In version 3.0, the qrcode provider must be explicitely set, so the
warning is not needed anymore.
Also rewrite the part about the curl library for php.
if curl fails for some reason to get a QR code from an external (http) provider, the app will throw a TwoFactorAuthException.
also fix the demo page with new constructor signature
if curl fails for some reason to get a QR code from an external (http)
provider, the app will throw a TwoFactorAuthException.
also fix the demo page with new constructor signature
This change is discussed in #104
Currently, the library defaults to a QR Code Provider using an external service, thus leaking secrets.
This change forces the definition of a QR Code Provider in the constructor. It is a breaking change.
fixes#104
The public function getQRCodeProvider() has been removed. It is provided by the user in the constructor, so it doesn't make a lot of sense to keep a getter around if we're not using it internally.
This change is discussed in #104
Currently, the library defaults to a QR Code Provider using an external
service, thus leaking secrets.
This change forces the definition of a QR Code Provider in the
constructor. It is a breaking change.
fixes#104
* master:
add CI4-auth link in README. fix#107 (#123)
remove insecure rng providers and remove polyfill for hash_equals (#122)
delete files specific to code editors (#120)
Exclude useless files from dist archive #103
* remove insecure rng providers
and remove the openssl provider. We now rely exclusively on
random_bytes(), as there are no reasons not to. Fix#121
* remove the isSecure property of the test rng class
* remove pointless test rng class
we were testing a test class, which didn't make a lot of sense.
* Revert "remove pointless test rng class"
This reverts commit f6da6bee6d.
* Reapply "remove pointless test rng class"
This reverts commit 06220d4a54.
* assing rng provider to class attribute
this also aligns with other providers
* remove polyfill for hash_equals
This change adds the PHP attribute SensitiveParameter to the secret
holding variables.
See: https://www.php.net/manual/en/class.sensitiveparameter
This feature is only available in PHP 8.2, so the minimum php version
required has been updated.
Github Actions now use PHP 8.2 and 8.3 for the tests.
The checkout action has been updated to v4, too.
Fix issue #118
