/** * Validates the returned server value * * @param string $server The returned server value * @param string $nut The nut from the request * @param string $secure Whether the request was secure * * @return boolean */ public function validateServer($server, $nut, $secure) { if (is_string($server)) { return $server === $this->getUrl($nut) && !!$secure === $this->configuration->getSecure(); } else { if (!isset($server['ver']) || !isset($server['nut']) || !isset($server['tif']) || !isset($server['qry']) || !isset($server['sfn'])) { return false; } $nutInfo = $this->store->getNutDetails($nut); return $server['ver'] === implode(',', $this->configuration->getAcceptedVersions()) && $server['nut'] === $nut && (!is_array($nutInfo) || hexdec($server['tif']) == $nutInfo['tif']) && $server['qry'] === $this->generateQry($nut) && $server['sfn'] === $this->configuration->getFriendlyName() && !!$secure === $this->configuration->getSecure(); } }
/** * Formats a response to send back to a client * * @param int $code The TIF code to send back to the user * * @return string */ protected function formatResponse($code) { $resp = 'ver=' . implode(',', $this->config->getAcceptedVersions()) . "\r\n" . "nut=" . $this->sqrlGenerator->getNonce($code, $this->authenticationKey, $this->requestNut) . "\r\n" . 'tif=' . strtoupper(dechex($code)) . "\r\n" . "qry=" . $this->sqrlGenerator->generateQry() . "\r\n" . 'sfn=' . $this->config->getFriendlyName(); if (!empty($this->ask)) { $resp .= "\r\nask=" . $this->ask; } if ($this->tif & self::SQRL_DISABLED && !in_array('lock', $this->actions)) { $resp .= "\r\nsuk=" . $this->base64UrlEncode($this->store->getIdentitySUK($this->authenticationKey)); } elseif ($this->tif & self::PREVIOUS_ID_MATCH && !in_array('ident', $this->actions)) { $resp .= "\r\nsuk=" . $this->base64UrlEncode($this->store->getIdentitySUK($this->previousIdKey)); } return $this->base64UrlEncode($resp); }