PHP 클래스 lithium\storage\session\strategy\Hmac

Example configuration: Session::config(array('default' => array( 'adapter' => 'Cookie', 'strategies' => array('Hmac' => array('secret' => 'foobar')) ))); This will configure the HMAC strategy to be used for all Session operations with the default named configuration. A hash-based message authentication code (HMAC) will be calculated for all data stored in your cookies, and will be compared to the signature stored in your cookie data. If the two do not match, then your data has been tampered with (or you have modified the data directly _without_ passing through the Session class, which amounts to the same), then a catchable RuntimeException is thrown. Please note that this strategy is very finnicky, and is so by design. If you attempt to access or modify the stored data in any way other than through the Session class configured with the Hmac strategy with the properly configured secret, then it will probably blow up.

링크 보기: Wikipedia: Hash-based Message Authentication Code

상속: extends lithium\core\Object

파일 보기 프로젝트 열기: unionofrad/lithium

보호된 프로퍼티들

프로퍼티	타입	설명
$_secret		The HMAC secret.

공개 메소드들

메소드	설명
__construct ( array $config = [] ) : void	Constructor.
delete ( mixed $data, array $options = [] ) : array	Delete strategy method.
read ( array $data, array $options = [] ) : array	Read strategy method.
write ( mixed $data, array $options = [] ) : array	Write strategy method.

보호된 메소드들

메소드	설명
_signature ( mixed $data, null \| string $secret = null ) : string	Calculate the HMAC signature based on the data and a secret key.

메소드 상세

__construct() 공개 메소드

Constructor.

public __construct ( array $config = [] ) : void
$config	array	Configuration array. Will throw an exception if the 'secret' configuration key is not set.
리턴	void

_signature() 보호된 정적인 메소드

Calculate the HMAC signature based on the data and a secret key.

protected static _signature ( mixed $data, null \| string $secret = null ) : string
$data	mixed
$secret	null \| string	Secret key for HMAC signature creation.
리턴	string	HMAC signature.

delete() 공개 메소드

Delete strategy method.

또한 보기: lithium\storage\Session

또한 보기: lithium\core\Adaptable::config()

링크 보기: PHP Manual: hash_hmac()

public delete ( mixed $data, array $options = [] ) : array
$data	mixed	The data to be signed.
$options	array	Options for this method.
리턴	array	Data & signature.

read() 공개 메소드

Validates the HMAC signature of the stored data. If the signatures match, then the data is safe and will be passed through as-is. If the stored data being read does not contain a __signature field, a MissingSignatureException is thrown. When catching this exception, you may choose to handle it by either writing out a signature (e.g. in cases where you know that no pre-existing signature may exist), or you can blackhole it as a possible tampering attempt.

public read ( array $data, array $options = [] ) : array
$data	array	The data being read.
$options	array	Options for this method.
리턴	array	Validated data.

write() 공개 메소드

Adds an HMAC signature to the data. Note that this will transform the passed $data to an array, and add a __signature key with the HMAC-calculated value.

또한 보기: lithium\storage\Session

또한 보기: lithium\core\Adaptable::config()

링크 보기: PHP Manual: hash_hmac()

public write ( mixed $data, array $options = [] ) : array
$data	mixed	The data to be signed.
$options	array	Options for this method.
리턴	array	Data & signature.

프로퍼티 상세

$_secret 보호되어 있는 정적으로 프로퍼티

The HMAC secret.

protected static $_secret