Nonce.php File Reference
Go to the source code of this file.
Namespaces | |
| namespace | OpenID |
| This is the PHP OpenID library by JanRain, Inc. | |
Functions | |
| Auth_OpenID_splitNonce ($nonce_string) | |
| Auth_OpenID_checkTimestamp ($nonce_string, $allowed_skew=null, $now=null) | |
| Auth_OpenID_mkNonce ($when=null) | |
Variables | |
| const | Auth_OpenID_Nonce_CHRS "abcdefghijklmnopqrstuvwxyz" . "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" |
| Need CryptUtil to generate random strings. More... | |
| global | $Auth_OpenID_SKEW = 60 * 60 * 5 |
| const | Auth_OpenID_Nonce_REGEX '/(\d{4})-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)Z(.*)/' |
| const | Auth_OpenID_Nonce_TIME_FMT '%Y-%m-%dT%H:%M:%SZ' |
Function Documentation
◆ Auth_OpenID_checkTimestamp()
| Auth_OpenID_checkTimestamp | ( | $nonce_string, | |
$allowed_skew = null, |
|||
$now = null |
|||
| ) |
Definition at line 57 of file Nonce.php.
62{
63 // Is the timestamp that is part of the specified nonce string
64 // within the allowed clock-skew of the current time?
65 global $Auth_OpenID_SKEW;
66
67 if ($allowed_skew === null) {
68 $allowed_skew = $Auth_OpenID_SKEW;
69 }
70
71 $parts = Auth_OpenID_splitNonce($nonce_string);
72 if ($parts == null) {
73 return false;
74 }
75
76 if ($now === null) {
77 $now = time();
78 }
79
80 $stamp = $parts[0];
81
82 // Time after which we should not use the nonce
83 $past = $now - $allowed_skew;
84
85 // Time that is too far in the future for us to allow
86 $future = $now + $allowed_skew;
87
88 // the stamp is not too far in the future and is not too far
89 // in the past
Referenced by Auth_OpenID_FileStore\clean().
Here is the caller graph for this function:
◆ Auth_OpenID_mkNonce()
| Auth_OpenID_mkNonce | ( | $when = null | ) |
Definition at line 91 of file Nonce.php.
94{
95 // Generate a nonce with the current timestamp
96 $salt = Auth_OpenID_CryptUtil::randomString(
97 6, Auth_OpenID_Nonce_CHRS);
98 if ($when === null) {
99 // It's safe to call time() with no arguments; it returns a
100 // GMT unix timestamp on PHP 4 and PHP 5. gmmktime() with no
101 // args returns a local unix timestamp on PHP 4, so don't use
102 // that.
103 $when = time();
104 }
105 $time_str = gmstrftime(Auth_OpenID_Nonce_TIME_FMT, $when);
static randomString($length, $population=null)
Produce a string of length random bytes, chosen from chrs.
Definition: CryptUtil.php:80
Referenced by Auth_OpenID_CheckIDRequest\answer(), and Auth_OpenID_GenericConsumer\begin().
Here is the caller graph for this function:
◆ Auth_OpenID_splitNonce()
| Auth_OpenID_splitNonce | ( | $nonce_string | ) |
Definition at line 30 of file Nonce.php.
30 :%M:%SZ');
31
32function Auth_OpenID_splitNonce($nonce_string)
33{
34 // Extract a timestamp from the given nonce string
35 $result = preg_match(Auth_OpenID_Nonce_REGEX, $nonce_string, $matches);
36 if ($result != 1 || count($matches) != 8) {
37 return null;
38 }
39
40 list($unused,
41 $tm_year,
42 $tm_mon,
43 $tm_mday,
44 $tm_hour,
45 $tm_min,
46 $tm_sec,
47 $uniquifier) = $matches;
48
49 $timestamp =
50 @gmmktime($tm_hour, $tm_min, $tm_sec, $tm_mon, $tm_mday, $tm_year);
51
52 if ($timestamp === false || $timestamp < 0) {
53 return null;
54 }
55
Referenced by Auth_OpenID_GenericConsumer\_idResCheckNonce().
Here is the caller graph for this function:
Variable Documentation
◆ $Auth_OpenID_SKEW
| $Auth_OpenID_SKEW = 60 * 60 * 5 |
Definition at line 23 of file Nonce.php.
Referenced by Auth_OpenID_FileStore\cleanupNonces(), Auth_OpenID_MDB2Store\cleanupNonces(), Auth_OpenID_SQLStore\cleanupNonces(), Auth_OpenID_FileStore\useNonce(), Auth_OpenID_MDB2Store\useNonce(), Auth_OpenID_MemcachedStore\useNonce(), and Auth_OpenID_SQLStore\useNonce().
◆ Auth_OpenID_Nonce_CHRS
| const Auth_OpenID_Nonce_CHRS "abcdefghijklmnopqrstuvwxyz" . "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" |
◆ Auth_OpenID_Nonce_REGEX
| const Auth_OpenID_Nonce_REGEX '/(\d{4})-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)Z(.*)/' |
