Added static option to set private key

legalthings · Nov 25, 2015 · d2e3f6d · d2e3f6d
1 parent 4a08ff2
commit d2e3f6d
Showing 1 changed file with 34 additions and 15 deletions.
diff --git a/src/Authorizer.php b/src/Authorizer.php
@@ -13,6 +13,13 @@ class Authorizer
      */
     public static $globalSecret;
 
+    /**
+     * Path to the private key of the current application
+     * @var string
+     */
+    public static $privateKeyPath;
+
+
     /**
      * Sign a resource, granting access to a specific client
      * 
@@ -40,6 +47,21 @@ public static function sign($allowedResource, $authzgen)
         return $encryptedSecret;
     }
 
+    /**
+     * Decrypt an encrypted secret
+     * 
+     * @param string   $encryptedSecret  An encrypted secret with the format:
+     *                                   {{resource}};{{time_from}};{{time_to}};{{hash}}
+     *
+     * @return string  $decryptedSecret  String with the format: {{time_from}};{{time_to}};{{checksum}}
+     */
+    public static function decrypt($encryptedSecret)
+    {
+        openssl_private_decrypt($encryptedSecret, $decryptedSecret, self::getPrivateKey());
+
+        return $decryptedSecret;
+    }
+
     /**
      * Verify if a resource may be accessed by the client
      * 
@@ -54,7 +76,7 @@ public static function verify($allowedResource, $decryptedSecret)
 
         list($timeStart, $timeEnd, $checksum) = explode(';', $decryptedSecret) + [null, null, null];
 
-        if ($checksum !== self::generateChecksum($allowedResource, $timeStart, $timeEnd) return false;
+        if ($checksum !== self::generateChecksum($allowedResource, $timeStart, $timeEnd)) return false;
 
         $timeStart = strlen($timeStart) > 0 ? (int)$timeStart : ($currentTime - 1);
         $timeEnd = strlen($timeEnd) > 0 ? (int)$timeEnd : ($currentTime + 1);
@@ -73,26 +95,23 @@ public static function verify($allowedResource, $decryptedSecret)
      *
      * @return string
      */
-    private static function generateChecksum($allowedResource, $timeStart, $timeEnd)
+    protected static function generateChecksum($allowedResource, $timeStart, $timeEnd)
     {
-        return hash('sha256', $allowedResource . $_SERVER['HTTP_HOST'] . $timeStart . $timeEnd . self::$globalSecret)
+        return hash('sha256', $allowedResource . $_SERVER['HTTP_HOST'] . $timeStart . $timeEnd . self::$globalSecret);
     }
 
     /**
-     * Decrypt an encrypted secret
-     * 
-     * @param string   $encryptedSecret  An encrypted secret with the format:
-     *                                   {{resource}};{{time_from}};{{time_to}};{{hash}}
-     * @param string   $privateKeyPath   Path to the private key of the current application
+     * Get a private key
      *
-     * @return string  $decryptedSecret  String with the format: {{time_from}};{{time_to}};{{checksum}}
+     * @return string
      */
-    public static function decrypt($encryptedSecret, $privateKeyPath)
+    protected static function getPrivateKey()
     {
-        $privateKey = file_get_contents($privateKeyPath);
-        openssl_private_decrypt($encryptedSecret, $decryptedSecret, $privateKey);
+        if (!isset(self::$privateKeyPath)) trigger_error('$privateKeyPath is not set', E_USER_WARNING);
 
-        return $decryptedSecret;
+        $privateKey = file_get_contents(self::$privateKeyPath);
+
+        return $privateKey;
     }
 
     /**
@@ -103,9 +122,9 @@ public static function decrypt($encryptedSecret, $privateKeyPath)
      *
      * @return string
      */
-    private static function downloadPublicKey($url, $options = [])
+    protected static function downloadPublicKey($url, $options = [])
     {
-        $client = new GuzzleHttp\Client();
+        $client = new \GuzzleHttp\Client();
         $res = $client->get($url, $options);
 
         return (string)$res->getBody();