Nosial/socialbox-php
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Made message signing in Cryptography use SHA512 as the message content for... #1

Closed
netkas wants to merge 421 commits from master into dev
pull from: master
merge into: Nosial:dev
Conversation 3 Commits 421 Files changed 226 +8 -8
1 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 8a86bd04a6 - Show all commits

16
src/Socialbox/Classes/StandardMethods/Settings/SettingsDeleteOtp.php
View file

@ -8,6 +8,7 @@
use Socialbox\Classes\Cryptography; use Socialbox\Classes\Cryptography;
use Socialbox\Enums\StandardError; use Socialbox\Enums\StandardError;
use Socialbox\Exceptions\DatabaseOperationException; use Socialbox\Exceptions\DatabaseOperationException;
use Socialbox\Exceptions\Standard\InvalidRpcArgumentException;
use Socialbox\Exceptions\Standard\StandardRpcException; use Socialbox\Exceptions\Standard\StandardRpcException;
use Socialbox\Interfaces\SerializableInterface; use Socialbox\Interfaces\SerializableInterface;
use Socialbox\Managers\OneTimePasswordManager; use Socialbox\Managers\OneTimePasswordManager;
@ -24,16 +25,15 @@
{ {
if(Configuration::getRegistrationConfiguration()->isOtpRequired()) if(Configuration::getRegistrationConfiguration()->isOtpRequired())
{ {
return $rpcRequest->produceError(StandardError::METHOD_NOT_ALLOWED, 'One Time Password is required for this server'); return $rpcRequest->produceError(StandardError::FORBIDDEN, 'One Time Password is required for this server');
} }
$peer = $request->getPeer();
try try
{ {
$peer = $request->getPeer();
if (!OneTimePasswordManager::usesOtp($peer->getUuid())) if (!OneTimePasswordManager::usesOtp($peer->getUuid()))
{ {
return $rpcRequest->produceError(StandardError::METHOD_NOT_ALLOWED, "Cannot delete One Time Password when none is set"); return $rpcRequest->produceResponse(false);
} }
} }
catch (DatabaseOperationException $e) catch (DatabaseOperationException $e)
@ -55,12 +55,12 @@
{ {
if(!$rpcRequest->containsParameter('password')) if(!$rpcRequest->containsParameter('password'))
{ {
return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, 'When a password is set, the current password must be provided to delete an OTP'); throw new InvalidRpcArgumentException('password', 'When a password is set, the current password must be provided to delete an OTP');
} }
if(!Cryptography::validateSha512($rpcRequest->getParameter('password'))) if(!Cryptography::validateSha512($rpcRequest->getParameter('password')))
{ {
return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, 'The provided password is not a valid SHA-512 hash'); throw new InvalidRpcArgumentException('password', 'The provided password is not a valid SHA-512 hash');
} }
try try
@ -70,7 +70,7 @@
return $rpcRequest->produceError(StandardError::FORBIDDEN, 'The provided password is incorrect'); return $rpcRequest->produceError(StandardError::FORBIDDEN, 'The provided password is incorrect');
} }
} }
catch(Exception $e) catch(DatabaseOperationException $e)
{ {
throw new StandardRpcException('Failed to verify password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e); throw new StandardRpcException('Failed to verify password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
} }
@ -81,7 +81,7 @@
// Delete the OTP // Delete the OTP
OneTimePasswordManager::deleteOtp($peer); OneTimePasswordManager::deleteOtp($peer);
} }
catch(Exception $e) catch(DatabaseOperationException $e)
{ {
throw new StandardRpcException('Failed to set password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e); throw new StandardRpcException('Failed to set password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
} }