blob: a6682eff33c3cd970337dba900805d2899cd1661 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace NCU\Security\Signature\Model;
use NCU\Security\Signature\ISignatureManager;
use OCP\IRequest;
/**
* model wrapping an actual incoming request, adding details about the signature and the
* authenticity of the origin of the request.
*
* @see ISignatureManager for details on signature
* @experimental 31.0.0
* @since 31.0.0
*/
interface IIncomingSignedRequest extends ISignedRequest {
/**
* set the core IRequest that might be signed
*
* @param IRequest $request
* @return IIncomingSignedRequest
* @since 31.0.0
*/
public function setRequest(IRequest $request): IIncomingSignedRequest;
/**
* returns the base IRequest
*
* @return IRequest
* @since 31.0.0
*/
public function getRequest(): IRequest;
/**
* set the time, extracted from the base request headers
*
* @param int $time
* @return IIncomingSignedRequest
* @since 31.0.0
*/
public function setTime(int $time): IIncomingSignedRequest;
/**
* get the time, extracted from the base request headers
*
* @return int
* @since 31.0.0
*/
public function getTime(): int;
/**
* set the hostname at the source of the request,
* based on the keyId defined in the signature header.
*
* @param string $origin
* @return IIncomingSignedRequest
* @since 31.0.0
*/
public function setOrigin(string $origin): IIncomingSignedRequest;
/**
* get the hostname at the source of the base request.
* based on the keyId defined in the signature header.
*
* @return string
* @since 31.0.0
*/
public function getOrigin(): string;
/**
* returns the keyId extracted from the signature headers.
* keyId is a mandatory entry in the headers of a signed request.
*
* @return string
* @since 31.0.0
*/
public function getKeyId(): string;
/**
* store a clear and estimated version of the signature, based on payload and headers.
* This clear version will be compared with the real signature using
* the public key of remote instance at the origin of the request.
*
* @param string $signature
* @return IIncomingSignedRequest
* @since 31.0.0
*/
public function setEstimatedSignature(string $signature): IIncomingSignedRequest;
/**
* returns a clear and estimated version of the signature, based on payload and headers.
* This clear version will be compared with the real signature using
* the public key of remote instance at the origin of the request.
*
* @return string
* @since 31.0.0
*/
public function getEstimatedSignature(): string;
}
|
