Bånder

TokenBindingService
in package

Table of Contents

Properties

$geoLocationService  : GeoLocationService
$logger  : LoggerInterface

Methods

__construct()  : mixed
cleanupExpiredTrackingData()  : int
Clean up expired tracking data (call this from a scheduled job)
generateClientFingerprint()  : string
generateSessionId()  : string
getSecurityStats()  : array<string|int, mixed>
Get security statistics for monitoring
validateTokenBinding()  : array<string|int, mixed>
checkConcurrentIpUsage()  : array<string|int, mixed>
Check if token is being used from multiple IPs concurrently This is our primary defense against token theft
isRapidIpChange()  : bool
Check if IP is changing too rapidly (possible attack)
isSuspiciousGeoJump()  : bool
Check for suspicious geographic jumps (too far, too fast)
revokeAllUserTokens()  : void
Revoke all tokens for a user (security breach response)
sendConcurrentAccessNotification()  : void
Send critical notification for concurrent access attempt
sendGeoChangeNotification()  : void
shouldNotifyGeoChange()  : bool
trackTokenIpUsage()  : void
Track token usage by IP for concurrent detection
updateTokenIpData()  : void
validateIpAddress()  : array<string|int, mixed>

Properties

$logger read-only

private LoggerInterface $logger
Tags
noinspection

PhpPropertyOnlyWrittenInspection

Attributes
#[LogChannel]
\App\Modules\Logging\Channel::Security

Methods

cleanupExpiredTrackingData()

Clean up expired tracking data (call this from a scheduled job)

public cleanupExpiredTrackingData() : int
Return values
int

generateClientFingerprint()

public generateClientFingerprint(Request $request) : string
Parameters
$request : Request
Return values
string

getSecurityStats()

Get security statistics for monitoring

public getSecurityStats() : array<string|int, mixed>
Return values
array<string|int, mixed>

checkConcurrentIpUsage()

Check if token is being used from multiple IPs concurrently This is our primary defense against token theft

private checkConcurrentIpUsage(PersonalAccessToken $token, string $currentIp) : array<string|int, mixed>
Parameters
$token : PersonalAccessToken
$currentIp : string
Return values
array<string|int, mixed>

isSuspiciousGeoJump()

Check for suspicious geographic jumps (too far, too fast)

private isSuspiciousGeoJump(PersonalAccessToken $token, array<string|int, mixed> $newLocationData) : bool
Parameters
$token : PersonalAccessToken
$newLocationData : array<string|int, mixed>
Return values
bool

revokeAllUserTokens()

Revoke all tokens for a user (security breach response)

private revokeAllUserTokens(int $userId, string $reason) : void
Parameters
$userId : int
$reason : string

sendConcurrentAccessNotification()

Send critical notification for concurrent access attempt

private sendConcurrentAccessNotification(PersonalAccessToken $token, string $currentIp, array<string|int, mixed> $concurrentIps) : void
Parameters
$token : PersonalAccessToken
$currentIp : string
$concurrentIps : array<string|int, mixed>

sendGeoChangeNotification()

private sendGeoChangeNotification(PersonalAccessToken $token, array<string|int, mixed> $locationData, string $ipAddress, Request $request) : void
Parameters
$token : PersonalAccessToken
$locationData : array<string|int, mixed>
$ipAddress : string
$request : Request 

        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results