Merge "Trim surrounding whitespace and seperators from tokens"

2024-11-24 08:14:15 +00:00 · 2016-11-21 21:59:07 +00:00 · 2016-11-21 21:59:07 +00:00 · 1fc19d6cc4
parent c2092ee37c 372ef401b6
commit 1fc19d6cc4
1 changed files with 5 additions and 0 deletions
--- a/OATHAuthKey.php
+++ b/OATHAuthKey.php
@ -98,6 +98,11 @@ class OATHAuthKey {
 			Base32::decode( $this->secret['secret'] ),
 			$this->secret['period'], -$wgOATHAuthWindowRadius, $wgOATHAuthWindowRadius
 		);
+
+		// Remove any whitespace from the received token, which can be an intended group seperator
+		// or trimmeable whitespace
+		$token = preg_replace( '/\s+/', '', $token );
+
 		// Check to see if the user's given token is in the list of tokens generated
 		// for the time window.
 		foreach ( $results as $window => $result ) {