public static function getKSObject($encoded_str)
{
if (empty($encoded_str)) {
return null;
}
$ks = new kSessionBase();
if (!$ks->parseKS($encoded_str)) {
return null;
}
return $ks;
}
function extendKsExpiry($ks)
{
global $partnerSecretPool;
/* @var $partnerSecretPool PartnerSecretPool */
$ksObj = new ks();
if (!$ksObj->parseKS($ks)) {
return null;
}
$adminSecret = $partnerSecretPool->getPartnerSecret($ksObj->partner_id);
if (!$adminSecret) {
return null;
}
return kSessionBase::generateKsV1($adminSecret, $ksObj->user, $ksObj->type, $ksObj->partner_id, 86400, $ksObj->privileges, $ksObj->master_partner_id, $ksObj->additional_data);
}
/**
* @param string $url
* @param string $urlPrefix
* @return string
*/
public function tokenizeSingleUrl($url, $urlPrefix = null)
{
if (!$this->ksObject || !$this->ksObject->user) {
KExternalErrors::dieError(KExternalErrors::MISSING_PARAMETER, 'ks user');
}
$uriRestrict = explode(',', $url);
// cannot contain commas, since it's used as the privileges delimiter
$uriRestrict = $uriRestrict[0];
$privileges = kSessionBase::PRIVILEGE_DISABLE_ENTITLEMENT_FOR_ENTRY . ':' . $this->entryId;
$privileges .= ',' . kSessionBase::PRIVILEGE_VIEW . ':' . $this->entryId;
$privileges .= ',' . kSessionBase::PRIVILEGE_URI_RESTRICTION . ':' . $uriRestrict . '*';
$ks = kSessionBase::generateKsV2($this->key, $this->ksObject->user, kSessionBase::SESSION_TYPE_USER, $this->partnerId, $this->window, $privileges, null, null);
return $url . '?ks=' . $ks;
}
private static function handleSessionStart(&$params)
{
if (!isset($params['service']) || $params['service'] != 'session' || !isset($params['action']) || $params['action'] != 'start' || isset($params['multirequest'])) {
return;
// not a stand-alone call to session start
}
if (!isset($params['secret']) || !isset($params['partnerId'])) {
return;
// missing mandatory params or not admin session
}
$format = isset($params['format']) ? $params['format'] : self::RESPONSE_TYPE_XML;
if ($format != self::RESPONSE_TYPE_XML && $format != self::RESPONSE_TYPE_PHP) {
return;
// the format is unsupported at this level
}
$type = isset($params['type']) ? $params['type'] : 0;
if (!in_array($type, array(0, 2))) {
return;
// invalid session type
}
$type = (int) $type;
$partnerId = $params['partnerId'];
$secrets = kSessionBase::getSecretsFromCache($partnerId);
if (!$secrets) {
return;
// can't find the secrets of the partner in the cache
}
list($adminSecret, $userSecret, $ksVersion) = $secrets;
$paramSecret = $params['secret'];
if ($paramSecret !== $adminSecret && ($type || $paramSecret !== $userSecret)) {
return;
// invalid secret
}
$startTime = microtime(true);
$userId = isset($params['userId']) ? $params['userId'] : '';
$expiry = isset($params['expiry']) ? $params['expiry'] : 86400;
$privileges = isset($params['privileges']) ? $params['privileges'] : null;
$result = kSessionBase::generateSession($ksVersion, $adminSecret, $userId, $type, $partnerId, $expiry, $privileges);
$processingTime = microtime(true) - $startTime;
$cacheKey = md5("{$partnerId}_{$userId}_{$type}_{$expiry}_{$privileges}");
header("X-Kaltura:cached-dispatcher,{$cacheKey},{$processingTime}", false);
if ($format == self::RESPONSE_TYPE_XML) {
header("Content-Type: text/xml");
echo "<xml><result>{$result}</result><executionTime>{$processingTime}</executionTime></xml>";
die;
} else {
if ($format == self::RESPONSE_TYPE_PHP) {
echo serialize($result);
die;
}
}
}
protected function addKSData($ks)
{
$this->_ks = $ks;
// determine the KS status
if (empty($ks)) {
$this->_ksStatus = kSessionBase::OK;
} else {
$ksObj = new kSessionBase();
$parseResult = $ksObj->parseKS($ks);
if ($parseResult) {
$this->_ksStatus = $ksObj->tryToValidateKS();
if ($this->_ksStatus == kSessionBase::OK) {
$this->_ksObj = $ksObj;
$this->_ksPartnerId = $ksObj->partner_id;
