public function testVerifyMd5Hash_KnownUserException()
{
$prefix = null;
$sharedKey = "zaqxswcdevfrbgtnhymjukiloZAQCDEFRBGTNHYMJUKILOPlkjhgfdsapoiuytrewqmnbvcx";
$expectedPlaceInqueue = 7810;
$expectedQueueId = "fe070f51-5548-403c-9f0a-2626c15cb81b";
$placeInQueueEncrypted = "3d20e598-0304-474f-87e8-371a34073d3b";
$unixTimestamp = 1360241766;
$expectedTimeStamp = new \DateTime("2013-02-07 12:56:06", new \DateTimeZone("UTC"));
$expectedCustomerId = "somecust";
$expectedEventId = "someevent";
$expectedOriginalUrl = "http://www.example.com/test.aspx?prop=value";
$urlNoHash = $expectedOriginalUrl . "?" . $prefix . "c=somecust&" . $prefix . "e=someevent&" . $prefix . "q=" . $expectedQueueId . "&" . $prefix . "p=" . $placeInQueueEncrypted . "&" . $prefix . "ts=" . $unixTimestamp . "&" . $prefix . "h=";
$expectedHash = "INVALIDHASHxxxxxxxxxxxxxxxxxxxx";
$url = $urlNoHash . $expectedHash;
$urlProvider = new MockUrlProvider($url, $expectedOriginalUrl, $expectedQueueId, $placeInQueueEncrypted, (string) $unixTimestamp, $expectedCustomerId, $expectedEventId);
try {
$knownUser = KnownUserFactory::verifyMd5Hash($sharedKey, $urlProvider, $prefix);
} catch (KnownUserException $e) {
$this->assertEquals($url, $e->getValidationUrl());
$this->assertEquals($expectedOriginalUrl, $e->getOriginalUrl());
}
}
/**
* Validate request from Queue
*
* @param Queue $queue
* @param boolean $includeTargetUrl
* @param boolean $sslEnabled
* @param string $domainAlias
* @param string $language
* @param string $layoutName
*
* @throws Opifer\QueueIt\Exception\KnownUserValidationException
* @throws Opifer\QueueIt\Exception\ExpiredValidationException
*
* @return Opifer\QueueIt\Validation\AcceptedConfirmedResult|
* Opifer\QueueIt\Validation\EnqueueResult
*/
private static function validateRequestFromQueue($queue, $includeTargetUrl = null, $sslEnabled = null, $domainAlias = null, $language = null, $layoutName = null)
{
global $resultProviderFactory;
$sessionObject = $resultProviderFactory()->getValidationResult($queue);
if ($sessionObject != null) {
if ($sessionObject instanceof AcceptedConfirmedResult) {
return new AcceptedConfirmedResult($queue, $sessionObject->getKnownUser(), false);
}
return $sessionObject;
}
try {
$knownUser = KnownUserFactory::verifyMd5Hash();
if ($knownUser == null) {
$landingPage = $queue->getLandingPageUrl($includeTargetUrl);
if ($landingPage != null) {
return new EnqueueResult($queue, $landingPage);
}
return new EnqueueResult($queue, $queue->GetQueueUrl($includeTargetUrl, $sslEnabled, $domainAlias, $language, $layoutName));
}
if ($knownUser->getTimeStamp()->getTimestamp() < time() - 180) {
throw new ExpiredValidationException($queue, $knownUser);
}
$result = new AcceptedConfirmedResult($queue, $knownUser, true);
$resultProviderFactory()->setValidationResult($queue, $result);
return $result;
} catch (InvalidKnownUserUrlException $e) {
throw new KnownUserValidationException($e, $queue);
} catch (InvalidKnownUserHashException $e) {
throw new KnownUserValidationException($e, $queue);
}
}
/**
* Verify MD5 Hash
*
* @param string $secretKey
* @param KnownUserUrlProviderInterface $urlProvider
* @param string $queryStringPrefix
*
* @throws InvalidArgumentException if $secretKey is null
* @throws Opifer\QueueIt\Exception\InvalidKnownUserUrlException
* @throws Opifer\QueueIt\Exception\KnownUserException
*
* @return Opifer\QueueIt\Queue\Md5KnownUser
*/
public static function verifyMd5Hash($secretKey = null, $urlProvider = null, $queryStringPrefix = null)
{
global $defaultQueryStringPrefix, $defaultSecretKey, $defaultUrlProviderFactory;
if ($urlProvider == null) {
$urlProvider = $defaultUrlProviderFactory();
}
if ($secretKey == null) {
$secretKey = $defaultSecretKey;
}
if ($queryStringPrefix == null) {
$queryStringPrefix = $defaultQueryStringPrefix;
}
if ($secretKey == null) {
throw new \InvalidArgumentException("Secret key is null");
}
try {
if ($urlProvider->getQueueId($queryStringPrefix) == null && $urlProvider->getPlaceInQueue($queryStringPrefix) == null && $urlProvider->getTimeStamp($queryStringPrefix) == null) {
return null;
}
if ($urlProvider->getQueueId($queryStringPrefix) == null || $urlProvider->getPlaceInQueue($queryStringPrefix) == null || $urlProvider->getTimeStamp($queryStringPrefix) == null) {
throw new InvalidKnownUserUrlException();
}
KnownUserFactory::verifyUrl($urlProvider->getUrl(), $secretKey);
return new Md5KnownUser($urlProvider->getQueueId($queryStringPrefix), KnownUserFactory::decryptPlaceInQueue($urlProvider->getPlaceInQueue($queryStringPrefix)), KnownUserFactory::decodeTimestamp($urlProvider->getTimeStamp($queryStringPrefix)), $urlProvider->getCustomerId($queryStringPrefix), $urlProvider->getEventId($queryStringPrefix), KnownUserFactory::decodeRedirectType($urlProvider->getRedirectType($queryStringPrefix)), $urlProvider->getOriginalUrl($queryStringPrefix));
} catch (KnownUserException $e) {
$e->setValidationUrl($urlProvider->getUrl());
$e->setOriginalUrl($urlProvider->getOriginalUrl($queryStringPrefix));
throw $e;
}
}
/**
* Generate hash
*
* @param string $queueId
* @param string $originalUrl
* @param integer $placeInQueue
* @param string $redirectType
* @param integer $timestamp
*
* @return string
*/
private function generateHash($queueId, $originalUrl, $placeInQueue, $redirectType, $timestamp)
{
return hash("sha256", $queueId . $originalUrl . $placeInQueue . $redirectType . $timestamp . KnownUserFactory::getSecretKey());
}
