Make use of Security::salt() instead of Configure::read('Security.sal…

…t');
cakephp · Sep 9, 2014 · dfe7799 · dfe7799
1 parent c50a9d8
commit dfe7799
Show file tree

Hide file tree

Showing 9 changed files with 17 additions and 15 deletions.
diff --git a/src/Controller/Component/CookieComponent.php b/src/Controller/Component/CookieComponent.php
@@ -130,7 +130,7 @@ public function __construct(ComponentRegistry $collection, array $config = array
 		parent::__construct($collection, $config);
 
 		if (!$this->_config['key']) {
-			$this->config('key', Configure::read('Security.salt'));
+			$this->config('key', Security::salt());
 		}
 
 		$controller = $collection->getController();

diff --git a/src/Controller/Component/SecurityComponent.php b/src/Controller/Component/SecurityComponent.php
@@ -345,7 +345,7 @@ protected function _validatePost(Controller $controller) {
 			$controller->request->here(),
 			serialize($fieldList),
 			$unlocked,
-			Configure::read('Security.salt')
+			Security::salt()
 		);
 		$check = Security::hash(implode('', $hashParts), 'sha1');
 		return ($token === $check);

diff --git a/src/Error/Debugger.php b/src/Error/Debugger.php
@@ -17,6 +17,7 @@
 use Cake\Core\Configure;
 use Cake\Log\Log;
 use Cake\Utility\Hash;
+use Cake\Utility\Security;
 use Cake\Utility\String;
 use Exception;
 use InvalidArgumentException;
@@ -838,7 +839,7 @@ public static function getType($var) {
  * @return void
  */
 	public static function checkSecurityKeys() {
-		if (Configure::read('Security.salt') === '__SALT__') {
+		if (Security::salt() === '__SALT__') {
 			trigger_error(sprintf('Please change the value of %s in %s to a salt value specific to your application.', '\'Security.salt\'', 'ROOT/config/app.php'), E_USER_NOTICE);
 		}
 	}

diff --git a/src/View/Helper/FormHelper.php b/src/View/Helper/FormHelper.php
@@ -497,7 +497,7 @@ public function secure(array $fields = array(), array $secureAttributes = array(
 			$this->_lastAction,
 			serialize($fields),
 			$unlocked,
-			Configure::read('Security.salt')
+			Security::salt()
 		);
 		$fields = Security::hash(implode('', $hashParts), 'sha1');
 

diff --git a/tests/TestCase/Auth/FormAuthenticateTest.php b/tests/TestCase/Auth/FormAuthenticateTest.php
@@ -232,7 +232,7 @@ public function testPluginModel() {
 		$PluginModel = TableRegistry::get('TestPlugin.AuthUsers');
 		$user['id'] = 1;
 		$user['username'] = 'gwoo';
-		$user['password'] = password_hash(Configure::read('Security.salt') . 'cake', PASSWORD_BCRYPT);
+		$user['password'] = password_hash(Security::salt() . 'cake', PASSWORD_BCRYPT);
 		$PluginModel->save(new Entity($user));
 
 		$this->auth->config('userModel', 'TestPlugin.AuthUsers');

diff --git a/tests/TestCase/Auth/WeakPasswordHasherTest.php b/tests/TestCase/Auth/WeakPasswordHasherTest.php
@@ -17,6 +17,7 @@
 use Cake\Auth\WeakPasswordHasher;
 use Cake\Core\Configure;
 use Cake\TestSuite\TestCase;
+use Cake\Utility\Security;
 
 /**
  * Test case for WeakPasswordHasher
@@ -32,7 +33,7 @@ class WeakPasswordHasherTest extends TestCase {
 	public function setUp() {
 		parent::setUp();
 
-		Configure::write('Security.salt', 'YJfIxfs2guVoUubWDYhG93b0qyJfIxfs2guwvniR2G0FgaC9mi');
+		Security::salt('YJfIxfs2guVoUubWDYhG93b0qyJfIxfs2guwvniR2G0FgaC9mi');
 	}
 
 /**

diff --git a/tests/TestCase/Controller/Component/AuthComponentTest.php b/tests/TestCase/Controller/Component/AuthComponentTest.php
@@ -61,7 +61,7 @@ class AuthComponentTest extends TestCase {
 	public function setUp() {
 		parent::setUp();
 
