PageRenderTime 40ms CodeModel.GetById 13ms RepoModel.GetById 0ms app.codeStats 1ms

/library/Zend/OpenId/Provider/Storage/File.php

https://bitbucket.org/baruffaldi/webapp-urltube
PHP | 397 lines | 271 code | 14 blank | 112 comment | 49 complexity | 5058c52cc19a0148602a945902575246 MD5 | raw file
Possible License(s): BSD-3-Clause, LGPL-2.0, MIT
  1. <?php
  2. /**
  3. * Zend Framework
  4. *
  5. * LICENSE
  6. *
  7. * This source file is subject to the new BSD license that is bundled
  8. * with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://framework.zend.com/license/new-bsd
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@zend.com so we can send you a copy immediately.
  14. *
  15. * @category Zend
  16. * @package Zend_OpenId
  17. * @subpackage Zend_OpenId_Provider
  18. * @copyright Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
  19. * @license http://framework.zend.com/license/new-bsd New BSD License
  20. * @version $Id: File.php 8456 2008-02-29 11:01:12Z dmitry $
  21. */
  22. /**
  23. * @see Zend_OpenId_Provider_Storage
  24. */
  25. require_once "Zend/OpenId/Provider/Storage.php";
  26. /**
  27. * External storage implemmentation using serialized files
  28. *
  29. * @category Zend
  30. * @package Zend_OpenId
  31. * @subpackage Zend_OpenId_Provider
  32. * @copyright Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
  33. * @license http://framework.zend.com/license/new-bsd New BSD License
  34. */
  35. class Zend_OpenId_Provider_Storage_File extends Zend_OpenId_Provider_Storage
  36. {
  37. /**
  38. * Directory name to store data files in
  39. *
  40. * @var string $_dir
  41. */
  42. private $_dir;
  43. /**
  44. * Constructs storage object and creates storage directory
  45. *
  46. * @param string $dir directory name to store data files in
  47. * @throws Zend_OpenId_Exception
  48. */
  49. public function __construct($dir = null)
  50. {
  51. if (is_null($dir)) {
  52. $tmp = getenv('TMP');
  53. if (empty($tmp)) {
  54. $tmp = getenv('TEMP');
  55. if (empty($tmp)) {
  56. $tmp = "/tmp";
  57. }
  58. }
  59. $user = get_current_user();
  60. if (is_string($user) && !empty($user)) {
  61. $tmp .= '/' . $user;
  62. }
  63. $dir = $tmp . '/openid/provider';
  64. }
  65. $this->_dir = $dir;
  66. if (!is_dir($this->_dir)) {
  67. if (!@mkdir($this->_dir, 0700, 1)) {
  68. throw new Zend_OpenId_Exception(
  69. "Cannot access storage directory $dir",
  70. Zend_OpenId_Exception::ERROR_STORAGE);
  71. }
  72. }
  73. if (($f = fopen($this->_dir.'/assoc.lock', 'w+')) === null) {
  74. throw new Zend_OpenId_Exception(
  75. 'Cannot create a lock file in the directory ' . $dir,
  76. Zend_OpenId_Exception::ERROR_STORAGE);
  77. }
  78. fclose($f);
  79. if (($f = fopen($this->_dir.'/user.lock', 'w+')) === null) {
  80. throw new Zend_OpenId_Exception(
  81. 'Cannot create a lock file in the directory ' . $dir,
  82. Zend_OpenId_Exception::ERROR_STORAGE);
  83. }
  84. fclose($f);
  85. }
  86. /**
  87. * Stores information about session identified by $handle
  88. *
  89. * @param string $handle assiciation handle
  90. * @param string $macFunc HMAC function (sha1 or sha256)
  91. * @param string $secret shared secret
  92. * @param string $expires expiration UNIX time
  93. * @return bool
  94. */
  95. public function addAssociation($handle, $macFunc, $secret, $expires)
  96. {
  97. $name = $this->_dir . '/assoc_' . md5($handle);
  98. $lock = @fopen($this->_dir . '/assoc.lock', 'w+');
  99. if ($lock === false) {
  100. return false;
  101. }
  102. if (!flock($lock, LOCK_EX)) {
  103. fclose($lock);
  104. return false;
  105. }
  106. $f = @fopen($name, 'w+');
  107. if ($f === false) {
  108. fclose($lock);
  109. return false;
