francis94c /
ci-rest
@@ -142,7 +142,7 @@ |
||
| 142 | 142 | $auths = null; |
| 143 | 143 | foreach ($uri_auths as $uri => $auth_array) { |
| 144 | 144 | // Convert wildcards to RegEx. |
| 145 | - $uri = str_replace(array(':any', ':num'), array('[^/]+', '[0-9]+'), $uri); |
|
| 145 | + $uri = str_replace(array(':any', ':num'), array('[^/]+', '[0-9]+'), $uri); |
|
| 146 | 146 | if (preg_match('#^'.$uri.'$#', uri_string())) $auths = $auth_array; // Assign Authentication Steps. |
| 147 | 147 | break; |
| 148 | 148 | } |
@@ -138,16 +138,24 @@ discard block |
||
| 138 | 138 | // Match Auth Routes. |
| 139 | 139 | // The below algorithm is similar to the one Code Igniter uses in its |
| 140 | 140 | // Routing Class. |
| 141 | - if ($uri_auths == null || !is_array($uri_auths)) return; |
|
| 141 | + if ($uri_auths == null || !is_array($uri_auths)) { |
|
| 142 | + return; |
|
| 143 | + } |
|
| 142 | 144 | $auths = null; |
| 143 | 145 | foreach ($uri_auths as $uri => $auth_array) { |
| 144 | 146 | // Convert wildcards to RegEx. |
| 145 | 147 | $uri = str_replace(array(':any', ':num'), array('[^/]+', '[0-9]+'), $uri); |
| 146 | - if (preg_match('#^'.$uri.'$#', uri_string())) $auths = $auth_array; // Assign Authentication Steps. |
|
| 148 | + if (preg_match('#^'.$uri.'$#', uri_string())) { |
|
| 149 | + $auths = $auth_array; |
|
| 150 | + } |
|
| 151 | + // Assign Authentication Steps. |
|
| 147 | 152 | break; |
| 148 | 153 | } |
| 149 | 154 | //$auths = $this->ci->config->item('rest')['uri_auth'][uri_string()] ?? null; |
| 150 | - if ($auths == null) return; // No authentication(s) to acrry out. |
|
| 155 | + if ($auths == null) { |
|
| 156 | + return; |
|
| 157 | + } |
|
| 158 | + // No authentication(s) to acrry out. |
|
| 151 | 159 | // $this->process_auth() terminates the script if authentication fails |
| 152 | 160 | // It will call the callable in the rest.php config file under |
| 153 | 161 | // response_callbacks which matches the necesarry RESTResponse constant |
@@ -157,7 +165,9 @@ discard block |
||
| 157 | 165 | $this->process_auth($auths); |
| 158 | 166 | return; |
| 159 | 167 | } |
| 160 | - foreach ($auths as $auth) $this->process_auth($auth); |
|
| 168 | + foreach ($auths as $auth) { |
|
| 169 | + $this->process_auth($auth); |
|
| 170 | + } |
|
| 161 | 171 | } |
| 162 | 172 | /** |
| 163 | 173 | * [process_auth description] |
@@ -202,8 +212,14 @@ discard block |
||
| 202 | 212 | private function basic_auth():void { |
| 203 | 213 | $username = $_SERVER['PHP_AUTH_USER'] ?? null; |
| 204 | 214 | $password = $_SERVER['PHP_AUTH_PW'] ?? null; |
| 205 | - if (!$username || !$password) $this->handle_response(RESTResponse::BAD_REQUEST, RESTAuth::BASIC); // Exits. |
|
| 206 | - if (!$this->rest_model->basicAuth($this, $username, $password)) $this->handle_response(RESTResponse::UN_AUTHORIZED, RESTAuth::BASIC); // Exits. |
|
| 215 | + if (!$username || !$password) { |
|
| 216 | + $this->handle_response(RESTResponse::BAD_REQUEST, RESTAuth::BASIC); |
