ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
TimeLimitedToken.php
Go to the documentation of this file.
1<?php
2
3namespace SimpleSAML\Auth;
4
8class TimeLimitedToken
9{
10
14 protected $secretSalt;
15
19 protected $lifetime;
20
24 protected $skew;
25
29 protected $algo;
30
31
44 public function __construct($lifetime = 900, $secretSalt = null, $skew = 1, $algo = 'sha1')
45 {
46 if ($secretSalt === null) {
47 $secretSalt = \SimpleSAML\Utils\Config::getSecretSalt();
48 }
49
50 if (!in_array($algo, hash_algos(), true)) {
51 throw new \InvalidArgumentException('Invalid hash algorithm "'.$algo.'"');
52 }
53
54 $this->secretSalt = $secretSalt;
55 $this->lifetime = $lifetime;
56 $this->skew = $skew;
57 $this->algo = $algo;
58 }
59
60
70 public function addVerificationData($data)
71 {
72 $this->secretSalt .= '|'.$data;
73 }
74
75
84 private function calculateTokenValue($offset, $time = null)
85 {
86 if ($time === null) {
87 $time = time();
88 }
89 // a secret salt that should be randomly generated for each installation
90 return hash(
91 $this->algo,
92 $offset.':'.floor(($time - $offset) / ($this->lifetime + $this->skew)).':'.$this->secretSalt
93 );
94 }
95
96
102 public function generate()
103 {
104 $time = time();
105 $current_offset = ($time - $this->skew) % ($this->lifetime + $this->skew);
106 return dechex($current_offset).'-'.$this->calculateTokenValue($current_offset, $time);
107 }
108
109
114 public function generate_token()
115 {
116 return $this->generate();
117 }
118
119
127 public function validate($token)
128 {
129 $splittoken = explode('-', $token);
130 if (count($splittoken) !== 2) {
131 return false;
132 }
133 $offset = intval(hexdec($splittoken[0]));
134 $value = $splittoken[1];
135 return ($this->calculateTokenValue($offset) === $value);
136 }
137
138
143 public function validate_token($token)
144 {
145 return $this->validate($token);
146 }
147}
php
An exception for terminatinating execution or to throw for unit testing.
SimpleSAML\Auth\TimeLimitedToken
A class that generates and verifies time-limited tokens.
Definition: TimeLimitedToken.php:9
SimpleSAML\Auth\TimeLimitedToken\addVerificationData
addVerificationData($data)
Add some given data to the current token.
Definition: TimeLimitedToken.php:70
SimpleSAML\Auth\TimeLimitedToken\calculateTokenValue
calculateTokenValue($offset, $time=null)
Calculates a token value for a given offset.
Definition: TimeLimitedToken.php:84
SimpleSAML\Auth\TimeLimitedToken\__construct
__construct($lifetime=900, $secretSalt=null, $skew=1, $algo='sha1')
Create a new time-limited token.
Definition: TimeLimitedToken.php:44
SimpleSAML\Auth\TimeLimitedToken\validate
validate($token)
Validates a token by calculating the token value for the provided offset and comparing it.
Definition: TimeLimitedToken.php:127
SimpleSAML\Auth\TimeLimitedToken\generate
generate()
Generates a token that contains an offset and a token value, using the current offset.
Definition: TimeLimitedToken.php:102
SimpleSAML\Utils\Config\getSecretSalt
static getSecretSalt()
Retrieve the secret salt.
Definition: Config.php:49
$time
$time
Definition: cron.php:21
GuzzleHttp\Psr7\hash
hash(StreamInterface $stream, $algo, $rawOutput=false)
Calculate a hash of a Stream.
Definition: functions.php:406