/**
* Parses a signed_request and validates the signature.
*
* @param string $signedRequest A signed token
* @param string $appSecret
*
* @return array The payload inside it or null if the sig is wrong
*/
public static function decode($signedRequest, $appSecret)
{
if (!$signedRequest || strpos($signedRequest, '.') === false) {
Debugger::log('Signed request is invalid! ' . json_encode($signedRequest), 'facebook');
return NULL;
}
list($encoded_sig, $payload) = explode('.', $signedRequest, 2);
// decode the data
$sig = Helpers::base64UrlDecode($encoded_sig);
$data = Json::decode(Helpers::base64UrlDecode($payload), Json::FORCE_ARRAY);
if (!isset($data['algorithm']) || strtoupper($data['algorithm']) !== Configuration::SIGNED_REQUEST_ALGORITHM) {
Debugger::log("Unknown algorithm '{$data['algorithm']}', expected " . Configuration::SIGNED_REQUEST_ALGORITHM, 'facebook');
return NULL;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $appSecret, $raw = TRUE);
if (strlen($expected_sig) !== strlen($sig)) {
Debugger::log('Bad Signed JSON signature! Expected ' . Dumper::toText($expected_sig) . ', but given ' . Dumper::toText($sig), 'facebook');
return NULL;
}
$result = 0;
for ($i = 0; $i < strlen($expected_sig); $i++) {
$result |= ord($expected_sig[$i]) ^ ord($sig[$i]);
}
if ($result !== 0) {
Debugger::log('Bad Signed JSON signature! Expected ' . Dumper::toText($expected_sig) . ', but given ' . Dumper::toText($sig), 'facebook');
return NULL;
}
return $data;
}
/**
* @return string
*/
protected function formatMessage($message)
{
if ($message instanceof \Exception) {
while ($message) {
$tmp[] = ($message instanceof \ErrorException ? 'Fatal error: ' . $message->getMessage() : get_class($message) . ': ' . $message->getMessage()) . ' in ' . $message->getFile() . ':' . $message->getLine();
$message = $message->getPrevious();
}
$message = implode($tmp, "\ncaused by ");
} elseif (!is_string($message)) {
$message = Dumper::toText($message);
}
return trim($message);
}
public static function textDump($var)
{
trigger_error(__METHOD__ . '() is deprecated; use Tracy\\Dumper::toText() instead.', E_USER_DEPRECATED);
return Tracy\Dumper::toText($var);
}
/**
* Logs message or exception to file (if not disabled) and sends email notification (if enabled).
* @param string|Exception
* @param int one of constant Debugger::INFO, WARNING, ERROR (sends email), EXCEPTION (sends email), CRITICAL (sends email)
* @return string logged error filename
*/
public static function log($message, $priority = self::INFO)
{
if (!self::$logDirectory) {
return;
}
$exceptionFilename = NULL;
if ($message instanceof \Exception) {
$exception = $message;
while ($exception) {
$tmp[] = ($exception instanceof ErrorException ? 'Fatal error: ' . $exception->getMessage() : get_class($exception) . ': ' . $exception->getMessage()) . ' in ' . $exception->getFile() . ':' . $exception->getLine();
$exception = $exception->getPrevious();
}
$exception = $message;
$message = implode($tmp, "\ncaused by ");
$hash = md5(preg_replace('~(Resource id #)\\d+~', '$1', $exception));
$exceptionFilename = 'exception-' . @date('Y-m-d-H-i-s') . "-{$hash}.html";
foreach (new \DirectoryIterator(self::$logDirectory) as $entry) {
if (strpos($entry, $hash)) {
$exceptionFilename = $entry;
$saved = TRUE;
break;
}
}
} elseif (!is_string($message)) {
$message = Dumper::toText($message);
}
if ($exceptionFilename) {
$exceptionFilename = self::$logDirectory . '/' . $exceptionFilename;
if (empty($saved) && ($logHandle = @fopen($exceptionFilename, 'w'))) {
ob_start();
// double buffer prevents sending HTTP headers in some PHP
ob_start(function ($buffer) use($logHandle) {
fwrite($logHandle, $buffer);
}, 4096);
self::getBlueScreen()->render($exception);
ob_end_flush();
ob_end_clean();
fclose($logHandle);
}
}
self::getLogger()->log(array(@date('[Y-m-d H-i-s]'), trim($message), self::$source ? ' @ ' . self::$source : NULL, $exceptionFilename ? ' @@ ' . basename($exceptionFilename) : NULL), $priority);
return $exceptionFilename ? strtr($exceptionFilename, '\\/', DIRECTORY_SEPARATOR . DIRECTORY_SEPARATOR) : NULL;
}
/**
* Brief Description.
* Complete Description.
*
* @param $msg (tipo) desc
* @param $file (tipo) desc
* @param $line=0 (tipo) desc
*
* @returns (tipo) desc
*
*/
public static function trace($var, $file = false, $line = 0)
{
$msg = Tracy\Dumper::toText($var, array('truncate' => self::getConf('maestro.debug.maxLen'), 'depth' => self::getConf('maestro.debug.maxDepth')));
return self::getTrace()->trace($msg, $file, $line);
}
