icingaweb2/library/Icinga/Web/Form/Validator/TokenValidator.php

72 lines
2.0 KiB
PHP
Raw Normal View History

2014-09-10 14:52:34 +02:00
<?php
// {{{ICINGA_LICENSE_HEADER}}}
// {{{ICINGA_LICENSE_HEADER}}}
namespace Icinga\Web\Form\Validator;
use Zend_Validate_Abstract;
/**
* Validator that checks if a token matches with the contents of a corresponding token-file
*/
class TokenValidator extends Zend_Validate_Abstract
{
/**
* The path to the token file
*
* @var string
*/
protected $tokenPath;
/**
* Create a new TokenValidator
*
* @param string $tokenPath The path to the token-file
*/
public function __construct($tokenPath)
{
$this->tokenPath = $tokenPath;
$this->_messageTemplates = array(
'TOKEN_FILE_NOT_FOUND' => t('Cannot validate token, file could not be opened or does not exist.'),
'TOKEN_FILE_EMPTY' => t('Cannot validate token, file is empty. Please define a token.'),
'TOKEN_FILE_PUBLIC' => t('Cannot validate token, file is publicly readable.'),
'TOKEN_INVALID' => t('Invalid token supplied.')
);
}
/**
* Validate the given token with the one in the token-file
*
* @param string $value The token to validate
* @param null $context The form context (ignored)
*
* @return bool
*/
public function isValid($value, $context = null)
{
2014-09-29 11:24:59 +02:00
$tokenStats = @stat($this->tokenPath);
2014-09-10 14:52:34 +02:00
if (($tokenStats['mode'] & 4) === 4) {
$this->_error('TOKEN_FILE_PUBLIC');
return false;
}
$expectedToken = @file_get_contents($this->tokenPath);
if ($expectedToken === false) {
$this->_error('TOKEN_FILE_NOT_FOUND');
return false;
}
$expectedToken = trim($expectedToken);
if (empty($expectedToken)) {
$this->_error('TOKEN_FILE_EMPTY');
return false;
} elseif ($value !== $expectedToken) {
$this->_error('TOKEN_INVALID');
return false;
}
return true;
}
}