/** * wrapper function for curl header for public temp keys and more * @author Mustafa Zeynel Dağlı * @version 0.3 27/01/2016 */ protected function setCurlHeaderForPublicKeyTemp($ch = null) { $chLocal = $ch; $logArray = array(); /** * if service has to be secure then prepare header for security * parameters * @author Mustafa Zeynel Dağlı * @since version 0.3 27/01/2016 * @todo after detailed test curl obj will be removed */ if ($this->isServicePkTempRequired) { $logArray[] = 'X-Public-Temp: ' . $this->hmacObj->getPublicKey() . ''; $logArray[] = 'X-Hash-Temp: ' . $this->hmacObj->getHash() . ''; $logArray[] = 'X-Nonce:' . $this->hmacObj->getNonce(); $logArray[] = 'X-TimeStamp:' . $this->hmacObj->setTimeStamp($this->encryptClass->encrypt('' . time() . '')); /*curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'X-Public-Temp: ' . $this->hmacObj->getPublicKey() . '', 'X-Hash-Temp: ' . $this->hmacObj->getHash() . '', 'X-Nonce:' . $this->hmacObj->getNonce(), //'X-IP:'.serialize($_SERVER), 'X-TimeStamp:' . $this->hmacObj->setTimeStamp($this->encryptClass ->encrypt('' . time() . '')) /// replay attack lar için oki ));*/ } return $logArray; //return $chLocal; }
/** * Rest api 'GET' call (Curl lib) * function overriden * @author Mustafa Zeynel Dağlı * @version 0.2 */ public function restApiDefaultCall() { /*$encrypt = new \vendor\Encrypt\EncryptManual('test'); $encryptValue = $encrypt->encrypt_times(4, 'kullanici:sifre'); //print_r('--'.$encryptValue.'--'); $decryptValue = $encrypt->decrypt_times(4, $encryptValue); //print_r('??'.$decryptValue.'??');*/ $this->setEncryptClass(); $params = null; $params = $this->getRequestParams(); $this->hmacObj->setPublicKey($params['pk']); $this->hmacObj->setPrivateKey('e249c439ed7697df2a4b045d97d4b9b7e1854c3ff8dd668c779013653913572e'); $this->hmacObj->setRequestParams($this->getRequestParamsWithoutPublicKey()); $this->hmacObj->makeHmac(); //print_r($this->hmacObj); $preparedParams = $this->prepareGetParams(); //$preparedParams = $this->prepareGetParams('', array('pk')); if (($ch = @curl_init()) == false) { header("HTTP/1.1 500", true, 500); die("Cannot initialize CURL session. Is CURL enabled for your PHP installation?"); } //print_r($this->restApiFullPathUrl.'?'.$preparedParams); //print_r($this->endPointUrl.$this->getEndPointFunction().'?'.$preparedParams); curl_setopt($ch, CURLOPT_URL, $this->restApiFullPathUrl . '?' . $preparedParams); //Url together with parameters curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //Return data instead printing directly in Browser curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $this->getCallTimeOut()); //Timeout (Default 7 seconds) curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-Public: ' . $this->hmacObj->getPublicKey() . '', 'X-Hash: ' . $this->hmacObj->getHash() . '', 'X-Nonce:' . $this->hmacObj->getNonce(), 'X-TimeStamp:' . $this->hmacObj->setTimeStamp($this->encryptClass->encrypt('' . time() . '')))); curl_setopt($ch, CURLOPT_HEADER, 0); // we don’t want also to get the header information that we receive. //sleep(10); $response = curl_exec($ch); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ($response == false) { die("curl_exec() failed. Error: " . curl_error($ch)); } return $response; }
/** * wrapper function for curl header for public temp keys and more * @author Mustafa Zeynel Dağlı * @version 0.3 27/01/2016 */ private function setCurlHeaderForPublicKeyTemp($ch) { $chLocal = $ch; /** * if service has to be secure then prepare header for security * parameters * @author Mustafa Zeynel Dağlı * @since version 0.3 27/01/2016 */ if ($this->isServicePkTempRequired) { curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-Public-Temp: ' . $this->hmacObj->getPublicKey() . '', 'X-Hash-Temp: ' . $this->hmacObj->getHash() . '', 'X-Nonce:' . $this->hmacObj->getNonce(), 'X-TimeStamp:' . $this->hmacObj->setTimeStamp($this->encryptClass->encrypt('' . time() . '')))); } return $chLocal; }