oidplusalarmingautosfxaysaliacalllibchecksum-toolscolormanagercryptochatcurrency_converterdecoderdelphiutilsdistributeddpcstudiodpg2fastphpfileformatsfilter_foundryforestgridgameht46f47_simulatorindexer_suiteipe_artfile_utilsjavautilsjumperlightgamelogviewermusikboxmystic_houseoidconverteroidinfo_apioidinfo_new_designpersonal-webbasephp_antispamphp_clientchallengephp_guestbookphp_utilsplumbersprependrecyclebinunitsimple_log_eventsokobanspacemissionstackmanuserdetect2uuid_mac_utilsvgwhoisvnagwebcounterwinbugtrackeryt_downloader

BlueGreycalmElegant

Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → /trunk/includes/classes/OIDplusAuthUtils.class.php @ 1282

  → /trunk/includes/classes/OIDplusAuthUtils.class.php @ 1283

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

Regard whitespace Rev 1282 → Rev 1283

/trunk/includes/classes/OIDplusAuthUtils.class.php
383,32 → 383,48
// Authentication keys for generating secrets or validating arguments (e.g. sent by mail)
/**
* @param string $data
* @param array|string $data
* @return string
* @throws OIDplusException
*/
public function makeSecret(string $data): string {
public function makeSecret($data): string {
if (!is_array($data)) $data = [$data];
$data = json_encode($data);
return sha3_512_hmac($data, 'OIDplus:'.OIDplus::baseConfig()->getValue('SERVER_SECRET'), false);
}
/**
* @param string $data
* @return string
* @param array|string $data Arbitary data to be validated later
* @return string A string that need to be validated with validateAuthKey
* @throws OIDplusException
*/
public function makeAuthKey(string $data): string {
return $this->makeSecret($data);
public function makeAuthKey($data): string {
if (!is_array($data)) $data = [$data];
$ts = time();
$data_ext = [$ts, $data];
$secret = $this->makeSecret($data_ext);
return $ts.'.'.$secret;
}
/**
* @param string $data
* @param string $auth_key
* @return bool
* @param array|string $data The original data that had been passed to makeAuthKey()
* @param string $auth_key The result from makeAuthKey()
* @param int $valid_secs How many seconds is the auth key valid? (-1 for infinite)
* @return bool True if the key is valid and not expired.
* @throws OIDplusException
*/
public function validateAuthKey(string $data, string $auth_key): bool {
return hash_equals($this->makeAuthKey($data), $auth_key);
public function validateAuthKey($data, string $auth_key, int $valid_secs=-1): bool {
$auth_key_ary = explode('.', $auth_key, 2);
if (count($auth_key_ary) != 2) return false; // invalid auth key syntax
list($ts, $secret) = $auth_key_ary;
if (!is_numeric($ts)) return false; // invalid auth key syntax
if ($valid_secs >= 0) {
if (time() > ($ts+$valid_secs)) return false; // expired auth key
}
if (!is_array($data)) $data = [$data];
$data_ext = [(int)$ts, $data];
return hash_equals($this->makeSecret($data_ext), $secret);
}
// "Veto" functions to force logout state