/** * Gets a token and removes it from the session * * @author Art <*****@*****.**> * * @return mixed|null The token */ public function getAndRemove() { if (!Sess::isActive()) { self::sessionRequiredWarning(__METHOD__); // @codeCoverageIgnoreStart return null; // @codeCoverageIgnoreEnd } $tok = Alo::nullget($_SESSION[$this->tokenKey][$this->name]); $this->remove(); return $tok; }
/** * Send our request * * @author Art <*****@*****.**> * * @param string $httpMethod The HTTP method to use (GET, POST etc) * @param string $url The URL to call. This is automatically prepended with https:// in this method * @param array $options Request options * * @return \GuzzleHttp\Promise\PromiseInterface|\Psr\Http\Message\ResponseInterface The promise interface if * async is set to true and the * request interface if it is * set to false * @throws \GuzzleHttp\Exception\ClientException */ protected final function sendAbstract($httpMethod, $url, array $options = []) { return call_user_func($this->sendCallable, new Request($httpMethod, 'https://' . $url, array_merge(['authorization' => 'Bearer ' . $this->token], Alo::ifnull($options['headers'], [], true)), Alo::nullget($options['body']))); }
/** * Checks if the session hasn't been hijacked * * @author Art <*****@*****.**> * @return boolean TRUE if the check has passed, FALSE if not and the session has been terminated. */ private function identityCheck() { $fingerprint = self::getFingerprint(); if (!Alo::nullget($_SESSION[$this->config->fingerprint])) { $_SESSION[$this->config->fingerprint] = $fingerprint; } elseif ($fingerprint !== $_SESSION[$this->config->fingerprint]) { //@codeCoverageIgnoreStart $this->handleIdentityCheckFailure(session_id()); return false; //@codeCoverageIgnoreEnd } $this->log->debug('Identity check passed for session ID ' . session_id()); return true; }