2008-09-26 05:21:11 +02:00
|
|
|
<?php
|
|
|
|
|
define('S_OK', 'OK');
|
|
|
|
|
define('S_BAD_OTP', 'BAD_OTP');
|
|
|
|
|
define('S_BAD_CLIENT', 'BAD_CLIENT'); // New, added by paul 20080920
|
|
|
|
|
define('S_REPLAYED_OTP', 'REPLAYED_OTP');
|
|
|
|
|
define('S_BAD_SIGNATURE', 'BAD_SIGNATURE');
|
|
|
|
|
define('S_MISSING_PARAMETER', 'MISSING_PARAMETER');
|
|
|
|
|
//define('S_NO_SUCH_CLIENT', 'NO_SUCH_CLIENT'); // Deprecated by paul 20080920
|
|
|
|
|
define('S_OPERATION_NOT_ALLOWED', 'OPERATION_NOT_ALLOWED');
|
|
|
|
|
define('S_BACKEND_ERROR', 'BACKEND_ERROR');
|
2008-12-03 08:49:32 +01:00
|
|
|
define('S_SECURITY_ERROR', 'SECURITY_ERROR');
|
2008-12-03 20:38:55 +01:00
|
|
|
define('TS_SEC', 0.119);
|
2008-12-03 08:49:32 +01:00
|
|
|
define('TS_TOLERANCE', 0.3);
|
2008-09-26 05:21:11 +02:00
|
|
|
|
2008-09-26 07:00:41 +02:00
|
|
|
function debug($msg, $exit = false) {
|
2008-09-26 05:21:11 +02:00
|
|
|
global $trace;
|
|
|
|
|
if ($trace) {
|
|
|
|
|
if (is_array($msg)) {
|
2008-10-08 08:29:19 +02:00
|
|
|
//print_r($msg);
|
2008-09-26 05:21:11 +02:00
|
|
|
} else {
|
2008-10-08 08:29:19 +02:00
|
|
|
echo '<p>Debug> ' . $msg;
|
2008-09-26 05:21:11 +02:00
|
|
|
}
|
|
|
|
|
echo "\n";
|
|
|
|
|
}
|
|
|
|
|
if ($exit) {
|
2008-09-26 07:00:41 +02:00
|
|
|
die('<font color=red><h4>Exit</h4></font>');
|
2008-09-26 05:21:11 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2008-09-26 07:00:41 +02:00
|
|
|
function genRandRaw($len) {
|
|
|
|
|
$h = hash_hmac('sha1', rand(9999,9999999), 'dj*ccbcuiiurubrvnubcdluul', true);
|
|
|
|
|
$a = str_split($h);
|
|
|
|
|
//print_r($a);
|
|
|
|
|
$a = array_slice($a, 0, $len);
|
|
|
|
|
//print_r($a);
|
|
|
|
|
$s = implode($a);
|
|
|
|
|
//outputToFile('out', $s);
|
|
|
|
|
return $s;
|
2008-09-26 05:21:11 +02:00
|
|
|
}
|
|
|
|
|
|
2008-11-21 07:41:13 +01:00
|
|
|
// Return eg. 2008-11-21T06:11:55
|
|
|
|
|
//
|
2008-09-27 11:04:49 +02:00
|
|
|
function getUTCTimeStamp() {
|
|
|
|
|
date_default_timezone_set('UTC');
|
2008-11-21 07:41:13 +01:00
|
|
|
return date('Y-m-d\TH:i:s', time());
|
2008-09-27 11:04:49 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Sign a http query string in the array of key-value pairs
|
|
|
|
|
// return b64 encoded hmac hash
|
2008-10-08 08:29:19 +02:00
|
|
|
function sign($a, $apiKey, $debug=false) {
|
2008-09-27 11:04:49 +02:00
|
|
|
ksort($a);
|
|
|
|
|
$qs = '';
|
|
|
|
|
$n = count($a);
|
|
|
|
|
$i = 0;
|
|
|
|
|
foreach (array_keys($a) as $key) {
|
2008-11-21 22:41:26 +01:00
|
|
|
$qs .= trim($key).'='.trim($a[$key]);
|
2008-09-27 11:04:49 +02:00
|
|
|
if (++$i < $n) {
|
|
|
|
|
$qs .= '&';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Generate the signature
|
|
|
|
|
//debug('API key: '.$apiKey); // API key of the client
|
2008-10-08 08:29:19 +02:00
|
|
|
debug('SIGN: '.$qs);
|
2008-09-27 11:04:49 +02:00
|
|
|
|
|
|
|
|
// the TRUE at the end states we want the raw value, not hexadecimal form
|
|
|
|
|
$hmac = hash_hmac('sha1', utf8_encode($qs), $apiKey, true);
|
|
|
|
|
$hmac = base64_encode($hmac);
|
2008-10-08 08:29:19 +02:00
|
|
|
if ($debug) {
|
|
|
|
|
debug('h='.$hmac);
|
|
|
|
|
}
|
2008-09-27 11:04:49 +02:00
|
|
|
return $hmac;
|
|
|
|
|
|
2008-10-08 08:29:19 +02:00
|
|
|
} // sign an array of query string
|
2008-09-27 11:04:49 +02:00
|
|
|
|
2008-09-26 07:00:41 +02:00
|
|
|
function outputToFile($outFname, $content, $mode, $append = false) {
|
|
|
|
|
$out = fopen($outFname, ($append ? "a" : "w"));
|
|
|
|
|
fwrite($out, $content);
|
|
|
|
|
fclose($out);
|
2008-09-26 05:21:11 +02:00
|
|
|
}
|
|
|
|
|
?>
|
