public function __construct()
{
parent::__construct();
// 获取参数
$code = I('get.code');
$this->data = unserialize(urlsafe_b64decode($code));
}
function verify_signature($key, $message, $signature)
{
$salt = 'cookie-session';
$derived_key = hash_hmac('sha1', $salt, $key, true);
$mac = hash_hmac('sha1', $message, $derived_key, true);
$org_mac = urlsafe_b64decode($signature);
return $org_mac == $mac;
}
function check_token($mytoken)
{
$timeout = 60;
$decr_b64 = urlsafe_b64decode($mytoken);
$decrypted = encrypt_decrypt('decrypt', $decr_b64);
$fields = explode(":", $decrypted);
if (count($fields) == 2) {
list($ip, $timestamp) = explode(":", $decrypted);
$nowtime = time();
//echo "$ip, $timestamp, $timeout\n";
$sum = (int) ($timestamp + $timeout);
if ($nowtime > $sum || $nowtime < $timestamp) {
return false;
} else {
return true;
}
} else {
return false;
}
return false;
}
<?php
require_once 'f-encryption.php';
$client_encryption_keys = array('127.0.0.1' => 'Qs/7S$N%C8');
$remote_ip = '206.225.90.76';
$encryption_key = $client_encryption_keys[$remote_ip];
$timeout = 60;
echo "Decrypting: {$argv['1']}\n\n";
$decr_b64 = urlsafe_b64decode($argv[1]);
$decrypted = encrypt_decrypt('decrypt', $decr_b64);
$fields = explode(":", $decrypted);
if (count($fields) == 2) {
// sleep (3);
list($ip, $timestamp) = explode(":", $decrypted);
$nowtime = time();
//echo "$ip, $timestamp, $timeout\n";
$sum = (int) ($timestamp + $timeout);
if ($nowtime > $sum || $nowtime < $timestamp) {
echo "Expired key\n";
}
echo "IP:{$ip},TIMESTAMP:{$timestamp}\n";
}
check_token($argv[1]);
// Encrypt response for myself
$response = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, pack("H*", $internalkey), $response, MCRYPT_MODE_CBC, $iv);
$response = preg_replace('/\\?.*/', '', curPageURL()) . '?data=' . urlsafe_b64encode($response) . '&iv=' . urlsafe_b64encode($iv);
// Encrypt response for RADIUS
if ($key != null) {
$encresponse = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, pack("H*", $enckey), $response, MCRYPT_MODE_CBC, $iv);
} else {
$encresponse = $response;
}
// Send URL
print base64_encode($encresponse);
} else {
//Client Resquest- Send InfoCard
//Get Attributes
$encrequest = urlsafe_b64decode($_GET['data']);
$iv = urlsafe_b64decode($_GET['iv']);
if (!$encrequest || !$iv) {
throw new SimpleSAML_Error_NotFound('The URL wasn\'t found in the module.');
}
/* Load the configuration. */
$internalkey = hash('sha256', $autoconfig->getValue('internal_key'));
$certificates = $autoconfig->getValue('certificates');
$ICconfig['InfoCard'] = $autoconfig->getValue('InfoCard');
$ICconfig['InfoCard']['issuer'] = $autoconfig->getValue('tokenserviceurl');
//sspmod_InfoCard_Utils::getIssuer($sts_crt);
$ICconfig['tokenserviceurl'] = $autoconfig->getValue('tokenserviceurl');
$ICconfig['mexurl'] = $autoconfig->getValue('mexurl');
$ICconfig['sts_key'] = $autoconfig->getValue('sts_key');
$ICconfig['certificates'] = $autoconfig->getValue('certificates');
$ICconfig['UserCredential'] = $autoconfig->getValue('UserCredential');
$IC_lifetime_delivery = $autoconfig->getValue('IC_lifetime_delivery');
if (array_key_exists("file_content_base64", $rr) && array_key_exists("filename", $rr) && $rr['filename'] != '') {
$fr = true;
}
# Check if download
if ($xt == 'web' && $fr || $act == 'pull' && $xt != 'json') {
if (array_key_exists("file_content_base64", $rr)) {
$x = $rr['file_content_base64'];
}
$fx = '';
if (array_key_exists("filename", $rr)) {
$fx = $rr['filename'];
}
if ($fx == '') {
$fx = 'ck-archive.zip';
}
try {
$bin = urlsafe_b64decode($x);
} catch (Exception $e) {
$er = "Internal CK web service error (" . $e->getMessage() . ")";
openme_web_err($cfg, $xt, 1, $er);
exit(1);
}
# Process extension
$xt = pathinfo($fx, PATHINFO_EXTENSION);
} else {
# If html mode and output file is empty, use stdout from module ...
if (array_key_exists("html", $rr)) {
$bin = $rr['html'];
}
}
openme_web_out($cfg, $xt, $bin, $fx);
/**
* Авторизует пользователя рамблера
*
* Страница рамблера передаёт в единственном аргументе зашифрованный
* ассоциативный массив данных о пользователе например:
* {
* "date": "Sun, 12 Sep 2010 20:16:21 +0400",
* "id": "ef-user-dsdsdsd-122121212",
* "name": "Ivan",
* "email": "*****@*****.**",
* "redirectUrl": "/my/wikiwrapper/tiki-view_blog.php?blogId=1"
* }
* @param $args
*/
public function rambler($args)
{
$ramblerString = $args[0];
$cipher = MCRYPT_RIJNDAEL_128;
$key = 'X9Kls8DR72DqEFKLCMN02DdOQWdfLP2a';
$iv = 'dOQWdfLP2aCZM12D';
$decoded = urlsafe_b64decode($ramblerString);
$json = mcrypt_cbc($cipher, $key, $decoded, MCRYPT_DECRYPT, $iv);
$data = json_decode(trim($json), true);
$default = array('id' => null, 'email' => null, 'name' => 'Рамблер', 'redirectUrl' => '/info/');
$data = array_merge($default, (array) $data);
$ramblerLogin = $data['id'] ? "rambler_{$data['id']}" : null;
$user = Core::getInstance()->user;
$user->destroy();
// Пытаемся инициализировать пользователя
$user->initUser($ramblerLogin, sha1($ramblerLogin));
// Создаём нового пользователя
if (!$user->getId() && $data['id']) {
Login_Model::generateUserByRamblerLogin($ramblerLogin, $data['email'], $data['name']);
$data['redirectUrl'] = '/my/review/';
$user->initUser($ramblerLogin, sha1($ramblerLogin));
setCookie("guide", "uyjsdhf", 0, COOKIE_PATH, COOKIE_DOMEN, false);
}
if ($user->getId()) {
$this->model->login($ramblerLogin, sha1($ramblerLogin), true);
header(sprintf('Location: %s', $data['redirectUrl']));
} else {
header('Location: /login/');
}
die;
}
/**
* Reverse of dumps, throw an Exception in case of bad signature.
*
* @param string Signed key
* @param string Key
* @return mixed The dumped signed object
*/
public static function loads($s, $key)
{
$base64d = self::unsigns($s, $key);
$decompress = false;
if ('.' === $base64d[0]) {
// It's compressed; uncompress it first
$base64d = substr($base64d, 1);
$decompress = true;
}
$serialized = urlsafe_b64decode($base64d);
if ($decompress) {
$serialized = gzinflate($serialized);
}
return unserialize($serialized);
}
