|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Palladium\Service; |
|
4
|
|
|
|
|
5
|
|
|
/** |
|
6
|
|
|
* Code for creating new identities |
|
7
|
|
|
*/ |
|
8
|
|
|
|
|
9
|
|
|
use Palladium\Entity as Entity; |
|
10
|
|
|
use Palladium\Component\DataMapper; |
|
11
|
|
|
use Palladium\Exception\IdentityConflict; |
|
12
|
|
|
|
|
13
|
|
|
use Palladium\Repository\Identity as Repository; |
|
14
|
|
|
use Palladium\Contract\HasId; |
|
15
|
|
|
use Psr\Log\LoggerInterface; |
|
16
|
|
|
|
|
17
|
|
|
class Registration |
|
18
|
|
|
{ |
|
19
|
|
|
|
|
20
|
|
|
const DEFAULT_TOKEN_LIFESPAN = 28800; // 8 hours |
|
21
|
|
|
const DEFAULT_NONCE_LIFESPAN = 7200; // 2 hours |
|
22
|
|
|
const DEFAULT_HASH_COST = 12; |
|
23
|
|
|
|
|
24
|
|
|
private $repository; |
|
25
|
|
|
private $logger; |
|
26
|
|
|
private $hashCost; |
|
27
|
|
|
|
|
28
|
|
|
/** |
|
29
|
|
|
* @param Palladium\Repository\Identity $repository Repository for abstracting persistence layer structures |
|
30
|
|
|
* @param Psr\Log\LoggerInterface $logger PSR-3 compatible logger |
|
31
|
|
|
* @param int $hashCost Optional value for setting the cost of hashing algorythm (default: 12) |
|
32
|
|
|
*/ |
|
33
|
5 |
View Code Duplication |
public function __construct(Repository $repository, DataMapper $accountMapper, LoggerInterface $logger, $hashCost = self::DEFAULT_HASH_COST) |
|
|
|
|
|
|
34
|
|
|
{ |
|
35
|
5 |
|
$this->repository = $repository; |
|
36
|
5 |
|
$this->accountMapper = $accountMapper; |
|
|
|
|
|
|
37
|
5 |
|
$this->logger = $logger; |
|
38
|
5 |
|
$this->hashCost = $hashCost; |
|
39
|
5 |
|
} |
|
40
|
|
|
|
|
41
|
|
|
|
|
42
|
|
|
/** |
|
43
|
|
|
* @param string $identifier |
|
44
|
|
|
* @param string $password |
|
45
|
|
|
* @param int $tokenLifespan |
|
46
|
|
|
* |
|
47
|
|
|
* @return Palladium\Entity\StandardIdentity |
|
48
|
|
|
*/ |
|
49
|
2 |
|
public function createStandardIdentity(string $identifier, string $password, $tokenLifespan = self::DEFAULT_TOKEN_LIFESPAN) |
|
50
|
|
|
{ |
|
51
|
2 |
|
$identity = new Entity\StandardIdentity; |
|
52
|
|
|
|
|
53
|
2 |
|
$identity->setIdentifier($identifier); |
|
54
|
2 |
|
$identity->setPassword($password, $this->hashCost); |
|
55
|
2 |
|
$identity->setTokenEndOfLife(time() + $tokenLifespan); |
|
56
|
|
|
|
|
57
|
2 |
|
$this->prepareNewIdentity($identity); |
|
58
|
|
|
|
|
59
|
2 |
|
if ($this->repository->has($identity)) { |
|
60
|
1 |
|
$this->logger->notice('identifier already registered', [ |
|
61
|
|
|
'input' => [ |
|
62
|
1 |
|
'identifier' => $identifier, |
|
63
|
|
|
], |
|
64
|
|
|
]); |
|
65
|
|
|
|
|
66
|
1 |
|
throw new IdentityConflict; |
|
67