  110. }
  111. $data = serialize(array($handle, $macFunc, $secret, $expires));
  112. fwrite($f, $data);
  113. fclose($f);
  114. fclose($lock);
  115. return true;
  116. }
  117. /**
  118. * Gets information about association identified by $handle
  119. * Returns true if given association found and not expired and false
  120. * otherwise
  121. *
  122. * @param string $handle assiciation handle
  123. * @param string &$macFunc HMAC function (sha1 or sha256)
  124. * @param string &$secret shared secret
  125. * @param string &$expires expiration UNIX time
  126. * @return bool
  127. */
  128. public function getAssociation($handle, &$macFunc, &$secret, &$expires)
  129. {
  130. $name = $this->_dir . '/assoc_' . md5($handle);
  131. $lock = @fopen($this->_dir . '/assoc.lock', 'w+');
  132. if ($lock === false) {
  133. return false;
  134. }
  135. if (!flock($lock, LOCK_EX)) {
  136. fclose($lock);
  137. return false;
  138. }
  139. $f = @fopen($name, 'r');
  140. if ($f === false) {
  141. fclose($lock);
  142. return false;
  143. }
  144. $ret = false;
  145. $data = stream_get_contents($f);
  146. if (!empty($data)) {
  147. list($storedHandle, $macFunc, $secret, $expires) = unserialize($data);
  148. if ($handle === $storedHandle && $expires > time()) {
  149. $ret = true;
  150. } else {
  151. fclose($f);
  152. @unlink($name);
  153. fclose($lock);
  154. return false;
  155. }
  156. }
  157. fclose($f);
  158. fclose($lock);
  159. return $ret;
  160. }
  161. /**
  162. * Removes information about association identified by $handle
  163. *
  164. * @param string $handle assiciation handle
  165. * @return bool
  166. */
  167. public function delAssociation($handle)
  168. {
  169. $name = $this->_dir . '/assoc_' . md5($handle);
  170. $lock = @fopen($this->_dir . '/assoc.lock', 'w+');
  171. if ($lock === false) {
  172. return false;
  173. }
  174. if (!flock($lock, LOCK_EX)) {
  175. fclose($lock);
  176. return false;
  177. }
  178. @unlink($name);
  179. fclose($lock);
  180. return true;
  181. }
  182. /**
  183. * Register new user with given $id and $password
  184. * Returns true in case of success and false if user with given $id already
  185. * exists
  186. *
  187. * @param string $id user identity URL
  188. * @param string $password encoded user password
  189. * @return bool
  190. */
  191. public function addUser($id, $password)
  192. {
  193. $name = $this->_dir . '/user_' . md5($id);
  194. $lock = @fopen($this->_dir . '/user.lock', 'w+');
  195. if ($lock === false) {
  196. return false;
  197. }
  198. if (!flock($lock, LOCK_EX)) {
  199. fclose($lock);
  200. return false;
  201. }
  202. $f = @fopen($name, 'x');
  203. if ($f === false) {
  204. fclose($lock);
  205. return false;
  206. }
  207. $data = serialize(array($id, $password, array()));
  208. fwrite($f, $data);
  209. fclose($f);
  210. fclose($lock);
  211. return true;
  212. }
  213. /**
  214. * Returns true if user with given $id exists and false otherwise
  215. *
  216. * @param string $id user identity URL
  217. * @return bool
  218. */
  219. public function hasUser($id)
  220. {
  221. $name = $this->_dir . '/user_' . md5($id);
  222. $lock = @fopen($this->_dir . '/user.lock', 'w+');
  223. if ($lock === false) {
  224. return false;
  225. }
  226. if (!flock($lock, LOCK_SH)) {
  227. fclose($lock);
  228. return false;
  229. }
  230. $f = @fopen($name, 'r');
  231. if ($f === false) {
  232. fclose($lock);
  233. return false;
  234. }
  235. $ret = false;
  236. $data = stream_get_contents($f);
  237. if (!empty($data)) {
  238. list($storedId, $storedPassword, $trusted) = unserialize($data);
  239. if ($id === $storedId) {
  240. $ret = true;
  241. }
  242. }
