本文整理汇总了PHP中SecurityToken类的典型用法代码示例。如果您正苦于以下问题:PHP SecurityToken类的具体用法?PHP SecurityToken怎么用?PHP SecurityToken使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了SecurityToken类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: deletePersonData
/**
* Delete PersonAppData
*
* @param
* $userId for who data is to be deleted
* @param
* $groupId of the user
* @param
* $appId to which all Appdata belongs to
* @param
* $feilds array of Appdata needs to be deleted
* @param
* $token security token for validation
*/
public function deletePersonData($userId, GroupId $groupId, $appId, $fields, SecurityToken $token)
{
if ($fields == null || $fields[0] == '*') {
$key = "*";
if (!ShindigIntegratorDbFetcher::get()->deleteAppData($userId, $key, $token->getAppId())) {
throw new SocialSpiException("Internal server error", ResponseError::$INTERNAL_ERROR);
}
return null;
}
foreach ($fields as $key) {
if (!ShindigIntegratorAppDataService::isValidKey($key)) {
throw new SocialSpiException("The person app data key had invalid characters", ResponseError::$BAD_REQUEST);
}
}
switch ($groupId->getType()) {
case 'self':
foreach ($fields as $key) {
if (!ShindigIntegratorDbFetcher::get()->deleteAppData($userId, $key, $token->getAppId())) {
throw new SocialSpiException("Internal server error", ResponseError::$INTERNAL_ERROR);
}
}
break;
default:
throw new SocialSpiException("Not Implemented", ResponseError::$NOT_IMPLEMENTED);
break;
}
return null;
}
示例2: getAppId
public static function getAppId($appId, SecurityToken $token)
{
if ($appId == '@app') {
return $token->getAppId();
} else {
return $appId;
}
}
示例3: createMessage
public function createMessage($userId, $appId, $message, $optionalMessageId, SecurityToken $token)
{
try {
$messages = ATutorDbFetcher::get()->createMessage($userId, $token->getAppId(), $message);
} catch (SocialSpiException $e) {
throw $e;
} catch (Exception $e) {
throw new SocialSpiException("Invalid create message request: " . $e->getMessage(), ResponseError::$INTERNAL_ERROR);
}
}
示例4: getKey
protected function getKey($userId, SecurityToken $token)
{
$pos = strrpos($userId, ':');
if ($pos !== false) {
$userId = substr($userId, $pos + 1);
}
if ($token->getAppId()) {
return self::$TOKEN_PREFIX . $token->getAppId() . '_' . $userId;
}
return self::$TOKEN_PREFIX . $token->getAppUrl() . '_' . $userId;
}
示例5: createActivity
public function createActivity($userId, $groupId, $appId, $fields, $activity, SecurityToken $token)
{
try {
if ($token->getOwnerId() != $token->getViewerId()) {
throw new SocialSpiException("unauthorized: Create activity permission denied.", ResponseError::$UNAUTHORIZED);
}
ATutorDbFetcher::get()->createActivity($userId->getUserId($token), $activity, $token->getAppId());
} catch (SocialSpiException $e) {
throw $e;
} catch (Exception $e) {
throw new SocialSpiException("Invalid create activity request: " . $e->getMessage(), ResponseError::$INTERNAL_ERROR);
}
}
示例6: update
public function update(SS_HTTPRequest $request)
{
if (!SecurityToken::inst()->checkRequest($request)) {
return '';
}
$url = $request->postVar('URL');
if (strlen($url)) {
$info = Oembed::get_oembed_from_url($url);
if ($info && $info->exists()) {
$object = EmbeddedObject::create();
$object->Title = $info->title;
$object->SourceURL = $url;
$object->Width = $info->width;
$object->Height = $info->height;
$object->ThumbURL = $info->thumbnail_url;
$object->Description = $info->description ? $info->description : $info->title;
$object->Type = $info->type;
$object->EmbedHTML = $info->forTemplate();
$this->object = $object;
// needed to make sure the check in FieldHolder works out
$object->ID = -1;
return $this->FieldHolder();
} else {
$this->message = _t('EmbeddedObjectField.ERROR', 'Could not look up provided URL: ' . Convert::raw2xml($url));
return $this->FieldHolder();
}
} else {
$this->object = null;
return $this->FieldHolder();
}
}
示例7: update
public function update(SS_HTTPRequest $request)
{
if (!SecurityToken::inst()->checkRequest($request)) {
