FEAT #14563 TIME 0:20 do not ignore invalid signature modes in user...

FEAT #14563 TIME 0:20 do not ignore invalid signature modes in user create/update + put signature modes in auth info

FEAT #14563 TIME 0:20 do not ignore invalid signature modes in user...
8b444dc4 · Guillaume Heurtier · 9e2b3728 · 8b444dc4 · 8b444dc4 · 8b444dc4
Commit 8b444dc4 authored 4 years ago by Guillaume Heurtier
--- a/src/app/user/controllers/SignatureController.php
+++ b/src/app/user/controllers/SignatureController.php
@@ -233,13 +233,6 @@ class SignatureController
        return $response->withStatus(204);
    }

-    public function getSignatureModes(Request $request, Response $response)
-    {
-        $modes = CoreConfigModel::getSignatureModes();
-
-        return $response->withJson($modes);
-    }
-
    public static function isValidSignatureMode(array $args)
    {
        ValidatorModel::stringType($args, ['mode']);

--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -139,13 +139,11 @@ class UserController
            if (!Validator::arrayType()->validate($body['signatureModes'])) {
                return $response->withStatus(400)->withJson(['errors' => 'Body signatureModes is not an array']);
            } else {
-                $modes = [];
-                foreach ($body['signatureModes'] as $signatureMode) {
-                    if (SignatureController::isValidSignatureMode(['mode' => $signatureMode])) {
-                        $modes[] = $signatureMode;
+                foreach ($body['signatureModes'] as $key => $signatureMode) {
+                    if (!SignatureController::isValidSignatureMode(['mode' => $signatureMode])) {
+                        return $response->withStatus(400)->withJson(['errors' => "Body signatureModes[{$key}] is not a valid signature mode"]);
                    }
                }
-                $body['signatureModes'] = $modes;
            }
        } else {
            $body['signatureModes'] = [];
@@ -199,13 +197,12 @@ class UserController
            if (!empty($body['signatureModes']) && !Validator::arrayType()->validate($body['signatureModes'])) {
                return $response->withStatus(400)->withJson(['errors' => 'Body signatureModes is not an array']);
            } else {
-                $modes = [];
-                foreach ($body['signatureModes'] as $signatureMode) {
-                    if (SignatureController::isValidSignatureMode(['mode' => $signatureMode])) {
-                        $modes[] = $signatureMode;
+                foreach ($body['signatureModes'] as $key => $signatureMode) {
+                    if (!SignatureController::isValidSignatureMode(['mode' => $signatureMode])) {
+                        return $response->withStatus(400)->withJson(['errors' => "Body signatureModes[{$key}] is not a valid signature mode"]);
                    }
                }
-                $set['signature_modes'] = $modes;
+                $set['signature_modes'] = $body['signatureModes'];
            }
        }
        $set['signature_modes'] = json_encode($set['signature_modes']);

--- a/src/core/controllers/AuthenticationController.php
+++ b/src/core/controllers/AuthenticationController.php
@@ -42,9 +42,14 @@ class AuthenticationController
        $encryptKey = CoreConfigModel::getEncryptKey();
        $path = CoreConfigModel::getConfigPath();
        $hashedPath = md5($path);
+        $signatureModes = CoreConfigModel::getSignatureModes();

-
-        return $response->withJson(['connection' => $connection, 'changeKey' => $encryptKey == 'Security Key Maarch Parapheur #2008', 'instanceId' => $hashedPath]);
+        return $response->withJson([
+            'connection'     => $connection,
+            'changeKey'      => $encryptKey == 'Security Key Maarch Parapheur #2008',
+            'instanceId'     => $hashedPath,
+            'signatureModes' => $signatureModes
+        ]);
    }

    public static function authentication($authorizationHeaders = [])