PHP Flowpack\SingleSignOn\Client\Security RequestSigner Beispiele

Programmiersprache: PHP

Namespace / Paketname: Flowpack\SingleSignOn\Client\Security

Klasse / Typ: RequestSigner

Beispiele auf hotexamples.com: 2

PHP Flowpack\SingleSignOn\Client\Security RequestSigner - 2 Beispiele gefunden. Dies sind die am besten bewerteten PHP Beispiele für die Flowpack\SingleSignOn\Client\Security\RequestSigner, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Häufig verwendete Methoden

Anzeigen Verbergen

getSignatureContent(1)

signRequest(1)

Beispiel #1

Datei anzeigen

Datei: SignedRequestPattern.php Projekt: anihy/Flowpack.SingleSignOn.Client

 /**
  * Matches the current request for an unverified signed request.
  *
  * This pattern will return TRUE if the request is not signed or
  * the signature of the request is invalid.
  *
  * @param \TYPO3\Flow\Mvc\RequestInterface $request The request that should be matched
  * @return boolean TRUE if the pattern matched, FALSE otherwise
  */
 public function matchRequest(\TYPO3\Flow\Mvc\RequestInterface $request)
 {
     /** @var \TYPO3\Flow\Http\Request $httpRequest */
     $httpRequest = $request->getHttpRequest();
     if ($httpRequest->hasHeader('X-Request-Signature')) {
         $identifierAndSignature = explode(':', $httpRequest->getHeader('X-Request-Signature'), 2);
         if (count($identifierAndSignature) !== 2) {
             throw new \TYPO3\Flow\Exception('Invalid signature header format, expected "identifier:base64(signature)"', 1354287886);
         }
         $identifier = $identifierAndSignature[0];
         $signature = base64_decode($identifierAndSignature[1]);
         $signData = $this->requestSigner->getSignatureContent($httpRequest);
         $publicKeyFingerprint = $this->publicKeyResolver->resolveFingerprintByIdentifier($identifier);
         if ($publicKeyFingerprint === NULL) {
             throw new \TYPO3\Flow\Exception('Cannot resolve identifier "' . $identifier . '"', 1354288898);
         }
         if ($this->rsaWalletService->verifySignature($signData, $signature, $publicKeyFingerprint)) {
             return FALSE;
         } else {
             $this->emitSignatureNotVerified($request, $identifier, $signData, $signature, $publicKeyFingerprint);
         }
     } else {
         $this->emitSignatureHeaderMissing($request);
     }
     return TRUE;
 }

Beispiel #2

Datei anzeigen

Datei: SsoServer.php Projekt: anihy/Flowpack.SingleSignOn.Client

 /**
  * Destroy the given global session
  *
  * @param \Flowpack\SingleSignOn\Client\Domain\Model\SsoClient $ssoClient
  * @param $sessionId
  * @return void
  */
 public function destroySession(SsoClient $ssoClient, $sessionId)
 {
     $serviceUri = new Uri($this->serviceBaseUri . '/session/' . urlencode($sessionId) . '/destroy');
     $serviceUri->setQuery(http_build_query(array('clientIdentifier' => $ssoClient->getServiceBaseUri())));
     $request = \TYPO3\Flow\Http\Request::create($serviceUri, 'DELETE');
     $request->setContent('');
     $signedRequest = $this->requestSigner->signRequest($request, $ssoClient->getPublicKeyFingerprint(), $ssoClient->getPublicKeyFingerprint());
     // TODO Send request asynchronously
     $response = $this->requestEngine->sendRequest($signedRequest);
     if ($response->getStatusCode() !== 200 && $response->getStatusCode() !== 404) {
         throw new Exception('Unexpected status code for destroy session when calling "' . (string) $serviceUri . '": "' . $response->getStatus() . '"', 1354132939);
     }
 }