function authorizeApp($authenticationInformation)
{
/***
* Primary wrapper function for everything not directly login / auth
* related.
*
* @param array $authenticationInformation
*
* $authenticationInformation should be an array containing the
* following keys:
*
* @key "auth" - the SHA1 hash of "entropy", server secret key, "action", "app_version"
* @key "key" - The encryption key to decrypt the server secret key
* @key "app_version" - the application version number
* @key "entropy" - A randomly generated string of 16 characters
* @key "action" - The action to be executed
* @key "data" - A base64-encoded JSON object with structured data for
* the action
* @key "user_id" - the dblink for the user. This will always be
* appended to the values in the "data" key.
***/
if (is_array($authenticationInformation)) {
$auth = $authenticationInformation['auth'];
$auth_key = $authenticationInformation['key'];
$version = $authenticationInformation['app_version'];
$entropy = $authenticationInformation['entropy'];
$action = $authenticationInformation['action'];
$user = $authenticationInformation['user_id'];
$device = $authenticationInformation['device_identifier'];
$action_data = smart_decode64($authenticationInformation['data']);
if (!is_array($action_data)) {
returnAjax(array('status' => false, 'human_error' => 'The application and server could not communicate. Please contact support.', 'error' => 'Invalid data object', 'app_error_code' => 101));
} else {
# Check structure of variables
try {
# Reserved for specific data-type checking
} catch (Exception $e) {
returnAjax(array('status' => false, 'human_error' => 'The application and server could not communicate. Please contact support.', 'error' => $e->getMessage(), 'app_error_code' => 108));
}
# Save variables to be used later
$action_data['dblink'] = $user;
$app_verify = array('device' => $device, 'authorization_token' => $auth, 'auth_prepend' => $entropy, 'auth_postpend' => $action . $version, 'appsecret_key' => $auth_key, 'dblink' => $user);
$action_data['application_verification'] = $app_verify;
$u = new UserFunctions($user);
}
} else {
returnAjax(array('status' => false, 'human_error' => 'The application and server could not communicate. Please contact support.', 'error' => 'Invalid request', 'app_error_code' => 102));
}
/***
* See if the action is a valid action.
* Most of these are just going to be wrappers for the
* async_login_handler functions.
***/
if (empty($action)) {
$action = 'sync';
}
$action_function_map = array('save' => 'saveToUser', 'read' => 'getFromUser', 'sync' => 'syncUserData');
if (!array_key_exists($action, $action_function_map)) {
returnAjax(array('status' => false, 'human_error' => 'The application and server could not communicate. Please contact support.', 'error' => 'Invalid action', 'app_error_code' => 103));
}
# See if the user exists
# get the key for $user from the server
/***
* Now, we want to authenticate the app against this information.
* $auth should be the SHA1 hash of:
*
* $auth = sha1($entropy.$SERVER_KEY.$action.$version)
*
* If it isn't, the request is bad.
***/
$r = $u->verifyApp($app_verify);
if (!$r['status']) {
returnAjax(array('status' => false, 'human_error' => "This app isn't authorized. Please log out and log back in.", 'error' => 'Invalid app credentials', 'app_error_code' => 106));
}
# Call the $action
$action_data['user_data'] = $r['data'];
$action_result = $action_function_map[$action]($action_data);
$action_result['elapsed'] = elapsed();
returnAjax($action_result);
}
