|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* Copyright (C) 2016 SURFnet. |
|
4
|
|
|
* |
|
5
|
|
|
* This program is free software: you can redistribute it and/or modify |
|
6
|
|
|
* it under the terms of the GNU Affero General Public License as |
|
7
|
|
|
* published by the Free Software Foundation, either version 3 of the |
|
8
|
|
|
* License, or (at your option) any later version. |
|
9
|
|
|
* |
|
10
|
|
|
* This program is distributed in the hope that it will be useful, |
|
11
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
12
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
13
|
|
|
* GNU Affero General Public License for more details. |
|
14
|
|
|
* |
|
15
|
|
|
* You should have received a copy of the GNU Affero General Public License |
|
16
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
17
|
|
|
*/ |
|
18
|
|
|
namespace SURFnet\VPN\Server\Api; |
|
19
|
|
|
|
|
20
|
|
|
use SURFnet\VPN\Common\Http\Exception\HttpException; |
|
21
|
|
|
|
|
22
|
|
|
class InputValidation |
|
23
|
|
|
{ |
|
24
|
|
|
const PROFILE_ID_PATTERN = '/^[a-zA-Z-_]+$/'; |
|
25
|
|
|
const COMMON_NAME_PATTERN = '/^[a-zA-Z0-9-_.@]+$/'; |
|
26
|
|
|
const USER_ID_PATTERN = '/^[a-zA-Z0-9-_.@]+$/'; |
|
27
|
|
|
const OTP_KEY_PATTERN = '/^[0-9]{6}$/'; |
|
28
|
|
|
const OTP_SECRET_PATTERN = '/^[A-Z0-9]{16}$/'; |
|
29
|
|
|
const ACCESS_TOKEN_PATTERN = '/^[\x20-\x7E]+$/'; |
|
30
|
|
|
|
|
31
|
|
View Code Duplication |
public static function commonName($commonName) |
|
|
|
|
|
|
32
|
|
|
{ |
|
33
|
|
|
if (0 === preg_match(self::COMMON_NAME_PATTERN, $commonName)) { |
|
34
|
|
|
throw new HttpException('invalid value for "common_name"', 400); |
|
35
|
|
|
} |
|
36
|
|
|
if ('..' === $commonName) { |
|
37
|
|
|
throw new HttpException('"common_name" cannot be ".."', 400); |
|
38
|
|
|
} |
|
39
|
|
|
} |
|
40
|
|
|
|
|
41
|
|
View Code Duplication |
public static function userId($userId) |
|
|
|
|
|
|
42
|
|
|
{ |
|
43
|
|
|
if (0 === preg_match(self::USER_ID_PATTERN, $userId)) { |
|
44
|
|
|
throw new HttpException('invalid value for "user_id"', 400); |
|
45
|
|
|
} |
|
46
|
|
|
if ('..' === $userId) { |
|
47
|
|
|
throw new HttpException('"user_id" cannot be ".."', 400); |
|
48
|
|
|
} |
|
49
|
|
|
} |
|
50
|
|
|
|
|
51
|
|
|
public static function disable($disable) |
|
52
|
|
|
{ |
|
53
|
|
|
if (!is_bool($disable)) { |
|
54
|
|
|
throw new HttpException('"disable" must be boolean', 400); |
|
55
|
|
|
} |
|
56
|
|
|
} |
|
57
|
|
|
|
|
58
|
|
|
public static function otpKey($otpKey) |
|
59
|
|
|
{ |
|
60
|
|
|
if (0 === preg_match(self::OTP_KEY_PATTERN, $otpKey)) { |
|
61
|
|
|
throw new HttpException('invalid OTP key format', 400); |
|
62
|
|
|
} |
|
63
|
|
|
} |
|
64
|
|
|
|
|
65
|
|
|
public static function otpSecret($otpSecret) |
|
66
|
|
|
{ |
|
67
|
|
|
if (0 === preg_match(self::OTP_SECRET_PATTERN, $otpSecret)) { |
|
68
|
|
|
throw new HttpException('invalid OTP secret format', 400); |
|
69
|
|
|
} |
|
70
|
|
|
} |
|
71
|
|
|
|
|
72
|
|
|
public static function vootToken($vootToken) |
|
73
|
|
|
{ |
|
74
|
|
|
if (!is_string($vootToken) || 0 >= mb_strlen($vootToken)) { |
|
75
|
|
|
throw new HttpException('voot token must be non-empty string', 400); |
|
76
|
|
|
} |
|
77
|
|
|
if (0 === preg_match(self::ACCESS_TOKEN_PATTERN, $vootToken)) { |
|
78
|
|
|
throw new HttpException('invalid value for "vootToken"', 400); |
|
79
|
|
|
} |
|
80
|
|
|
} |
|
81
|
|
|
|
|
82
|
|
|
public static function dateTime($dateTime) |
|
83
|
|
|
{ |
|
84
|
|
|
if (false === strtotime($dateTime)) { |
|
85
|
|
|
throw new HttpException('invalid date/time format', 400); |
|
86
|
|
|
} |
|
87
|
|
|
} |
|
88
|
|
|
|
|
89
|
|
|
public static function profileId($profileId) |
|
90
|
|
|
{ |
|
91
|
|
|
if (0 === preg_match(self::PROFILE_ID_PATTERN, $profileId)) { |
|
92
|
|
|
throw new HttpException('invalid profileId format', 400); |
|
93
|
|
|
} |
|
94
|
|
|
} |
|
95
|
|
|
|
|
96
|
|
|
public static function ipAddress($ipAddress) |
|
97
|
|
|
{ |
|
98
|
|
|
if (false === filter_var($ipAddress, FILTER_VALIDATE_IP)) { |
|
99
|
|
|
throw new HttpException('invalid IP address', 400); |
|
100
|
|
|
} |
|
101
|
|
|
} |
|
102
|
|
|
} |
|
103
|
|
|
|
eduVPN /
vpn-server-api
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.