public static function getKSObject($encoded_str) { if (empty($encoded_str)) { return null; } $ks = new kSessionBase(); if (!$ks->parseKS($encoded_str)) { return null; } return $ks; }
function extendKsExpiry($ks) { global $partnerSecretPool; /* @var $partnerSecretPool PartnerSecretPool */ $ksObj = new ks(); if (!$ksObj->parseKS($ks)) { return null; } $adminSecret = $partnerSecretPool->getPartnerSecret($ksObj->partner_id); if (!$adminSecret) { return null; } return kSessionBase::generateKsV1($adminSecret, $ksObj->user, $ksObj->type, $ksObj->partner_id, 86400, $ksObj->privileges, $ksObj->master_partner_id, $ksObj->additional_data); }
/** * @param string $url * @param string $urlPrefix * @return string */ public function tokenizeSingleUrl($url, $urlPrefix = null) { if (!$this->ksObject || !$this->ksObject->user) { KExternalErrors::dieError(KExternalErrors::MISSING_PARAMETER, 'ks user'); } $uriRestrict = explode(',', $url); // cannot contain commas, since it's used as the privileges delimiter $uriRestrict = $uriRestrict[0]; $privileges = kSessionBase::PRIVILEGE_DISABLE_ENTITLEMENT_FOR_ENTRY . ':' . $this->entryId; $privileges .= ',' . kSessionBase::PRIVILEGE_VIEW . ':' . $this->entryId; $privileges .= ',' . kSessionBase::PRIVILEGE_URI_RESTRICTION . ':' . $uriRestrict . '*'; $ks = kSessionBase::generateKsV2($this->key, $this->ksObject->user, kSessionBase::SESSION_TYPE_USER, $this->partnerId, $this->window, $privileges, null, null); return $url . '?ks=' . $ks; }
private static function handleSessionStart(&$params) { if (!isset($params['service']) || $params['service'] != 'session' || !isset($params['action']) || $params['action'] != 'start' || isset($params['multirequest'])) { return; // not a stand-alone call to session start } if (!isset($params['secret']) || !isset($params['partnerId'])) { return; // missing mandatory params or not admin session } $format = isset($params['format']) ? $params['format'] : self::RESPONSE_TYPE_XML; if ($format != self::RESPONSE_TYPE_XML && $format != self::RESPONSE_TYPE_PHP) { return; // the format is unsupported at this level } $type = isset($params['type']) ? $params['type'] : 0; if (!in_array($type, array(0, 2))) { return; // invalid session type } $type = (int) $type; $partnerId = $params['partnerId']; $secrets = kSessionBase::getSecretsFromCache($partnerId); if (!$secrets) { return; // can't find the secrets of the partner in the cache } list($adminSecret, $userSecret, $ksVersion) = $secrets; $paramSecret = $params['secret']; if ($paramSecret !== $adminSecret && ($type || $paramSecret !== $userSecret)) { return; // invalid secret } $startTime = microtime(true); $userId = isset($params['userId']) ? $params['userId'] : ''; $expiry = isset($params['expiry']) ? $params['expiry'] : 86400; $privileges = isset($params['privileges']) ? $params['privileges'] : null; $result = kSessionBase::generateSession($ksVersion, $adminSecret, $userId, $type, $partnerId, $expiry, $privileges); $processingTime = microtime(true) - $startTime; $cacheKey = md5("{$partnerId}_{$userId}_{$type}_{$expiry}_{$privileges}"); header("X-Kaltura:cached-dispatcher,{$cacheKey},{$processingTime}", false); if ($format == self::RESPONSE_TYPE_XML) { header("Content-Type: text/xml"); echo "<xml><result>{$result}</result><executionTime>{$processingTime}</executionTime></xml>"; die; } else { if ($format == self::RESPONSE_TYPE_PHP) { echo serialize($result); die; } } }
