aboutsummaryrefslogtreecommitdiffhomepage
path: root/application/api/ApiUtils.php
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2020-11-12 13:02:36 +0100
committerArthurHoaro <arthur@hoa.ro>2020-11-12 13:02:36 +0100
commit1409f1c89a7ca01456ae2dcd6357d296e2b99f5a (patch)
treeffa30a9358e82d27be75d8fc5e57f3c8820dc6d3 /application/api/ApiUtils.php
parent054e03f37fa29da8066f1a637919f13c7e7dc5d2 (diff)
parenta6935feb22df8d9634189ee87d257da9f03eedbd (diff)
downloadShaarli-0.12.1.tar.gz
Shaarli-0.12.1.tar.zst
Shaarli-0.12.1.zip
Merge branch 'master' into v0.12v0.12.1v0.12
Diffstat (limited to 'application/api/ApiUtils.php')
-rw-r--r--application/api/ApiUtils.php21
1 files changed, 16 insertions, 5 deletions
diff --git a/application/api/ApiUtils.php b/application/api/ApiUtils.php
index faebb8f5..05a2840a 100644
--- a/application/api/ApiUtils.php
+++ b/application/api/ApiUtils.php
@@ -1,4 +1,5 @@
1<?php 1<?php
2
2namespace Shaarli\Api; 3namespace Shaarli\Api;
3 4
4use Shaarli\Api\Exceptions\ApiAuthorizationException; 5use Shaarli\Api\Exceptions\ApiAuthorizationException;
@@ -27,7 +28,7 @@ class ApiUtils
27 throw new ApiAuthorizationException('Malformed JWT token'); 28 throw new ApiAuthorizationException('Malformed JWT token');
28 } 29 }
29 30
30 $genSign = Base64Url::encode(hash_hmac('sha512', $parts[0] .'.'. $parts[1], $secret, true)); 31 $genSign = Base64Url::encode(hash_hmac('sha512', $parts[0] . '.' . $parts[1], $secret, true));
31 if ($parts[2] != $genSign) { 32 if ($parts[2] != $genSign) {
32 throw new ApiAuthorizationException('Invalid JWT signature'); 33 throw new ApiAuthorizationException('Invalid JWT signature');
33 } 34 }
@@ -42,7 +43,8 @@ class ApiUtils
42 throw new ApiAuthorizationException('Invalid JWT payload'); 43 throw new ApiAuthorizationException('Invalid JWT payload');
43 } 44 }
44 45
45 if (empty($payload->iat) 46 if (
47 empty($payload->iat)
46 || $payload->iat > time() 48 || $payload->iat > time()
47 || time() - $payload->iat > ApiMiddleware::$TOKEN_DURATION 49 || time() - $payload->iat > ApiMiddleware::$TOKEN_DURATION
48 ) { 50 ) {
@@ -89,12 +91,12 @@ class ApiUtils
89 * If no URL is provided, it will generate a local note URL. 91 * If no URL is provided, it will generate a local note URL.
90 * If no title is provided, it will use the URL as title. 92 * If no title is provided, it will use the URL as title.
91 * 93 *
92 * @param array $input Request Link. 94 * @param array|null $input Request Link.
93 * @param bool $defaultPrivate Request Link. 95 * @param bool $defaultPrivate Setting defined if a bookmark is private by default.
94 * 96 *
95 * @return Bookmark instance. 97 * @return Bookmark instance.
96 */ 98 */
97 public static function buildLinkFromRequest($input, $defaultPrivate) 99 public static function buildBookmarkFromRequest(?array $input, bool $defaultPrivate): Bookmark
98 { 100 {
99 $bookmark = new Bookmark(); 101 $bookmark = new Bookmark();
100 $url = ! empty($input['url']) ? cleanup_url($input['url']) : ''; 102 $url = ! empty($input['url']) ? cleanup_url($input['url']) : '';
@@ -110,6 +112,15 @@ class ApiUtils
110 $bookmark->setTags(! empty($input['tags']) ? $input['tags'] : []); 112 $bookmark->setTags(! empty($input['tags']) ? $input['tags'] : []);
111 $bookmark->setPrivate($private); 113 $bookmark->setPrivate($private);
112 114
115 $created = \DateTime::createFromFormat(\DateTime::ATOM, $input['created'] ?? '');
116 if ($created instanceof \DateTimeInterface) {
117 $bookmark->setCreated($created);
118 }
119 $updated = \DateTime::createFromFormat(\DateTime::ATOM, $input['updated'] ?? '');
120 if ($updated instanceof \DateTimeInterface) {
121 $bookmark->setUpdated($updated);
122 }
123
113 return $bookmark; 124 return $bookmark;
114 } 125 }
115 126