当前位置: 首页>>代码示例>>PHP>>正文


PHP StringUtils::equals方法代码示例

本文整理汇总了PHP中Symfony\Component\Security\Core\Util\StringUtils::equals方法的典型用法代码示例。如果您正苦于以下问题:PHP StringUtils::equals方法的具体用法?PHP StringUtils::equals怎么用?PHP StringUtils::equals使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Symfony\Component\Security\Core\Util\StringUtils的用法示例。


在下文中一共展示了StringUtils::equals方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: isTokenValid

 /**
  * {@inheritdoc}
  */
 public function isTokenValid(CsrfToken $token)
 {
     if (!$this->storage->hasToken($token->getId())) {
         return false;
     }
     return StringUtils::equals($this->storage->getToken($token->getId()), $token->getValue());
 }
开发者ID:rolas123,项目名称:weather-homework,代码行数:10,代码来源:CsrfTokenManager.php

示例2: connect

 /**
  * {@inheritdoc}
  */
 public function connect(Application $app)
 {
     $controllers = $app['controllers_factory'];
     $controllers->post('/oauth/token', function (Request $request) use($app) {
         $grantType = $request->request->get('grant_type');
         $clientId = $request->server->get('PHP_AUTH_USER', $request->request->get('client_id'));
         $secret = $request->server->get('PHP_AUTH_PW', $request->request->get('client_secret'));
         if (empty($clientId)) {
             throw new OAuthInvalidRequestException('Missing client_id parameter.');
         }
         if (empty($grantType)) {
             throw new OAuthInvalidRequestException('Missing grant_type parameter.');
         }
         $client = $app['oauth2.client.provider']->get($clientId);
         if (empty($client)) {
             throw new OAuthInvalidClientException('Unknown client');
         }
         if (!empty($secret) && !StringUtils::equals($client->getSecret(), $secret)) {
             throw new OAuthUnauthorizedClientException();
         }
         $grantType = $app['oauth2.grant_types']->get($grantType);
         if (!in_array($grantType->getName(), $client->getGrantTypes())) {
             throw new OAuthUnauthorizedClientException();
         }
         return $grantType->handle($request, $client);
     });
     return $controllers;
 }
开发者ID:euskadi31,项目名称:OAuth2ServerServiceProvider,代码行数:31,代码来源:TokenControllerProvider.php

示例3: processAutoLoginCookie

 /**
  * {@inheritdoc}
  */
 protected function processAutoLoginCookie(array $cookieParts, Request $request)
 {
     if (count($cookieParts) !== 4) {
         throw new AuthenticationException('The cookie is invalid.');
     }
     list($class, $username, $expires, $hash) = $cookieParts;
     if (false === ($username = base64_decode($username, true))) {
         throw new AuthenticationException('$username contains a character from outside the base64 alphabet.');
     }
     try {
         $user = $this->getUserProvider($class)->loadUserByUsername($username);
     } catch (\Exception $e) {
         if (!$e instanceof AuthenticationException) {
             $e = new AuthenticationException($e->getMessage(), $e->getCode(), $e);
         }
         throw $e;
     }
     if (!$user instanceof UserInterface) {
         throw new \RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', get_class($user)));
     }
     if (true !== StringUtils::equals($this->generateCookieHash($class, $username, $expires, $user->getPassword()), $hash)) {
         throw new AuthenticationException('The cookie\'s hash is invalid.');
     }
     if ($expires < time()) {
         throw new AuthenticationException('The cookie has expired.');
     }
     return $user;
 }
开发者ID:Dren-x,项目名称:mobit,代码行数:31,代码来源:TokenBasedRememberMeServices.php

示例4: tokensMatch

 function tokensMatch($request)
 {
     $token = $request->session()->token();
     $header = $request->header('x-xsrf-token');
     //in keys case sensitivity is important!!!!
     return StringUtils::equals($token, $request->input('_token')) || $header && StringUtils::equals($token, $header);
 }
开发者ID:rastaafary,项目名称:shark,代码行数:7,代码来源:VerifyCsrfToken.php

