Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Made message signing in Cryptography use SHA512 as the message content for... #1

Closed
netkas wants to merge 421 commits from master into dev
pull from: master
merge into: Nosial:dev
Conversation 3 Commits 421 Files changed 226 +65 -9
4 changed files with 65 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 2082225fb7 - Show all commits

39
src/Socialbox/Classes/StandardMethods/SettingsDeleteDisplayPicture.php Normal file
View file

@ -0,0 +1,39 @@
<?php
namespace Socialbox\Classes\StandardMethods;
use Exception;
use Socialbox\Abstracts\Method;
use Socialbox\Classes\Configuration;
use Socialbox\Enums\StandardError;
use Socialbox\Exceptions\StandardException;
use Socialbox\Interfaces\SerializableInterface;
use Socialbox\Managers\RegisteredPeerManager;
use Socialbox\Objects\ClientRequest;
use Socialbox\Objects\RpcRequest;
class SettingsDeleteDisplayPicture extends Method
{
/**
* @inheritDoc
*/
public static function execute(ClientRequest $request, RpcRequest $rpcRequest): ?SerializableInterface
{
if(Configuration::getRegistrationConfiguration()->isDisplayPictureRequired())
{
return $rpcRequest->produceError(StandardError::FORBIDDEN, 'A display picture is required for this server');
}
try
{
// Set the password
RegisteredPeerManager::deleteDisplayPicture($request->getPeer());
}
catch(Exception $e)
{
throw new StandardException('Failed to update display picture: ' . $e->getMessage(), StandardError::INTERNAL_SERVER_ERROR, $e);
}
return $rpcRequest->produceResponse(true);
}
}

11
src/Socialbox/Classes/StandardMethods/SettingsSetDisplayPicture.php
View file

@ -34,8 +34,7 @@
try try
{ {
$decodedImage = base64_decode($rpcRequest->getParameter('image')); $decodedImage = @base64_decode($rpcRequest->getParameter('image'));
if($decodedImage === false) if($decodedImage === false)
{ {
return $rpcRequest->produceError(StandardError::RPC_BAD_REQUEST, "Failed to decode JPEG image base64 data"); return $rpcRequest->produceError(StandardError::RPC_BAD_REQUEST, "Failed to decode JPEG image base64 data");
@ -53,11 +52,11 @@
// Set the password // Set the password
RegisteredPeerManager::updateDisplayPicture($request->getPeer(), $sanitizedImage); RegisteredPeerManager::updateDisplayPicture($request->getPeer(), $sanitizedImage);
// Remove the SET_DISPLAY_PICTURE flag
SessionManager::removeFlags($request->getSessionUuid(), [SessionFlags::SET_DISPLAY_PICTURE]);
// Check & update the session flow // Check & update the session flow
SessionManager::updateFlow($request->getSession()); if($request->getSession()->flagExists(SessionFlags::SET_DISPLAY_PICTURE))
{
SessionManager::updateFlow($request->getSession(), [SessionFlags::SET_DISPLAY_PICTURE]);
}
} }
catch(Exception $e) catch(Exception $e)
{ {

