[WEB] Update Yubico lib

master
André Peters 2019-02-08 11:12:59 +01:00 committed by GitHub
commit c2ba9f558d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 46 deletions

View File

@ -6,9 +6,9 @@
* @package Auth_Yubico * @package Auth_Yubico
* @author Simon Josefsson <simon@yubico.com>, Olov Danielson <olov@yubico.com> * @author Simon Josefsson <simon@yubico.com>, Olov Danielson <olov@yubico.com>
* @copyright 2007-2015 Yubico AB * @copyright 2007-2015 Yubico AB
* @license http://opensource.org/licenses/bsd-license.php New BSD License * @license https://opensource.org/licenses/bsd-license.php New BSD License
* @version 2.0 * @version 2.0
* @link http://www.yubico.com/ * @link https://www.yubico.com/
*/ */
require_once 'PEAR.php'; require_once 'PEAR.php';
@ -80,12 +80,6 @@ class Auth_Yubico
*/ */
var $_response; var $_response;
/**
* Flag whether to use https or not.
* @var boolean
*/
var $_https;
/** /**
* Flag whether to verify HTTPS server certificates or not. * Flag whether to verify HTTPS server certificates or not.
* @var boolean * @var boolean
@ -98,25 +92,19 @@ class Auth_Yubico
* Sets up the object * Sets up the object
* @param string $id The client identity * @param string $id The client identity
* @param string $key The client MAC key (optional) * @param string $key The client MAC key (optional)
* @param boolean $https Flag whether to use https (optional) * @param boolean $https noop
* @param boolean $httpsverify Flag whether to use verify HTTPS * @param boolean $httpsverify Flag whether to use verify HTTPS
* server certificates (optional, * server certificates (optional,
* default true) * default true)
* @access public * @access public
*/ */
function __construct($id, $key = '', $https = 0, $httpsverify = 1) public function __construct($id, $key = '', $https = 0, $httpsverify = 1)
{ {
$this->_id = $id; $this->_id = $id;
$this->_key = base64_decode($key); $this->_key = base64_decode($key);
$this->_https = $https;
$this->_httpsverify = $httpsverify; $this->_httpsverify = $httpsverify;
} }
function Auth_Yubico($id, $key = '', $https = 0, $httpsverify = 1)
{
self::__construct();
}
/** /**
* Specify to use a different URL part for verification. * Specify to use a different URL part for verification.
* The default is "api.yubico.com/wsapi/verify". * The default is "api.yubico.com/wsapi/verify".
@ -129,22 +117,6 @@ class Auth_Yubico
$this->_url = $url; $this->_url = $url;
} }
/**
* Get URL part to use for validation.
*
* @return string Server URL part
* @access public
*/
function getURLpart()
{
if ($this->_url) {
return $this->_url;
} else {
return "api.yubico.com/wsapi/verify";
}
}
/** /**
* Get next URL part from list to use for validation. * Get next URL part from list to use for validation.
* *
@ -154,11 +126,11 @@ class Auth_Yubico
function getNextURLpart() function getNextURLpart()
{ {
if ($this->_url_list) $url_list=$this->_url_list; if ($this->_url_list) $url_list=$this->_url_list;
else $url_list=array('api.yubico.com/wsapi/2.0/verify', else $url_list=array('https://api.yubico.com/wsapi/2.0/verify',
'api2.yubico.com/wsapi/2.0/verify', 'https://api2.yubico.com/wsapi/2.0/verify',
'api3.yubico.com/wsapi/2.0/verify', 'https://api3.yubico.com/wsapi/2.0/verify',
'api4.yubico.com/wsapi/2.0/verify', 'https://api4.yubico.com/wsapi/2.0/verify',
'api5.yubico.com/wsapi/2.0/verify'); 'https://api5.yubico.com/wsapi/2.0/verify');
if ($this->_url_index>=count($url_list)) return false; if ($this->_url_index>=count($url_list)) return false;
else return $url_list[$this->_url_index++]; else return $url_list[$this->_url_index++];
@ -318,13 +290,7 @@ class Auth_Yubico
$ch = array(); $ch = array();
while($URLpart=$this->getNextURLpart()) while($URLpart=$this->getNextURLpart())
{ {
/* Support https. */ $query = $URLpart . "?" . $parameters;
if ($this->_https) {
$query = "https://";
} else {
$query = "http://";
}
$query .= $URLpart . "?" . $parameters;
if ($this->_lastquery) { $this->_lastquery .= " "; } if ($this->_lastquery) { $this->_lastquery .= " "; }
$this->_lastquery .= $query; $this->_lastquery .= $query;
@ -392,7 +358,7 @@ class Auth_Yubico
/* Case 2. Verify signature first */ /* Case 2. Verify signature first */
$rows = explode("\r\n", trim($str)); $rows = explode("\r\n", trim($str));
$response=array(); $response=array();
while (list($key, $val) = each($rows)) { foreach ($rows as $key => $val) {
/* = is also used in BASE64 encoding so we only replace the first = by # which is not used in BASE64 */ /* = is also used in BASE64 encoding so we only replace the first = by # which is not used in BASE64 */
$val = preg_replace('/=/', '#', $val, 1); $val = preg_replace('/=/', '#', $val, 1);
$row = explode("#", $val); $row = explode("#", $val);