ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilWACSignedPath.php
Go to the documentation of this file.
1<?php
2require_once('./Services/WebAccessChecker/class.ilWACException.php');
3require_once('class.ilWACToken.php');
4require_once('./Services/WebAccessChecker/classes/class.ilWebAccessChecker.php');
5require_once('./Services/WebAccessChecker/classes/class.ilWACCookie.php');
6
13class ilWACSignedPath {
14
15 const TYPE_FILE = 1;
16 const TYPE_FOLDER = 2;
17 const WAC_TOKEN_ID = 'il_wac_token';
18 const WAC_TIMESTAMP_ID = 'il_wac_ts';
19 const WAC_TTL_ID = 'il_wac_ttl';
20 const TS_SUFFIX = 'ts';
21 const TTL_SUFFIX = 'ttl';
22 const MAX_LIFETIME = 600;
26 protected $path_object = null;
30 protected $token_instance = null;
34 protected $type = self::TYPE_FILE;
38 protected static $token_max_lifetime_in_seconds = 3;
42 protected static $cookie_max_lifetime_in_seconds = 300;
46 protected $cookie = null;
50 protected $checked = false;
51
52
59 public function __construct(ilWACPath $ilWACPath, ilWACCookieInterface $ilWACCookieInterface = null) {
60 $this->cookie = ($ilWACCookieInterface ? $ilWACCookieInterface : new ilWACCookie());
61 $this->setPathObject($ilWACPath);
62 }
63
64
69 public function getSignedPath() {
70 if ($this->getType() !== self::TYPE_FILE) {
71 throw new ilWACException(ilWACException::WRONG_PATH_TYPE);
72 }
73 if (!$this->getPathObject()->getOriginalRequest()) {
74 return '';
75 }
76 if (!$this->getPathObject()->fileExists()) {
77 // return $this->getPathObject()->getOriginalRequest();
78 }
79
80 if (strpos($this->getPathObject()->getPath(), '?')) {
81 $path = $this->getPathObject()->getPath() . '&' . self::WAC_TOKEN_ID . '=' . $this->getTokenInstance()->getToken();
82 } else {
83 $path = $this->getPathObject()->getPath() . '?' . self::WAC_TOKEN_ID . '=' . $this->getTokenInstance()->getToken();
84 }
85
86 $path = $path . '&' . self::WAC_TTL_ID . '=' . $this->getTokenInstance()->getTTL();
87 $path = $path . '&' . self::WAC_TIMESTAMP_ID . '=' . $this->getTokenInstance()->getTimestamp();
88
89 return $path;
90 }
91
92
96 public function isFolderSigned() {
97 $this->setType(self::TYPE_FOLDER);
98 $plain_token = $this->buildTokenInstance();
99 $name = $plain_token->getId();
100 $this->getPathObject()->setToken($this->cookie->get($name));
101 $this->getPathObject()->setTimestamp($this->cookie->get($name . self::TS_SUFFIX));
102 $this->getPathObject()->setTTL($this->cookie->get($name . self::TTL_SUFFIX));
103 $this->buildAndSetTokenInstance();
104
105 return $this->getPathObject()->hasToken();
106 }
107
108
113 public function isFolderTokenValid() {
114 if (!$this->isFolderSigned()) {
115 return false;
116 }
117
118 return $this->checkToken();
119 }
120
121
122 protected function saveFolderToken() {
123 $cookie_lifetime = self::getCookieMaxLifetimeInSeconds();
124 $str = 'save folder token for folder: ' . $this->getPathObject()->getDirName() . ', valid for ' . $cookie_lifetime . 's';
125 ilWACLog::getInstance()->write($str);
126 ilWACLog::getInstance()->write('token: ' . $this->getTokenInstance()->getToken());
127 $id = $this->getTokenInstance()->getId();
128 $expire = time() + $cookie_lifetime;
129 $this->cookie->set($id, $this->getTokenInstance()->getToken(), time() + 24 * 3600, '/', null, false, false);
130 $this->cookie->set($id . self::TS_SUFFIX, time(), $expire, '/', '', false, false);
131 $this->cookie->set($id . self::TTL_SUFFIX, self::getCookieMaxLifetimeInSeconds(), $expire, '/', '', false, false);
132 }
133
134
138 public function revalidatingFolderToken() {
139 if ($this->getType() !== self::TYPE_FOLDER) {
140 return false;
141 }
142 $this->buildAndSetTokenInstance(time(), self::getCookieMaxLifetimeInSeconds());
143 ilWACLog::getInstance()->write('revalidating folder token');
144 $this->saveFolderToken();
145
