ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilWACToken.php
Go to the documentation of this file.
1<?php
2// declare(strict_types=1);
3
4require_once('class.ilWACSignedPath.php');
5
12class ilWACToken
13{
14 const SALT_FILE_PATH = './data/wacsalt.php';
18 protected static $SALT = '';
22 protected $session_id = '';
26 protected $timestamp = 0;
30 protected $ip = '';
34 protected $token = '';
38 protected $raw_token = '';
42 protected $path = '';
46 protected $id = '';
50 protected $client = '';
54 protected $ttl = 0;
55
56
65 public function __construct($path, $client, $timestamp = 0, $ttl = 0)
66 {
67 assert(is_string($path));
68 assert(is_string($client));
69 assert(is_int($timestamp));
70 assert(is_int($ttl));
71 $this->setClient($client);
72 $this->setPath($path);
73 $session_id = session_id();
74 $this->setSessionId($session_id ? $session_id : '-');
75 if (isset($_SERVER['REMOTE_ADDR'])) {
76 $this->setIp($_SERVER['REMOTE_ADDR']);
77 }
78 $this->setTimestamp($timestamp ? $timestamp : time());
79 $ttl = $ttl ? $ttl : ilWACSignedPath::getTokenMaxLifetimeInSeconds();
80 $this->setTTL($ttl); // since we do not know the type at this poit we choose the shorter duration for security reasons
81 $this->generateToken();
82 $this->setId($this->getPath());
83 }
84
85
89 public function generateToken()
90 {
91 $this->initSalt();
92 $token = implode('-', array(
93 self::getSALT(),
94 $this->getClient(),
95 $this->getTimestamp(),
96 $this->getTTL(),
97 ));
98 $this->setRawToken($token);
99 $token = sha1($token);
100 $this->setToken($token);
101 }
102
103
107 protected function initSalt()
108 {
109 if (self::getSALT()) {
110 return;
111 }
112 $salt = '';
113 if (is_file(self::SALT_FILE_PATH)) {
114 require self::SALT_FILE_PATH;
115 self::setSALT($salt);
116 }
117
118 if (strcmp($salt, '') === 0) {
119 $this->generateSaltFile();
120 $this->initSalt();
121 }
122 }
123
124
129 protected function generateSaltFile()
130 {
131 if (is_file(self::SALT_FILE_PATH)) {
132 unlink(self::SALT_FILE_PATH);
133 }
134 $template = file_get_contents('./Services/WebAccessChecker/wacsalt.php.template');
135 $random = new \ilRandom();
136 $salt = md5(time() * $random->int(1000, 9999) . self::SALT_FILE_PATH);
137 self::setSALT($salt);
138 $template = str_replace('INSERT_SALT', $salt, $template);
139 if (is_writable(dirname(self::SALT_FILE_PATH))) {
140 file_put_contents(self::SALT_FILE_PATH, $template);
141 } else {
142 throw new ilWACException(ilWACException::DATA_DIR_NON_WRITEABLE, self::SALT_FILE_PATH);
143 }
144 }
145
146
150 public function getSessionId()
151 {
152 return (string) $this->session_id;
153 }
154
155
160 public function setSessionId($session_id)
161 {
162 assert(is_string($session_id));
163 $this->session_id = $session_id;
164 }
165
166
170 public function getTimestamp()
171 {
172 return (int) $this->timestamp;
173 }
174
175
180 public function setTimestamp($timestamp)
181 {
182 assert(is_int($timestamp));
183 $this->timestamp = $timestamp;
184 }
185
186
190 public function getIp()
191 {
192 return (string) $this->ip;
193 }
194
195
200 public function setIp($ip)
201 {
202 assert(is_string($ip));
203 $this->ip = $ip;
204 }
205
206
210 public function getToken()
211 {
212 return (string) $this->token;
213 }
214
215
220 public function setToken($token)
221 {
222 assert(is_string($token));
223 $this->token = $token;
224 }
225
226
230 public function getPath()
231 {
232 return (string) $this->path;
233 }
234
235
240 public function setPath($path)
241 {
242 assert(is_string($path));
243 $this->path = $path;
244 }
245
246
250 public function getId()
251 {
252 return (string) $this->id;
253 }
254
255
259 public function getHashedId()
260 {
261 return (string) md5($this->id);
262 }
263
264
268 public function setId($id)
269 {
270 assert(is_string($id));
271 $this->id = $id;
272 }
273
274
278 public static function getSALT()
279 {
280 return (string) self::$SALT;
281 }
282
283
288 public static function setSALT($salt)
289 {
290 assert(is_string($salt));
291 self::$SALT = $salt;
292 }
293
294
298 public function getClient()
299 {
300 return (string) $this->client;
301 }
302
303
308 public function setClient($client)
309 {
310 assert(is_string($client));
311 $this->client = $client;
312 }
313
314
318 public function getTTL()
319 {
320 return (int) $this->ttl;
321 }
322
323
328 public function setTTL($ttl)
329 {
330 assert(is_int($ttl));
331 $this->ttl = $ttl;
332 }
333
334
338 public function getRawToken()
339 {
340 return (string) $this->raw_token;
341 }
342
343
348 public function setRawToken($raw_token)
349 {
350 assert(is_string($raw_token));
351 $this->raw_token = $raw_token;
352 }
353}
php
An exception for terminatinating execution or to throw for unit testing.
ilWACException
Class ilWACException.
Definition: class.ilWACException.php:11
ilWACSignedPath\getTokenMaxLifetimeInSeconds
static getTokenMaxLifetimeInSeconds()
Definition: class.ilWACSignedPath.php:426
ilWACToken
Class ilWACToken.
Definition: class.ilWACToken.php:13
ilWACToken\getSALT
static getSALT()
Definition: class.ilWACToken.php:278
ilWACToken\setSALT
static setSALT($salt)
Definition: class.ilWACToken.php:288
ilWACToken\setSessionId
setSessionId($session_id)
Definition: class.ilWACToken.php:160
ilWACToken\setRawToken
setRawToken($raw_token)
Definition: class.ilWACToken.php:348
ilWACToken\SALT_FILE_PATH
const SALT_FILE_PATH
Definition: class.ilWACToken.php:14
ilWACToken\setTimestamp
setTimestamp($timestamp)
Definition: class.ilWACToken.php:180
ilWACToken\setClient
setClient($client)
Definition: class.ilWACToken.php:308
ilWACToken\__construct
__construct($path, $client, $timestamp=0, $ttl=0)
ilWACToken constructor.
Definition: class.ilWACToken.php:65
$template
$template
Definition: consentAdmin.php:218
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54