Fix on OIDC session status check

added more logging info fixed toString missing call method Change-Id: Ife6d4105db5294d132d7c2d350cc88ffce9e1fc6
2018-08-07 11:32:30 -03:00 · 2018-08-07 11:32:30 -03:00 · a5ada7d3a6
parent 39dc4cb20a
commit a5ada7d3a6
2 changed files with 27 additions and 6 deletions
--- a/app/libs/OAuth2/GrantTypes/InteractiveGrantType.php
+++ b/app/libs/OAuth2/GrantTypes/InteractiveGrantType.php
@ -323,10 +323,30 @@ abstract class InteractiveGrantType extends AbstractGrantType
     * @param string $session_id
     * @return string
     */
-    static public function getSessionState($origin, $client_id, $session_id)
+    public function getSessionState($origin, $client_id, $session_id)
    {
-        $salt          = bin2hex(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM));
-        $session_state = hash('sha256', "{$client_id}{$origin}{$session_id}{$salt}") . '.' . $salt;
+        $this->log_service->info(sprintf(
+            "InteractiveGrantType::getSessionState origin %s client_id %s session_id %s",
+            $origin,
+            $client_id,
+            $session_id
+        ));
+        $salt    = bin2hex(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM));
+        $message = "{$client_id}{$origin}{$session_id}{$salt}";
+        $this->log_service->info(sprintf(
+            "InteractiveGrantType::getSessionState message %s",
+            $message
+        ));
+        $hash = hash('sha256', $message);
+        $this->log_service->info(sprintf(
+            "InteractiveGrantType::getSessionState hash %s",
+            $hash
+        ));
+        $session_state = $hash. '.' . $salt;
+        $this->log_service->info(sprintf(
+            "InteractiveGrantType::getSessionState session_state %s",
+            $session_state
+        ));
        return $session_state;
    }

--- a/public/assets/js/oauth2/session/check.session.js
+++ b/public/assets/js/oauth2/session/check.session.js
@ -1,12 +1,13 @@
 (function( $ ){

    /**
-     * @param string value
+     * @param string message
     * @returns string
     */
-    function hash(value)
+    function hash(message)
    {
-        var hash = CryptoJS.SHA256(value);
+        var hash = CryptoJS.SHA256(message).toString();
+        console.log('calculated hash '+hash+' from message '+message);
        return hash;
    }