diff options
Diffstat (limited to 'Auth')
| -rw-r--r-- | Auth/OpenID/FileStore.php | 23 | ||||
| -rw-r--r-- | Auth/OpenID/Interface.php | 18 |
2 files changed, 41 insertions, 0 deletions
diff --git a/Auth/OpenID/FileStore.php b/Auth/OpenID/FileStore.php index 34266ca..50dca78 100644 --- a/Auth/OpenID/FileStore.php +++ b/Auth/OpenID/FileStore.php @@ -116,6 +116,29 @@ class Auth_OpenID_FileStore extends Auth_OpenID_OpenIDStore { } } + function cleanupNonces() + { + global $Auth_OpenID_SKEW; + + $nonces = Auth_OpenID_FileStore::_listdir($this->nonce_dir); + $now = time(); + + $removed = 0; + // Check all nonces for expiry + foreach ($nonces as $nonce_fname) { + $parts = explode('-', $nonce_fname, 2); + $timestamp = $parts[0]; + $timestamp = intval($timestamp, 16); + if (abs($timestamp - $now) > $Auth_OpenID_SKEW) { + $filename = $this->nonce_dir . DIRECTORY_SEPARATOR . + $nonce_fname; + Auth_OpenID_FileStore::_removeIfPresent($filename); + $removed += 1; + } + } + return $removed; + } + /** * Create a unique filename for a given server url and * handle. This implementation does not assume anything about the diff --git a/Auth/OpenID/Interface.php b/Auth/OpenID/Interface.php index 76fa790..71c58e7 100644 --- a/Auth/OpenID/Interface.php +++ b/Auth/OpenID/Interface.php @@ -47,6 +47,24 @@ class Auth_OpenID_OpenIDStore { "not implemented", E_USER_ERROR); } + /* + * Run garbage collection on expired nonces. + * + * Discards any nonce from storage that is old enough that its + * timestamp would not pass useNonce(). + * + * This method is not called in the normal operation of the + * library. It provides a way for store admins to keep their + * storage from filling up with expired data. + * + * @return the number of nonces expired + */ + function cleanupNonces() + { + trigger_error("Auth_OpenID_OpenIDStore::cleanupNonces ". + "not implemented", E_USER_ERROR); + } + /** * This method returns an Association object from storage that * matches the server URL and, if specified, handle. It returns |