From 294503a9b6ca2c13377962f61b0f67604991c00e Mon Sep 17 00:00:00 2001
From: Seamus Lee <seamuslee001@gmail.com>
Date: Thu, 3 Jun 2021 07:48:57 +1000
Subject: [PATCH] [php8-compat][NFC] Ensure that the 2nd parameter of
 hash_equals is a string in authx

---
 ext/authx/Civi/Authx/Authenticator.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/authx/Civi/Authx/Authenticator.php b/ext/authx/Civi/Authx/Authenticator.php
index 49f103e8a1..6fa9dd702b 100644
--- a/ext/authx/Civi/Authx/Authenticator.php
+++ b/ext/authx/Civi/Authx/Authenticator.php
@@ -158,7 +158,7 @@ class Authenticator {
 
       // If any one of these passes, then we allow the authentication.
       $passGuard = [];
-      $passGuard[] = in_array('site_key', $useGuards) && defined('CIVICRM_SITE_KEY') && hash_equals(CIVICRM_SITE_KEY, $tgt->siteKey);
+      $passGuard[] = in_array('site_key', $useGuards) && defined('CIVICRM_SITE_KEY') && hash_equals(CIVICRM_SITE_KEY, (string) $tgt->siteKey);
       $passGuard[] = in_array('perm', $useGuards) && isset($perms[$tgt->credType]) && \CRM_Core_Permission::check($perms[$tgt->credType], $tgt->contactId);
       // JWTs are signed by us. We don't need user to prove that they're allowed to use them.
       $passGuard[] = ($tgt->credType === 'jwt');
-- 
2.25.1