TYPO3 CMS  TYPO3_6-2
OpenidStore.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Openid;
3 
17 require_once \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath('openid') . 'lib/php-openid/Auth/OpenID/Interface.php';
18 
25 
26  const ASSOCIATION_TABLE_NAME = 'tx_openid_assoc_store';
27  const NONCE_TABLE_NAME = 'tx_openid_nonce_store';
28  /* 2 minutes */
30  /* 10 days */
31  const NONCE_STORAGE_TIME = 864000;
32 
37 
41  public function __construct($databaseConnection = NULL) {
42  $this->databaseConnection = $databaseConnection ?: $GLOBALS['TYPO3_DB'];
43  }
44 
52  public function storeAssociation($serverUrl, $association) {
53  /* @var $association \Auth_OpenID_Association */
54  $this->databaseConnection->sql_query('START TRANSACTION');
55  if ($this->doesAssociationExist($serverUrl, $association->handle)) {
56  $this->updateExistingAssociation($serverUrl, $association);
57  } else {
58  $this->storeNewAssociation($serverUrl, $association);
59  }
60  $this->databaseConnection->sql_query('COMMIT');
61  }
62 
68  public function cleanupAssociations() {
69  $where = sprintf('expires<=%d', time());
70  $this->databaseConnection->exec_DELETEquery(self::ASSOCIATION_TABLE_NAME, $where);
71  return $this->databaseConnection->sql_affected_rows();
72  }
73 
81  public function getAssociation($serverUrl, $handle = NULL) {
82  $this->cleanupAssociations();
83  $where = sprintf('server_url=%s AND expires>%d', $this->databaseConnection->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), time());
84  if ($handle != NULL) {
85  $where .= sprintf(' AND assoc_handle=%s', $this->databaseConnection->fullQuoteStr($handle, self::ASSOCIATION_TABLE_NAME));
86  $sort = '';
87  } else {
88  $sort = 'tstamp DESC';
89  }
90  $row = $this->databaseConnection->exec_SELECTgetSingleRow('uid, content', self::ASSOCIATION_TABLE_NAME, $where, '', $sort);
91  $result = NULL;
92  if (is_array($row)) {
93  $result = @unserialize(base64_decode($row['content']));
94  if ($result === FALSE) {
95  $result = NULL;
96  } else {
97  $this->updateAssociationTimeStamp($row['tstamp']);
98  }
99  }
100  return $result;
101  }
102 
110  public function removeAssociation($serverUrl, $handle) {
111  $where = sprintf('server_url=%s AND assoc_handle=%s', $this->databaseConnection->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), $this->databaseConnection->fullQuoteStr($handle, self::ASSOCIATION_TABLE_NAME));
112  $this->databaseConnection->exec_DELETEquery(self::ASSOCIATION_TABLE_NAME, $where);
113  $deletedCount = $this->databaseConnection->sql_affected_rows();
114  return $deletedCount > 0;
115  }
116 
122  public function cleanupNonces() {
123  $where = sprintf('crdate<%d', time() - self::NONCE_STORAGE_TIME);
124  $this->databaseConnection->exec_DELETEquery(self::NONCE_TABLE_NAME, $where);
125  }
126 
135  public function useNonce($serverUrl, $timestamp, $salt) {
136  $result = FALSE;
137  if (abs($timestamp - time()) < $GLOBALS['Auth_OpenID_SKEW']) {
138  $values = array(
139  'crdate' => time(),
140  'salt' => $salt,
141  'server_url' => $serverUrl,
142  'tstamp' => $timestamp
143  );
144  $this->databaseConnection->exec_INSERTquery(self::NONCE_TABLE_NAME, $values);
145  $affectedRows = $this->databaseConnection->sql_affected_rows();
146  $result = $affectedRows > 0;
147  }
148  return $result;
149  }
150 
156  public function reset() {
157  $this->databaseConnection->exec_TRUNCATEquery(self::ASSOCIATION_TABLE_NAME);
158  $this->databaseConnection->exec_TRUNCATEquery(self::NONCE_TABLE_NAME);
159  }
160 
168  protected function doesAssociationExist($serverUrl, $association) {
169  $where = sprintf('server_url=%s AND assoc_handle=%s AND expires>%d', $this->databaseConnection->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), $this->databaseConnection->fullQuoteStr($association->handle, self::ASSOCIATION_TABLE_NAME), time());
170  $row = $this->databaseConnection->exec_SELECTgetSingleRow('COUNT(*) as assocCount', self::ASSOCIATION_TABLE_NAME, $where);
171  return $row['assocCount'] > 0;
172  }
173 
181  protected function updateExistingAssociation($serverUrl, \Auth_OpenID_Association $association) {
182  $where = sprintf('server_url=%s AND assoc_handle=%s AND expires>%d', $this->databaseConnection->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), $this->databaseConnection->fullQuoteStr($association->handle, self::ASSOCIATION_TABLE_NAME), time());
183  $serializedAssociation = serialize($association);
184  $values = array(
185  'content' => base64_encode($serializedAssociation),
186  'tstamp' => time()
187  );
188  $this->databaseConnection->exec_UPDATEquery(self::ASSOCIATION_TABLE_NAME, $where, $values);
189  }
190 
198  protected function storeNewAssociation($serverUrl, $association) {
199  $serializedAssociation = serialize($association);
200  $values = array(
201  'assoc_handle' => $association->handle,
202  'content' => base64_encode($serializedAssociation),
203  'crdate' => $association->issued,
204  'tstamp' => time(),
205  'expires' => $association->issued + $association->lifetime - self::ASSOCIATION_EXPIRATION_SAFETY_INTERVAL,
206  'server_url' => $serverUrl
207  );
208  // In the next query we can get race conditions. sha1_hash prevents many
209  // asociations from being stored for one server
210  $this->databaseConnection->exec_INSERTquery(self::ASSOCIATION_TABLE_NAME, $values);
211  }
212 
219  protected function updateAssociationTimeStamp($recordId) {
220  $where = sprintf('uid=%d', $recordId);
221  $values = array(
222  'tstamp' => time()
223  );
224  $this->databaseConnection->exec_UPDATEquery(self::ASSOCIATION_TABLE_NAME, $where, $values);
225  }
226 
227 }
__construct($databaseConnection=NULL)
Definition: OpenidStore.php:41
useNonce($serverUrl, $timestamp, $salt)
storeNewAssociation($serverUrl, $association)
storeAssociation($serverUrl, $association)
Definition: OpenidStore.php:52
doesAssociationExist($serverUrl, $association)
if($list_of_literals) if(!empty($literals)) if(!empty($literals)) $result
Analyse literals to prepend the N char to them if their contents aren&#39;t numeric.
removeAssociation($serverUrl, $handle)
getAssociation($serverUrl, $handle=NULL)
Definition: OpenidStore.php:81
if(!defined('TYPO3_MODE')) $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'][]
updateExistingAssociation($serverUrl, \Auth_OpenID_Association $association)