diff options
| author | yude <yudesleepy@gmail.com> | 2021-01-04 18:51:10 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-04 18:51:10 +0900 |
| commit | e6754f2154a79abd8e5e64bd923f6984aa9ad44b (patch) | |
| tree | f074119530bb59ef155938ea367f719f1e4b70f1 /application/api/ApiUtils.php | |
| parent | 5256b4287021342a9f8868967b2a77e481314331 (diff) | |
| parent | ed4ee8f0297941ac83300389b7de6a293312d20e (diff) | |
| download | Shaarli-e6754f2154a79abd8e5e64bd923f6984aa9ad44b.tar.gz Shaarli-e6754f2154a79abd8e5e64bd923f6984aa9ad44b.tar.zst Shaarli-e6754f2154a79abd8e5e64bd923f6984aa9ad44b.zip | |
Merge pull request #2 from shaarli/master
Merge fork source
Diffstat (limited to 'application/api/ApiUtils.php')
| -rw-r--r-- | application/api/ApiUtils.php | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/application/api/ApiUtils.php b/application/api/ApiUtils.php index eb1ca9bc..9228bb2d 100644 --- a/application/api/ApiUtils.php +++ b/application/api/ApiUtils.php | |||
| @@ -1,4 +1,5 @@ | |||
| 1 | <?php | 1 | <?php |
| 2 | |||
| 2 | namespace Shaarli\Api; | 3 | namespace Shaarli\Api; |
| 3 | 4 | ||
| 4 | use Shaarli\Api\Exceptions\ApiAuthorizationException; | 5 | use Shaarli\Api\Exceptions\ApiAuthorizationException; |
| @@ -27,7 +28,7 @@ class ApiUtils | |||
| 27 | throw new ApiAuthorizationException('Malformed JWT token'); | 28 | throw new ApiAuthorizationException('Malformed JWT token'); |
| 28 | } | 29 | } |
| 29 | 30 | ||
| 30 | $genSign = Base64Url::encode(hash_hmac('sha512', $parts[0] .'.'. $parts[1], $secret, true)); | 31 | $genSign = Base64Url::encode(hash_hmac('sha512', $parts[0] . '.' . $parts[1], $secret, true)); |
| 31 | if ($parts[2] != $genSign) { | 32 | if ($parts[2] != $genSign) { |
| 32 | throw new ApiAuthorizationException('Invalid JWT signature'); | 33 | throw new ApiAuthorizationException('Invalid JWT signature'); |
| 33 | } | 34 | } |
| @@ -42,7 +43,8 @@ class ApiUtils | |||
| 42 | throw new ApiAuthorizationException('Invalid JWT payload'); | 43 | throw new ApiAuthorizationException('Invalid JWT payload'); |
| 43 | } | 44 | } |
| 44 | 45 | ||
| 45 | if (empty($payload->iat) | 46 | if ( |
| 47 | empty($payload->iat) | ||
| 46 | || $payload->iat > time() | 48 | || $payload->iat > time() |
| 47 | || time() - $payload->iat > ApiMiddleware::$TOKEN_DURATION | 49 | || time() - $payload->iat > ApiMiddleware::$TOKEN_DURATION |
| 48 | ) { | 50 | ) { |
| @@ -89,13 +91,17 @@ class ApiUtils | |||
| 89 | * If no URL is provided, it will generate a local note URL. | 91 | * If no URL is provided, it will generate a local note URL. |
| 90 | * If no title is provided, it will use the URL as title. | 92 | * If no title is provided, it will use the URL as title. |
| 91 | * | 93 | * |
| 92 | * @param array|null $input Request Link. | 94 | * @param array|null $input Request Link. |
| 93 | * @param bool $defaultPrivate Setting defined if a bookmark is private by default. | 95 | * @param bool $defaultPrivate Setting defined if a bookmark is private by default. |
| 96 | * @param string $tagsSeparator Tags separator loaded from the config file. | ||
| 94 | * | 97 | * |
| 95 | * @return Bookmark instance. | 98 | * @return Bookmark instance. |
| 96 | */ | 99 | */ |
| 97 | public static function buildBookmarkFromRequest(?array $input, bool $defaultPrivate): Bookmark | 100 | public static function buildBookmarkFromRequest( |
| 98 | { | 101 | ?array $input, |
| 102 | bool $defaultPrivate, | ||
| 103 | string $tagsSeparator | ||
| 104 | ): Bookmark { | ||
| 99 | $bookmark = new Bookmark(); | 105 | $bookmark = new Bookmark(); |
| 100 | $url = ! empty($input['url']) ? cleanup_url($input['url']) : ''; | 106 | $url = ! empty($input['url']) ? cleanup_url($input['url']) : ''; |
| 101 | if (isset($input['private'])) { | 107 | if (isset($input['private'])) { |
| @@ -107,6 +113,15 @@ class ApiUtils | |||
| 107 | $bookmark->setTitle(! empty($input['title']) ? $input['title'] : ''); | 113 | $bookmark->setTitle(! empty($input['title']) ? $input['title'] : ''); |
| 108 | $bookmark->setUrl($url); | 114 | $bookmark->setUrl($url); |
| 109 | $bookmark->setDescription(! empty($input['description']) ? $input['description'] : ''); | 115 | $bookmark->setDescription(! empty($input['description']) ? $input['description'] : ''); |
| 116 | |||
| 117 | // Be permissive with provided tags format | ||
| 118 | if (is_string($input['tags'] ?? null)) { | ||
| 119 | $input['tags'] = tags_str2array($input['tags'], $tagsSeparator); | ||
| 120 | } | ||
| 121 | if (is_array($input['tags'] ?? null) && count($input['tags']) === 1 && is_string($input['tags'][0])) { | ||
| 122 | $input['tags'] = tags_str2array($input['tags'][0], $tagsSeparator); | ||
| 123 | } | ||
| 124 | |||
| 110 | $bookmark->setTags(! empty($input['tags']) ? $input['tags'] : []); | 125 | $bookmark->setTags(! empty($input['tags']) ? $input['tags'] : []); |
| 111 | $bookmark->setPrivate($private); | 126 | $bookmark->setPrivate($private); |
| 112 | 127 | ||