Classes

• Addon
• AddressbookController
• AddressbookShell
• AdminController
• Alias
• Annotation
• ApiAuthComponent
• ApiBaseController
• ApiFormatterComponent
• ApiUploadComponent
• ApiValidatorComponent
• AppController
• AppError
• AppHelper
• Application
• AppModel
• Area
• AreasController
• Audio
• AuthenticationsController
• BannedIp
• BEAppModel
• BEAppObjectModel
• BeAuthComponent
• BeAuthFacebookComponent
• BeAuthGoogleComponent
• BeAuthTwitterComponent
• BeCallbackManager
• BeConfigure
• BeCustomPropertyComponent
• BeditaAnnotationModel
• BeditaBaseShell
• BeditaCollectionModel
• BeditaContentModel
• BeditaExportFilter
• BeditaImportFilter
• BeditaObjectModel
• BeditaProductModel
• BeditaShell
• BeditaSimpleObjectModel
• BeditaSimpleStreamModel
• BeditaStreamModel
• BeEmbedFlashHelper
• BeEmbedHtml5Helper
• BeEmbedMediaHelper
• BeErrorCode
• BeExceptionHandler
• BEFile
• BeFileHandlerComponent
• BeFormHelper
• BeFrontHelper
• BeHashComponent
• BeHtmlHelper
• BeLangTextComponent
• BeLib
• BeMailComponent
• BEObject
• BeObjectCache
• BePaginatorToolbarHelper
• BeSchema
• BeSecurityComponent
• BeSystem
• BeSystemComponent
• BeThumb
• BeTimeHelper
• BeToolbarHelper
• BeTreeComponent
• BeTreeHelper
• BeUploadToObjComponent
• BeurlHelper
• BeVimeoComponent
• BeYoutubeComponent
• BuildFilterBehavior
• CacheableBehavior
• CacheShell
• CallbackBehavior
• CaptchaComponent
• Caption
• CaptionsBehavior
• Card
• CardsImportFilter
• Category
• CleanupDataTask
• CleanupTask
• Comment
• CommentsController
• CompactResultBehavior
• Content
• CreateIndexFieldsBehavior
• DataShell
• DataTransfer
• DateItem
• DbadminShell
• DeleteDependentObjectBehavior
• DeleteObjectBehavior
• DeployShell
• Document
• DocumentsController
• DumpModel
• EditorialContentsShell
• EditorNote
• Event
• EventLog
• EventsController
• FilesController
• ForeignDependenceSaveBehavior
• FrontendController
• FrontendShell
• GalleriesController
• Gallery
• GeoTag
• GettextShell
• Git
• GravatarHelper
• Group
• HashJob
• History
• HomeController
• Image
• ImageInfoHelper
• JsonExportFilter
• JsonImportFilter
• JsonView
• LangText
• Link
• MailGroup
• MailGroupCard
• MailJob
• MailLog
• MailMessage
• MailShell
• MailTemplate
• Mask
• MediaShell
• MigrateDumpModel
• MigrateShell
• Migration
• MigrationBase
• MigrationDateItemsShell
• Module
• ModulesController
• ModuleShell
• MultimediaController
• NewsController
• NewsletterController
• NewsletterShell
• NotifyBehavior
• ObjectEditor
• ObjectProperty
• ObjectRelation
• ObjectType
• ObjectUser
• PagesController
• Permission
• PermissionModule
• PermsHelper
• Product
• Property
• PropertyOption
• PublicationShell
• RedisShell
• RelationCheck
• RelationRepair
• RelationShell
• RelationStats
• RemoveDummyNameBehavior
• ResponseHandlerComponent
• RestClientModel
• Revision
• RevisionObjectBehavior
• SearchText
• SearchTextSaveBehavior
• Section
• SectionDummy
• SessionFilterComponent
• SessionFilterHelper
• ShortNews
• SmartyView
• SoapClientModel
• SplitterSql
• StatisticsController
• Stream
• StreamLog
• StreamsController
• Svn
• TagsController
• ThemeSmartyView
• ThumbnailHelper
• ThumbShell
• TransactionComponent
• TransactionFS
• TranslationsController
• Tree
• TrHelper
• User
• UserProperty
• UsersController
• Utility
• Version
• Video
• VimeoHelper
• WebmarksController
• XmlExportFilter
• XmlImportFilter
• XmlJsonConverter
• XmlView
• YoutubeHelper

Interfaces

• ApiAuthInterface
• MediaProviderInterface
• UploadableInterface

Exceptions

• BeditaAjaxException
• BEditaAllowURLException
• BeditaBadRequestException
• BeditaConflictException
• BEditaDeleteStreamObjException
• BeditaException
• BEditaFileExistException
• BeditaForbiddenException
• BeditaFrontAccessException
• BeditaHashException
• BEditaInfoException
• BeditaInternalErrorException
• BEditaIOException
• BeditaLengthRequiredException
• BeditaMailException
• BEditaMediaProviderException
• BeditaMethodNotAllowedException
• BEditaMIMEException
• BeditaNotFoundException
• BeditaNotImplementedException
• BeditaPublicationException
• BeditaRuntimeException
• BEditaSaveStreamObjException
• BeditaServiceUnavailableException
• BeditaUnauthorizedException
• BEditaUploadPHPException
• BEditaURLException

