Merge branch 'release/3.7.1'

CHANGELOG.md

@@ -1,3 +1,9 @@
+# v3.7.1
+## 06/14/2022
+
+1. [](#bugfix)
+    * PHP 8.1 fixes in QR code library
+
 # v3.7.0
 ## 03/28/2022
 

blueprints.yaml

@@ -1,7 +1,7 @@
 name: Login
 slug: login
 type: plugin
-version: 3.7.0
+version: 3.7.1
 testing: false
 description: Enables user authentication and login screen.
 icon: sign-in

classes/Controller.php

@@ -407,7 +407,7 @@ protected function taskForgot()
             return true;
         }
 
-        $token = md5(uniqid(mt_rand(), true));
+        $token = md5(uniqid((string)mt_rand(), true));
         $expire = time() + 604800; // next week
 
         $user->reset = $token . '::' . $expire;

templates/emails/login/magic-login.html.twig

@@ -0,0 +1,46 @@
+{% extends 'email/base.html.twig' %}
+
+{# Magic login link email (login by email link) #}
+
+{%- set subject = 'PLUGIN_LOGIN.MAGIC_LOGIN_EMAIL_SUBJECT'|t(site_name) %}
+{%- set message = message ?? 'PLUGIN_LOGIN.MAGIC_LOGIN_EMAIL_MESSAGE'|t %}
+
+{%- do email.message.setSubject(subject) %}
+
+{%- block content -%}
+  {{ 'PLUGIN_LOGIN.MAGIC_LOGIN_EMAIL_BODY'|t(site_name, message, login_link, actor.fullname)|raw }}
+{%- endblock content -%}
+
+{# https://workos.com/blog/a-guide-to-magic-links
+
+<h1>Account Invitation</h1>
+<p>
+  Hi,
+</p>
+<p>
+  You have been invited to join <b>{{ site_name }}</b>.
+</p>
+<p>
+  {{ message }}
+</p>
+<p>
+  <br/>
+  <a href="{{ login_link }}" class="btn-primary">Create Your Account Now</a>
+  <br/>
+  <br/>
+</p>
+<p>
+  Alternatively, copy the following URL into your browser's address bar:
+</p>
+<p class="word-break">
+  <a href="{{ login_link }}">{{ login_link }}</a>
+</p>
+<p>
+  <br/>
+  Kind regards,
+  <br/>
+  <br/>
+  {{ actor.fullname }}
+</p>
+
+#}

vendor/composer/installed.json

@@ -150,17 +150,17 @@
         },
         {
             "name": "robthree/twofactorauth",
-            "version": "1.8.1",
-            "version_normalized": "1.8.1.0",
+            "version": "1.8.2",
+            "version_normalized": "1.8.2.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/RobThree/TwoFactorAuth.git",
-                "reference": "5afcb45282f1c75562a48d479ecd1732c9bdb11b"
+                "reference": "65681de5a324eae05140ac58b08648a60212afc0"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/5afcb45282f1c75562a48d479ecd1732c9bdb11b",
-                "reference": "5afcb45282f1c75562a48d479ecd1732c9bdb11b",
+                "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/65681de5a324eae05140ac58b08648a60212afc0",
+                "reference": "65681de5a324eae05140ac58b08648a60212afc0",
                 "shasum": ""
             },
             "require": {
@@ -174,7 +174,7 @@
                 "bacon/bacon-qr-code": "Needed for BaconQrCodeProvider provider",
                 "endroid/qr-code": "Needed for EndroidQrCodeProvider"
             },
-            "time": "2021-10-20T12:19:55+00:00",
+            "time": "2022-03-22T16:11:07+00:00",
             "type": "library",
             "installation-source": "dist",
             "autoload": {

