/**
* Gets a token and removes it from the session
*
* @author Art <*****@*****.**>
*
* @return mixed|null The token
*/
public function getAndRemove()
{
if (!Sess::isActive()) {
self::sessionRequiredWarning(__METHOD__);
// @codeCoverageIgnoreStart
return null;
// @codeCoverageIgnoreEnd
}
$tok = Alo::nullget($_SESSION[$this->tokenKey][$this->name]);
$this->remove();
return $tok;
}
/**
* Send our request
*
* @author Art <*****@*****.**>
*
* @param string $httpMethod The HTTP method to use (GET, POST etc)
* @param string $url The URL to call. This is automatically prepended with https:// in this method
* @param array $options Request options
*
* @return \GuzzleHttp\Promise\PromiseInterface|\Psr\Http\Message\ResponseInterface The promise interface if
* async is set to true and the
* request interface if it is
* set to false
* @throws \GuzzleHttp\Exception\ClientException
*/
protected final function sendAbstract($httpMethod, $url, array $options = [])
{
return call_user_func($this->sendCallable, new Request($httpMethod, 'https://' . $url, array_merge(['authorization' => 'Bearer ' . $this->token], Alo::ifnull($options['headers'], [], true)), Alo::nullget($options['body'])));
}
/**
* Checks if the session hasn't been hijacked
*
* @author Art <*****@*****.**>
* @return boolean TRUE if the check has passed, FALSE if not and the session has been terminated.
*/
private function identityCheck()
{
$fingerprint = self::getFingerprint();
if (!Alo::nullget($_SESSION[$this->config->fingerprint])) {
$_SESSION[$this->config->fingerprint] = $fingerprint;
} elseif ($fingerprint !== $_SESSION[$this->config->fingerprint]) {
//@codeCoverageIgnoreStart
$this->handleIdentityCheckFailure(session_id());
return false;
//@codeCoverageIgnoreEnd
}
$this->log->debug('Identity check passed for session ID ' . session_id());
return true;
}
