Enh #19: Validator for GoogleService Account JSON

humhub · Apr 14, 2023 · 9a1af83 · 9a1af83
1 parent 54371cb
commit 9a1af83
Show file tree

Hide file tree

Showing 4 changed files with 90 additions and 21 deletions.
diff --git a/assets/FcmPushAsset.php b/assets/FcmPushAsset.php
@@ -14,7 +14,6 @@ class FcmPushAsset extends AssetBundle
 
     public $publishOptions = [
         'forceCopy' => true,
-
     ];
 
     public $sourcePath = '@fcm-push/resources/js';
@@ -23,7 +22,6 @@ class FcmPushAsset extends AssetBundle
         'humhub.firebase.js',
     ];
 
-
     public static function register($view)
     {
         /** @var Module $module */
@@ -39,6 +37,4 @@ public static function register($view)
 
         return parent::register($view);
     }
-
-
 }
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
@@ -1,6 +1,7 @@
 2.0.0-beta.2 (Unreleased)
 -------------------------
-
+
+- Enh: Validator for GoogleService Account JSON 
 - Enh: Show/Hide Mobile App Opener Dialog after Login/Logout
 
 2.0.0-beta.1 (March 28, 2023)

diff --git a/models/ConfigureForm.php b/models/ConfigureForm.php
@@ -20,6 +20,58 @@ class ConfigureForm extends Model
 
     public $humhubApiKey;
 
+    /**
+     * Validate JSON field params
+     *
+     * @param $arrayPattern
+     * @param $arrayCheck
+     * @return string[]
+     */
+    private function validateJsonParams($arrayPattern, $arrayCheck)
+    {
+        $errors = ["contains_no" => "", "empty" => "", "invalid" => ""];
+
+        foreach ($arrayPattern as $key => $value) {
+            if (isset($arrayCheck[$key])) {
+                if (empty($arrayCheck[$key])) {
+                    $errors["empty"] .= $errors["empty"] == "" ? "\"$key\"" : ", \"$key\"";
+                }
+                else {
+                    $condition = false;
+                    switch ($value['type']) {
+                        case "string":
+                            if (isset($value['value'])) {
+                                $condition = $value['value'] !== $arrayCheck[$key];
+                            } elseif (isset($value['pattern'])) {
+                                if ($value['pattern'] == "alfa-numeric" || $value['pattern'] == "numeric") {
+                                    $condition = $value['pattern'] == "numeric"
+                                        ? !preg_match("/^\\d+$/", $arrayCheck[$key])
+                                        : !ctype_alnum($arrayCheck[$key]);
+                                }
+                            }
+                            break;
+                        case "email":
+                            $condition = !filter_var($arrayCheck[$key], FILTER_VALIDATE_EMAIL);
+                            break;
+                        case "url":
+                            $url_validation_regex = "/^https?:\\/\\/(?:www\\.)?[-a-zA-Z0-9@:%._\\+~#=]{1,256}\\.[a-zA-Z0-9()]{1,6}\\b(?:[-a-zA-Z0-9()@:%_\\+.~#?&\\/=]*)$/";
+                            $condition = !preg_match($url_validation_regex, $arrayCheck[$key]);
+                            break;
+                        default:
+                    }
+
+                    if ($condition) {
+                        $errors["invalid"] .= $errors["invalid"] == "" ? "\"$key\"" : ", \"$key\"";
+                    }
+                }
+            } else {
+                $errors["contains_no"] .= $errors["contains_no"] == "" ? "\"$key\"" : ", \"$key\"";
+            }
+        }
+
+        return $errors;
+    }
+
     /**
      * @inheritdoc
      */
@@ -42,12 +94,33 @@ public function rules()
                     $this->addError($attribute, 'Empty JSON input.');
                     return;
                 }
-                if (!isset($data['project_id'])) {
-                    $this->addError($attribute, 'JSON contain no project id.');
+
+                $googleServiceParamsPattern = [
+                    "type" => ["type" => "string", "value" => "service_account"],
+                    "project_id" => ["type" => "string"],
+                    "private_key_id" => ["type" => "string", "pattern" => "alfa-numeric"],
+                    "private_key" => ["type" => "string"],
+                    "client_email" => ["type" => "email"],
+                    "client_id" => ["type" => "string", "pattern" => "numeric"],
+                    "auth_uri" => ["type" => "url"],
+                    "token_uri" => ["type" => "url"],
+                    "auth_provider_x509_cert_url" => ["type" => "url"],
+                    "client_x509_cert_url" => ["type" => "url"],
+                ];
+                $result = $this->validateJsonParams($googleServiceParamsPattern, $data);
+
+                if ($result["contains_no"] !== "") {
+                    $this->addError($attribute, "JSON contains no {$result['contains_no']}.");
+                    return;
+                }
+                if ($result["empty"] !== "") {
+                    $this->addError($attribute, "JSON has empty {$result['empty']}.");
                     return;
                 }
+                if ($result["invalid"] !== "") {
+                    $this->addError($attribute, "JSON has invalid value in {$result['invalid']}.");
+                }
             }],
-
         ];
     }
 
