Shikiryu/alfred-nextcloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Request and validation

Browse Source
This commit is contained in:
Clement Desmidt 2024-08-07 17:46:01 +02:00
parent 1aa26c836a
commit e25502f4f8
4 changed files with 72 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
bot/Bot.php
View File

@ -15,16 +15,18 @@ class Bot
return $masters[array_rand($masters)]; return $masters[array_rand($masters)];
} }
public function __construct(array $config = []) public function __construct(Request $request, array $config = [])
{ {
$this->request = $request;
$this->config = $config; $this->config = $config;
} }
// TODO public function isRequestValid(): bool
public function isValid(Request $request): bool
{ {
$this->request = $request; return hash_equals(
return $this->config['token'] === $request->getToken(); hash_hmac('sha256', $this->request->nc_random . $this->request->body, $this->config['secret']),
strtolower($this->request->nc_signature)
);
} }
/** /**

13
bot/Commands/Help.php
View File

@ -9,18 +9,21 @@ class Help implements Icommands
public static function getMessage(Bot $bot, array $data): void public static function getMessage(Bot $bot, array $data): void
{ {
$message = 'Voici la liste de mes commandes : '."\n"; $bot->replyPolitely('Voici la liste de mes commandes');
$message = '|Nom|Description|Pattern|'."\n";
$message .= '|---|---|---|'."\n";
foreach ($bot->listCommands() as $command) { foreach ($bot->listCommands() as $command) {
$message .= sprintf( $message .= sprintf(
'%s : %s (%s)%s', '|%s|%s|`%s`|%s',
$command, end(explode('\\', $command)),
call_user_func([$command, 'getDescription']), call_user_func([$command, 'getDescription']),
call_user_func([$command, 'getPattern']), str_replace('|', '\|', call_user_func([$command, 'getPattern'])),
"\n" "\n"
); );
} }
$bot->replyPolitely($message); $bot->reply($message);
} }
public static function getDescription(): string public static function getDescription(): string

47
bot/Request.php
View File

@ -2,7 +2,54 @@
namespace Shikiryu\Bot; namespace Shikiryu\Bot;
use JsonException;
class Request class Request
{ {
public string $nc_signature;
public string $nc_random;
public string $nc_server;
public string $delivery;
public string $event;
public string $signature;
public string $body;
public function __construct()
{
$this->nc_signature = $_SERVER['HTTP_X_NEXTCLOUD_TALK_SIGNATURE'] ?? '';
$this->nc_random = $_SERVER['HTTP_X_NEXTCLOUD_TALK_RANDOM'] ?? '';
$this->nc_server = $_SERVER['HTTP_X_NEXTCLOUD_TALK_BACKEND'] ?? '';
$this->delivery = $_SERVER['HTTP_X_H1_DELIVERY'] ?? '';
$this->event = $_SERVER['HTTP_X_H1_EVENT'] ?? '';
$this->signature = $_SERVER['HTTP_X_H1_SIGNATURE'] ?? '';
$this->body = file_get_contents('php://input');
}
public function getJSONBody(): array
{
try {
return json_decode($this->body, true, 512, JSON_THROW_ON_ERROR);
} catch (JsonException $e) {
return [];
}
}
public function isMessage(): bool
{
$data = $this->getJSONBody();
return $data['type'] === 'Create' &&
$data['object']['name'] === 'message' &&
!empty($data['object']['content']);
}
public function getMessage(): string
{
try {
$data = $this->getJSONBody();
return json_decode($data['object']['content'], true, 512, JSON_THROW_ON_ERROR)['message'];
} catch (JsonException $e) {
return '';
}
}
} }

33
nextcloud.php
View File

@ -1,24 +1,22 @@
<?php <?php
use Shikiryu\Bot\Bot; use Shikiryu\Bot\Bot;
use Shikiryu\Bot\Request;
require 'vendor/autoload.php'; require 'vendor/autoload.php';
error_reporting(E_ALL); error_reporting(E_ALL);
ini_set('log_errors', 1); ini_set('log_errors', 1);
$config = include 'config.php'; $config = include __DIR__.'/config.php';
$bot = new Bot($config); $request = new Request();
$bot = new Bot($request, $config);
$signature = $_SERVER['HTTP_X_NEXTCLOUD_TALK_SIGNATURE'] ?? ''; if (!$bot->isRequestValid()) {
$random = $_SERVER['HTTP_X_NEXTCLOUD_TALK_RANDOM'] ?? ''; $bot->reply('I received an invalid request');
$server = $_SERVER['HTTP_X_NEXTCLOUD_TALK_BACKEND'] ?? ''; exit;
}
$delivery = $_SERVER['HTTP_X_H1_DELIVERY'] ?? '';
$event = $_SERVER['HTTP_X_H1_EVENT'] ?? '';
$signature = $_SERVER['HTTP_X_H1_SIGNATURE'] ?? '';
// Give the bot something to listen for. // Give the bot something to listen for.
foreach ($bot->listCommands() as $command) { foreach ($bot->listCommands() as $command) {
@ -29,22 +27,11 @@ $bot->hears('(hello|hi|bonjour|salut)', function (Bot $bot) {
$bot->replyPolitely('Bonjour'); $bot->replyPolitely('Bonjour');
}); });
$body = file_get_contents('php://input');
try {
$data = json_decode($body, true, 512, JSON_THROW_ON_ERROR);
} catch (JsonException $e) {
$data = [];
}
// Only on message, not on event or whatever // Only on message, not on event or whatever
if ($data['type'] !== 'Create' || $data['object']['name'] !== 'message') { if (!$request->isMessage()) {
return ; return ;
} }
try { $message = $request->getMessage();
$message = json_decode($data['object']['content'], true, 512, JSON_THROW_ON_ERROR)['message'];
} catch (JsonException $e) {
return;
}
$bot->listen($message); $bot->listen($message);