From 09c638dfc27f9d7fe4add01d672801498e91cca3 Mon Sep 17 00:00:00 2001 From: Roland Haeder Date: Fri, 29 May 2015 19:51:19 +0200 Subject: [PATCH] Introduced registerUpdateWernisRegistrationCall() + added some debug lines for developers. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Roland Häder --- inc/libs/wernis_functions.php | 84 +++++++++++++++++++++++++++-------- inc/wrapper-functions.php | 2 +- 2 files changed, 66 insertions(+), 20 deletions(-) diff --git a/inc/libs/wernis_functions.php b/inc/libs/wernis_functions.php index af6a5cd3b0..d28e38e4e0 100644 --- a/inc/libs/wernis_functions.php +++ b/inc/libs/wernis_functions.php @@ -113,6 +113,15 @@ function sendWernisApiRequest ($scriptName, $requestData = array()) { // Get the raw response from the lower function $response = sendHttpPostRequest($requestString, $requestData); + // Debug message + //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, sprintf('isDeveloperSystem()=%d', intval(isDeveloperSystem()))); + + // Log response only for development + if (isDeveloperSystem()) { + // Log whole message + logDebugMessage(__FUNCTION__, __LINE__, sprintf('response[%s]=%s', gettype($response), print_r($response, TRUE))); + } // END - if + // Check the response header if all is fine if (!isHttpStatusOkay($response[0])) { // Something bad happend... :( @@ -806,7 +815,7 @@ FROM WHERE `%s`='%s' ORDER BY - `id` + `id` ASC LIMIT %d", array( $key, @@ -863,22 +872,13 @@ function generateWernisDecryptionKey ($publicKey) { return $key; } -//----------------------------------------------------------------------------- -// Auth status callback functions -//----------------------------------------------------------------------------- - -// Handler for auth_status=PENDING -function doWernisAuthPending ($args) { - // $args must always be an array +// Registers or updates Wernis registration data +function registerUpdateWernisRegistrationCall ($args, $challenge, $status) { + // Make sure the required array elements are there assert(is_array($args)); - - // auth_key and wernis_userid must be set assert(isset($args['auth_key'])); assert(isset($args['wernis_userid'])); - // Generate a challenge that will be added to the URL - $challenge = hashSha256(generatePassword(128)); - // Search entry in database by auth_key if (countSumTotalData($args['auth_key'], 'wernis_regs', 'id', 'api_auth_key', TRUE) == 0) { // "Register" this call @@ -889,12 +889,13 @@ function doWernisAuthPending ($args) { `api_redirect_challenge` ) VALUES ( %s, - 'PENDING', + '%s', '%s', '%s' )", array( bigintval($args['wernis_userid']), + $status, $args['auth_key'], $challenge ), __FUNCTION__, __LINE__ @@ -904,22 +905,46 @@ function doWernisAuthPending ($args) { sqlQueryEscaped("UPDATE `{?_MYSQL_PREFIX?}_wernis_regs` SET - `api_redirect_challenge`='%s' + `api_redirect_challenge`='%s', + `api_auth_status`='%s' WHERE `api_auth_key`='%s' AND - `wernis_userid`=%s AND - `api_auth_status`='PENDING' + `wernis_userid`=%s LIMIT 1", array( $challenge, + $status, $args['auth_key'], bigintval($args['wernis_userid']) ), __FUNCTION__, __LINE__ ); } - // Should always update/insert - assert(sqlAffectedRows() == 1); + // Return whether something has been inserted or updated + return (sqlAffectedRows() == 1); +} + +//----------------------------------------------------------------------------- +// Auth status callback functions +//----------------------------------------------------------------------------- + +// Handler for auth_status=PENDING +function doWernisAuthPending ($args) { + // $args must always be an array + assert(is_array($args)); + + // auth_key and wernis_userid must be set + assert(isset($args['auth_key'])); + assert(isset($args['wernis_userid'])); + + // Generate a challenge that will be added to the URL + $challenge = hashSha256(generatePassword(128)); + + // Register or update the record + $registered = registerUpdateWernisRegistrationCall($args, $challenge, 'PENDING'); + + // Should always register/update + assert($registered === TRUE); // Redirect to WDS66 module=auth ... //* DEBUG-DIE */ die(__FUNCTION__ . ':' . __LINE__ . '
' . print_r($args, TRUE) . '
'); @@ -938,6 +963,27 @@ function doWernisAuthAccepted ($args) { // Get registration data by auth_key $rows = getWernisRegistrationDataByKey('api_auth_key', $args['auth_key']); + // Is developer system? + if (isDeveloperSystem()) { + // Log whole rows array + logDebugMessage(__FUNCTION__, __LINE__, sprintf('args[%s]=%s,rows[%s]=%s', gettype($args), print_r($args, TRUE), gettype($rows), print_r($rows, TRUE))); + } // END - if + + // Is rows empty? + if (count($rows) == 0) { + // Generate challenge + $challenge = hashSha256(generatePassword(128)); + + // Then register it ... + $registered = registerUpdateWernisRegistrationCall($args, $challenge, $args['auth_status']); + + // Should always register/update + assert($registered === TRUE); + + // ... and redirect to module=auth + redirectToUrl(getWernisBaseUrl() . '/modules.php?module=auth&auth_key=' . trim($args['auth_key']) . '&params=' . urlencode(base64_encode('&module=' . getModule() . '&what=' . getWhat())) . '&challenge=' . $challenge, FALSE, FALSE); + } // END - if + // The userid should be same assert(isset($rows[0]['wernis_userid'])); assert($rows[0]['wernis_userid'] === $args['wernis_userid']); diff --git a/inc/wrapper-functions.php b/inc/wrapper-functions.php index ab921c4b4f..4520489da1 100644 --- a/inc/wrapper-functions.php +++ b/inc/wrapper-functions.php @@ -3530,7 +3530,7 @@ function isFilledArray ($array) { // Checks whether this script runs on a developer system (called with localhost/127.0.0.1 SERVER_NAME) function isDeveloperSystem () { // Determine it - return in_array(detectServerName(), array('localhost', '127.0.0.1')); + return in_array(detectServerName(), array('localhost', 'daedalus', '127.0.0.1')); } // Checks whether given subject line has '_ref' suffix -- 2.39.5