function testSessionTokenVerifySignature()
{
$data = time();
$token = $this->cryptoManager->createSessionToken($data, $this->privateKey);
list($timestamp, $hash) = explode(':', $token, 2);
// change data
$timestamp += 100;
$token = $timestamp . ':' . $hash;
$this->assertFalse($this->cryptoManager->verifySessionToken($token, $this->privateKey));
}
/**
* Validate a command request
* - Validity of session token
* - Session token expiration
* - Client host address
* - Encrypted data signature
*
* @param tx_caretakerinstance_CommandRequest $commandRequest
* @return boolean
*/
public function validateRequest(tx_caretakerinstance_CommandRequest $commandRequest)
{
$sessionToken = $commandRequest->getSessionToken();
$timestamp = $this->cryptoManager->verifySessionToken($sessionToken, $this->privateKey);
if (time() - $timestamp > $this->sessionTokenExpiration) {
// Session token expired
return FALSE;
} elseif (strlen($this->clientHostAddressRestriction) && $commandRequest->getClientHostAddress() != $this->clientHostAddressRestriction) {
// Client IP address is not allowed
return FALSE;
} elseif (!$this->cryptoManager->verifySignature($commandRequest->getDataForSignature(), $commandRequest->getSignature(), $this->clientPublicKey)) {
// Signature didn't verify
return FALSE;
}
return TRUE;
}