}
} else {
if ($parseResult === false) {
$this->_ksStatus = kSessionBase::INVALID_STR;
} else {
$this->_ksStatus = kSessionBase::UNKNOWN;
}
}
}
$this->_params["___cache___partnerId"] = $this->_ksPartnerId;
$this->_params["___cache___ksStatus"] = $this->_ksStatus;
$this->_params["___cache___ksType"] = $this->_ksObj ? $this->_ksObj->type : null;
$this->_params["___cache___userId"] = $this->_ksObj ? $this->_ksObj->user : null;
$this->_params["___cache___privileges"] = $this->_ksObj ? $this->_ksObj->privileges : null;
}
protected function addKSData($ks)
{
$this->_ks = $ks;
$this->_ksObj = kSessionBase::getKSObject($ks);
$this->_ksPartnerId = $this->_ksObj ? $this->_ksObj->partner_id : null;
$this->_params["___cache___partnerId"] = $this->_ksPartnerId;
$this->_params["___cache___ksType"] = $this->_ksObj ? $this->_ksObj->type : null;
$this->_params["___cache___userId"] = $this->_ksObj ? $this->_ksObj->user : null;
$this->_params["___cache___privileges"] = $this->_ksObj ? $this->_ksObj->privileges : null;
}
protected function getKSVersionAndSecret($partnerId)
{
$result = parent::getKSVersionAndSecret($partnerId);
if ($result) {
return $result;
}
$partner = PartnerPeer::retrieveByPK($partnerId);
if (!$partner) {
return array(1, null);
}
// VERY big problem
$ksVersion = $partner->getKSVersion();
$cacheKey = self::getSecretsCacheKey($partnerId);
$cacheSections = kCacheManager::getCacheSectionNames(kCacheManager::CACHE_TYPE_PARTNER_SECRETS);
foreach ($cacheSections as $cacheSection) {
$cacheStore = kCacheManager::getCache($cacheSection);
if (!$cacheStore) {
continue;
}
$cacheStore->set($cacheKey, array($partner->getAdminSecret(), $partner->getSecret(), $ksVersion));
}
return array($ksVersion, $partner->getAdminSecret());
}
protected static function createLiveReportExportDownloadUrl($partner_id, $file_name, $expiry, $applicationUrlTemplate)
{
// Extract simple download name
$regex = "/^{$partner_id}_Export_[a-zA-Z0-9]+_(?<fileName>[\\w\\-]+.csv)\$/";
if (!preg_match($regex, $file_name, $matches)) {
KalturaLog::err("File name doesn't match expected format");
return null;
}
$downloadName = $matches['fileName'];
// Add dc to enable redirection
$dc = kDataCenterMgr::getCurrentDc();
$file_name = $dc['id'] . "_" . $file_name;
$ksStr = "";
$partner = PartnerPeer::retrieveByPK($partner_id);
$secret = $partner->getSecret();
$privilege = ks::PRIVILEGE_DOWNLOAD . ":" . $file_name;
$ksStr = kSessionBase::generateSession($partner->getKSVersion(), $partner->getAdminSecret(), null, ks::TYPE_KS, $partner_id, $expiry, $privilege);
if ($applicationUrlTemplate) {
$url = str_replace("[ks]", $ksStr, $applicationUrlTemplate);
$url = str_replace("[id]", $file_name, $url);
} else {
//url is built with DC url in order to be directed to the same DC of the saved file
$url = kDataCenterMgr::getCurrentDcUrl() . "/api_v3/index.php/service/liveReports/action/serveReport/ks/{$ksStr}/id/{$file_name}/{$downloadName}";
}
return $url;
}
protected function getKSVersionAndSecret($partnerId)
{
$result = parent::getKSVersionAndSecret($partnerId);
if ($result) {
return $result;
}
$partner = PartnerPeer::retrieveByPK($partnerId);
if (!$partner) {
return array(1, null);
}
// VERY big problem
$ksVersion = $partner->getKSVersion();
if (function_exists('apc_store')) {
apc_store(self::SECRETS_CACHE_PREFIX . $partnerId, array($partner->getAdminSecret(), $partner->getSecret(), $ksVersion));
}
return array($ksVersion, $partner->getAdminSecret());
}
private function getKsData($ks)
{
$partnerId = null;
$userId = null;
$validUntil = null;
$ksObj = kSessionBase::getKSObject($ks);
if ($ksObj) {
$partnerId = $ksObj->partner_id;
$userId = $ksObj->user;
$validUntil = $ksObj->valid_until;
}
return array("partnerId" => $partnerId, "userId" => $userId, "validUntil" => $validUntil);
}
