-
Notifications
You must be signed in to change notification settings - Fork 283
/
Auth.php
109 lines (96 loc) · 2.79 KB
/
Auth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<?php
namespace PhpConsole;
/**
* PHP Console client authorization credentials & validation class
*
* @package PhpConsole
* @version 3.1
* @link http://consle.com
* @author Sergey Barbushin http://linkedin.com/in/barbushin
* @copyright © Sergey Barbushin, 2011-2013. All rights reserved.
* @license http://www.opensource.org/licenses/BSD-3-Clause "The BSD 3-Clause License"
* @codeCoverageIgnore
*/
class Auth {
const PASSWORD_HASH_SALT = 'NeverChangeIt:)';
protected $publicKeyByIp;
protected $passwordHash;
/**
* @param string $password Common password for all clients
* @param bool $publicKeyByIp Set public key depending on client IP
*/
public function __construct($password, $publicKeyByIp = true) {
$this->publicKeyByIp = $publicKeyByIp;
$this->passwordHash = $this->getPasswordHash($password);
}
protected final function hash($string) {
return hash('sha256', $string);
}
/**
* Get password hash like on client
* @param $password
* @return string
*/
protected final function getPasswordHash($password) {
return $this->hash($password . self::PASSWORD_HASH_SALT);
}
/**
* Get authorization result data for client
* @codeCoverageIgnore
* @param ClientAuth|null $clientAuth
* @return ServerAuthStatus
*/
public final function getServerAuthStatus(ClientAuth $clientAuth = null) {
$serverAuthStatus = new ServerAuthStatus();
$serverAuthStatus->publicKey = $this->getPublicKey();
$serverAuthStatus->isSuccess = $clientAuth && $this->isValidAuth($clientAuth);
return $serverAuthStatus;
}
/**
* Check if client authorization data is valid
* @codeCoverageIgnore
* @param ClientAuth $clientAuth
* @return bool
*/
public final function isValidAuth(ClientAuth $clientAuth) {
return $clientAuth->publicKey === $this->getPublicKey() && $clientAuth->token === $this->getToken();
}
/**
* Get client unique identification
* @return string
*/
protected function getClientUid() {
$clientUid = '';
if($this->publicKeyByIp) {
if(isset($_SERVER['REMOTE_ADDR'])) {
$clientUid .= $_SERVER['REMOTE_ADDR'];
}
if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$clientUid .= $_SERVER['HTTP_X_FORWARDED_FOR'];
}
}
return $clientUid;
}
/**
* Get authorization session public key for current client
* @return string
*/
protected function getPublicKey() {
return $this->hash($this->getClientUid() . $this->passwordHash);
}
/**
* Get string signature for current password & public key
* @param $string
* @return string
*/
public final function getSignature($string) {
return $this->hash($this->passwordHash . $this->getPublicKey() . $string);
}
/**
* Get expected valid client authorization token
* @return string
*/
private final function getToken() {
return $this->hash($this->passwordHash . $this->getPublicKey());
}
}