return '';
}
$url = $request->postVar('URL');
if (strlen($url)) {
$info = Oembed::get_oembed_from_url($url);
$info = Embed\Embed::create($url);
if ($info) {
$object = EmbeddedObject::create();
$object->setFromEmbed($info);
$this->object = $object;
// needed to make sure the check in FieldHolder works out
$object->ID = -1;
return $this->FieldHolder();
} else {
$this->message = _t('EmbeddedObjectField.ERROR', 'Could not look up provided URL: ' . Convert::raw2xml($url));
return $this->FieldHolder();
}
} else {
$this->object = null;
return $this->FieldHolder();
}
}
示例8: authenticate
public function authenticate(SS_HTTPRequest $request)
{
$token = $this->getToken($request);
$user = null;
if (!Member::currentUserID() && !$this->allowPublicAccess || $token) {
if (!$token) {
throw new WebServiceException(403, "Missing token parameter");
}
$user = $this->tokenAuthenticator->authenticate($token);
if (!$user) {
throw new WebServiceException(403, "Invalid user token");
}
} else {
if ($this->allowSecurityId && Member::currentUserID()) {
// we check the SecurityID parameter for the current user
$secParam = SecurityToken::inst()->getName();
$securityID = $request->requestVar($secParam);
if ($securityID && $securityID != SecurityToken::inst()->getValue()) {
throw new WebServiceException(403, "Invalid security ID");
}
$user = Member::currentUser();
}
}
if (!$user && !$this->allowPublicAccess) {
throw new WebServiceException(403, "Invalid request");
}
// now, if we have an hmacValidator in place, use it
if ($this->hmacValidator && $user) {
if (!$this->hmacValidator->validateHmac($user, $request)) {
throw new WebServiceException(403, "Invalid message");
}
}
return true;
}
示例9: handleBatchAction
public function handleBatchAction($request)
{
// This method can't be called without ajax.
if (!$request->isAjax()) {
$this->parentController->redirectBack();
return;
}
// Protect against CSRF on destructive action
if (!SecurityToken::inst()->checkRequest($request)) {
return $this->httpError(400);
}
$actions = $this->batchActions();
$actionClass = $actions[$request->param('BatchAction')]['class'];
$actionHandler = new $actionClass();
// Sanitise ID list and query the database for apges
$ids = preg_split('/ *, */', trim($request->requestVar('csvIDs')));
foreach ($ids as $k => $v) {
if (!is_numeric($v)) {
unset($ids[$k]);
}
}
if ($ids) {
if (class_exists('Translatable') && SiteTree::has_extension('Translatable')) {
Translatable::disable_locale_filter();
}
$recordClass = $this->recordClass;
$pages = DataObject::get($recordClass)->byIDs($ids);
if (class_exists('Translatable') && SiteTree::has_extension('Translatable')) {
Translatable::enable_locale_filter();
}
$record_class = $this->recordClass;
if ($record_class::has_extension('Versioned')) {
// If we didn't query all the pages, then find the rest on the live site
if (!$pages || $pages->Count() < sizeof($ids)) {
$idsFromLive = array();
foreach ($ids as $id) {
$idsFromLive[$id] = true;
}
if ($pages) {
foreach ($pages as $page) {
unset($idsFromLive[$page->ID]);
}
}
$idsFromLive = array_keys($idsFromLive);
$livePages = Versioned::get_by_stage($this->recordClass, 'Live')->byIDs($idsFromLive);
if ($pages) {
// Can't merge into a DataList, need to condense into an actual list first
// (which will retrieve all records as objects, so its an expensive operation)
$pages = new ArrayList($pages->toArray());
$pages->merge($livePages);
} else {
$pages = $livePages;
}
}
}
} else {
$pages = new ArrayList();
}
return $actionHandler->run($pages);
}
示例10: onBeforeWrite
/**
* Ensure we populate these fields before a save.
*/
public function onBeforeWrite()
{
// Run other beforewrites first.
parent::onBeforeWrite();
if (!$this->isBrowser()) {
return false;
}
// If this is the first save...
if (!$this->ID) {
// Ensure the session exists before querying it.
if (!Session::request_contains_session_id()) {
Session::start();
}
// Store the sesion and has information in the database.
