OpenConext /
Stepup-Gateway
| @@ 28-108 (lines=81) @@ | ||
| 25 | use Symfony\Component\HttpFoundation\Request; |
|
| 26 | use Symfony\Component\Validator\Validator\ValidatorInterface; |
|
| 27 | ||
| 28 | class SignRequestParamConverter implements ParamConverterInterface |
|
| 29 | { |
|
| 30 | /** |
|
| 31 | * @var ValidatorInterface |
|
| 32 | */ |
|
| 33 | private $validator; |
|
| 34 | ||
| 35 | public function __construct(ValidatorInterface $validator) |
|
| 36 | { |
|
| 37 | $this->validator = $validator; |
|
| 38 | } |
|
| 39 | ||
| 40 | /** |
|
| 41 | * Stores the object in the request. |
|
| 42 | * |
|
| 43 | * @param Request $request The request |
|
| 44 | * @param ParamConverter $configuration Contains the name, class and options of the object |
|
| 45 | * |
|
| 46 | * @return bool True if the object has been successfully set, else false |
|
| 47 | * |
|
| 48 | * @SuppressWarnings(PHPMD.NPathComplexity) -- Simply a lot of isset() calls. |
|
| 49 | */ |
|
| 50 | public function apply(Request $request, ParamConverter $configuration) |
|
| 51 | { |
|
| 52 | $name = $configuration->getName(); |
|
| 53 | ||
| 54 | $json = $request->getContent(); |
|
| 55 | $object = json_decode($json, true); |
|
| 56 | ||
| 57 | $errors = []; |
|
| 58 | ||
| 59 | if (!isset($object['authentication'])) { |
|
| 60 | $errors[] = sprintf('Missing parameter "authentication"'); |
|
| 61 | } |
|
| 62 | ||
| 63 | if (!isset($object['authentication']['request'])) { |
|
| 64 | $errors[] = sprintf('Missing parameter "authentication.request"'); |
|
| 65 | } else { |
|
| 66 | $actualPropertyNames = array_keys($object['authentication']['request']); |
|
| 67 | $expectedPropertyNames = ['app_id', 'challenge', 'version', 'key_handle']; |
|
| 68 | $missingPropertyNames = array_diff($expectedPropertyNames, $actualPropertyNames); |
|
| 69 | $extraneousPropertyNames = array_diff($actualPropertyNames, $expectedPropertyNames); |
|
| 70 | ||
| 71 | if (count($missingPropertyNames)) { |
|
| 72 | $errors[] = sprintf('Missing authentication request properties: %s', join(', ', $missingPropertyNames)); |
|
| 73 | } |
|
| 74 | ||
| 75 | if (count($extraneousPropertyNames)) { |
|
| 76 | $errors[] = sprintf( |
|
| 77 | 'Extraneous authentication request properties: %s', |
|
| 78 | join(', ', $extraneousPropertyNames) |
|
| 79 | ); |
|
| 80 | } |
|
| 81 | } |
|
| 82 | ||
| 83 | if (count($errors) > 0) { |
|
| 84 | throw new BadJsonRequestException($errors); |
|
| 85 | } |
|
| 86 | ||
| 87 | $signRequest = new SignRequest(); |
|
| 88 | $signRequest->appId = $object['authentication']['request']['app_id']; |
|
| 89 | $signRequest->challenge = $object['authentication']['request']['challenge']; |
|
| 90 | $signRequest->version = $object['authentication']['request']['version']; |
|
| 91 | $signRequest->keyHandle = $object['authentication']['request']['key_handle']; |
|
| 92 | ||
| 93 | $violations = $this->validator->validate($signRequest); |
|
| 94 | ||
| 95 | if (count($violations) > 0) { |
|
| 96 | throw BadJsonRequestException::createForViolationsAndErrors($violations, $name, []); |
|
| 97 | } |
|
| 98 | ||
| 99 | $request->attributes->set($name, $signRequest); |
|
| 100 | ||
| 101 | return true; |
|
| 102 | } |
|
| 103 | ||
| 104 | public function supports(ParamConverter $configuration) |
|
| 105 | { |
|
| 106 | return $configuration->getClass() === 'Surfnet\StepupU2fBundle\Dto\SignRequest'; |
|
| 107 | } |
|
| 108 | } |
|
| 109 | ||
| @@ 28-111 (lines=84) @@ | ||