示例5: validateDigest

 /**
  * {@InheritDoc}
  *
  * @throws NonceExpiredException
  */
 public function validateDigest(WsseUserToken $wsseToken, UserInterface $user)
 {
     $created = $wsseToken->created;
     $nonce = $wsseToken->nonce;
     $digest = $wsseToken->digest;
     $secret = $user->getPassword();
     // Check created time is not too far in the future (leaves 5 minutes margin)
     if (strtotime($created) > time() + 300) {
         throw new WsseAuthenticationException(sprintf('Token created date cannot be in future (%d seconds in the future).', time() - strtotime($created)));
     }
     // Expire timestamp after 5 minutes
     if (strtotime($created) < time() - 300) {
         throw new WsseAuthenticationException(sprintf('Token created date has expired its 300 seconds of validity (%d seconds).', strtotime($created) - time()));
     }
     // Validate that the nonce is *not* used in the last 10 minutes
     // if it has, this could be a replay attack
     if (file_exists($this->cacheDir . '/' . $nonce) && file_get_contents($this->cacheDir . '/' . $nonce) + 600 > time()) {
         throw new NonceExpiredException('Previously used nonce detected.');
     }
     // If cache directory does not exist we create it
     if (!is_dir($this->cacheDir)) {
         mkdir($this->cacheDir, 0777, true);
     }
     file_put_contents($this->cacheDir . '/' . $nonce, time());
     // Validate Secret
     $expected = base64_encode(sha1(base64_decode($nonce) . $created . $secret, true));
     if (!StringUtils::equals($expected, $digest)) {
         throw new WsseAuthenticationException('Token digest is not valid.');
     }
     return true;
 }
开发者ID:alcalyn,项目名称:symfony-wsse,代码行数:36,代码来源:PasswordDigestValidator.php

示例6: validateDigest

 /**
  * This function is specific to Wsse authentication and is only used to help this example
  *
  * For more information specific to the logic here, see
  * https://github.com/symfony/symfony-docs/pull/3134#issuecomment-27699129
  */
 protected function validateDigest($digest, $nonce, $created, $secret)
 {
     // Check created time is not in the future
     if (strtotime($created) > time()) {
         return false;
     }
     // Expire timestamp after 5 minutes
     if (time() - strtotime($created) > 300) {
         return false;
     }
     // Validate that the nonce is *not* used in the last 5 minutes
     // if it has, this could be a replay attack
     if (file_exists($this->cacheDir . '/' . $nonce) && file_get_contents($this->cacheDir . '/' . $nonce) + 300 > time()) {
         throw new NonceExpiredException('Previously used nonce detected');
     }
     // If cache directory does not exist we create it
     if (!is_dir($this->cacheDir)) {
         mkdir($this->cacheDir, 0777, true);
     }
     file_put_contents($this->cacheDir . '/' . $nonce, time());
     // Validate Secret
     //$expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true));
     $expected = base64_encode(self::createDigest(base64_decode($nonce), $created, $secret));
     return StringUtils::equals($expected, $digest);
 }
开发者ID:amomin,项目名称:symf-tst-apisecurity,代码行数:31,代码来源:WsseProvider.php

示例7: tokensMatch

 /**
  * Determine if the session and input CSRF tokens match.
  *
  * @param  \Illuminate\Http\Request  $request
  * @return bool
  */
 protected function tokensMatch($request)
 {
     $token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');
     if (!$token && ($header = $request->header('X-XSRF-TOKEN'))) {
         $token = $this->encrypter->decrypt($header);
     }
     return StringUtils::equals($request->session()->token(), $token);
 }
开发者ID:GeorgeShazkho,项目名称:micros-de-conce,代码行数:14,代码来源:VerifyCsrfToken.php

示例8: handle

 public function handle()
 {
     $token = app('request')->input('_token') ?: app('request')->header('X-CSRF-TOKEN');
     if (!$token && ($header = app('request')->header('X-XSRF-TOKEN'))) {
         $token = app('encrypter')->decrypt($header);
     }
     if (StringUtils::equals(app('request')->session()->token(), $token)) {
         return true;
     }
     return false;
 }
开发者ID:artemsk,项目名称:veer-core,代码行数:11,代码来源:CsrfTokenMatchCommand.php

示例9: isCsrfTokenValid

 /**
  * {@inheritdoc}
  */
 public function isCsrfTokenValid($intention, $token)
 {
     $expectedToken = $this->generateCsrfToken($intention);
     if (function_exists('hash_equals')) {
         return hash_equals($expectedToken, $token);
     }
     if (class_exists('Symfony\\Component\\Security\\Core\\Util\\StringUtils')) {
         return StringUtils::equals($expectedToken, $token);
     }
     return $token === $expectedToken;
 }
开发者ID:BusinessCookies,项目名称:CoffeeMachineProject,代码行数:14,代码来源:DefaultCsrfProvider.php

