public static function getResponse($authType, $challenge, $jaxl) { $response = array(); $decoded = base64_decode($challenge); $xml = '<response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">'; if ($authType == 'X-FACEBOOK-PLATFORM') { $decoded = explode('&', $decoded); foreach ($decoded as $k => $v) { list($kk, $vv) = explode('=', $v); $decoded[$kk] = $vv; unset($decoded[$k]); } list($secret, $decoded['api_key'], $decoded['session_key']) = JAXLPlugin::execute('jaxl_get_facebook_key', false, $jaxl); $decoded['call_id'] = time(); $decoded['v'] = '1.0'; $base_string = ''; foreach (array('api_key', 'call_id', 'method', 'nonce', 'session_key', 'v') as $key) { if (isset($decoded[$key])) { $response[$key] = $decoded[$key]; $base_string .= $key . '=' . $decoded[$key]; } } $base_string .= $secret; $response['sig'] = md5($base_string); $responseURI = ''; foreach ($response as $k => $v) { if ($responseURI == '') { $responseURI .= $k . '=' . urlencode($v); } else { $responseURI .= '&' . $k . '=' . urlencode($v); } } $xml .= base64_encode($responseURI); } else { if ($authType == 'DIGEST-MD5') { $decoded = JAXLUtil::explodeData($decoded); if (!isset($decoded['digest-uri'])) { $decoded['digest-uri'] = 'xmpp/' . $jaxl->domain; } $decoded['cnonce'] = base64_encode(JAXLUtil::generateNonce()); if (isset($decoded['qop']) && $decoded['qop'] != 'auth' && strpos($decoded['qop'], 'auth') !== false) { $decoded['qop'] = 'auth'; } $response = array('username' => $jaxl->user, 'response' => JAXLUtil::encryptPassword(array_merge($decoded, array('nc' => '00000001')), $jaxl->user, $jaxl->pass), 'charset' => 'utf-8', 'nc' => '00000001', 'qop' => 'auth'); foreach (array('nonce', 'digest-uri', 'realm', 'cnonce') as $key) { if (isset($decoded[$key])) { $response[$key] = $decoded[$key]; } } $xml .= base64_encode(JAXLUtil::implodeData($response)); } else { if ($authType == 'SCRAM-SHA-1') { $decoded = JAXLUtil::explodeData($decoded); // SaltedPassword := Hi(Normalize(password), salt, i) $saltedPasswd = JAXLUtil::pbkdf2($jaxl->pass, $decoded['s'], $decoded['i']); // ClientKey := HMAC(SaltedPassword, "Client Key") $clientKey = JAXLUtil::hashMD5($saltedPassword, "Client Key"); // StoredKey := H(ClientKey) $storedKey = sha1("Client Key"); // assemble client-final-message-without-proof $clientFinalMessage = "c=bwis,r=" . $decoded['r']; // AuthMessage := client-first-message-bare + "," + server-first-message + "," + client-final-message-without-proof // ClientSignature := HMAC(StoredKey, AuthMessage) // ClientProof := ClientKey XOR ClientSignature // ServerKey := HMAC(SaltedPassword, "Server Key") // ServerSignature := HMAC(ServerKey, AuthMessage) foreach (array('c', 'r', 'p') as $key) { if (isset($decoded[$key])) { $response[$key] = $decoded[$key]; } } $xml .= base64_encode(JAXLUtil::implodeData($response)); } else { if ($authType == 'CRAM-MD5') { $xml .= base64_encode($jaxl->user . ' ' . hash_hmac('md5', $jaxl->pass, $arr['challenge'])); } } } } $xml .= '</response>'; $jaxl->secondChallenge = true; return $xml; }