Exemplo n.º 1
0
 /**
  * Validates the returned server value
  * 
  * @param string $server The returned server value
  * @param string $nut The nut from the request
  * @param string $secure Whether the request was secure
  * 
  * @return boolean
  */
 public function validateServer($server, $nut, $secure)
 {
     if (is_string($server)) {
         return $server === $this->getUrl($nut) && !!$secure === $this->configuration->getSecure();
     } else {
         if (!isset($server['ver']) || !isset($server['nut']) || !isset($server['tif']) || !isset($server['qry']) || !isset($server['sfn'])) {
             return false;
         }
         $nutInfo = $this->store->getNutDetails($nut);
         return $server['ver'] === implode(',', $this->configuration->getAcceptedVersions()) && $server['nut'] === $nut && (!is_array($nutInfo) || hexdec($server['tif']) == $nutInfo['tif']) && $server['qry'] === $this->generateQry($nut) && $server['sfn'] === $this->configuration->getFriendlyName() && !!$secure === $this->configuration->getSecure();
     }
 }
Exemplo n.º 2
0
 /**
  * Formats a response to send back to a client
  * 
  * @param int $code The TIF code to send back to the user
  * 
  * @return string
  */
 protected function formatResponse($code)
 {
     $resp = 'ver=' . implode(',', $this->config->getAcceptedVersions()) . "\r\n" . "nut=" . $this->sqrlGenerator->getNonce($code, $this->authenticationKey, $this->requestNut) . "\r\n" . 'tif=' . strtoupper(dechex($code)) . "\r\n" . "qry=" . $this->sqrlGenerator->generateQry() . "\r\n" . 'sfn=' . $this->config->getFriendlyName();
     if (!empty($this->ask)) {
         $resp .= "\r\nask=" . $this->ask;
     }
     if ($this->tif & self::SQRL_DISABLED && !in_array('lock', $this->actions)) {
         $resp .= "\r\nsuk=" . $this->base64UrlEncode($this->store->getIdentitySUK($this->authenticationKey));
     } elseif ($this->tif & self::PREVIOUS_ID_MATCH && !in_array('ident', $this->actions)) {
         $resp .= "\r\nsuk=" . $this->base64UrlEncode($this->store->getIdentitySUK($this->previousIdKey));
     }
     return $this->base64UrlEncode($resp);
 }