Commit 4bfc3c29 authored by Arnaud Pauget's avatar Arnaud Pauget
Browse files

fix() : override generateToken function to prevent overload memory usage

parent ef33d335
......@@ -108,4 +108,55 @@ class serviceAccount extends \bundle\auth\Controller\serviceAccount
return $serviceAccount;
}
/**
* Generate a service account token
* @param string $serviceAccountId The service account identifier
*
* @return object The credential
*/
public function generateToken($serviceAccountId)
{
// Check userAccount exists
$currentDate = \laabs::newTimestamp();
try {
$serviceAccount = $this->sdoFactory->read('auth/account', array('accountId' => $serviceAccountId));
} catch (\Exception $e) {
throw new \core\Exception\NotFoundException("Account identified by " . $serviceAccountId . " does not exist.");
}
$accountToken = \laabs::getToken('AUTH');
$ownAccount = $this->read($accountToken->accountId);
if ($accountToken->accountId != $serviceAccountId && $this->hasSecurityLevel) {
$organization = $this->sdoFactory->read('organization/organization', $serviceAccount->ownerOrgId);
$organizations = $this->organizationController->readDescendantOrg($organization->orgId);
$organizations[] = $organization;
if (array_search($serviceAccount->ownerOrgId, array_column($organizations, 'orgId')) === false){
throw new \core\Exception\ForbiddenException("You are not allowed to modify this service account");
}
$this->checkPrivilegesAccess($ownAccount, $serviceAccount);
}
$serviceAccount->salt = md5(microtime());
$serviceAccount->tokenDate = $currentDate;
$dataToken = new \StdClass();
$dataToken->accountId = $serviceAccount->accountId;
$dataToken->salt = $serviceAccount->salt;
$token = new \core\token($dataToken, 0);
$jsonToken = \json_encode($token);
$cryptedToken = \laabs::encrypt($jsonToken, \laabs::getCryptKey());
$cookieToken = base64_encode($cryptedToken);
$serviceAccount->password = $cookieToken;
$this->sdoFactory->update($serviceAccount, 'auth/account');
var_dump(memory_get_peak_usage()); exit();
return $cookieToken;
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment