aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/Wallabag/ApiBundle
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2015-05-30 13:52:26 +0200
committerJeremy Benoist <jeremy.benoist@gmail.com>2015-05-30 13:59:33 +0200
commit4346a86068781f4acdeb574d7e2af08b77b58ea7 (patch)
tree5c392314913f7cbcd2658893432ff5f9db318465 /src/Wallabag/ApiBundle
parent399bd777d7900f532bfcfa367da88767739391bc (diff)
downloadwallabag-4346a86068781f4acdeb574d7e2af08b77b58ea7.tar.gz
wallabag-4346a86068781f4acdeb574d7e2af08b77b58ea7.tar.zst
wallabag-4346a86068781f4acdeb574d7e2af08b77b58ea7.zip
CS
Diffstat (limited to 'src/Wallabag/ApiBundle')
-rw-r--r--src/Wallabag/ApiBundle/Controller/WallabagRestController.php38
-rw-r--r--src/Wallabag/ApiBundle/DependencyInjection/Configuration.php2
-rw-r--r--src/Wallabag/ApiBundle/Security/Authentication/Provider/WsseProvider.php9
-rw-r--r--src/Wallabag/ApiBundle/Security/Authentication/Token/WsseUserToken.php1
-rw-r--r--src/Wallabag/ApiBundle/Tests/Controller/WallabagRestControllerTest.php8
5 files changed, 33 insertions, 25 deletions
diff --git a/src/Wallabag/ApiBundle/Controller/WallabagRestController.php b/src/Wallabag/ApiBundle/Controller/WallabagRestController.php
index 21e4552d..2f5923c8 100644
--- a/src/Wallabag/ApiBundle/Controller/WallabagRestController.php
+++ b/src/Wallabag/ApiBundle/Controller/WallabagRestController.php
@@ -47,6 +47,7 @@ class WallabagRestController extends Controller
47 * {"name"="username", "dataType"="string", "required"=true, "description"="username"} 47 * {"name"="username", "dataType"="string", "required"=true, "description"="username"}
48 * } 48 * }
49 * ) 49 * )
50 *
50 * @return array 51 * @return array
51 */ 52 */
52 public function getSaltAction($username) 53 public function getSaltAction($username)
@@ -77,6 +78,7 @@ class WallabagRestController extends Controller
77 * {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."}, 78 * {"name"="tags", "dataType"="string", "required"=false, "format"="api%2Crest", "description"="a list of tags url encoded. Will returns entries that matches ALL tags."},
78 * } 79 * }
79 * ) 80 * )
81 *
80 * @return Entry 82 * @return Entry
81 */ 83 */
82 public function getEntriesAction(Request $request) 84 public function getEntriesAction(Request $request)
@@ -109,13 +111,14 @@ class WallabagRestController extends Controller
109 } 111 }
110 112
111 /** 113 /**
112 * Retrieve a single entry 114 * Retrieve a single entry.
113 * 115 *
114 * @ApiDoc( 116 * @ApiDoc(
115 * requirements={ 117 * requirements={
116 * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} 118 * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
117 * } 119 * }
118 * ) 120 * )
121 *
119 * @return Entry 122 * @return Entry
120 */ 123 */
121 public function getEntryAction(Entry $entry) 124 public function getEntryAction(Entry $entry)
@@ -128,7 +131,7 @@ class WallabagRestController extends Controller
128 } 131 }
129 132
130 /** 133 /**
131 * Create an entry 134 * Create an entry.
132 * 135 *
133 * @ApiDoc( 136 * @ApiDoc(
134 * parameters={ 137 * parameters={
@@ -137,6 +140,7 @@ class WallabagRestController extends Controller
137 * {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."}, 140 * {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."},
138 * } 141 * }
139 * ) 142 * )
143 *
140 * @return Entry 144 * @return Entry
141 */ 145 */
142 public function postEntriesAction(Request $request) 146 public function postEntriesAction(Request $request)
@@ -164,7 +168,7 @@ class WallabagRestController extends Controller
164 } 168 }
165 169
166 /** 170 /**
167 * Change several properties of an entry 171 * Change several properties of an entry.
