require_once "inc/security.php"; require_once "inc/validator.php"; require_once "inc/TwitterConnector.php"; require_once "inc/RewardManager.php"; require_once "inc/Debug.php"; $referrer = "twitter"; $connector = new TwitterConnector(); // Results: valid, alreadyclaimed, sessionerror, error $result = "STATE_ERROR"; // Temp storage for debug args $debugtmp = ""; // Session and state valid? if (hasValidUid()) { unregisterUid(); $oauth_encrypted = $_SESSION["oauth_data"]; $oauth_raw = decryptMessage($oauth_encrypted, $key); $oauth = json_decode($oauth_raw, true); $token = $oauth["oauth_token"]; $secret = $oauth["oauth_token_secret"]; $verifier = strip_tags($_GET["oauth_verifier"]); // Debug info $debugtmp .= ", TOKEN: " . $token . ", SECRET: " . $secret; // Authentication successful? if ($connector->authenticate($token, $secret, $verifier)) { $user = $connector->getUserDetails(); // Request successful and user exists? if ($user) { $username = $user["name"]; $identifier = $user["id"]; $created = strtotime($user["created_at"]); $date_cutoff = strtotime("2013-08-01 00:00:00");
public function decryptMessage() { return decryptMessage(Input::get('msg')); }
result_error('Malformed request - invalid JSON.'); } // Check for the presence of a header if (!isset($data['header'])) { result_error('Request payload did not provide a header.'); } // Set server key $serverKey = $keys['Test Service']; switch ($data['header']) { case AuthenticationProtocol::HEADER_SERVER_HANDSHAKE: // Decrypt handshake $encrypted = json_decode(base64_decode($data['handshake']), true); if ($encrypted === null || !isset($encrypted['encryptedData']) || !isset($encrypted['iv'])) { result_error('Handshake invalid, failed to obtain session key.'); } $decrypted = decryptMessage($encrypted['encryptedData'], $encrypted['iv'], $encrypted['mac'], $serverKey); $handshake = json_decode($decrypted, true); if ($handshake === null || !isset($handshake['sessionKey']) || !isset($handshake['clientName'])) { result_error('Handshake invalid, failed to obtain session key.'); } $sessionKey = base64_decode($handshake['sessionKey']); $clientId = $handshake['clientName']; // Generate a new session and include the ID session_start(); $_SESSION['authenticated'] = false; $_SESSION['serverNonce'] = mt_rand(0, 2147483647); $_SESSION['sessionKey'] = $sessionKey; // Generate server challenge $serverChallenge = array('header' => AuthenticationProtocol::HEADER_SERVER_CHALLENGE, 'serverNonce' => $_SESSION['serverNonce'], 'clientName' => $clientId, 'serverSessionId' => session_id()); result($serverChallenge, $sessionKey); break;
/** * Method decrypt * @access public * @param mixed $data * @return string * @since 1.0.67 */ public function decrypt($data) { if ($this->object == null) { throw new NewException(get_class($this) . "->decrypt() error: unknow object", 0, getDebugBacktrace(1)); } return decryptMessage($data, $this->getPrivateKey(), $this->passphrase); }
function retrieveCookie() { global $key; if (isset($_COOKIE["MSFSEC"])) { $encrypted = $_COOKIE["MSFSEC"]; if (strpos($encrypted, "msf") === 0) { $encrypted = substr($encrypted, 3); } return decryptMessage($encrypted, $key); } return false; }