$this->SessionID = SecurityToken::getSecurityID();
if (is_null($this->SessionID)) {
return false;
}
$gen = new RandomGenerator();
$uniqueurl = substr($gen->randomToken(), 0, 32);
while (ShortList::get()->filter('URL', $uniqueurl)->count() > 0) {
$uniqueurl = substr($gen->randomToken(), 0, 32);
}
$this->URL = $uniqueurl;
$this->UserAgent = Controller::curr()->getRequest()->getHeader('User-Agent');
}
}
示例11: sort
public function sort($request)
{
if (!SecurityToken::inst()->checkRequest($request)) {
$this->httpError(404);
}
$class = $request->postVar('class');
$ids = $request->postVar('id');
if ($class == 'WorkflowAction') {
$objects = $this->Definition()->Actions();
} elseif ($class == 'WorkflowTransition') {
$parent = $request->postVar('parent');
$action = $this->Definition()->Actions()->byID($parent);
if (!$action) {
$this->httpError(400, _t('AdvancedWorkflowAdmin.INVALIDPARENTID', 'An invalid parent ID was specified.'));
}
$objects = $action->Transitions();
} else {
$this->httpError(400, _t('AdvancedWorkflowAdmin.INVALIDCLASSTOORDER', 'An invalid class to order was specified.'));
}
if (array_diff($ids, $objects->column('ID'))) {
$this->httpError(400, _t('AdvancedWorkflowAdmin.INVALIDIDLIST', 'An invalid list of IDs was provided.'));
}
singleton('WorkflowService')->reorder($objects, $ids);
return new SS_HTTPResponse(null, 200, _t('AdvancedWorkflowAdmin.SORTORDERSAVED', 'The sort order has been saved.'));
}
示例12: createtranslation
/**
* Create a new translation from an existing item, switch to this language and reload the tree.
*/
function createtranslation($data, $form)
{
$request = $this->owner->getRequest();
// Protect against CSRF on destructive action
if (!SecurityToken::inst()->checkRequest($request)) {
return $this->owner->httpError(400);
}
$langCode = Convert::raw2sql($request->postVar('NewTransLang'));
$record = $this->owner->getRecord($request->postVar('ID'));
if (!$record) {
return $this->owner->httpError(404);
}
$this->owner->Locale = $langCode;
Translatable::set_current_locale($langCode);
// Create a new record in the database - this is different
// to the usual "create page" pattern of storing the record
// in-memory until a "save" is performed by the user, mainly
// to simplify things a bit.
// @todo Allow in-memory creation of translations that don't
// persist in the database before the user requests it
$translatedRecord = $record->createTranslation($langCode);
$url = Controller::join_links($this->owner->Link('show'), $translatedRecord->ID);
// set the X-Pjax header to Content, so that the whole admin panel will be refreshed
$this->owner->getResponse()->addHeader('X-Pjax', 'Content');
return $this->owner->redirect($url);
}
示例13: tearDown
public function tearDown()
{
SecurityToken::enable();
$this->folder->deleteDatabaseOnly();
Filesystem::removeFolder($this->folder->getFullPath());
parent::tearDown();
}
示例14: onAuthenticationSuccess
/**
* This is called when an interactive authentication attempt succeeds. This
* is called by authentication listeners inheriting from AbstractAuthenticationListener.
* @param Request $request
* @param TokenInterface $token
* @return Response The response to return
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
$user = $token->getUser();
// This should actually be handle by the AuthenticationFailedHandler
if (!$user->isAdmin()) {
// can't go into admin
$request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, new AuthenticationException('User is not an admin.'));
return $this->httpUtils->createRedirectResponse($request, 'admin_login');
}
\LoginAttempts::DeleteOldLoginAttempts();
\LoginAttempts::ClearLoginAttemptsForIp();
$zendAuth = \Zend_Auth::getInstance();
$this->authAdapter->setUsername($user->getUsername())->setPassword($request->request->get('_password'))->setAdmin(true);
$zendAuth->authenticate($this->authAdapter);
$OAuthtoken = $this->userService->loginUser($user, 'oauth_authorize');
$session = $request->getSession();
$session->set('_security_oauth_authorize', serialize($OAuthtoken));
$frontendToken = $this->userService->loginUser($user, 'frontend_area');
$session = $request->getSession();
$session->set('_security_frontend_area', serialize($frontendToken));
\Article::UnlockByUser($user->getId());
$request->setLocale($request->request->get('login_language'));
$this->setNoCacheCookie($request);
$user->setLastLogin(new \DateTime());
$this->em->flush();
if ($request->get('ajax') === 'true') {
// close popup with login.
return new Response("<script type=\"text/javascript\">window.parent.g_security_token = '" . \SecurityToken::GetToken() . "';window.parent.\$(window.parent.document.body).data('loginDialog').dialog('close');window.parent.setSecurityToken(window.parent.g_security_token);</script>");
}
return parent::onAuthenticationSuccess($request, $token);
}
示例15: testCorruptedOrderItemLinks
/**
* Coverage for a bug where there's an error generating the link when ProductID = 0
*/
public function testCorruptedOrderItemLinks()
{
SecurityToken::disable();
$product = $this->socks;
$item = $product->Item();
$item->ProductID = 0;
$this->assertEquals('', $item->removeLink());
}