summaryrefslogtreecommitdiff
path: root/backend
authorGiulio Cesare Solaroli <giulio.cesare@clipperz.com>2011-10-04 23:24:50 (UTC)
committer Giulio Cesare Solaroli <giulio.cesare@clipperz.com>2011-10-04 23:24:50 (UTC)
commit3065be1b71e4c40428cfa192de560c970ba7f8b3 (patch) (side-by-side diff)
treebd030652e7c1e1556125beeaf7f18e174ab79385 /backend
parentc53c209c9b1e86f375aea9262fdb3170cae61ebc (diff)
parentbf22713a7251a2b32700a67456a086a283dbe33a (diff)
downloadclipperz-3065be1b71e4c40428cfa192de560c970ba7f8b3.zip
clipperz-3065be1b71e4c40428cfa192de560c970ba7f8b3.tar.gz
clipperz-3065be1b71e4c40428cfa192de560c970ba7f8b3.tar.bz2
Merge branch 'timeout'
Diffstat (limited to 'backend') (more/less context) (ignore whitespace changes)
-rw-r--r--backend/php/src/index.php7
1 files changed, 5 insertions, 2 deletions
diff --git a/backend/php/src/index.php b/backend/php/src/index.php
index eb3d75a..58c10a9 100644
--- a/backend/php/src/index.php
+++ b/backend/php/src/index.php
@@ -340,405 +340,408 @@ error_log("oneTimePassword");
if ($currentOtp->GetOnetimepasswordstatus()->code == "ACTIVE") {
if ($currentOtp->key_checksum == $parameters["parameters"]["oneTimePasswordKeyChecksum"]) {
$_SESSION["userId"] = $currentOtp->GetUser()->userId;
$_SESSION["otpId"] = $currentOtp->onetimepasswordId;
$result["data"] = $currentOtp->data;
$result["version"] = $currentOtp->version;
resetOTP($currentOtp, "REQUESTED");
} else {
resetOTP($currentOtp, "DISABLED");
throw new Exception("The requested One Time Password has been disabled, due to a wrong keyChecksum");
}
} else {
throw new Exception("The requested One Time Password was not active");
}
} else {
throw new Exception("The requested One Time Password has not been found");
}
//=============================================================
}
break;
case "message":
error_log("message");
if ($parameters["srpSharedSecret"] == $_SESSION["K"]) {
$message = $parameters["message"];
//=============================================================
if ($message == "getUserDetails") {
//{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}}
$user = new user();
$user = $user->Get($_SESSION["userId"]);
$result["header"] = $user->header;
$result["statistics"] = $user->statistics;
$result["version"] = $user->version;
//=============================================================
} else if ($message == "addNewRecords") {
/*
//{
// "message":"addNewRecords",
// "srpSharedSecret":"b58fdf62acebbcb67f63d28c0437f166069f45690c648cd4376a792ae7a325f7",
// "parameters":{
// "records":[
// {
// "record":{
// "reference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610",
// "data":"OBSGtcb6blXq/xaYG.....4EqlQqgAvITN",
// "version":"0.3"
// },
// "currentRecordVersion":{
// "reference":"83ad301525c18f2afd72b6ac82c0a713382e1ef70ac69935ca7e2869dd4ff980",
// "recordReference":"fda703707fee1fff42443124cd0e705f5bea0ac601758d81b2e832705339a610",
// "data":"NXJ5jiZhkd0CMiwwntAq....1TjjF+SGfE=",
// "version":"0.3",
// "previousVersion":"3e174a86afc322271d8af28bc062b0f1bfd7344fad01212cd08b2757c4b199c4",
// "previousVersionKey":"kozaaGCzXWr71LbOKu6Z3nz520V..5U85tSBvb+u44twttv54Kw=="
// }
// }
// ],
// "user":{
// "header":"{\"reco...ersion\":\"0.1\"}",
// "statistics":"rKI6nR6iqggygQJ3SQ58bFUX",
// "version":"0.3",
// "lock":"----"
// }
// }
//}
*/
$user = new user();
$record = new record();
$recordVersion = new recordversion();
$user = $user->Get($_SESSION["userId"]);
updateUserData($parameters["parameters"]["user"], $user);
$recordParameterList = $parameters["parameters"]["records"];
$c = count($recordParameterList);
for ($i=0; $i<$c; $i++) {
updateRecordData($recordParameterList[$i], $record, $recordVersion);
$record->SaveNew();
$recordVersion->SaveNew();
$record->AddRecordversion($recordVersion);
$user->AddRecord($record);
$record->Save();
$recordVersion->Save();
}
$user->Save();
$result["lock"] = $user->lock;
$result["result"] = "done";
//=============================================================
} else if ($message == "getRecordDetail") {
//{
// "message":"getRecordDetail",
// "srpSharedSecret":"4c00dcb66a9f2aea41a87e4707c526874e2eb29cc72d2c7086837e53d6bf2dfe",
// "parameters":{
// "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50"
// }
//}
//
// result = {
// currentVersion:{
// reference:"88943d709c3ea2442d4f58eaaec6409276037e5a37e0a6d167b9dad9e947e854",
// accessDate:"Wed, 13 February 2008 14:25:12 UTC",
// creationDate:"Tue, 17 April 2007 17:17:52 UTC",
