Horde_Token_Null
extends Horde_Token_Base
in package
The Horde_Token_Null:: class provides a null implementation of the token driver.
Copyright 2010-2017 Horde LLC (http://www.horde.org/)
See the enclosed file LICENSE for license information (LGPL). If you did not receive this file, see http://www.horde.org/licenses/lgpl21.
Tags
Table of Contents
- $_params : array<string|int, mixed>
- Hash of parameters necessary to use the chosen backend.
- __construct() : mixed
- Constructor.
- add() : mixed
- Add a token ID.
- exists() : bool
- Does the token exist?
- get() : string
- Return a new signed token.
- getNonce() : string
- Return a "number used once" (a concatenation of a timestamp and a random numer).
- isValid() : bool
- Validate a signed token.
- purge() : mixed
- Delete all expired connection IDs.
- validate() : array<string|int, mixed>
- Is the given token still valid? Throws an exception in case it is not.
- validateUnique() : null
- Is the given token valid and has never been used before? Throws an exception otherwise.
- verify() : bool
- Checks if the given token has been previously used. First purges all expired tokens. Then retrieves current tokens for the given ip address. If the specified token was not found, adds it.
- _encodeRemoteAddress() : string
- Encodes the remote address.
- _decode() : array<string|int, mixed>
- Decode a token into the prefixed nonce and the hash.
- _hash() : string
- Sign the given text with the secret.
- _isExpired() : bool
- Has the nonce expired?
Properties
$_params
Hash of parameters necessary to use the chosen backend.
protected
array<string|int, mixed>
$_params
= array()
Methods
__construct()
Constructor.
public
__construct(array<string|int, mixed> $params) : mixed
Parameters
- $params : array<string|int, mixed>
-
Required parameters:
- secret (string): The secret string used for signing tokens. Optional parameters:
- token_lifetime (integer): The number of seconds after which tokens time out. Negative numbers represent "no timeout". The default is "-1".
- timeout (integer): The period (in seconds) after which an id is purged. DEFAULT: 86400 (24 hours)
Return values
mixed —add()
Add a token ID.
public
add(string $tokenID) : mixed
Parameters
- $tokenID : string
-
Token ID to add.
Return values
mixed —exists()
Does the token exist?
public
exists(mixed $tokenID) : bool
Parameters
- $tokenID : mixed
-
Token ID.
Return values
bool —True if the token exists.
get()
Return a new signed token.
public
get([string $seed = '' ]) : string
Parameters
- $seed : string = ''
-
A unique ID to be included in the token.
Return values
string —The new token.
getNonce()
Return a "number used once" (a concatenation of a timestamp and a random numer).
public
getNonce() : string
Return values
string —A string of 6 bytes.
isValid()
Validate a signed token.
public
isValid(string $token[, string $seed = '' ][, int $timeout = null ][, bool $unique = false ]) : bool
Parameters
- $token : string
-
The signed token.
- $seed : string = ''
-
The unique ID of the token.
- $timeout : int = null
-
Timout of the token in seconds. Values below zero represent no timeout.
- $unique : bool = false
-
Should validation of the token succeed only once?
Return values
bool —True if the token was valid.
purge()
Delete all expired connection IDs.
public
purge() : mixed
Return values
mixed —validate()
Is the given token still valid? Throws an exception in case it is not.
public
validate(string $token[, string $seed = '' ][, int $timeout = null ]) : array<string|int, mixed>
Parameters
- $token : string
-
The signed token.
- $seed : string = ''
-
The unique ID of the token.
- $timeout : int = null
-
Timout of the token in seconds. Values below zero represent no timeout.
Tags
Return values
array<string|int, mixed> —An array of two elements: The nonce and the hash.
validateUnique()
Is the given token valid and has never been used before? Throws an exception otherwise.
public
validateUnique(string $token[, string $seed = '' ]) : null
Parameters
- $token : string
-
The signed token.
- $seed : string = ''
-
The unique ID of the token.
Tags
Return values
null —verify()
Checks if the given token has been previously used. First purges all expired tokens. Then retrieves current tokens for the given ip address. If the specified token was not found, adds it.
public
verify(string $token) : bool
Parameters
- $token : string
-
The value of the token to check.
Tags
Return values
bool —True if the token has not been used, false otherwise.
_encodeRemoteAddress()
Encodes the remote address.
protected
_encodeRemoteAddress() : string
Return values
string —Encoded address.
_decode()
Decode a token into the prefixed nonce and the hash.
private
_decode(string $token) : array<string|int, mixed>
Parameters
- $token : string
-
The token to be decomposed.
Return values
array<string|int, mixed> —An array of two elements: The nonce and the hash.
_hash()
Sign the given text with the secret.
private
_hash(string $text) : string
Parameters
- $text : string
-
The text to be signed.
Return values
string —The hashed text.
_isExpired()
Has the nonce expired?
private
_isExpired(string $nonce, int $timeout) : bool
Parameters
- $nonce : string
-
The to be checked for expiration.
- $timeout : int
-
The timeout that should be applied.
Return values
bool —True if the nonce expired.