WebSVN – oidplus – Diff – /trunk/includes/classes/OIDplusAuthUtils.class.php



        }
 
        /**
         * @param array|string $data The original data that had been passed to makeAuthKey()
         * @param string $auth_key The result from makeAuthKey()
         * @param int $valid_secs How many seconds is the auth key valid? (0 or -1 for infinite)
         * @return bool True if the key is valid and not expired.
         * @throws OIDplusException
         */
        public function validateAuthKey($data, string $auth_key, int $valid_secs=-1): bool {
                $auth_key_ary = explode('.', $auth_key, 2);
                if (count($auth_key_ary) != 2) return false; // invalid auth key syntax
                list($ts, $secret) = $auth_key_ary;
                if (!is_numeric($ts)) return false; // invalid auth key syntax
                if ($valid_secs > 0) {
                        if (time() > ($ts+$valid_secs)) return false; // expired auth key
                }
                if (!is_array($data)) $data = [$data];
                $data_ext = [(int)$ts, $data];
                return hash_equals($this->makeSecret($data_ext), $secret);

Subversion Repositories oidplus

oidplus/trunk/includes/classes/OIDplusAuthUtils.class.php @ 1469 – Rev 1315 → 1339

Rev 1315		Rev 1339
Line 369...		Line 369...
369	}	369	}
370		370
371	/**	371	/**
372	* @param array\|string $data The original data that had been passed to makeAuthKey()	372	* @param array\|string $data The original data that had been passed to makeAuthKey()
373	* @param string $auth_key The result from makeAuthKey()	373	* @param string $auth_key The result from makeAuthKey()
374	* @param int $valid_secs How many seconds is the auth key valid? (-1 for infinite)	374	* @param int $valid_secs How many seconds is the auth key valid? (0 or -1 for infinite)
375	* @return bool True if the key is valid and not expired.	375	* @return bool True if the key is valid and not expired.
376	* @throws OIDplusException	376	* @throws OIDplusException
377	*/	377	*/
378	public function validateAuthKey($data, string $auth_key, int $valid_secs=-1): bool {	378	public function validateAuthKey($data, string $auth_key, int $valid_secs=-1): bool {
379	$auth_key_ary = explode('.', $auth_key, 2);	379	$auth_key_ary = explode('.', $auth_key, 2);
380	if (count($auth_key_ary) != 2) return false; // invalid auth key syntax	380	if (count($auth_key_ary) != 2) return false; // invalid auth key syntax
381	list($ts, $secret) = $auth_key_ary;	381	list($ts, $secret) = $auth_key_ary;
382	if (!is_numeric($ts)) return false; // invalid auth key syntax	382	if (!is_numeric($ts)) return false; // invalid auth key syntax
383	if ($valid_secs >= 0) {	383	if ($valid_secs > 0) {
384	if (time() > ($ts+$valid_secs)) return false; // expired auth key	384	if (time() > ($ts+$valid_secs)) return false; // expired auth key
385	}	385	}
386	if (!is_array($data)) $data = [$data];	386	if (!is_array($data)) $data = [$data];
387	$data_ext = [(int)$ts, $data];	387	$data_ext = [(int)$ts, $data];
388	return hash_equals($this->makeSecret($data_ext), $secret);	388	return hash_equals($this->makeSecret($data_ext), $secret);