// version:"0.2",
// data:"xI3WXddQLFtL......EGyKnnAVik",
// updateDate:"Tue, 17 April 2007 17:17:52 UTC",
// header:"####"
// }
// reference:"13a5e52976337ab210903cd04872588e1b21fb72bc183e91aa25c494b8138551",
// oldestUsedEncryptedVersion:"0.2",
// accessDate:"Wed, 13 February 2008 14:25:12 UTC",
// creationDate:"Wed, 14 March 2007 13:53:11 UTC",
// version:"0.2",
// updatedDate:"Tue, 17 April 2007 17:17:52 UTC",
// data:"0/BjzyY6jeh71h...pAw2++NEyylGhMC5C5f5m8pBApYziN84s4O3JQ3khW/1UttQl4="
// }
$record = new record();
$recordList = $record->GetList(array(array("reference", "=", $parameters["parameters"]["reference"])));
$currentRecord = $recordList[0];
$currentRecordVersions = $currentRecord->GetRecordversionList();
$currentVersion = $currentRecordVersions[0];
$result["currentVersion"] = array();
$result["currentVersion"]["reference"] = $currentVersion->reference;
$result["currentVersion"]["data"] = $currentVersion->data;
$result["currentVersion"]["header"] = $currentVersion->header;
$result["currentVersion"]["version"] = $currentVersion->version;
$result["currentVersion"]["creationDate"] = $currentVersion->creation_date;
$result["currentVersion"]["updateDate"] = $currentVersion->update_date;
$result["currentVersion"]["accessDate"] = $currentVersion->access_date;
$result["reference"] = $currentRecord->reference;
$result["data"] = $currentRecord->data;
$result["version"] = $currentRecord->version;
$result["creationDate"] = $currentRecord->creation_date;
$result["updateDate"] = $currentRecord->update_date;
$result["accessDate"] = $currentRecord->access_date;
$result["oldestUsedEncryptedVersion"] = "---";
//=============================================================
} else if ($message == "updateData") {
//{
// "message":"updateData",
// "srpSharedSecret":"4e4aadb1d64513ec4dd42f5e8d5b2d4363de75e4424b6bcf178c9d6a246356c5",
// "parameters":{
// "records":[
// {
// "record":{
// "reference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50",
// "data":"8hgR0Z+JDrUa812polDJ....JnZUKXNEqKI",
// "version":"0.3"
// },
// "currentRecordVersion":{
// "reference":"b1d82aeb9a0c4f6584bea68ba80839f43dd6ede79791549e29a1860554b144ee",
// "recordReference":"740009737139a189cfa2b1019a6271aaa39467b59e259706564b642ff3838d50",
// "data":"2d/UgKxxV+kBPV9GRUE.....VGonDoW0tqefxOJo=",
// "version":"0.3",
// "previousVersion":"55904195249037394316d3be3f5e78f08073170103bf0e7ab49a911c159cb0be",
// "previousVersionKey":"YWiaZeMIVHaIl96OWW+2e8....6d6nHbn6cr2NA/dbQRuC2w=="
// }
// }
// ],
// "user":{
// "header":"{\"rec.....sion\":\"0.1\"}",
// "statistics":"tt3uU9hWBy8rNnMckgCnxMJh",
// "version":"0.3",
// "lock":"----"
// }
// }
//}
$user = new user();
$user = $user->Get($_SESSION["userId"]);
updateUserData($parameters["parameters"]["user"], $user);
$user->Save();
$recordParameterList = $parameters["parameters"]["records"];
$c = count($recordParameterList);
for ($i=0; $i<$c; $i++) {
$recordList = $user->GetRecordList(array(array("reference", "=", $recordParameterList[$i]["record"]["reference"])));
$currentRecord = $recordList[0];
$currentRecordVersions = $currentRecord->GetRecordversionList();
$currentVersion = $currentRecordVersions[0];
updateRecordData($recordParameterList[$i], $currentRecord, $currentVersion);
$currentRecord->Save();
$currentVersion->Save();
}
$result["lock"] = $user->lock;
$result["result"] = "done";
//=============================================================
} else if ($message == "deleteRecords") {
//{
// "message":"deleteRecords",
// "srpSharedSecret":"4a64982f7ee366954ec50b9efea62a902a097ef111410c2aa7c4d5343bd1cdd1",
// "parameters":{
// "recordReferences":["46494c81d10b80ab190d41e6806ef63869cfcc7a0ab8fe98cc3f93de4729bb9a"],
// "user":{
// "header":"{\"rec...rsion\":\"0.1\"}",
// "statistics":"44kOOda0xYZjbcugJBdagBQx",
// "version":"0.3",
// "lock":"----"
// }
// }
//}
$user = new user();
$user = $user->Get($_SESSION["userId"]);
$recordReferenceList = $parameters["parameters"]["recordReferences"];
$recordList = array();
$c = count($recordReferenceList);
for ($i=0; $i<$c; $i++) {
array_push($recordList, array("reference", "=", $recordReferenceList[$i]));
}
$record = new record();
$record->DeleteList($recordList, true);
updateUserData($parameters["parameters"]["user"], $user);
$user->Save();
$result["recordList"] = $recordList;
$result["lock"] = $user->lock;
$result["result"] = "done";
//=============================================================
