Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Refactor ResolveSignature to improve UUID validation by reintroducing validation for 'signature_uuid' and throwing an InvalidRpcArgumentException for invalid UUIDs.

Browse source 
https://github.com/nosial/Socialbox-PHP/issues/44
This commit is contained in:
netkas 2025-03-13 00:26:40 -04:00
parent df96d894a8
commit a11c8b463f
Signed by: netkas
GPG key ID: 4D8629441B76E4CC
2 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/Socialbox/Classes/StandardMethods/Core/ResolveSignature.php
View file

@ -35,10 +35,6 @@
{ {
throw new MissingRpcArgumentException('signature_uuid'); throw new MissingRpcArgumentException('signature_uuid');
} }
elseif(!Validator::validateUuid($rpcRequest->getParameter('signature_uuid')))
{
throw new InvalidRpcArgumentException('signature_uuid', 'Invalid UUID V4');
}
return $rpcRequest->produceResponse(Socialbox::resolvePeerSignature( return $rpcRequest->produceResponse(Socialbox::resolvePeerSignature(
$rpcRequest->getParameter('peer'), $rpcRequest->getParameter('signature_uuid') $rpcRequest->getParameter('peer'), $rpcRequest->getParameter('signature_uuid')

6
src/Socialbox/Socialbox.php
View file

@ -27,6 +27,7 @@
use Socialbox\Exceptions\RequestException; use Socialbox\Exceptions\RequestException;
use Socialbox\Exceptions\ResolutionException; use Socialbox\Exceptions\ResolutionException;
use Socialbox\Exceptions\RpcException; use Socialbox\Exceptions\RpcException;
use Socialbox\Exceptions\Standard\InvalidRpcArgumentException;
use Socialbox\Exceptions\Standard\StandardRpcException; use Socialbox\Exceptions\Standard\StandardRpcException;
use Socialbox\Managers\ContactManager; use Socialbox\Managers\ContactManager;
use Socialbox\Managers\ExternalSessionManager; use Socialbox\Managers\ExternalSessionManager;
@ -910,6 +911,11 @@
throw new StandardRpcException('Cannot resolve signature for a host peer', StandardError::FORBIDDEN); throw new StandardRpcException('Cannot resolve signature for a host peer', StandardError::FORBIDDEN);
} }
if(!Validator::validateUuid($signatureUuid))
{
throw new InvalidRpcArgumentException('The given signature UUID is not a valid UUID V4');
}
// If the peer is registered within this server // If the peer is registered within this server
if($peerAddress->getDomain() === Configuration::getInstanceConfiguration()->getDomain()) if($peerAddress->getDomain() === Configuration::getInstanceConfiguration()->getDomain())
{ {