Subversion Repositories oidplus

Rev

Rev 42 | Rev 112 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed

  1. <?php
  2.  
  3. /*
  4.  * OIDplus 2.0
  5.  * Copyright 2019 Daniel Marschall, ViaThinkSoft
  6.  *
  7.  * Licensed under the Apache License, Version 2.0 (the "License");
  8.  * you may not use this file except in compliance with the License.
  9.  * You may obtain a copy of the License at
  10.  *
  11.  *     http://www.apache.org/licenses/LICENSE-2.0
  12.  *
  13.  * Unless required by applicable law or agreed to in writing, software
  14.  * distributed under the License is distributed on an "AS IS" BASIS,
  15.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16.  * See the License for the specific language governing permissions and
  17.  * limitations under the License.
  18.  */
  19.  
  20. class OIDplusAuthUtils {
  21.  
  22.         // RA authentication functions
  23.  
  24.         public static function raLogin($email) {
  25.                 if (strpos($email, '|') !== false) return;
  26.  
  27.                 $ses = OIDplus::sesHandler();
  28.                 $list = $ses->getValue('oidplus_logged_in');
  29.                 if (is_null($list)) $list = '';
  30.  
  31.                 $ary = ($list == '') ? array() : explode('|', $list);
  32.                 if (!in_array($email, $ary)) $ary[] = $email;
  33.                 $list = implode('|', $ary);
  34.  
  35.                 $ses->setValue('oidplus_logged_in', $list);
  36.         }
  37.  
  38.         public static function raLogout($email) {
  39.                 $ses = OIDplus::sesHandler();
  40.                 $list = $ses->getValue('oidplus_logged_in');
  41.                 if (is_null($list)) $list = '';
  42.  
  43.                 $ary = ($list == '') ? array() : explode('|', $list);
  44.                 $key = array_search($email, $ary);
  45.                 if ($key !== false) unset($ary[$key]);
  46.                 $list = implode('|', $ary);
  47.  
  48.                 $ses->setValue('oidplus_logged_in', $list);
  49.  
  50.                 if ((count($list) == 0) && (!self::isAdminLoggedIn())) {
  51.                         // Nobody logged in anymore. Destroy session cookie to make GDPR people happy
  52.                         $ses->destroySession();
  53.                 }
  54.         }
  55.  
  56.         public static function raNumLoggedIn() {
  57.                 $ses = OIDplus::sesHandler();
  58.                 $list = $ses->getValue('oidplus_logged_in');
  59.                 if (is_null($list)) return 0;
  60.                 return count($list);
  61.         }
  62.  
  63.         public static function raLogoutAll() {
  64.                 $ses = OIDplus::sesHandler();
  65.                 $ses->setValue('oidplus_logged_in', '');
  66.         }
  67.  
  68.         public static function loggedInRaList() {
  69.                 $ses = OIDplus::sesHandler();
  70.                 $list = $ses->getValue('oidplus_logged_in');
  71.                 if (is_null($list)) $list = '';
  72.                 return ($list == '') ? array() : explode('|', $list);
  73.         }
  74.  
  75.         public static function isRaLoggedIn($email) {
  76.                 return in_array($email, self::loggedInRaList());
  77.         }
  78.  
  79.         // Admin authentication functions
  80.  
  81.         public static function adminLogin() {
  82.                 $ses = OIDplus::sesHandler();
  83.                 $ses->setValue('oidplus_admin_logged_in', '1');
  84.         }
  85.  
  86.         public static function adminLogout() {
  87.                 $ses = OIDplus::sesHandler();
  88.  
  89.                 $ses->setValue('oidplus_admin_logged_in', '0');
  90.  
  91.                 if (self::raNumLoggedIn() == 0) {
  92.                         // Nobody logged in anymore. Destroy session cookie to make GDPR people happy
  93.                         $ses->destroySession();
  94.                 }
  95.         }
  96.  
  97.         public static function adminCheckPassword($password) {
  98.                 $calc_authkey = bin2hex(version_compare(PHP_VERSION, '7.1.0') >= 0 ? hash('sha3-512', $password, true) : bb\Sha3\Sha3::hash($password, 512, true));
  99.                 return $calc_authkey == bin2hex(base64_decode(OIDPLUS_ADMIN_PASSWORD));
  100.         }
  101.  
  102.         public static function isAdminLoggedIn() {
  103.                 $ses = OIDplus::sesHandler();
  104.                 return $ses->getValue('oidplus_admin_logged_in') == '1';
  105.         }
  106.  
  107.         // Action.php auth arguments
  108.  
  109.         public static function makeAuthKey($data) {
  110.                 $calc_authkey = bin2hex(version_compare(PHP_VERSION, '7.1.0') >= 0 ? hash('sha3-512', $data, true) : bb\Sha3\Sha3::hash($data, 512, true));
  111.                 return $calc_authkey;
  112.         }
  113.  
  114.         public static function validateAuthKey($data, $auth_key) {
  115.                 return self::makeAuthKey($data) == $auth_key;
  116.         }
  117.  
  118. }
  119.