From 72f9920a582f0808d45d5d79fb3b654b63d6503a Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Tue, 22 Nov 2016 14:53:09 +0100
Subject: Add Identityproof tests

* Add tests for Key
* Add tests for Manager
* Add tests for Signer
* Removed URLGenerator from Signer

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 lib/private/Security/IdentityProof/Signer.php | 27 ++++-----------------------
 1 file changed, 4 insertions(+), 23 deletions(-)

(limited to 'lib/private/Security')

diff --git a/lib/private/Security/IdentityProof/Signer.php b/lib/private/Security/IdentityProof/Signer.php
index 50c36b26966..169f284fe9d 100644
--- a/lib/private/Security/IdentityProof/Signer.php
+++ b/lib/private/Security/IdentityProof/Signer.php
@@ -22,7 +22,6 @@
 namespace OC\Security\IdentityProof;
 
 use OCP\AppFramework\Utility\ITimeFactory;
-use OCP\IURLGenerator;
 use OCP\IUser;
 use OCP\IUserManager;
 
@@ -31,20 +30,16 @@ class Signer {
 	private $keyManager;
 	/** @var ITimeFactory */
 	private $timeFactory;
-	/** @var IURLGenerator */
-	private $urlGenerator;
 	/** @var IUserManager */
 	private $userManager;
 
 	/**
 	 * @param Manager $keyManager
 	 * @param ITimeFactory $timeFactory
-	 * @param IURLGenerator $urlGenerator
 	 * @param IUserManager $userManager
 	 */
 	public function __construct(Manager $keyManager,
 								ITimeFactory $timeFactory,
-								IURLGenerator $urlGenerator,
 								IUserManager $userManager) {
 		$this->keyManager = $keyManager;
 		$this->timeFactory = $timeFactory;
@@ -75,20 +70,6 @@ class Signer {
 		];
 	}
 
-	/**
-	 * @param string $url
-	 * @return string
-	 */
-	private function removeProtocolFromUrl($url) {
-		if (strpos($url, 'https://') === 0) {
-			return substr($url, strlen('https://'));
-		} else if (strpos($url, 'http://') === 0) {
-			return substr($url, strlen('http://'));
-		}
-
-		return $url;
-	}
-
 	/**
 	 * Whether the data is signed properly
 	 *
@@ -100,9 +81,8 @@ class Signer {
 			&& isset($data['signature'])
 			&& isset($data['message']['signer'])
 		) {
-			$server = $this->urlGenerator->getAbsoluteURL('/');
-			$postfix = strlen('@' . rtrim($this->removeProtocolFromUrl($server), '/'));
-			$userId = substr($data['message']['signer'], -$postfix);
+			$location = strrpos($data['message']['signer'], '@');
+			$userId = substr($data['message']['signer'], 0, $location);
 
 			$user = $this->userManager->get($userId);
 			if($user !== null) {
@@ -110,7 +90,8 @@ class Signer {
 				return (bool)openssl_verify(
 					json_encode($data['message']),
 					base64_decode($data['signature']),
-					$key->getPublic()
+					$key->getPublic(),
+					OPENSSL_ALGO_SHA512
 				);
 			}
 		}
-- 
cgit v1.2.3