} else if ($message == "deleteUser") {
//{"message":"deleteUser", "srpSharedSecret":"e8e4ca6544dca49c95b3647d8358ad54c317048b74d2ac187ac25f719c9bac58", "parameters":{}}
$user = new user();
$user->Get($_SESSION["userId"]);
$user->Delete(true);
$result["result"] = "ok";
//=============================================================
} else if ($message == "addNewOneTimePassword") {
//{
// "message":"addNewOneTimePassword",
// "srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb",
// "parameters":{
// "user":{
// "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}",
// "statistics":"rrlwNbDt83rpWT4S72upiVsC",
// "version":"0.3",
// "lock":"----"
// },
// "oneTimePassword":{
// "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c",
// "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03",
// "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486",
// "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==",
// "version":"0.3"
// }
// }
//}
fixOTPStatusTable();
$user = new user();
$user = $user->Get($_SESSION["userId"]);
$otp = new onetimepassword();
updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE");
$user->AddOnetimepassword($otp);
updateUserData($parameters["parameters"]["user"], $user);
$user->Save();
$result["lock"] = $user->lock;
$result["result"] = "done";
//=============================================================
} else if ($message == "updateOneTimePasswords") {
//{
// "message":"updateOneTimePasswords",
// "srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27",
// "parameters":{
// "user":{
// "header":"{\"reco...sion\":\"0.1\"}",
// "statistics":"UeRq75RZHzDC7elzrh/+OB5d",
// "version":"0.3",
// "lock":"----"
// },
// "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"]
// }
//}
$user = new user();
$user = $user->Get($_SESSION["userId"]);
$validOtpReferences = $parameters["parameters"]["oneTimePasswords"];
$otpList = $user->GetOnetimepasswordList();
$c = count($otpList);
for ($i=0; $i<$c; $i++) {
$currentOtp = $otpList[$i];
if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) {
$currentOtp->Delete();
}
}
updateUserData($parameters["parameters"]["user"], $user);
$user->Save();
$result["result"] = $user->lock;
//=============================================================
} else if ($message == "getOneTimePasswordsDetails") {
//=============================================================
} else if ($message == "getLoginHistory") {
$result["result"] = array();
//=============================================================
} else if ($message == "upgradeUserCredentials") {
//{
// "message":"upgradeUserCredentials",
// "srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735",
// "parameters":{
// "user":{
// "header":"{\"reco...sion\":\"0.1\"}",
// "statistics":"s72Xva+w7CLgH+ihwqwXUbyu",
// "version":"0.3",
// "lock":"----"
// },
// "credentials":{
// "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d",
// "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636",
// "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece",
// "version":"0.2"
// },
// "oneTimePasswords":{
// "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==",
// "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q=="
// }
// }
//}
$user = new user();
$user->Get($_SESSION["userId"]);
$otp = new onetimepassword();
updateUserCredentials($parameters["parameters"]["credentials"], $user);
updateUserData($parameters["parameters"]["user"], $user);
$otpList = $parameters["parameters"]["oneTimePasswords"];
foreach($otpList as $otpReference=>$otpData) {
$otpList = $otp->GetList(array(array("reference", "=", $otpReference)));
$currentOtp = $otpList[0];
$currentOtp->data = $otpData;
$currentOtp->Save();
}
$user->Save();
$result["lock"] = $user->lock;
$result["result"] = "done";
//=============================================================
} else if ($message == "echo") {
$result["result"] = $parameters;
}
//=============================================================
- } else {
+ } else if (isset($_SESSION['K'])) {
$result["error"] = "Wrong shared secret!";
+ } else {
+ $result["result"] = "EXCEPTION";
+ $result["message"] = "Trying to communicate without an active connection";
}
break;
case "logout":
error_log("logout");
session_destroy();
break;
default:
error_log("default");
$result["result"] = $parameters;
break;
}
session_write_close();
echo(json_encode($result));
error_log("result: ".json_encode($result));
-?> \ No newline at end of file
+?>