Fix order token generator entropy using CSPRNG and 32-char tokens

[Copilot]

Order tokens used as sole access keys had insufficient entropy (~59 bits) and used openssl_random_pseudo_bytes() without evaluating the $crypto_strong parameter.

Changes

• Replace RNG implementation — Swap custom openssl_random_pseudo_bytes() logic with PHP's native random_int(), which is a guaranteed CSPRNG that throws on failure
• Increase token length — Default from 10 → 32 characters (~190 bits entropy for alphanumeric, exceeds 128-bit threshold)

Files

• UniqueTokenGenerator.php — Simplified generate method using random_int()
• OrderFactory.php — Default token length 10 → 32
• StorageListFactory.php — Token length 10 → 32
• CheckoutController.php — Legacy fallback token length 10 → 32

// Before: custom implementation with openssl_random_pseudo_bytes
$rnd = hexdec(bin2hex(openssl_random_pseudo_bytes($bytes)));

// After: native CSPRNG
$randomKey = random_int(0, $maxIndex);

Metric	Before	After
Entropy (alphanumeric)	~59 bits	~190 bits
CSPRNG guaranteed	No	Yes

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Order Token Generator Entropy</issue_title>
<issue_description>Problem Statement
The token generator in use produces tokens with insufficient entropy, which are used as the sole access key for orders.

Description

• Custom RNG implementation based on openssl_random_pseudo_bytes().
• Exceptions thrown by this function are not caught → not fail-safe.
• The $crypto_strong parameter is not evaluated, so it is not guaranteed that the generated bytes are cryptographically strong.

Reference
https://www.php.net/manual/en/function.openssl-random-pseudo-bytes.php

• No guaranteed usage of a cryptographically secure random number generator (CSPRNG).
• Hardcoded token length (10 characters, default in OrderFactory).
• Optional numeric-only tokens.
• No rate limiting on public endpoints that use these tokens.
• No ReBAC and no additional authorization checks.

Impact

• IDOR / BOLA due to guessable tokens.
• Brute-force attacks are realistically possible.

Entropy

• Best case (alphanumeric): ~59 bits
• Worst case (numeric only): ~33 bits
• In general, < 50 bits is security-critical for publicly exposed tokens.

Mitigation

• Generate tokens with ≥ 128 bits of effective entropy
  (e.g. random_bytes(32)).
• Tokens must never be used as the sole authorization mechanism
  (see issue Updatability #2 – Missing ReBAC).
• Enforce ReBAC / user binding.
• Apply rate limiting to all token-based endpoints.

@raphael-kat @papillo-solutions</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Order Token Generator Entropy #2951

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dpfaffenbauer]

@raphael-kat what you think of this?

[github-actions]

Thank you for your submission, we really appreciate it. Like many open-source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution. You can sign the CLA by just posting a Pull Request Comment same as the below format.

---

I have read the CLA Document and I hereby sign the CLA

---

_{You can retrigger this bot by commenting recheck in this Pull Request. Posted by the CLA Assistant Lite bot.}