PageRenderTime 134ms CodeModel.GetById 60ms app.highlight 15ms RepoModel.GetById 56ms app.codeStats 0ms

/library/Zend/OpenId/Provider/Storage/File.php

https://bitbucket.org/baruffaldi/webapp-urltube
PHP | 397 lines | 271 code | 14 blank | 112 comment | 49 complexity | 5058c52cc19a0148602a945902575246 MD5 | raw file
  1<?php
  2
  3/**
  4 * Zend Framework
  5 *
  6 * LICENSE
  7 *
  8 * This source file is subject to the new BSD license that is bundled
  9 * with this package in the file LICENSE.txt.
 10 * It is also available through the world-wide-web at this URL:
 11 * http://framework.zend.com/license/new-bsd
 12 * If you did not receive a copy of the license and are unable to
 13 * obtain it through the world-wide-web, please send an email
 14 * to license@zend.com so we can send you a copy immediately.
 15 *
 16 * @category   Zend
 17 * @package    Zend_OpenId
 18 * @subpackage Zend_OpenId_Provider
 19 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 20 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 21 * @version    $Id: File.php 8456 2008-02-29 11:01:12Z dmitry $
 22 */
 23
 24/**
 25 * @see Zend_OpenId_Provider_Storage
 26 */
 27require_once "Zend/OpenId/Provider/Storage.php";
 28
 29/**
 30 * External storage implemmentation using serialized files
 31 *
 32 * @category   Zend
 33 * @package    Zend_OpenId
 34 * @subpackage Zend_OpenId_Provider
 35 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 36 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 37 */
 38class Zend_OpenId_Provider_Storage_File extends Zend_OpenId_Provider_Storage
 39{
 40
 41    /**
 42     * Directory name to store data files in
 43     *
 44     * @var string $_dir
 45     */
 46    private $_dir;
 47
 48    /**
 49     * Constructs storage object and creates storage directory
 50     *
 51     * @param string $dir directory name to store data files in
 52     * @throws Zend_OpenId_Exception
 53     */
 54    public function __construct($dir = null)
 55    {
 56        if (is_null($dir)) {
 57            $tmp = getenv('TMP');
 58            if (empty($tmp)) {
 59                $tmp = getenv('TEMP');
 60                if (empty($tmp)) {
 61                    $tmp = "/tmp";
 62                }
 63            }
 64            $user = get_current_user();
 65            if (is_string($user) && !empty($user)) {
 66                $tmp .= '/' . $user;
 67            }
 68            $dir = $tmp . '/openid/provider';
 69        }
 70        $this->_dir = $dir;
 71        if (!is_dir($this->_dir)) {
 72            if (!@mkdir($this->_dir, 0700, 1)) {
 73                throw new Zend_OpenId_Exception(
 74                    "Cannot access storage directory $dir",
 75                    Zend_OpenId_Exception::ERROR_STORAGE);
 76            }
 77        }
 78        if (($f = fopen($this->_dir.'/assoc.lock', 'w+')) === null) {
 79            throw new Zend_OpenId_Exception(
 80                'Cannot create a lock file in the directory ' . $dir,
 81                Zend_OpenId_Exception::ERROR_STORAGE);
 82        }
 83        fclose($f);
 84        if (($f = fopen($this->_dir.'/user.lock', 'w+')) === null) {
 85            throw new Zend_OpenId_Exception(
 86                'Cannot create a lock file in the directory ' . $dir,
 87                Zend_OpenId_Exception::ERROR_STORAGE);
 88        }
 89        fclose($f);
 90    }
 91
 92    /**
 93     * Stores information about session identified by $handle
 94     *
 95     * @param string $handle assiciation handle
 96     * @param string $macFunc HMAC function (sha1 or sha256)
 97     * @param string $secret shared secret
 98     * @param string $expires expiration UNIX time
 99     * @return bool
100     */
101    public function addAssociation($handle, $macFunc, $secret, $expires)
102    {
103        $name = $this->_dir . '/assoc_' . md5($handle);
104        $lock = @fopen($this->_dir . '/assoc.lock', 'w+');
105        if ($lock === false) {
106            return false;
107        }
108        if (!flock($lock, LOCK_EX)) {
109            fclose($lock);
110            return false;
111        }
112        $f = @fopen($name, 'w+');
113        if ($f === false) {
114            fclose($lock);
115            return false;
116        }
117        $data = serialize(array($handle, $macFunc, $secret, $expires));
