Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
PayPal creates salt for nonces longer than 40 chars #71
PayPal recently upgraded their OpenID service, and as part of this update they now use very long salt values, for example, "0e00b1a53a40de0a558c8378b4c51f3d58e4b90d845292226741797e9edb8dcb". This string is longer than 40 characters and thus does not work with current nonce salt column which is set to 40 characters.
The fix is to change "salt CHAR(40)" to something larger (I'm using "salt CHAR(80)") in the following files:
Auth/OpenID/MDB2Store.php (also need to change "salt" => array(... "length" => 40,...);)