/**
* @param string $username
* @param string $passwordToken
* @return NULL|User
*/
public function authenticateWithToken($username, $passwordToken)
{
try {
$user = $this->repository->findByUsername($username);
} catch (NotFound $e) {
return null;
}
if (!StringHelper::equals($this->createPasswordToken($user), $passwordToken)) {
return null;
}
return $user;
}
public function isValid($intention, $token)
{
if (strpos($token, '-') === false) {
return false;
}
list($timestamp, $_hash) = explode('-', $token, 2);
if (!is_numeric($timestamp)) {
return false;
}
$timestamp = (int) $timestamp;
if ($timestamp > time() || $timestamp + $this->validityTime < time()) {
return false;
}
return StringHelper::equals($this->generateToken($intention, $timestamp), $token);
}
private function getCookieData(Request $request)
{
if (!$request->cookies->has(self::COOKIE_NAME)) {
return null;
}
$base64 = $request->cookies->get(self::COOKIE_NAME);
$json = base64_decode($base64);
if ($json === false) {
return null;
}
$data = json_decode($json, true, 3);
if (!is_array($data)) {
return null;
}
if (!isset($data[self::FIELD_SIGNATURE]) || !isset($data[self::FIELD_PAYLOAD]) || !is_array($data[self::FIELD_PAYLOAD])) {
return null;
}
$payload = $data[self::FIELD_PAYLOAD];
$signature = $data[self::FIELD_SIGNATURE];
foreach (array(self::FIELD_PAYLOAD_USERNAME, self::FIELD_PAYLOAD_TOKEN, self::FIELD_CREATION_TIME) as $k) {
if (!isset($payload[$k])) {
return null;
}
}
//See if we can trust that the data hasn't been tampered with.
if (!StringHelper::equals($this->sign($payload), $signature)) {
return null;
}
return $payload;
}
