ILIAS  Release_5_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
Nonce.php File Reference

Go to the source code of this file.

Namespaces

namespace  OpenID
 This module contains code for dealing with associations between consumers and servers.

Functions

 Auth_OpenID_splitNonce ($nonce_string)
 Auth_OpenID_checkTimestamp ($nonce_string, $allowed_skew=null, $now=null)
 Auth_OpenID_mkNonce ($when=null)

Variables

const Auth_OpenID_Nonce_CHRS = "abcdefghijklmnopqrstuvwxyz" . "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
 Need CryptUtil to generate random strings.
global $Auth_OpenID_SKEW = 60 * 60 * 5
const Auth_OpenID_Nonce_REGEX = '/(\d{4})-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)Z(.*)/'
const Auth_OpenID_Nonce_TIME_FMT = '%Y-%m-%dT%H:%M:%SZ'

Function Documentation

Auth_OpenID_checkTimestamp (   $nonce_string,
  $allowed_skew = null,
  $now = null 
)

Definition at line 57 of file Nonce.php.

Referenced by Auth_OpenID_FileStore\clean().

{
// Is the timestamp that is part of the specified nonce string
// within the allowed clock-skew of the current time?
if ($allowed_skew === null) {
$allowed_skew = $Auth_OpenID_SKEW;
}
$parts = Auth_OpenID_splitNonce($nonce_string);
if ($parts == null) {
return false;
}
if ($now === null) {
$now = time();
}
$stamp = $parts[0];
// Time after which we should not use the nonce
$past = $now - $allowed_skew;
// Time that is too far in the future for us to allow
$future = $now + $allowed_skew;
// the stamp is not too far in the future and is not too far
// in the past

+ Here is the caller graph for this function:

Auth_OpenID_mkNonce (   $when = null)

Definition at line 91 of file Nonce.php.

Referenced by Auth_OpenID_CheckIDRequest\answer(), and Auth_OpenID_GenericConsumer\begin().

{
// Generate a nonce with the current timestamp
if ($when === null) {
// It's safe to call time() with no arguments; it returns a
// GMT unix timestamp on PHP 4 and PHP 5. gmmktime() with no
// args returns a local unix timestamp on PHP 4, so don't use
// that.
$when = time();
}
$time_str = gmstrftime(Auth_OpenID_Nonce_TIME_FMT, $when);

+ Here is the caller graph for this function:

Auth_OpenID_splitNonce (   $nonce_string)

Definition at line 30 of file Nonce.php.

Referenced by Auth_OpenID_GenericConsumer\_idResCheckNonce().

:%M:%SZ');
function Auth_OpenID_splitNonce($nonce_string)
{
// Extract a timestamp from the given nonce string
$result = preg_match(Auth_OpenID_Nonce_REGEX, $nonce_string, $matches);
if ($result != 1 || count($matches) != 8) {
return null;
}
list($unused,
$tm_year,
$tm_mon,
$tm_mday,
$tm_hour,
$tm_min,
$tm_sec,
$uniquifier) = $matches;
$timestamp =
@gmmktime($tm_hour, $tm_min, $tm_sec, $tm_mon, $tm_mday, $tm_year);
if ($timestamp === false || $timestamp < 0) {
return null;
}

+ Here is the caller graph for this function:

Variable Documentation

const Auth_OpenID_Nonce_CHRS = "abcdefghijklmnopqrstuvwxyz" . "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"

Need CryptUtil to generate random strings.

This is the characters that the nonces are made from.

Definition at line 17 of file Nonce.php.

const Auth_OpenID_Nonce_REGEX = '/(\d{4})-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)Z(.*)/'

Definition at line 26 of file Nonce.php.

const Auth_OpenID_Nonce_TIME_FMT = '%Y-%m-%dT%H:%M:%SZ'

Definition at line 28 of file Nonce.php.