|
| 217 | + } |
|
| 218 | + // Exits. |
|
| 219 | + if (!$this->rest_model->basicAuth($this, $username, $password)) { |
|
| 220 | + $this->handle_response(RESTResponse::UN_AUTHORIZED, RESTAuth::BASIC); |
|
| 221 | + } |
|
| 222 | + // Exits. |
|
| 207 | 223 | } |
| 208 | 224 | /** |
| 209 | 225 | * [api_key_auth description] |
@@ -263,7 +279,9 @@ discard block |
||
| 263 | 279 | // Trunctate Rate Limit Data. |
| 264 | 280 | $this->rest_model->truncateRatelimitData(); |
| 265 | 281 | // Check Whitelist. |
| 266 | - if (in_array($this->ci->input->ip_address(), $this->whitelist)) return; |
|
| 282 | + if (in_array($this->ci->input->ip_address(), $this->whitelist)) { |
|
| 283 | + return; |
|
| 284 | + } |
|
| 267 | 285 | // Should we acyually Limit? |
| 268 | 286 | if ($this->ip_per_hour > 0) { |
| 269 | 287 | $client = hash('md5', $this->ci->input->ip_address()); |
@@ -339,7 +357,9 @@ discard block |
||
| 339 | 357 | if (isset($this->ci->config->item('rest')['response_callbacks'][$code])) { |
| 340 | 358 | $this->ci->config->item('rest')['response_callbacks'][$code]($auth); |
| 341 | 359 | } |
| 342 | - if (ENVIRONMENT != 'testing') exit($code); |
|
| 360 | + if (ENVIRONMENT != 'testing') { |
|
| 361 | + exit($code); |
|
| 362 | + } |
|
| 343 | 363 | throw new Exception("Error $code in $auth", $code); |
| 344 | 364 | } |
| 345 | 365 | } |
@@ -83,7 +83,7 @@ discard block |
||
| 83 | 83 | * [PACKAGE description] |
| 84 | 84 | * @var string |
| 85 | 85 | */ |
| 86 | - const PACKAGE = "francis94c/ci-rest"; |
|
| 86 | + const PACKAGE = "francis94c/ci-rest"; |
|
| 87 | 87 | /** |
| 88 | 88 | * [RATE_LIMIT description] |
| 89 | 89 | * @var string |
@@ -97,8 +97,8 @@ discard block |
||
| 97 | 97 | * @param array|null $params Initialization parameters from the Slint system. |
| 98 | 98 | * There's no use for this arg yet. |
| 99 | 99 | */ |
| 100 | - function __construct($params=null) { |
|
| 101 | - $this->ci =& get_instance(); |
|
| 100 | + function __construct($params = null) { |
|
| 101 | + $this->ci = & get_instance(); |
|
| 102 | 102 | // Load Config If Exists. |
| 103 | 103 | $this->ci->config->load('rest', true, true); |
| 104 | 104 | // Load Database. |
@@ -109,7 +109,7 @@ discard block |
||
| 109 | 109 | $this->ci->load->helper('rest'); |
| 110 | 110 | // Load Model. |
| 111 | 111 | $this->ci->load->splint(self::PACKAGE, '*RESTModel', 'rest_model'); |
| 112 | - $this->rest_model =& $this->ci->rest_model; |
|
| 112 | + $this->rest_model = & $this->ci->rest_model; |
|
| 113 | 113 | $config = [ |
| 114 | 114 | 'users_table' => $this->ci->config->item('rest')['basic_auth']['users_table'] ?? null, |
| 115 | 115 | 'users_id_column' => $this->ci->config->item('rest')['basic_auth']['id_column'] ?? null, |
@@ -198,7 +198,7 @@ discard block |
||
| 198 | 198 | /** |
| 199 | 199 | * [bearer_auth description] |
| 200 | 200 | */ |
| 201 | - private function bearer_auth($auth=RESTAuth::BEARER):void { |
|
| 201 | + private function bearer_auth($auth = RESTAuth::BEARER):void { |
