Gets/Sets the Garden Installation Secret
public static installationSecret ( string $SetInstallationSecret = null ) : string | ||
$SetInstallationSecret | string | |
return | string | Installation Secret or NULL |
/** * Statistics setup & configuration. * * @since 2.0.17 * @access public */ public function index() { $this->permission('Garden.Settings.Manage'); $this->addSideMenu('dashboard/statistics'); //$this->addJsFile('statistics.js'); $this->title(t('Vanilla Statistics')); $this->enableSlicing($this); if ($this->Form->authenticatedPostBack()) { $Flow = true; if ($Flow && $this->Form->getFormValue('Reregister')) { Gdn::Statistics()->register(); } if ($Flow && $this->Form->getFormValue('Save')) { Gdn::installationID($this->Form->getFormValue('InstallationID')); Gdn::installationSecret($this->Form->getFormValue('InstallationSecret')); $this->informMessage(t("Your settings have been saved.")); } if ($Flow && $this->Form->getFormValue('AllowLocal')) { saveToConfig('Garden.Analytics.AllowLocal', true); } if ($Flow && $this->Form->getFormValue('Allow')) { saveToConfig('Garden.Analytics.Enabled', true); } if ($Flow && $this->Form->getFormValue('ClearCredentials')) { Gdn::installationID(false); Gdn::installationSecret(false); Gdn::statistics()->Tick(); $Flow = false; } } else { $this->Form->setValue('InstallationID', Gdn::installationID()); $this->Form->setValue('InstallationSecret', Gdn::installationSecret()); } $AnalyticsEnabled = Gdn_Statistics::checkIsEnabled(); if ($AnalyticsEnabled) { $ConfFile = Gdn::config()->defaultPath(); $this->setData('ConfWritable', $ConfWritable = is_writable($ConfFile)); if (!$ConfWritable) { $AnalyticsEnabled = false; } } $this->setData('AnalyticsEnabled', $AnalyticsEnabled); $NotifyMessage = Gdn::get('Garden.Analytics.Notify', false); $this->setData('NotifyMessage', $NotifyMessage); if ($NotifyMessage !== false) { Gdn::set('Garden.Analytics.Notify', null); } $this->render(); }
/** * Signature check. * * This method checks the supplied signature of a request against a hash of * the request arguments augmented with the local secret from the config file. * * **** * THIS METHOD USES ALL SUPPLIED ARGUMENTS IN ITS SIGNATURE HASH ALGORITHM * **** * * @param type $Request Array of request parameters * @return boolean Status of verification check, or null if no VanillaID */ protected function verifySignature($Request) { // If this response has no ID, return NULL (could not verify) $VanillaID = GetValue('VanillaID', $Request, null); if (is_null($VanillaID)) { return null; } // Response is bogus - wrong InstallationID if (!is_null(Gdn::installationID()) && $VanillaID != Gdn::installationID()) { return false; } // If we don't have a secret, we cannot verify anyway $VanillaSecret = Gdn::installationSecret(); if (is_null($VanillaSecret)) { return null; } // Calculate clock desync $CurrentGmTime = Gdn_Statistics::time(); $RequestTime = val('RequestTime', $Request, 0); $TimeDiff = abs($CurrentGmTime - $RequestTime); $AllowedTimeDiff = C('Garden.Analytics.RequestTimeout', 1440); // Allow 24* minutes of clock desync, otherwise signature is invalid if ($TimeDiff > $AllowedTimeDiff) { return false; } $SecurityHash = val('SecurityHash', $Request); // Remove the existing SecuritHash before calculating the signature unset($Request['SecurityHash']); // Add the real secret $Request['Secret'] = $VanillaSecret; $SignData = array_intersect_key($Request, array_fill_keys(array('VanillaID', 'Secret', 'RequestTime', 'TimeSlot'), null)); // ksort the array to preserve a known order $SignData = array_change_key_case($SignData, CASE_LOWER); ksort($SignData); // Calculate the hash $RealHash = sha1(http_build_query($SignData)); if ($RealHash == $SecurityHash) { return true; } return false; }
/** * Generate an access token for stats graphs. * * @return bool|string Returns a token or **false** if required information is missing. */ public static function generateToken() { $id = Gdn::installationID(); $secret = Gdn::installationSecret(); if (empty($id) || empty($secret)) { return false; } $str = 'v1.' . dechex(time()); $token = $str . '.' . hash_hmac('sha1', $str, $secret); return $token; }