Horde_Token_Sql
extends Horde_Token_Base
in package
Token tracking implementation for PHP's PEAR database abstraction layer.
The table structure for the tokens is as follows:
CREATE TABLE horde_tokens (
token_address VARCHAR(100) NOT NULL,
token_id VARCHAR(32) NOT NULL,
token_timestamp BIGINT NOT NULL,
PRIMARY KEY (token_address, token_id)
);
Copyright 1999-2017 Horde LLC (http://www.horde.org/)
See the enclosed file LICENSE for license information (LGPL). If you did not receive this file, see http://www.horde.org/licenses/lgpl21.
Tags
Table of Contents
- $_db : Horde_Db_Adapter
- Handle for the database connection.
- $_params : array<string|int, mixed>
- Hash of parameters necessary to use the chosen backend.
- __construct() : mixed
- Constructor.
- add() : mixed
- Add a token ID.
- exists() : bool
- Does the token exist?
- get() : string
- Return a new signed token.
- getNonce() : string
- Return a "number used once" (a concatenation of a timestamp and a random numer).
- isValid() : bool
- Validate a signed token.
- purge() : mixed
- Delete all expired connection IDs.
- validate() : array<string|int, mixed>
- Is the given token still valid? Throws an exception in case it is not.
- validateUnique() : null
- Is the given token valid and has never been used before? Throws an exception otherwise.
- verify() : bool
- Checks if the given token has been previously used. First purges all expired tokens. Then retrieves current tokens for the given ip address. If the specified token was not found, adds it.
- _encodeRemoteAddress() : string
- Encodes the remote address.
- _decode() : array<string|int, mixed>
- Decode a token into the prefixed nonce and the hash.
- _hash() : string
- Sign the given text with the secret.
- _isExpired() : bool
- Has the nonce expired?
Properties
$_db
Handle for the database connection.
protected
Horde_Db_Adapter
$_db
$_params
Hash of parameters necessary to use the chosen backend.
protected
array<string|int, mixed>
$_params
= array()
Methods
__construct()
Constructor.
public
__construct([array<string|int, mixed> $params = array() ]) : mixed
Parameters
- $params : array<string|int, mixed> = array()
-
Required parameters:
- db (Horde_Db_Adapter): The DB instance. Optional parameters:
- table (string): The name of the tokens table. DEFAULT: 'horde_tokens'
Tags
Return values
mixed —add()
Add a token ID.
public
add(string $tokenID) : mixed
Parameters
- $tokenID : string
-
Token ID to add.
Tags
Return values
mixed —exists()
Does the token exist?
public
exists(string $tokenID) : bool
Parameters
- $tokenID : string
-
Token ID.
Tags
Return values
bool —True if the token exists.
get()
Return a new signed token.
public
get([string $seed = '' ]) : string
Parameters
- $seed : string = ''
-
A unique ID to be included in the token.
Return values
string —The new token.
getNonce()
Return a "number used once" (a concatenation of a timestamp and a random numer).
public
getNonce() : string
Return values
string —A string of 6 bytes.
isValid()
Validate a signed token.
public
isValid(string $token[, string $seed = '' ][, int $timeout = null ][, bool $unique = false ]) : bool
Parameters
- $token : string
-
The signed token.
- $seed : string = ''
-
The unique ID of the token.
- $timeout : int = null
-
Timout of the token in seconds. Values below zero represent no timeout.
- $unique : bool = false
-
Should validation of the token succeed only once?
Return values
bool —True if the token was valid.
purge()
Delete all expired connection IDs.
public
purge() : mixed
Tags
Return values
mixed —validate()
Is the given token still valid? Throws an exception in case it is not.
public
validate(string $token[, string $seed = '' ][, int $timeout = null ]) : array<string|int, mixed>
Parameters
- $token : string
-
The signed token.
- $seed : string = ''
-
The unique ID of the token.
- $timeout : int = null
-
Timout of the token in seconds. Values below zero represent no timeout.
Tags
Return values
array<string|int, mixed> —An array of two elements: The nonce and the hash.
validateUnique()
Is the given token valid and has never been used before? Throws an exception otherwise.
public
validateUnique(string $token[, string $seed = '' ]) : null
Parameters
- $token : string
-
The signed token.
- $seed : string = ''
-
The unique ID of the token.
Tags
Return values
null —verify()
Checks if the given token has been previously used. First purges all expired tokens. Then retrieves current tokens for the given ip address. If the specified token was not found, adds it.
public
verify(string $token) : bool
Parameters
- $token : string
-
The value of the token to check.
Tags
Return values
bool —True if the token has not been used, false otherwise.
_encodeRemoteAddress()
Encodes the remote address.
protected
_encodeRemoteAddress() : string
Return values
string —Encoded address.
_decode()
Decode a token into the prefixed nonce and the hash.
private
_decode(string $token) : array<string|int, mixed>
Parameters
- $token : string
-
The token to be decomposed.
Return values
array<string|int, mixed> —An array of two elements: The nonce and the hash.
_hash()
Sign the given text with the secret.
private
_hash(string $text) : string
Parameters
- $text : string
-
The text to be signed.
Return values
string —The hashed text.
_isExpired()
Has the nonce expired?
private
_isExpired(string $nonce, int $timeout) : bool
Parameters
- $nonce : string
-
The to be checked for expiration.
- $timeout : int
-
The timeout that should be applied.
Return values
bool —True if the nonce expired.