|
| 202 | 202 | $authorization = $this->get_authorization_header(); |
| 203 | 203 | if ($authorization == null || substr_count($authorization, " ") != 1) { |
| 204 | 204 | $this->handle_response(RESTResponse::BAD_REQUEST, $auth); // Exits. |
@@ -231,11 +231,11 @@ discard block |
||
| 231 | 231 | * [api_key_auth description] |
| 232 | 232 | */ |
| 233 | 233 | private function api_key_auth():void { |
| 234 | - if (!isset($_SERVER['HTTP_' . str_replace("-", "_", $this->apiKeyHeader)])) { |
|
| 234 | + if (!isset($_SERVER['HTTP_'.str_replace("-", "_", $this->apiKeyHeader)])) { |
|
| 235 | 235 | $this->handle_response(RESTResponse::BAD_REQUEST, RESTAuth::API_KEY); // Exits. |
| 236 | 236 | } |
| 237 | 237 | $apiKey = $this->rest_model->getAPIKeyData( |
| 238 | - $_SERVER['HTTP_' . str_replace("-", "_", $this->apiKeyHeader)] |
|
| 238 | + $_SERVER['HTTP_'.str_replace("-", "_", $this->apiKeyHeader)] |
|
| 239 | 239 | ); |
| 240 | 240 | if ($apiKey == null) { |
| 241 | 241 | $this->handle_response(RESTResponse::UN_AUTHORIZED, RESTAuth::API_KEY); // Exits. |
@@ -251,7 +251,7 @@ discard block |
||
| 251 | 251 | } |
| 252 | 252 | // Should we acyually Limit? |
| 253 | 253 | if ($this->per_hour > 0) { |
| 254 | - $client = hash('md5', $this->ci->input->ip_address() . "%" . $apiKey[$this->api_key_column]); |
|
| 254 | + $client = hash('md5', $this->ci->input->ip_address()."%".$apiKey[$this->api_key_column]); |
|
| 255 | 255 | $limitData = $this->rest_model->getLimitData($client, '_api_keyed_user'); |
| 256 | 256 | if ($limitData == null) { |
| 257 | 257 | $limitData = []; |
@@ -334,7 +334,7 @@ discard block |
||
| 334 | 334 | * [get_authorization_header description] |
| 335 | 335 | * @return [type] [description] |
| 336 | 336 | */ |
| 337 | - private function get_authorization_header():?string { |
|
| 337 | + private function get_authorization_header(): ?string { |
|
| 338 | 338 | if (isset($_SERVER['Authorization'])) { |
| 339 | 339 | return trim($_SERVER["Authorization"]); |
| 340 | 340 | } else if (isset($_SERVER['HTTP_AUTHORIZATION'])) { //Nginx or fast CGI |
@@ -355,7 +355,7 @@ discard block |
||
| 355 | 355 | * [handle_response description] |
| 356 | 356 | * @param int $code [description] |
| 357 | 357 | */ |
| 358 | - private function handle_response(int $code, $auth=null):void { |
|
| 358 | + private function handle_response(int $code, $auth = null):void { |
|
| 359 | 359 | http_response_code($code); |
| 360 | 360 | header("Content-Type: application/json"); |
| 361 | 361 | if (isset($this->ci->config->item('rest')['response_callbacks'][$code])) { |
@@ -94,7 +94,7 @@ discard block |
||
| 94 | 94 | * @param string $apiKey [description] |
| 95 | 95 | * @return array [description] |
| 96 | 96 | */ |
| 97 | - public function getAPIKeyData(string $apiKey):?array { |
|
| 97 | + public function getAPIKeyData(string $apiKey): ?array { |
|
| 98 | 98 | // Preliminary Check. |
| 99 | 99 | if ($this->api_key_table == null || $this->api_key_column == null) return null; |
