composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-05-19 15:22:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°7516 - hardening code

Browse Source
This commit is contained in:
Eric Espie
2024-07-03 18:03:15 +02:00
parent 644da707d2
commit ac90d8036f
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
datamodels/2.x/itop-portal-base/portal/src/Helper/ContextManipulatorHelper.php
View File

@@ -533,7 +533,7 @@ class ContextManipulatorHelper
$sPPrivateKey = self::GetPrivateKey(); $sPPrivateKey = self::GetPrivateKey();
$oCrypt = new SimpleCrypt(MetaModel::GetConfig()->GetEncryptionLibrary()); $oCrypt = new SimpleCrypt(MetaModel::GetConfig()->GetEncryptionLibrary());
return base64_encode($oCrypt->Encrypt($sPPrivateKey, json_encode($aTokenRules))); return self::base64url_encode($oCrypt->Encrypt($sPPrivateKey, json_encode($aTokenRules)));
} }
/** /**
@@ -566,7 +566,7 @@ class ContextManipulatorHelper
{ {
$sPrivateKey = self::GetPrivateKey(); $sPrivateKey = self::GetPrivateKey();
$oCrypt = new SimpleCrypt(MetaModel::GetConfig()->GetEncryptionLibrary()); $oCrypt = new SimpleCrypt(MetaModel::GetConfig()->GetEncryptionLibrary());
$sDecryptedToken = $oCrypt->Decrypt($sPrivateKey, base64_decode($sToken)); $sDecryptedToken = $oCrypt->Decrypt($sPrivateKey, self::base64url_decode($sToken));
$aTokenRules = json_decode($sDecryptedToken, true); $aTokenRules = json_decode($sDecryptedToken, true);
if (!is_array($aTokenRules)) if (!is_array($aTokenRules))
@@ -577,6 +577,13 @@ class ContextManipulatorHelper
return $aTokenRules; return $aTokenRules;
} }
private static function base64url_encode($sData) {
return rtrim(strtr(base64_encode($sData), '+/', '-_'), '=');
}
private static function base64url_decode($sData) {
return base64_decode(str_pad(strtr($sData, '-_', '+/'), strlen($sData) % 4, '=', STR_PAD_RIGHT));
}
/** /**
* @return string * @return string