public function LTIToolProvider::timestampNonceHandler in LTI Tool Provider 2.x
Same name and namespace in other branches
- 8 src/Authentication/Provider/LTIToolProvider.php \Drupal\lti_tool_provider\Authentication\Provider\LTIToolProvider::timestampNonceHandler()
Validate nonce.
Parameters
$provider:
Return value
int
- OAUTH_OK if validated.
- OAUTH_BAD_TIMESTAMP if timestamp too old.
- OAUTH_BAD_NONCE if nonce has been used.
File
- src/
Authentication/ Provider/ LTIToolProvider.php, line 321
Class
- LTIToolProvider
- Oauth authentication provider for LTI Tool Provider.
Namespace
Drupal\lti_tool_provider\Authentication\ProviderCode
public function timestampNonceHandler($provider) : int {
// Verify timestamp has been set.
if (!isset($provider->timestamp)) {
return OAUTH_BAD_TIMESTAMP;
}
// Verify nonce timestamp is not older than now - nonce interval.
if ($provider->timestamp < time() - LTI_TOOL_PROVIDER_NONCE_INTERVAL) {
return OAUTH_BAD_TIMESTAMP;
}
// Verify nonce timestamp is not newer than now + nonce interval.
if ($provider->timestamp > time() + LTI_TOOL_PROVIDER_NONCE_INTERVAL) {
return OAUTH_BAD_TIMESTAMP;
}
// Verify nonce and consumer_key has been set.
if (!isset($provider->nonce) || !isset($provider->consumer_key)) {
return OAUTH_BAD_NONCE;
}
try {
$storage = $this->entityTypeManager
->getStorage('lti_tool_provider_nonce');
// Verify that current nonce is not a duplicate.
$nonce_exists = $storage
->getQuery()
->condition('nonce', $provider->nonce, '=')
->execute();
if (count($nonce_exists)) {
return OAUTH_BAD_NONCE;
}
// Store nonce in database.
$storage
->create([
'nonce' => $provider->nonce,
'consumer_key' => $provider->consumer_key,
'timestamp' => $provider->timestamp,
])
->save();
} catch (Exception $e) {
$this->loggerFactory
->warning($e
->getMessage());
return OAUTH_BAD_NONCE;
}
return OAUTH_OK;
}