Esempio n. 1
0
 public function onMasterRequest(Oxygen_Event_MasterRequestEvent $event)
 {
     $this->request = $event->getRequest();
     // Kind of like str_rot8, for hexadecimal strings.
     $this->responseId = strtr($event->getRequestData()->oxygenRequestId, 'abcdef0123456789', '23456789abcdef01');
     set_exception_handler(array($this, 'handleException'));
     set_error_handler(array($this, 'handleError'));
     register_shutdown_function(array($this, 'handleFatalError'));
     $this->reservedMemory = str_repeat(' ', 1024 * $this->reservedMemorySize);
 }
Esempio n. 2
0
 public function onMasterRequest(Oxygen_Event_MasterRequestEvent $event)
 {
     $request = $event->getRequest();
     $data = $event->getRequestData();
     $existingPublicKey = $this->state->get('oxygen_public_key');
     $providedPublicKey = $data->publicKey;
     $signature = $data->signature;
     $requestId = $data->oxygenRequestId;
     $requestExpiresAt = $data->requestExpiresAt;
     if (empty($existingPublicKey)) {
         // There is no public key set, use the provided one to verify SSL implementation.
         $verifyPublicKey = $providedPublicKey;
     } else {
         $verifyPublicKey = $existingPublicKey;
     }
     $verified = $this->rsaVerifier->verify($verifyPublicKey, sprintf('%s|%d', $requestId, $requestExpiresAt), $signature);
     if (!$verified) {
         if (empty($existingPublicKey)) {
             // A public key is not set, but the handshake failed. There might be a problem with the OpenSSL implementation.
             throw new Oxygen_Exception(Oxygen_Exception::HANDSHAKE_VERIFY_TEST_FAILED);
         } else {
             throw new Oxygen_Exception(Oxygen_Exception::HANDSHAKE_VERIFY_FAILED);
         }
     }
     if (!empty($existingPublicKey)) {
         // We validated against an existing key.
         $this->nonceManager->useNonce($requestId, $requestExpiresAt);
         $request->setAuthenticated(true);
         return;
     }
     $handshakeKey = @file_get_contents($this->modulePath . '/keys/' . $data->handshakeKey . '.pub');
     if ($handshakeKey === false) {
         $lastError = error_get_last();
         throw new Oxygen_Exception(Oxygen_Exception::HANDSHAKE_LOCAL_KEY_NOT_FOUND, array('lastError' => $lastError['message'], 'keyPath' => $this->modulePath . '/' . $data->handshakeKey));
     }
     $urlSlug = Oxygen_Util::getUrlSlug($this->baseUrl);
     $verifiedHandshake = $this->rsaVerifier->verify($handshakeKey, $urlSlug, $data->handshakeSignature);
     if (!$verifiedHandshake) {
         throw new Oxygen_Exception(Oxygen_Exception::HANDSHAKE_LOCAL_VERIFY_FAILED);
     }
     $this->nonceManager->useNonce($requestId, $requestExpiresAt);
     $this->state->set('oxygen_public_key', $providedPublicKey);
     $request->setAuthenticated(true);
 }
Esempio n. 3
0
 public function onMasterRequest(Oxygen_Event_MasterRequestEvent $event)
 {
     $data = $event->getRequestData();
     if (empty($data->version)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_VERSION_NOT_PROVIDED);
     }
     if (!is_string($data->version) || !preg_match('{^\\d+\\.\\d+$}', $data->version)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_VERSION_NOT_VALID);
     }
     if (version_compare($data->version, $this->version, '>')) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_VERSION_TOO_LOW);
     }
     if (empty($data->oxygenRequestId)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_REQUEST_ID_NOT_PROVIDED);
     }
     if (!is_string($data->oxygenRequestId) || !preg_match('{^([0-9a-f]{8})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{12})$}', $data->oxygenRequestId)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_REQUEST_ID_NOT_VALID);
     }
     if (empty($data->publicKey)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_PUBLIC_KEY_NOT_PROVIDED);
     }
     if (!is_string($data->publicKey) || !strlen($data->publicKey)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_PUBLIC_KEY_NOT_VALID);
     }
     if (!isset($data->userName)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_USER_NAME_NOT_PROVIDED);
     }
     if (!is_string($data->userName)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_USER_NAME_NOT_VALID);
     }
     if (empty($data->signature)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_SIGNATURE_NOT_PROVIDED);
     }
     if (!is_string($data->signature) || !preg_match('{^[a-zA-Z\\d/+]+={0,2}$}', $data->signature)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_SIGNATURE_NOT_VALID);
     }
     if (empty($data->handshakeKey)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_HANDSHAKE_KEY_NOT_PROVIDED);
     }
     if (!is_string($data->handshakeKey) || !preg_match('{^[a-z0-9_]+$}', $data->handshakeKey)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_HANDSHAKE_KEY_NOT_VALID);
     }
     if (empty($data->handshakeSignature)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_HANDSHAKE_SIGNATURE_NOT_PROVIDED);
     }
     if (!is_string($data->handshakeSignature) || !preg_match('{^[a-zA-Z\\d/+]+={0,2}$}', $data->handshakeSignature)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_HANDSHAKE_SIGNATURE_NOT_VALID);
     }
     if (empty($data->requestExpiresAt)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_EXPIRATION_NOT_PROVIDED);
     }
     if (!is_int($data->requestExpiresAt)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_EXPIRATION_NOT_VALID);
     }
     if (empty($data->actionName)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_ACTION_NAME_NOT_PROVIDED);
     }
     if (!is_string($data->actionName)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_ACTION_NAME_NOT_VALID);
     }
     if (!isset($data->actionParameters)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_ACTION_PARAMETERS_NOT_PROVIDED);
     }
     if (!is_array($data->actionParameters)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_ACTION_PARAMETERS_NOT_VALID);
     }
     if (empty($data->baseUrl)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_BASE_URL_NOT_PROVIDED);
     }
     if (!is_string($data->baseUrl) || !in_array(parse_url($data->baseUrl, PHP_URL_SCHEME), array('http', 'https')) || !is_string(parse_url($data->baseUrl, PHP_URL_HOST))) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_BASE_URL_NOT_VALID);
     }
     if (!isset($data->stateParameters)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_STATE_PARAMETERS_NOT_PROVIDED);
     }
     if (!is_array($data->stateParameters)) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_STATE_PARAMETERS_NOT_VALID);
     }
     $providedBaseUrlSlug = Oxygen_Util::getUrlSlug($data->baseUrl);
     $currentBaseUrlSlug = Oxygen_Util::getUrlSlug($this->baseUrl);
     if ($providedBaseUrlSlug !== $currentBaseUrlSlug) {
         throw new Oxygen_Exception(Oxygen_Exception::PROTOCOL_BASE_URL_SLUG_MISMATCHES, array('providedBaseUrl' => $data->baseUrl, 'providedBaseUrlSlug' => $providedBaseUrlSlug, 'currentBaseUrl' => $this->baseUrl, 'currentBaseUrlSlug' => $currentBaseUrlSlug));
     }
 }