218 lines
5.1 KiB
PHP
218 lines
5.1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
/**
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
|
*
|
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
|
* @author Joas Schilling <coding@schilljs.com>
|
|
* @author Lukas Reschke <lukas@statuscode.ch>
|
|
* @author Morris Jobke <hey@morrisjobke.de>
|
|
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
|
* @author Victor Dubiniuk <dubiniuk@owncloud.com>
|
|
*
|
|
* @license AGPL-3.0
|
|
*
|
|
* This code is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
* as published by the Free Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Affero General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
|
*
|
|
*/
|
|
|
|
namespace OC\Session;
|
|
|
|
use OCP\ISession;
|
|
use OCP\Security\ICrypto;
|
|
use OCP\Session\Exceptions\SessionNotAvailableException;
|
|
|
|
/**
|
|
* Class CryptoSessionData
|
|
*
|
|
* @package OC\Session
|
|
*/
|
|
class CryptoSessionData implements \ArrayAccess, ISession {
|
|
/** @var ISession */
|
|
protected $session;
|
|
/** @var \OCP\Security\ICrypto */
|
|
protected $crypto;
|
|
/** @var string */
|
|
protected $passphrase;
|
|
/** @var array */
|
|
protected $sessionValues;
|
|
/** @var bool */
|
|
protected $isModified = false;
|
|
public const encryptedSessionName = 'encrypted_session_data';
|
|
|
|
/**
|
|
* @param ISession $session
|
|
* @param ICrypto $crypto
|
|
* @param string $passphrase
|
|
*/
|
|
public function __construct(ISession $session,
|
|
ICrypto $crypto,
|
|
string $passphrase) {
|
|
$this->crypto = $crypto;
|
|
$this->session = $session;
|
|
$this->passphrase = $passphrase;
|
|
$this->initializeSession();
|
|
}
|
|
|
|
/**
|
|
* Close session if class gets destructed
|
|
*/
|
|
public function __destruct() {
|
|
try {
|
|
$this->close();
|
|
} catch (SessionNotAvailableException $e) {
|
|
// This exception can occur if session is already closed
|
|
// So it is safe to ignore it and let the garbage collector to proceed
|
|
}
|
|
}
|
|
|
|
protected function initializeSession() {
|
|
$encryptedSessionData = $this->session->get(self::encryptedSessionName) ?: '';
|
|
try {
|
|
$this->sessionValues = json_decode(
|
|
$this->crypto->decrypt($encryptedSessionData, $this->passphrase),
|
|
true
|
|
);
|
|
} catch (\Exception $e) {
|
|
$this->sessionValues = [];
|
|
$this->regenerateId(true, false);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Set a value in the session
|
|
*
|
|
* @param string $key
|
|
* @param mixed $value
|
|
*/
|
|
public function set(string $key, $value) {
|
|
$this->sessionValues[$key] = $value;
|
|
$this->isModified = true;
|
|
}
|
|
|
|
/**
|
|
* Get a value from the session
|
|
*
|
|
* @param string $key
|
|
* @return string|null Either the value or null
|
|
*/
|
|
public function get(string $key) {
|
|
if (isset($this->sessionValues[$key])) {
|
|
return $this->sessionValues[$key];
|
|
}
|
|
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* Check if a named key exists in the session
|
|
*
|
|
* @param string $key
|
|
* @return bool
|
|
*/
|
|
public function exists(string $key): bool {
|
|
return isset($this->sessionValues[$key]);
|
|
}
|
|
|
|
/**
|
|
* Remove a $key/$value pair from the session
|
|
*
|
|
* @param string $key
|
|
*/
|
|
public function remove(string $key) {
|
|
$this->isModified = true;
|
|
unset($this->sessionValues[$key]);
|
|
$this->session->remove(self::encryptedSessionName);
|
|
}
|
|
|
|
/**
|
|
* Reset and recreate the session
|
|
*/
|
|
public function clear() {
|
|
$requesttoken = $this->get('requesttoken');
|
|
$this->sessionValues = [];
|
|
if ($requesttoken !== null) {
|
|
$this->set('requesttoken', $requesttoken);
|
|
}
|
|
$this->isModified = true;
|
|
$this->session->clear();
|
|
}
|
|
|
|
/**
|
|
* Wrapper around session_regenerate_id
|
|
*
|
|
* @param bool $deleteOldSession Whether to delete the old associated session file or not.
|
|
* @param bool $updateToken Wheater to update the associated auth token
|
|
* @return void
|
|
*/
|
|
public function regenerateId(bool $deleteOldSession = true, bool $updateToken = false) {
|
|
$this->session->regenerateId($deleteOldSession, $updateToken);
|
|
}
|
|
|
|
/**
|
|
* Wrapper around session_id
|
|
*
|
|
* @return string
|
|
* @throws SessionNotAvailableException
|
|
* @since 9.1.0
|
|
*/
|
|
public function getId(): string {
|
|
return $this->session->getId();
|
|
}
|
|
|
|
/**
|
|
* Close the session and release the lock, also writes all changed data in batch
|
|
*/
|
|
public function close() {
|
|
if ($this->isModified) {
|
|
$encryptedValue = $this->crypto->encrypt(json_encode($this->sessionValues), $this->passphrase);
|
|
$this->session->set(self::encryptedSessionName, $encryptedValue);
|
|
$this->isModified = false;
|
|
}
|
|
$this->session->close();
|
|
}
|
|
|
|
/**
|
|
* @param mixed $offset
|
|
* @return bool
|
|
*/
|
|
public function offsetExists($offset): bool {
|
|
return $this->exists($offset);
|
|
}
|
|
|
|
/**
|
|
* @param mixed $offset
|
|
* @return mixed
|
|
*/
|
|
public function offsetGet($offset) {
|
|
return $this->get($offset);
|
|
}
|
|
|
|
/**
|
|
* @param mixed $offset
|
|
* @param mixed $value
|
|
*/
|
|
public function offsetSet($offset, $value) {
|
|
$this->set($offset, $value);
|
|
}
|
|
|
|
/**
|
|
* @param mixed $offset
|
|
*/
|
|
public function offsetUnset($offset) {
|
|
$this->remove($offset);
|
|
}
|
|
}
|