/** * Parse the ciphertext, process it, and return the response. * * FIXME Catch exceptions and return in a nice format. * * @param string $blob * POST'ed ciphertext. * @return Message */ public function handle($blob) { try { $reqData = $this->decode(RegistrationMessage::NAME, $blob); } catch (InvalidMessageException $e) { $this->log->warning('Received invalid message', array('exception' => $e)); $resp = new InsecureMessage(array('is_error' => 1, 'error_message' => 'Invalid message coding', array($e->getMessage(), $e->getTraceAsString()))); return $resp->setCode(400); } $this->log->debug('Received registration request', array('reqData' => $reqData)); $cxn = $reqData['cxn']; $validation = Cxn::getValidationMessages($cxn); if (!empty($validation)) { // $cxn is not valid, so we can't encode it use it for encoding. $resp = new InsecureMessage(array('is_error' => 1, 'error_message' => 'Invalid cxn details: ' . implode(', ', array_keys($validation)))); return $resp->setCode(400); } $respData = $this->createError('Unrecognized entity or action'); if ($reqData['entity'] == 'Cxn' && preg_match('/^[a-zA-Z]+$/', $reqData['action'])) { $func = 'on' . $reqData['entity'] . strtoupper($reqData['action'][0]) . substr($reqData['action'], 1); if (is_callable(array($this, $func))) { $respData = call_user_func(array($this, $func), $reqData['cxn'], $reqData['params']); } } $this->log->debug('Responding', array($cxn['cxnId'], $cxn['secret'], $respData)); return new StdMessage($cxn['cxnId'], $cxn['secret'], $respData); }
/** * Parse the ciphertext, process it, and return the response. * * FIXME Catch exceptions and return in a nice format. * * @param string $blob * POST'ed ciphertext. * @return Message */ public function handle($blob) { try { $reqMessage = $this->decode(StdMessage::NAME, $blob); } catch (InvalidMessageException $e) { $this->log->debug('Received invalid message', array('exception' => $e)); $resp = new InsecureMessage(array('is_error' => 1, 'error_message' => 'Invalid message coding', array($e->getMessage(), $e->getTraceAsString()))); return $resp->setCode(400); } $cxn = $this->cxnStore->getByCxnId($reqMessage->getCxnId()); $validation = Cxn::getValidationMessages($cxn); if (!empty($validation)) { $this->log->error('Invalid cxn ({cxnId})', array('cxnId' => $reqMessage->getCxnId(), 'messages' => $validation)); // $cxn is not valid, so we can't encode it use it for encoding. $resp = new InsecureMessage(array('is_error' => 1, 'error_message' => 'Invalid cxn details: ' . implode(', ', array_keys($validation)))); return $resp->setCode(400); } try { list($entity, $action, $params, $appCert) = $reqMessage->getData(); if ($this->certValidator) { $this->certValidator->validateCert($appCert); $appCertObj = X509Util::loadCert($appCert); $cn = $appCertObj->getDNProp('CN'); if (count($cn) != 1 || $cn[0] !== $cxn['appId']) { throw new InvalidMessageException('Invalid message: Submitted certificate does not matched expected appId'); } } $respData = call_user_func($this->router, $cxn, $entity, $action, $params); $this->log->info('Processed API call ({entity}.{action})', array('entity' => $entity, 'action' => $action)); } catch (\Exception $e) { $this->log->error('Error executing API call', array('request' => $reqMessage->getData(), 'exception' => $e)); $respData = array('is_error' => 1, 'error_message' => $e->getMessage()); } return new StdMessage($reqMessage->getCxnId(), $cxn['secret'], $respData); }
/** * @param array $appMeta * @return array * Array($cxnId, $isOk). */ public function register($appMeta) { AppMeta::validate($appMeta); if ($this->certValidator) { $this->certValidator->validateCert($appMeta['appCert']); } $cxn = $this->cxnStore->getByAppId($appMeta['appId']); if (!$cxn) { $cxn = array('cxnId' => Cxn::createId(), 'secret' => AesHelper::createSecret(), 'appId' => $appMeta['appId']); } $cxn['appUrl'] = $appMeta['appUrl']; $cxn['siteUrl'] = $this->siteUrl; $cxn['perm'] = $appMeta['perm']; Cxn::validate($cxn); $this->cxnStore->add($cxn); list($respCode, $respData) = $this->doCall($appMeta, 'Cxn', 'register', array(), $cxn); $success = $respCode == 200 && $respData['is_error'] == 0; $this->log->info($success ? 'Registered cxnId={cxnId} ({appId}, {appUrl})' : 'Failed to register cxnId={cxnId} ({appId}, {appUrl})', array('cxnId' => $cxn['cxnId'], 'appId' => $cxn['appId'], 'appUrl' => $cxn['appUrl'])); return array($cxn['cxnId'], $respData); }
/** * Parse the ciphertext, process it, and return the response. * * FIXME Catch exceptions and return in a nice format. * * @param string $blob * POST'ed ciphertext. * @return Message */ public function handle($blob) { try { $reqData = $this->decode(RegistrationMessage::NAME, $blob); } catch (InvalidMessageException $e) { $this->log->warning('Received invalid message', array('exception' => $e)); $resp = new InsecureMessage(array('is_error' => 1, 'error_message' => 'Invalid message coding', array($e->getMessage(), $e->getTraceAsString()))); return $resp->setCode(400); } $this->log->debug('Received registration request', array('reqData' => $reqData)); $cxn = $reqData['cxn']; $validation = Cxn::getValidationMessages($cxn); if (!empty($validation)) { // $cxn is not valid, so we can't use it for encoding. $resp = new InsecureMessage(array('is_error' => 1, 'error_message' => 'Invalid cxn details: ' . implode(', ', array_keys($validation)))); return $resp->setCode(400); } $respData = $this->call($reqData); $this->log->debug('Responding', array($cxn['cxnId'], $cxn['secret'], $respData)); return new StdMessage($cxn['cxnId'], $cxn['secret'], $respData); }
public function invalidInputExamples() { $appKeyPair = KeyPair::create(); $otherKeyPair = KeyPair::create(); return array(array($appKeyPair, new InsecureMessage(array('sldjkfasdf'))), array($appKeyPair, new InsecureMessage(array('cxn' => array('abcd')))), array($appKeyPair, new StdMessage(Cxn::createId(), AesHelper::createSecret(), array('whatever'))), array($appKeyPair, new RegistrationMessage('app:org.civicrm.other', $appKeyPair['publickey'], array('whatever'))), array($appKeyPair, new RegistrationMessage(self::APP_ID, $otherKeyPair['publickey'], array('whatever')))); }