1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
<?php
/*
* Copyright 2010-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*%******************************************************************************************%*/
// CLASS
/**
* Simplifies the process of signing JSON policy documents.
*
* @version 2011.04.25
* @license See the included NOTICE.md file for more information.
* @copyright See the included NOTICE.md file for more information.
* @link http://aws.amazon.com/php/ PHP Developer Center
*/
class CFPolicy
{
/**
* Stores the object that contains the authentication credentials.
*/
public $auth;
/**
* Stores the policy object that we're working with.
*/
public $json_policy;
/**
* Constructs a new instance of this class.
*
* @param CFRuntime $auth (Required) An instance of any authenticated AWS object that is an instance of <CFRuntime> (e.g. <AmazonEC2>, <AmazonS3>).
* @param string|array $policy (Required) The associative array representing the S3 policy to use, or a string of JSON content.
* @return $this A reference to the current instance.
* @link http://docs.amazonwebservices.com/AmazonS3/2006-03-01/dev/index.html?HTTPPOSTForms.html S3 Policies
* @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.html?AccessPolicyLanguage.html Access Policy Language
*/
public function __construct($auth, $policy)
{
$this->auth = $auth;
if (is_array($policy)) // We received an associative array...
{
$this->json_policy = json_encode($policy);
}
else // We received a valid, parseable JSON string...
{
$this->json_policy = json_encode(json_decode($policy, true));
}
return $this;
}
/**
* Alternate approach to constructing a new instance. Supports chaining.
*
* @param CFRuntime $auth (Required) An instance of any authenticated AWS object that is an instance of <CFRuntime> (e.g. <AmazonEC2>, <AmazonS3>).
* @param string|array $policy (Required) The associative array representing the S3 policy to use, or a string of JSON content.
* @return $this A reference to the current instance.
*/
public static function init($auth, $policy)
{
if (version_compare(PHP_VERSION, '5.3.0', '<'))
{
throw new Exception('PHP 5.3 or newer is required to instantiate a new class with CLASS::init().');
}
$self = get_called_class();
return new $self($auth, $policy);
}
/**
* Get the key from the authenticated instance.
*
* @return string The key from the authenticated instance.
*/
public function get_key()
{
return $this->auth->key;
}
/**
* Base64-encodes the JSON string.
*
* @return string The Base64-encoded version of the JSON string.
*/
public function get_policy()
{
return base64_encode($this->json_policy);
}
/**
* Gets the JSON string with the whitespace removed.
*
* @return string The JSON string without extraneous whitespace.
*/
public function get_json()
{
return $this->json_policy;
}
/**
* Gets the JSON string with the whitespace removed.
*
* @return string The Base64-encoded, signed JSON string.
*/
public function get_policy_signature()
{
return base64_encode(hash_hmac('sha1', $this->get_policy(), $this->auth->secret_key));
}
/**
* Decode a policy that was returned from the service.
*
* @param string $response (Required) The policy returned by AWS that you want to decode into an object.
* @return string The Base64-encoded, signed JSON string.
*/
public static function decode_policy($response)
{
return json_decode(urldecode($response), true);
}
}
|