php-openid icon indicating copy to clipboard operation
php-openid copied to clipboard
verified publisher icon openid

PayPal creates salt for nonces longer than 40 chars

Open terrencegf opened this issue 14 years ago • 1 comments

PayPal recently upgraded their OpenID service, and as part of this update they now use very long salt values, for example, "0e00b1a53a40de0a558c8378b4c51f3d58e4b90d845292226741797e9edb8dcb". This string is longer than 40 characters and thus does not work with current nonce salt column which is set to 40 characters.

The fix is to change "salt CHAR(40)" to something larger (I'm using "salt CHAR(80)") in the following files:

Auth/OpenID/MDB2Store.php (also need to change "salt" => array(... "length" => 40,...);) Auth/OpenID/MySQLStore.php Auth/OpenID/PostgreSQLStore.php Auth/OpenID/SQLiteStore.php

terrencegf avatar Apr 19 '12 22:04 terrencegf

If you create a merge request I'd be happy to include this.

marcoceppi avatar Aug 03 '12 20:08 marcoceppi

This repo is being archived. Closing issue.

timcappalli avatar Jul 24 '23 18:07 timcappalli