@@ -118,5 +191,4 @@ public static function getInstance()
 
         return $config;
     }
-
-}
+}
diff --git a/resources/js/humhub.firebase.js b/resources/js/humhub.firebase.js
@@ -1,7 +1,7 @@
 humhub.module('firebase', function (module, require, $) {
-    var messaging;
+    let messaging;
 
-    var init = function () {
+    const init = function () {
         if (!firebase.apps.length) {
             firebase.initializeApp({messagingSenderId: this.senderId()});
             this.messaging = firebase.messaging();
@@ -22,11 +22,11 @@ humhub.module('firebase', function (module, require, $) {
         }
     };
 
-    var afterServiceWorkerRegistration = function (registration) {
+    const afterServiceWorkerRegistration = function (registration) {
         //console.log("After Service Worker Registration");
         //console.log(registration);
 
-        var that = this;
+        const that = this;
 
         this.messaging.useServiceWorker(registration);
 
@@ -54,7 +54,7 @@ humhub.module('firebase', function (module, require, $) {
     // Send the Instance ID token your application server, so that it can:
     // - send messages back to this app
     // - subscribe/unsubscribe the token from topics
-    var sendTokenToServer = function (token) {
+    const sendTokenToServer = function (token) {
         const that = this;
         if (!that.isTokenSentToServer(token)) {
             module.log.info("Send FCM Push Token to Server");
@@ -71,23 +71,23 @@ humhub.module('firebase', function (module, require, $) {
         }
     };
 
-    var isTokenSentToServer = function (token) {
+    const isTokenSentToServer = function (token) {
         return (this.getTokenLocalStore() === token);
     };
 
-    var deleteTokenLocalStore = function () {
+    const deleteTokenLocalStore = function () {
         window.localStorage.removeItem('fcmPushToken_' + this.senderId())
     };
 
-    var setTokenLocalStore = function (token) {
+    const setTokenLocalStore = function (token) {
         const item = {
             value: token,
             expiry: (Date.now() / 1000) + (24 * 60 * 60),
         };
         window.localStorage.setItem('fcmPushToken_' + this.senderId(), JSON.stringify(item))
     };
 
-    var getTokenLocalStore = function () {
+    const getTokenLocalStore = function () {
         const itemStr = window.localStorage.getItem('fcmPushToken_' + this.senderId())
 
         // if the item doesn't exist, return null
@@ -103,11 +103,11 @@ humhub.module('firebase', function (module, require, $) {
         return item.value;
     };
 
-    var tokenUpdateUrl = function () {
+    const tokenUpdateUrl = function () {
         return module.config.tokenUpdateUrl;
     };
 
-    var senderId = function () {
+    const senderId = function () {
         return module.config.senderId;
     };