示例10: callbackAction

 /**
  * @Route("/sso_callback", name="sso_callback")
  */
 public function callbackAction(Request $request)
 {
     $state = $request->query->get('state', null);
     $code = $request->query->get('code', null);
     $session = $this->get('session');
     $nonce = $session->get('eve_sso_nonce');
     $session->remove('eve_sso_nonce');
     if (!StringUtils::equals($nonce, $state)) {
         $session->getFlashBag()->add('danger', 'Invalid CSRF Token - Refresh the page.');
         return $this->redirect($this->generateUrl('default'));
     }
     $auth_uri = "https://login.eveonline.com/oauth/token";
     $creds = [trim($this->container->getParameter('eve_client_id')), trim($this->container->getParameter('eve_client_secret'))];
     /*
      * LOOK OUT FOR THE SPACE
      */
     $auth_request = new \GuzzleHttp\Psr7\Request('POST', $auth_uri, ['Content-Type' => 'application/x-www-form-urlencoded', 'Authorization' => 'Basic ' . base64_encode(implode(":", $creds))], "grant_type=authorization_code&code={$code}");
     try {
         $response = $this->tryRequest($auth_request);
     } catch (\Exception $e) {
         $session->getFlashBag()->add('danger', 'There was a problem with your request<i>Try Again - if this persists - Submit an issue ticket using the link in the footer.</i></b>');
         return $this->redirect($this->generateUrl('eve.register'));
     }
     $response_content = json_decode($response->getBody()->getContents());
     $token = $response_content->access_token;
     $verify_uri = "https://login.eveonline.com/oauth/verify";
     $verfiyRequest = new \GuzzleHttp\Psr7\Request('GET', $verify_uri, ['Authorization' => 'Bearer ' . $token]);
     try {
         $charResponse = $this->tryRequest($verfiyRequest);
     } catch (\Exception $e) {
         $session->getFlashBag()->add('danger', 'There was a problem with your request<i>Try Again - if this persists - Submit an issue ticket using the link in the footer.</i></b>');
         return $this->redirect($this->generateUrl('eve.register'));
     }
     $decoded = json_decode($charResponse->getBody()->getContents());
     $cId = $decoded->CharacterID;
     $cName = $decoded->CharacterName;
     $exists = $this->getDoctrine()->getRepository('AppBundle:CorporationMember')->findOneBy(['character_id' => intval($cId)]);
     // character isnt in a corp that is registered by an admin
     if ($exists === null) {
         $session->getFlashBag()->add('warning', 'Sorry we do not support non-alpha tester registrations at this time.<br><b>COME BACK SOON</b> or make a request to add your corproation through a support ticket below.');
         $this->get('logger')->info(sprintf("ATTEMPTED REGISTRATION: char_id = %s char_name = %s", $cId, $cName));
         return $this->redirect($this->generateUrl('eve.register'));
     } else {
         $user = $this->getDoctrine()->getRepository('AppBundle:User')->findOneBy(['username' => strtolower(str_replace(' ', '_', trim($exists->getCharacterName())))]);
         if ($user instanceof User) {
             $session->getFlashBag()->add('warning', 'This character is already associated with a user. IF you have forgot your username or password please see the link below');
             return $this->redirect($this->generateUrl('eve.register'));
         }
         // all is well
         $session->set('registration_authorized', ['id' => $cId, 'name' => $cName]);
         return $this->redirect($this->generateUrl('fos_user_registration_register'));
     }
 }
开发者ID:Covert-Inferno,项目名称:evetool,代码行数:56,代码来源:EveSSOController.php

示例11: filter

 public function filter(Route $route, Request $request)
 {
     $token = $request->input('_token');
     if (!$token) {
         $token = $request->headers->get('X-XSRF-TOKEN');
     }
     if (!$token) {
         $token = $request->cookie('XSRF-TOKEN');
     }
     if (!StringUtils::equals($this->session->token(), $token)) {
         throw new TokenMismatchException();
     }
     if ($this->regenerate) {
         $this->session->regenerateToken();
     }
 }
开发者ID:anlutro,项目名称:l4-core,代码行数:16,代码来源:CsrfFilter.php

