|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/* |
|
4
|
|
|
* sessionware (https://github.com/juliangut/sessionware). |
|
5
|
|
|
* PSR7 compatible session management. |
|
6
|
|
|
* |
|
7
|
|
|
* @license BSD-3-Clause |
|
8
|
|
|
* @link https://github.com/juliangut/sessionware |
|
9
|
|
|
* @author Julián Gutiérrez <[email protected]> |
|
10
|
|
|
*/ |
|
11
|
|
|
|
|
12
|
|
|
declare(strict_types=1); |
|
13
|
|
|
|
|
14
|
|
|
namespace Jgut\Sessionware\Traits; |
|
15
|
|
|
|
|
16
|
|
|
use Defuse\Crypto\Crypto; |
|
17
|
|
|
use Defuse\Crypto\Exception\CryptoException; |
|
18
|
|
|
use Jgut\Sessionware\Configuration; |
|
19
|
|
|
|
|
20
|
|
|
/** |
|
21
|
|
|
* Session handler utility trait. |
|
22
|
|
|
*/ |
|
23
|
|
|
trait HandlerTrait |
|
24
|
|
|
{ |
|
25
|
|
|
/** |
|
26
|
|
|
* @var Configuration |
|
27
|
|
|
*/ |
|
28
|
|
|
protected $configuration; |
|
29
|
|
|
|
|
30
|
|
|
/** |
|
31
|
|
|
* Set configuration. |
|
32
|
|
|
* |
|
33
|
|
|
* @param Configuration $configuration |
|
34
|
|
|
* |
|
35
|
|
|
* @return self |
|
36
|
|
|
*/ |
|
37
|
|
|
public function setConfiguration(Configuration $configuration) |
|
38
|
|
|
{ |
|
39
|
|
|
$this->configuration = $configuration; |
|
40
|
|
|
|
|
41
|
|
|
return $this; |
|
42
|
|
|
} |
|
43
|
|
|
|
|
44
|
|
|
/** |
|
45
|
|
|
* Checks if configuration is set. |
|
46
|
|
|
* |
|
47
|
|
|
* @throws \RuntimeException |
|
48
|
|
|
*/ |
|
49
|
|
|
protected function testConfiguration() |
|
50
|
|
|
{ |
|
51
|
|
|
if ($this->configuration === null) { |
|
52
|
|
|
throw new \RuntimeException('Configuration must be set prior to use'); |
|
53
|
|
|
} |
|
54
|
|
|
} |
|
55
|
|
|
|
|
56
|
|
|
/** |
|
57
|
|
|
* Encrypt session data based on configuration encryption key. |
|
58
|
|
|
* |
|
59
|
|
|
* @param string $plainData |
|
60
|
|
|
* |
|
61
|
|
|
* @throws CryptoException |
|
62
|
|
|
* |
|
63
|
|
|
* @return string |
|
64
|
|
|
*/ |
|
65
|
|
|
protected function encryptSessionData(string $plainData) : string |
|
66
|
|
|
{ |
|
67
|
|
|
if (!$this->configuration->getEncryptionKey()) { |
|
68
|
|
|
return $plainData; |
|
69
|
|
|
} |
|
70
|
|
|
|
|
71
|
|
|
return Crypto::encrypt($plainData, $this->configuration->getEncryptionKey()); |
|
72
|
|
|
} |
|
73
|
|
|
|
|
74
|
|
|
/** |
|
75
|
|
|
* Decrypt session data based on configuration encryption key. |
|
76
|
|
|
* |
|
77
|
|
|
* @param string $encryptedData |
|
78
|
|
|
* |
|
79
|
|
|
* @return string |
|
80
|
|
|
*/ |
|
81
|
|
|
protected function decryptSessionData(string $encryptedData) : string |
|
82
|
|
|
{ |
|
83
|
|
|
if ($encryptedData === '') { |
|
84
|
|
|
return serialize([]); |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
|
|
$plainData = $encryptedData; |
|
88
|
|
|
|
|
89
|
|
|
if ($this->configuration->getEncryptionKey()) { |
|
90
|
|
|
try { |
|
91
|
|
|
$plainData = Crypto::decrypt($encryptedData, $this->configuration->getEncryptionKey()); |
|
92
|
|
|
} catch (CryptoException $exception) { |
|
|
|
|
|
|
93
|
|
|
// Ignore error and treat as empty session |
|
94
|
|
|
return serialize([]); |
|
95
|
|
|
} |
|
96
|
|
|
} |
|
97
|
|
|
|
|
98
|
|
|
return $plainData === 'b:0;' || @unserialize($plainData) !== false ? $plainData : serialize([]); |
|
99
|
|
|
} |
|
100
|
|
|
} |
|
101
|
|
|
|
juliangut /
sessionware
Scrutinizer analyzes your
composer.json/composer.lockfile if available to determine the classes, and functions that are defined by your dependencies.It seems like the listed class was neither found in your dependencies, nor was it found in the analyzed files in your repository. If you are using some other form of dependency management, you might want to disable this analysis.