2013-06-07 17:28:06 +02:00
|
|
|
<?php
|
2013-06-10 17:03:01 +02:00
|
|
|
// {{{ICINGA_LICENSE_HEADER}}}
|
|
|
|
// {{{ICINGA_LICENSE_HEADER}}}
|
2013-06-07 17:28:06 +02:00
|
|
|
|
|
|
|
namespace Icinga\Authentication;
|
|
|
|
|
|
|
|
use Icinga\Application\Logger as Logger;
|
|
|
|
|
2013-06-10 14:21:17 +02:00
|
|
|
/**
|
2013-06-11 13:53:42 +02:00
|
|
|
* Class PhpSession
|
|
|
|
*
|
|
|
|
* Standard PHP Session handling
|
|
|
|
* You have to call read() first in order to start the session. If
|
|
|
|
* no parameter is given to read, the session is closed immediately
|
|
|
|
* after reading the persisted variables, in order to avoid concurrent
|
|
|
|
* requests to be blocked. Otherwise, you can call write() (again with
|
|
|
|
* no parameter in order to auto-close it) to persist all values previously
|
|
|
|
* set with the set() method
|
|
|
|
*
|
|
|
|
* @package Icinga\Authentication
|
|
|
|
*/
|
2013-06-07 17:28:06 +02:00
|
|
|
class PhpSession extends Session
|
|
|
|
{
|
|
|
|
const SESSION_NAME = "Icinga2Web";
|
|
|
|
private $isOpen = false;
|
|
|
|
private $isFlushed = false;
|
|
|
|
|
|
|
|
private static $DEFAULT_COOKIEOPTIONS = array(
|
|
|
|
'use_trans_sid' => false,
|
|
|
|
'use_cookies' => true,
|
|
|
|
'cookie_httponly' => true,
|
|
|
|
'use_only_cookies' => true,
|
|
|
|
'hash_function' => true,
|
|
|
|
'hash_bits_per_character' => 5,
|
|
|
|
);
|
|
|
|
|
|
|
|
public function __construct(array $options = null)
|
|
|
|
{
|
|
|
|
if ($options !== null) {
|
2013-06-10 14:21:17 +02:00
|
|
|
$options = array_merge(PhpSession::$DEFAULT_COOKIEOPTIONS, $options);
|
|
|
|
} else {
|
|
|
|
$options = PhpSession::$DEFAULT_COOKIEOPTIONS;
|
2013-06-07 17:28:06 +02:00
|
|
|
}
|
|
|
|
foreach ($options as $sessionVar => $value) {
|
|
|
|
if (ini_set("session.".$sessionVar, $value) === false) {
|
2013-06-10 13:28:54 +02:00
|
|
|
Logger::warn(
|
|
|
|
"Could not set php.ini setting %s = %s. This might affect your sessions behaviour.",
|
|
|
|
$sessionVar,
|
|
|
|
$value
|
|
|
|
);
|
2013-06-07 17:28:06 +02:00
|
|
|
}
|
|
|
|
}
|
2013-06-24 18:46:45 +02:00
|
|
|
if (!is_writable(session_save_path())) {
|
|
|
|
throw new \Icinga\Exception\ConfigurationError("Can't save session");
|
|
|
|
}
|
2013-06-07 17:28:06 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
private function sessionCanBeChanged()
|
|
|
|
{
|
|
|
|
if ($this->isFlushed) {
|
|
|
|
Logger::error("Tried to work on a closed session, session changes will be ignored");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
private function sessionCanBeOpened()
|
|
|
|
{
|
|
|
|
if ($this->isOpen) {
|
|
|
|
Logger::warn("Tried to open a session more than once");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return $this->sessionCanBeChanged();
|
|
|
|
}
|
|
|
|
|
|
|
|
public function open()
|
|
|
|
{
|
|
|
|
if (!$this->sessionCanBeOpened()) {
|
|
|
|
return false;
|
|
|
|
}
|
2013-06-14 13:51:44 +02:00
|
|
|
|
2013-06-07 17:28:06 +02:00
|
|
|
session_name(PhpSession::SESSION_NAME);
|
2013-06-24 18:46:45 +02:00
|
|
|
session_start();
|
2013-06-07 17:28:06 +02:00
|
|
|
$this->isOpen = true;
|
|
|
|
$this->setAll($_SESSION);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
private function ensureOpen()
|
|
|
|
{
|
|
|
|
// try to open first
|
|
|
|
if (!$this->isOpen) {
|
|
|
|
if (!$this->open()) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function read($keepOpen = false)
|
|
|
|
{
|
2013-06-14 13:51:44 +02:00
|
|
|
if (!$this->ensureOpen()) {
|
2013-06-07 17:28:06 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
if ($keepOpen) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
$this->close();
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function write($keepOpen = false)
|
|
|
|
{
|
2013-06-14 13:51:44 +02:00
|
|
|
if (!$this->ensureOpen()) {
|
2013-06-07 17:28:06 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
foreach ($this->getAll() as $key => $value) {
|
|
|
|
$_SESSION[$key] = $value;
|
|
|
|
}
|
|
|
|
if ($keepOpen) {
|
2013-06-11 13:53:42 +02:00
|
|
|
return null;
|
2013-06-07 17:28:06 +02:00
|
|
|
}
|
|
|
|
$this->close();
|
2013-06-11 13:53:42 +02:00
|
|
|
|
|
|
|
return null;
|
2013-06-07 17:28:06 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
public function close()
|
|
|
|
{
|
|
|
|
if (!$this->isFlushed) {
|
|
|
|
session_write_close();
|
|
|
|
}
|
|
|
|
$this->isFlushed = true;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function purge()
|
|
|
|
{
|
2013-06-24 18:46:45 +02:00
|
|
|
if ($this->ensureOpen()) {
|
2013-06-10 14:21:17 +02:00
|
|
|
$_SESSION = array();
|
2013-06-07 17:28:06 +02:00
|
|
|
session_destroy();
|
2013-06-10 14:21:17 +02:00
|
|
|
$this->clearCookies();
|
2013-06-24 18:46:45 +02:00
|
|
|
$this->close();
|
2013-06-07 17:28:06 +02:00
|
|
|
}
|
|
|
|
}
|
2013-06-10 14:21:17 +02:00
|
|
|
|
|
|
|
private function clearCookies()
|
|
|
|
{
|
|
|
|
if (ini_get("session.use_cookies")) {
|
2013-06-24 18:46:45 +02:00
|
|
|
Logger::debug("Clearing cookies");
|
2013-06-10 14:21:17 +02:00
|
|
|
$params = session_get_cookie_params();
|
|
|
|
setcookie(
|
|
|
|
session_name(),
|
|
|
|
'',
|
|
|
|
time() - 42000,
|
|
|
|
$params["path"],
|
|
|
|
$params["domain"],
|
|
|
|
$params["secure"],
|
|
|
|
$params["httponly"]
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
2013-06-07 17:28:06 +02:00
|
|
|
}
|