ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
DataSigner.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
21namespace ILIAS\FileDelivery\Token;
22
23use ILIAS\FileDelivery\Token\Signer\Key\Secret\SecretKeyRotation;
24use ILIAS\FileDelivery\Token\Signer\Payload\Payload;
25use ILIAS\FileDelivery\Token\Signer\HMACSigner;
26use ILIAS\FileDelivery\Token\Serializer\JSONSerializer;
27use ILIAS\FileDelivery\Token\Signer\Key\Signing\HMACSigningKeyGenerator;
28use ILIAS\FileDelivery\Token\Transport\URLSafeTransport;
29use ILIAS\FileDelivery\Token\Compression\DeflateCompression;
30use ILIAS\FileDelivery\Token\Signer\KeyRotatingSigner;
31use ILIAS\FileDelivery\Token\Signer\Salt\Factory;
32use ILIAS\FileDelivery\Token\Signer\Payload\StructuredPayload;
33use ILIAS\Filesystem\Stream\FileStream;
34use ILIAS\FileDelivery\Token\Compression\Compression;
35use ILIAS\FileDelivery\Token\Transport\Transport;
36use ILIAS\FileDelivery\Token\Signer\Payload\Builder;
37use ILIAS\FileDelivery\Delivery\Disposition;
38use ILIAS\FileDelivery\Token\Signer\Algorithm\ShortenedSHA1;
39use ILIAS\FileDelivery\Token\Signer\Algorithm\Algorithm;
40
44final class DataSigner
45{
46 private SigningSerializer $signing_serializer;
47 private Factory $salt_factory;
48 private Builder $payload_builder;
49
50 public function __construct(
51 SecretKeyRotation $key_rotation,
52 ?Algorithm $algorithm = null,
53 ?Compression $compression = null,
54 ?Transport $transport = null
55 ) {
56 $this->salt_factory = new Factory();
57 $compression ??= new DeflateCompression();
58 $transport ??= new URLSafeTransport();
59 $algorithm ??= new ShortenedSHA1();
60
61 $this->signing_serializer = new SigningSerializer(
62 new KeyRotatingSigner(
63 $key_rotation,
64 new HMACSigner(
65 $algorithm
66 ),
67 new HMACSigningKeyGenerator(
68 $algorithm
69 )
70 ),
71 new JSONSerializer(),
72 $compression,
73 $transport
74 );
75
76 $this->payload_builder = new Builder();
77 }
78
79 public function getSignedStreamToken(
80 FileStream $stream,
81 string $filename,
82 Disposition $disposition,
83 int $user_id,
84 ?\DateTimeImmutable $until = null
85 ): string {
86 $payload = $this->payload_builder->shortFile(
87 $stream,
88 $filename
89 );
90
91 if ($until !== null) {
92 $payload->setUntil($until->getTimestamp());
93 }
94
95 return $this->signing_serializer->sign(
96 $payload,
97 $this->salt_factory->create('stream')
98 );
99 }
100
101 public function verifyStreamToken(string $token): ?Payload
102 {
103 $data = $this->verify($token, 'stream');
104 if ($data === null) {
105 return null;
106 }
107 return $this->payload_builder->shortFileFromRaw($data);
108 }
109
110 public function sign(
111 array $data,
112 string $salt,
113 ?\DateTimeImmutable $until = null
114 ): string {
115 $payload = new StructuredPayload($data);
116
117 if ($until !== null) {
118 $payload->setUntil($until->getTimestamp());
119 }
120
121 return $this->signing_serializer->sign(
122 $payload,
123 $this->salt_factory->create($salt)
124 );
125 }
126
127 public function verify(
128 string $token,
129 string $salt
130 ): ?array {
131 return $this->signing_serializer->verify(
132 $token,
133 $this->salt_factory->create($salt)
134 )?->get();
135 }
136}
$filename
$filename
Definition: buildRTE.php:78
ILIAS\FileDelivery\Token\DataSigner\sign
sign(array $data, string $salt, ?\DateTimeImmutable $until=null)
Definition: DataSigner.php:110
ILIAS\FileDelivery\Token\DataSigner\__construct
__construct(SecretKeyRotation $key_rotation, ?Algorithm $algorithm=null, ?Compression $compression=null, ?Transport $transport=null)
Definition: DataSigner.php:50
ILIAS\FileDelivery\Token\DataSigner\getSignedStreamToken
getSignedStreamToken(FileStream $stream, string $filename, Disposition $disposition, int $user_id, ?\DateTimeImmutable $until=null)
Definition: DataSigner.php:79
ILIAS\FileDelivery\Token\DataSigner\$signing_serializer
SigningSerializer $signing_serializer
Definition: DataSigner.php:46
ILIAS\FileDelivery\Token\DataSigner\verify
verify(string $token, string $salt)
Definition: DataSigner.php:127
ILIAS\FileDelivery\Token\Signer\Key\Secret\SecretKeyRotation
Key rotation can provide an extra layer of mitigation against an attacker discovering a secret key.
Definition: SecretKeyRotation.php:42
ILIAS\FileDelivery\Token\Signer\Salt\Factory
The salt is combined with the secret key to derive a unique key for distinguishing different contexts...
Definition: Factory.php:38
return
return['delivery_method'=> 'php',]
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: delivery_method.php:21
ILIAS\Filesystem\Stream\FileStream
The base interface for all filesystem streams.
Definition: FileStream.php:32
$payload
if(count($parts) !=3) $payload
Definition: ltitoken.php:67
ILIAS\GlobalScreen\get
get(string $class_name)
Definition: SingletonTrait.php:33
$token
$token
Definition: xapitoken.php:70