Code Coverage |
||||||||||
Classes and Traits |
Functions and Methods |
Lines |
||||||||
Total | |
0.00% |
0 / 1 |
|
53.85% |
7 / 13 |
CRAP | |
92.31% |
96 / 104 |
FilesystemJsonStorage | |
0.00% |
0 / 1 |
|
53.85% |
7 / 13 |
46.96 | |
92.31% |
96 / 104 |
__construct | |
0.00% |
0 / 1 |
3.05 | |
81.82% |
9 / 11 |
|||
setLogger | |
100.00% |
1 / 1 |
1 | |
100.00% |
2 / 2 |
|||
createAuthCode | |
0.00% |
0 / 1 |
3.03 | |
85.71% |
6 / 7 |
|||
exchangeAuthCodeForAccessToken | |
0.00% |
0 / 1 |
11.04 | |
92.86% |
26 / 28 |
|||
getAccessToken | |
100.00% |
1 / 1 |
5 | |
100.00% |
5 / 5 |
|||
revokeAccessToken | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
deleteExpiredTokens | |
100.00% |
1 / 1 |
9 | |
100.00% |
13 / 13 |
|||
get | |
0.00% |
0 / 1 |
4.01 | |
91.67% |
11 / 12 |
|||
put | |
100.00% |
1 / 1 |
1 | |
100.00% |
4 / 4 |
|||
delete | |
0.00% |
0 / 1 |
3.02 | |
87.50% |
7 / 8 |
|||
getPath | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
withLock | |
0.00% |
0 / 1 |
3.01 | |
90.91% |
10 / 11 |
|||
hash | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
1 | <?php declare(strict_types=1); |
2 | |
3 | namespace Taproot\IndieAuth\Storage; |
4 | |
5 | use DirectoryIterator; |
6 | use Exception; |
7 | use Psr\Log\LoggerAwareInterface; |
8 | use Psr\Log\LoggerInterface; |
9 | use Psr\Log\NullLogger; |
10 | use Taproot\IndieAuth\IndieAuthException; |
11 | |
12 | use function Taproot\IndieAuth\generateRandomString; |
13 | |
14 | /** |
15 | * Filesystem JSON Token Storage |
16 | * |
17 | * An implementation of `TokenStorageInterface` which stores authorization codes |
18 | * and access tokens in the filesystem as JSON files, and supports custom access |
19 | * token lifetimes. |
20 | * |
21 | * This is intended as a default, example implementation with minimal requirements. |
22 | * In practise, most people should probably be using an SQLite3 version of this |
23 | * which I haven’t written yet. I haven’t extensively documented this class, as it |
24 | * will likely be superceded by the SQLite version. |
25 | */ |
26 | class FilesystemJsonStorage implements TokenStorageInterface, LoggerAwareInterface { |
27 | const DEFAULT_AUTH_CODE_TTL = 60 * 5; // Five minutes. |
28 | const DEFAULT_ACCESS_TOKEN_TTL = 60 * 60 * 24 * 7; // One week. |
29 | |
30 | const TOKEN_LENGTH = 64; |
31 | |
32 | protected string $path; |
33 | protected int $authCodeTtl; |
34 | protected int $accessTokenTtl; |
35 | protected string $secret; |
36 | |
37 | protected LoggerInterface $logger; |
38 | |
39 | |
40 | public function __construct(string $path, string $secret, ?int $authCodeTtl=null, ?int $accessTokenTtl=null, $cleanUpNow=false, ?LoggerInterface $logger=null) { |
41 | $this->logger = $logger ?? new NullLogger(); |
42 | |
43 | if (strlen($secret) < 64) { |
44 | throw new Exception("\$secret must be a string with a minimum length of 64 characters. Make one with Taproot\IndieAuth\generateRandomString(64)"); |
45 | } |
46 | $this->secret = $secret; |
47 | |
48 | $this->path = rtrim($path, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR; |
49 | |
50 | $this->authCodeTtl = $authCodeTtl ?? self::DEFAULT_AUTH_CODE_TTL; |
51 | $this->accessTokenTtl = $accessTokenTtl ?? self::DEFAULT_ACCESS_TOKEN_TTL; |
52 | |
53 | @mkdir($this->path, 0777, true); |
54 | |
55 | if ($cleanUpNow) { |
56 | $this->deleteExpiredTokens(); |
57 | } |
58 | } |
59 | |
60 | // LoggerAwareInterface method. |
61 | |
62 | public function setLogger(LoggerInterface $logger) { |
63 | $this->logger = $logger; |
64 | } |
65 | |
66 | // TokenStorageInterface Methods. |
67 | |
68 | public function createAuthCode(array $data): ?string { |