  243. fclose($f);
  244. fclose($lock);
  245. return $ret;
  246. }
  247. /**
  248. * Verify if user with given $id exists and has specified $password
  249. *
  250. * @param string $id user identity URL
  251. * @param string $password user password
  252. * @return bool
  253. */
  254. public function checkUser($id, $password)
  255. {
  256. $name = $this->_dir . '/user_' . md5($id);
  257. $lock = @fopen($this->_dir . '/user.lock', 'w+');
  258. if ($lock === false) {
  259. return false;
  260. }
  261. if (!flock($lock, LOCK_SH)) {
  262. fclose($lock);
  263. return false;
  264. }
  265. $f = @fopen($name, 'r');
  266. if ($f === false) {
  267. fclose($lock);
  268. return false;
  269. }
  270. $ret = false;
  271. $data = stream_get_contents($f);
  272. if (!empty($data)) {
  273. list($storedId, $storedPassword, $trusted) = unserialize($data);
  274. if ($id === $storedId && $password === $storedPassword) {
  275. $ret = true;
  276. }
  277. }
  278. fclose($f);
  279. fclose($lock);
  280. return $ret;
  281. }
  282. /**
  283. * Removes information abou specified user
  284. *
  285. * @param string $id user identity URL
  286. * @return bool
  287. */
  288. public function delUser($id)
  289. {
  290. $name = $this->_dir . '/user_' . md5($id);
  291. $lock = @fopen($this->_dir . '/user.lock', 'w+');
  292. if ($lock === false) {
  293. return false;
  294. }
  295. if (!flock($lock, LOCK_EX)) {
  296. fclose($lock);
  297. return false;
  298. }
  299. @unlink($name);
  300. fclose($lock);
  301. return true;
  302. }
  303. /**
  304. * Returns array of all trusted/untrusted sites for given user identified
  305. * by $id
  306. *
  307. * @param string $id user identity URL
  308. * @return array
  309. */
  310. public function getTrustedSites($id)
  311. {
  312. $name = $this->_dir . '/user_' . md5($id);
  313. $lock = @fopen($this->_dir . '/user.lock', 'w+');
  314. if ($lock === false) {
  315. return false;
  316. }
  317. if (!flock($lock, LOCK_SH)) {
  318. fclose($lock);
  319. return false;
  320. }
  321. $f = @fopen($name, 'r');
  322. if ($f === false) {
  323. fclose($lock);
  324. return false;
  325. }
  326. $ret = false;
  327. $data = stream_get_contents($f);
  328. if (!empty($data)) {
  329. list($storedId, $storedPassword, $trusted) = unserialize($data);
  330. if ($id === $storedId) {
  331. $ret = $trusted;
  332. }
  333. }
  334. fclose($f);
  335. fclose($lock);
  336. return $ret;
  337. }
  338. /**
  339. * Stores information about trusted/untrusted site for given user
  340. *
  341. * @param string $id user identity URL
  342. * @param string $site site URL
  343. * @param mixed $trusted trust data from extension or just a boolean value
  344. * @return bool
  345. */
  346. public function addSite($id, $site, $trusted)
  347. {
  348. $name = $this->_dir . '/user_' . md5($id);
  349. $lock = @fopen($this->_dir . '/user.lock', 'w+');
  350. if ($lock === false) {
  351. return false;
  352. }
  353. if (!flock($lock, LOCK_EX)) {
  354. fclose($lock);
  355. return false;
  356. }
  357. $f = @fopen($name, 'r+');
  358. if ($f === false) {
  359. fclose($lock);
  360. return false;
  361. }
  362. $ret = false;
  363. $data = stream_get_contents($f);
  364. if (!empty($data)) {
  365. list($storedId, $storedPassword, $sites) = unserialize($data);
  366. if ($id === $storedId) {
  367. if (is_null($trusted)) {
  368. unset($sites[$site]);
  369. } else {
  370. $sites[$site] = $trusted;
  371. }
  372. rewind($f);
  373. ftruncate($f, 0);
  374. $data = serialize(array($id, $storedPassword, $sites));
  375. fwrite($f, $data);
  376. $ret = true;
  377. }
  378. }
  379. fclose($f);
  380. fclose($lock);
  381. return $ret;
  382. }
  383. }