/**
* Validate a Raven user token.
*
* @param TokenInterface $token Raven user token.
*
* @return bool true if the token is valid, false otherwise.
*
* @throws OpenSslException If there is an OpenSSL problem.
*/
protected function validateToken(TokenInterface $token)
{
// @codeCoverageIgnoreStart
if (false === function_exists('openssl_verify')) {
throw new OpenSslException('OpenSSL is unavailable');
}
// @codeCoverageIgnoreEnd
$data = implode('!', array($token->getAttribute('ver'), $token->getAttribute('status'), $token->getAttribute('msg'), $token->getAttribute('issue')->format('Ymd\\THis\\Z'), $token->getAttribute('id'), $token->getAttribute('url'), $token->getUsername(), $token->getAttribute('auth'), $token->getAttribute('sso'), $token->getAttribute('life'), $token->getAttribute('params')));
$sig = base64_decode(preg_replace(array('/-/', '/\\./', '/_/'), array('+', '/', '='), rawurldecode($token->getAttribute('sig'))));
$key = openssl_pkey_get_public($this->raven->getCertificate());
$result = openssl_verify($data, $sig, $key);
openssl_free_key($key);
switch ($result) {
case 1:
return true;
break;
case 0:
return false;
break;
// @codeCoverageIgnoreStart
// @codeCoverageIgnoreStart
default:
throw new OpenSslException('OpenSSL has returned a error when verifying the signature');
break;
}
// @codeCoverageIgnoreEnd
}
/**
* Request Raven authentication.
*
* @param GetResponseEvent $responseEvent Get response event.
* @param string $url Redirect URL.
*/
protected function requestAuthentication(GetResponseEvent $responseEvent, $url)
{
$redirectEvent = new RedirectEvent(array('ver' => 2, 'url' => $url));
$this->dispatcher->dispatch(RavenEvents::REDIRECT, $redirectEvent);
$parameters = array();
foreach ($redirectEvent->params as $key => $val) {
$parameters[] = $key . '=' . utf8_encode(urlencode($val));
}
$parameters = '?' . implode('&', $parameters);
if (null !== $this->logger) {
$this->logger->debug('Redirecting to Raven');
}
$responseEvent->setResponse(new RedirectResponse($this->raven->getUrl() . $parameters, 303));
}
