From a4a565b88a4b650d49e2f998ade0dbd01c9ba34b Mon Sep 17 00:00:00 2001
From: Hossein Azizabadi Farahani <hossein.azizabadi@gmail.com>
Date: Mon, 16 Dec 2024 12:27:27 +0330
Subject: [PATCH] Laminas\Math abandoned, stop using it

---
 composer.json                  | 1 -
 src/Service/AccountService.php | 8 +++++---
 src/Service/TokenService.php   | 8 +++++---
 3 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/composer.json b/composer.json
index fd0a216..94f6173 100644
--- a/composer.json
+++ b/composer.json
@@ -54,7 +54,6 @@
     "laminas/laminas-mvc-plugins": "*",
     "laminas/laminas-mvc-middleware": "*",
     "laminas/laminas-authentication": "*",
-    "laminas/laminas-math": "*",
     "laminas/laminas-http": "*",
     "laminas/laminas-eventmanager": "*",
     "laminas/laminas-cache": "*",
diff --git a/src/Service/AccountService.php b/src/Service/AccountService.php
index 5996048..42d62cb 100644
--- a/src/Service/AccountService.php
+++ b/src/Service/AccountService.php
@@ -5,7 +5,6 @@
 namespace Pi\User\Service;
 
 use Fig\Http\Message\StatusCodeInterface;
-use Laminas\Math\Rand;
 use Pi\Core\Security\Account\AccountLocked;
 use Pi\Core\Security\Account\AccountLoginAttempts;
 use Pi\Core\Service\CacheService;
@@ -13,6 +12,7 @@
 use Pi\Core\Service\UtilityService;
 use Pi\Notification\Service\NotificationService;
 use Pi\User\Repository\AccountRepositoryInterface;
+use Random\RandomException;
 use RobThree\Auth\Algorithm;
 use RobThree\Auth\Providers\Qr\EndroidQrCodeProvider;
 use RobThree\Auth\TwoFactorAuth;
@@ -511,11 +511,12 @@ public function postLoginError($params): array
      * @param       $params
      *
      * @return array
+     * @throws RandomException
      */
     public function perMobileLogin($params): array
     {
         // Set new password as OTP
-        $otpCode   = Rand::getInteger(100000, 999999);
+        $otpCode   = random_int(100000, 999999);
         $otpExpire = (time() + 120);
         $isNew     = 0;
 
@@ -592,11 +593,12 @@ public function perMobileLogin($params): array
      * @param       $params
      *
      * @return array
+     * @throws RandomException
      */
     public function preMailLogin($params): array
     {
         // Set new password as OTP
-        $otpCode   = Rand::getInteger(100000, 999999);
+        $otpCode   = random_int(100000, 999999);
         $otpExpire = (time() + 180);
         $isNew     = 0;
 
diff --git a/src/Service/TokenService.php b/src/Service/TokenService.php
index 6722059..35c802c 100644
--- a/src/Service/TokenService.php
+++ b/src/Service/TokenService.php
@@ -7,8 +7,8 @@
 use Exception;
 use Firebase\JWT\JWT;
 use Firebase\JWT\Key;
-use Laminas\Math\Rand;
 use Pi\Core\Service\CacheService;
+use Random\RandomException;
 
 class TokenService implements ServiceInterface
 {
@@ -148,14 +148,16 @@ public function decryptToken($token): array
         }
     }
 
+    /**
+     * @throws RandomException
+     */
     private function setUniqId($params): string
     {
         $typePrefix   = $params['type'] === 'refresh' ? 'r' : 'a';
-        $randomString = Rand::getString(16, 'abcdefghijklmnopqrstuvwxyz0123456789');
 
         return hash(
             'sha256',
-            sprintf('%s-%s-%s', $typePrefix, $params['account']['id'], $randomString)
+            sprintf('%s-%s-%s', $typePrefix, $params['account']['id'], bin2hex(random_bytes(8)))
         );
     }