2014-09-10 14:52:34 +02:00
|
|
|
<?php
|
|
|
|
// {{{ICINGA_LICENSE_HEADER}}}
|
|
|
|
// {{{ICINGA_LICENSE_HEADER}}}
|
|
|
|
|
|
|
|
namespace Icinga\Web\Form\Validator;
|
|
|
|
|
|
|
|
use Zend_Validate_Abstract;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Validator that checks if a token matches with the contents of a corresponding token-file
|
|
|
|
*/
|
|
|
|
class TokenValidator extends Zend_Validate_Abstract
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* The path to the token file
|
|
|
|
*
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
protected $tokenPath;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Create a new TokenValidator
|
|
|
|
*
|
|
|
|
* @param string $tokenPath The path to the token-file
|
|
|
|
*/
|
|
|
|
public function __construct($tokenPath)
|
|
|
|
{
|
|
|
|
$this->tokenPath = $tokenPath;
|
|
|
|
$this->_messageTemplates = array(
|
|
|
|
'TOKEN_FILE_NOT_FOUND' => t('Cannot validate token, file could not be opened or does not exist.'),
|
|
|
|
'TOKEN_FILE_EMPTY' => t('Cannot validate token, file is empty. Please define a token.'),
|
|
|
|
'TOKEN_FILE_PUBLIC' => t('Cannot validate token, file is publicly readable.'),
|
|
|
|
'TOKEN_INVALID' => t('Invalid token supplied.')
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Validate the given token with the one in the token-file
|
|
|
|
*
|
|
|
|
* @param string $value The token to validate
|
|
|
|
* @param null $context The form context (ignored)
|
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function isValid($value, $context = null)
|
|
|
|
{
|
2014-09-29 11:24:59 +02:00
|
|
|
$tokenStats = @stat($this->tokenPath);
|
2014-09-10 14:52:34 +02:00
|
|
|
if (($tokenStats['mode'] & 4) === 4) {
|
|
|
|
$this->_error('TOKEN_FILE_PUBLIC');
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
$expectedToken = @file_get_contents($this->tokenPath);
|
|
|
|
if ($expectedToken === false) {
|
|
|
|
$this->_error('TOKEN_FILE_NOT_FOUND');
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
$expectedToken = trim($expectedToken);
|
|
|
|
if (empty($expectedToken)) {
|
|
|
|
$this->_error('TOKEN_FILE_EMPTY');
|
|
|
|
return false;
|
|
|
|
} elseif ($value !== $expectedToken) {
|
|
|
|
$this->_error('TOKEN_INVALID');
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|