aboutsummaryrefslogtreecommitdiffhomepage
path: root/application
diff options
context:
space:
mode:
Diffstat (limited to 'application')
-rw-r--r--application/Base64Url.php34
-rw-r--r--application/CachedPage.php4
-rw-r--r--application/PageBuilder.php2
-rw-r--r--application/api/ApiUtils.php12
-rw-r--r--application/config/ConfigIO.php6
-rw-r--r--application/config/ConfigJson.php6
-rw-r--r--application/config/ConfigPhp.php6
7 files changed, 49 insertions, 21 deletions
diff --git a/application/Base64Url.php b/application/Base64Url.php
new file mode 100644
index 00000000..61590e43
--- /dev/null
+++ b/application/Base64Url.php
@@ -0,0 +1,34 @@
1<?php
2
3namespace Shaarli;
4
5
6/**
7 * URL-safe Base64 operations
8 *
9 * @see https://en.wikipedia.org/wiki/Base64#URL_applications
10 */
11class Base64Url
12{
13 /**
14 * Base64Url-encodes data
15 *
16 * @param string $data Data to encode
17 *
18 * @return string Base64Url-encoded data
19 */
20 public static function encode($data) {
21 return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
22 }
23
24 /**
25 * Decodes Base64Url-encoded data
26 *
27 * @param string $data Data to decode
28 *
29 * @return string Decoded data
30 */
31 public static function decode($data) {
32 return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT));
33 }
34}
diff --git a/application/CachedPage.php b/application/CachedPage.php
index 5087d0c4..e11cc52d 100644
--- a/application/CachedPage.php
+++ b/application/CachedPage.php
@@ -7,9 +7,6 @@ class CachedPage
7 // Directory containing page caches 7 // Directory containing page caches
8 private $cacheDir; 8 private $cacheDir;
9 9
10 // Full URL of the page to cache -typically the value returned by pageUrl()
11 private $url;
12
13 // Should this URL be cached (boolean)? 10 // Should this URL be cached (boolean)?
14 private $shouldBeCached; 11 private $shouldBeCached;
15 12
@@ -27,7 +24,6 @@ class CachedPage
27 { 24 {
28 // TODO: check write access to the cache directory 25 // TODO: check write access to the cache directory
29 $this->cacheDir = $cacheDir; 26 $this->cacheDir = $cacheDir;
30 $this->url = $url;
31 $this->filename = $this->cacheDir.'/'.sha1($url).'.cache'; 27 $this->filename = $this->cacheDir.'/'.sha1($url).'.cache';
32 $this->shouldBeCached = $shouldBeCached; 28 $this->shouldBeCached = $shouldBeCached;
33 } 29 }
diff --git a/application/PageBuilder.php b/application/PageBuilder.php
index 32c7f9f1..544aba7c 100644
--- a/application/PageBuilder.php
+++ b/application/PageBuilder.php
@@ -25,7 +25,7 @@ class PageBuilder
25 * 25 *
26 * @param ConfigManager $conf Configuration Manager instance (reference). 26 * @param ConfigManager $conf Configuration Manager instance (reference).
27 */ 27 */
28 function __construct(&$conf) 28 public function __construct(&$conf)
29 { 29 {
30 $this->tpl = false; 30 $this->tpl = false;
31 $this->conf = $conf; 31 $this->conf = $conf;
diff --git a/application/api/ApiUtils.php b/application/api/ApiUtils.php
index fbb1e72f..a419c396 100644
--- a/application/api/ApiUtils.php
+++ b/application/api/ApiUtils.php
@@ -1,13 +1,11 @@
1<?php 1<?php
2
3namespace Shaarli\Api; 2namespace Shaarli\Api;
4 3
4use Shaarli\Base64Url;
5use Shaarli\Api\Exceptions\ApiAuthorizationException; 5use Shaarli\Api\Exceptions\ApiAuthorizationException;
6 6
7/** 7/**
8 * Class ApiUtils 8 * REST API utilities
9 *
10 * Utility functions for the API.
