d4/d4c/class_8ilWACToken_8php_source.html

<?php

class ilWACToken

{

    private const SALT_FILE_PATH = './data/wacsalt.php';

    protected static string $SALT = '';

    protected string $session_id = '';

    protected int $timestamp = 0;

    protected string $ip = '';

    protected string $token = '';

    protected string $raw_token = '';

    protected string $path = '';

    protected string $id = '';

    protected string $client = '';

    protected int $ttl = 0;


    public function __construct(

        string $path,

        string $client,

        int $timestamp = 0,

        int $ttl = 0

    ) {

        $this->setClient($client);

        $this->setPath($path);

        $session_id = session_id();

        $this->setSessionId($session_id ?: '-');

        if (isset($_SERVER['REMOTE_ADDR'])) {

            $this->setIp($_SERVER['REMOTE_ADDR']);

        }

        $this->setTimestamp($timestamp !== 0 ? $timestamp : time());

        $ttl = $ttl !== 0 ? $ttl : ilWACSignedPath::getTokenMaxLifetimeInSeconds();

        $this->setTTL($ttl); //  since we do not know the type at this poit we choose the shorter duration for security reasons

        $this->generateToken();

        $this->setId($this->getPath());

    }


    public function generateToken(): void

    {

        $this->initSalt();

        $token = implode('-', array(

            self::getSALT(),

            $this->getClient(),

            $this->getTimestamp(),

            $this->getTTL(),

        ));

        $this->setRawToken($token);

        $token = sha1($token);

        $this->setToken($token);

    }


    protected function initSalt(): void

    {

        if (self::getSALT() !== '' && self::getSALT() !== '0') {

            return;

        }

        $salt = '';

        if (is_file(self::SALT_FILE_PATH)) {

            require self::SALT_FILE_PATH;

            self::setSALT($salt);

        }


        if (strcmp($salt, '') === 0) {

            $this->generateSaltFile();

            $this->initSalt();

        }

    }


    protected function generateSaltFile(): void

    {

        if (is_file(self::SALT_FILE_PATH)) {

            unlink(self::SALT_FILE_PATH);

        }

        $template = file_get_contents('./Services/WebAccessChecker/wacsalt.php.template');

        $random = new \ilRandom();

        $salt = md5(time() * $random->int(1000, 9999) . self::SALT_FILE_PATH);

        self::setSALT($salt);

        $template = str_replace('INSERT_SALT', $salt, $template);

        if (is_writable(dirname(self::SALT_FILE_PATH))) {

            file_put_contents(self::SALT_FILE_PATH, $template);

        } else {

            throw new ilWACException(ilWACException::DATA_DIR_NON_WRITEABLE, self::SALT_FILE_PATH);

        }

    }


    public function getSessionId(): string

    {

        return $this->session_id;

    }


    public function setSessionId(string $session_id): void

    {

        $this->session_id = $session_id;

    }


    public function getTimestamp(): int

    {

        return $this->timestamp;

    }


    public function setTimestamp(int $timestamp): void

    {

        $this->timestamp = $timestamp;

    }


    public function getIp(): string

    {

        return $this->ip;

    }


    public function setIp(string $ip): void

    {

        $this->ip = $ip;

    }


    public function getToken(): string

    {

        return $this->token;

    }


    public function setToken(string $token): void

    {

        $this->token = $token;

    }


    public function getPath(): string

    {

        return $this->path;

    }


    public function setPath(string $path): void

    {

        $this->path = $path;

    }


    public function getId(): string

    {

        return $this->id;

    }


    public function getHashedId(): string

    {

        return md5($this->id);

    }


    public function setId(string $id): void

    {

        $this->id = $id;

    }


    public static function getSALT(): string

    {

        return self::$SALT;

    }


    public static function setSALT(string $salt): void

    {

        self::$SALT = $salt;

    }


    public function getClient(): string

    {

        return $this->client;

    }


    public function setClient(string $client): void

    {

        $this->client = $client;

    }


    public function getTTL(): int

    {

        return $this->ttl;

    }


    public function setTTL(int $ttl): void

    {

        $this->ttl = $ttl;

    }


    public function getRawToken(): string

    {

        return $this->raw_token;

