function bakery_validate_data in Bakery Single Sign-On System 7.2
Same name and namespace in other branches
- 6.2 bakery.module \bakery_validate_data()
- 7.4 bakery.module \bakery_validate_data()
Validate signature and decrypt data.
Parameters
string $data: Bakery data, base64 encoded.
string $type: Optional string defining the type of data this is.
Return value
mixed Unserialized data or FALSE if invalid.
5 calls to bakery_validate_data()
- bakery_request_account in ./
bakery.module - Request account information from master to create account locally.
- bakery_taste_gingerbread_cookie in ./
bakery.module - Validate the account information request.
- bakery_taste_oatmeal_cookie in ./
bakery.module - Get data from cookie.
- bakery_taste_stroopwafel_cookie in ./
bakery.module - Validate update request.
- _bakery_validate_cookie in ./
bakery.module - Function to validate cookies.
File
- ./
bakery.module, line 1004 - Module file for the Bakery.
Code
function bakery_validate_data($data, $type = NULL) {
$key = variable_get('bakery_key', '');
$data = base64_decode($data);
$signature = substr($data, 0, 64);
$encrypted_data = substr($data, 64);
if ($signature !== hash_hmac('sha256', $encrypted_data, $key)) {
return FALSE;
}
$decrypted_data = unserialize(bakery_decrypt($encrypted_data));
// Prevent one cookie being used in place of another.
if ($type !== NULL && $decrypted_data['type'] !== $type) {
return FALSE;
}
// Allow cookies to expire when the browser closes.
if (variable_get('bakery_freshness', ini_get('session.cookie_lifetime')) == 0 || $decrypted_data['timestamp'] + variable_get('bakery_freshness', ini_get('session.cookie_lifetime')) >= $_SERVER['REQUEST_TIME']) {
return $decrypted_data;
}
return FALSE;
}