PHP Class Horde_Token_Base, horde

Copyright 2010-2016 Horde LLC (http://www.horde.org/) See the enclosed file COPYING for license information (LGPL). If you did not receive this file, see http://www.horde.org/licenses/lgpl21.
Author: Max Kalika ([email protected])
Author: Chuck Hagenbuch ([email protected])
Afficher le fichier Open project: horde/horde Class Usage Examples

Protected Properties

Свойство Type Description
$_params array Hash of parameters necessary to use the chosen backend.

Méthodes publiques

Méthode Description
__construct ( array $params ) Constructor.
add ( string $tokenID ) Add a token ID.
exists ( string $tokenID ) : boolean Does the token exist?
get ( string $seed = '' ) : string Return a new signed token.
getNonce ( ) : string Return a "number used once" (a concatenation of a timestamp and a random numer).
isValid ( string $token, string $seed = '', integer $timeout = null, boolean $unique = false ) : boolean Validate a signed token.
purge ( ) Delete all expired connection IDs.
validate ( string $token, string $seed = '', integer $timeout = null ) : array Is the given token still valid? Throws an exception in case it is not.
validateUnique ( string $token, string $seed = '' ) : null Is the given token valid and has never been used before? Throws an exception otherwise.
verify ( string $token ) : boolean Checks if the given token has been previously used. First purges all expired tokens. Then retrieves current tokens for the given ip address. If the specified token was not found, adds it.

Méthodes protégées

Méthode Description
_encodeRemoteAddress ( ) : string Encodes the remote address.

Private Methods

Méthode Description
_decode ( string $token ) : array Decode a token into the prefixed nonce and the hash.
_hash ( string $text ) : string Sign the given text with the secret.
_isExpired ( string $nonce, integer $timeout ) : boolean Has the nonce expired?

Method Details

__construct() public méthode

Constructor.
public __construct ( array $params )
$params array Required parameters: - secret (string): The secret string used for signing tokens. Optional parameters: - token_lifetime (integer): The number of seconds after which tokens time out. Negative numbers represent "no timeout". The default is "-1". - timeout (integer): The period (in seconds) after which an id is purged. DEFAULT: 86400 (24 hours)

_encodeRemoteAddress() protected méthode

Encodes the remote address.
protected _encodeRemoteAddress ( ) : string
Résultat string Encoded address.

add() abstract public méthode

Add a token ID.
abstract public add ( string $tokenID )
$tokenID string Token ID to add.

exists() abstract public méthode

Does the token exist?
abstract public exists ( string $tokenID ) : boolean
$tokenID string Token ID.
Résultat boolean True if the token exists.

get() public méthode

Return a new signed token.
public get ( string $seed = '' ) : string
$seed string A unique ID to be included in the token.
Résultat string The new token.

getNonce() public méthode

Return a "number used once" (a concatenation of a timestamp and a random numer).
public getNonce ( ) : string
Résultat string A string of 6 bytes.

isValid() public méthode

Validate a signed token.
public isValid ( string $token, string $seed = '', integer $timeout = null, boolean $unique = false ) : boolean
$token string The signed token.
$seed string The unique ID of the token.
$timeout integer Timout of the token in seconds. Values below zero represent no timeout.
$unique boolean Should validation of the token succeed only once?
Résultat boolean True if the token was valid.

purge() abstract public méthode

Delete all expired connection IDs.
abstract public purge ( )

validate() public méthode

Is the given token still valid? Throws an exception in case it is not.
public validate ( string $token, string $seed = '', integer $timeout = null ) : array
$token string The signed token.
$seed string The unique ID of the token.
$timeout integer Timout of the token in seconds. Values below zero represent no timeout.
Résultat array An array of two elements: The nonce and the hash.

validateUnique() public méthode

Is the given token valid and has never been used before? Throws an exception otherwise.
public validateUnique ( string $token, string $seed = '' ) : null
$token string The signed token.
$seed string The unique ID of the token.
Résultat null

verify() public méthode

Checks if the given token has been previously used. First purges all expired tokens. Then retrieves current tokens for the given ip address. If the specified token was not found, adds it.
public verify ( string $token ) : boolean
$token string The value of the token to check.
Résultat boolean True if the token has not been used, false otherwise.

Property Details

$_params protected_oe property

Hash of parameters necessary to use the chosen backend.
protected array $_params
Résultat array