118        fwrite($f, $data);
119        fclose($f);
120        fclose($lock);
121        return true;
122    }
123
124    /**
125     * Gets information about association identified by $handle
126     * Returns true if given association found and not expired and false
127     * otherwise
128     *
129     * @param string $handle assiciation handle
130     * @param string &$macFunc HMAC function (sha1 or sha256)
131     * @param string &$secret shared secret
132     * @param string &$expires expiration UNIX time
133     * @return bool
134     */
135    public function getAssociation($handle, &$macFunc, &$secret, &$expires)
136    {
137        $name = $this->_dir . '/assoc_' . md5($handle);
138        $lock = @fopen($this->_dir . '/assoc.lock', 'w+');
139        if ($lock === false) {
140            return false;
141        }
142        if (!flock($lock, LOCK_EX)) {
143            fclose($lock);
144            return false;
145        }
146        $f = @fopen($name, 'r');
147        if ($f === false) {
148            fclose($lock);
149            return false;
150        }
151        $ret = false;
152        $data = stream_get_contents($f);
153        if (!empty($data)) {
154            list($storedHandle, $macFunc, $secret, $expires) = unserialize($data);
155            if ($handle === $storedHandle && $expires > time()) {
156                $ret = true;
157            } else {
158                fclose($f);
159                @unlink($name);
160                fclose($lock);
161                return false;
162            }
163        }
164        fclose($f);
165        fclose($lock);
166        return $ret;
167    }
168
169    /**
170     * Removes information about association identified by $handle
171     *
172     * @param string $handle assiciation handle
173     * @return bool
174     */
175    public function delAssociation($handle)
176    {
177        $name = $this->_dir . '/assoc_' . md5($handle);
178        $lock = @fopen($this->_dir . '/assoc.lock', 'w+');
179        if ($lock === false) {
180            return false;
181        }
182        if (!flock($lock, LOCK_EX)) {
183            fclose($lock);
184            return false;
185        }
186        @unlink($name);
187        fclose($lock);
188        return true;
189    }
190
191    /**
192     * Register new user with given $id and $password
193     * Returns true in case of success and false if user with given $id already
194     * exists
195     *
196     * @param string $id user identity URL
197     * @param string $password encoded user password
198     * @return bool
199     */
200    public function addUser($id, $password)
201    {
202        $name = $this->_dir . '/user_' . md5($id);
203        $lock = @fopen($this->_dir . '/user.lock', 'w+');
204        if ($lock === false) {
205            return false;
206        }
207        if (!flock($lock, LOCK_EX)) {
208            fclose($lock);
209            return false;
210        }
211        $f = @fopen($name, 'x');
212        if ($f === false) {
213            fclose($lock);
214            return false;
215        }
216        $data = serialize(array($id, $password, array()));
217        fwrite($f, $data);
218        fclose($f);
219        fclose($lock);
220        return true;
221    }
222
223    /**
224     * Returns true if user with given $id exists and false otherwise
225     *
226     * @param string $id user identity URL
227     * @return bool
228     */
229    public function hasUser($id)
230    {
231        $name = $this->_dir . '/user_' . md5($id);
232        $lock = @fopen($this->_dir . '/user.lock', 'w+');
233        if ($lock === false) {
234            return false;
235        }
236        if (!flock($lock, LOCK_SH)) {
237            fclose($lock);
238            return false;
239        }
240        $f = @fopen($name, 'r');
241        if ($f === false) {
242            fclose($lock);
243            return false;
244        }
245        $ret = false;
246        $data = stream_get_contents($f);
247        if (!empty($data)) {
248            list($storedId, $storedPassword, $trusted) = unserialize($data);
249            if ($id === $storedId) {
250                $ret = true;
251            }
252        }
253        fclose($f);
254        fclose($lock);
255        return $ret;
256    }
257
