ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilWACSignedPath.php
Go to the documentation of this file.
1 <?php
2 require_once('./Services/WebAccessChecker/class.ilWACException.php');
3 require_once('class.ilWACToken.php');
4 require_once('./Services/WebAccessChecker/classes/class.ilWebAccessChecker.php');
5 require_once('./Services/WebAccessChecker/classes/class.ilWACCookie.php');
6 
13 class ilWACSignedPath {
14 
15  const TYPE_FILE = 1;
16  const TYPE_FOLDER = 2;
17  const WAC_TOKEN_ID = 'il_wac_token';
18  const WAC_TIMESTAMP_ID = 'il_wac_ts';
19  const WAC_TTL_ID = 'il_wac_ttl';
20  const TS_SUFFIX = 'ts';
21  const TTL_SUFFIX = 'ttl';
22  const MAX_LIFETIME = 600;
26  protected $path_object = null;
30  protected $token_instance = null;
34  protected $type = self::TYPE_FILE;
38  protected static $token_max_lifetime_in_seconds = 3;
42  protected static $cookie_max_lifetime_in_seconds = 300;
46  protected $cookie = null;
50  protected $checked = false;
51 
52 
59  public function __construct(ilWACPath $ilWACPath, ilWACCookieInterface $ilWACCookieInterface = null) {
60  $this->cookie = ($ilWACCookieInterface ? $ilWACCookieInterface : new ilWACCookie());
61  $this->setPathObject($ilWACPath);
62  }
63 
64 
69  public function getSignedPath() {
70  if ($this->getType() !== self::TYPE_FILE) {
71  throw new ilWACException(ilWACException::WRONG_PATH_TYPE);
72  }
73  if (!$this->getPathObject()->getOriginalRequest()) {
74  return '';
75  }
76  if (!$this->getPathObject()->fileExists()) {
77  // return $this->getPathObject()->getOriginalRequest();
78  }
79 
80  if (strpos($this->getPathObject()->getPath(), '?')) {
81  $path = $this->getPathObject()->getPath() . '&' . self::WAC_TOKEN_ID . '=' . $this->getTokenInstance()->getToken();
82  } else {
83  $path = $this->getPathObject()->getPath() . '?' . self::WAC_TOKEN_ID . '=' . $this->getTokenInstance()->getToken();
84  }
85 
86  $path = $path . '&' . self::WAC_TTL_ID . '=' . $this->getTokenInstance()->getTTL();
87  $path = $path . '&' . self::WAC_TIMESTAMP_ID . '=' . $this->getTokenInstance()->getTimestamp();
88 
89  return $path;
90  }
91 
92 
96  public function isFolderSigned() {
97  $this->setType(self::TYPE_FOLDER);
98  $plain_token = $this->buildTokenInstance();
99  $name = $plain_token->getHashedId();
100  $this->getPathObject()->setToken($this->cookie->get($name));
101  $this->getPathObject()->setTimestamp($this->cookie->get($name . self::TS_SUFFIX));
102  $this->getPathObject()->setTTL($this->cookie->get($name . self::TTL_SUFFIX));
103  $this->buildAndSetTokenInstance();
104 
105  return $this->getPathObject()->hasToken();
106  }
107 
108 
113  public function isFolderTokenValid() {
114  if (!$this->isFolderSigned()) {
115  return false;
116  }
117 
118  return $this->checkToken();
119  }
120 
121 
122  protected function saveFolderToken() {
123  $cookie_lifetime = self::getCookieMaxLifetimeInSeconds();
124  $str = 'save folder token for folder: ' . $this->getPathObject()->getDirName() . ', valid for ' . $cookie_lifetime . 's';
125  ilWACLog::getInstance()->write($str);
126  ilWACLog::getInstance()->write('token: ' . $this->getTokenInstance()->getToken());
127  $id = $this->getTokenInstance()->getHashedId();
128  $expire = time() + $cookie_lifetime;
129  $this->cookie->set($id, $this->getTokenInstance()->getToken(), time() + 24 * 3600, '/', null, false, false);
130  $this->cookie->set($id . self::TS_SUFFIX, time(), $expire, '/', '', false, false);
131  $this->cookie->set($id . self::TTL_SUFFIX, self::getCookieMaxLifetimeInSeconds(), $expire, '/', '', false, false);
132  }
133 
134 
138  public function revalidatingFolderToken() {
139  if ($this->getType() !== self::TYPE_FOLDER) {
140  return false;
141  }
142  $this->buildAndSetTokenInstance(time(), self::getCookieMaxLifetimeInSeconds());
143  ilWACLog::getInstance()->write('revalidating folder token');
144  $this->saveFolderToken();
145 
146  return true;
