private static function _payloadMatches($signature, $payload)
 {
     $payloadSignature = Digest::hexDigestSha1(Configuration::privateKey(), $payload);
     return Digest::secureCompare($signature, $payloadSignature);
 }
Exemple #2
0
 function &create($isNew = true)
 {
     $digest = new Digest();
     if ($isNew) {
         $digest->setNew();
     }
     return $digest;
 }
 public static function sampleNotification($kind, $id)
 {
     $payload = base64_encode(self::_sampleXml($kind, $id)) . "\n";
     $signature = Configuration::publicKey() . "|" . Digest::hexDigestSha1(Configuration::privateKey(), $payload);
     return ['bt_signature' => $signature, 'bt_payload' => $payload];
 }
Exemple #4
0
 function &get($id)
 {
     if (!$id) {
         return false;
     }
     $digest = new Digest();
     $sql = 'SELECT * FROM ' . $this->db->prefix('bb_digest') . ' WHERE digest_id=' . $id;
     $array = $this->db->fetchArray($this->db->query($sql));
     if ($var) {
         return $array[$var];
     }
     $digest =& $this->create(false);
     $digest->assignVars($array);
     return $digest;
 }
Exemple #5
0
 /**
  * Создает и сохраняет экземпляр класса кодировщика паролей
  *
  * Используется класс из опции password_encoder_class.
  * В конструктор передается соль из опции password_salt
  */
 public static function PasswordEncoder()
 {
     if (!is_null(self::$encoder)) {
         return self::$encoder;
     }
     $args = Core::normalize_args(func_get_args());
     $salt = self::option('password_salt');
     if (!empty($salt) && (!isset($args[0]) || empty($args[0]))) {
         $args[0] = $salt;
     }
     $class = self::option('password_encoder_class');
     if (!is_null(self::option('password_encoder_callback'))) {
         $class = 'Digest.PasswordCallbackEncoder';
         $salt = isset($args[0]) ? $args[0] : null;
         $args[0] = self::option('password_encoder_callback');
         $args[1] = $salt;
     }
     return self::$encoder = Core::amake($class, $args);
 }
Exemple #6
0
 protected static function passwords($data, $user, &$client, &$access, &$mp)
 {
     if (!isset($data['passwords'])) {
         return;
     }
     foreach ($data['passwords'] as $p) {
         $mp = false;
         $p = trim($p);
         if ($m = Core_Regexps::match_with_results('{^([^/]+)/(.*)$}', $p)) {
             $p = trim($m[1]);
             $mp = trim($m[2]);
         }
         if ($m = Core_Regexps::match_with_results('{^([^:]+):(.+)$}', $p)) {
             $login = trim($m[1]);
             $password = trim($m[2]);
             if (CMS::is_local() && CMS::$disable_local_auth) {
                 $clogin = trim(CMS::$cfg->client->login);
                 if ($user->login == $clogin) {
                     $client = true;
                 }
                 $access = true;
                 break;
             }
             if ($user->login == $login && Digest::password($user->password) == $password) {
                 $access = true;
                 break;
             }
         }
     }
 }