From c7727879678639da30e06a4d4403eff6371e54a1 Mon Sep 17 00:00:00 2001
From: Johannes Meyer <johannes.meyer@netways.de>
Date: Wed, 10 Sep 2014 14:52:34 +0200
Subject: [PATCH] Re-add TokenValidator

refs #7163
---
 .../Web/Form/Validator/TokenValidator.php     | 71 +++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100644 library/Icinga/Web/Form/Validator/TokenValidator.php

diff --git a/library/Icinga/Web/Form/Validator/TokenValidator.php b/library/Icinga/Web/Form/Validator/TokenValidator.php
new file mode 100644
index 000000000..eb07d5438
--- /dev/null
+++ b/library/Icinga/Web/Form/Validator/TokenValidator.php
@@ -0,0 +1,71 @@
+<?php
+// {{{ICINGA_LICENSE_HEADER}}}
+// {{{ICINGA_LICENSE_HEADER}}}
+
+namespace Icinga\Web\Form\Validator;
+
+use Zend_Validate_Abstract;
+
+/**
+ * Validator that checks if a token matches with the contents of a corresponding token-file
+ */
+class TokenValidator extends Zend_Validate_Abstract
+{
+    /**
+     * The path to the token file
+     *
+     * @var string
+     */
+    protected $tokenPath;
+
+    /**
+     * Create a new TokenValidator
+     *
+     * @param   string      $tokenPath      The path to the token-file
+     */
+    public function __construct($tokenPath)
+    {
+        $this->tokenPath = $tokenPath;
+        $this->_messageTemplates = array(
+            'TOKEN_FILE_NOT_FOUND'  => t('Cannot validate token, file could not be opened or does not exist.'),
+            'TOKEN_FILE_EMPTY'      => t('Cannot validate token, file is empty. Please define a token.'),
+            'TOKEN_FILE_PUBLIC'     => t('Cannot validate token, file is publicly readable.'),
+            'TOKEN_INVALID'         => t('Invalid token supplied.')
+        );
+    }
+
+    /**
+     * Validate the given token with the one in the token-file
+     *
+     * @param   string  $value      The token to validate
+     * @param   null    $context    The form context (ignored)
+     *
+     * @return  bool
+     */
+    public function isValid($value, $context = null)
+    {
+        $tokenStats = stat($this->tokenPath);
+        if (($tokenStats['mode'] & 4) === 4) {
+            $this->_error('TOKEN_FILE_PUBLIC');
+            return false;
+        }
+
+        $expectedToken = @file_get_contents($this->tokenPath);
+        if ($expectedToken === false) {
+            $this->_error('TOKEN_FILE_NOT_FOUND');
+            return false;
+        }
+
+        $expectedToken = trim($expectedToken);
+        if (empty($expectedToken)) {
+            $this->_error('TOKEN_FILE_EMPTY');
+            return false;
+        } elseif ($value !== $expectedToken) {
+            $this->_error('TOKEN_INVALID');
+            return false;
+        }
+
+        return true;
+    }
+}
+