protected function addKSData($ks) { $this->_ks = $ks; // determine the KS status if (empty($ks)) { $this->_ksStatus = kSessionBase::OK; } else { $ksObj = new kSessionBase(); $parseResult = $ksObj->parseKS($ks); if ($parseResult) { $this->_ksStatus = $ksObj->tryToValidateKS(); if ($this->_ksStatus == kSessionBase::OK) { $this->_ksObj = $ksObj; $this->_ksPartnerId = $ksObj->partner_id; } } else { if ($parseResult === false) { $this->_ksStatus = kSessionBase::INVALID_STR; } else { $this->_ksStatus = kSessionBase::UNKNOWN; } } } $this->_params["___cache___partnerId"] = $this->_ksPartnerId; $this->_params["___cache___ksStatus"] = $this->_ksStatus; $this->_params["___cache___ksType"] = $this->_ksObj ? $this->_ksObj->type : null; $this->_params["___cache___userId"] = $this->_ksObj ? $this->_ksObj->user : null; $this->_params["___cache___privileges"] = $this->_ksObj ? $this->_ksObj->privileges : null; }
protected function addKSData($ks) { $this->_ks = $ks; $this->_ksObj = kSessionBase::getKSObject($ks); $this->_ksPartnerId = $this->_ksObj ? $this->_ksObj->partner_id : null; $this->_params["___cache___partnerId"] = $this->_ksPartnerId; $this->_params["___cache___ksType"] = $this->_ksObj ? $this->_ksObj->type : null; $this->_params["___cache___userId"] = $this->_ksObj ? $this->_ksObj->user : null; $this->_params["___cache___privileges"] = $this->_ksObj ? $this->_ksObj->privileges : null; }
protected function getKSVersionAndSecret($partnerId) { $result = parent::getKSVersionAndSecret($partnerId); if ($result) { return $result; } $partner = PartnerPeer::retrieveByPK($partnerId); if (!$partner) { return array(1, null); } // VERY big problem $ksVersion = $partner->getKSVersion(); $cacheKey = self::getSecretsCacheKey($partnerId); $cacheSections = kCacheManager::getCacheSectionNames(kCacheManager::CACHE_TYPE_PARTNER_SECRETS); foreach ($cacheSections as $cacheSection) { $cacheStore = kCacheManager::getCache($cacheSection); if (!$cacheStore) { continue; } $cacheStore->set($cacheKey, array($partner->getAdminSecret(), $partner->getSecret(), $ksVersion)); } return array($ksVersion, $partner->getAdminSecret()); }
protected static function createLiveReportExportDownloadUrl($partner_id, $file_name, $expiry, $applicationUrlTemplate) { // Extract simple download name $regex = "/^{$partner_id}_Export_[a-zA-Z0-9]+_(?<fileName>[\\w\\-]+.csv)\$/"; if (!preg_match($regex, $file_name, $matches)) { KalturaLog::err("File name doesn't match expected format"); return null; } $downloadName = $matches['fileName']; // Add dc to enable redirection $dc = kDataCenterMgr::getCurrentDc(); $file_name = $dc['id'] . "_" . $file_name; $ksStr = ""; $partner = PartnerPeer::retrieveByPK($partner_id); $secret = $partner->getSecret(); $privilege = ks::PRIVILEGE_DOWNLOAD . ":" . $file_name; $ksStr = kSessionBase::generateSession($partner->getKSVersion(), $partner->getAdminSecret(), null, ks::TYPE_KS, $partner_id, $expiry, $privilege); if ($applicationUrlTemplate) { $url = str_replace("[ks]", $ksStr, $applicationUrlTemplate); $url = str_replace("[id]", $file_name, $url); } else { //url is built with DC url in order to be directed to the same DC of the saved file $url = kDataCenterMgr::getCurrentDcUrl() . "/api_v3/index.php/service/liveReports/action/serveReport/ks/{$ksStr}/id/{$file_name}/{$downloadName}"; } return $url; }
protected function getKSVersionAndSecret($partnerId) { $result = parent::getKSVersionAndSecret($partnerId); if ($result) { return $result; } $partner = PartnerPeer::retrieveByPK($partnerId); if (!$partner) { return array(1, null); } // VERY big problem $ksVersion = $partner->getKSVersion(); if (function_exists('apc_store')) { apc_store(self::SECRETS_CACHE_PREFIX . $partnerId, array($partner->getAdminSecret(), $partner->getSecret(), $ksVersion)); } return array($ksVersion, $partner->getAdminSecret()); }
private function getKsData($ks) { $partnerId = null; $userId = null; $validUntil = null; $ksObj = kSessionBase::getKSObject($ks); if ($ksObj) { $partnerId = $ksObj->partner_id; $userId = $ksObj->user; $validUntil = $ksObj->valid_until; } return array("partnerId" => $partnerId, "userId" => $userId, "validUntil" => $validUntil); }