146 return true;
147 }
148
149
153 public function isSignedPath() {
154 return ($this->getPathObject()->hasToken() && $this->getPathObject()->hasTimestamp() && $this->getPathObject()->hasTTL());
155 }
156
157
162 public function isSignedPathValid() {
163 $this->buildAndSetTokenInstance($this->getPathObject()->getTimestamp(), $this->getPathObject()->getTTL());
164
165 return $this->checkToken();
166 }
167
168
175 public static function signFile($path_to_file) {
176 if (!$path_to_file) {
177 return '';
178 }
179 $ilWACPath = new ilWACPath($path_to_file);
180 if (!$ilWACPath->getClient()) {
181 return $path_to_file;
182 }
183 $obj = new self($ilWACPath);
184 $obj->setType(self::TYPE_FILE);
185 $obj->buildAndSetTokenInstance(time(), self::getTokenMaxLifetimeInSeconds());
186
187 return $obj->getSignedPath();
188 }
189
190
195 public static function signFolderOfStartFile($start_file_path, ilWACCookieInterface $ilWACCookieInterface = null) {
196 $obj = new self(new ilWACPath($start_file_path), $ilWACCookieInterface);
197 $obj->setType(self::TYPE_FOLDER);
198 $obj->buildAndSetTokenInstance(time(), self::getCookieMaxLifetimeInSeconds());
199 $obj->saveFolderToken();
200 }
201
202
206 public function getTokenInstance() {
207 return $this->token_instance;
208 }
209
210
214 public function setTokenInstance(ilWACToken $token_instance) {
215 $this->token_instance = $token_instance;
216 }
217
218
222 public function getType() {
223 return $this->type;
224 }
225
226
230 public function setType($type) {
231 $this->type = $type;
232 }
233
234
238 public function getPathObject() {
239 return $this->path_object;
240 }
241
242
246 public function setPathObject($path_object) {
247 $this->path_object = $path_object;
248 }
249
250
255 protected function checkToken() {
256 $requestTokenInstance = $this->getTokenInstance();
257
258 $request_token = $this->getPathObject()->getToken();
259 $request_ttl = $this->getPathObject()->getTTL();
260 $request_timestamp = $this->getPathObject()->getTimestamp();
261 $current_timestamp = time();
262
263 ilWACLog::getInstance()->write('Checking Token: ' . $request_token . ', ts: ' . $request_timestamp . "\n\n\n\n\n\n");
264
265 $timestamp_valid = ($current_timestamp < ($request_timestamp + $request_ttl));
266
267 if (!$timestamp_valid) {
268 ilWACLog::getInstance()->write('cookie no longer valid: TS, ' . $this->getPathObject()->getPath());
269 $this->setChecked(true);
270
271 return false;
272 }
273
274 $simulatedTokenInstance = $this->buildTokenInstance($request_timestamp, $request_ttl);
275 $token_valid = ($simulatedTokenInstance->getToken() == $request_token);
276
277 if (!$token_valid) {
278 ilWACLog::getInstance()->write('cookie no longer valid: ID');
279 $this->setChecked(true);
280
281 return false;
282 }
283
284 ilWACLog::getInstance()->write('Token valid: ' . $requestTokenInstance->getToken());
285
286 return true;
287 }
288
289
295 protected function buildTokenInstance($timestamp = null, $ttl = null) {
296 if (!$this->getType()) {
297 throw new ilWACException(ilWACException::CODE_NO_TYPE);
298 }
299
300 switch ($this->getType()) {
301 case self::TYPE_FOLDER:
302 $path = dirname($this->getPathObject()->getPathWithoutQuery());
303 break;
304 case self::TYPE_FILE:
305 $path = $this->getPathObject()->getPathWithoutQuery();
306 break;
307 default:
308 $path = $this->getPathObject()->getPathWithoutQuery();
309 break;
310 }
311
312 $client = $this->getPathObject()->getClient();
313 $timestamp = $timestamp ? $timestamp : $this->getPathObject()->getTimestamp();
314 $ttl = $ttl ? $ttl : $this->getPathObject()->getTTL();
315
316 return new ilWACToken($path, $client, $timestamp, $ttl);
317 }
318
319
325 public function buildAndSetTokenInstance($timestamp = null, $ttl = null) {
326 $this->setTokenInstance($this->buildTokenInstance($timestamp, $ttl));