vendor/composer/installed.php

@@ -5,7 +5,7 @@
         'type' => 'library',
         'install_path' => __DIR__ . '/../../',
         'aliases' => array(),
-        'reference' => '5bff0ca6fbc27f5d7795fdb1b4a86b62ce233af3',
+        'reference' => 'b873dd50c66d15151e44fde56a79cfc16ba38bd3',
         'name' => 'getgrav/grav-plugin-login',
         'dev' => false,
     ),
@@ -34,7 +34,7 @@
             'type' => 'library',
             'install_path' => __DIR__ . '/../../',
             'aliases' => array(),
-            'reference' => '5bff0ca6fbc27f5d7795fdb1b4a86b62ce233af3',
+            'reference' => 'b873dd50c66d15151e44fde56a79cfc16ba38bd3',
             'dev_requirement' => false,
         ),
         'paragonie/random_compat' => array(
@@ -47,12 +47,12 @@
             'dev_requirement' => false,
         ),
         'robthree/twofactorauth' => array(
-            'pretty_version' => '1.8.1',
-            'version' => '1.8.1.0',
+            'pretty_version' => '1.8.2',
+            'version' => '1.8.2.0',
             'type' => 'library',
             'install_path' => __DIR__ . '/../robthree/twofactorauth',
             'aliases' => array(),
-            'reference' => '5afcb45282f1c75562a48d479ecd1732c9bdb11b',
+            'reference' => '65681de5a324eae05140ac58b08648a60212afc0',
             'dev_requirement' => false,
         ),
     ),

vendor/robthree/twofactorauth/.github/workflows/test-bacon.yml

@@ -0,0 +1,30 @@
+name: Test Bacon QR Code Provider
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        php-version: ['5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1']
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - uses: shivammathur/setup-php@v2
+      with:
+        php-version: ${{ matrix.php-version }}
+        tools: composer
+        coverage: xdebug
+        ini-values: error_reporting=E_ALL
+
+    - uses: ramsey/composer-install@v1
+
+    - run: composer require bacon/bacon-qr-code
+
+    - run: composer lint
+    - run: composer test testsDependency/BaconQRCodeTest.php

vendor/robthree/twofactorauth/.github/workflows/test-endroid.yml

@@ -0,0 +1,46 @@
+name: Test Endroid QR Code Provider
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        php-version: ['8.0', '8.1']
+        endroid-version: ["^4"]
+        include:
+        - php-version: 5.6
+          # earliest supported version
+          endroid-version: 2.2.1
+        - php-version: 7.0
+          endroid-version: 2.5.1
+        - php-version: 7.1
+          # this version is 7.1+
+          endroid-version: 3.0.0
+        - php-version: 7.2
+          # all later versions are 7.3+
+          endroid-version: 3.5.9
+        - php-version: 7.3
+          endroid-version: 3.9.7
+        - php-version: 7.4
+          endroid-version: 4.0.0
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - uses: shivammathur/setup-php@v2
+      with:
+        php-version: ${{ matrix.php-version }}
+        tools: composer
+        coverage: xdebug
+        ini-values: error_reporting=E_ALL
+
+    - uses: ramsey/composer-install@v1
+
+    - run: composer require endroid/qrcode:${{ matrix.endroid-version }}
+
+    - run: composer test testsDependency/EndroidQRCodeTest.php

vendor/robthree/twofactorauth/.github/workflows/test.yml

@@ -10,7 +10,7 @@ jobs:
 
     strategy:
       matrix:
-        php-version: ['5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0']
+        php-version: ['5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1']
 
     steps:
     - uses: actions/checkout@v2
@@ -20,6 +20,7 @@ jobs:
         php-version: ${{ matrix.php-version }}
         tools: composer
         coverage: xdebug
+        ini-values: error_reporting=E_ALL
 
     - uses: ramsey/composer-install@v1
 

vendor/robthree/twofactorauth/LICENSE

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2014-2015 Rob Janssen
+Copyright (c) 2014-2021 Rob Janssen and contributors
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

vendor/robthree/twofactorauth/composer.json

@@ -1,7 +1,7 @@
 {
     "name": "robthree/twofactorauth",
     "description": "Two Factor Authentication",
-    "version": "1.8.1",
+    "version": "1.8.2",
     "type": "library",
     "keywords": [ "Authentication", "Two Factor Authentication", "Multi Factor Authentication", "TFA", "MFA", "PHP", "Authenticator", "Authy" ],
     "homepage": "https://github.com/RobThree/TwoFactorAuth",

vendor/robthree/twofactorauth/lib/Providers/Qr/BaconQrCodeProvider.php

@@ -125,12 +125,19 @@ private function handleColour($colour)
     {
         if (is_string($colour) && $colour[0] == '#') {
             $hexToRGB = function ($input) {
+                // ensure input no longer has a # for more predictable division
+                // PHP 8.1 does not like implicitly casting a float to an int
+                $input = trim($input, '#');
+
+                if (strlen($input) != 3 && strlen($input) != 6) {
+                    throw new \RuntimeException('Colour should be a 3 or 6 character value after the #');
+                }
+
                 // split the array into three chunks
-                $split = str_split(trim($input, '#'), strlen($input) / 3);
+                $split = str_split($input, strlen($input) / 3);
 
