コード例 #1
0
 public function it_can_create_new_auth_records($authenticationMapper, User $user5, AuthenticationRecordInterface $newAuth)
 {
     $newAuth->getSessionKey()->willReturn(KeyFactory::generateEncryptionKey()->getRawKeyMaterial());
     $newAuth->getUsername()->willReturn('email');
     $newAuth->getUserId()->willReturn(5);
     $user5->getId()->willReturn(5);
     $authenticationMapper->save(Argument::type(AuthenticationRecordInterface::class))->shouldBeCalled();
     $authenticationMapper->create(Argument::type('integer'), Argument::type('string'), Argument::type('string'), Argument::type('string'))->willReturn($newAuth);
     $this->create($user5, 'userC', 'beestring')->shouldBeAnInstanceOf(AuthenticationRecordInterface::class);
 }
コード例 #2
0
 /**
  * Set the auth session cookies that can be used to regenerate the session on subsequent visits
  *
  * @param AuthenticationRecordInterface $authentication
  */
 private function setSessionCookies(AuthenticationRecordInterface $authentication)
 {
     $systemKey = new EncryptionKey($this->systemEncryptionKey);
     $userKey = new EncryptionKey($authentication->getSessionKey());
     $hashCookieName = hash_hmac('sha256', $authentication->getSessionKey() . $authentication->getUsername(), $systemKey);
     $userTuple = base64_encode(Crypto::encrypt($authentication->getUserId() . ":" . $hashCookieName, $systemKey));
     $hashCookieContents = base64_encode(Crypto::encrypt(time() . ':' . $authentication->getUserId() . ':' . $authentication->getUsername(), $userKey));
     //
     // 1 - Set the cookie that contains the user ID, and hash cookie name
     //
     $this->setCookie(self::COOKIE_USER, $userTuple);
     //
     // 2 - Set the cookie with random name, that contains a verification hash, that's a function of the switching session key
     //
     $this->setCookie(self::COOKIE_HASH_PREFIX . $hashCookieName, $hashCookieContents);
     //
     // 3 - Set the sign cookie, that acts as a safeguard against tampering
     //
     $this->setCookie(self::COOKIE_VERIFY_A, hash_hmac('sha256', $userTuple, $systemKey));
     //
     // 4 - Set a sign cookie for the hashCookie's values
     //
     $this->setCookie(self::COOKIE_VERIFY_B, hash_hmac('sha256', $hashCookieContents, $userKey));
 }