| 100 | 100 | // Query. |
@@ -120,7 +120,7 @@ discard block |
||
| 120 | 120 | * @param string $group [description] |
| 121 | 121 | * @return [type] [description] |
| 122 | 122 | */ |
| 123 | - public function getLimitData(string $client, string $group):?array { |
|
| 123 | + public function getLimitData(string $client, string $group): ?array { |
|
| 124 | 124 | $sql = 'SELECT count, start, (`start` + INTERVAL (1 - TIMESTAMPDIFF(HOUR, UTC_TIMESTAMP(), NOW())) HOUR) AS reset_epoch FROM rest_api_rate_limit WHERE client = ? AND _group = ?'; |
| 125 | 125 | $query = $this->db->query($sql, [$client, $group]); |
| 126 | 126 | if (!is_scalar($query) && $query->num_rows() > 0) return $query->result_array()[0]; |
@@ -81,10 +81,14 @@ discard block |
||
| 81 | 81 | $this->db->or_where($this->users_username_column, $username); |
| 82 | 82 | } |
| 83 | 83 | $query = $this->db->get(); |
| 84 | - if ($query->num_rows() == 0) return false; |
|
| 84 | + if ($query->num_rows() == 0) { |
|
| 85 | + return false; |
|
| 86 | + } |
|
| 85 | 87 | // Authenticate. |
| 86 | 88 | if (password_verify($password, $query->result()[0]->{$this->users_password_column})) { |
| 87 | - if ($this->users_id_column != null) $context->userId = $query->result()[0]->{$this->users_id_column}; |
|
| 89 | + if ($this->users_id_column != null) { |
|
| 90 | + $context->userId = $query->result()[0]->{$this->users_id_column}; |
|
| 91 | + } |
|
| 88 | 92 | return true; |
| 89 | 93 | } |
| 90 | 94 | return false; |
@@ -96,15 +100,21 @@ discard block |
||
| 96 | 100 | */ |
| 97 | 101 | public function getAPIKeyData(string $apiKey):?array { |
| 98 | 102 | // Preliminary Check. |
| 99 | - if ($this->api_key_table == null || $this->api_key_column == null) return null; |
|
| 103 | + if ($this->api_key_table == null || $this->api_key_column == null) { |
|
| 104 | + return null; |
|
| 105 | + } |
|
| 100 | 106 | // Query. |
| 101 | 107 | $this->db->select($this->api_key_column); |
| 102 | - if ($this->api_key_limit_column != null) $this->db->select($this->api_key_limit_column); |
|
| 108 | + if ($this->api_key_limit_column != null) { |
|
| 109 | + $this->db->select($this->api_key_limit_column); |
|
| 110 | + } |
|
| 103 | 111 | $this->db->from($this->api_key_table); |
| 104 | 112 | $this->db->where($this->api_key_column, $apiKey); |
| 105 | 113 | $query = $this->db->get(); |
| 106 | 114 | // Process Result. |
| 107 | - if ($query->num_rows() > 0) return $query->result_array()[0]; |
|
| 115 | + if ($query->num_rows() > 0) { |
|
| 116 | + return $query->result_array()[0]; |
|
| 117 | + } |
|
| 108 | 118 | return null; |
| 109 | 119 | } |
| 110 | 120 | /** |
@@ -123,7 +133,9 @@ discard block |
||
| 123 | 133 | public function getLimitData(string $client, string $group):?array { |
| 124 | 134 | $sql = 'SELECT count, start, (`start` + INTERVAL (1 - TIMESTAMPDIFF(HOUR, UTC_TIMESTAMP(), NOW())) HOUR) AS reset_epoch FROM rest_api_rate_limit WHERE client = ? AND _group = ?'; |
