This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace ByJG\Session; |
||
4 | |||
5 | use ByJG\Util\JwtWrapper; |
||
6 | use SessionHandlerInterface; |
||
7 | |||
8 | class JwtSession implements SessionHandlerInterface |
||
9 | { |
||
10 | const COOKIE_PREFIX = "AUTH_BEARER_"; |
||
11 | |||
12 | /** |
||
13 | * @var SessionConfig |
||
14 | */ |
||
15 | protected $sessionConfig; |
||
16 | |||
17 | /** |
||
18 | * JwtSession constructor. |
||
19 | * |
||
20 | * @param $sessionConfig |
||
21 | * @throws JwtSessionException |
||
22 | */ |
||
23 | public function __construct($sessionConfig) |
||
24 | { |
||
25 | ini_set("session.use_cookies", 0); |
||
26 | |||
27 | if (!($sessionConfig instanceof SessionConfig)) { |
||
28 | throw new JwtSessionException('Required SessionConfig instance'); |
||
29 | } |
||
30 | |||
31 | $this->sessionConfig = $sessionConfig; |
||
32 | |||
33 | if ($this->sessionConfig->isReplaceSession()) { |
||
34 | $this->replaceSessionHandler(); |
||
35 | } |
||
36 | } |
||
37 | |||
38 | /** |
||
39 | * @param bool $startSession |
||
0 ignored issues
–
show
|
|||
40 | * @throws JwtSessionException |
||
41 | */ |
||
42 | protected function replaceSessionHandler() |
||
43 | { |
||
44 | if (session_status() != PHP_SESSION_NONE) { |
||
45 | throw new JwtSessionException('Session already started!'); |
||
46 | } |
||
47 | |||
48 | session_set_save_handler($this, true); |
||
49 | |||
50 | if ($this->sessionConfig->isStartSession()) { |
||
51 | ob_start(); |
||
52 | session_start(); |
||
53 | } |
||
54 | } |
||
55 | |||
56 | /** |
||
57 | * Close the session |
||
58 | * |
||
59 | * @link http://php.net/manual/en/sessionhandlerinterface.close.php |
||
60 | * @return bool <p> |
||
61 | * The return value (usually TRUE on success, FALSE on failure). |
||
62 | * Note this value is returned internally to PHP for processing. |
||
63 | * </p> |
||
64 | * @since 5.4.0 |
||
65 | */ |
||
66 | public function close() |
||
67 | { |
||
68 | return true; |
||
69 | } |
||
70 | |||
71 | /** |
||
72 | * Destroy a session |
||
73 | * |
||
74 | * @link http://php.net/manual/en/sessionhandlerinterface.destroy.php |
||
75 | * @param string $session_id The session ID being destroyed. |
||
76 | * @return bool <p> |
||
77 | * The return value (usually TRUE on success, FALSE on failure). |
||
78 | * Note this value is returned internally to PHP for processing. |
||
79 | * </p> |
||
80 | * @since 5.4.0 |
||
81 | */ |
||
82 | public function destroy($session_id) |
||
83 | { |
||
84 | if (!headers_sent()) { |
||
85 | setcookie( |
||
86 | self::COOKIE_PREFIX . $this->sessionConfig->getSessionContext(), |
||
87 | null, |
||
88 | (time()-3000), |
||
89 | $this->sessionConfig->getCookiePath(), |
||
90 | $this->sessionConfig->getCookieDomain() |
||
91 | ); |
||
92 | } |
||
93 | |||
94 | return true; |
||
95 | } |
||
96 | |||
97 | /** |
||
98 | * Cleanup old sessions |
||
99 | * |
||
100 | * @link http://php.net/manual/en/sessionhandlerinterface.gc.php |
||
101 | * @param int $maxlifetime <p> |
||
102 | * Sessions that have not updated for |
||
103 | * the last maxlifetime seconds will be removed. |
||
104 | * </p> |
||
105 | * @return bool <p> |
||
106 | * The return value (usually TRUE on success, FALSE on failure). |
||
107 | * Note this value is returned internally to PHP for processing. |
||
108 | * </p> |
||
109 | * @since 5.4.0 |
||
110 | */ |
||
111 | public function gc($maxlifetime) |
||
112 | { |
||
113 | return true; |
||
114 | } |
||
115 | |||
116 | /** |
||
117 | * Initialize session |
||
118 | * |
||
119 | * @link http://php.net/manual/en/sessionhandlerinterface.open.php |
||
120 | * @param string $save_path The path where to store/retrieve the session. |
||
121 | * @param string $name The session name. |
||
122 | * @return bool <p> |
||
123 | * The return value (usually TRUE on success, FALSE on failure). |
||
124 | * Note this value is returned internally to PHP for processing. |
||
125 | * </p> |
||
126 | * @since 5.4.0 |
||
127 | */ |
||
128 | public function open($save_path, $name) |
||
129 | { |
||
130 | return true; |
||
131 | } |
||
132 | |||
133 | /** |
||
134 | * Read session data |
||
135 | * |
||
136 | * @link http://php.net/manual/en/sessionhandlerinterface.read.php |
||
