Ejemplo n.º 1
0
 function AjaxHandler($params)
 {
     if (!empty($this->logFile)) {
         $this->LogStr("AjaxHandler(" . var_export($params, true) . ")");
     }
     $config = $this->GetConfig();
     if (empty($params['action'])) {
         return "error: no action defined";
     }
     $session = $this->LoadSession(true);
     switch ($params['action']) {
         case 'ajax_test':
             $result = array('ajax_performed' => true, 'result' => $params['result'], 'session' => $params['session'], 'session_id' => $this->session_id, 'arr' => $params['arr']);
             break;
         case 'unplugged':
             $result = array('session' => $params['session']);
             $session = array();
             break;
         case 'get_rnd_token':
             $result = array('session' => $params['session']);
             if (!empty($config['rndtoken_server'])) {
                 Swekey_SetRndTokenServer($config['rndtoken_server']);
             }
             if (!empty($config['allow_when_no_network'])) {
                 Swekey_AllowWhenNoNetwork($config['allow_when_no_network']);
             }
             $rt = Swekey_GetFastRndToken();
             if (empty($session)) {
                 $session = array();
             }
             $session[$rt] = true;
             $result['rt'] = $rt;
             if (!empty($config['no_linked_otp'])) {
                 $result['no_linked_otp'] = true;
             }
             break;
         case 'swekey_validate':
             $params['ids'] = explode(",", $params['ids']);
             $params['otps'] = explode(",", $params['otps']);
             $result = array('session' => $params['session']);
             if (empty($session[$params['rt']])) {
                 $result['error'] = "This RT was not generated here";
                 break;
             }
             unset($session[$params['rt']]);
             if (!empty($config['check_server'])) {
                 Swekey_SetCheckServer($config['check_server']);
             }
             if (!empty($config['allow_when_no_network'])) {
                 Swekey_AllowWhenNoNetwork($config['allow_when_no_network']);
             }
             $ids = array();
             for ($i = 0; $i < sizeof($params['ids']); $i++) {
                 if (!empty($config['no_linked_otp'])) {
                     $res = Swekey_CheckOtp($params['ids'][$i], $params['rt'], $params['otps'][$i]);
                 } else {
                     if (!empty($config['https_server_hostname'])) {
                         $res = Swekey_CheckLinkedOtp($params['ids'][$i], $params['rt'], $config['https_server_hostname'], $params['otps'][$i]);
                     } else {
                         $res = Swekey_CheckSmartOtp($params['ids'][$i], $params['rt'], $params['otps'][$i]);
                     }
                 }
                 if (!empty($res)) {
                     $ids[] = $params['ids'][$i];
                 }
             }
             $session['ids'] = $ids;
             $result['ids'] = $ids;
             foreach ($ids as $swekey_id) {
                 $user_name = $this->GetUserNameFromSwekeyId($swekey_id);
                 if (!empty($user_name)) {
                     $result['user_name'] = $user_name;
                     break;
                 }
             }
             break;
         case 'attach_swekey':
             $result = array();
             if (!mb_ereg('^[A-F0-9]{32}$', $params['swekey_id'])) {
                 $result['error'] = "Invalid swekey id";
             } else {
                 if (!$this->is_user_logged) {
                     $result['error'] = "No user logged";
                 } else {
                     $error = $this->AttachSwekeyToCurrentUser($params['swekey_id']);
                     if (!empty($error)) {
                         $result['error'] = $error;
                     }
                 }
             }
             break;
         case 'show_result':
             if (get_magic_quotes_gpc()) {
                 $params['result'] = stripslashes(@$params['result']);
             }
             echo "/*SWEKEY-BEGIN*/" . htmlentities(@$params['result']) . "/*SWEKEY-END*/";
             exit;
         default:
             $result['error'] = "Call '" . $params['action'] . "' is not implemented";
             break;
     }
     $this->SaveSession($session);
     return $result;
 }
Ejemplo n.º 2
0
/**
 *  Calls Swekey_CheckOtp or Swekey_CheckLinkedOtp depending if we are in
 *  an https page or not
 *
 *  @param  id                  The id of the swekey
 *  @param rt                   The random token used to generate the otp
 *  @param otp                  The otp generated by the swekey
 *  @return                     true or false
 *  @access public
 */
function Swekey_CheckSmartOtp($id, $rt, $otp)
{
    if (!empty($_SERVER['HTTPS'])) {
        return Swekey_CheckLinkedOtp($id, $rt, $_SERVER['HTTP_HOST'], $otp);
    }
    return Swekey_CheckOtp($id, $rt, $otp);
}