147  }
148 
149 
153  public function isSignedPath() {
154  return ($this->getPathObject()->hasToken() && $this->getPathObject()->hasTimestamp() && $this->getPathObject()->hasTTL());
155  }
156 
157 
162  public function isSignedPathValid() {
163  $this->buildAndSetTokenInstance($this->getPathObject()->getTimestamp(), $this->getPathObject()->getTTL());
164 
165  return $this->checkToken();
166  }
167 
168 
175  public static function signFile($path_to_file) {
176  if (!$path_to_file) {
177  return '';
178  }
179  $ilWACPath = new ilWACPath($path_to_file);
180  if (!$ilWACPath->getClient()) {
181  return $path_to_file;
182  }
183  $obj = new self($ilWACPath);
184  $obj->setType(self::TYPE_FILE);
185  $obj->buildAndSetTokenInstance(time(), self::getTokenMaxLifetimeInSeconds());
186 
187  return $obj->getSignedPath();
188  }
189 
190 
195  public static function signFolderOfStartFile($start_file_path, ilWACCookieInterface $ilWACCookieInterface = null) {
196  $obj = new self(new ilWACPath($start_file_path), $ilWACCookieInterface);
197  $obj->setType(self::TYPE_FOLDER);
198  $obj->buildAndSetTokenInstance(time(), self::getCookieMaxLifetimeInSeconds());
199  $obj->saveFolderToken();
200  }
201 
202 
206  public function getTokenInstance() {
207  return $this->token_instance;
208  }
209 
210 
214  public function setTokenInstance(ilWACToken $token_instance) {
215  $this->token_instance = $token_instance;
216  }
217 
218 
222  public function getType() {
223  return $this->type;
224  }
225 
226 
230  public function setType($type) {
231  $this->type = $type;
232  }
233 
234 
238  public function getPathObject() {
239  return $this->path_object;
240  }
241 
242 
246  public function setPathObject($path_object) {
247  $this->path_object = $path_object;
248  }
249 
250 
255  protected function checkToken() {
256  $requestTokenInstance = $this->getTokenInstance();
257 
258  $request_token = $this->getPathObject()->getToken();
259  $request_ttl = $this->getPathObject()->getTTL();
260  $request_timestamp = $this->getPathObject()->getTimestamp();
261  $current_timestamp = time();
262 
263  ilWACLog::getInstance()->write('Checking Token: ' . $request_token . ', ts: ' . $request_timestamp . "\n\n\n\n\n\n");
264 
265  $timestamp_valid = ($current_timestamp < ($request_timestamp + $request_ttl));
266 
267  if (!$timestamp_valid) {
268  ilWACLog::getInstance()->write('cookie no longer valid: TS, ' . $this->getPathObject()->getPath());
269  $this->setChecked(true);
270 
271  return false;
272  }
273 
274  $simulatedTokenInstance = $this->buildTokenInstance($request_timestamp, $request_ttl);
275  $token_valid = ($simulatedTokenInstance->getToken() == $request_token);
276 
277  if (!$token_valid) {
278  ilWACLog::getInstance()->write('cookie no longer valid: ID');
279  $this->setChecked(true);
280 
281  return false;
282  }
283 
284  ilWACLog::getInstance()->write('Token valid: ' . $requestTokenInstance->getToken());
285 
286  return true;
287  }
288 
289 
295  protected function buildTokenInstance($timestamp = null, $ttl = null) {
296  if (!$this->getType()) {
297  throw new ilWACException(ilWACException::CODE_NO_TYPE);
298  }
299 
300  switch ($this->getType()) {
301  case self::TYPE_FOLDER:
302  $path = $this->getPathObject()->getModulePath();
303  break;
304  case self::TYPE_FILE:
305  $path = $this->getPathObject()->getPathWithoutQuery();
306  break;
307  default:
308  $path = $this->getPathObject()->getPathWithoutQuery();
309  break;
310  }
311 
312  $client = $this->getPathObject()->getClient();
313  $timestamp = $timestamp ? $timestamp : $this->getPathObject()->getTimestamp();
314  $ttl = $ttl ? $ttl : $this->getPathObject()->getTTL();
315 
316  return new ilWACToken($path, $client, $timestamp, $ttl);
317  }
318 
319 
325  public function buildAndSetTokenInstance($timestamp = null, $ttl = null) {
326  $this->setTokenInstance($this->buildTokenInstance($timestamp, $ttl));
327  }
328 
329 