137 | * @param string $session_id The session id to read data for. |
||
138 | * @return string <p> |
||
139 | * Returns an encoded string of the read data. |
||
140 | * If nothing was read, it must return an empty string. |
||
141 | * Note this value is returned internally to PHP for processing. |
||
142 | * </p> |
||
143 | * @since 5.4.0 |
||
144 | */ |
||
145 | public function read($session_id) |
||
146 | { |
||
147 | try { |
||
148 | if (isset($_COOKIE[self::COOKIE_PREFIX . $this->sessionConfig->getSessionContext()])) { |
||
149 | $jwt = new JwtWrapper( |
||
150 | $this->sessionConfig->getServerName(), |
||
151 | $this->sessionConfig->getKey() |
||
152 | ); |
||
153 | $data = $jwt->extractData($_COOKIE[self::COOKIE_PREFIX . $this->sessionConfig->getSessionContext()]); |
||
154 | |||
155 | if (empty($data->data)) { |
||
156 | return ''; |
||
157 | } |
||
158 | |||
159 | return $data->data; |
||
160 | } |
||
161 | return ''; |
||
162 | } catch (\Exception $ex) { |
||
163 | return ''; |
||
164 | } |
||
165 | } |
||
166 | |||
167 | /** |
||
168 | * Write session data |
||
169 | * |
||
170 | * @link http://php.net/manual/en/sessionhandlerinterface.write.php |
||
171 | * @param string $session_id The session id. |
||
172 | * @param string $session_data <p> |
||
173 | * The encoded session data. This data is the |
||
174 | * result of the PHP internally encoding |
||
175 | * the $_SESSION superglobal to a serialized |
||
176 | * string and passing it as this parameter. |
||
177 | * Please note sessions use an alternative serialization method. |
||
178 | * </p> |
||
179 | * @return bool <p> |
||
180 | * The return value (usually TRUE on success, FALSE on failure). |
||
181 | * Note this value is returned internally to PHP for processing. |
||
182 | * </p> |
||
183 | * @throws \ByJG\Util\JwtWrapperException |
||
184 | * @since 5.4.0 |
||
185 | */ |
||
186 | public function write($session_id, $session_data) |
||
187 | { |
||
188 | $jwt = new JwtWrapper( |
||
189 | $this->sessionConfig->getServerName(), |
||
190 | $this->sessionConfig->getKey() |
||
191 | ); |
||
192 | $data = $jwt->createJwtData($session_data, $this->sessionConfig->getTimeoutMinutes() * 60); |
||
193 | $token = $jwt->generateToken($data); |
||
194 | |||
195 | if (!headers_sent()) { |
||
196 | setcookie( |
||
197 | self::COOKIE_PREFIX . $this->sessionConfig->getSessionContext(), |
||
198 | $token, |
||
199 | (time()+$this->sessionConfig->getTimeoutMinutes()*60) , |
||
200 | $this->sessionConfig->getCookiePath(), |
||
201 | $this->sessionConfig->getCookieDomain(), |
||
202 | false, |
||
203 | true |
||
204 | ); |
||
205 | if (defined("SETCOOKIE_FORTEST")) { |
||
206 | $_COOKIE[self::COOKIE_PREFIX . $this->sessionConfig->getSessionContext()] = $token; |
||
207 | } |
||
208 | } |
||
209 | |||
210 | return true; |
||
211 | } |
||
212 | |||
213 | public function serializeSessionData($array) |
||
214 | { |
||
215 | $result = ''; |
||
216 | foreach ($array as $key => $value) { |
||
217 | $result .= $key . "|" . serialize($value); |
||
218 | } |
||
219 | |||
220 | return $result; |
||
221 | } |
||
222 | |||
223 | /** |
||
224 | * @param $session_data |
||
225 | * @return array |
||
226 | * @throws JwtSessionException |
||
227 | */ |
||
228 | public function unSerializeSessionData($session_data) |
||
229 | { |
||
230 | $return_data = array(); |
||
231 | $offset = 0; |
||
232 | while ($offset < strlen($session_data)) { |
||
233 | if (!strstr(substr($session_data, $offset), "|")) { |
||
234 | throw new JwtSessionException("invalid data, remaining: " . substr($session_data, $offset)); |
||
235 | } |
||
236 | $pos = strpos($session_data, "|", $offset); |
||
237 | $num = $pos - $offset; |
||
238 | $varname = substr($session_data, $offset, $num); |
||
239 | $offset += $num + 1; |
||
240 | $data = unserialize(substr($session_data, $offset)); |
||
241 | $return_data[$varname] = $data; |
||
242 | $offset += strlen(serialize($data)); |
||
243 | } |
||
244 | |||
245 | return $return_data; |
||
246 | } |
||
247 | } |
||
248 |
This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function.
Consider the following example. The parameter
$italy
is not defined by the methodfinale(...)
.The most likely cause is that the parameter was removed, but the annotation was not.