ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilWACSignedPath.php
Go to the documentation of this file.
1<?php
2require_once('./Services/WebAccessChecker/class.ilWACException.php');
3require_once('class.ilWACToken.php');
4require_once('./Services/WebAccessChecker/classes/class.ilWebAccessChecker.php');
5require_once('./Services/WebAccessChecker/classes/class.ilWACCookie.php');
6
14
15 const TYPE_FILE = 1;
16 const TYPE_FOLDER = 2;
17 const WAC_TOKEN_ID = 'il_wac_token';
18 const WAC_TIMESTAMP_ID = 'il_wac_ts';
19 const WAC_TTL_ID = 'il_wac_ttl';
20 const TS_SUFFIX = 'ts';
21 const TTL_SUFFIX = 'ttl';
22 const MAX_LIFETIME = 600;
26 protected $path_object = null;
30 protected $token_instance = null;
38 protected static $token_max_lifetime_in_seconds = 3;
42 protected static $cookie_max_lifetime_in_seconds = 300;
46 protected $cookie = null;
50 protected $checked = false;
51
52
59 public function __construct(ilWACPath $ilWACPath, ilWACCookieInterface $ilWACCookieInterface = null) {
60 $this->cookie = ($ilWACCookieInterface ? $ilWACCookieInterface : new ilWACCookie());
61 $this->setPathObject($ilWACPath);
62 }
63
64
69 public function getSignedPath() {
70 if ($this->getType() !== self::TYPE_FILE) {
72 }
73 if (!$this->getPathObject()->getOriginalRequest()) {
74 return '';
75 }
76 if (!$this->getPathObject()->fileExists()) {
77 // return $this->getPathObject()->getOriginalRequest();
78 }
79
80 if (strpos($this->getPathObject()->getPath(), '?')) {
81 $path = $this->getPathObject()->getPath() . '&' . self::WAC_TOKEN_ID . '=' . $this->getTokenInstance()->getToken();
82 } else {
83 $path = $this->getPathObject()->getPath() . '?' . self::WAC_TOKEN_ID . '=' . $this->getTokenInstance()->getToken();
84 }
85
86 $path = $path . '&' . self::WAC_TTL_ID . '=' . $this->getTokenInstance()->getTTL();
87 $path = $path . '&' . self::WAC_TIMESTAMP_ID . '=' . $this->getTokenInstance()->getTimestamp();
88
89 return $path;
90 }
91
92
96 public function isFolderSigned() {
97 $this->setType(self::TYPE_FOLDER);
98 $plain_token = $this->buildTokenInstance();
99 $name = $plain_token->getId();
100 $this->getPathObject()->setToken($this->cookie->get($name));
101 $this->getPathObject()->setTimestamp($this->cookie->get($name . self::TS_SUFFIX));
102 $this->getPathObject()->setTTL($this->cookie->get($name . self::TTL_SUFFIX));
104
105 return $this->getPathObject()->hasToken();
106 }
107
108
113 public function isFolderTokenValid() {
114 if (!$this->isFolderSigned()) {
115 return false;
116 }
117
118 return $this->checkToken();
119 }
120
121
122 protected function saveFolderToken() {
123 $cookie_lifetime = self::getCookieMaxLifetimeInSeconds();
124 $str = 'save folder token for folder: ' . $this->getPathObject()->getDirName() . ', valid for ' . $cookie_lifetime . 's';
125 ilWACLog::getInstance()->write($str);
126 ilWACLog::getInstance()->write('token: ' . $this->getTokenInstance()->getToken());
127 $id = $this->getTokenInstance()->getId();
128 $expire = time() + $cookie_lifetime;
129 $this->cookie->set($id, $this->getTokenInstance()->getToken(), time() + 24 * 3600, '/', null, false, false);
130 $this->cookie->set($id . self::TS_SUFFIX, time(), $expire, '/', '', false, false);
131 $this->cookie->set($id . self::TTL_SUFFIX, self::getCookieMaxLifetimeInSeconds(), $expire, '/', '', false, false);
132 }
133
134
138 public function revalidatingFolderToken() {
139 if ($this->getType() !== self::TYPE_FOLDER) {
140 return false;
141 }
142 $this->buildAndSetTokenInstance(time(), self::getCookieMaxLifetimeInSeconds());
143 ilWACLog::getInstance()->write('revalidating folder token');
144 $this->saveFolderToken();
145
146 return true;
147 }
148
149
153 public function isSignedPath() {
154 return ($this->getPathObject()->hasToken() && $this->getPathObject()->hasTimestamp() && $this->getPathObject()->hasTTL());
155 }
156
157
162 public function isSignedPathValid() {
163 $this->buildAndSetTokenInstance($this->getPathObject()->getTimestamp(), $this->getPathObject()->getTTL());
164
165 return $this->checkToken();
166 }
167
168
175 public static function signFile($path_to_file) {
176 if (!$path_to_file) {
177 return '';
178 }
179 $ilWACPath = new ilWACPath($path_to_file);
180 if (!$ilWACPath->getClient()) {
181 return $path_to_file;
182 }
183 $obj = new self($ilWACPath);
184 $obj->setType(self::TYPE_FILE);
185 $obj->buildAndSetTokenInstance(time(), self::getTokenMaxLifetimeInSeconds());
186
187 return $obj->getSignedPath();
188 }
189
190
195 public static function signFolderOfStartFile($start_file_path, ilWACCookieInterface $ilWACCookieInterface = null) {
