/** * Validate a Raven user token. * * @param TokenInterface $token Raven user token. * * @return bool true if the token is valid, false otherwise. * * @throws OpenSslException If there is an OpenSSL problem. */ protected function validateToken(TokenInterface $token) { // @codeCoverageIgnoreStart if (false === function_exists('openssl_verify')) { throw new OpenSslException('OpenSSL is unavailable'); } // @codeCoverageIgnoreEnd $data = implode('!', array($token->getAttribute('ver'), $token->getAttribute('status'), $token->getAttribute('msg'), $token->getAttribute('issue')->format('Ymd\\THis\\Z'), $token->getAttribute('id'), $token->getAttribute('url'), $token->getUsername(), $token->getAttribute('auth'), $token->getAttribute('sso'), $token->getAttribute('life'), $token->getAttribute('params'))); $sig = base64_decode(preg_replace(array('/-/', '/\\./', '/_/'), array('+', '/', '='), rawurldecode($token->getAttribute('sig')))); $key = openssl_pkey_get_public($this->raven->getCertificate()); $result = openssl_verify($data, $sig, $key); openssl_free_key($key); switch ($result) { case 1: return true; break; case 0: return false; break; // @codeCoverageIgnoreStart // @codeCoverageIgnoreStart default: throw new OpenSslException('OpenSSL has returned a error when verifying the signature'); break; } // @codeCoverageIgnoreEnd }
/** * Request Raven authentication. * * @param GetResponseEvent $responseEvent Get response event. * @param string $url Redirect URL. */ protected function requestAuthentication(GetResponseEvent $responseEvent, $url) { $redirectEvent = new RedirectEvent(array('ver' => 2, 'url' => $url)); $this->dispatcher->dispatch(RavenEvents::REDIRECT, $redirectEvent); $parameters = array(); foreach ($redirectEvent->params as $key => $val) { $parameters[] = $key . '=' . utf8_encode(urlencode($val)); } $parameters = '?' . implode('&', $parameters); if (null !== $this->logger) { $this->logger->debug('Redirecting to Raven'); } $responseEvent->setResponse(new RedirectResponse($this->raven->getUrl() . $parameters, 303)); }