function decodeAndValidateToken($token, $cryptkey = null, $signkey = null, $internal_allow_recursion = true)
{
if (!$cryptkey) {
$cryptkey = $this->_cryptkey;
}
if (!$signkey) {
$signkey = $this->_signkey;
}
$haveoldsecret = false;
$oldsecretexpiry = WindowsLiveLogin::getOldSecretExpiry();
$oldcryptkey = $this->_oldcryptkey;
$oldsignkey = $this->_oldsignkey;
if ($oldsecretexpiry and time() < $oldsecretexpiry) {
if ($oldcryptkey and $oldsignkey) {
$haveoldsecret = true;
}
}
$haveoldsecret = ($haveoldsecret and $internal_allow_recursion);
$stoken = WindowsLiveLogin::decodeToken($token, $cryptkey);
if ($stoken) {
$stoken = WindowsLiveLogin::validateToken($stoken, $signkey);
}
if (!$stoken and $haveoldsecret) {
WindowsLiveLogin::debug("Warning: Failed to validate token with current secret, attempting old secret.");
$stoken = WindowsLiveLogin::decodeAndValidateToken($token, $oldcryptkey, $oldsignkey, false);
}
return $stoken;
}
