diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch '5.1' into 5.2

Browse Source 
* 5.1:
  [Notifier] [OvhCloud] “Invalid signature” for message with slashes
This commit is contained in:
Oskar Stark 2021-01-21 20:03:15 +01:00
commit b5af0083de
2 changed files with 41 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Symfony/Component/Notifier/Bridge/OvhCloud/OvhCloudTransport.php
View File

@ -76,14 +76,16 @@ final class OvhCloudTransport extends AbstractTransport
$now = time() + $this->calculateTimeDelta();
$headers['X-Ovh-Application'] = $this->applicationKey;
$headers['X-Ovh-Timestamp'] = $now;
$headers['Content-Type'] = 'application/json';
$toSign = $this->applicationSecret.'+'.$this->consumerKey.'+POST+'.$endpoint.'+'.json_encode($content, \JSON_UNESCAPED_SLASHES).'+'.$now;
$body = json_encode($content, \JSON_UNESCAPED_SLASHES);
$toSign = $this->applicationSecret.'+'.$this->consumerKey.'+POST+'.$endpoint.'+'.$body.'+'.$now;
$headers['X-Ovh-Consumer'] = $this->consumerKey;
$headers['X-Ovh-Signature'] = '$1$'.sha1($toSign);
$response = $this->client->request('POST', $endpoint, [
'headers' => $headers,
'json' => $content,
'body' => $body,
]);
if (200 !== $response->getStatusCode()) {

37
src/Symfony/Component/Notifier/Bridge/OvhCloud/Tests/OvhCloudTransportTest.php
View File

@ -11,6 +11,8 @@
namespace Symfony\Component\Notifier\Bridge\OvhCloud\Tests;
use Symfony\Component\HttpClient\MockHttpClient;
use Symfony\Component\HttpClient\Response\MockResponse;
use Symfony\Component\Notifier\Bridge\OvhCloud\OvhCloudTransport;
use Symfony\Component\Notifier\Message\ChatMessage;
use Symfony\Component\Notifier\Message\MessageInterface;
@ -44,4 +46,39 @@ final class OvhCloudTransportTest extends TransportTestCase
yield [new ChatMessage('Hello!')];
yield [$this->createMock(MessageInterface::class)];
}
public function validMessagesProvider(): iterable
{
yield 'without a slash' => ['hello'];
yield 'including a slash' => ['hel/lo'];
}
/**
* @group time-sensitive
*
* @dataProvider validMessagesProvider
*/
public function testValidSignature(string $message)
{
$smsMessage = new SmsMessage('0611223344', $message);
$time = time();
$lastResponse = new MockResponse();
$responses = [
new MockResponse((string) $time),
$lastResponse,
];
$transport = $this->createTransport(new MockHttpClient($responses));
$transport->send($smsMessage);
$body = $lastResponse->getRequestOptions()['body'];
$headers = $lastResponse->getRequestOptions()['headers'];
$signature = explode(': ', $headers[4])[1];
$endpoint = 'https://eu.api.ovh.com/1.0/sms/serviceName/jobs';
$toSign = 'applicationSecret+consumerKey+POST+'.$endpoint.'+'.$body.'+'.$time;
$this->assertSame('$1$'.sha1($toSign), $signature);
}
}