| 25 | use Symfony\Component\HttpFoundation\Request; |
|
| 26 | use Symfony\Component\Validator\Validator\ValidatorInterface; |
|
| 27 | ||
| 28 | class SignResponseParamConverter implements ParamConverterInterface |
|
| 29 | { |
|
| 30 | /** |
|
| 31 | * @var ValidatorInterface |
|
| 32 | */ |
|
| 33 | private $validator; |
|
| 34 | ||
| 35 | public function __construct(ValidatorInterface $validator) |
|
| 36 | { |
|
| 37 | $this->validator = $validator; |
|
| 38 | } |
|
| 39 | ||
| 40 | /** |
|
| 41 | * Stores the object in the request. |
|
| 42 | * |
|
| 43 | * @param Request $request The request |
|
| 44 | * @param ParamConverter $configuration Contains the name, class and options of the object |
|
| 45 | * |
|
| 46 | * @return bool True if the object has been successfully set, else false |
|
| 47 | * |
|
| 48 | * @SuppressWarnings(PHPMD.NPathComplexity) -- Simply a lot of isset() calls. |
|
| 49 | */ |
|
| 50 | public function apply(Request $request, ParamConverter $configuration) |
|
| 51 | { |
|
| 52 | $name = $configuration->getName(); |
|
| 53 | ||
| 54 | $json = $request->getContent(); |
|
| 55 | $object = json_decode($json, true); |
|
| 56 | ||
| 57 | $errors = []; |
|
| 58 | ||
| 59 | if (!isset($object['authentication'])) { |
|
| 60 | $errors[] = sprintf('Missing parameter "authentication"'); |
|
| 61 | } |
|
| 62 | ||
| 63 | if (!isset($object['authentication']['response'])) { |
|
| 64 | $errors[] = sprintf('Missing parameter "authentication.response"'); |
|
| 65 | } else { |
|
| 66 | $actualPropertyNames = array_keys($object['authentication']['response']); |
|
| 67 | $expectedPropertyNames = ['error_code', 'client_data', 'signature_data', 'key_handle']; |
|
| 68 | $missingPropertyNames = array_diff($expectedPropertyNames, $actualPropertyNames); |
|
| 69 | $extraneousPropertyNames = array_diff($actualPropertyNames, $expectedPropertyNames); |
|
| 70 | ||
| 71 | if (count($missingPropertyNames)) { |
|
| 72 | $errors[] = sprintf( |
|
| 73 | 'Missing authentication response properties: %s', |
|
| 74 | join(', ', $missingPropertyNames) |
|
| 75 | ); |
|
| 76 | } |
|
| 77 | ||
| 78 | if (count($extraneousPropertyNames)) { |
|
| 79 | $errors[] = sprintf( |
|
| 80 | 'Extraneous authentication response properties: %s', |
|
| 81 | join(', ', $extraneousPropertyNames) |
|
| 82 | ); |
|
| 83 | } |
|
| 84 | } |
|
| 85 | ||
| 86 | if (count($errors) > 0) { |
|
| 87 | throw new BadJsonRequestException($errors); |
|
| 88 | } |
|
| 89 | ||
| 90 | $signResponse = new SignResponse(); |
|
| 91 | $signResponse->errorCode = $object['authentication']['response']['error_code']; |
|
| 92 | $signResponse->clientData = $object['authentication']['response']['client_data']; |
|
| 93 | $signResponse->signatureData = $object['authentication']['response']['signature_data']; |
|
| 94 | $signResponse->keyHandle = $object['authentication']['response']['key_handle']; |
|
| 95 | ||
| 96 | $violations = $this->validator->validate($signResponse); |
|
| 97 | ||
| 98 | if (count($violations) > 0) { |
|
| 99 | throw BadJsonRequestException::createForViolationsAndErrors($violations, $name, []); |
|
| 100 | } |
|
| 101 | ||
| 102 | $request->attributes->set($name, $signResponse); |
|
| 103 | ||
| 104 | return true; |
|
| 105 | } |
|
| 106 | ||
| 107 | public function supports(ParamConverter $configuration) |
|
| 108 | { |
|
| 109 | return $configuration->getClass() === 'Surfnet\StepupU2fBundle\Dto\SignResponse'; |
|
| 110 | } |
|
| 111 | } |
|
| 112 | ||
