public function testNoSignature()
{
$string = 'AAAAABBBBBCCCCCDDDDD';
$signed = 'AAAAABBBBBCCCCCDDDDD.BwaUb-rznw8ZNplw7Zo2wAhoR84';
$this->assertEquals($string, Sign::unsigns($signed, 'my-key'));
$this->setExpectedException('\\photon\\crypto\\Exception');
Sign::unsigns($string, 'my-key');
}
/**
* Parse a cookie string.
*
* Automatically perform the signature check.
*
* @param $cookie Cookie string
* @param $key Shared key for HMAC signature
* @return array Valid cookies in associative array
*/
public static function parse_cookie($cookie, $key)
{
$c = \http_parse_cookie($cookie);
$cookies = array();
foreach ($c->cookies as $name => $val) {
if (strlen($val) > 0) {
try {
$cookies[$name] = \photon\crypto\Sign::loads($val, $key);
} catch (\Exception $e) {
// We simply ignore bad cookies.
}
}
}
return $cookies;
}
/**
* The $request object is used to know what the post login
* redirect url should be.
*
* If the action url of the login page is not set, it will try to
* get the url from the login view from the 'login_view'
* configuration key.
*
* @param Request The request object of the current page.
* @param string The full url of the login page (null)
*/
function __construct($request, $loginurl = null)
{
$redirect = array('_redirect_after' => \photon\crypto\Sign::dumps($request->path, Conf::f('secret_key')));
if ($loginurl !== null) {
$url = URL::generate($loginurl, $redirect, false);
$encoded = URL::generate($loginurl, $redirect);
} else {
$url = URL::forView(Conf::f('login_view', 'login_view'), array(), $redirect, false);
$encoded = URL::forView(Conf::f('login_view', 'login_view'), array(), $redirect);
}
$content = sprintf(__('<a href="%s">Please, click here to be redirected</a>.'), $encoded);
parent::__construct($content);
$this->headers['Location'] = $url;
$this->status_code = 302;
}