/**
* Add new user
*
* @param string $userName
* @param string $password
* @param string $salt
*/
function add($userName, $password, $salt = null)
{
if ($salt !== null) {
$key = \Thruway\Common\Utils::getDerivedKey($password, $salt);
} else {
$key = $password;
}
$this->users[$userName] = ["authid" => $userName, "key" => $key, "salt" => $salt];
}
/**
* Get Authenticate message from challenge message
*
* @param \Thruway\Message\ChallengeMessage $msg
* @return \Thruway\Message\AuthenticateMessage|boolean
*/
public function getAuthenticateFromChallenge(ChallengeMessage $msg)
{
Logger::debug($this, "Got challenge");
Logger::debug($this, "Challenge Message: " . json_encode($msg));
if (!in_array($msg->getAuthMethod(), $this->getAuthMethods())) {
//throw new \Exception("method isn't in methods");
return false;
}
$details = $msg->getDetails();
if (!is_object($details)) {
Logger::debug($this, "No details sent with challenge");
return false;
}
if (isset($details->challenge)) {
$challenge = $details->challenge;
} else {
Logger::debug($this, "No challenge for wampcra?");
return false;
}
$keyToUse = $this->key;
if (isset($details->salt)) {
// we need a salted key
$salt = $details->salt;
$keyLen = 32;
if (isset($details->keylen)) {
if (is_numeric($details->keylen)) {
$keyLen = $details->keylen;
} else {
Logger::error($this, "keylen is not numeric.");
}
}
$iterations = 1000;
if (isset($details->iterations)) {
if (is_numeric($details->iterations)) {
$iterations = $details->iterations;
} else {
Logger::error($this, "iterations is not numeric.");
}
}
$keyToUse = Utils::getDerivedKey($this->key, $salt, $iterations, $keyLen);
}
$token = base64_encode(hash_hmac('sha256', $challenge, $keyToUse, true));
$authMessage = new AuthenticateMessage($token);
Logger::debug($this, "returning: " . json_encode($authMessage));
return $authMessage;
}