69 | $authCode = generateRandomString(self::TOKEN_LENGTH); |
70 | $accessToken = $this->hash($authCode); |
71 | |
72 | if (!array_key_exists('valid_until', $data)) { |
73 | $data['valid_until'] = time() + $this->authCodeTtl; |
74 | } |
75 | |
76 | if (!$this->put($accessToken, $data)) { |
77 | return null; |
78 | } |
79 | return $authCode; |
80 | } |
81 | |
82 | public function exchangeAuthCodeForAccessToken(string $code, callable $validateAuthCode): ?array { |
83 | // Hash the auth code to get the theoretical matching access token filename. |
84 | $accessToken = $this->hash($code); |
85 | |
86 | // Prevent the token file from being read, modified or deleted while we’re working with it. |
87 | // r+ to allow reading and writing, but to make sure we don’t create the file if it doesn’t |
88 | // already exist. |
89 | return $this->withLock($this->getPath($accessToken), 'r+', function ($fp) use ($accessToken, $validateAuthCode) { |
90 | // Read the file contents. |
91 | $fileContents = ''; |
92 | while ($d = fread($fp, 1024)) { $fileContents .= $d; } |
93 | |
94 | $data = json_decode($fileContents, true); |
95 | |
96 | if (!is_array($data)) { return null; } |
97 | |
98 | // Make sure the auth code hasn’t already been redeemed. |
99 | if ($data['exchanged_at'] ?? false) { return null; } |
100 | |
101 | // Make sure the auth code isn’t expired. |
102 | if (($data['valid_until'] ?? 0) < time()) { return null; } |
103 | |
104 | // The auth code is valid as far as we know, pass it to the validation callback passed from the |
105 | // Server. |
106 | try { |
107 | $validateAuthCode($data); |
108 | } catch (IndieAuthException $e) { |
109 | // If there was an issue with the auth code, delete it before bubbling the exception |
110 | // up to the Server for handling. We currently have a lock on the file path, so pass |
111 | // false to $observeLock to prevent a deadlock. |
112 | $this->delete($accessToken, false); |
113 | throw $e; |
114 | } |
115 | |
116 | // If the access token is valid, mark it as redeemed and set a new expiry time. |
117 | $data['exchanged_at'] = time(); |
118 | |
119 | if (is_int($data['_access_token_ttl'] ?? null)) { |
120 | // This access token has a custom TTL, use that. |
121 | $data['valid_until'] = time() + $data['_access_code_ttl']; |
122 | } elseif ($this->accessTokenTtl == 0) { |
123 | // The token should be valid until explicitly revoked. |
124 | $data['valid_until'] = null; |
125 | } else { |
126 | // Use the default TTL. |
127 | $data['valid_until'] = time() + $this->accessTokenTtl; |
128 | } |
129 | |
130 | // Write the new file contents, truncating afterwards in case the new data is shorter than the old data. |
131 | $jsonData = json_encode($data); |
132 | if (rewind($fp) === false) { return null; } |
133 | if (fwrite($fp, $jsonData) === false) { return null; } |
134 | if (ftruncate($fp, strlen($jsonData)) === false) { return null; } |
135 | |
136 | // Return the OAuth2-compatible access token data to the Server for passing onto |
137 | // the client app. Passed via array_filter to remove the scope key if scope is null. |
138 | return array_filter([ |
139 | 'access_token' => $accessToken, |
140 | 'scope' => $data['scope'] ?? null, |
141 | 'me' => $data['me'], |
142 | 'profile' => $data['profile'] ?? null |
143 | ]); |
144 | }); |
145 | } |
146 | |
147 | public function getAccessToken(string $token): ?array { |
148 | $data = $this->get($token); |
149 | |
150 | if (!is_array($data)) { return null; } |
151 | |
152 | // Check that this is a redeemed access token. |
153 | if (($data['exchanged_at'] ?? false) === false) { return null; } |
154 | |
155 | // Check that the access token is still valid. valid_until=null means it should live until |