168 * 172 *
169 * @ApiDoc( 173 * @ApiDoc(
170 * requirements={ 174 * requirements={
@@ -177,15 +181,16 @@ class WallabagRestController extends Controller
177 * {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."}, 181 * {"name"="star", "dataType"="boolean", "required"=false, "format"="true or false", "description"="starred the entry."},
178 * } 182 * }
179 * ) 183 * )
184 *
180 * @return Entry 185 * @return Entry
181 */ 186 */
182 public function patchEntriesAction(Entry $entry, Request $request) 187 public function patchEntriesAction(Entry $entry, Request $request)
183 { 188 {
184 $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId()); 189 $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
185 190
186 $title = $request->request->get("title"); 191 $title = $request->request->get('title');
187 $isArchived = $request->request->get("archive"); 192 $isArchived = $request->request->get('archive');
188 $isStarred = $request->request->get("star"); 193 $isStarred = $request->request->get('star');
189 194
190 if (!is_null($title)) { 195 if (!is_null($title)) {
191 $entry->setTitle($title); 196 $entry->setTitle($title);
@@ -213,13 +218,14 @@ class WallabagRestController extends Controller
213 } 218 }
214 219
215 /** 220 /**
216 * Delete **permanently** an entry 221 * Delete **permanently** an entry.
217 * 222 *
218 * @ApiDoc( 223 * @ApiDoc(
219 * requirements={ 224 * requirements={
220 * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} 225 * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"}
221 * } 226 * }
222 * ) 227 * )
228 *
223 * @return Entry 229 * @return Entry
224 */ 230 */
225 public function deleteEntriesAction(Entry $entry) 231 public function deleteEntriesAction(Entry $entry)
@@ -236,7 +242,7 @@ class WallabagRestController extends Controller
236 } 242 }
237 243
238 /** 244 /**
239 * Retrieve all tags for an entry 245 * Retrieve all tags for an entry.
240 * 246 *
241 * @ApiDoc( 247 * @ApiDoc(
242 * requirements={ 248 * requirements={
@@ -254,7 +260,7 @@ class WallabagRestController extends Controller
254 } 260 }
255 261
256 /** 262 /**
257 * Add one or more tags to an entry 263 * Add one or more tags to an entry.
258 * 264 *
259 * @ApiDoc( 265 * @ApiDoc(
260 * requirements={ 266 * requirements={
@@ -284,7 +290,7 @@ class WallabagRestController extends Controller
284 } 290 }
285 291
286 /** 292 /**
287 * Permanently remove one tag for an entry 293 * Permanently remove one tag for an entry.
288 * 294 *
289 * @ApiDoc( 295 * @ApiDoc(
290 * requirements={ 296 * requirements={
@@ -308,7 +314,7 @@ class WallabagRestController extends Controller
308 } 314 }
309 315
310 /** 316 /**
311 * Retrieve all tags 317 * Retrieve all tags.
312 * 318 *
313 * @ApiDoc() 319 * @ApiDoc()
314 */ 320 */
@@ -320,7 +326,7 @@ class WallabagRestController extends Controller
320 } 326 }
321 327
322 /** 328 /**
323 * Permanently remove one tag from **every** entry 329 * Permanently remove one tag from **every** entry.
324 * 330 *
325 * @ApiDoc( 331 * @ApiDoc(
326 * requirements={ 332 * requirements={
@@ -343,10 +349,10 @@ class WallabagRestController extends Controller
343 349
344 /** 350 /**
345 * Validate that the first id is equal to the second one. 351 * Validate that the first id is equal to the second one.
346 * If not, throw exception. It means a user try to access information from an other user 352 * If not, throw exception. It means a user try to access information from an other user.
