Shikiryu/alfred-nextcloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

♻️ Move validation to Request

Browse Source
This commit is contained in:
Clement Desmidt 2024-08-07 17:51:07 +02:00
parent e25502f4f8
commit 06a8be0583
3 changed files with 16 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
bot/Bot.php
View File

@ -21,14 +21,6 @@ class Bot
$this->config = $config; $this->config = $config;
} }
public function isRequestValid(): bool
{
return hash_equals(
hash_hmac('sha256', $this->request->nc_random . $this->request->body, $this->config['secret']),
strtolower($this->request->nc_signature)
);
}
/** /**
* @param string $pattern the pattern to listen for * @param string $pattern the pattern to listen for
* @param \Closure|string $callback the callback to execute. Either a closure or a Class@method notation * @param \Closure|string $callback the callback to execute. Either a closure or a Class@method notation

12
bot/Request.php
View File

@ -13,8 +13,9 @@ class Request
public string $event; public string $event;
public string $signature; public string $signature;
public string $body; public string $body;
public array $config;
public function __construct() public function __construct(array $config = [])
{ {
$this->nc_signature = $_SERVER['HTTP_X_NEXTCLOUD_TALK_SIGNATURE'] ?? ''; $this->nc_signature = $_SERVER['HTTP_X_NEXTCLOUD_TALK_SIGNATURE'] ?? '';
$this->nc_random = $_SERVER['HTTP_X_NEXTCLOUD_TALK_RANDOM'] ?? ''; $this->nc_random = $_SERVER['HTTP_X_NEXTCLOUD_TALK_RANDOM'] ?? '';
@ -24,6 +25,15 @@ class Request
$this->event = $_SERVER['HTTP_X_H1_EVENT'] ?? ''; $this->event = $_SERVER['HTTP_X_H1_EVENT'] ?? '';
$this->signature = $_SERVER['HTTP_X_H1_SIGNATURE'] ?? ''; $this->signature = $_SERVER['HTTP_X_H1_SIGNATURE'] ?? '';
$this->body = file_get_contents('php://input'); $this->body = file_get_contents('php://input');
$this->config = $config;
}
public function isValid(): bool
{
return hash_equals(
hash_hmac('sha256', $this->nc_random . $this->body, $this->config['secret']),
strtolower($this->nc_signature)
);
} }
public function getJSONBody(): array public function getJSONBody(): array

17
nextcloud.php
View File

@ -10,10 +10,10 @@ ini_set('log_errors', 1);
$config = include __DIR__.'/config.php'; $config = include __DIR__.'/config.php';
$request = new Request(); $request = new Request($config);
$bot = new Bot($request, $config); $bot = new Bot($request, $config);
if (!$bot->isRequestValid()) { if (!$request->isValid()) {
$bot->reply('I received an invalid request'); $bot->reply('I received an invalid request');
exit; exit;
} }
@ -23,15 +23,8 @@ foreach ($bot->listCommands() as $command) {
$bot->hears(call_user_func([$command, 'getPattern']), $command); $bot->hears(call_user_func([$command, 'getPattern']), $command);
} }
$bot->hears('(hello|hi|bonjour|salut)', function (Bot $bot) { $bot->hears('(hello|hi|bonjour|salut)', function (Bot $bot) { $bot->replyPolitely('Bonjour'); });
$bot->replyPolitely('Bonjour');
});
// Only on message, not on event or whatever if (!$request->isMessage()) { exit(); }
if (!$request->isMessage()) {
return ;
}
$message = $request->getMessage(); $bot->listen($request->getMessage());
$bot->listen($message);