333  public static function getTokenMaxLifetimeInSeconds() {
334  return self::$token_max_lifetime_in_seconds;
335  }
336 
337 
342  public static function setTokenMaxLifetimeInSeconds($token_max_lifetime_in_seconds) {
343  if ($token_max_lifetime_in_seconds > self::MAX_LIFETIME) {
344  throw new ilWACException(ilWACException::MAX_LIFETIME);
345  }
346  self::$token_max_lifetime_in_seconds = $token_max_lifetime_in_seconds;
347  }
348 
349 
353  public static function getCookieMaxLifetimeInSeconds() {
354  return self::$cookie_max_lifetime_in_seconds;
355  }
356 
357 
362  public static function setCookieMaxLifetimeInSeconds($cookie_max_lifetime_in_seconds) {
363  if ($cookie_max_lifetime_in_seconds > self::MAX_LIFETIME) {
364  throw new ilWACException(ilWACException::MAX_LIFETIME);
365  }
366  self::$cookie_max_lifetime_in_seconds = $cookie_max_lifetime_in_seconds;
367  }
368 
369 
373  protected function getRelevantLifeTime() {
374  $request_ttl = $this->getPathObject()->getTTL();
375  if ($request_ttl > 0) {
376  return $request_ttl;
377  }
378  switch ($this->getType()) {
379  case self::TYPE_FOLDER:
380  $life_time = self::getCookieMaxLifetimeInSeconds();
381  break;
382  case self::TYPE_FILE:
383  $life_time = self::getTokenMaxLifetimeInSeconds();
384  break;
385  default:
386  $life_time = false;
387  break;
388  }
389 
390  return $life_time;
391  }
392 
393 
397  public function isChecked() {
398  return $this->checked;
399  }
400 
401 
405  public function setChecked($checked) {
406  $this->checked = $checked;
407  }
408 }
$path
$path
Definition: aliased.php:25
ilWACException
Class ilWACException.
Definition: class.ilWACException.php:10
ilWACSignedPath\getCookieMaxLifetimeInSeconds
static getCookieMaxLifetimeInSeconds()
Definition: class.ilWACSignedPath.php:353
ilWACSignedPath\setTokenInstance
setTokenInstance(ilWACToken $token_instance)
Definition: class.ilWACSignedPath.php:214
ilWACSignedPath\signFolderOfStartFile
static signFolderOfStartFile($start_file_path, ilWACCookieInterface $ilWACCookieInterface=null)
Definition: class.ilWACSignedPath.php:195
ilWACSignedPath\buildTokenInstance
buildTokenInstance($timestamp=null, $ttl=null)
Definition: class.ilWACSignedPath.php:295
ilWACCookieInterface
Class ilWACCookieInterface.
Definition: interface.ilWACCookieInterface.php:8
ilWACLog\getInstance
static getInstance()
Definition: class.ilWACLog.php:40
ilWACPath
Class ilWACPath.
Definition: class.ilWACPath.php:9
ilWACSignedPath\setPathObject
setPathObject($path_object)
Definition: class.ilWACSignedPath.php:246
$client
$client
Definition: dummy_client.php:38
ilWACCookie
Class ilWACCookie.
Definition: class.ilWACCookie.php:9
ilWACSignedPath\setCookieMaxLifetimeInSeconds
static setCookieMaxLifetimeInSeconds($cookie_max_lifetime_in_seconds)
Definition: class.ilWACSignedPath.php:362
ilWACSignedPath
Class ilWACSignedPath.
Definition: class.ilWACSignedPath.php:13
ilWACSignedPath\signFile
static signFile($path_to_file)
Definition: class.ilWACSignedPath.php:175
ilWACToken
Class ilWACToken.
Definition: class.ilWACToken.php:10
$timestamp
foreach($mandatory_scripts as $file) $timestamp
Definition: buildRTE.php:81
ilWACSignedPath\__construct
__construct(ilWACPath $ilWACPath, ilWACCookieInterface $ilWACCookieInterface=null)
ilWACSignedPath constructor.
Definition: class.ilWACSignedPath.php:59
ilWACSignedPath\buildAndSetTokenInstance
buildAndSetTokenInstance($timestamp=null, $ttl=null)
Definition: class.ilWACSignedPath.php:325
ilWACSignedPath\setTokenMaxLifetimeInSeconds
static setTokenMaxLifetimeInSeconds($token_max_lifetime_in_seconds)
Definition: class.ilWACSignedPath.php:342
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
ilWACSignedPath\getTokenMaxLifetimeInSeconds
static getTokenMaxLifetimeInSeconds()
Definition: class.ilWACSignedPath.php:333
ilWACSignedPath\$cookie_max_lifetime_in_seconds
static $cookie_max_lifetime_in_seconds
Definition: class.ilWACSignedPath.php:42