public static function getResponse($authType, $challenge, $jaxl)
{
$response = array();
$decoded = base64_decode($challenge);
$xml = '<response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">';
if ($authType == 'X-FACEBOOK-PLATFORM') {
$decoded = explode('&', $decoded);
foreach ($decoded as $k => $v) {
list($kk, $vv) = explode('=', $v);
$decoded[$kk] = $vv;
unset($decoded[$k]);
}
list($secret, $decoded['api_key'], $decoded['session_key']) = JAXLPlugin::execute('jaxl_get_facebook_key', false, $jaxl);
$decoded['call_id'] = time();
$decoded['v'] = '1.0';
$base_string = '';
foreach (array('api_key', 'call_id', 'method', 'nonce', 'session_key', 'v') as $key) {
if (isset($decoded[$key])) {
$response[$key] = $decoded[$key];
$base_string .= $key . '=' . $decoded[$key];
}
}
$base_string .= $secret;
$response['sig'] = md5($base_string);
$responseURI = '';
foreach ($response as $k => $v) {
if ($responseURI == '') {
$responseURI .= $k . '=' . urlencode($v);
} else {
$responseURI .= '&' . $k . '=' . urlencode($v);
}
}
$xml .= base64_encode($responseURI);
} else {
if ($authType == 'DIGEST-MD5') {
$decoded = JAXLUtil::explodeData($decoded);
if (!isset($decoded['digest-uri'])) {
$decoded['digest-uri'] = 'xmpp/' . $jaxl->domain;
}
$decoded['cnonce'] = base64_encode(JAXLUtil::generateNonce());
if (isset($decoded['qop']) && $decoded['qop'] != 'auth' && strpos($decoded['qop'], 'auth') !== false) {
$decoded['qop'] = 'auth';
}
$response = array('username' => $jaxl->user, 'response' => JAXLUtil::encryptPassword(array_merge($decoded, array('nc' => '00000001')), $jaxl->user, $jaxl->pass), 'charset' => 'utf-8', 'nc' => '00000001', 'qop' => 'auth');
foreach (array('nonce', 'digest-uri', 'realm', 'cnonce') as $key) {
if (isset($decoded[$key])) {
$response[$key] = $decoded[$key];
}
}
$xml .= base64_encode(JAXLUtil::implodeData($response));
} else {
if ($authType == 'SCRAM-SHA-1') {
$decoded = JAXLUtil::explodeData($decoded);
// SaltedPassword := Hi(Normalize(password), salt, i)
$saltedPasswd = JAXLUtil::pbkdf2($jaxl->pass, $decoded['s'], $decoded['i']);
// ClientKey := HMAC(SaltedPassword, "Client Key")
$clientKey = JAXLUtil::hashMD5($saltedPassword, "Client Key");
// StoredKey := H(ClientKey)
$storedKey = sha1("Client Key");
// assemble client-final-message-without-proof
$clientFinalMessage = "c=bwis,r=" . $decoded['r'];
// AuthMessage := client-first-message-bare + "," + server-first-message + "," + client-final-message-without-proof
// ClientSignature := HMAC(StoredKey, AuthMessage)
// ClientProof := ClientKey XOR ClientSignature
// ServerKey := HMAC(SaltedPassword, "Server Key")
// ServerSignature := HMAC(ServerKey, AuthMessage)
foreach (array('c', 'r', 'p') as $key) {
if (isset($decoded[$key])) {
$response[$key] = $decoded[$key];
}
}
$xml .= base64_encode(JAXLUtil::implodeData($response));
} else {
if ($authType == 'CRAM-MD5') {
$xml .= base64_encode($jaxl->user . ' ' . hash_hmac('md5', $jaxl->pass, $arr['challenge']));
}
}
}
}
$xml .= '</response>';
$jaxl->secondChallenge = true;
return $xml;
}
