Horde_Token_File
extends Horde_Token_Base
in package
Token tracking implementation for local files.
Copyright 1999-2017 Horde LLC (http://www.horde.org/)
See the enclosed file LICENSE for license information (LGPL). If you did not receive this file, see http://www.horde.org/licenses/lgpl21.
Tags
Table of Contents
- FILE_PREFIX = 'conn_'
- $_connected : bool
- Boolean indicating whether or not we have an open file descriptor.
- $_fd : resource
- Handle for the open file descriptor.
- $_params : array<string|int, mixed>
- Hash of parameters necessary to use the chosen backend.
- __construct() : mixed
- Constructor.
- __destruct() : mixed
- Destructor.
- add() : mixed
- Add a token ID.
- exists() : bool
- Does the token exist?
- get() : string
- Return a new signed token.
- getNonce() : string
- Return a "number used once" (a concatenation of a timestamp and a random numer).
- isValid() : bool
- Validate a signed token.
- purge() : mixed
- Delete all expired connection IDs.
- validate() : array<string|int, mixed>
- Is the given token still valid? Throws an exception in case it is not.
- validateUnique() : null
- Is the given token valid and has never been used before? Throws an exception otherwise.
- verify() : bool
- Checks if the given token has been previously used. First purges all expired tokens. Then retrieves current tokens for the given ip address. If the specified token was not found, adds it.
- _connect() : mixed
- Opens a file descriptor to a new or existing file.
- _disconnect() : mixed
- Closes the file descriptor.
- _encodeRemoteAddress() : string
- Encodes the remote address.
- _decode() : array<string|int, mixed>
- Decode a token into the prefixed nonce and the hash.
- _hash() : string
- Sign the given text with the secret.
- _isExpired() : bool
- Has the nonce expired?
Constants
FILE_PREFIX
public
mixed
FILE_PREFIX
= 'conn_'
Properties
$_connected
Boolean indicating whether or not we have an open file descriptor.
protected
bool
$_connected
= \false
$_fd
Handle for the open file descriptor.
protected
resource
$_fd
= \false
$_params
Hash of parameters necessary to use the chosen backend.
protected
array<string|int, mixed>
$_params
= array()
Methods
__construct()
Constructor.
public
__construct([array<string|int, mixed> $params = array() ]) : mixed
Parameters
- $params : array<string|int, mixed> = array()
-
Optional parameters:
- token_dir (string): The directory where to keep token files. DEFAULT: System temporary directory
Tags
Return values
mixed —__destruct()
Destructor.
public
__destruct() : mixed
Return values
mixed —add()
Add a token ID.
public
add(string $tokenID) : mixed
Parameters
- $tokenID : string
-
Token ID to add.
Tags
Return values
mixed —exists()
Does the token exist?
public
exists(string $tokenID) : bool
Parameters
- $tokenID : string
-
Token ID.
Tags
Return values
bool —True if the token exists.
get()
Return a new signed token.
public
get([string $seed = '' ]) : string
Parameters
- $seed : string = ''
-
A unique ID to be included in the token.
Return values
string —The new token.
getNonce()
Return a "number used once" (a concatenation of a timestamp and a random numer).
public
getNonce() : string
Return values
string —A string of 6 bytes.
isValid()
Validate a signed token.
public
isValid(string $token[, string $seed = '' ][, int $timeout = null ][, bool $unique = false ]) : bool
Parameters
- $token : string
-
The signed token.
- $seed : string = ''
-
The unique ID of the token.
- $timeout : int = null
-
Timout of the token in seconds. Values below zero represent no timeout.
- $unique : bool = false
-
Should validation of the token succeed only once?
Return values
bool —True if the token was valid.
purge()
Delete all expired connection IDs.
public
purge() : mixed
Tags
Return values
mixed —validate()
Is the given token still valid? Throws an exception in case it is not.
public
validate(string $token[, string $seed = '' ][, int $timeout = null ]) : array<string|int, mixed>
Parameters
- $token : string
-
The signed token.
- $seed : string = ''
-
The unique ID of the token.
- $timeout : int = null
-
Timout of the token in seconds. Values below zero represent no timeout.
Tags
Return values
array<string|int, mixed> —An array of two elements: The nonce and the hash.
validateUnique()
Is the given token valid and has never been used before? Throws an exception otherwise.
public
validateUnique(string $token[, string $seed = '' ]) : null
Parameters
- $token : string
-
The signed token.
- $seed : string = ''
-
The unique ID of the token.
Tags
Return values
null —verify()
Checks if the given token has been previously used. First purges all expired tokens. Then retrieves current tokens for the given ip address. If the specified token was not found, adds it.
public
verify(string $token) : bool
Parameters
- $token : string
-
The value of the token to check.
Tags
Return values
bool —True if the token has not been used, false otherwise.
_connect()
Opens a file descriptor to a new or existing file.
protected
_connect() : mixed
Tags
Return values
mixed —_disconnect()
Closes the file descriptor.
protected
_disconnect([bool $error = true ]) : mixed
Parameters
- $error : bool = true
-
Throw exception on error?
Tags
Return values
mixed —_encodeRemoteAddress()
Encodes the remote address.
protected
_encodeRemoteAddress() : string
Return values
string —Encoded address.
_decode()
Decode a token into the prefixed nonce and the hash.
private
_decode(string $token) : array<string|int, mixed>
Parameters
- $token : string
-
The token to be decomposed.
Return values
array<string|int, mixed> —An array of two elements: The nonce and the hash.
_hash()
Sign the given text with the secret.
private
_hash(string $text) : string
Parameters
- $text : string
-
The text to be signed.
Return values
string —The hashed text.
_isExpired()
Has the nonce expired?
private
_isExpired(string $nonce, int $timeout) : bool
Parameters
- $nonce : string
-
The to be checked for expiration.
- $timeout : int
-
The timeout that should be applied.
Return values
bool —True if the nonce expired.