HmacFactory_8php_source.html

 <?php


 namespace Elgg\Security;


 use Elgg\Traits\TimeUsing;


 class HmacFactory {


     use TimeUsing;


     public function __construct(protected SiteSecret $site_secret, protected Crypto $crypto) {

     }


     public function getHmac($data, $algo = 'sha256', $key = '') {

         if (!$key) {

             $key = $this->site_secret->get(true);

         }


         return new Hmac($key, [$this->crypto, 'areEqual'], $data, $algo);

     }


     public function generateInviteCode(string $username): string {

         $time = $this->getCurrentTime()->getTimestamp();

         $token = $this->getHmac([$time, $username])->getToken();


         return "{$time}.{$token}";

     }


     public function validateInviteCode(string $username, string $code): bool {

         // validate the format of the token created by self::generateInviteCode()

         $matches = [];

         if (!preg_match('~^(\d+)\.([a-zA-Z0-9\-_]+)$~', $code, $matches)) {

             return false;

         }


         $time = (int) $matches[1];

         $mac = $matches[2];


         return $this->getHmac([$time, $username])->matchesToken($mac);

     }

 }

$username
$username
Definition: delete.php:23

$code
$code
Definition: changepassword.php:12

$time
if(! $annotation instanceof ElggAnnotation) $time
Definition: time.php:20

$data
if(! $entity instanceof \ElggUser) $data
Definition: attributes.php:13

Elgg\Security\Crypto
Cryptographic services.
Definition: Crypto.php:12

Elgg\Security\HmacFactory
Provides a factory for HMAC objects.
Definition: HmacFactory.php:10

Elgg\Security\HmacFactory\validateInviteCode
validateInviteCode(string $username, string $code)
Validate a user's invite code.
Definition: HmacFactory.php:66

Elgg\Security\HmacFactory\generateInviteCode
generateInviteCode(string $username)
Generates a unique invite code for a user.
Definition: HmacFactory.php:49

Elgg\Security\HmacFactory\__construct
__construct(protected SiteSecret $site_secret, protected Crypto $crypto)
Constructor.
Definition: HmacFactory.php:20

Elgg\Security\HmacFactory\getHmac
getHmac($data, $algo='sha256', $key='')
Get an HMAC token builder/validator object.
Definition: HmacFactory.php:32

Elgg\Security\Hmac
Component for creating HMAC tokens.
Definition: Hmac.php:10

Elgg\Security\SiteSecret
Manages a site-specific secret key, encoded as a 32 byte string "secret".
Definition: SiteSecret.php:24

Elgg\Security
Definition: Base64Url.php:3

$mac
$mac
Definition: contents.php:14

$key
if($container instanceof ElggGroup && $container->guid !=elgg_get_page_owner_guid()) $key
Definition: summary.php:44

$token
$token
Definition: securitytoken.php:9

$site_secret
$site_secret
Definition: site_secret.php:13