From 74a2fd2c02e63cc54e87c96146b2d97746033e8e Mon Sep 17 00:00:00 2001
From: Vangelis Pantazis <v.pantazis@ixiam.com>
Date: Mon, 5 May 2025 15:22:25 +0200
Subject: [PATCH] modifications on the rpow

---
 rpow.php | 35 ++++++++++++++++++++++++++++-------
 1 file changed, 28 insertions(+), 7 deletions(-)

diff --git a/rpow.php b/rpow.php
index 6bb4bdd..38ae73f 100644
--- a/rpow.php
+++ b/rpow.php
@@ -28,7 +28,7 @@ function rpow_init($config = []) {
     'cookieName' => 'rpow' . substr(md5('cookie::' . $defaultCookieSigningKey), 0, 8),
     'cookieTtl' => 90,
     'stateMachine' => new CRM_Rpow_StateMachine(),
-    'debug' => 1,
+    'debug' => 0,
   ];
 
   global $civirpow;
@@ -60,25 +60,46 @@ function rpow_init($config = []) {
 }
 
 function _rpow_signer($config) {
-  return new \CRM_Utils_Signer($config['cookieSigningKey'], ['exp']);
+  if (!class_exists('CRM_Utils_Signer')) {
+    error_log('civirpow: CRM_Utils_Signer not available (autoload not ready). Skipping signature check.');
+    return null;
+  }
+
+  error_log('civirpow: CRM_Utils_Signer is available. Proceeding with signature check.');
+  return new CRM_Utils_Signer($config['cookieSigningKey'], ['exp']);
 }
 
+
 function _rpow_has_cookie($config) {
   if (isset($_COOKIE[$config['cookieName']])) {
+    error_log('civirpow: Found cookie "' . $config['cookieName'] . '"');
     $cookie = json_decode($_COOKIE[$config['cookieName']], TRUE);
+  } else {
+    error_log('civirpow: No cookie named "' . $config['cookieName'] . '" found.');
+    return FALSE;
+  }
+
+  if (!isset($cookie['exp']) || $cookie['exp'] <= time()) {
+    error_log('civirpow: Cookie expired or missing "exp" field.');
+    return FALSE;
   }
-  else {
-    $cookie = NULL;
+
+  $signer = _rpow_signer($config);
+  if (!$signer) {
+    error_log('civirpow: Skipping signature validation due to missing signer.');
+    return FALSE;
   }
 
-  if (isset($cookie['exp']) && $cookie['exp'] > time() && _rpow_signer($config)->validate($cookie['sig'], $cookie)) {
+  if ($signer->validate($cookie['sig'], $cookie)) {
+    error_log('civirpow: Cookie signature is valid.');
     return TRUE;
-  }
-  else {
+  } else {
+    error_log('civirpow: Cookie signature is INVALID.');
     return FALSE;
   }
 }
 
+
 function _rpow_update_cookie($config, $db) {
   $signer = _rpow_signer($config);
   $expires = time() + $config['cookieTtl'];