Add time constrained order tokens

[TanaseTeofil]

Closes #2568

[CLAassistant]

All committers have signed the CLA.

[dpfaffenbauer]

@TanaseTeofil can you also please implement how you validate the token. I also think that JWT is a bit overkill. What if we use our Token Generator and just increase the length to 64 chars or so? this is for example how payum generates the tokens: https://github.com/Payum/Payum/blob/master/src/Payum/Core/Security/Util/Random.php#L21

[TanaseTeofil]

@TanaseTeofil can you also please implement how you validate the token. I also think that JWT is a bit overkill. What if we use our Token Generator and just increase the length to 64 chars or so? this is for example how payum generates the tokens: https://github.com/Payum/Payum/blob/master/src/Payum/Core/Security/Util/Random.php#L21

@dpfaffenbauer That might be enough. I will discuss this with @yariksheptykin next week. Currently I am not available to work on this.

[TanaseTeofil]

Hello @solverat !

We've decided to move forward with your suggestion on the issue #2568
Can you provide a bit more details on how this configurable_ttl is configured and also how the tokenLength is decided?
Is token length something we give on generation as a parameter to the UniqueTokenGenerator only or is it configured somewhere else?
Any additional details you can provide on how you would implement this would be greatly appreciated.

[TanaseTeofil]

Hello @solverat !

We've decided to move forward with your suggestion on the issue #2568 Can you provide a bit more details on how this configurable_ttl is configured and also how the tokenLength is decided? Is token length something we give on generation as a parameter to the UniqueTokenGenerator only or is it configured somewhere else? Any additional details you can provide on how you would implement this would be greatly appreciated.

@dpfaffenbauer Can you help with this?

[dpfaffenbauer]

@TanaseTeofil I would make it configurable with a symfony config and inject it with DI.