| 125 | 135 | $query = $this->db->query($sql, [$client, $group]); |
| 126 | - if (!is_scalar($query) && $query->num_rows() > 0) return $query->result_array()[0]; |
|
| 136 | + if (!is_scalar($query) && $query->num_rows() > 0) { |
|
| 137 | + return $query->result_array()[0]; |
|
| 138 | + } |
|
| 127 | 139 | return null; |
| 128 | 140 | } |
| 129 | 141 | /** |
@@ -22,10 +22,10 @@ discard block |
||
| 22 | 22 | * @covers JWT::__construct |
| 23 | 23 | */ |
| 24 | 24 | public static function setUpBeforeClass(): void { |
| 25 | - self::$ci =& get_instance(); |
|
| 25 | + self::$ci = & get_instance(); |
|
| 26 | 26 | self::$ci->load->database('mysqli://root@localhost/test_db'); |
| 27 | 27 | self::$ci->load->helper("url"); |
| 28 | - $queries = explode("#@@@", file_get_contents(FCPATH . 'application/splints/' . self::PACKAGE . '/phpunit/database.sql')); |
|
| 28 | + $queries = explode("#@@@", file_get_contents(FCPATH.'application/splints/'.self::PACKAGE.'/phpunit/database.sql')); |
|
| 29 | 29 | self::assertTrue(count($queries) > 0); |
| 30 | 30 | self::$ci->load->database(); |
| 31 | 31 | foreach ($queries as $query) { |
@@ -41,7 +41,7 @@ discard block |
||
| 41 | 41 | // However, for the purpose of this test, we are going to Hack Code CodeIgniter |
| 42 | 42 | // with a Splint Config variable to allow us load config files from where |
| 43 | 43 | // ever we want. This happens below. |
| 44 | - self::$ci->load->add_package_path(APPPATH . 'splints/' . self::PACKAGE . "/phpunit/"); |
|
| 44 | + self::$ci->load->add_package_path(APPPATH.'splints/'.self::PACKAGE."/phpunit/"); |
|
| 45 | 45 | //self::$ci->config->set_item('st_config_path_prefix', '../splints/' . self::PACKAGE . "/phpunit/config/"); |
| 46 | 46 | } |
| 47 | 47 | /** |
@@ -58,7 +58,7 @@ discard block |
||
| 58 | 58 | $_SERVER['PHP_AUTH_PW'] = "012345678901234567890"; |
| 59 | 59 | self::$ci->config->set_item('expected_uri', 'basic/auth'); |
| 60 | 60 | self::$ci->config->set_item('expected_auth', RESTAuth::BASIC); |
| 61 | - $this->expectExceptionMessage('Error ' . RESTResponse::UN_AUTHORIZED . ' in ' . RESTAuth::BASIC); |
|
| 61 | + $this->expectExceptionMessage('Error '.RESTResponse::UN_AUTHORIZED.' in '.RESTAuth::BASIC); |
|
| 62 | 62 | self::$ci->load->splint(self::PACKAGE, '+REST', null, 'basic_rest_2'); |
| 63 | 63 | } |
| 64 | 64 | /** |
@@ -22,10 +22,10 @@ |
||
| 22 | 22 | * @covers JWT::__construct |
| 23 | 23 | */ |
| 24 | 24 | public static function setUpBeforeClass(): void { |
| 25 | - self::$ci =& get_instance(); |
|
| 25 | + self::$ci = & get_instance(); |
|
| 26 | 26 | self::$ci->load->database('mysqli://root@localhost/test_db'); |
| 27 | 27 | self::$ci->load->helper("url"); |
| 28 | - $queries = explode("#@@@", file_get_contents(FCPATH . 'application/splints/' . self::PACKAGE . '/phpunit/database.sql')); |
|
| 28 | + $queries = explode("#@@@", file_get_contents(FCPATH.'application/splints/'.self::PACKAGE.'/phpunit/database.sql')); |
|
| 29 | 29 | self::assertTrue(count($queries) > 0); |
| 30 | 30 | self::$ci->load->database(); |
| 31 | 31 | foreach ($queries as $query) { |
@@ -11,19 +11,19 @@ discard block |
||
| 11 | 11 | |
| 12 | 12 | $config['auth_callbacks'] = [ |
| 13 | 13 | |
| 14 | - RESTAuth::CUSTOM('X-APP-ID') => function (&$context, $value):bool { |
|
| 14 | + RESTAuth::CUSTOM('X-APP-ID') => function(&$context, $value):bool { |
|
| 15 | 15 | return true; |
| 16 | 16 | }, |
| 17 | 17 | |
| 18 | - RESTAuth::CUSTOM('X-DEVICE-ID') => function (&$context, $value):bool { |
|
| 18 | + RESTAuth::CUSTOM('X-DEVICE-ID') => function(&$context, $value):bool { |
|
| 19 | 19 | return true; |
| 20 | 20 | }, |
| 21 | 21 | |
| 22 | - RESTAuth::BEARER => function (&$context, $token):bool { |
|
| 22 | + RESTAuth::BEARER => function(&$context, $token):bool { |
|
| 23 | 23 | return true; |
| 24 | 24 | }, |
| 25 | 25 | |
| 26 | - RESTAuth::OAUTH2 => function (&$context, $token):bool { |
|
| 26 | + RESTAuth::OAUTH2 => function(&$context, $token):bool { |
|
| 27 | 27 | return true; |
| 28 | 28 | } |
| 29 | 29 | |
@@ -38,8 +38,8 @@ discard block |
||
| 38 | 38 | }, |
| 39 | 39 | |
| 40 | 40 | RESTResponse::UN_AUTHORIZED => function(&$auth):void { |
| 41 | - $ci =& get_instance(); |
|
| 42 | - Assert::assertTrue(uri_string() == $ci->config->item('expected_uri')&& $auth == $ci->config->item('expected_auth')); |
|
| 41 | + $ci = & get_instance(); |
|
| 42 | + Assert::assertTrue(uri_string() == $ci->config->item('expected_uri') && $auth == $ci->config->item('expected_auth')); |
|
| 43 | 43 | }, |
| 44 | 44 | |
| 45 | 45 | RESTResponse::NOT_ACCEPTABLE => function(&$auth):void { |
@@ -6,7 +6,7 @@ discard block |
||
| 6 | 6 | * [BasicAuth description] |
| 7 | 7 | * @var string |
| 8 | 8 | */ |
| 9 | - const BASIC = "Basic"; |
|
| 9 | + const BASIC = "Basic"; |
|
| 10 | 10 | /** |
| 11 | 11 | * [API_KEY description] |
| 12 | 12 | * @var string |
@@ -16,17 +16,17 @@ discard block |
||
| 16 | 16 | * [BEARER description] |
| 17 | 17 | * @var string |
| 18 | 18 | */ |
| 19 | - const BEARER = "Bearer"; |
|
| 19 | + const BEARER = "Bearer"; |
|
| 20 | 20 | /** |
| 21 | 21 | * [OAUTH2 description] |
| 22 | 22 | * @var string |
| 23 | 23 | */ |
| 24 | - const OAUTH2 = "OAUTH2"; |
|
| 24 | + const OAUTH2 = "OAUTH2"; |
|
| 25 | 25 | /** |
| 26 | 26 | * [IP description] |
| 27 | 27 | * @var string |
| 28 | 28 | */ |
| 29 | - const IP = "IP"; |
|
| 29 | + const IP = "IP"; |
|
| 30 | 30 | /** |
| 31 | 31 | * [CUSTOM description] |
| 32 | 32 | * @param string $header [description] |
@@ -61,7 +61,9 @@ |
||
| 61 | 61 | { |
| 62 | 62 | http_response_code($this->code); |
| 63 | 63 | |
| 64 | - if ($data != null) echo !$this->json ? $this->data : json_encode($this->data); |
|
| 64 | + if ($data != null) { |
|
| 65 | + echo !$this->json ? $this->data : json_encode($this->data); |
|
| 66 | + } |
|
| 65 | 67 | |
| 66 | 68 | if (get_instance()->config->item('rest')['response_exit'] ?? true) { |
| 67 | 69 | exit(EXIT_SUCCESS); |
