Be careful when setting the 'strong' parameter to true.
If you system doesn't have enough entropy your script will block which can cause timeouts in other parts of your code.
In my case, the most serious symptom was my script blocking when trying to read from /dev/random and causing a 'MySQL has gone away' error.
Hopefully this saves someone the trouble when deciding to use /dev/random entropy
OAuthProvider::is2LeggedEndpoint
OAuthProvider::consumerHandler
[edit] Last updated: Fri, 24 Jun 2011
OAuthProvider::consumerHandler
[edit] Last updated: Fri, 24 Jun 2011
OAuthProvider::generateToken
(PECL OAuth >= 1.0.0)
OAuthProvider::generateToken — Generate a random token
Description
final public static string OAuthProvider::generateToken
( int $size
[, bool $strong = false
] )
Generates a string of pseudo-random bytes.
Parameters
- size
-
The desired token length, in terms of bytes.
- strong
-
Setting to TRUE means /dev/random will be used for entropy, as otherwise the non-blocking /dev/urandom is used. This parameter is ignored on Windows.
Return Values
The generated token, as a string of bytes.
Errors/Exceptions
If the strong parameter is TRUE, then an E_WARNING level error will be emitted when the fallback rand() implementation is used to fill the remaining random bytes (e.g., when not enough random data was found, initially).
Examples
Example #1 OAuthProvider::generateToken() example
<?php
$p = new OAuthProvider();
$t = $p->generateToken(4);
echo strlen($t), PHP_EOL;
echo bin2hex($t), PHP_EOL;
?>
The above example will output something similar to:
4 b6a82c27
Notes
Note:
When not enough random data is available to the system, this function will fill the remaining random bytes using the internal PHP rand() implementation.
See Also
- openssl_random_pseudo_bytes() - Generate a pseudo-random string of bytes
- mcrypt_create_iv() - Creates an initialization vector (IV) from a random source
add a note
User Contributed Notes
OAuthProvider::generateToken - [1 notes]
carlosouza at me dot com ¶
1 year ago