示例#1
0
 /**
  * Starts a new KS (kaltura Session) based on application authentication token id
  * 
  * @action startSession
  * @param string $id application token id
  * @param string $tokenHash hashed token, built of sha1 on current KS concatenated with the application token
  * @param string $userId session user id, will be ignored if a different user id already defined on the application token
  * @param KalturaSessionType $type session type, will be ignored if a different session type already defined on the application token
  * @param int $expiry session expiry (in seconds), could be overwritten by shorter expiry of the application token and the session-expiry that defined on the application token 
  * @param string $privileges session privileges, will be appended to privileges that defined on the application token
  * @throws KalturaErrors::APP_TOKEN_ID_NOT_FOUND
  * @return KalturaSessionInfo
  */
 function startSessionAction($id, $tokenHash, $userId = null, $type = null, $expiry = null)
 {
     $dbAppToken = AppTokenPeer::retrieveByPK($id);
     if (!$dbAppToken) {
         throw new KalturaAPIException(KalturaErrors::APP_TOKEN_ID_NOT_FOUND, $id);
     }
     if ($dbAppToken->getStatus() != AppTokenStatus::ACTIVE) {
         throw new KalturaAPIException(KalturaErrors::APP_TOKEN_NOT_ACTIVE, $id);
     }
     $appTokenHash = sha1(kCurrentContext::$ks . $dbAppToken->getToken());
     if ($appTokenHash !== $tokenHash) {
         throw new KalturaAPIException(KalturaErrors::INVALID_APP_TOKEN_HASH);
     }
     KalturaResponseCacher::disableCache();
     $tokenExpiry = $dbAppToken->getSessionDuration();
     if (!is_null($dbAppToken->getExpiry())) {
         $tokenExpiry = min($tokenExpiry, $dbAppToken->getExpiry() - time());
         if ($tokenExpiry < 0) {
             throw new KalturaAPIException(KalturaErrors::APP_TOKEN_EXPIRED, $id);
         }
     }
     if (!$expiry) {
         $expiry = $tokenExpiry;
     }
     $expiry = min($expiry, $tokenExpiry);
     if (!is_null($dbAppToken->getSessionType())) {
         $type = $dbAppToken->getSessionType();
     }
     if (is_null($type)) {
         $type = SessionType::USER;
     }
     if (!is_null($dbAppToken->getSessionUserId())) {
         $userId = $dbAppToken->getSessionUserId();
     }
     $partnerId = kCurrentContext::getCurrentPartnerId();
     $partner = PartnerPeer::retrieveByPK($partnerId);
     $secret = $type == SessionType::ADMIN ? $partner->getAdminSecret() : $partner->getSecret();
     $privilegesArray = array(ks::PRIVILEGE_SESSION_ID => array($id), ks::PRIVILEGE_APP_TOKEN => array($id));
     if ($dbAppToken->getSessionPrivileges()) {
         $privilegesArray = array_merge_recursive($privilegesArray, ks::parsePrivileges($dbAppToken->getSessionPrivileges()));
     }
     $privileges = ks::buildPrivileges($privilegesArray);
     $ks = kSessionUtils::createKSession($partnerId, $secret, $userId, $expiry, $type, $privileges);
     if (!$ks) {
         throw new KalturaAPIException(APIErrors::START_SESSION_ERROR, $partnerId);
     }
     $sessionInfo = new KalturaSessionInfo();
     $sessionInfo->ks = $ks->toSecureString();
     $sessionInfo->partnerId = $partnerId;
     $sessionInfo->userId = $userId;
     $sessionInfo->expiry = $ks->valid_until;
     $sessionInfo->sessionType = $type;
     $sessionInfo->privileges = $privileges;
     return $sessionInfo;
 }