♻️ Move validation to Request

This commit is contained in:
Clement Desmidt 2024-08-07 17:51:07 +02:00
parent e25502f4f8
commit 06a8be0583
3 changed files with 16 additions and 21 deletions

View File

@ -21,14 +21,6 @@ class Bot
$this->config = $config;
}
public function isRequestValid(): bool
{
return hash_equals(
hash_hmac('sha256', $this->request->nc_random . $this->request->body, $this->config['secret']),
strtolower($this->request->nc_signature)
);
}
/**
* @param string $pattern the pattern to listen for
* @param \Closure|string $callback the callback to execute. Either a closure or a Class@method notation

View File

@ -13,8 +13,9 @@ class Request
public string $event;
public string $signature;
public string $body;
public array $config;
public function __construct()
public function __construct(array $config = [])
{
$this->nc_signature = $_SERVER['HTTP_X_NEXTCLOUD_TALK_SIGNATURE'] ?? '';
$this->nc_random = $_SERVER['HTTP_X_NEXTCLOUD_TALK_RANDOM'] ?? '';
@ -24,6 +25,15 @@ class Request
$this->event = $_SERVER['HTTP_X_H1_EVENT'] ?? '';
$this->signature = $_SERVER['HTTP_X_H1_SIGNATURE'] ?? '';
$this->body = file_get_contents('php://input');
$this->config = $config;
}
public function isValid(): bool
{
return hash_equals(
hash_hmac('sha256', $this->nc_random . $this->body, $this->config['secret']),
strtolower($this->nc_signature)
);
}
public function getJSONBody(): array

View File

@ -10,10 +10,10 @@ ini_set('log_errors', 1);
$config = include __DIR__.'/config.php';
$request = new Request();
$request = new Request($config);
$bot = new Bot($request, $config);
if (!$bot->isRequestValid()) {
if (!$request->isValid()) {
$bot->reply('I received an invalid request');
exit;
}
@ -23,15 +23,8 @@ foreach ($bot->listCommands() as $command) {
$bot->hears(call_user_func([$command, 'getPattern']), $command);
}
$bot->hears('(hello|hi|bonjour|salut)', function (Bot $bot) {
$bot->replyPolitely('Bonjour');
});
$bot->hears('(hello|hi|bonjour|salut)', function (Bot $bot) { $bot->replyPolitely('Bonjour'); });
// Only on message, not on event or whatever
if (!$request->isMessage()) {
return ;
}
if (!$request->isMessage()) { exit(); }
$message = $request->getMessage();
$bot->listen($message);
$bot->listen($request->getMessage());