protected function generateToken(string $lockTo = '') : array
{
// Create a distinct index:
do {
$index = Base64UrlSafe::encode(\random_bytes(18));
} while (isset($_SESSION[$this->sessionIndex][$index]));
$token = Base64UrlSafe::encode(\random_bytes(33));
$_SESSION[$this->sessionIndex][$index] = ['created' => \intval(\date('YmdHis')), 'uri' => isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : $_SERVER['SCRIPT_NAME'], 'token' => $token];
if (!empty($lockTo)) {
// Get rid of trailing slashes.
if (\preg_match('#/$#', $lockTo)) {
$lockTo = Util::subString($lockTo, 0, Util::stringLength($lockTo) - 1);
}
$_SESSION[$this->sessionIndex][$index]['lockto'] = $lockTo;
}
$this->recycleTokens();
return [$index, $token];
}