-		Configure::write('Security.salt', 'YJfIxfs2guVoUubWDYhG93b0qyJfIxfs2guwvniR2G0FgaC9mi');
+		Security::salt('YJfIxfs2guVoUubWDYhG93b0qyJfIxfs2guwvniR2G0FgaC9mi');
 		Configure::write('App.namespace', 'TestApp');
 
 		Router::scope('/', function($routes) {

diff --git a/tests/TestCase/Controller/Component/SecurityComponentTest.php b/tests/TestCase/Controller/Component/SecurityComponentTest.php
@@ -146,7 +146,7 @@ public function setUp() {
 		$this->Controller->Security->config('blackHoleCallback', 'fail');
 		$this->Security = $this->Controller->Security;
 		$this->Security->session = $session;
-		Configure::write('Security.salt', 'foo!');
+		Security::salt('foo!');
 	}
 
 /**
@@ -659,7 +659,7 @@ public function testValidatePostDisabledFieldsInData() {
 		$this->Controller->Security->startup($event);
 		$unlocked = 'Model.username';
 		$fields = array('Model.hidden', 'Model.password');
-		$fields = urlencode(Security::hash('/articles/index' . serialize($fields) . $unlocked . Configure::read('Security.salt')));
+		$fields = urlencode(Security::hash('/articles/index' . serialize($fields) . $unlocked . Security::salt()));
 
 		$this->Controller->request->data = array(
 			'Model' => array(
@@ -683,7 +683,7 @@ public function testValidatePostFailNoDisabled() {
 		$event = new Event('Controller.startup', $this->Controller);
 		$this->Controller->Security->startup($event);
 		$fields = array('Model.hidden', 'Model.password', 'Model.username');
-		$fields = urlencode(Security::hash(serialize($fields) . Configure::read('Security.salt')));
+		$fields = urlencode(Security::hash(serialize($fields) . Security::salt()));
 
 		$this->Controller->request->data = array(
 			'Model' => array(
@@ -708,7 +708,7 @@ public function testValidatePostFailDisabledFieldTampering() {
 		$this->Controller->Security->startup($event);
 		$unlocked = 'Model.username';
 		$fields = array('Model.hidden', 'Model.password');
-		$fields = urlencode(Security::hash(serialize($fields) . $unlocked . Configure::read('Security.salt')));
+		$fields = urlencode(Security::hash(serialize($fields) . $unlocked . Security::salt()));
 
 		// Tamper the values.
 		$unlocked = 'Model.username|Model.password';
@@ -829,7 +829,7 @@ public function testValidateNestedNumericSets() {
 		$this->Controller->Security->startup($event);
 		$unlocked = '';
 		$hashFields = array('TaxonomyData');
-		$fields = urlencode(Security::hash('/articles/index' . serialize($hashFields) . $unlocked . Configure::read('Security.salt')));
+		$fields = urlencode(Security::hash('/articles/index' . serialize($hashFields) . $unlocked . Security::salt()));
 
 		$this->Controller->request->data = array(
 			'TaxonomyData' => array(

diff --git a/tests/TestCase/View/Helper/FormHelperTest.php b/tests/TestCase/View/Helper/FormHelperTest.php
@@ -174,7 +174,7 @@ public function setUp() {
 			]
 		];
 
-		Configure::write('Security.salt', 'foo!');
+		Security::salt('foo!');
 		Router::connect('/:controller', array('action' => 'index'));
 		Router::connect('/:controller/:action/*');
 	}
@@ -837,7 +837,7 @@ public function testFormSecurityFields() {
 		$this->Form->request->params['_Token'] = 'testKey';
 		$result = $this->Form->secure($fields);
 
-		$hash = Security::hash(serialize($fields) . Configure::read('Security.salt'));
+		$hash = Security::hash(serialize($fields) . Security::salt());
 		$hash .= ':' . 'Model.valid';
 		$hash = urlencode($hash);
 
@@ -5539,7 +5539,7 @@ public function testPostLinkSecurityHash() {
 			'/posts/delete/1' .
 			serialize(array()) .
 			'' .
-			Configure::read('Security.salt')
+			Security::salt()
 		);
 		$hash .= '%3A';
 		$this->Form->request->params['_Token']['key'] = 'test';