22
33namespace SimpleSAML \Module \drupalauth \Auth \Source ;
44
5+ use Drupal \Component \Utility \Crypt ;
56use Drupal \user \Entity \User ;
67use SimpleSAML \Auth \Source ;
78use SimpleSAML \Auth \State ;
@@ -122,14 +123,20 @@ private function getUser()
122123 $ cookie_name$ this config ->getCookieName ();
123124 if (isset ($ _COOKIE $ cookie_name$ _COOKIE $ cookie_name
124125 $ strCookie$ _COOKIE $ cookie_name
125- list ($ hash $ uidexplode (': ' , $ strCookie
126+ list ($ cookie_hash $ uidexplode (': ' , $ strCookie
126127
127128 // make sure the hash matches
128129 // make sure the UID is passed
129- if ((isset ($ hashempty ($ hashisset ($ uidempty ($ uid
130+ if ((isset ($ cookie_hashempty ($ cookie_hashisset ($ uidempty ($ uid
131+ $ drupalHelpernew DrupalHelper ();
132+ $ drupalHelperbootDrupal ($ this config ->getDrupalroot ());
133+
130134 // Make sure no one manipulated the hash or the uid in the cookie before we trust the uid
131- $ cookie_salt$ this config ->getCookieSalt ();
132- if (sha1 ($ cookie_salt$ uid$ hash
135+ $ hashhmacBase64 (
136+ $ uid
137+ $ this config ->getCookieSalt () . \Drupal::service ('private_key ' )->get ()
138+ );
139+ if (!Crypt::hashEquals ($ hash$ cookie_hash
133140 throw new Exception (
134141 'Cookie hash invalid. This indicates either tampering or an out of date drupal4ssp module. '
135142 );
@@ -145,9 +152,6 @@ private function getUser()
145152 }
146153
147154 if (!empty ($ drupaluid
148- $ drupalHelpernew DrupalHelper ();
149- $ drupalHelperbootDrupal ($ this config ->getDrupalroot ());
150-
151155 // Load the user object from Drupal.
152156 $ drupaluserload ($ uid
153157 if ($ drupaluserisBlocked ()) {
0 commit comments