258    /**
259     * Verify if user with given $id exists and has specified $password
260     *
261     * @param string $id user identity URL
262     * @param string $password user password
263     * @return bool
264     */
265    public function checkUser($id, $password)
266    {
267        $name = $this->_dir . '/user_' . md5($id);
268        $lock = @fopen($this->_dir . '/user.lock', 'w+');
269        if ($lock === false) {
270            return false;
271        }
272        if (!flock($lock, LOCK_SH)) {
273            fclose($lock);
274            return false;
275        }
276        $f = @fopen($name, 'r');
277        if ($f === false) {
278            fclose($lock);
279            return false;
280        }
281        $ret = false;
282        $data = stream_get_contents($f);
283        if (!empty($data)) {
284            list($storedId, $storedPassword, $trusted) = unserialize($data);
285            if ($id === $storedId && $password === $storedPassword) {
286                $ret = true;
287            }
288        }
289        fclose($f);
290        fclose($lock);
291        return $ret;
292    }
293
294    /**
295     * Removes information abou specified user
296     *
297     * @param string $id user identity URL
298     * @return bool
299     */
300    public function delUser($id)
301    {
302        $name = $this->_dir . '/user_' . md5($id);
303        $lock = @fopen($this->_dir . '/user.lock', 'w+');
304        if ($lock === false) {
305            return false;
306        }
307        if (!flock($lock, LOCK_EX)) {
308            fclose($lock);
309            return false;
310        }
311        @unlink($name);
312        fclose($lock);
313        return true;
314    }
315
316    /**
317     * Returns array of all trusted/untrusted sites for given user identified
318     * by $id
319     *
320     * @param string $id user identity URL
321     * @return array
322     */
323    public function getTrustedSites($id)
324    {
325        $name = $this->_dir . '/user_' . md5($id);
326        $lock = @fopen($this->_dir . '/user.lock', 'w+');
327        if ($lock === false) {
328            return false;
329        }
330        if (!flock($lock, LOCK_SH)) {
331            fclose($lock);
332            return false;
333        }
334        $f = @fopen($name, 'r');
335        if ($f === false) {
336            fclose($lock);
337            return false;
338        }
339        $ret = false;
340        $data = stream_get_contents($f);
341        if (!empty($data)) {
342            list($storedId, $storedPassword, $trusted) = unserialize($data);
343            if ($id === $storedId) {
344                $ret = $trusted;
345            }
346        }
347        fclose($f);
348        fclose($lock);
349        return $ret;
350    }
351
352    /**
353     * Stores information about trusted/untrusted site for given user
354     *
355     * @param string $id user identity URL
356     * @param string $site site URL
357     * @param mixed $trusted trust data from extension or just a boolean value
358     * @return bool
359     */
360    public function addSite($id, $site, $trusted)
361    {
362        $name = $this->_dir . '/user_' . md5($id);
363        $lock = @fopen($this->_dir . '/user.lock', 'w+');
364        if ($lock === false) {
365            return false;
366        }
367        if (!flock($lock, LOCK_EX)) {
368            fclose($lock);
369            return false;
370        }
371        $f = @fopen($name, 'r+');
372        if ($f === false) {
373            fclose($lock);
374            return false;
375        }
376        $ret = false;
377        $data = stream_get_contents($f);
378        if (!empty($data)) {
379            list($storedId, $storedPassword, $sites) = unserialize($data);
380            if ($id === $storedId) {
381                if (is_null($trusted)) {
382                    unset($sites[$site]);
383                } else {
384                    $sites[$site] = $trusted;
385                }
386                rewind($f);
387                ftruncate($f, 0);
388                $data = serialize(array($id, $storedPassword, $sites));
389                fwrite($f, $data);
390                $ret = true;
391            }
392        }
393        fclose($f);
394        fclose($lock);
395        return $ret;
396    }
397}