[HttpClient] strengthen bearer validation
This commit is contained in:
parent
8af6395fa8
commit
e6e162075d
@ -84,8 +84,8 @@ trait HttpClientTrait
|
||||
throw new InvalidArgumentException(sprintf('Option "auth_basic" must be string or an array, %s given.', \gettype($options['auth_basic'])));
|
||||
}
|
||||
|
||||
if (!\is_string($options['auth_bearer'] ?? '')) {
|
||||
throw new InvalidArgumentException(sprintf('Option "auth_bearer" must be string, %s given.', \gettype($options['auth_bearer'])));
|
||||
if (isset($options['auth_bearer']) && (!\is_string($options['auth_bearer']) || !preg_match('{^[-._~+/0-9a-zA-Z]++=*+$}', $options['auth_bearer']))) {
|
||||
throw new InvalidArgumentException(sprintf('Option "auth_bearer" must be a string containing only characters from the base 64 alphabet, %s given.', \is_string($options['auth_bearer']) ? 'invalid string' : \gettype($options['auth_bearer'])));
|
||||
}
|
||||
|
||||
if (isset($options['auth_basic'], $options['auth_bearer'])) {
|
||||
|
@ -174,13 +174,22 @@ class HttpClientTraitTest extends TestCase
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\HttpClient\Exception\InvalidArgumentException
|
||||
* @expectedExceptionMessage Option "auth_bearer" must be string, object given.
|
||||
* @expectedExceptionMessage Option "auth_bearer" must be a string containing only characters from the base 64 alphabet, object given.
|
||||
*/
|
||||
public function testInvalidAuthBearerOption()
|
||||
{
|
||||
self::prepareRequest('POST', 'http://example.com', ['auth_bearer' => new \stdClass()], HttpClientInterface::OPTIONS_DEFAULTS);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\HttpClient\Exception\InvalidArgumentException
|
||||
* @expectedExceptionMessage Option "auth_bearer" must be a string containing only characters from the base 64 alphabet, invalid string given.
|
||||
*/
|
||||
public function testInvalidAuthBearerValue()
|
||||
{
|
||||
self::prepareRequest('POST', 'http://example.com', ['auth_bearer' => "a\nb"], HttpClientInterface::OPTIONS_DEFAULTS);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\HttpClient\Exception\InvalidArgumentException
|
||||
* @expectedExceptionMessage Define either the "auth_basic" or the "auth_bearer" option, setting both is not supported.
|
||||
|
Reference in New Issue
Block a user