23
src/Socialbox/Enums/StandardMethods.php
View file

@ -13,9 +13,11 @@
use Socialbox\Classes\StandardMethods\Ping; use Socialbox\Classes\StandardMethods\Ping;
use Socialbox\Classes\StandardMethods\SettingsAddSigningKey; use Socialbox\Classes\StandardMethods\SettingsAddSigningKey;
use Socialbox\Classes\StandardMethods\SettingsDeleteDisplayName; use Socialbox\Classes\StandardMethods\SettingsDeleteDisplayName;
use Socialbox\Classes\StandardMethods\SettingsDeleteDisplayPicture;
use Socialbox\Classes\StandardMethods\SettingsDeletePassword; use Socialbox\Classes\StandardMethods\SettingsDeletePassword;
use Socialbox\Classes\StandardMethods\SettingsGetSigningKeys; use Socialbox\Classes\StandardMethods\SettingsGetSigningKeys;
use Socialbox\Classes\StandardMethods\SettingsSetDisplayName; use Socialbox\Classes\StandardMethods\SettingsSetDisplayName;
use Socialbox\Classes\StandardMethods\SettingsSetDisplayPicture;
use Socialbox\Classes\StandardMethods\SettingsSetPassword; use Socialbox\Classes\StandardMethods\SettingsSetPassword;
use Socialbox\Classes\StandardMethods\SettingsUpdatePassword; use Socialbox\Classes\StandardMethods\SettingsUpdatePassword;
use Socialbox\Classes\StandardMethods\VerificationAnswerImageCaptcha; use Socialbox\Classes\StandardMethods\VerificationAnswerImageCaptcha;
@ -63,6 +65,7 @@
case SETTINGS_SET_DISPLAY_NAME = 'settingsSetDisplayName'; case SETTINGS_SET_DISPLAY_NAME = 'settingsSetDisplayName';
case SETTINGS_DELETE_DISPLAY_NAME = 'settingsDeleteDisplayName'; case SETTINGS_DELETE_DISPLAY_NAME = 'settingsDeleteDisplayName';
case SETTINGS_SET_DISPLAY_PICTURE = 'settingsSetDisplayPicture'; case SETTINGS_SET_DISPLAY_PICTURE = 'settingsSetDisplayPicture';
case SETTINGS_DELETE_DISPLAY_PICTURE = 'settingsDeleteDisplayPicture';
case SETTINGS_SET_EMAIL = 'settingsSetEmail'; case SETTINGS_SET_EMAIL = 'settingsSetEmail';
case SETTINGS_SET_PHONE = 'settingsSetPhone'; case SETTINGS_SET_PHONE = 'settingsSetPhone';
case SETTINGS_SET_BIRTHDAY = 'settingsSetBirthday'; case SETTINGS_SET_BIRTHDAY = 'settingsSetBirthday';
@ -100,6 +103,8 @@
self::SETTINGS_DELETE_PASSWORD => SettingsDeletePassword::execute($request, $rpcRequest), self::SETTINGS_DELETE_PASSWORD => SettingsDeletePassword::execute($request, $rpcRequest),
self::SETTINGS_SET_DISPLAY_NAME => SettingsSetDisplayName::execute($request, $rpcRequest), self::SETTINGS_SET_DISPLAY_NAME => SettingsSetDisplayName::execute($request, $rpcRequest),
self::SETTINGS_DELETE_DISPLAY_NAME => SettingsDeleteDisplayName::execute($request, $rpcRequest), self::SETTINGS_DELETE_DISPLAY_NAME => SettingsDeleteDisplayName::execute($request, $rpcRequest),
self::SETTINGS_SET_DISPLAY_PICTURE => SettingsSetDisplayPicture::execute($request, $rpcRequest),
self::SETTINGS_DELETE_DISPLAY_PICTURE => SettingsDeleteDisplayPicture::execute($request, $rpcRequest),
self::SETTINGS_ADD_SIGNING_KEY => SettingsAddSigningKey::execute($request, $rpcRequest), self::SETTINGS_ADD_SIGNING_KEY => SettingsAddSigningKey::execute($request, $rpcRequest),
self::SETTINGS_GET_SIGNING_KEYS => SettingsGetSigningKeys::execute($request, $rpcRequest), self::SETTINGS_GET_SIGNING_KEYS => SettingsGetSigningKeys::execute($request, $rpcRequest),
@ -159,7 +164,9 @@
self::SETTINGS_ADD_SIGNING_KEY, self::SETTINGS_ADD_SIGNING_KEY,
self::SETTINGS_GET_SIGNING_KEYS, self::SETTINGS_GET_SIGNING_KEYS,
self::SETTINGS_SET_DISPLAY_NAME, self::SETTINGS_SET_DISPLAY_NAME,
self::SETTINGS_SET_DISPLAY_PICTURE,
self::SETTINGS_SET_PASSWORD, self::SETTINGS_SET_PASSWORD,
self::SETTINGS_UPDATE_PASSWORD,
]); ]);
// Prevent the user from deleting their display name if it is required // Prevent the user from deleting their display name if it is required
@ -168,10 +175,14 @@
$methods[] = self::SETTINGS_DELETE_DISPLAY_NAME; $methods[] = self::SETTINGS_DELETE_DISPLAY_NAME;
} }
// Always allow the authenticated user to change their password if(!Configuration::getRegistrationConfiguration()->isPasswordRequired())
if(!in_array(SessionFlags::SET_PASSWORD, $session->getFlags()))
{ {
$methods[] = self::SETTINGS_SET_PASSWORD; $methods[] = self::SETTINGS_DELETE_PASSWORD;
}
if(!Configuration::getRegistrationConfiguration()->isDisplayPictureRequired())
{
$methods[] = self::SETTINGS_DELETE_DISPLAY_PICTURE;
} }
} }
// If the session isn't authenticated nor a host, a limited set of methods is available // If the session isn't authenticated nor a host, a limited set of methods is available
@ -213,6 +224,12 @@
{ {
$methods[] = self::SETTINGS_SET_DISPLAY_NAME; $methods[] = self::SETTINGS_SET_DISPLAY_NAME;
} }
// If the flag `SET_DISPLAY_PICTURE` is set, then the user has to set a display picture
if($session->flagExists(SessionFlags::SET_DISPLAY_PICTURE))
{
$methods[] = self::SETTINGS_DELETE_DISPLAY_PICTURE;
}
} }
return $methods; return $methods;

1
src/Socialbox/Managers/RegisteredPeerManager.php
View file

@ -432,6 +432,7 @@
$peer = self::getPeer($peer); $peer = self::getPeer($peer);
} }
// TODO: Handle for external peers, needs a way to resolve peers to their external counterparts
if($peer->isExternal()) if($peer->isExternal())
{ {
throw new InvalidArgumentException('Cannot update the display picture of an external peer'); throw new InvalidArgumentException('Cannot update the display picture of an external peer');