public function getId() { return Insight_Util::getInstallationId() . '/' . get_class($this); }
protected function isClientAuthorized() { if (php_sapi_name() == 'cli') { return true; } // verify IP $authorized = false; $ips = $this->config->getIPs(); if (count($ips) == 1 && $ips[0] == '*') { $authorized = true; } else { $requestIP = Insight_Util::getRequestIP(); foreach ($ips as $ip) { if (substr($requestIP, 0, strlen($ip)) == $ip) { $authorized = true; break; } } } if (!$authorized) { Insight_Helper::debug('IP "' . Insight_Util::getRequestIP() . '" not authorized in credentials.json file or INSIGHT_IPS constant'); return false; } $clientInfo = self::$instance->getClientInfo(); if (!$clientInfo || $clientInfo['client'] != 'insight') { // announce installation // NOTE: Only an IP match is required for this. If client is announcing itself ($clientInfo) we do NOT send this header! // TODO: Use wildfire for this? header('x-insight-installation-id: ' . Insight_Util::getInstallationId()); return false; } // verify client key $authorized = false; if ($clientInfo['client'] == 'insight') { $authkeys = $this->config->getAuthkeys(); if (count($authkeys) == 1 && $authkeys[0] == '*') { $authorized = true; } else { foreach ($authkeys as $authkey) { if (in_array($authkey, $clientInfo['authkeys'])) { $authorized = true; break; } } } } if (!$authorized) { // IP matched and client announced itself but authkey does not match header('x-insight-status: AUTHKEY_NOT_FOUND'); } return $authorized; }