public function login($id)
{
$token = $this->createToken($id);
$cookie = new Cookie($this->cookieName, time() + $this->duration, $this->cookiePath, $this->cookieDomain, $this->cookieSecure, true);
$data = array('gid' => $id, 'token' => $token);
$cookie->setData($data);
$this->transceiver->send($cookie);
$this->storage->addToken($id, $token);
}
/**
* Provides test data for the receive test.
*
* @return array the test data
*/
public function receiveProvider()
{
$cryptoFactory = new CryptoFactory();
$userGID = '58d93d649ffffffff5331ad0219ea200';
$res = array();
$cookie = new Cookie('test1', 0, '/', null, false, false);
$cookie->setData('hello world');
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $userGID);
$receiveTransceiver = $sendTransceiver;
$success = true;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
$cookie = new Cookie('test2', 0, '/', null, false, true);
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $userGID);
$receiveTransceiver = $sendTransceiver;
$success = true;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
$cookie = new Cookie('test3', 0, '/false', null, false, false);
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $userGID);
$receiveTransceiver = $sendTransceiver;
$success = false;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
$cookie = new Cookie('test', 0, '/', 'wrongdomain', false, false);
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $userGID);
$receiveTransceiver = $sendTransceiver;
$success = false;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
$cookie = new Cookie('test', 0, '/', null, true, false);
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $userGID);
$receiveTransceiver = $sendTransceiver;
$success = false;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
$cookie = new Cookie('test', 0, '/', null, false, false);
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id1', $userGID);
$receiveTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id2', $userGID);
$success = false;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
$cookie = new Cookie('test', 0, '/', null, false, false);
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $userGID);
$receiveTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id');
$success = true;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
$cookie = new Cookie('test27', 0, '/', null, false, false);
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $userGID);
$receiveTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', 'wrong gid');
$success = false;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
$cookie = new Cookie('test', 0, '/', null, false, false);
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $userGID);
$receiveTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key2', new GID(), 'session id');
$success = false;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
$cookie = new Cookie('test', 0, '/', null, false, false);
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $userGID);
$receiveTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha512'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id');
$success = false;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
$cookie = new Cookie('test', 0, '/', null, false, false);
$sendTransceiver = new SecureCookieTransceiver($cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getHashFunction('Sha256'), $cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $userGID);
$receiveTransceiver = new DefaultCookieTransceiver();
$success = false;
$res[] = array($cookie, $sendTransceiver, $receiveTransceiver, $success);
return $res;
}
/**
* Starts the session.
*
* This method reads the session ID from the session cookie and stores it into the session
* variable.
*
* Additionally this method also loads all session data from the encrypted session storage.
*
* @throws SIDConflictException when a generated session ID (SID) already exists
*/
private function start()
{
$requiresNewSession = false;
// Try to get user cookie
$cookie = $this->userCookieTransceiver->receive($this->cookieName);
// If this fails, try to get a guest cookie
$guest = false;
if ($cookie === null) {
$cookie = $this->guestCookieTransceiver->receive($this->cookieName);
if ($cookie !== null) {
$guest = true;
}
}
// If cookie was not found, we need a new session
if ($cookie === null) {
$requiresNewSession = true;
} else {
// Get the SID
$sid = $cookie->getData();
// Check if SID is invalid
if (!$this->isValidSID($sid)) {
$requiresNewSession = true;
} else {
// Check if session duration has expired
$now = time();
$date = $this->storage->getDate($sid);
if ($date !== null && $date < $now - $this->duration) {
$this->storage->delete($sid);
$requiresNewSession = true;
}
// If guest remove GID from session
if ($guest) {
$data = $this->storage->fetch($sid);
if ($data !== null && isset($data['GID'])) {
unset($data['GID']);
$this->storage->store($sid, $data, true);
}
}
}
}
// Send new guest cookie
if ($requiresNewSession) {
$sid = $this->createSID();
$cookie = new Cookie($this->cookieName, 0, $this->cookiePath, $this->cookieDomain, $this->cookieSecure, true);
$cookie->setData($sid);
$this->guestCookieTransceiver->send($cookie);
if ($this->storage->exists($sid)) {
throw new SIDConflictException("Session conflict for SID {$sid}");
}
$this->storage->delete($sid);
}
// Store ID
$this->sid = $sid;
// Stores that the session was started
$this->sessionStarted = true;
// Run the garbage collector
$dice = Math::getRandomFloat(0.0, 1.0);
if (Math::getRandomFloat(0.0, 1.0) <= $this->garbageCollectorProbability) {
$this->storage->deleteOld($this->duration);
}
}
/**
* Tests deleting a cookie.