347 * 353 *
348 * @param integer $requestUserId User id from the requested source 354 * @param int $requestUserId User id from the requested source
349 * @param integer $currentUserId User id from the retrieved source 355 * @param int $currentUserId User id from the retrieved source
350 */ 356 */
351 private function validateUserAccess($requestUserId, $currentUserId) 357 private function validateUserAccess($requestUserId, $currentUserId)
352 { 358 {
@@ -357,7 +363,7 @@ class WallabagRestController extends Controller
357 363
358 /** 364 /**
359 * Send a JSON Response. 365 * Send a JSON Response.
360 * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string 366 * We don't use the Symfony JsonRespone, because it takes an array as parameter instead of a JSON string.
361 * 367 *
362 * @param string $json 368 * @param string $json
363 * 369 *
diff --git a/src/Wallabag/ApiBundle/DependencyInjection/Configuration.php b/src/Wallabag/ApiBundle/DependencyInjection/Configuration.php
index 80a07ca2..cec45412 100644
--- a/src/Wallabag/ApiBundle/DependencyInjection/Configuration.php
+++ b/src/Wallabag/ApiBundle/DependencyInjection/Configuration.php
@@ -6,7 +6,7 @@ use Symfony\Component\Config\Definition\Builder\TreeBuilder;
6use Symfony\Component\Config\Definition\ConfigurationInterface; 6use Symfony\Component\Config\Definition\ConfigurationInterface;
7 7
8/** 8/**
9 * This is the class that validates and merges configuration from your app/config files 9 * This is the class that validates and merges configuration from your app/config files.
10 * 10 *
11 * To learn more see {@link http://symfony.com/doc/current/cookbook/bundles/extension.html#cookbook-bundles-extension-config-class} 11 * To learn more see {@link http://symfony.com/doc/current/cookbook/bundles/extension.html#cookbook-bundles-extension-config-class}
12 */ 12 */
diff --git a/src/Wallabag/ApiBundle/Security/Authentication/Provider/WsseProvider.php b/src/Wallabag/ApiBundle/Security/Authentication/Provider/WsseProvider.php
index 8e49167a..db73ae2a 100644
--- a/src/Wallabag/ApiBundle/Security/Authentication/Provider/WsseProvider.php
+++ b/src/Wallabag/ApiBundle/Security/Authentication/Provider/WsseProvider.php
@@ -1,4 +1,5 @@
1<?php 1<?php
2
2namespace Wallabag\ApiBundle\Security\Authentication\Provider; 3namespace Wallabag\ApiBundle\Security\Authentication\Provider;
3 4
4use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface; 5use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
@@ -29,7 +30,7 @@ class WsseProvider implements AuthenticationProviderInterface
29 $user = $this->userProvider->loadUserByUsername($token->getUsername()); 30 $user = $this->userProvider->loadUserByUsername($token->getUsername());
30 31
31 if (!$user) { 32 if (!$user) {
32 throw new AuthenticationException("Bad credentials. Did you forgot your username?"); 33 throw new AuthenticationException('Bad credentials. Did you forgot your username?');
33 } 34 }
34 35
35 if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) { 36 if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) {
@@ -46,12 +47,12 @@ class WsseProvider implements AuthenticationProviderInterface
46 { 47 {
47 // Check created time is not in the future 48 // Check created time is not in the future
48 if (strtotime($created) > time()) { 49 if (strtotime($created) > time()) {
49 throw new AuthenticationException("Back to the future..."); 50 throw new AuthenticationException('Back to the future...');
50 } 51 }
51 52
52 // Expire timestamp after 5 minutes 53 // Expire timestamp after 5 minutes
53 if (time() - strtotime($created) > 300) { 54 if (time() - strtotime($created) > 300) {
