PHP Utility\Security類代碼示例

 /**
  * Authenticate users based on their JWT. This is inspired by
  * the method _findUser in admads JWT plugin
  *
  * @see https://github.com/ADmad/cakephp-jwt-auth/blob/master/src/Auth/JwtAuthenticate.php
  * @param string $token The token identifier.
  * @param mixed $extra Unused
  * @return array
  */
 public function processAuthenticate($token, $extra = null)
 {
     try {
         $token = JWT::decode($token, Security::salt(), Configure::read('Websockets.allowedAlgs'));
     } catch (Exception $e) {
         if (Configure::read('debug')) {
             throw $e;
         }
         return ["FAILURE"];
     }
     if ($token->id == 'server') {
         return ["SUCCESS", ["authid" => $token->id]];
     }
     $fields = Configure::read('Websockets.fields');
     $table = TableRegistry::get(Configure::read('Websockets.userModel'));
     $conditions = [$table->aliasField($fields['id']) => $token->id];
     if (!empty(Configure::read('Websockets.scope'))) {
         $conditions = array_merge($conditions, Configure::read('Websockets.scope'));
     }
     $result = $table->find('all')->where($conditions)->first();
     if (empty($result)) {
         return ["FAILURE"];
     }
     return ["SUCCESS", ["authid" => $result->id]];
 }

 /**
  * Initialize config data and properties.
  *
  * @param array $config The config data.
  * @return void
  */
 public function initialize(array $config)
 {
     if (!$this->_config['cypherKey']) {
         $this->config('cypherKey', Security::salt());
     }
     $this->Cookie->configKey($this->config('cookieName'), ['key' => $this->config('cypherKey'), 'expires' => $this->config('period')]);
 }

 /**
  * Get URL builder instance.
  *
  * @return \League\Urls\UrlBuilder URL builder instance.
  */
 public function urlBuilder()
 {
     if (!isset($this->_urlBuilder)) {
         $this->_urlBuilder = UrlBuilderFactory::create(Configure::read('Glide.serverConfig.base_url'), Configure::read('Glide.secureUrls') ? Security::salt() : null);
     }
     return $this->_urlBuilder;
 }

 /**
  * Index Login method  API URL  /api/login method: POST
  * @return json response
  */
 public function login()
 {
     try {
         $user = $this->Auth->identify();
         if ($user) {
             $user = $this->Users->get($user['id']);
             if (!$user) {
             }
         } else {
             throw new UnauthorizedException("Invalid login");
         }
         // Generate user Auth token
         $authentication = $this->Authentications->newEntity();
         $authentication->auth_token = Security::hash($user->id . $user->email, 'sha1', true);
         $authentication->user_id = $user->id;
         $authentication->ip = $this->request->clientIp();
         $this->Authentications->save($authentication);
         $this->Auth->setUser($user->toArray());
     } catch (UnauthorizedException $e) {
         throw new UnauthorizedException($e->getMessage(), 401);
     }
     $this->set('user', $this->Auth->user());
     $this->set('token', $authentication->auth_token);
     $this->set('_serialize', ['user', 'token']);
 }

 /**
  * Purge ConnectionManager configs.
  *
  * @return void
  */
 public static function tearDownAfterClass()
 {
     foreach (self::$datasources as $ds => $configs) {
         \Cake\Datasource\ConnectionManager::drop($ds);
     }
     \Cake\Utility\Security::salt('');
 }

 /**
  * Marshalls request data into PHP strings.
  *
  * @param mixed $value The value to convert.
  * @return mixed Converted value.
  */
 public function marshal($value)
 {
     if ($value === null) {
         return $value;
     }
     return base64_encode(Security::encrypt($value, Configure::read('Security.key')));
 }

 function ajax_login()
 {
     if ($this->request->is('ajax')) {
         $email = $this->request->data['email'];
         $password = Security::hash($this->request->data['password'], 'sha1', true);
         $user = $this->Users->find()->where(['email' => $email, 'password' => $password, 'status <>' => USER_STATUS_DELETED])->first();
         if ($user) {
             if ($user->status == USER_STATUS_ACTIVE) {
                 $user->auth_token = \Core::randomCode();
                 // if 'remember me' checked, save cookie
                 /*if(isset($this->request->data['User']['remember']))
                   {
                       $this->Cookie->write('CookieRemember', $user->auth_token, null, '30 days');
                   }
                   else
                   {
                       $this->Cookie->delete('CookieRemember');
                   }*/
                 if ($this->Users->save($user)) {
                     $this->request->session()->write('Core.Users', $user);
                     $this->ajax['status'] = AJAX_STATUS_SUCCESS;
                     $this->ajax['redirect'] = $this->request->webroot . 'admin/users/index';
                 }
             } else {
                 $this->ajax['status'] = AJAX_STATUS_ERROR;
                 $this->ajax['error'] = __('your account has been blocked');
             }
         } else {
             $this->ajax['status'] = AJAX_STATUS_ERROR;
             $this->ajax['error'] = __('invalid email or password');
         }
     }
 }