*/
public function testDelete()
{
$cookie = new Cookie('deleteCookie');
$cookie->setData('hello');
$this->remoteCall('send', $cookie);
$this->assertEquals($cookie, $this->remoteCall('receive', $cookie->getName()));
$this->assertEquals($cookie, $this->remoteCall('receive', $cookie->getName()));
$this->remoteCall('send', new Cookie('deleteCookie', -1));
$this->assertNull($this->remoteCall('receive', $cookie->getName()));
}
/**
* Tests authentication failure due to a malformed GID inside the cookie.
*
* @covers empire\framework\login\DefaultPersistentLoginMethod::authenticate
*/
public function testAuthenticateCookieGidFail()
{
$gid = '58d93d649ffffffff5331ad0219ea200';
$storage = new JsonLoginStorage(__DIR__ . DIRECTORY_SEPARATOR . 'login.json', new Md5HashFunction(), 100, 'mykey');
$malformedCookie = new Cookie('login');
$malformedCookie->setData(array('gid' => 'not a valid gid', 'token' => 'not a valid token'));
$transceiver = new DefaultCookieTransceiver();
$method = new DefaultPersistentLoginMethod($storage, $transceiver);
$method->setCookieName('login');
$this->remoteCall('login', $method, $gid);
$this->remoteCall('sendCookie', null, array($transceiver, $malformedCookie));
$this->assertNull($this->remoteCall('authenticate', $method));
}
/**
* Sends a cookie to the client.
*
* @param Cookie $cookie the cookie to send
* @return boolean whether the cookie could be sent
*/
public function send(Cookie $cookie)
{
$data = array();
$data['expires'] = $cookie->getExpires();
$data['path'] = $cookie->getPath();
$data['domain'] = $cookie->getDomain();
$data['secure'] = $cookie->getSecure();
$data['httpOnly'] = $cookie->getHTTPOnly();
$data['payload'] = $cookie->getData();
$data['transceiver'] = get_called_class();
$this->prepareSending($data);
$data = base64_encode(serialize($data));
return setcookie($cookie->getName(), $data, $cookie->getExpires(), $cookie->getPath(), $cookie->getDomain(), $cookie->getSecure(), $cookie->getHTTPOnly());
}
/**
* Tests authentication failure due to a malformed GID inside the cookie.
*
* @covers empire\framework\login\SecurePersistentLoginMethod::authenticate
*/
public function testAuthenticateCookieGidFail()
{
$gid = '58d93d649ffffffff5331ad0219ea200';
$storage = new JsonLoginStorage(__DIR__ . DIRECTORY_SEPARATOR . 'login.json', new Md5HashFunction(), 100, 'mykey');
$malformedCookie = new Cookie('login');
$malformedCookie->setData(array('gid' => 'not a valid gid', 'token' => 'not a valid token'));
$transceiver = new SecureCookieTransceiver(self::$cryptoFactory->getHashFunction('Sha256'), self::$cryptoFactory->getHashFunction('Sha256'), self::$cryptoFactory->getSymmetricCypher('Aes256'), 'secret key', new GID(), 'session id', $gid);
$method = new SecurePersistentLoginMethod($storage, $transceiver);
$method->setCookieName('login');
$this->remoteCall('login', $method, $gid);
$this->remoteCall('sendCookie', null, array($transceiver, $malformedCookie));
$this->assertNull($this->remoteCall('authenticate', $method));
}
