if (verifyCredentials($DB, $USERNAME, $PASSWORD) !== True) {
handleError("Invalid credentials", 403, "Forbidden");
exit;
// Exit just for certainty. HandleError should have exited already.
}
if ($AUTHONLY) {
header("HTTP/1.1 200 Created");
header("Content-type: text/plain");
print "authenticated {$USERNAME}\n";
exit;
}
// Now we are authenticated. Now add the key
if (isset($_POST["id"])) {
$REQUESTKEYID = $_POST["id"];
}
$PUBKEY = normalizebase64($_POST["pubkey"]);
if (isset($REQUESTKEYID)) {
if ($stmt = $DB->prepare('UPDATE `pubkeys` SET privkey=? WHERE `keyid`=? AND `user`=?')) {
$stmt->bind_param("sis", $PUBKEY, $REQUESTKEYID, $USERNAME);
if (($result = $stmt->execute()) === FALSE) {
$error = $DB->error;
$stmt->close();
$DB->rollback();
$DB->close();
handleError($error, 500);
} elseif ($result === NULL || $DB->affected_rows != 1) {
$stmt->close();
$DB->rollback();
$DB->close();
handleError("The requested keyid is not valid", 400, "Bad request");
}
setrawcookie($DARWINCOOKIENAME, $authtoken, $cookieexpire, '/', 'darwin.bournemouth.ac.uk', TRUE);
print $authtoken;
} else {
$stmt->close();
handleError("key not found: \"{$decryptresponse}\"", 403, "Not Authorized");
}
$db->close();
}
if (isset($_REQUEST['cleanup'])) {
if ($db = getAuthDb()) {
$epoch = time();
cleanChallenges($db, $epoch);
cleanTokens($db, $epoch);
header("HTTP/1.1 204 No Content");
$db->close();
exit;
}
}
if (!isset($_REQUEST['keyid'])) {
handleError("insufficient credentials", 403, "Forbidden");
}
$keyid = $_REQUEST['keyid'];
if (isset($_REQUEST['response'])) {
$response = normalizebase64($_REQUEST['response']);
$responsebin = base64_decode($response);
// print("Response received: $response");
// print(", this should make 0x".bin2hex($responsebin)."\n");
handleresponse($keyid, $responsebin);
} else {
issuechallenge($keyid);
}