11 */ 9 */
12class ApiUtils 10class ApiUtils
13{ 11{
@@ -26,17 +24,17 @@ class ApiUtils
26 throw new ApiAuthorizationException('Malformed JWT token'); 24 throw new ApiAuthorizationException('Malformed JWT token');
27 } 25 }
28 26
29 $genSign = hash_hmac('sha512', $parts[0] .'.'. $parts[1], $secret); 27 $genSign = Base64Url::encode(hash_hmac('sha512', $parts[0] .'.'. $parts[1], $secret, true));
30 if ($parts[2] != $genSign) { 28 if ($parts[2] != $genSign) {
31 throw new ApiAuthorizationException('Invalid JWT signature'); 29 throw new ApiAuthorizationException('Invalid JWT signature');
32 } 30 }
33 31
34 $header = json_decode(base64_decode($parts[0])); 32 $header = json_decode(Base64Url::decode($parts[0]));
35 if ($header === null) { 33 if ($header === null) {
36 throw new ApiAuthorizationException('Invalid JWT header'); 34 throw new ApiAuthorizationException('Invalid JWT header');
37 } 35 }
38 36
39 $payload = json_decode(base64_decode($parts[1])); 37 $payload = json_decode(Base64Url::decode($parts[1]));
40 if ($payload === null) { 38 if ($payload === null) {
41 throw new ApiAuthorizationException('Invalid JWT payload'); 39 throw new ApiAuthorizationException('Invalid JWT payload');
42 } 40 }
diff --git a/application/config/ConfigIO.php b/application/config/ConfigIO.php
index 2b68fe6a..be78b1c7 100644
--- a/application/config/ConfigIO.php
+++ b/application/config/ConfigIO.php
@@ -14,7 +14,7 @@ interface ConfigIO
14 * 14 *
15 * @return array All configuration in an array. 15 * @return array All configuration in an array.
16 */ 16 */
17 function read($filepath); 17 public function read($filepath);
18 18
19 /** 19 /**
20 * Write configuration. 20 * Write configuration.
@@ -22,12 +22,12 @@ interface ConfigIO
22 * @param string $filepath Config file absolute path. 22 * @param string $filepath Config file absolute path.
23 * @param array $conf All configuration in an array. 23 * @param array $conf All configuration in an array.
24 */ 24 */
25 function write($filepath, $conf); 25 public function write($filepath, $conf);
26 26
27 /** 27 /**
28 * Get config file extension according to config type. 28 * Get config file extension according to config type.
29 * 29 *
30 * @return string Config file extension. 30 * @return string Config file extension.
31 */ 31 */
32 function getExtension(); 32 public function getExtension();
33} 33}
diff --git a/application/config/ConfigJson.php b/application/config/ConfigJson.php
index 30007eb4..6b5d73f1 100644
--- a/application/config/ConfigJson.php
+++ b/application/config/ConfigJson.php
@@ -10,7 +10,7 @@ class ConfigJson implements ConfigIO
10 /** 10 /**
11 * @inheritdoc 11 * @inheritdoc
12 */ 12 */
13 function read($filepath) 13 public function read($filepath)
14 { 14 {
15 if (! is_readable($filepath)) { 15 if (! is_readable($filepath)) {
16 return array(); 16 return array();
@@ -29,7 +29,7 @@ class ConfigJson implements ConfigIO
29 /** 29 /**
30 * @inheritdoc 30 * @inheritdoc
31 */ 31 */
32 function write($filepath, $conf) 32 public function write($filepath, $conf)
33 { 33 {
34 // JSON_PRETTY_PRINT is available from PHP 5.4. 34 // JSON_PRETTY_PRINT is available from PHP 5.4.
35 $print = defined('JSON_PRETTY_PRINT') ? JSON_PRETTY_PRINT : 0; 35 $print = defined('JSON_PRETTY_PRINT') ? JSON_PRETTY_PRINT : 0;
@@ -46,7 +46,7 @@ class ConfigJson implements ConfigIO
46 /** 46 /**
47 * @inheritdoc 47 * @inheritdoc
48 */ 48 */
49 function getExtension() 49 public function getExtension()
50 { 50 {
51 return '.json.php'; 51 return '.json.php';
52 } 52 }
diff --git a/application/config/ConfigPhp.php b/application/config/ConfigPhp.php
index 2eb68d80..d7fd4baf 100644
--- a/application/config/ConfigPhp.php
+++ b/application/config/ConfigPhp.php
@@ -72,7 +72,7 @@ class ConfigPhp implements ConfigIO
72 /** 72 /**
73 * @inheritdoc 73 * @inheritdoc
74 */ 74 */
75 function read($filepath) 75 public function read($filepath)
76 { 76 {
77 if (! file_exists($filepath) || ! is_readable($filepath)) { 77 if (! file_exists($filepath) || ! is_readable($filepath)) {
78 return array(); 78 return array();
@@ -92,7 +92,7 @@ class ConfigPhp implements ConfigIO
92 /** 92 /**
93 * @inheritdoc 93 * @inheritdoc
94 */ 94 */
95 function write($filepath, $conf) 95 public function write($filepath, $conf)
96 { 96 {
97 $configStr = '<?php '. PHP_EOL; 97 $configStr = '<?php '. PHP_EOL;
98 foreach (self::$ROOT_KEYS as $key) { 98 foreach (self::$ROOT_KEYS as $key) {
@@ -126,7 +126,7 @@ class ConfigPhp implements ConfigIO
126 /** 126 /**
127 * @inheritdoc 127 * @inheritdoc
128 */ 128 */
129 function getExtension() 129 public function getExtension()
130 { 130 {
131 return '.php'; 131 return '.php';
132 } 132 }
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-03 20:27:20 +0000