示例12: processAutoLoginCookie

 /**
  * {@inheritdoc}
  */
 protected function processAutoLoginCookie(array $cookieParts, Request $request)
 {
     if (count($cookieParts) !== 2) {
         throw new AuthenticationException('The cookie is invalid.');
     }
     list($series, $tokenValue) = $cookieParts;
     $persistentToken = $this->tokenProvider->loadTokenBySeries($series);
     if (!StringUtils::equals($persistentToken->getTokenValue(), $tokenValue)) {
         throw new CookieTheftException('This token was already used. The account is possibly compromised.');
     }
     if ($persistentToken->getLastUsed()->getTimestamp() + $this->options['lifetime'] < time()) {
         throw new AuthenticationException('The cookie has expired.');
     }
     $tokenValue = base64_encode($this->secureRandom->nextBytes(64));
     $this->tokenProvider->updateToken($series, $tokenValue, new \DateTime());
     $request->attributes->set(self::COOKIE_ATTR_NAME, new Cookie($this->options['name'], $this->encodeCookie(array($series, $tokenValue)), time() + $this->options['lifetime'], $this->options['path'], $this->options['domain'], $this->options['secure'], $this->options['httponly']));
     return $this->getUserProvider($persistentToken->getClass())->loadUserByUsername($persistentToken->getUsername());
 }
开发者ID:BusinessCookies,项目名称:CoffeeMachineProject,代码行数:21,代码来源:PersistentTokenBasedRememberMeServices.php

示例13: verify

 /**
  * {@inheritdoc}
  */
 public function verify($url, $key, $signature = null)
 {
     if (strpos($url, 'sign=') !== false) {
         $params = [];
         parse_str(parse_url($url, PHP_URL_QUERY), $params);
         if (isset($params['sign'])) {
             if (empty($signature)) {
                 $signature = $params['sign'];
             }
             unset($params['sign']);
         }
         $url = http_build_url($url, ['query' => http_build_query($params)], HTTP_URL_STRIP_FRAGMENT | HTTP_URL_REPLACE);
     }
     if (empty($signature)) {
         throw new InvalidArgumentException('Signature argument not found.');
     }
     $expected = $this->sign($url, $key);
     return StringUtils::equals($expected, $signature);
 }
开发者ID:euskadi31,项目名称:OAuth2ServerServiceProvider,代码行数:22,代码来源:DefaultSignature.php

示例14: callbackAction

 /**
  * @Route("/sso_callback", name="sso_callback")
  */
 public function callbackAction(Request $request)
 {
     $state = $request->query->get('state', null);
     $code = $request->query->get('code', null);
     $session = $this->get('session');
     $nonce = $session->get('eve_sso_nonce');
     $session->remove('eve_sso_nonce');
     if (!StringUtils::equals($nonce, $state)) {
         return $this->redirect($this->generateUrl('eve.register'));
     }
     $auth_request = $this->buildAuthRequest($code);
     try {
         $response = $this->tryRequest($auth_request);
         return $this->verifySSOResponse($response);
     } catch (\Exception $e) {
         $session->getFlashBag()->add('danger', 'There was a problem with your request<i>Try Again - if this persists - Submit an issue ticket using the link in the footer.</i></b>');
         return $this->redirect($this->generateUrl('eve.register'));
     }
 }
开发者ID:Remnant-Legion,项目名称:eau,代码行数:22,代码来源:EveSSOController.php

示例15: validateDigest

 protected function validateDigest($digest, $nonce, $created, $secret)
 {
     //        if (strtotime($created) > time()) {
     //            return false;
     //        }
     //        if (time() - strtotime($created) > 300) {
     //            return false;
     //        }
     //        if (file_exists($this->cacheDir . '/' . $nonce) && file_get_contents($this->cacheDir . '/' . $nonce) + 300 > time()) {
     //            throw new NonceExpiredException('Previously used nonce detected');
     //        }
     //        if (!is_dir($this->cacheDir)) {
     //            mkdir($this->cacheDir, 0777, true);
     //        }
     //        file_put_contents($this->cacheDir . '/' . $nonce, time());
     //        $expected = base64_encode(sha1(base64_decode($nonce) . $created . $secret, true));
     //        $expected = base64_encode(sha256($created . $secret, true));
     $expected = $secret;
     return StringUtils::equals($expected, $digest);
 }
开发者ID:vbessonov,项目名称:fsrapi,代码行数:20,代码来源:WsseProvider.php


注:本文中的Symfony\Component\Security\Core\Util\StringUtils::equals方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。