From 769e19dc4ab1a068e8165a7b237f42a78a6d312f Mon Sep 17 00:00:00 2001 From: Jeremy Date: Sun, 29 Mar 2015 10:53:10 +0200 Subject: Move API stuff in ApiBundle --- .../Authentication/Provider/WsseProvider.php | 78 ---------------------- .../Authentication/Token/WsseUserToken.php | 23 ------- 2 files changed, 101 deletions(-) delete mode 100644 src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php delete mode 100644 src/Wallabag/CoreBundle/Security/Authentication/Token/WsseUserToken.php (limited to 'src/Wallabag/CoreBundle/Security/Authentication') diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php deleted file mode 100644 index 7e6a5dfb..00000000 --- a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php +++ /dev/null @@ -1,78 +0,0 @@ -userProvider = $userProvider; - $this->cacheDir = $cacheDir; - - // If cache directory does not exist we create it - if (!is_dir($this->cacheDir)) { - mkdir($this->cacheDir, 0777, true); - } - } - - public function authenticate(TokenInterface $token) - { - $user = $this->userProvider->loadUserByUsername($token->getUsername()); - - if (!$user) { - throw new AuthenticationException("Bad credentials. Did you forgot your username?"); - } - - if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) { - $authenticatedToken = new WsseUserToken($user->getRoles()); - $authenticatedToken->setUser($user); - - return $authenticatedToken; - } - - throw new AuthenticationException('The WSSE authentication failed.'); - } - - protected function validateDigest($digest, $nonce, $created, $secret) - { - // Check created time is not in the future - if (strtotime($created) > time()) { - throw new AuthenticationException("Back to the future..."); - } - - // Expire timestamp after 5 minutes - if (time() - strtotime($created) > 300) { - throw new AuthenticationException("Too late for this timestamp... Watch your watch."); - } - - // Validate nonce is unique within 5 minutes - if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) { - throw new NonceExpiredException('Previously used nonce detected'); - } - - file_put_contents($this->cacheDir.'/'.$nonce, time()); - - // Validate Secret - $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true)); - - if ($digest !== $expected) { - throw new AuthenticationException("Bad credentials ! Digest is not as expected."); - } - - return $digest === $expected; - } - - public function supports(TokenInterface $token) - { - return $token instanceof WsseUserToken; - } -} diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Token/WsseUserToken.php b/src/Wallabag/CoreBundle/Security/Authentication/Token/WsseUserToken.php deleted file mode 100644 index ea6fb9bf..00000000 --- a/src/Wallabag/CoreBundle/Security/Authentication/Token/WsseUserToken.php +++ /dev/null @@ -1,23 +0,0 @@ -setAuthenticated(count($roles) > 0); - } - - public function getCredentials() - { - return ''; - } -} -- cgit v1.2.3