                 // cope with three character hex reference
-                // three characters plus a # = 4
-                if (strlen($input) == 4) {
+                if (strlen($input) == 3) {
                     array_walk($split, function (&$character) {
                         $character = str_repeat($character, 2);
                     });

vendor/robthree/twofactorauth/lib/Providers/Qr/EndroidQrCodeProvider.php

@@ -1,8 +1,14 @@
 <?php
 namespace RobThree\Auth\Providers\Qr;
 
+use Endroid\QrCode\Color\Color;
 use Endroid\QrCode\ErrorCorrectionLevel;
+use Endroid\QrCode\ErrorCorrectionLevel\ErrorCorrectionLevelHigh;
+use Endroid\QrCode\ErrorCorrectionLevel\ErrorCorrectionLevelLow;
+use Endroid\QrCode\ErrorCorrectionLevel\ErrorCorrectionLevelMedium;
+use Endroid\QrCode\ErrorCorrectionLevel\ErrorCorrectionLevelQuartile;
 use Endroid\QrCode\QrCode;
+use Endroid\QrCode\Writer\PngWriter;
 
 class EndroidQrCodeProvider implements IQRCodeProvider
 {
@@ -11,8 +17,12 @@ class EndroidQrCodeProvider implements IQRCodeProvider
     public $margin;
     public $errorcorrectionlevel;
 
+    protected $endroid4 = false;
+
     public function __construct($bgcolor = 'ffffff', $color = '000000', $margin = 0, $errorcorrectionlevel = 'H')
     {
+        $this->endroid4 = method_exists(QrCode::class, 'create');
+
         $this->bgcolor = $this->handleColor($bgcolor);
         $this->color = $this->handleColor($color);
         $this->margin = $margin;
@@ -26,7 +36,12 @@ public function getMimeType()
 
     public function getQRCodeImage($qrtext, $size)
     {
-        return $this->qrCodeInstance($qrtext, $size)->writeString();
+        if (!$this->endroid4) {
+            return $this->qrCodeInstance($qrtext, $size)->writeString();
+        }
+
+        $writer = new PngWriter();
+        return $writer->write($this->qrCodeInstance($qrtext, $size))->getString();
     }
 
     protected function qrCodeInstance($qrtext, $size)
@@ -49,22 +64,21 @@ private function handleColor($color)
         $g = hexdec($split[1]);
         $b = hexdec($split[2]);
 
-        return ['r' => $r, 'g' => $g, 'b' => $b, 'a' => 0];
+        return $this->endroid4 ? new Color($r, $g, $b, 0) : ['r' => $r, 'g' => $g, 'b' => $b, 'a' => 0];
     }
 
     private function handleErrorCorrectionLevel($level)
     {
         switch ($level) {
             case 'L':
-                return ErrorCorrectionLevel::LOW();
+                return $this->endroid4 ? new ErrorCorrectionLevelLow() : ErrorCorrectionLevel::LOW();
             case 'M':
-                return ErrorCorrectionLevel::MEDIUM();
+                return $this->endroid4 ? new ErrorCorrectionLevelMedium() : ErrorCorrectionLevel::MEDIUM();
             case 'Q':
-                return ErrorCorrectionLevel::QUARTILE();
+                return $this->endroid4 ? new ErrorCorrectionLevelQuartile() : ErrorCorrectionLevel::QUARTILE();
             case 'H':
-                return ErrorCorrectionLevel::HIGH();
             default:
-                return ErrorCorrectionLevel::HIGH();
+                return $this->endroid4 ? new ErrorCorrectionLevelHigh() : ErrorCorrectionLevel::HIGH();
         }
     }
 }