196 $obj = new self(new ilWACPath($start_file_path), $ilWACCookieInterface);
197 $obj->setType(self::TYPE_FOLDER);
198 $obj->buildAndSetTokenInstance(time(), self::getCookieMaxLifetimeInSeconds());
199 $obj->saveFolderToken();
200 }
201
202
206 public function getTokenInstance() {
208 }
209
210
215 $this->token_instance = $token_instance;
216 }
217
218
222 public function getType() {
223 return $this->type;
224 }
225
226
230 public function setType($type) {
231 $this->type = $type;
232 }
233
234
238 public function getPathObject() {
239 return $this->path_object;
240 }
241
242
246 public function setPathObject($path_object) {
247 $this->path_object = $path_object;
248 }
249
250
255 protected function checkToken() {
256 $requestTokenInstance = $this->getTokenInstance();
257
258 $request_token = $this->getPathObject()->getToken();
259 $request_ttl = $this->getPathObject()->getTTL();
260 $request_timestamp = $this->getPathObject()->getTimestamp();
261 $current_timestamp = time();
262
263 ilWACLog::getInstance()->write('Checking Token: ' . $request_token . ', ts: ' . $request_timestamp . "\n\n\n\n\n\n");
264
265 $timestamp_valid = ($current_timestamp < ($request_timestamp + $request_ttl));
266
267 if (!$timestamp_valid) {
268 ilWACLog::getInstance()->write('cookie no longer valid: TS, ' . $this->getPathObject()->getPath());
269 $this->setChecked(true);
270
271 return false;
272 }
273
274 $simulatedTokenInstance = $this->buildTokenInstance($request_timestamp, $request_ttl);
275 $token_valid = ($simulatedTokenInstance->getToken() == $request_token);
276
277 if (!$token_valid) {
278 ilWACLog::getInstance()->write('cookie no longer valid: ID');
279 $this->setChecked(true);
280
281 return false;
282 }
283
284 ilWACLog::getInstance()->write('Token valid: ' . $requestTokenInstance->getToken());
285
286 return true;
287 }
288
289
295 protected function buildTokenInstance($timestamp = null, $ttl = null) {
296 if (!$this->getType()) {
298 }
299
300 switch ($this->getType()) {
302 $path = dirname($this->getPathObject()->getPathWithoutQuery());
303 break;
304 case self::TYPE_FILE:
305 $path = $this->getPathObject()->getPathWithoutQuery();
306 break;
307 default:
308 $path = $this->getPathObject()->getPathWithoutQuery();
309 break;
310 }
311
312 $client = $this->getPathObject()->getClient();
313 $timestamp = $timestamp ? $timestamp : $this->getPathObject()->getTimestamp();
314 $ttl = $ttl ? $ttl : $this->getPathObject()->getTTL();
315
316 return new ilWACToken($path, $client, $timestamp, $ttl);
317 }
318
319
325 public function buildAndSetTokenInstance($timestamp = null, $ttl = null) {
326 $this->setTokenInstance($this->buildTokenInstance($timestamp, $ttl));
327 }
328
329
333 public static function getTokenMaxLifetimeInSeconds() {
335 }
336
337
343 if ($token_max_lifetime_in_seconds > self::MAX_LIFETIME) {
345 }
346 self::$token_max_lifetime_in_seconds = $token_max_lifetime_in_seconds;
347 }
348
349
353 public static function getCookieMaxLifetimeInSeconds() {
355 }
356
357
363 if ($cookie_max_lifetime_in_seconds > self::MAX_LIFETIME) {
365 }
366 self::$cookie_max_lifetime_in_seconds = $cookie_max_lifetime_in_seconds;
367 }
368
369
373 protected function getRelevantLifeTime() {
374 $request_ttl = $this->getPathObject()->getTTL();
375 if ($request_ttl > 0) {
376 return $request_ttl;
377 }
378 switch ($this->getType()) {
381 break;
382 case self::TYPE_FILE:
384 break;
385 default:
386 $life_time = false;
387 break;
388 }
389
390 return $life_time;
391 }
392
393
397 public function isChecked() {
398 return $this->checked;
399 }
400
401
405 public function setChecked($checked) {
406 $this->checked = $checked;
407 }
408}
foreach($mandatory_scripts as $file) $timestamp
Definition: buildRTE.php:81
Class ilWACCookie.
Class ilWACException.
static getInstance()
Class ilWACPath.
Class ilWACSignedPath.
static signFile($path_to_file)
setTokenInstance(ilWACToken $token_instance)
static signFolderOfStartFile($start_file_path, ilWACCookieInterface $ilWACCookieInterface=null)
setPathObject($path_object)
static getCookieMaxLifetimeInSeconds()
static setCookieMaxLifetimeInSeconds($cookie_max_lifetime_in_seconds)
buildAndSetTokenInstance($timestamp=null, $ttl=null)
static setTokenMaxLifetimeInSeconds($token_max_lifetime_in_seconds)
__construct(ilWACPath $ilWACPath, ilWACCookieInterface $ilWACCookieInterface=null)
ilWACSignedPath constructor.
buildTokenInstance($timestamp=null, $ttl=null)
static $cookie_max_lifetime_in_seconds
static getTokenMaxLifetimeInSeconds()
Class ilWACToken.
Class ilWACCookieInterface.
$path
Definition: index.php:22