    }


    public function setRawToken(string $raw_token): void

    {

        $this->raw_token = $raw_token;

    }

}

ilWACException
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilWACException.php:25

ilWACException\DATA_DIR_NON_WRITEABLE
const DATA_DIR_NON_WRITEABLE
Definition: class.ilWACException.php:32

ilWACSignedPath\getTokenMaxLifetimeInSeconds
static getTokenMaxLifetimeInSeconds()
Definition: class.ilWACSignedPath.php:337

ilWACToken
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilWACToken.php:25

ilWACToken\$raw_token
string $raw_token
Definition: class.ilWACToken.php:32

ilWACToken\getSALT
static getSALT()
Definition: class.ilWACToken.php:196

ilWACToken\getTimestamp
getTimestamp()
Definition: class.ilWACToken.php:130

ilWACToken\$timestamp
int $timestamp
Definition: class.ilWACToken.php:29

ilWACToken\$session_id
string $session_id
Definition: class.ilWACToken.php:28

ilWACToken\__construct
__construct(string $path, string $client, int $timestamp=0, int $ttl=0)
ilWACToken constructor.
Definition: class.ilWACToken.php:42

ilWACToken\$id
string $id
Definition: class.ilWACToken.php:34

ilWACToken\$SALT
static string $SALT
Definition: class.ilWACToken.php:27

ilWACToken\$client
string $client
Definition: class.ilWACToken.php:35

ilWACToken\setPath
setPath(string $path)
Definition: class.ilWACToken.php:172

ilWACToken\$ttl
int $ttl
Definition: class.ilWACToken.php:36

ilWACToken\initSalt
initSalt()
Definition: class.ilWACToken.php:78

ilWACToken\$token
string $token
Definition: class.ilWACToken.php:31

ilWACToken\setToken
setToken(string $token)
Definition: class.ilWACToken.php:160

ilWACToken\getSessionId
getSessionId()
Definition: class.ilWACToken.php:118

ilWACToken\getId
getId()
Definition: class.ilWACToken.php:178

ilWACToken\generateSaltFile
generateSaltFile()
Definition: class.ilWACToken.php:100

ilWACToken\getPath
getPath()
Definition: class.ilWACToken.php:166

ilWACToken\setIp
setIp(string $ip)
Definition: class.ilWACToken.php:148

ilWACToken\setRawToken
setRawToken(string $raw_token)
Definition: class.ilWACToken.php:238

ilWACToken\getToken
getToken()
Definition: class.ilWACToken.php:154

ilWACToken\$ip
string $ip
Definition: class.ilWACToken.php:30

ilWACToken\getRawToken
getRawToken()
Definition: class.ilWACToken.php:232

ilWACToken\getTTL
getTTL()
Definition: class.ilWACToken.php:220

ilWACToken\SALT_FILE_PATH
const SALT_FILE_PATH
Definition: class.ilWACToken.php:26

ilWACToken\generateToken
generateToken()
Definition: class.ilWACToken.php:63

ilWACToken\setSALT
static setSALT(string $salt)
Definition: class.ilWACToken.php:202

ilWACToken\setSessionId
setSessionId(string $session_id)
Definition: class.ilWACToken.php:124

ilWACToken\$path
string $path
Definition: class.ilWACToken.php:33

ilWACToken\getHashedId
getHashedId()
Definition: class.ilWACToken.php:184

ilWACToken\getClient
getClient()
Definition: class.ilWACToken.php:208

ilWACToken\setId
setId(string $id)
Definition: class.ilWACToken.php:190

ilWACToken\getIp
getIp()
Definition: class.ilWACToken.php:142

ilWACToken\setTimestamp
setTimestamp(int $timestamp)
Definition: class.ilWACToken.php:136

ilWACToken\setTTL
setTTL(int $ttl)
Definition: class.ilWACToken.php:226

ilWACToken\setClient
setClient(string $client)
Definition: class.ilWACToken.php:214

ILIAS\Repository\int
int(string $key)
Definition: trait.BaseGUIRequest.php:61

$_SERVER
$_SERVER['HTTP_HOST']
Definition: raiseError.php:10