2017-05-17 12:43:12 +00:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* Tokens checker class
|
|
|
|
*
|
|
|
|
* @author Pierre HUBERT
|
|
|
|
*/
|
|
|
|
|
|
|
|
class Tokens{
|
|
|
|
|
|
|
|
/**
|
2017-05-19 16:07:52 +00:00
|
|
|
* Check request client tokens
|
2017-05-17 12:43:12 +00:00
|
|
|
*
|
|
|
|
* @return Boolean Depends of the validity of the tokens
|
|
|
|
*/
|
2017-05-19 16:07:52 +00:00
|
|
|
public function checkClientRequestTokens(){
|
2017-05-17 12:43:12 +00:00
|
|
|
if(!isset($_POST['serviceName']) OR !isset($_POST['serviceToken']))
|
|
|
|
return false; //No token specified
|
|
|
|
|
|
|
|
//Check tokens
|
2017-06-13 09:01:36 +00:00
|
|
|
if(!$serviceInfos = $this->validateClientTokens($_POST['serviceName'], $_POST['serviceToken']))
|
2017-05-17 12:43:12 +00:00
|
|
|
return false;
|
|
|
|
|
|
|
|
//Save service ID in a constant
|
2017-06-13 09:01:36 +00:00
|
|
|
define("APIServiceID", $serviceInfos["ID"]);
|
|
|
|
|
|
|
|
//Save service domain in a constant (if any)
|
|
|
|
if($serviceInfos["clientDomain"])
|
|
|
|
define("APIServiceDomain", $serviceInfos["clientDomain"]);
|
2017-05-17 12:43:12 +00:00
|
|
|
|
|
|
|
//Else everything went good
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2017-05-19 16:07:52 +00:00
|
|
|
* Check client API credentials (tokens)
|
2017-05-17 12:43:12 +00:00
|
|
|
*
|
|
|
|
* @param String $serviceName The name of the service
|
|
|
|
* @param String $token The service's token
|
|
|
|
* @return Boolean False or Tokens ID / Depending of validity of credentials
|
|
|
|
*/
|
2017-05-19 16:07:52 +00:00
|
|
|
private function validateClientTokens($serviceName, $token){
|
2017-05-17 12:43:12 +00:00
|
|
|
//Prepare DataBase request
|
2017-06-07 12:53:58 +00:00
|
|
|
$tableName = CS::get()->config->get("dbprefix")."API_ServicesToken";
|
2017-05-17 12:43:12 +00:00
|
|
|
$conditions = "WHERE serviceName = ? AND token = ?";
|
|
|
|
$values = array(
|
|
|
|
$serviceName,
|
|
|
|
$token
|
|
|
|
);
|
|
|
|
//Make request
|
|
|
|
$requestResult = CS::get()->db->select($tableName, $conditions, $values);
|
|
|
|
|
|
|
|
//Analyse result
|
|
|
|
if(count($requestResult) == 0){
|
|
|
|
//There is no available entries
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
//The API is correctly identified
|
2017-06-13 09:01:36 +00:00
|
|
|
//Generate client informations
|
|
|
|
$clientInformations = array(
|
|
|
|
"ID" => $requestResult[0]['ID'],
|
|
|
|
"clientDomain" => ($requestResult[0]["client_domain"] == "" ? false : $requestResult[0]["client_domain"])
|
|
|
|
);
|
|
|
|
|
|
|
|
//Return API informations
|
|
|
|
return $clientInformations;
|
2017-05-17 12:43:12 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|