function authorizeApp($authenticationInformation) { /*** * Primary wrapper function for everything not directly login / auth * related. * * @param array $authenticationInformation * * $authenticationInformation should be an array containing the * following keys: * * @key "auth" - the SHA1 hash of "entropy", server secret key, "action", "app_version" * @key "key" - The encryption key to decrypt the server secret key * @key "app_version" - the application version number * @key "entropy" - A randomly generated string of 16 characters * @key "action" - The action to be executed * @key "data" - A base64-encoded JSON object with structured data for * the action * @key "user_id" - the dblink for the user. This will always be * appended to the values in the "data" key. ***/ if (is_array($authenticationInformation)) { $auth = $authenticationInformation['auth']; $auth_key = $authenticationInformation['key']; $version = $authenticationInformation['app_version']; $entropy = $authenticationInformation['entropy']; $action = $authenticationInformation['action']; $user = $authenticationInformation['user_id']; $device = $authenticationInformation['device_identifier']; $action_data = smart_decode64($authenticationInformation['data']); if (!is_array($action_data)) { returnAjax(array('status' => false, 'human_error' => 'The application and server could not communicate. Please contact support.', 'error' => 'Invalid data object', 'app_error_code' => 101)); } else { # Check structure of variables try { # Reserved for specific data-type checking } catch (Exception $e) { returnAjax(array('status' => false, 'human_error' => 'The application and server could not communicate. Please contact support.', 'error' => $e->getMessage(), 'app_error_code' => 108)); } # Save variables to be used later $action_data['dblink'] = $user; $app_verify = array('device' => $device, 'authorization_token' => $auth, 'auth_prepend' => $entropy, 'auth_postpend' => $action . $version, 'appsecret_key' => $auth_key, 'dblink' => $user); $action_data['application_verification'] = $app_verify; $u = new UserFunctions($user); } } else { returnAjax(array('status' => false, 'human_error' => 'The application and server could not communicate. Please contact support.', 'error' => 'Invalid request', 'app_error_code' => 102)); } /*** * See if the action is a valid action. * Most of these are just going to be wrappers for the * async_login_handler functions. ***/ if (empty($action)) { $action = 'sync'; } $action_function_map = array('save' => 'saveToUser', 'read' => 'getFromUser', 'sync' => 'syncUserData'); if (!array_key_exists($action, $action_function_map)) { returnAjax(array('status' => false, 'human_error' => 'The application and server could not communicate. Please contact support.', 'error' => 'Invalid action', 'app_error_code' => 103)); } # See if the user exists # get the key for $user from the server /*** * Now, we want to authenticate the app against this information. * $auth should be the SHA1 hash of: * * $auth = sha1($entropy.$SERVER_KEY.$action.$version) * * If it isn't, the request is bad. ***/ $r = $u->verifyApp($app_verify); if (!$r['status']) { returnAjax(array('status' => false, 'human_error' => "This app isn't authorized. Please log out and log back in.", 'error' => 'Invalid app credentials', 'app_error_code' => 106)); } # Call the $action $action_data['user_data'] = $r['data']; $action_result = $action_function_map[$action]($action_data); $action_result['elapsed'] = elapsed(); returnAjax($action_result); }