public function parseKsV2($ks) { $decodedKs = base64_decode(str_replace(array('-', '_'), array('+', '/'), $ks), true); if (!$decodedKs) { $this->logError("Couldn't base 64 decode the KS."); return false; } $explodedKs = explode('|', $decodedKs, 3); if (count($explodedKs) != 3) { return false; } // not KS V2 list($version, $partnerId, $encKs) = $explodedKs; if ($version != 'v2') { $this->logError("KS version [{$version}] is not [v2]."); return false; // not KS V2 } $adminSecret = KalturaSecretRepository::getAdminSecret($partnerId); if (!$adminSecret) { $this->logError("Couldn't get secret for partner [{$partnerId}]."); return false; // admin secret not found, can't decrypt the KS } $decKs = self::aesDecrypt($adminSecret, $encKs); $decKs = rtrim($decKs, ""); $hash = substr($decKs, 0, self::SHA1_SIZE); $fields = substr($decKs, self::SHA1_SIZE); if ($hash != sha1($fields, true)) { $this->logError("Hash [{$hash}] doesn't match sha1 on partner [{$partnerId}]."); return false; // invalid signature } $rand = substr($fields, 0, self::RANDOM_SIZE); $fields = substr($fields, self::RANDOM_SIZE); $fieldsArr = null; parse_str($fields, $fieldsArr); // TODO: the following code translates a KS v2 into members that are more suitable for V1 // in the future it makes sense to change the structure of the ks class $privileges = array(); foreach ($fieldsArr as $fieldName => $fieldValue) { if (isset(self::$fieldMapping[$fieldName])) { $fieldMember = self::$fieldMapping[$fieldName]; $this->{$fieldMember} = $fieldValue; continue; } if ($fieldValue) { $privileges[] = "{$fieldName}:{$fieldValue}"; } else { $privileges[] = "{$fieldName}"; } } $this->hash = bin2hex($hash); $this->real_str = $fields; $this->original_str = $ks; $this->partner_id = $partnerId; $this->rand = bin2hex($rand); $this->privileges = implode(',', $privileges); if ($this->privileges == 'all:*') { $this->privileges = '*'; } $this->version = 2; return true; }
// @ignore // =================================================================================================== require_once dirname(__FILE__) . '/lib/KalturaCommandLineParser.php'; require_once dirname(__FILE__) . '/lib/KalturaSession.php'; $commandLineSwitches = array(array(KalturaCommandLineParser::SWITCH_REQUIRES_VALUE, 't', 'type', 'Session type - 0=USER, 2=ADMIN'), array(KalturaCommandLineParser::SWITCH_REQUIRES_VALUE, 'u', 'user', 'User name'), array(KalturaCommandLineParser::SWITCH_REQUIRES_VALUE, 'e', 'expiry', 'Session expiry (seconds)'), array(KalturaCommandLineParser::SWITCH_REQUIRES_VALUE, 'p', 'privileges', 'Session privileges'), array(KalturaCommandLineParser::SWITCH_NO_VALUE, 'w', 'widget', 'Widget session'), array(KalturaCommandLineParser::SWITCH_NO_VALUE, 'b', 'bare', 'Print only the KS itself')); // parse command line $options = KalturaCommandLineParser::parseArguments($commandLineSwitches); $arguments = KalturaCommandLineParser::stripCommandLineSwitches($commandLineSwitches, $argv); if (!$arguments) { $usage = "Usage: generateKs [switches] <partnerId>\nOptions:\n"; $usage .= KalturaCommandLineParser::getArgumentsUsage($commandLineSwitches); die($usage); } $partnerId = $arguments[0]; KalturaSecretRepository::init(); $adminSecret = KalturaSecretRepository::getAdminSecret($partnerId); if (!$adminSecret) { die("Failed to get secret for partner {$partnerId}"); } $type = isset($options['type']) ? $options['type'] : 2; $user = isset($options['user']) ? $options['user'] : '******'; $expiry = isset($options['expiry']) ? $options['expiry'] : 86400; $privileges = isset($options['privileges']) ? $options['privileges'] : 'disableentitlement'; if (isset($options['widget'])) { $type = 0; $user = '******'; $expiry = 86400; $privileges = 'widget:1,view:*'; } if (!isset($options['bare'])) { echo "ks\t";