public function __construct() { parent::__construct(); // 获取参数 $code = I('get.code'); $this->data = unserialize(urlsafe_b64decode($code)); }
function verify_signature($key, $message, $signature) { $salt = 'cookie-session'; $derived_key = hash_hmac('sha1', $salt, $key, true); $mac = hash_hmac('sha1', $message, $derived_key, true); $org_mac = urlsafe_b64decode($signature); return $org_mac == $mac; }
function check_token($mytoken) { $timeout = 60; $decr_b64 = urlsafe_b64decode($mytoken); $decrypted = encrypt_decrypt('decrypt', $decr_b64); $fields = explode(":", $decrypted); if (count($fields) == 2) { list($ip, $timestamp) = explode(":", $decrypted); $nowtime = time(); //echo "$ip, $timestamp, $timeout\n"; $sum = (int) ($timestamp + $timeout); if ($nowtime > $sum || $nowtime < $timestamp) { return false; } else { return true; } } else { return false; } return false; }
<?php require_once 'f-encryption.php'; $client_encryption_keys = array('127.0.0.1' => 'Qs/7S$N%C8'); $remote_ip = '206.225.90.76'; $encryption_key = $client_encryption_keys[$remote_ip]; $timeout = 60; echo "Decrypting: {$argv['1']}\n\n"; $decr_b64 = urlsafe_b64decode($argv[1]); $decrypted = encrypt_decrypt('decrypt', $decr_b64); $fields = explode(":", $decrypted); if (count($fields) == 2) { // sleep (3); list($ip, $timestamp) = explode(":", $decrypted); $nowtime = time(); //echo "$ip, $timestamp, $timeout\n"; $sum = (int) ($timestamp + $timeout); if ($nowtime > $sum || $nowtime < $timestamp) { echo "Expired key\n"; } echo "IP:{$ip},TIMESTAMP:{$timestamp}\n"; } check_token($argv[1]);
// Encrypt response for myself $response = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, pack("H*", $internalkey), $response, MCRYPT_MODE_CBC, $iv); $response = preg_replace('/\\?.*/', '', curPageURL()) . '?data=' . urlsafe_b64encode($response) . '&iv=' . urlsafe_b64encode($iv); // Encrypt response for RADIUS if ($key != null) { $encresponse = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, pack("H*", $enckey), $response, MCRYPT_MODE_CBC, $iv); } else { $encresponse = $response; } // Send URL print base64_encode($encresponse); } else { //Client Resquest- Send InfoCard //Get Attributes $encrequest = urlsafe_b64decode($_GET['data']); $iv = urlsafe_b64decode($_GET['iv']); if (!$encrequest || !$iv) { throw new SimpleSAML_Error_NotFound('The URL wasn\'t found in the module.'); } /* Load the configuration. */ $internalkey = hash('sha256', $autoconfig->getValue('internal_key')); $certificates = $autoconfig->getValue('certificates'); $ICconfig['InfoCard'] = $autoconfig->getValue('InfoCard'); $ICconfig['InfoCard']['issuer'] = $autoconfig->getValue('tokenserviceurl'); //sspmod_InfoCard_Utils::getIssuer($sts_crt); $ICconfig['tokenserviceurl'] = $autoconfig->getValue('tokenserviceurl'); $ICconfig['mexurl'] = $autoconfig->getValue('mexurl'); $ICconfig['sts_key'] = $autoconfig->getValue('sts_key'); $ICconfig['certificates'] = $autoconfig->getValue('certificates'); $ICconfig['UserCredential'] = $autoconfig->getValue('UserCredential'); $IC_lifetime_delivery = $autoconfig->getValue('IC_lifetime_delivery');
if (array_key_exists("file_content_base64", $rr) && array_key_exists("filename", $rr) && $rr['filename'] != '') { $fr = true; } # Check if download if ($xt == 'web' && $fr || $act == 'pull' && $xt != 'json') { if (array_key_exists("file_content_base64", $rr)) { $x = $rr['file_content_base64']; } $fx = ''; if (array_key_exists("filename", $rr)) { $fx = $rr['filename']; } if ($fx == '') { $fx = 'ck-archive.zip'; } try { $bin = urlsafe_b64decode($x); } catch (Exception $e) { $er = "Internal CK web service error (" . $e->getMessage() . ")"; openme_web_err($cfg, $xt, 1, $er); exit(1); } # Process extension $xt = pathinfo($fx, PATHINFO_EXTENSION); } else { # If html mode and output file is empty, use stdout from module ... if (array_key_exists("html", $rr)) { $bin = $rr['html']; } } openme_web_out($cfg, $xt, $bin, $fx);
/** * Авторизует пользователя рамблера * * Страница рамблера передаёт в единственном аргументе зашифрованный * ассоциативный массив данных о пользователе например: * { * "date": "Sun, 12 Sep 2010 20:16:21 +0400", * "id": "ef-user-dsdsdsd-122121212", * "name": "Ivan", * "email": "*****@*****.**", * "redirectUrl": "/my/wikiwrapper/tiki-view_blog.php?blogId=1" * } * @param $args */ public function rambler($args) { $ramblerString = $args[0]; $cipher = MCRYPT_RIJNDAEL_128; $key = 'X9Kls8DR72DqEFKLCMN02DdOQWdfLP2a'; $iv = 'dOQWdfLP2aCZM12D'; $decoded = urlsafe_b64decode($ramblerString); $json = mcrypt_cbc($cipher, $key, $decoded, MCRYPT_DECRYPT, $iv); $data = json_decode(trim($json), true); $default = array('id' => null, 'email' => null, 'name' => 'Рамблер', 'redirectUrl' => '/info/'); $data = array_merge($default, (array) $data); $ramblerLogin = $data['id'] ? "rambler_{$data['id']}" : null; $user = Core::getInstance()->user; $user->destroy(); // Пытаемся инициализировать пользователя $user->initUser($ramblerLogin, sha1($ramblerLogin)); // Создаём нового пользователя if (!$user->getId() && $data['id']) { Login_Model::generateUserByRamblerLogin($ramblerLogin, $data['email'], $data['name']); $data['redirectUrl'] = '/my/review/'; $user->initUser($ramblerLogin, sha1($ramblerLogin)); setCookie("guide", "uyjsdhf", 0, COOKIE_PATH, COOKIE_DOMEN, false); } if ($user->getId()) { $this->model->login($ramblerLogin, sha1($ramblerLogin), true); header(sprintf('Location: %s', $data['redirectUrl'])); } else { header('Location: /login/'); } die; }
/** * Reverse of dumps, throw an Exception in case of bad signature. * * @param string Signed key * @param string Key * @return mixed The dumped signed object */ public static function loads($s, $key) { $base64d = self::unsigns($s, $key); $decompress = false; if ('.' === $base64d[0]) { // It's compressed; uncompress it first $base64d = substr($base64d, 1); $decompress = true; } $serialized = urlsafe_b64decode($base64d); if ($decompress) { $serialized = gzinflate($serialized); } return unserialize($serialized); }