  1   2   3   4   5   6   7   8   9  10  11  12  13  14  15  16  17  18  19  20  21  22  23  24  25  26  27  28  29  30  31  32  33  34  35  36  37  38  39  40  41  42  43  44  45  46  47  48  49  50  51  52  53  54  55  56  57  58  59  60  61  62  63  64  65  66  67  68  69  70  71  72  73  74  75  76  77  78  79  80  81  82  83  84  85  86  87  88  89  90  91  92  93  94  95  96  97  98  99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 

<?php
/*-----8<--------------------------------------------------------------------
 *
 * BEdita - a semantic content management framework
 *
 * Copyright 2015 ChannelWeb Srl, Chialab Srl
 *
 * This file is part of BEdita: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published
 * by the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * BEdita is distributed WITHOUT ANY WARRANTY; without even the implied
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the GNU Lesser General Public License for more details.
 * You should have received a copy of the GNU Lesser General Public License
 * version 3 along with BEdita (see LICENSE.LGPL).
 * If not, see <http://gnu.org/licenses/lgpl-3.0.html>.
 *
 *------------------------------------------------------------------->8-----
 */

App::import('Core', array('Security'));

/**
 * BeSecurityComponent class
 *
 * Handle token to avoid CSFR attack
 */
class BeSecurityComponent extends Object {

    /**
     * list of components used
     * @var array
     */
    public $components = array('Session', 'RequestHandler');

    /**
     * the controller that use this component
     * @var Controller
     */
    public $controller = null;

    /**
    * Whether to validate POST data. Set to false to disable for data coming from 3rd party
    * services, etc.
    *
    * @var boolean
    */
    public $validatePost = true;

    /**
     * Controller actions on which csrf validation is disabled
     *
     * @var array
     */
    public $disableActions = array();

    /**
     * initialize component
     *
     * @param  Controller $controller
     * @param  array  $settings
     * @return void
     */
    public function initialize($controller, $settings = array()) {
        $this->controller = &$controller;
        $this->_set($settings);
    }

    /**
     * startup component
     *
     * @param  Controller $controller
     * @return void
     */
    public function startup($controller) {
        $isPost = ($this->RequestHandler->isPost() || $this->RequestHandler->isPut());
        $isNotRequestAction = (
            !isset($controller->params['requested']) ||
            $controller->params['requested'] != 1
        );
        $disableActions = (!is_array($this->disableActions)) ? array($this->disableActions) : $this->disableActions;

        if ($isPost && $isNotRequestAction && $this->validatePost && !in_array($controller->action, $disableActions)) {
            if ($this->validateCsrf() === false) {
                throw new BeditaException(__('Security error: CSRF token is invalid. Please try to resubmit the form', true));
            }
        }
        $this->generateToken();
    }

    /**
     * generate token and put it in session
     * @return void
     */
    protected function generateToken() {
        if (!$this->Session->started()) {
            return false;
        }
        if (isset($this->controller->params['requested']) && $this->controller->params['requested'] === 1) {
            if ($this->Session->check('_csrfToken')) {
                $tokenData = unserialize($this->Session->read('_csrfToken'));
                $this->controller->params['_csrfToken'] = $tokenData;
            }
            return false;
        }
        $authKey = Security::generateAuthKey();
        $expires = strtotime('+' . Security::inactiveMins() . ' minutes');
        $token = array(
            'key' => $authKey,
            'expires' => $expires
        );

        if ($this->Session->check('_csrfToken')) {
            $tokenData = unserialize($this->Session->read('_csrfToken'));
            $valid = (
                isset($tokenData['expires']) &&
                $tokenData['expires'] > time() &&
                isset($tokenData['key'])
            );

            if ($valid) {
                $token['key'] = $tokenData['key'];
            }
        }
        $this->controller->params['_csrfToken'] = $token;
        $this->Session->write('_csrfToken', serialize($token));
        return true;
    }

    /**
     * Validate that the controller has a CSRF token in the POST data
     * and that the token is legit/not expired
     *
     * @return bool Valid csrf token.
     */
    protected function validateCsrf() {
        if (empty($this->controller->data) && empty($this->controller->params['form'])) {
            return true;
        }
        $data = $this->controller->data;

        if (!isset($data['_csrfToken']) || !isset($data['_csrfToken']['key'])) {
            return false;
        }
        $token = $data['_csrfToken']['key'];

        if ($this->Session->check('_csrfToken')) {
            $tokenData = unserialize($this->Session->read('_csrfToken'));

            if ($tokenData['expires'] < time() || $tokenData['key'] !== $token) {
                return false;
            }
        } else {
            return false;
        }
    }

}