From: Matthias Schmidt <gravatronics@live.com>
Date: Wed, 11 Sep 2019 16:19:09 +0000 (+0200)
Subject: Merge branch 'master' into next
X-Git-Tag: 5.2.0_Beta_2~59
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=f799741ebc6853289840ef4930b069bf5e17e1dd;p=GitHub%2FWoltLab%2FWCF.git

Merge branch 'master' into next
---

f799741ebc6853289840ef4930b069bf5e17e1dd
diff --cc wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
index b5f4548f35,08d2e69f48..4060862bce
--- a/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
+++ b/wcfsetup/install/files/lib/action/FacebookAuthAction.class.php
@@@ -156,9 -145,9 +156,9 @@@ class FacebookAuthAction extends Abstra
  		}
  		
  		// start auth by redirecting to facebook
 -		$token = StringUtil::getRandomID();
 +		$token = bin2hex(\random_bytes(20));
  		WCF::getSession()->register('__facebookInit', $token);
- 		HeaderUtil::redirect("https://www.facebook.com/dialog/oauth?client_id=".StringUtil::trim(FACEBOOK_PUBLIC_KEY). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=email,user_birthday,user_location");
+ 		HeaderUtil::redirect("https://www.facebook.com/dialog/oauth?client_id=".StringUtil::trim(FACEBOOK_PUBLIC_KEY). "&redirect_uri=".rawurlencode($callbackURL)."&state=".$token."&scope=email");
  		$this->executed();
  		exit;
  	}