|
|
|
} |
|
68
|
|
|
|
|
69
|
1 |
|
$this->repository->save($identity); |
|
70
|
|
|
|
|
71
|
1 |
|
return $identity; |
|
72
|
|
|
} |
|
73
|
|
|
|
|
74
|
|
|
|
|
75
|
1 |
|
public function createNonceIdentity($accountId, $identityLifespan = self::DEFAULT_NONCE_LIFESPAN) |
|
76
|
|
|
{ |
|
77
|
1 |
|
$identity = new Entity\NonceIdentity; |
|
78
|
|
|
|
|
79
|
1 |
|
$identity->setAccountId($accountId); |
|
80
|
1 |
|
$identity->setExpiresOn(time() + $identityLifespan); |
|
81
|
1 |
|
$identity->setStatus(Entity\Identity::STATUS_ACTIVE); |
|
82
|
1 |
|
$identity->generateNewNonce(); |
|
83
|
1 |
|
$identity->generateNewKey($this->hashCost); |
|
84
|
|
|
|
|
85
|
1 |
|
$this->repository->save($identity); |
|
86
|
|
|
|
|
87
|
1 |
|
$this->logger->info('new single-use identity created', [ |
|
88
|
|
|
'user' => [ |
|
89
|
1 |
|
'account' => $identity->getAccountId(), |
|
90
|
1 |
|
'identity' => $identity->getId(), |
|
91
|
|
|
], |
|
92
|
|
|
]); |
|
93
|
|
|
|
|
94
|
1 |
|
return $identity; |
|
95
|
|
|
} |
|
96
|
|
|
|
|
97
|
|
|
|
|
98
|
2 |
|
private function prepareNewIdentity(Entity\StandardIdentity $identity) |
|
99
|
|
|
{ |
|
100
|
2 |
|
$identity->setStatus(Entity\Identity::STATUS_NEW); |
|
101
|
2 |
|
$identity->generateToken(); |
|
102
|
2 |
|
$identity->setTokenAction(Entity\Identity::ACTION_VERIFY); |
|
103
|
2 |
|
} |
|
104
|
|
|
|
|
105
|
|
|
|
|
106
|
1 |
|
public function bindAccountToIdentity(int $accountId, Entity\Identity $identity) |
|
107
|
|
|
{ |
|
108
|
1 |
|
$identity->setAccountId($accountId); |
|
109
|
1 |
|
$this->accountMapper->store($identity); |
|
110
|
|
|
|
|
111
|
1 |
|
$this->logger->info('new identifier registered', [ |
|
112
|
|
|
'user' => [ |
|
113
|
1 |
|
'account' => $identity->getAccountId(), |
|
114
|
1 |
|
'identity' => $identity->getId(), |
|
115
|
|
|
], |
|
116
|
|
|
]); |
|
117
|
1 |
|
} |
|
118
|
|
|
|
|
119
|
|
|
|
|
120
|
1 |
|
public function verifyStandardIdentity(Entity\StandardIdentity $identity) |
|
121
|
|
|
{ |
|
122
|
1 |
|
$identity->setStatus(Entity\Identity::STATUS_ACTIVE); |
|
123
|
1 |
|
$identity->clearToken(); |
|
124
|
|
|
|
|
125
|
1 |
|
$this->repository->save($identity); |
|
126
|
|
|
|
|
127
|
1 |
|
$this->logger->info('identity verified', [ |
|
128
|
|
|
'input' => [ |
|
129
|
1 |
|
'token' => $identity->getToken(), |
|
130
|
|
|
], |
|
131
|
|
|
'user' => [ |
|
132
|
1 |
|
'account' => $identity->getAccountId(), |
|
133
|
1 |
|
'identity' => $identity->getId(), |
|
134
|
|
|
], |
|
135
|
|
|
]); |
|
136
|
1 |
|
} |
|
137
|
|
|
} |
|
138
|
|
|
|
teresko /
palladium
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.