2 /*-------------------------------------------------------------------------------------
4 * Filename : Authentication_URL.php
5 * Date : 11th July 2012
7 * Copyright (C) 2012 Melvin Carvalho, Akbar Hossain, László Török
9 * Permission is hereby granted, free of charge, to any person obtaining a copy
10 * of this software and associated documentation files (the "Software"), to deal
11 * in the Software without restriction, including without limitation the rights
12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
13 * copies of the Software, and to permit persons to whom the Software is furnished
14 * to do so, subject to the following conditions:
16 * The above copyright notice and this permission notice shall be included in all
17 * copies or substantial portions of the Software.
19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
20 * INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
21 * PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
22 * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
23 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
24 * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
26 * Everything should be made as simple as possible, but no simpler."
29 //-------------------------------------------------------------------------------------
32 * Represents a valid Uniform Resource Locator
34 * @author László Török
35 * @modified Andrei Sambra
37 class Authentication_URL
44 private $query = array();
48 * @param string $URL_string String to parse
49 * @return Authentication_URL A valid Authentication_URL instance
52 public static function parse($URL_string)
54 $URL = new Authentication_URL();
55 $isOk = $URL->parseInternal($URL_string);
56 return $isOk ? $URL : NULL;
59 * Returns query string parameter value by key
61 * @param mixed $default
62 * @return mixed The required "value" (or $default if not found)
64 public function getQueryParameter($key,$default = NULL)
66 return isset($this->query[$key]) ? $this->query[$key] : $default;
69 * Normalized URL serialization scheme://domain:port/path
70 * @return <type> Returns the parsed URL in a normalized form
72 public function __toString()
74 return $this->scheme.'://'.$this->host.':'.$this->port.$this->path;
77 protected function parseInternal($URL_string)
79 $URL_map = @parse_URL($URL_string);
83 // some minimalistic sanitization
84 || ! preg_match('/[a-zA-Z0-9._-]*[a-zA-Z0-9]$/', $URL_map['host']))
88 $URL_map = array_map('trim', $URL_map);
90 $this->parsedURL = $URL_string;
91 $this->scheme = isset($URL_map['scheme']) ? $URL_map['scheme'] : 'http';
92 $this->host = $URL_map['host'];
93 $this->port = isset($URL_map['port']) ?
94 (int)$URL_map['port'] : ($this->scheme == 'https') ? 443 : 80;
95 $this->path = isset($URL_map['path']) ? $URL_map['path'] : '';
96 if (isset($URL_map['query']))
98 parse_str($URL_map['query'], $this->query);
102 $this->query = array();
105 if ($this->path == '')
110 $this->path .= isset($URL_map['query']) ? "?$URL_map[query]" : '';
112 isset($URL_map['fragment']) and $this->path .= '#'.$URL_map['fragment'];
119 * Represents a special "signed" URL used in authentication scenarios
121 class Authentication_SignedURL extends Authentication_URL
124 * Returns the digital signature string extracted from the signed URL
127 public function digitalSignature()
129 $data = $this->getQueryParameter('sig');
130 return base64_decode(str_pad(strtr($data, '-_', '+/'),
131 strlen($data) % 4, '=', STR_PAD_RIGHT));
134 * Returns the original parsed URL without the digital signature
137 public function URLWithoutSignature()
139 $sig = $this->getQueryParameter('sig');
141 $encodedsig=urlencode(isset($sig) ? $sig : NULL);
142 $encodedsig='&sig='.$encodedsig;
143 $startofsig=strpos($this->parsedURL, $encodedsig);
144 $start=substr($this->parsedURL, 0, $startofsig);
148 * Parses the given URL string into a Authentication_SignedURL
149 * @param string $URL_string
150 * @return Authentication_SignedURL
152 public static function parse($URL_string)
154 $URL = new Authentication_SignedURL();
155 $isOk = $URL->parseInternal($URL_string);
156 return $isOk ? $URL : NULL;