1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace PhpConsole; |
4
|
|
|
|
5
|
|
|
/** |
6
|
|
|
* PHP Console client authorization credentials & validation class |
7
|
|
|
* |
8
|
|
|
* @package PhpConsole |
9
|
|
|
* @version 3.1 |
10
|
|
|
* @link http://consle.com |
11
|
|
|
* @author Sergey Barbushin http://linkedin.com/in/barbushin |
12
|
|
|
* @copyright © Sergey Barbushin, 2011-2013. All rights reserved. |
13
|
|
|
* @license http://www.opensource.org/licenses/BSD-3-Clause "The BSD 3-Clause License" |
14
|
|
|
* @codeCoverageIgnore |
15
|
|
|
*/ |
16
|
|
|
class Auth { |
17
|
|
|
|
18
|
|
|
const PASSWORD_HASH_SALT = 'NeverChangeIt:)'; |
19
|
|
|
|
20
|
|
|
protected $publicKeyByIp; |
21
|
|
|
protected $passwordHash; |
22
|
|
|
|
23
|
|
|
/** |
24
|
|
|
* @param string $password Common password for all clients |
25
|
|
|
* @param bool $publicKeyByIp Set public key depending on client IP |
26
|
|
|
*/ |
27
|
|
|
public function __construct($password, $publicKeyByIp = true) { |
28
|
|
|
$this->publicKeyByIp = $publicKeyByIp; |
29
|
|
|
$this->passwordHash = $this->getPasswordHash($password); |
30
|
|
|
} |
31
|
|
|
|
32
|
|
|
protected final function hash($string) { |
33
|
|
|
return hash('sha256', $string); |
34
|
|
|
} |
35
|
|
|
|
36
|
|
|
/** |
37
|
|
|
* Get password hash like on client |
38
|
|
|
* @param $password |
39
|
|
|
* @return string |
40
|
|
|
*/ |
41
|
|
|
protected final function getPasswordHash($password) { |
42
|
|
|
return $this->hash($password . self::PASSWORD_HASH_SALT); |
43
|
|
|
} |
44
|
|
|
|
45
|
|
|
/** |
46
|
|
|
* Get authorization result data for client |
47
|
|
|
* @codeCoverageIgnore |
48
|
|
|
* @param ClientAuth|null $clientAuth |
49
|
|
|
* @return ServerAuthStatus |
50
|
|
|
*/ |
51
|
|
|
public final function getServerAuthStatus(ClientAuth $clientAuth = null) { |
52
|
|
|
$serverAuthStatus = new ServerAuthStatus(); |
53
|
|
|
$serverAuthStatus->publicKey = $this->getPublicKey(); |
54
|
|
|
$serverAuthStatus->isSuccess = $clientAuth && $this->isValidAuth($clientAuth); |
55
|
|
|
return $serverAuthStatus; |
56
|
|
|
} |
57
|
|
|
|
58
|
|
|
/** |
59
|
|
|
* Check if client authorization data is valid |
60
|
|
|
* @codeCoverageIgnore |
61
|
|
|
* @param ClientAuth $clientAuth |
62
|
|
|
* @return bool |
63
|
|
|
*/ |
64
|
|
|
public final function isValidAuth(ClientAuth $clientAuth) { |
65
|
|
|
return $clientAuth->publicKey === $this->getPublicKey() && $clientAuth->token === $this->getToken(); |
66
|
|
|
} |
67
|
|
|
|
68
|
|
|
/** |
69
|
|
|
* Get client unique identification |
70
|
|
|
* @return string |
71
|
|
|
*/ |
72
|
|
|
protected function getClientUid() { |
73
|
|
|
$clientUid = ''; |
74
|
|
|
if($this->publicKeyByIp) { |
75
|
|
|
if(isset($_SERVER['REMOTE_ADDR'])) { |
76
|
|
|
$clientUid .= $_SERVER['REMOTE_ADDR']; |
77
|
|
|
} |
78
|
|
|
if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { |
79
|
|
|
$clientUid .= $_SERVER['HTTP_X_FORWARDED_FOR']; |
80
|
|
|
} |
81
|
|
|
} |
82
|
|
|
return $clientUid; |
83
|
|
|
} |
84
|
|
|
|
85
|
|
|
/** |
86
|
|
|
* Get authorization session public key for current client |
87
|
|
|
* @return string |
88
|
|
|
*/ |
89
|
|
|
protected function getPublicKey() { |
90
|
|
|
return $this->hash($this->getClientUid() . $this->passwordHash); |
91
|
|
|
} |
92
|
|
|
|
93
|
|
|
/** |
94
|
|
|
* Get string signature for current password & public key |
95
|
|
|
* @param $string |
96
|
|
|
* @return string |
97
|
|
|
*/ |
98
|
|
|
public final function getSignature($string) { |
99
|
|
|
return $this->hash($this->passwordHash . $this->getPublicKey() . $string); |
100
|
|
|
} |
101
|
|
|
|
102
|
|
|
/** |
103
|
|
|
* Get expected valid client authorization token |
104
|
|
|
* @return string |
105
|
|
|
*/ |
106
|
|
|
private final function getToken() { |
107
|
|
|
return $this->hash($this->passwordHash . $this->getPublicKey()); |
108
|
|
|
} |
109
|
|
|
} |
110
|
|
|
|