diff options
Diffstat (limited to 'models/Auth/OpenID/Nonce.php')
-rw-r--r-- | models/Auth/OpenID/Nonce.php | 108 |
1 files changed, 0 insertions, 108 deletions
diff --git a/models/Auth/OpenID/Nonce.php b/models/Auth/OpenID/Nonce.php deleted file mode 100644 index b83c5911f..000000000 --- a/models/Auth/OpenID/Nonce.php +++ /dev/null @@ -1,108 +0,0 @@ -<?php - -/** - * Nonce-related functionality. - * - * @package OpenID - */ - -/** - * Need CryptUtil to generate random strings. - */ -require_once 'Auth/OpenID/CryptUtil.php'; - -/** - * This is the characters that the nonces are made from. - */ -define('Auth_OpenID_Nonce_CHRS',"abcdefghijklmnopqrstuvwxyz" . - "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"); - -// Keep nonces for five hours (allow five hours for the combination of -// request time and clock skew). This is probably way more than is -// necessary, but there is not much overhead in storing nonces. -global $Auth_OpenID_SKEW; -$Auth_OpenID_SKEW = 60 * 60 * 5; - -define('Auth_OpenID_Nonce_REGEX', - '/(\d{4})-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)Z(.*)/'); - -define('Auth_OpenID_Nonce_TIME_FMT', - '%Y-%m-%dT%H:%M:%SZ'); - -function Auth_OpenID_splitNonce($nonce_string) -{ - // Extract a timestamp from the given nonce string - $result = preg_match(Auth_OpenID_Nonce_REGEX, $nonce_string, $matches); - if ($result != 1 || count($matches) != 8) { - return null; - } - - list($unused, - $tm_year, - $tm_mon, - $tm_mday, - $tm_hour, - $tm_min, - $tm_sec, - $uniquifier) = $matches; - - $timestamp = - @gmmktime($tm_hour, $tm_min, $tm_sec, $tm_mon, $tm_mday, $tm_year); - - if ($timestamp === false || $timestamp < 0) { - return null; - } - - return array($timestamp, $uniquifier); -} - -function Auth_OpenID_checkTimestamp($nonce_string, - $allowed_skew = null, - $now = null) -{ - // Is the timestamp that is part of the specified nonce string - // within the allowed clock-skew of the current time? - global $Auth_OpenID_SKEW; - - if ($allowed_skew === null) { - $allowed_skew = $Auth_OpenID_SKEW; - } - - $parts = Auth_OpenID_splitNonce($nonce_string); - if ($parts == null) { - return false; - } - - if ($now === null) { - $now = time(); - } - - $stamp = $parts[0]; - - // Time after which we should not use the nonce - $past = $now - $allowed_skew; - - // Time that is too far in the future for us to allow - $future = $now + $allowed_skew; - - // the stamp is not too far in the future and is not too far - // in the past - return (($past <= $stamp) && ($stamp <= $future)); -} - -function Auth_OpenID_mkNonce($when = null) -{ - // Generate a nonce with the current timestamp - $salt = Auth_OpenID_CryptUtil::randomString( - 6, Auth_OpenID_Nonce_CHRS); - if ($when === null) { - // It's safe to call time() with no arguments; it returns a - // GMT unix timestamp on PHP 4 and PHP 5. gmmktime() with no - // args returns a local unix timestamp on PHP 4, so don't use - // that. - $when = time(); - } - $time_str = gmstrftime(Auth_OpenID_Nonce_TIME_FMT, $when); - return $time_str . $salt; -} - |