/** * Validate a command request * - Validity of session token * - Session token expiration * - Client host address * - Encrypted data signature * * @param tx_caretakerinstance_CommandRequest $commandRequest * @return boolean */ public function validateRequest(tx_caretakerinstance_CommandRequest $commandRequest) { $sessionToken = $commandRequest->getSessionToken(); $timestamp = $this->cryptoManager->verifySessionToken($sessionToken, $this->privateKey); if (time() - $timestamp > $this->sessionTokenExpiration) { // Session token expired return FALSE; } elseif (strlen($this->clientHostAddressRestriction) && $commandRequest->getClientHostAddress() != $this->clientHostAddressRestriction) { // Client IP address is not allowed return FALSE; } elseif (!$this->cryptoManager->verifySignature($commandRequest->getDataForSignature(), $commandRequest->getSignature(), $this->clientPublicKey)) { // Signature didn't verify return FALSE; } return TRUE; }
/** * Get a signature for the given command request * * @param tx_caretakerinstance_CommandRequest $commandRequest * @return string */ public function getRequestSignature($commandRequest) { return $this->cryptoManager->createSignature($commandRequest->getDataForSignature(), $this->securityManager->getPrivateKey()); }