initial commit to enable token validation and key download
This commit is contained in:
Regular → Executable
+44
-8
@@ -12,13 +12,19 @@ $method = $_SERVER['REQUEST_METHOD'];
|
||||
$path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
|
||||
$path = str_replace('/index.php', '', $path);
|
||||
$path = rtrim($path, '/');
|
||||
$path = ltrim($path, '/');
|
||||
|
||||
$tokenManager = new TokenManager();
|
||||
|
||||
switch ($path) {
|
||||
case '/request': // request access to another user's emergency / legacy key file
|
||||
request_access();
|
||||
case 'request': // request access to another user's emergency / legacy key file
|
||||
requestAccess();
|
||||
break;
|
||||
case 'deny': //deny access
|
||||
deny_access();
|
||||
case 'deny': // deny requested access
|
||||
denyAccess();
|
||||
break;
|
||||
case 'download':
|
||||
downloadKey();
|
||||
break;
|
||||
default:
|
||||
user_interface();
|
||||
@@ -29,21 +35,51 @@ function ReturnJsonResponse($data, $status = 200) {
|
||||
http_response_code($status);
|
||||
header('Content-Type: application/json');
|
||||
header('Cache-Control: no-cache, no-store, must-revalidate');
|
||||
echo json_encode($data);
|
||||
print json_encode($data);
|
||||
exit;
|
||||
}
|
||||
|
||||
function request_access() {
|
||||
function requestAccess() {
|
||||
$data = ['request access' => 'request not allowed'];
|
||||
ReturnJsonResponse($data, 403);
|
||||
}
|
||||
|
||||
function deny_access() {
|
||||
function denyAccess() {
|
||||
$data = ['deny access'=>'emergency user request revoked'];
|
||||
ReturnJsonResponse($data);
|
||||
}
|
||||
|
||||
function downloadKey() {
|
||||
global $tokenManager;
|
||||
if(!isset($_REQUEST['token']) || !ctype_xdigit($_REQUEST['token']))
|
||||
ReturnJsonResponse(['error'=>'missing or invalid token'], 400);
|
||||
$result = $tokenManager->retrieveToken($_REQUEST['token']);
|
||||
if(isset($result['error']))
|
||||
ReturnJsonResponse(['error'=>$result['error']], $result['status']);
|
||||
|
||||
if(!isset($result['success']))
|
||||
ReturnJsonResponse(['error'=>'token could not be validated'], 400);
|
||||
|
||||
//check if returned keyfile exists
|
||||
if(!file_exists($result['success']))
|
||||
ReturnJsonResponse(['error'=>'keyfile not found'], 404);
|
||||
|
||||
$filePath = $result['success'];
|
||||
$fileName = basename($filePath);
|
||||
$fileSize = filesize($filePath);
|
||||
|
||||
header('Content-Type: application/octet-stream');
|
||||
header("Content-Disposition: attachment; filename=\"{$fileName}\"");
|
||||
header("Content-Length: {$fileSize}");
|
||||
header('Cache-Control: no-cache, no-store, must-revalidate');
|
||||
header('Pragma: no-cache');
|
||||
header('Expires: 0');
|
||||
|
||||
readfile($filePath);
|
||||
exit;
|
||||
}
|
||||
|
||||
function user_interface() {
|
||||
print('<!DOCTYPE html><html><head><title>DigiErbe Tresor</title></head><body><h1>Willkommen beim DigiErbe Tresor</h1></body></html>');
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user