/** * Stores a value in the credential store. * * @param string $skey * @param string $value */ private function _store($skey, $endpoint, $value) { try { global $DB; global $USER; $uid = null; if (isset($USER->id) && $USER->id != 0) { $uid = $USER->id; } else { if (isset($_GET['uid'])) { $uid = $_GET['uid']; } else { if (isset($_COOKIE['ibm-sbt-uid']) && $_COOKIE['ibm-sbt-uid'] != null) { $uid = $_COOKIE['ibm-sbt-uid']; } else { if (self::$uid != null) { $uid = self::$uid; } else { return; } } } } $record = $DB->get_record(SESSION_NAME, array('user_id' => intval($uid))); if ($record == null) { return; } if (!isset($record->{$skey})) { $this->_initProfileSession(); } $endpointMappings = (array) json_decode($record->{$skey}); $value = ibm_sbt_encrypt($this->key, $value, base64_decode($this->iv)); $endpointMappings[$endpoint] = "{$value}"; $record->{$skey} = json_encode($endpointMappings); $DB->update_record(SESSION_NAME, $record); } catch (Exception $e) { syslog(LOG_INFO, $e); } }
/** * Populates and encrypts the database record object with the submitted $_POST values. * * @param object $record * @return object */ function populateRecord($record) { $iv = null; if (!isset($record->iv) || $record->iv == null) { if (defined('IBM_SBT_CRYPTO_ENABLED') && IBM_SBT_CRYPTO_ENABLED) { $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); $iv = base64_encode(mcrypt_create_iv($iv_size, MCRYPT_RAND)); } $record->iv = $iv; } else { $iv = $record->iv; } if (isset($_POST['allow_client_access'])) { $record->allow_client_access = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['allow_client_access']), base64_decode($iv)); } if (isset($_POST['server_type'])) { $record->server_type = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['server_type']), base64_decode($iv)); } if (isset($_POST['api_version'])) { $record->api_version = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['api_version']), base64_decode($iv)); } if (isset($_POST['force_ssl_trust'])) { $record->force_ssl_trust = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['force_ssl_trust']), base64_decode($iv)); } if (isset($_POST['basic_auth_method'])) { $record->basic_auth_method = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['basic_auth_method']), base64_decode($iv)); } if (isset($_POST['basic_auth_password'])) { $record->basic_auth_password = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['basic_auth_password']), base64_decode($iv)); } if (isset($_POST['basic_auth_username'])) { $record->basic_auth_username = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['basic_auth_username']), base64_decode($iv)); } if (isset($_POST['auth_type'])) { $record->auth_type = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['auth_type']), base64_decode($iv)); } if (isset($_POST['authorization_url'])) { $record->authorization_url = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['authorization_url']), base64_decode($iv)); } if (isset($_POST['oauth2_callback_url'])) { $record->oauth2_callback_url = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['oauth2_callback_url']), base64_decode($iv)); } if (isset($_POST['request_token_url'])) { $record->request_token_url = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['request_token_url']), base64_decode($iv)); } if (isset($_POST['client_secret'])) { $record->client_secret = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['client_secret']), base64_decode($iv)); } if (isset($_POST['client_id'])) { $record->client_id = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['client_id']), base64_decode($iv)); } if (isset($_POST['consumer_secret'])) { $record->consumer_secret = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['consumer_secret']), base64_decode($iv)); } if (isset($_POST['consumer_key'])) { $record->consumer_key = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['consumer_key']), base64_decode($iv)); } if (isset($_POST['access_token_url'])) { $record->access_token_url = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['access_token_url']), base64_decode($iv)); } if (isset($_POST['server_url'])) { $record->server_url = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['server_url']), base64_decode($iv)); } if (isset($_POST['name'])) { $record->name = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($_POST['name']), base64_decode($iv)); } global $CFG; $record->oauth_origin = ibm_sbt_encrypt(IBM_SBT_SETTINGS_KEY, mysql_escape_string($CFG->wwwroot), base64_decode($iv)); return $record; }
/** * Stores a value in the credential store. * * @param string $skey * @param string $value */ private function _store($skey, $value) { $data = null; if ($this->_isUserLoggedIn()) { $data = $this->_getSessionInfoFromProfile(); } else { $data = $this->_getSessionInfoFromCookie(); } $key = $data['key']; $iv = $data['iv']; $iv = base64_decode($iv); $sessionID = $data['sessionID']; // Get session $session = get_option($sessionID); if ($session === false) { $timestamp = time(); $sessions = get_option(USER_SESSIONS); array_push($sessions, array('id' => $sessionID, 'created' => $timestamp)); update_option(USER_SESSIONS, $sessions); $sessionData = array(); add_option($sessionID, $sessionData); $session = get_option($sessionID); } // Encrypt data and store key-value pair $value = ibm_sbt_encrypt($key, $value, $iv); $session[$skey] = "{$value}"; // Update database update_option($sessionID, $session); }