-26T13:12:34+00:00" }, { @@ -6222,12 +6174,6 @@ ], "description": "Allows reflection of object attributes, including inherited and non-public ones", "homepage": "https://github.com/sebastianbergmann/object-reflector/", - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2020-10-26T13:14:26+00:00" }, { @@ -6281,12 +6227,6 @@ ], "description": "Provides functionality to recursively process PHP variables", "homepage": "http://www.github.com/sebastianbergmann/recursion-context", - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2020-10-26T13:17:30+00:00" }, { @@ -6384,12 +6324,6 @@ ], "description": "Collection of value objects that represent the types of the PHP type system", "homepage": "https://github.com/sebastianbergmann/type", - "funding": [ - { - "url": "https://github.com/sebastianbergmann", - "type": "github" - } - ], "time": "2021-06-15T12:49:02+00:00" }, { From 95fbe45bccd2e0d47d7fa7639654b0d625c206ce Mon Sep 17 00:00:00 2001 From: Philipp Date: Fri, 10 Dec 2021 23:42:30 +0100 Subject: [PATCH 2/5] Bump bacon/bacon-qr-code to 2.0.4 --- composer.json | 2 +- composer.lock | 68 ++++++++++++++++++++---- src/Module/Settings/TwoFactor/Verify.php | 7 +-- 3 files changed, 62 insertions(+), 15 deletions(-) diff --git a/composer.json b/composer.json index d4433b9b7..c2cfa61b2 100644 --- a/composer.json +++ b/composer.json @@ -27,7 +27,7 @@ "ext-simplexml": "*", "ext-xml": "*", "asika/simple-console": "^1.0", - "bacon/bacon-qr-code": "^1.0", + "bacon/bacon-qr-code": "^2.0.0", "divineomega/password_exposed": "^2.8", "ezyang/htmlpurifier": "^4.7", "friendica/json-ld": "^1.0", diff --git a/composer.lock b/composer.lock index cbe26a08f..70658b5f6 100644 --- a/composer.lock +++ b/composer.lock @@ -41,32 +41,35 @@ }, { "name": "bacon/bacon-qr-code", - "version": "1.0.3", + "version": "2.0.4", "source": { "type": "git", "url": "https://github.com/Bacon/BaconQrCode.git", - "reference": "5a91b62b9d37cee635bbf8d553f4546057250bee" + "reference": "f73543ac4e1def05f1a70bcd1525c8a157a1ad09" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Bacon/BaconQrCode/zipball/5a91b62b9d37cee635bbf8d553f4546057250bee", - "reference": "5a91b62b9d37cee635bbf8d553f4546057250bee", + "url": "https://api.github.com/repos/Bacon/BaconQrCode/zipball/f73543ac4e1def05f1a70bcd1525c8a157a1ad09", + "reference": "f73543ac4e1def05f1a70bcd1525c8a157a1ad09", "shasum": "" }, "require": { + "dasprid/enum": "^1.0.3", "ext-iconv": "*", - "php": "^5.4|^7.0" + "php": "^7.1 || ^8.0" }, "require-dev": { - "phpunit/phpunit": "^4.8" + "phly/keep-a-changelog": "^1.4", + "phpunit/phpunit": "^7 | ^8 | ^9", + "squizlabs/php_codesniffer": "^3.4" }, "suggest": { - "ext-gd": "to generate QR code images" + "ext-imagick": "to generate QR code images" }, "type": "library", "autoload": { - "psr-0": { - "BaconQrCode": "src/" + "psr-4": { + "BaconQrCode\\": "src/" } }, "notification-url": "https://packagist.org/downloads/", @@ -77,13 +80,13 @@ { "name": "Ben Scholzen 'DASPRiD'", "email": "mail@dasprids.de", - "homepage": "http://www.dasprids.de", + "homepage": "https://dasprids.de/", "role": "Developer" } ], "description": "BaconQrCode is a QR code generator for PHP.", "homepage": "https://github.com/Bacon/BaconQrCode", - "time": "2017-10-17T09:59:25+00:00" + "time": "2021-06-18T13:26:35+00:00" }, { "name": "bower-asset/Chart-js", @@ -380,6 +383,49 @@ ], "time": "2021-10-28T20:44:15+00:00" }, + { + "name": "dasprid/enum", + "version": "1.0.3", + "source": { + "type": "git", + "url": "https://github.com/DASPRiD/Enum.git", + "reference": "5abf82f213618696dda8e3bf6f64dd042d8542b2" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/DASPRiD/Enum/zipball/5abf82f213618696dda8e3bf6f64dd042d8542b2", + "reference": "5abf82f213618696dda8e3bf6f64dd042d8542b2", + "shasum": "" + }, + "require-dev": { + "phpunit/phpunit": "^7 | ^8 | ^9", + "squizlabs/php_codesniffer": "^3.4" + }, + "type": "library", + "autoload": { + "psr-4": { + "DASPRiD\\Enum\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-2-Clause" + ], + "authors": [ + { + "name": "Ben Scholzen 'DASPRiD'", + "email": "mail@dasprids.de", + "homepage": "https://dasprids.de/", + "role": "Developer" + } + ], + "description": "PHP 7.1 enum implementation", + "keywords": [ + "enum", + "map" + ], + "time": "2020-10-02T16:03:48+00:00" + }, { "name": "divineomega/do-file-cache", "version": "v2.0.6", diff --git a/src/Module/Settings/TwoFactor/Verify.php b/src/Module/Settings/TwoFactor/Verify.php index 8b2f1e54f..26a1b3752 100644 --- a/src/Module/Settings/TwoFactor/Verify.php +++ b/src/Module/Settings/TwoFactor/Verify.php @@ -110,9 +110,10 @@ class Verify extends BaseSettings $otpauthUrl = (new Google2FA())->getQRCodeUrl($company, $holder, $secret); - $renderer = (new \BaconQrCode\Renderer\Image\Svg()) - ->setHeight(256) - ->setWidth(256); + $renderer = new ImageRenderer( + new RendererStyle(256), + new SvgImageBackEnd() + ); $writer = new Writer($renderer); From 7af0431d9c7fb84ba05bb48827d381a57643795d Mon Sep 17 00:00:00 2001 From: Philipp Date: Fri, 10 Dec 2021 23:53:11 +0100 Subject: [PATCH 3/5] Bump patrick/language-detection to 5.1.0 --- composer.json | 2 +- composer.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/composer.json b/composer.json index c2cfa61b2..d8d93b63f 100644 --- a/composer.json +++ b/composer.json @@ -44,7 +44,7 @@ "monolog/monolog": "^1.25", "nikic/fast-route": "^1.3", "paragonie/hidden-string": "^1.0", - "patrickschur/language-detection": "^3.4", + "patrickschur/language-detection": "^5.0.0", "pear/console_table": "^1.3", "phpseclib/phpseclib": "^2.0", "pragmarx/google2fa": "^5.0", diff --git a/composer.lock b/composer.lock index 70658b5f6..14d6df2ef 100644 --- a/composer.lock +++ b/composer.lock @@ -2878,25 +2878,25 @@ }, { "name": "patrickschur/language-detection", - "version": "v3.4.2", + "version": "v5.1.0", "source": { "type": "git", "url": "https://github.com/patrickschur/language-detection.git", - "reference": "9d7a45118289939ef46d8a02763c7fec32eed7ba" + "reference": "728f1434dcf126ce3ed7118567c014d80d7fdd9c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/patrickschur/language-detection/zipball/9d7a45118289939ef46d8a02763c7fec32eed7ba", - "reference": "9d7a45118289939ef46d8a02763c7fec32eed7ba", + "url": "https://api.github.com/repos/patrickschur/language-detection/zipball/728f1434dcf126ce3ed7118567c014d80d7fdd9c", + "reference": "728f1434dcf126ce3ed7118567c014d80d7fdd9c", "shasum": "" }, "require": { "ext-json": "*", "ext-mbstring": "*", - "php": "^7.2" + "php": "^7.3 || ^8.0" }, "require-dev": { - "phpunit/phpunit": "^8.4.3" + "phpunit/phpunit": "^9.5.0" }, "type": "library", "autoload": { @@ -2921,7 +2921,7 @@ "detection", "language" ], - "time": "2019-11-16T14:23:06+00:00" + "time": "2021-03-05T22:18:57+00:00" }, { "name": "pear/console_table", From 474c18529485f150230fb6f5b44d4d5fcea99af8 Mon Sep 17 00:00:00 2001 From: Philipp Date: Sat, 11 Dec 2021 17:31:02 +0100 Subject: [PATCH 4/5] Update lock --- composer.lock | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 67 insertions(+), 1 deletion(-) diff --git a/composer.lock b/composer.lock index 