diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2016-11-22 14:53:09 +0100 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2016-11-24 21:50:19 +0100 |
| commit | 72f9920a582f0808d45d5d79fb3b654b63d6503a (patch) | |
| tree | 0f2b2dda7a41789da49860c4a66de2ef2a157747 /lib/private/Security | |
| parent | c398fdda7e6cc74faccfd7d6ce62f489337f379c (diff) | |
| download | nextcloud-server-72f9920a582f0808d45d5d79fb3b654b63d6503a.tar.gz nextcloud-server-72f9920a582f0808d45d5d79fb3b654b63d6503a.zip | |
Add Identityproof tests
* Add tests for Key
* Add tests for Manager
* Add tests for Signer
* Removed URLGenerator from Signer
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib/private/Security')
| -rw-r--r-- | lib/private/Security/IdentityProof/Signer.php | 27 |
1 files changed, 4 insertions, 23 deletions
diff --git a/lib/private/Security/IdentityProof/Signer.php b/lib/private/Security/IdentityProof/Signer.php index 50c36b26966..169f284fe9d 100644 --- a/lib/private/Security/IdentityProof/Signer.php +++ b/lib/private/Security/IdentityProof/Signer.php @@ -22,7 +22,6 @@ namespace OC\Security\IdentityProof; use OCP\AppFramework\Utility\ITimeFactory; -use OCP\IURLGenerator; use OCP\IUser; use OCP\IUserManager; @@ -31,20 +30,16 @@ class Signer { private $keyManager; /** @var ITimeFactory */ private $timeFactory; - /** @var IURLGenerator */ - private $urlGenerator; /** @var IUserManager */ private $userManager; /** * @param Manager $keyManager * @param ITimeFactory $timeFactory - * @param IURLGenerator $urlGenerator * @param IUserManager $userManager */ public function __construct(Manager $keyManager, ITimeFactory $timeFactory, - IURLGenerator $urlGenerator, IUserManager $userManager) { $this->keyManager = $keyManager; $this->timeFactory = $timeFactory; @@ -76,20 +71,6 @@ class Signer { } /** - * @param string $url - * @return string - */ - private function removeProtocolFromUrl($url) { - if (strpos($url, 'https://') === 0) { - return substr($url, strlen('https://')); - } else if (strpos($url, 'http://') === 0) { - return substr($url, strlen('http://')); - } - - return $url; - } - - /** * Whether the data is signed properly * * @param array $data @@ -100,9 +81,8 @@ class Signer { && isset($data['signature']) && isset($data['message']['signer']) ) { - $server = $this->urlGenerator->getAbsoluteURL('/'); - $postfix = strlen('@' . rtrim($this->removeProtocolFromUrl($server), '/')); - $userId = substr($data['message']['signer'], -$postfix); + $location = strrpos($data['message']['signer'], '@'); + $userId = substr($data['message']['signer'], 0, $location); $user = $this->userManager->get($userId); if($user !== null) { @@ -110,7 +90,8 @@ class Signer { return (bool)openssl_verify( json_encode($data['message']), base64_decode($data['signature']), - $key->getPublic() + $key->getPublic(), + OPENSSL_ALGO_SHA512 ); } } |