 /**
  * Callback for Routing.beforeDispatch event.
  *
  * @param \Cake\Event\Event $event The event instance.
  *
  * @return \Cake\Network\Response Response instance.
  */
 public function beforeDispatch(Event $event)
 {
     $request = $event->data['request'];
     $response = $event->data['response'];
     $path = urldecode($request->url);
     if (Configure::read('Glide.secureUrls')) {
         SignatureFactory::create(Security::salt())->validateRequest('/' . $path, $request->query);
     }
     $server = ServerFactory::create(Configure::read('Glide.serverConfig'));
     $cache = Configure::read('Glide.cache');
     if ($cache) {
         $timestamp = $server->getSource()->getTimestamp($server->getSourcePath($path));
         $response->modified($timestamp);
         if (!$response->checkNotModified($request)) {
             $response = $server->getImageResponse($path, $request->query);
         }
         $response->cache($timestamp, $cache);
     } else {
         $response = $server->getImageResponse($path, $request->query);
     }
     $headers = Hash::filter((array) Configure::read('Glide.headers'));
     foreach ($headers as $key => $value) {
         $response->header($key, $value);
     }
     return $response;
 }

 public function setContentsFile()
 {
     $this->__contentsFileSettings();
     foreach ($this->__contentsFileSettings['fields'] as $field => $field_setting) {
         $file_info = $this->{$field};
         if (!empty($file_info) && array_key_exists('error', $file_info) && $file_info['error'] != UPLOAD_ERR_NO_FILE) {
             $file_set = ['model' => $this->_registryAlias, 'model_id' => $this->id, 'field_name' => $field, 'file_name' => $file_info['name'], 'file_content_type' => $file_info['type'], 'file_size' => $file_info['size'], 'file_error' => $file_info['error']];
             //$file_infoにtmp_nameがいるときはtmpディレクトリへのファイルのコピーを行う
             if (!empty($file_info['tmp_name'])) {
                 $tmp_file_name = Security::hash(rand() . Time::now()->i18nFormat('YYYY/MM/dd HH:ii:ss') . $file_info['name']);
                 if ($this->__getExt($file_info['name']) !== null) {
                     $tmp_file_name .= '.' . $this->__getExt($file_info['name']);
                 }
                 if (!copy($file_info['tmp_name'], $field_setting['cacheTempDir'] . $tmp_file_name)) {
                     //エラー
                 }
                 $file_set['tmp_file_name'] = $tmp_file_name;
             }
             //これを殘して次に引き渡したくないので
             unset($this->{$field});
             $this->{'contents_file_' . $field} = $file_set;
         }
     }
     return $this;
 }

 /**
  * setUp
  *
  * @return void
  */
 public function setUp()
 {
     parent::setUp();
     Security::salt('12345678901234567890123456789012345678901');
     $this->controller = new Controller(new Request(), new Response());
     $this->controller->loadComponent('Cookie');
     $this->controller->loadComponent('Auth');
 }

 public function beforeSave(Event $event)
 {
     $entity = $event->data['entity'];
     if ($entity->isNew()) {
         $entity->api_key = Security::hash(Text::uuid());
     }
     return true;
 }

 /**
  * Test marshalling
  *
  * @return void
  */
 public function testMarshal()
 {
     $this->assertNull($this->type->marshal(null));
     $encrypted = $this->type->marshal('string');
     $this->assertSame(128, strlen($encrypted));
     $decrypted = Security::decrypt(base64_decode($encrypted), Configure::read('Security.key'));
     $this->assertSame('string', $decrypted);
 }

 public function token()
 {
     $user = $this->Auth->identify();
     if (!$user) {
         throw new UnauthorizedException('Invalid username or password');
     }
     $this->set(['success' => true, 'data' => ['token' => $token = \JWT::encode(['id' => $user['id'], 'exp' => time() + 604800], Security::salt())], '_serialize' => ['success', 'data']]);
 }

 /**
  * Get the boundary marker
  *
  * @return string
  */
 public function boundary()
 {
     if ($this->_boundary) {
         return $this->_boundary;
     }
     $this->_boundary = md5(Security::randomBytes(16));
     return $this->_boundary;
 }

 /**
  * Signs the url with a salted hash
  *
  * @throws \RuntimeException
  * @param array $options
  * @return string
  */
 public function hash($options)
 {
     $mediaSalt = Configure::read('Imagine.salt');
     if (empty($mediaSalt)) {
         throw new \RuntimeException(__d('imagine', 'Please configure {0} using {1}', 'Imagine.salt', 'Configure::write(\'Imagine.salt\', \'YOUR-SALT-VALUE\')'));
     }
     ksort($options);
     return urlencode(Security::hash(serialize($options) . $mediaSalt));
 }