Esempio n. 1
0
 public static function validateToken($token)
 {
     if (is_string($token)) {
         if (trim($token) === "") {
             return null;
         }
         $tokens = new Default_Model_AccessTokens();
         $tokens->filter->token->equals($token);
         if (count($tokens->items) === 0) {
             return false;
         }
         $token = $tokens->items[0];
     } else {
         if ($token instanceof Default_Model_AccessToken) {
             //nothing to do
         } else {
             return false;
         }
     }
     $valid = false;
     $ip = $_SERVER['REMOTE_ADDR'];
     $netfilters = $token->getNetfilters();
     if (count($netfilters) === 0) {
         return true;
     }
     foreach ($netfilters as $netfilter) {
         if ($netfilter == '') {
             // NULL netfilter
             $valid = true;
             break;
         } elseif (isCIDR($netfilter)) {
             if (ipCIDRCheck($ip, $netfilter)) {
                 $valid = true;
                 break;
             }
         } elseif (isCIDR6($netfilter)) {
             if (ipCIDRCheck6($ip, $netfilter)) {
                 $valid = true;
                 break;
             }
         } elseif (isIPv4($netfilter) || isIPv6($netfilter)) {
             if ($ip == $netfilter) {
                 $valid = true;
                 break;
             }
         } else {
             // domain name based netfilter
             $hostname = gethostbyaddr($ip);
             $netfilter = str_replace('\\', '', $netfilter);
             // do not permit escaping
             if (preg_match('/\\.' . str_replace('.', '\\.', $netfilter) . '$/', $hostname) || preg_match('/^' . str_replace('.', '\\.', $netfilter) . '$/', $hostname)) {
                 $valid = true;
                 break;
             }
         }
     }
     if (!$valid) {
         debug_log('[AccessTokens::validateToken]: Invalid API key ' . $token->getToken());
     }
     return $valid;
 }
Esempio n. 2
0
 /**
  * check that the apikey is valid for the IP that made the request
  *
  * @key string the API key
  * @netfilter string the netfilter for which the key is valid
  *
  * @return boolean
  * @access private
  */
 private function _validateAPIKey($key)
 {
     $valid = false;
     if ($this->getParam("remoteaddr") != "") {
         $ip = base64_decode($this->getParam("remoteaddr"));
     } else {
         $ip = $_SERVER['REMOTE_ADDR'];
     }
     if (count($key->netfilters) == 0) {
         $valid = true;
     }
     foreach ($key->netfilters as $netfilter) {
         if ($netfilter == '') {
             // NULL netfilter
             $valid = true;
             break;
         } elseif (isCIDR($netfilter)) {
             if (ipCIDRCheck($ip, $netfilter)) {
                 $valid = true;
                 break;
             }
         } elseif (isCIDR6($netfilter)) {
             if (ipCIDRCheck6($ip, $netfilter)) {
                 $valid = true;
                 break;
             }
         } elseif (isIPv4($netfilter) || isIPv6($netfilter)) {
             if ($ip == $netfilter) {
                 $valid = true;
                 break;
             }
         } else {
             // domain name based netfilter
             $hostname = gethostbyaddr($ip);
             $netfilter = str_replace('\\', '', $netfilter);
             // do not permit escaping
             if (preg_match('/\\.' . str_replace('.', '\\.', $netfilter) . '$/', $hostname) || preg_match('/^' . str_replace('.', '\\.', $netfilter) . '$/', $hostname)) {
                 $valid = true;
                 break;
             }
         }
     }
     if (!$valid) {
         error_log('Invalid API key ' . $key->key . "(ip = {$ip})");
     }
     return $valid;
 }