PHP Class PMA\libraries\plugins\auth\AuthenticationCookie

Inheritance: extends PMA\libraries\plugins\AuthenticationPlugin

Show file Open project: phpmyadmin/phpmyadmin Class Usage Examples

Public Methods

Method	Description
auth ( ) : boolean \| void	Displays authentication form
authCheck ( ) : boolean	Gets advanced authentication settings
authFails ( ) : void	User is not allowed to login to MySQL -> authentication failed
authSetUser ( ) : boolean	Set the user and password after last checkings if required
cookieDecrypt ( string $encdata, string $secret ) : string \| boolean	Decryption using openssl's AES or phpseclib's AES (phpseclib uses mcrypt when it is available)
cookieEncrypt ( string $data, string $secret ) : string	Encryption using openssl's AES or phpseclib's AES (phpseclib uses mcrypt when it is available)
createIV ( ) : void	Initialization Store the initialization vector because it will be needed for further decryption. I don't think necessary to have one iv per server so I don't put the server number in the cookie name.
enlargeSecret ( string $secret ) : string	Concatenates secret in order to make it 16 bytes log
getAESSecret ( string $secret ) : string	Derives AES secret from encryption secret.
getIVSize ( ) : integer	Returns size of IV for encryption.
getMACSecret ( string $secret ) : string	Derives MAC secret from encryption secret.
handlePasswordChange ( string $password ) : void	Callback when user changes password.
logOut ( ) : void	Perform logout
setIV ( string $vector ) : void	Sets encryption IV to use
storePasswordCookie ( string $password ) : void	Stores password in a cookie.
storeUserCredentials ( ) : void \| boolean	Stores user credentials after successful login.
storeUsernameCookie ( string $username ) : void	Stores username in a cookie.
useOpenSSL ( ) : boolean	Checks whether we should use openssl for encryption.

Private Methods

Method	Description
_getEncryptionSecret ( ) : string	Returns blowfish secret or generates one if needed.
_getSessionEncryptionSecret ( ) : string	Returns blowfish secret or generates one if needed.

Method Details

auth() public method

this function MUST exit/quit the application

public auth ( ) : boolean \| void
return	boolean \| void

authCheck() public method

this function DOES NOT check authentication - it just checks/provides authentication credentials required to connect to the MySQL server usually with $GLOBALS['dbi']->connect() it returns false if something is missing - which usually leads to auth() which displays login form it returns true if all seems ok which usually leads to auth_set_user() it directly switches to authFails() if user inactivity timeout is reached

public authCheck ( ) : boolean
return	boolean	whether we get authentication settings or not

authFails() public method

prepares error message and switches to auth() which display the error and the login form this function MUST exit/quit the application, currently done by call to auth()

public authFails ( ) : void
return	void

authSetUser() public method

Set the user and password after last checkings if required

public authSetUser ( ) : boolean
return	boolean	always true

cookieDecrypt() public method

Decryption using openssl's AES or phpseclib's AES (phpseclib uses mcrypt when it is available)

public cookieDecrypt ( string $encdata, string $secret ) : string \| boolean
$encdata	string	encrypted data
$secret	string	the secret
return	string \| boolean	original data, false on error

cookieEncrypt() public method

Encryption using openssl's AES or phpseclib's AES (phpseclib uses mcrypt when it is available)

public cookieEncrypt ( string $data, string $secret ) : string
$data	string	original data
$secret	string	the secret
return	string	the encrypted result

createIV() public method

Initialization Store the initialization vector because it will be needed for further decryption. I don't think necessary to have one iv per server so I don't put the server number in the cookie name.

public createIV ( ) : void
return	void

enlargeSecret() public method

This doesn't add any security, just ensures the secret is long enough by copying it.

public enlargeSecret ( string $secret ) : string
$secret	string	Original secret
return	string

getAESSecret() public method

Derives AES secret from encryption secret.

public getAESSecret ( string $secret ) : string
$secret	string	the secret
return	string	the AES secret

getIVSize() public method

Returns size of IV for encryption.

public getIVSize ( ) : integer
return	integer

getMACSecret() public method

Derives MAC secret from encryption secret.

public getMACSecret ( string $secret ) : string
$secret	string	the secret
return	string	the MAC secret

handlePasswordChange() public method

Callback when user changes password.

public handlePasswordChange ( string $password ) : void
$password	string	New password to set
return	void

logOut() public method

Perform logout

public logOut ( ) : void
return	void

setIV() public method

This is for testing only!

public setIV ( string $vector ) : void
$vector	string	The IV
return	void

storePasswordCookie() public method

Stores password in a cookie.

public storePasswordCookie ( string $password ) : void
$password	string	Password
return	void

storeUserCredentials() public method

Stores user credentials after successful login.

public storeUserCredentials ( ) : void \| boolean
return	void \| boolean

storeUsernameCookie() public method

Stores username in a cookie.

public storeUsernameCookie ( string $username ) : void
$username	string	User name
return	void

useOpenSSL() public static method

Checks whether we should use openssl for encryption.

public static useOpenSSL ( ) : boolean
return	boolean