14d6df2ef..97bea93ec 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "ce08cdf59a7d3e85aabef6c9f96586e0", + "content-hash": "3d221e30c9cb7e3f34d8d8141b6fea6c", "packages": [ { "name": "asika/simple-console", @@ -5255,6 +5255,12 @@ "testing", "xunit" ], + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2021-12-05T09:12:13+00:00" }, { @@ -5305,6 +5311,12 @@ "filesystem", "iterator" ], + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2021-12-02T12:48:52+00:00" }, { @@ -5413,6 +5425,12 @@ "keywords": [ "template" ], + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2020-10-26T05:33:50+00:00" }, { @@ -5716,6 +5734,12 @@ ], "description": "Looks up which function or method a line of code belongs to", "homepage": "https://github.com/sebastianbergmann/code-unit-reverse-lookup/", + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2020-09-28T05:30:19+00:00" }, { @@ -5780,6 +5804,12 @@ "compare", "equality" ], + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2020-10-26T15:49:45+00:00" }, { @@ -5889,6 +5919,12 @@ "unidiff", "unified diff" ], + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2020-10-26T13:10:38+00:00" }, { @@ -5942,6 +5978,12 @@ "environment", "hhvm" ], + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2020-09-28T05:52:38+00:00" }, { @@ -6175,6 +6217,12 @@ ], "description": "Traverses array structures and object graphs to enumerate all referenced objects", "homepage": "https://github.com/sebastianbergmann/object-enumerator/", + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2020-10-26T13:12:34+00:00" }, { @@ -6220,6 +6268,12 @@ ], "description": "Allows reflection of object attributes, including inherited and non-public ones", "homepage": "https://github.com/sebastianbergmann/object-reflector/", + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2020-10-26T13:14:26+00:00" }, { @@ -6273,6 +6327,12 @@ ], "description": "Provides functionality to recursively process PHP variables", "homepage": "http://www.github.com/sebastianbergmann/recursion-context", + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2020-10-26T13:17:30+00:00" }, { @@ -6370,6 +6430,12 @@ ], "description": "Collection of value objects that represent the types of the PHP type system", "homepage": "https://github.com/sebastianbergmann/type", + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], "time": "2021-06-15T12:49:02+00:00" }, { From 5f3421701fb0d2ba0dbd5bd3a0dd84e7a8f16b90 Mon Sep 17 00:00:00 2001 From: Philipp Date: Sun, 12 Dec 2021 20:09:10 +0100 Subject: [PATCH 5/5] Fix 2FA AppSpecificPassword --- src/Security/TwoFactor/Model/AppSpecificPassword.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/Security/TwoFactor/Model/AppSpecificPassword.php b/src/Security/TwoFactor/Model/AppSpecificPassword.php index 0c47ed556..5477ae59f 100644 --- a/src/Security/TwoFactor/Model/AppSpecificPassword.php +++ b/src/Security/TwoFactor/Model/AppSpecificPassword.php @@ -86,9 +86,11 @@ class AppSpecificPassword $appSpecificPasswords = DBA::toArray($appSpecificPasswordsStmt); array_walk($appSpecificPasswords, function (&$value) { - $value['ago'] = Temporal::getRelativeDate($value['last_used']); - $value['utc'] = DateTimeFormat::utc($value['last_used'], 'c'); - $value['local'] = DateTimeFormat::local($value['last_used'], 'r'); + $last_used = $value['last_used'] ?? DBA::NULL_DATETIME; + + $value['ago'] = Temporal::getRelativeDate($last_used); + $value['utc'] = DateTimeFormat::utc($last_used, 'c'); + $value['local'] = DateTimeFormat::local($last_used, 'r'); }); return $appSpecificPasswords;