public function decrypt($text, $key = null)
{
return parent::decrypt($text, $key);
}
/**
* Decrypts an encrypted text
*
*<code>
* echo $crypt->decrypt($encrypted, "decrypt password");
*</code>
*
* @param string $text
* @param string $key
* @return string
*/
public function decrypt($text, $key = null)
{
if ($key != null) {
return parent::decrypt(base64_decode($text), $key);
}
return parent::decrypt(base64_decode($text), $this->encryptKey);
}
/**
* Tests the padding
*
* @author Nikolaos Dimopoulos <*****@*****.**>
* @since 2014-10-17
*/
public function testCryptPadding()
{
$this->specify("padding not return correct results", function () {
$texts = [''];
$key = '0123456789ABCDEF0123456789ABCDEF';
$modes = ['ecb', 'cbc', 'cfb'];
$pads = [PhTCrypt::PADDING_ANSI_X_923, PhTCrypt::PADDING_PKCS7, PhTCrypt::PADDING_ISO_10126, PhTCrypt::PADDING_ISO_IEC_7816_4, PhTCrypt::PADDING_ZERO, PhTCrypt::PADDING_SPACE];
for ($i = 1; $i < 128; ++$i) {
$texts[] = str_repeat('A', $i);
}
$crypt = new PhTCrypt();
$crypt->setCipher(MCRYPT_RIJNDAEL_256)->setKey(substr($key, 0, 16));
foreach ($pads as $padding) {
$crypt->setPadding($padding);
foreach ($modes as $mode) {
$crypt->setMode($mode);
foreach ($texts as $text) {
$encrypted = $crypt->encrypt($text);
$actual = $crypt->decrypt($encrypted);
expect($actual)->equals($text);
}
}
}
});
}
/**
* Parse and get username from access token.
*
* @access protected
* @param string $accessToken
* @throws \Modules\Core\Exceptions\HTTPException
* @return array tokens (Parts of access token)
*/
protected static function parseToken($accessToken = '')
{
$crypt = new Crypt();
$di = DI::getDefault();
set_error_handler(function () {
$msg = 'Invalid access token';
throw new \Modules\Core\Exceptions\HTTPException($msg, 401);
});
$accessToken = pack('H*', $accessToken);
$accessToken = $crypt->decrypt($accessToken, $di->get('config')->app->crypkey);
$parts = explode('|', $accessToken);
if (!is_array($parts) || count($parts) != 5) {
$msg = 'Invalid access token, tokens do not match';
throw new \Modules\Core\Exceptions\HTTPException($msg, 401);
}
$tokens = array();
$tokens['uid'] = $parts[0];
$tokens['username'] = $parts[1];
$tokens['address'] = $parts[2];
$tokens['agent'] = $parts[3];
$tokens['expiry'] = $parts[4];
return $tokens;
}
/**
* Register cache, database, auth object and global requestBody (For HTTP body)
* @param Phalcon\DI $di
* @throws \Modules\Core\Exceptions\HTTPException
* @return void
*/
private function registerServices($di)
{
/**
* Starting cache (Memcached)
*/
$di->set('cache', function () {
$di = DI::getDefault();
$frontCache = new \Phalcon\Cache\Frontend\Data(array('lifetime' => $di->get('config')->memcached->lifetime));
$cache = new \Phalcon\Cache\Backend\Libmemcached($frontCache, array('servers' => array('host' => $di->get('config')->memcached->host, 'port' => $di->get('config')->memcached->port, 'weight' => $di->get('config')->memcached->weight)));
return $cache;
});
/**
* Initialize database object
*/
$di->set('db', function () {
$di = DI::getDefault();
$adapter = new Database(array('host' => $di->get('config')->db->host, 'username' => $di->get('config')->db->username, 'password' => $di->get('config')->db->password, 'dbname' => $di->get('config')->db->dbname));
// Added to log and debug sql queries
$eventsManager = new \Phalcon\Events\Manager();
$eventsManager->attach('db', new Listener());
$adapter->setEventsManager($eventsManager);
return $adapter;
});
/**
* Service to read HTTP body from requests
*/
$di->setShared('requestBody', function () {
$in = file_get_contents('php://input');
$in = json_decode($in, false);
if ($in === null) {
throw new \Modules\Core\Exceptions\HTTPException('There was a problem understanding the data sent to the server by the application.', 409, array('dev' => 'The JSON body sent to the server was unable to be parsed.', 'appCode' => 'REQ1000', 'more' => ''));
}
return $in;
});
/**
* Service to use authin a global way
*/
$di->setShared('auth', function () {
$di = DI::getDefault();
$crypt = new Crypt();
//This method probably is not available if you use php-fpm
//@todo, implement it
$headers = getallheaders();
if (!isset($headers['Authorization'])) {
$msg = 'Token not provided';
throw new \Modules\Core\Exceptions\HTTPException($msg, 401);
}
set_error_handler(function () {
$msg = 'Invalid access token';
throw new \Modules\Core\Exceptions\HTTPException($msg, 401);
});
$token = pack('H*', $headers['Authorization']);
if (!$token) {
$msg = 'Wrong access token';
throw new \Modules\Core\Exceptions\HTTPException($msg, 401);
}
$token = $crypt->decrypt($token, $di->get('config')->app->crypkey);
$tokens = explode('|', $token);
if ($tokens[2] != $_SERVER['REMOTE_ADDR']) {
$msg = 'Wrong token (Ip address)';
throw new \Modules\Core\Exceptions\HTTPException($msg, 401);
}
if ($tokens[3] != $_SERVER['HTTP_USER_AGENT']) {
$msg = 'Wrong access token (User agent)';
throw new \Modules\Core\Exceptions\HTTPException($msg, 401);
}
if ($tokens[4] < time()) {
$msg = 'Token has expiried';
throw new \Modules\Core\Exceptions\HTTPException($msg, 401);
}
return true;
});
}
