ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
TimeLimitedToken.php
Go to the documentation of this file.
1 <?php
2 
3 namespace SimpleSAML\Auth;
4 
8 class TimeLimitedToken
9 {
10 
14  protected $secretSalt;
15 
19  protected $lifetime;
20 
24  protected $skew;
25 
29  protected $algo;
30 
31 
44  public function __construct($lifetime = 900, $secretSalt = null, $skew = 1, $algo = 'sha1')
45  {
46  if ($secretSalt === null) {
47  $secretSalt = \SimpleSAML\Utils\Config::getSecretSalt();
48  }
49 
50  if (!in_array($algo, hash_algos(), true)) {
51  throw new \InvalidArgumentException('Invalid hash algorithm "'.$algo.'"');
52  }
53 
54  $this->secretSalt = $secretSalt;
55  $this->lifetime = $lifetime;
56  $this->skew = $skew;
57  $this->algo = $algo;
58  }
59 
60 
70  public function addVerificationData($data)
71  {
72  $this->secretSalt .= '|'.$data;
73  }
74 
75 
84  private function calculateTokenValue($offset, $time = null)
85  {
86  if ($time === null) {
87  $time = time();
88  }
89  // a secret salt that should be randomly generated for each installation
90  return hash(
91  $this->algo,
92  $offset.':'.floor(($time - $offset) / ($this->lifetime + $this->skew)).':'.$this->secretSalt
93  );
94  }
95 
96 
102  public function generate()
103  {
104  $time = time();
105  $current_offset = ($time - $this->skew) % ($this->lifetime + $this->skew);
106  return dechex($current_offset).'-'.$this->calculateTokenValue($current_offset, $time);
107  }
108 
109 
114  public function generate_token()
115  {
116  return $this->generate();
117  }
118 
119 
127  public function validate($token)
128  {
129  $splittoken = explode('-', $token);
130  if (count($splittoken) !== 2) {
131  return false;
132  }
133  $offset = intval(hexdec($splittoken[0]));
134  $value = $splittoken[1];
135  return ($this->calculateTokenValue($offset) === $value);
136  }
137 
138 
143  public function validate_token($token)
144  {
145  return $this->validate($token);
146  }
147 }
SimpleSAML\Auth\TimeLimitedToken\calculateTokenValue
calculateTokenValue($offset, $time=null)
Calculates a token value for a given offset.
Definition: TimeLimitedToken.php:84
SimpleSAML\Utils\Config\getSecretSalt
static getSecretSalt()
Retrieve the secret salt.
Definition: Config.php:49
$time
$time
Definition: cron.php:21
SimpleSAML\Auth\TimeLimitedToken
A class that generates and verifies time-limited tokens.
Definition: TimeLimitedToken.php:8
SimpleSAML\Auth\TimeLimitedToken\__construct
__construct($lifetime=900, $secretSalt=null, $skew=1, $algo='sha1')
Create a new time-limited token.
Definition: TimeLimitedToken.php:44
SimpleSAML\Auth\TimeLimitedToken\validate
validate($token)
Validates a token by calculating the token value for the provided offset and comparing it...
Definition: TimeLimitedToken.php:127
SimpleSAML\Auth\TimeLimitedToken\addVerificationData
addVerificationData($data)
Add some given data to the current token.
Definition: TimeLimitedToken.php:70
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
GuzzleHttp\Psr7\hash
hash(StreamInterface $stream, $algo, $rawOutput=false)
Calculate a hash of a Stream.
Definition: functions.php:406
SimpleSAML\Auth\TimeLimitedToken\generate
generate()
Generates a token that contains an offset and a token value, using the current offset.
Definition: TimeLimitedToken.php:102