156 | // explicitly revoked. |
157 | if (is_int($data['valid_until']) && $data['valid_until'] < time()) { return null; } |
158 | |
159 | // The token is valid! |
160 | return $data; |
161 | } |
162 | |
163 | public function revokeAccessToken(string $token): bool { |
164 | return $this->delete($token); |
165 | } |
166 | |
167 | // Implementation-Specifc Methods. |
168 | |
169 | public function deleteExpiredTokens(): int { |
170 | $deleted = 0; |
171 | |
172 | foreach (new DirectoryIterator($this->path) as $fileInfo) { |
173 | if ($fileInfo->isFile() && $fileInfo->getExtension() == 'json') { |
174 | // Only delete files which we can lock. |
175 | $successfullyDeleted = $this->withLock($fileInfo->getPathname(), 'r', function ($fp) use ($fileInfo) { |
176 | // Read the file, check expiry date! Only unlink if file is expired. |
177 | $fileContents = ''; |
178 | while ($d = fread($fp, 1024)) { $fileContents .= $d; } |
179 | |
180 | $data = json_decode($fileContents, true); |
181 | |
182 | if (!is_array($data)) { return; } |
183 | |
184 | // If valid_until is a valid time, and is in the past, delete the token. |
185 | if (is_int($data['valid_until'] ?? null) && $data['valid_until'] < time()) { |
186 | return unlink($fileInfo->getPathname()); |
187 | } |
188 | }); |
189 | |
190 | if ($successfullyDeleted) { $deleted++; } |
191 | } |
192 | } |
193 | |
194 | return $deleted; |
195 | } |
196 | |
197 | public function get(string $key): ?array { |
198 | $path = $this->getPath($key); |
199 | |
200 | if (!file_exists($path)) { |
201 | return null; |
202 | } |
203 | |
204 | return $this->withLock($path, 'r', function ($fp) { |
205 | $fileContents = ''; |
206 | while ($data = fread($fp, 1024)) { |
207 | $fileContents .= $data; |
208 | } |
209 | $result = json_decode($fileContents, true); |
210 | |
211 | if (is_array($result)) { |
212 | return $result; |
213 | } |
214 | |
215 | return null; |
216 | }); |
217 | } |
218 | |
219 | public function put(string $key, array $data): bool { |
220 | // Ensure that the containing folder exists. |
221 | @mkdir($this->path, 0777, true); |
222 | |
223 | return $this->withLock($this->getPath($key), 'w', function ($fp) use ($data) { |
224 | return fwrite($fp, json_encode($data)) !== false; |
225 | }); |
226 | } |
227 | |
228 | public function delete(string $key, $observeLock=true): bool { |
229 | $path = $this->getPath($key); |
230 | if (file_exists($path)) { |
231 | if ($observeLock) { |
232 | return $this->withLock($path, 'r', function ($fp) use ($path) { |
233 | return unlink($path); |
234 | }); |
235 | } else { |
236 | return unlink($path); |
237 | } |
238 | } |
239 | return false; |
240 | } |
241 | |
242 | public function getPath(string $key): string { |
243 | // TODO: ensure that the calculated path is a child of $this->path. |
244 | return $this->path . "$key.json"; |
245 | } |
246 | |
247 | protected function withLock(string $path, string $mode, callable $callback) { |
248 | $fp = @fopen($path, $mode); |
249 | |
250 | if ($fp === false) { |
251 | return null; |
252 | } |
253 | |
254 | // Wait for a lock. |
255 | if (flock($fp, LOCK_EX)) { |
256 | $return = null; |
257 | try { |
258 | // Perform whatever action on the file pointer. |
259 | $return = $callback($fp); |
260 | } finally { |
261 | // Regardless of what happens, release the lock. |
262 | flock($fp, LOCK_UN); |
263 | fclose($fp); |
264 | } |
265 | return $return; |
266 | } |
267 | // It wasn’t possible to get a lock. |
268 | return null; |
269 | } |
270 | |
271 | protected function hash(string $token): string { |
272 | return hash_hmac('sha256', $token, $this->secret); |
273 | } |
274 | } |