Alternc  latest
Alternc logiel libre pour l'h├ębergement
 All Classes Namespaces Files Functions Variables Pages
Alternc_Api_Auth_Sharedsecret Class Reference

Authentication API used by server to authenticate a user using a SHARED SECRET (ApiKey) More...

+ Inheritance diagram for Alternc_Api_Auth_Sharedsecret:

Public Member Functions

 __construct ($service)
 Constructor of the Shared Secret Api Auth. More...
 
 auth ($options)
 Authenticate a user. More...
 
 instructions ()
 instructions on how to use this Auth class More...
 

Public Attributes

const ERR_INVALID_ARGUMENT = 1111801
 
const ERR_INVALID_SECRET = 1111802
 
const ERR_INVALID_LOGIN = 1111803
 
const ERR_DISABLED_ACCOUNT = 1111804
 
const ERR_INVALID_AUTH = 1111805
 

Private Attributes

 $db
 

Detailed Description

Authentication API used by server to authenticate a user using a SHARED SECRET (ApiKey)

Definition at line 7 of file Sharedsecret.php.

Constructor & Destructor Documentation

Alternc_Api_Auth_Sharedsecret::__construct (   $service)

Constructor of the Shared Secret Api Auth.

Parameters
$servicean Alternc_Api_Service object
Returns
create the object

Implements Alternc_Api_Auth_Interface.

Definition at line 23 of file Sharedsecret.php.

References ERR_INVALID_ARGUMENT.

23  {
24 
25  if (!($service instanceof Alternc_Api_Service))
26  throw new \Exception("Invalid argument (service)", ERR_INVALID_ARGUMENT);
27 
28  $this->db = $service->getDb();
29  }
Service API used by server to export API methods this class can be used to implement an API service /...
Definition: Service.php:11

Member Function Documentation

Alternc_Api_Auth_Sharedsecret::auth (   $options)

Authenticate a user.

Parameters
$optionsoptions, depending on the auth scheme, including uid for setuid users here, login is the alternc username, and secret is a valid shared secret for this user.
Returns
an Alternc_Api_Token

Implements Alternc_Api_Auth_Interface.

Definition at line 38 of file Sharedsecret.php.

References Alternc_Api_Token\tokenGenerate().

38  {
39 
40  if (!isset($options["login"]) || !is_string($options["login"])) {
41  throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT);
42  }
43  if (!isset($options["secret"]) || !is_string($options["secret"])) {
44  throw new \Exception("Missing required parameter secret", self::ERR_INVALID_ARGUMENT);
45  }
46  if (!preg_match("#^[0-9a-zA-Z]{32}$#", $options["secret"])) {
47  return new Alternc_Api_Response(array("code" => self::ERR_INVALID_SECRET, "message" => "Invalid shared secret syntax"));
48  }
49 
50  if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#", $options["login"])) { // FIXME : normalize this on AlternC !!!
51  return new Alternc_Api_Response(array("code" => self::ERR_INVALID_LOGIN, "message" => "Invalid login"));
52  }
53 
54  $stmt = $this->db->prepare("SELECT m.enabled,m.uid,m.login,m.su FROM membres m, sharedsecret s WHERE s.uid=m.uid AND m.login=? AND s.secret=?;");
55  $stmt->execute(array($options["login"], $options["secret"]));
56  $me = $stmt->fetch(PDO::FETCH_OBJ);
57  if (!$me)
58  return new Alternc_Api_Response(array("code" => self::ERR_INVALID_AUTH, "message" => "Invalid shared secret"));
59  if (!$me->enabled)
60  return new Alternc_Api_Response(array("code" => self::ERR_DISABLED_ACCOUNT, "message" => "Account is disabled"));
61 
63  array("uid" => (int) $me->uid, "isAdmin" => ($me->su != 0)), $this->db
64  );
65  }
static tokenGenerate($options, $db)
Create a new token in the DB for the associated user/admin.
Definition: Token.php:75
Standard Response object for the AlternC API.
Definition: Response.php:7
Alternc_Api_Auth_Sharedsecret::instructions ( )

instructions on how to use this Auth class

Returns
array("fields" => array("fields to send, required or not"), "description" => "description of this auth")

Implements Alternc_Api_Auth_Interface.

Definition at line 71 of file Sharedsecret.php.

71  {
72  return array("fields" => array("login" => "AlternC user account", "secret" => "API Key, Shared secrets, valid for this account, stored in sharedsecret table."),
73  "description" => "Authenticate against an Api Key, also called SharedSecret. distinct from the account's password, can be plenty and revoked independently"
74  );
75  }

Member Data Documentation

Alternc_Api_Auth_Sharedsecret::$db
private

Definition at line 9 of file Sharedsecret.php.

const Alternc_Api_Auth_Sharedsecret::ERR_DISABLED_ACCOUNT = 1111804

Definition at line 14 of file Sharedsecret.php.

const Alternc_Api_Auth_Sharedsecret::ERR_INVALID_ARGUMENT = 1111801

Definition at line 11 of file Sharedsecret.php.

Referenced by __construct().

const Alternc_Api_Auth_Sharedsecret::ERR_INVALID_AUTH = 1111805

Definition at line 15 of file Sharedsecret.php.

const Alternc_Api_Auth_Sharedsecret::ERR_INVALID_LOGIN = 1111803

Definition at line 13 of file Sharedsecret.php.

const Alternc_Api_Auth_Sharedsecret::ERR_INVALID_SECRET = 1111802

Definition at line 12 of file Sharedsecret.php.


The documentation for this class was generated from the following file: