Class Horde_Token_Base
The Horde_Token_Base:: class provides a common abstracted interface for
a token implementation.
Copyright 2010-2012 Horde LLC (http://www.horde.org/)
See the enclosed file COPYING for license information (LGPL). If you
did not receive this file, see http://www.horde.org/licenses/lgpl21.
Methods summary
public
|
#
__construct( array $params )
Constructor.
Parameters
- $params
- <p>Required parameters:
- secret (string): The secret string used for signing tokens.
Optional parameters:
- token_lifetime (integer): The number of seconds after which tokens
time out. Negative numbers represent "no
timeout". The default is "-1".
- timeout (integer): The period (in seconds) after which an id is purged.
DEFAULT: 86400 (24 hours)</p>
|
public
boolean
|
#
verify( string $token )
Checks if the given token has been previously used. First
purges all expired tokens. Then retrieves current tokens for
the given ip address. If the specified token was not found,
adds it.
Checks if the given token has been previously used. First
purges all expired tokens. Then retrieves current tokens for
the given ip address. If the specified token was not found,
adds it.
Parameters
- $token
- The value of the token to check.
Returns
boolean
True if the token has not been used, false otherwise.
Throws
|
abstract public
boolean
|
#
exists( string $tokenID )
Does the token exist?
Parameters
Returns
boolean
True if the token exists.
Throws
|
abstract public
|
#
add( string $tokenID )
Add a token ID.
Parameters
- $tokenID
- Token ID to add.
Throws
|
abstract public
|
#
purge( )
Delete all expired connection IDs.
Delete all expired connection IDs.
Throws
|
public
string
|
#
get( string $seed = '' )
Return a new signed token.
Return a new signed token.
Parameters
- $seed
- A unique ID to be included in the token.
Returns
string
The new token.
|
public
boolean
|
#
isValid( string $token, string $seed = '', integer $timeout = null, boolean $unique = false )
Validate a signed token.
Parameters
- $token
- The signed token.
- $seed
- The unique ID of the token.
- $timeout
- <p>Timout of the token in seconds.
Values below zero represent no timeout.</p>
- $unique
- Should validation of the token succeed only once?
Returns
boolean
True if the token was valid.
|
public
array
|
#
validate( string $token, string $seed = '', integer $timeout = null )
Is the given token still valid? Throws an exception in case it is not.
Is the given token still valid? Throws an exception in case it is not.
Parameters
- $token
- The signed token.
- $seed
- The unique ID of the token.
- $timeout
- <p>Timout of the token in seconds.
Values below zero represent no timeout.</p>
Returns
array
An array of two elements: The nonce and the hash.
Throws
|
public
null
|
#
validateUnique( string $token, string $seed = '' )
Is the given token valid and has never been used before? Throws an
exception otherwise.
Is the given token valid and has never been used before? Throws an
exception otherwise.
Parameters
- $token
- The signed token.
- $seed
- The unique ID of the token.
Returns
null
Throws
|
public
string
|
#
getNonce( )
Return a "number used once" (a concatenation of a timestamp and a random
numer).
Return a "number used once" (a concatenation of a timestamp and a random
numer).
Returns
string
A string of 6 bytes.
|