adding getTokenFromString, generatePostVars & format/unformat date

This commit is contained in:
a-sansara 2017-03-20 14:34:18 +01:00
parent dd82904f36
commit 6af3e337c4

View File

@ -49,7 +49,7 @@ class Authenticator
* *
* @method isValid * @method isValid
* @public * @public
* @param Pluie\Auth\Token $token * @param MetaTech\PwsAtuh\Token $token
* @return bool * @return bool
*/ */
public function isValid(Token $token = null) public function isValid(Token $token = null)
@ -106,12 +106,34 @@ class Authenticator
); );
} }
/*!
* @method formatDate
* @private
* @param str $date sqldatetime
* @return str
*/
private function formatDate($date)
{
return Tool::formatDate($date, Tool::TIMESTAMP_SQLDATETIME, self::DATE_FORMAT);
}
/*!
* @method formatDate
* @private
* @param str $formated DATE_FORMAT
* @return str
*/
private function unformatDate($formated)
{
return Tool::formatDate($formated, self::DATE_FORMAT, Tool::TIMESTAMP_SQLDATETIME);
}
/*! /*!
* check valid noise obfuscation * check valid noise obfuscation
* *
* @method checkObfuscatePart * @method checkObfuscatePart
* @public * @public
* @param Pluie\Auth\Token $token * @param MetaTech\PwsAtuh\Token $token
* @return bool * @return bool
*/ */
public function checkObfuscatePart(Token $token) public function checkObfuscatePart(Token $token)
@ -136,7 +158,7 @@ class Authenticator
/*! /*!
* @method getSessionId * @method getSessionId
* @orivate * @orivate
* @param Pluie\Auth\Token $token * @param MetaTech\PwsAtuh\Token $token
* @return str * @return str
*/ */
public function getSessionId(Token $token) public function getSessionId(Token $token)
@ -149,7 +171,7 @@ class Authenticator
* *
* @mehtod check * @mehtod check
* @public * @public
* @param Pluie\Auth\Token $token * @param MetaTech\PwsAtuh\Token $token
* @param str $login * @param str $login
* @return bool * @return bool
*/ */
@ -175,14 +197,14 @@ class Authenticator
* @param str $login * @param str $login
* @param str $key * @param str $key
* @param str $sessid|null * @param str $sessid|null
* @return Pluie\Auth\Token * @return MetaTech\PwsAuth\Token
*/ */
public function generateToken($login, $key, $sessid=null) public function generateToken($login, $key, $sessid=null)
{ {
$date = Tool::now(); $date = Tool::now();
$sessid = is_null($sessid) ? $this->sign($date, $login, $key) : $sessid; $sessid = is_null($sessid) ? $this->sign($date, $login, $key) : $sessid;
$dt = Tool::formatDate($date, Tool::TIMESTAMP_SQLDATETIME, self::DATE_FORMAT); $dt = $this->formatDate($date);
$tokenValue = $dt . $this->obfuscate($sessid, $date) . $sessid; $tokenValue = $this->obfuscate($sessid, $date) . $sessid;
$noise = $this->generateNoise($tokenValue); $noise = $this->generateNoise($tokenValue);
return new Token($this->config['type'], $key, $date, $tokenValue, $noise); return new Token($this->config['type'], $key, $date, $tokenValue, $noise);
} }
@ -198,20 +220,57 @@ class Authenticator
public function generateHeader($login, $key, $sessid=null) public function generateHeader($login, $key, $sessid=null)
{ {
$token = $this->generateToken($login, $key, $sessid); $token = $this->generateToken($login, $key, $sessid);
$ndate = $this->formatDate($token->getDate());
return array( return array(
$this->config['header']['auth'] .': ' . $token->getType() . ' ' . $token->getValue() . $token->getNoise(), $this->config['header']['auth'] .': ' . $token->getType() . ' ' . $ndate . $token->getValue() . $token->getNoise(),
$this->config['header']['ident'].': ' . $token->getIdent() $this->config['header']['ident'].': ' . $token->getIdent()
); );
} }
/*!
* @method generatePostVars
* @public
* @param str $login
* @param str $key
* @param str $tokenName
* @param str $keyName
* @return []
*/
public function generatePostVars($login, $key, $tokenName='apitkn', $keyName='apikey')
{
$token = $this->generateToken($login, $key, null);
$ndate = $this->formatDate($token->getDate());
return array(
$tokenName => $ndate . $token->getValue() . $token->getNoise(),
$keyName => $key
);
}
/*!
* get token from specified $noisedToken for specified key.
*
* @method getTokenFromString
* @public
* @param str $noisedToken
* @param str $key
* @return MetaTech\PwsAuth\Token
*/
public function getTokenFromString($noisedToken, $key)
{
$date = substr($noisedToken, 0, self::DATE_LENGTH);
$tokenValue = substr($noisedToken, self::DATE_LENGTH, -$this->config['hash']['noise.length']);
$noise = substr($noisedToken, -$this->config['hash']['noise.length']);
return new Token($this->config['type'], $key, $this->unformatDate($date), $tokenValue, $noise);
}
/*! /*!
* get token from specified $header or request headers. * get token from specified $header or request headers.
* *
* @method getToken * @method getToken
* @public * @public
* @param [assoc] $headers * @param [assoc] $headers
* @throw Pluie\Auth\AuthenticateException * @throw MetaTech\PwsAuth\AuthenticateException
* @return Pluie\Auth\Token * @return MetaTech\PwsAuth\Token
*/ */
public function getToken($headers = null) public function getToken($headers = null)
{ {
@ -223,11 +282,11 @@ class Authenticator
if (isset($headers[$this->config['header']['auth']]) && isset($headers[$this->config['header']['ident']])) { if (isset($headers[$this->config['header']['auth']]) && isset($headers[$this->config['header']['ident']])) {
$tokenValue = $headers[$this->config['header']['auth']]; $tokenValue = $headers[$this->config['header']['auth']];
$ident = $headers[$this->config['header']['ident']]; $ident = $headers[$this->config['header']['ident']];
if (preg_match('/(?P<type>[a-z\d]+) (?P<date>\d{'.self::DATE_LENGTH.'})(?P<id>[a-z\d]+)/i', $tokenValue, $rs)) { if (preg_match('/(?P<type>[a-z\d]+) (?P<noised>.*)/i', $tokenValue, $rs)) {
$date = Tool::formatDate($rs['date'], self::DATE_FORMAT, Tool::TIMESTAMP_SQLDATETIME); $token = $this->getTokenFromString($rs['noised'], $ident);
$tokenValue = substr($rs['id'], 0, -$this->config['hash']['noise.length']); if ($token->getType() != $rs['type']) {
$noise = substr($rs['id'], -$this->config['hash']['noise.length']); throw new \Exception('wrong type');
$token = new Token($rs['type'], $ident, $date, $tokenValue, $noise); }
} }
} }
else { else {