54 throw new AuthenticationException("Too late for this timestamp... Watch your watch."); 55 throw new AuthenticationException('Too late for this timestamp... Watch your watch.');
55 } 56 }
56 57
57 // Validate nonce is unique within 5 minutes 58 // Validate nonce is unique within 5 minutes
@@ -65,7 +66,7 @@ class WsseProvider implements AuthenticationProviderInterface
65 $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true)); 66 $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true));
66 67
67 if ($digest !== $expected) { 68 if ($digest !== $expected) {
68 throw new AuthenticationException("Bad credentials ! Digest is not as expected."); 69 throw new AuthenticationException('Bad credentials ! Digest is not as expected.');
69 } 70 }
70 71
71 return $digest === $expected; 72 return $digest === $expected;
diff --git a/src/Wallabag/ApiBundle/Security/Authentication/Token/WsseUserToken.php b/src/Wallabag/ApiBundle/Security/Authentication/Token/WsseUserToken.php
index aa68dbdc..e6d30224 100644
--- a/src/Wallabag/ApiBundle/Security/Authentication/Token/WsseUserToken.php
+++ b/src/Wallabag/ApiBundle/Security/Authentication/Token/WsseUserToken.php
@@ -1,4 +1,5 @@
1<?php 1<?php
2
2namespace Wallabag\ApiBundle\Security\Authentication\Token; 3namespace Wallabag\ApiBundle\Security\Authentication\Token;
3 4
4use Symfony\Component\Security\Core\Authentication\Token\AbstractToken; 5use Symfony\Component\Security\Core\Authentication\Token\AbstractToken;
diff --git a/src/Wallabag/ApiBundle/Tests/Controller/WallabagRestControllerTest.php b/src/Wallabag/ApiBundle/Tests/Controller/WallabagRestControllerTest.php
index b36ae7c6..86c8de1e 100644
--- a/src/Wallabag/ApiBundle/Tests/Controller/WallabagRestControllerTest.php
+++ b/src/Wallabag/ApiBundle/Tests/Controller/WallabagRestControllerTest.php
@@ -9,7 +9,7 @@ class WallabagRestControllerTest extends WebTestCase
9 protected static $salt; 9 protected static $salt;
10 10
11 /** 11 /**
12 * Grab the salt once and store it to be available for all tests 12 * Grab the salt once and store it to be available for all tests.
13 */ 13 */
14 public static function setUpBeforeClass() 14 public static function setUpBeforeClass()
15 { 15 {
@@ -24,7 +24,7 @@ class WallabagRestControllerTest extends WebTestCase
24 } 24 }
25 25
26 /** 26 /**
27 * Generate HTTP headers for authenticate user on API 27 * Generate HTTP headers for authenticate user on API.
28 * 28 *
29 * @param string $username 29 * @param string $username
30 * @param string $password 30 * @param string $password
@@ -327,7 +327,7 @@ class WallabagRestControllerTest extends WebTestCase
327 $content = json_decode($client->getResponse()->getContent(), true); 327 $content = json_decode($client->getResponse()->getContent(), true);
328 328
329 $this->assertArrayHasKey('tags', $content); 329 $this->assertArrayHasKey('tags', $content);
330 $this->assertEquals($nbTags+3, count($content['tags'])); 330 $this->assertEquals($nbTags + 3, count($content['tags']));
331 331
332 $entryDB = $client->getContainer() 332 $entryDB = $client->getContainer()
333 ->get('doctrine.orm.entity_manager') 333 ->get('doctrine.orm.entity_manager')
@@ -369,7 +369,7 @@ class WallabagRestControllerTest extends WebTestCase
369 $content = json_decode($client->getResponse()->getContent(), true); 369 $content = json_decode($client->getResponse()->getContent(), true);
370 370
371 $this->assertArrayHasKey('tags', $content); 371 $this->assertArrayHasKey('tags', $content);
372 $this->assertEquals($nbTags-1, count($content['tags'])); 372 $this->assertEquals($nbTags - 1, count($content['tags']));
373 } 373 }
374 374
375 public function testGetUserTags() 375 public function testGetUserTags()