327 }
328
329
333 public static function getTokenMaxLifetimeInSeconds() {
334 return self::$token_max_lifetime_in_seconds;
335 }
336
337
342 public static function setTokenMaxLifetimeInSeconds($token_max_lifetime_in_seconds) {
343 if ($token_max_lifetime_in_seconds > self::MAX_LIFETIME) {
344 throw new ilWACException(ilWACException::MAX_LIFETIME);
345 }
346 self::$token_max_lifetime_in_seconds = $token_max_lifetime_in_seconds;
347 }
348
349
353 public static function getCookieMaxLifetimeInSeconds() {
354 return self::$cookie_max_lifetime_in_seconds;
355 }
356
357
362 public static function setCookieMaxLifetimeInSeconds($cookie_max_lifetime_in_seconds) {
363 if ($cookie_max_lifetime_in_seconds > self::MAX_LIFETIME) {
364 throw new ilWACException(ilWACException::MAX_LIFETIME);
365 }
366 self::$cookie_max_lifetime_in_seconds = $cookie_max_lifetime_in_seconds;
367 }
368
369
373 protected function getRelevantLifeTime() {
374 $request_ttl = $this->getPathObject()->getTTL();
375 if ($request_ttl > 0) {
376 return $request_ttl;
377 }
378 switch ($this->getType()) {
379 case self::TYPE_FOLDER:
380 $life_time = self::getCookieMaxLifetimeInSeconds();
381 break;
382 case self::TYPE_FILE:
383 $life_time = self::getTokenMaxLifetimeInSeconds();
384 break;
385 default:
386 $life_time = false;
387 break;
388 }
389
390 return $life_time;
391 }
392
393
397 public function isChecked() {
398 return $this->checked;
399 }
400
401
405 public function setChecked($checked) {
406 $this->checked = $checked;
407 }
408}
$timestamp
foreach($mandatory_scripts as $file) $timestamp
Definition: buildRTE.php:81
ilWACCookie
Class ilWACCookie.
Definition: class.ilWACCookie.php:9
ilWACException
Class ilWACException.
Definition: class.ilWACException.php:10
ilWACLog\getInstance
static getInstance()
Definition: class.ilWACLog.php:39
ilWACPath
Class ilWACPath.
Definition: class.ilWACPath.php:9
ilWACSignedPath
Class ilWACSignedPath.
Definition: class.ilWACSignedPath.php:13
ilWACSignedPath\signFile
static signFile($path_to_file)
Definition: class.ilWACSignedPath.php:175
ilWACSignedPath\setTokenInstance
setTokenInstance(ilWACToken $token_instance)
Definition: class.ilWACSignedPath.php:214
ilWACSignedPath\signFolderOfStartFile
static signFolderOfStartFile($start_file_path, ilWACCookieInterface $ilWACCookieInterface=null)
Definition: class.ilWACSignedPath.php:195
ilWACSignedPath\setPathObject
setPathObject($path_object)
Definition: class.ilWACSignedPath.php:246
ilWACSignedPath\getCookieMaxLifetimeInSeconds
static getCookieMaxLifetimeInSeconds()
Definition: class.ilWACSignedPath.php:353
ilWACSignedPath\setCookieMaxLifetimeInSeconds
static setCookieMaxLifetimeInSeconds($cookie_max_lifetime_in_seconds)
Definition: class.ilWACSignedPath.php:362
ilWACSignedPath\buildAndSetTokenInstance
buildAndSetTokenInstance($timestamp=null, $ttl=null)
Definition: class.ilWACSignedPath.php:325
ilWACSignedPath\setTokenMaxLifetimeInSeconds
static setTokenMaxLifetimeInSeconds($token_max_lifetime_in_seconds)
Definition: class.ilWACSignedPath.php:342
ilWACSignedPath\__construct
__construct(ilWACPath $ilWACPath, ilWACCookieInterface $ilWACCookieInterface=null)
ilWACSignedPath constructor.
Definition: class.ilWACSignedPath.php:59
ilWACSignedPath\buildTokenInstance
buildTokenInstance($timestamp=null, $ttl=null)
Definition: class.ilWACSignedPath.php:295
ilWACSignedPath\$cookie_max_lifetime_in_seconds
static $cookie_max_lifetime_in_seconds
Definition: class.ilWACSignedPath.php:42
ilWACSignedPath\getTokenMaxLifetimeInSeconds
static getTokenMaxLifetimeInSeconds()
Definition: class.ilWACSignedPath.php:333
ilWACToken
Class ilWACToken.
Definition: class.ilWACToken.php:10
ilWACCookieInterface
Class ilWACCookieInterface.
Definition: interface.ilWACCookieInterface.php:8
$path
$path
Definition: index.php:22