services_ipauth.module in Services IP Authentication 7
Same filename and directory in other branches
Hook implementations and general API function for the IP Authentication module.
File
services_ipauth.moduleView source
<?php
/**
* @file
* Hook implementations and general API function for the IP Authentication
* module.
*/
/**
* Defining constants.
* Type of IP Filtering (Deny/Allow).
*/
define('SERVICES_IPAUTH_TYPE_DENY', 0);
define('SERVICES_IPAUTH_TYPE_ALLOW', 1);
/**
* Implementation of hook_services_authentication().
*/
function services_ipauth_services_authentication_info() {
return array(
'file' => 'services_ipauth.inc',
'title' => t('IP authentication'),
'description' => t('Secure IP authorization.'),
'security_settings' => '_services_ipauth_security_settings',
'authenticate_call' => '_services_ipauth_authenticate_call',
);
}
/**
* Check if the given IP address is a valid range.
*
* @param string $range The IP range to validate
* @return boolean TRUE if it's a valid IP range, FALSE otherwise.
*/
function services_ipauth_is_valid_ip_range($range) {
// Replace all non-numeric but legal IP range chars with '|'.
$range = strtr($range, ' ,.-*', '|||||');
foreach (explode('|', $range) as $quad) {
// Return false if quad is not numeric, or if it is numeric and larger than
// 255 or smaller than 0.
if (!empty($quad) && !is_numeric($quad) || !empty($quad) && is_numeric($quad) && ($quad > 255 || $quad < 0)) {
return FALSE;
}
}
return TRUE;
}
/**
* Helper function to see if the ip address represents a single address or a
* range.
*
* This function does not validate the range.
* To validate a range use sercices_ipauth_is_valid_ip_range().
*
* @param string $ip The IP address to check.
* @return boolean TRUE if this string represents an IP range, FALSE otherwise.
*/
function services_ipauth_is_ip_range($ip) {
foreach (array(
' ',
',',
'-',
'*',
) as $range_indicator) {
if (strpos($ip, $range_indicator) !== FALSE) {
return TRUE;
}
}
return FALSE;
}
/**
* Check if an IP address is in a certain range.
*
* @param string $ip The IP address to check.
* @param string $range The range in which the IP address must be.
* @return boolean TRUE if the IP address is within the range, FALSE otherwise.
*/
function services_ipauth_ip_is_in_range($ip, $range) {
// Break up IP in quadrants.
$addr = explode(".", $ip);
$matches = FALSE;
// Multiple values are separated with commas so try each in turn.
$ip_ranges = explode(",", $range);
foreach ($ip_ranges as $ip_range) {
// Clear any whitespace, break into quads, then compare.
$ip_range = explode('.', trim($ip_range));
foreach ($ip_range as $index => $quad) {
if (!($matches = services_ipauth_ip_quad_matches($addr[$index], $quad))) {
// No match, escape this foreach and move on to next IP range.
break;
}
}
// If it matches, stop here and do login.
if ($matches) {
return $matches;
}
}
return FALSE;
}
/**
* Check if a IP quadrant matches.
*
* @param string $quad The quadrant of the ip address.
* @param string $to_match The pattern to match.
* @return boolean TRUE if the quandrant matches, FALSE otherwise.
*/
function services_ipauth_ip_quad_matches($quad, $to_match) {
// if we've got a wildcard just return TRUE.
if ($to_match == '*') {
return TRUE;
}
// If $to_match contains '-', we have a range, else we have a fixed value.
$range = explode('-', $to_match);
return isset($range[1]) ? $quad >= $range[0] && $quad <= $range[1] : $range[0] == $quad;
}Functions
Name |
Description |
|---|---|
| services_ipauth_ip_is_in_range | Check if an IP address is in a certain range. |
| services_ipauth_ip_quad_matches | Check if a IP quadrant matches. |
| services_ipauth_is_ip_range | Helper function to see if the ip address represents a single address or a range. |
| services_ipauth_is_valid_ip_range | Check if the given IP address is a valid range. |
| services_ipauth_services_authentication_info | Implementation of hook_services_authentication(). |
Constants
|
Name |
Description |
|---|---|
| SERVICES_IPAUTH_TYPE_ALLOW | |
| SERVICES_IPAUTH_TYPE_DENY | Defining constants. Type of IP Filtering (Deny/Allow). |