2.3/UrlSigner_8php_source.html

 <?php

 namespace Elgg\Security;

 class UrlSigner {

     const KEY_MAC = '__elgg_mac';
     const KEY_EXPIRES = '__elgg_exp';

     public function sign($url, $expires = false) {
         $url = elgg_normalize_url($url);

         $parts = parse_url($url);

         if (isset($parts['query'])) {
             $query = elgg_parse_str($parts['query']);
         } else {
             $query = [];
         }

         if (isset($query[self::KEY_MAC])) {
             throw new \InvalidArgumentException('URL has already been signed');
         }

         if ($expires) {
             $query[self::KEY_EXPIRES] = strtotime($expires);
         }

         ksort($query);

         $parts['query'] = http_build_query($query);

         $url = elgg_http_build_url($parts, false);

         $token = elgg_build_hmac($url)->getToken();

         return elgg_http_add_url_query_elements($url, [
             self::KEY_MAC => $token,
         ]);
     }

     public function isValid($url) {

         $parts = parse_url($url);

         if (isset($parts['query'])) {
             $query = elgg_parse_str($parts['query']);
         } else {
             $query = [];
         }

         if (!isset($query[self::KEY_MAC])) {
             // No signature found
             return false;
         }

         $token = $query[self::KEY_MAC];
         unset($query[self::KEY_MAC]);

         if (isset($query[self::KEY_EXPIRES]) && $query[self::KEY_EXPIRES] < time()) {
             // Signature has expired
             return false;
         }

         ksort($query);

         $parts['query'] = http_build_query($query);

         $url = elgg_http_build_url($parts, false);

         return elgg_build_hmac($url)->matchesToken($token);

     }
 }
elgg_http_add_url_query_elements
elgg_http_add_url_query_elements($url, array $elements)
Sets elements in a URL&#39;s query string.
Definition: elgglib.php:1199

elgg_parse_str
elgg_parse_str($str)
Parses a string using mb_parse_str() if available.
Definition: mb_wrapper.php:19

Elgg\Security\UrlSigner\KEY_EXPIRES
const KEY_EXPIRES
Definition: UrlSigner.php:13

elgg_normalize_url
elgg_normalize_url($url)
Definition: output.php:280

parse_url
elgg parse_url
Parse a URL into its parts.
Definition: elgglib.js:450

$url
$url
Definition: exceptions.php:24

Elgg\Security\UrlSigner\KEY_MAC
const KEY_MAC
Definition: UrlSigner.php:12

Elgg\Security
Definition: Base64Url.php:2

elgg_build_hmac
elgg_build_hmac($data)
Get an HMAC token builder/validator object.
Definition: actions.php:118

$token
$token
Definition: securitytoken.php:12

Elgg\Security\UrlSigner
Component for creating signed URLs.
Definition: UrlSigner.php:10

time
elgg subtext time
Definition: typography.css.php:121

elgg_http_build_url
elgg_http_build_url(array $parts, $html_encode=true)
Builds a URL from the a parts array like one returned by parse_url().
Definition: elgglib.php:1116

Elgg\Security\UrlSigner\isValid
isValid($url)
Validates HMAC signature.
Definition: UrlSigner.php:65

Elgg\Security\UrlSigner\sign
sign($url, $expires=false)
Normalizes and signs the URL with SHA256 HMAC key.
Definition: UrlSigner.php:27