diff options
| author | Arnold Daniels <arnold@jasny.net> | 2015-10-26 15:19:15 -0400 |
|---|---|---|
| committer | Arnold Daniels <arnold@jasny.net> | 2015-10-26 15:19:15 -0400 |
| commit | e9e22bf5d3bc83d296e781320ee46ec4517a7ed8 (patch) | |
| tree | 8888e443ba826b0295f6c6f763d067fa460234fc | |
| parent | 42cb62f9aaef03d862ea2a8279e4fcd55d30e213 (diff) | |
| download | sso-0.1.4.zip sso-0.1.4.tar.gz sso-0.1.4.tar.bz2 | |
Allow overwriting getting the remote addrv0.1.4
| -rw-r--r-- | examples/remoteaddr_fix.php | 12 | ||||
| -rw-r--r-- | src/Broker.php | 22 | ||||
| -rw-r--r-- | src/Server.php | 20 |
3 files changed, 44 insertions, 10 deletions
diff --git a/examples/remoteaddr_fix.php b/examples/remoteaddr_fix.php new file mode 100644 index 0000000..10b9796 --- /dev/null +++ b/examples/remoteaddr_fix.php @@ -0,0 +1,12 @@ +<?php + +// This file set $_SERVER['REMOTE_ADDR'] and should be used when testing a +// broker on localhost with a remote server. +// +// Use this file by adding `-d auto_prepend_file=../remoteaddr_fix.php`. + +$externalContent = file_get_contents('http://ip4.me/'); +preg_match('/\b(\d{1,3}\.){3}\d{1,3}\b/', $externalContent, $m); + +$_SERVER['REMOTE_ADDR'] = $m[0]; + diff --git a/src/Broker.php b/src/Broker.php index a9ffdd7..df8b07c 100644 --- a/src/Broker.php +++ b/src/Broker.php @@ -41,7 +41,6 @@ class Broker */ protected $userinfo; - /** * Class constructor * @@ -60,6 +59,8 @@ class Broker $this->secret = $secret; if (isset($_COOKIE[$this->getCookieName()])) $this->token = $_COOKIE[$this->getCookieName()]; + + } /** @@ -72,7 +73,7 @@ class Broker */ protected function getCookieName() { - return 'sso_token_' . strtolower($this->broker); + return 'sso_token_' . preg_replace('/[_\W]+/', '_', strtolower($this->broker)); } /** @@ -84,7 +85,7 @@ class Broker { if (!$this->token) return null; - $checksum = hash('sha256', 'session' . $this->token . $_SERVER['REMOTE_ADDR'] . $this->secret); + $checksum = hash('sha256', 'session' . $this->token . static::getRemoteAddr() . $this->secret); return "SSO-{$this->broker}-{$this->token}-$checksum"; } @@ -118,12 +119,12 @@ class Broker public function getAttachUrl($params = []) { $this->generateToken(); - + $data = [ 'command' => 'attach', 'broker' => $this->broker, 'token' => $this->token, - 'checksum' => hash('sha256', 'attach' . $this->token . $_SERVER['REMOTE_ADDR'] . $this->secret) + 'checksum' => hash('sha256', 'attach' . $this->token . static::getRemoteAddr() . $this->secret) ] + $_GET; return $this->url . "?" . http_build_query($data + $params); @@ -249,4 +250,15 @@ class Broker return $this->userinfo; } + + + /** + * Get the client IP address + * + * @return string + */ + protected static function getRemoteAddr() + { + return $_SERVER['REMOTE_ADDR']; + } } diff --git a/src/Server.php b/src/Server.php index 9716c25..1afbd1e 100644 --- a/src/Server.php +++ b/src/Server.php @@ -115,10 +115,9 @@ abstract class Server } if (!$clientAddr) { - $this->setSessionData('client_addr', $_SERVER['REMOTE_ADDR']); + $this->setSessionData('client_addr', static::getRemoteAddr()); } - } - + } /** * Generate session id from session token @@ -130,7 +129,7 @@ abstract class Server $broker = $this->getBrokerInfo($brokerId); if (!isset($broker)) return null; - if (!isset($client_addr)) $client_addr = $_SERVER['REMOTE_ADDR']; + if (!isset($client_addr)) $client_addr = static::getRemoteAddr(); return "SSO-{$brokerId}-{$token}-" . hash('sha256', 'session' . $token . $client_addr . $broker['secret']); } @@ -146,7 +145,7 @@ abstract class Server if (!isset($broker)) return null; - return hash('sha256', 'attach' . $token . $_SERVER['REMOTE_ADDR'] . $broker['secret']); + return hash('sha256', 'attach' . $token . static::getRemoteAddr() . $broker['secret']); } @@ -367,5 +366,16 @@ abstract class Server * @return array|object */ abstract protected function getUserInfo($username); + + + /** + * Get the client IP address + * + * @return string + */ + protected static function getRemoteAddr() + { + return $_SERVER['REMOTE_ADDR']; + } } |