diff options
| author | Roeland Jago Douma <rullzer@owncloud.com> | 2016-04-15 07:46:19 +0200 |
|---|---|---|
| committer | Roeland Jago Douma <rullzer@owncloud.com> | 2016-04-15 07:46:19 +0200 |
| commit | e2c36c29032f482dc114bfe3b742d0c94164a808 (patch) | |
| tree | 8505e49f3820c07e303ab578119be987492bb01e /lib/private/Session/CryptoSessionData.php | |
| parent | e3b90d7caa80bbcc569cbf042169c1ecbffa9e08 (diff) | |
| download | nextcloud-server-e2c36c29032f482dc114bfe3b742d0c94164a808.tar.gz nextcloud-server-e2c36c29032f482dc114bfe3b742d0c94164a808.zip | |
Move \OC\Session to PSR-4
Diffstat (limited to 'lib/private/Session/CryptoSessionData.php')
| -rw-r--r-- | lib/private/Session/CryptoSessionData.php | 186 |
1 files changed, 186 insertions, 0 deletions
diff --git a/lib/private/Session/CryptoSessionData.php b/lib/private/Session/CryptoSessionData.php new file mode 100644 index 00000000000..f6c585c1611 --- /dev/null +++ b/lib/private/Session/CryptoSessionData.php @@ -0,0 +1,186 @@ +<?php +/** + * @author Joas Schilling <nickvergessen@owncloud.com> + * @author Lukas Reschke <lukas@owncloud.com> + * + * @copyright Copyright (c) 2016, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OC\Session; + +use OCP\ISession; +use OCP\Security\ICrypto; + +/** + * Class CryptoSessionData + * + * @package OC\Session + */ +class CryptoSessionData implements \ArrayAccess, ISession { + /** @var ISession */ + protected $session; + /** @var \OCP\Security\ICrypto */ + protected $crypto; + /** @var string */ + protected $passphrase; + /** @var array */ + protected $sessionValues; + /** @var bool */ + protected $isModified = false; + CONST encryptedSessionName = 'encrypted_session_data'; + + /** + * @param ISession $session + * @param ICrypto $crypto + * @param string $passphrase + */ + public function __construct(ISession $session, + ICrypto $crypto, + $passphrase) { + $this->crypto = $crypto; + $this->session = $session; + $this->passphrase = $passphrase; + $this->initializeSession(); + } + + /** + * Close session if class gets destructed + */ + public function __destruct() { + $this->close(); + } + + protected function initializeSession() { + $encryptedSessionData = $this->session->get(self::encryptedSessionName); + try { + $this->sessionValues = json_decode( + $this->crypto->decrypt($encryptedSessionData, $this->passphrase), + true + ); + } catch (\Exception $e) { + $this->sessionValues = []; + } + } + + /** + * Set a value in the session + * + * @param string $key + * @param mixed $value + */ + public function set($key, $value) { + $this->sessionValues[$key] = $value; + $this->isModified = true; + } + + /** + * Get a value from the session + * + * @param string $key + * @return string|null Either the value or null + */ + public function get($key) { + if(isset($this->sessionValues[$key])) { + return $this->sessionValues[$key]; + } + + return null; + } + + /** + * Check if a named key exists in the session + * + * @param string $key + * @return bool + */ + public function exists($key) { + return isset($this->sessionValues[$key]); + } + + /** + * Remove a $key/$value pair from the session + * + * @param string $key + */ + public function remove($key) { + $this->isModified = true; + unset($this->sessionValues[$key]); + $this->session->remove(self::encryptedSessionName); + } + + /** + * Reset and recreate the session + */ + public function clear() { + $this->sessionValues = []; + $this->isModified = true; + $this->session->clear(); + } + + /** + * Wrapper around session_regenerate_id + * + * @param bool $deleteOldSession Whether to delete the old associated session file or not. + * @return void + */ + public function regenerateId($deleteOldSession = true) { + $this->session->regenerateId($deleteOldSession); + } + + /** + * Close the session and release the lock, also writes all changed data in batch + */ + public function close() { + if($this->isModified) { + $encryptedValue = $this->crypto->encrypt(json_encode($this->sessionValues), $this->passphrase); + $this->session->set(self::encryptedSessionName, $encryptedValue); + $this->isModified = false; + } + $this->session->close(); + } + + /** + * @param mixed $offset + * @return bool + */ + public function offsetExists($offset) { + return $this->exists($offset); + } + + /** + * @param mixed $offset + * @return mixed + */ + public function offsetGet($offset) { + return $this->get($offset); + } + + /** + * @param mixed $offset + * @param mixed $value + */ + public function offsetSet($offset, $value) { + $this->set($offset, $value); + } + + /** + * @param mixed $offset + */ + public function offsetUnset($offset) { + $this->remove($offset); + } +} |