mirror of
https://github.com/maelgangloff/domain-watchdog.git
synced 2025-12-18 02:05:36 +00:00
refactor: consent checks are performed in AbstractProvider and not in child classes
This commit is contained in:
Maël Gangloff
parent
5be90247f4
commit
c7a50eed65
1644
composer.lock
generated
1644
composer.lock
generated
File diff suppressed because it is too large
Load Diff
@ -41,7 +41,7 @@ enum WebhookScheme: string
|
||||
WebhookScheme::ZULIP => ZulipTransportFactory::class,
|
||||
WebhookScheme::PUSHOVER => PushoverTransportFactory::class,
|
||||
WebhookScheme::NTFY => NtfyTransportFactory::class,
|
||||
WebhookScheme::ENGAGESPOT => EngagespotTransportFactory::class
|
||||
WebhookScheme::ENGAGESPOT => EngagespotTransportFactory::class,
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
@ -24,7 +24,7 @@ class ConnectorController extends AbstractController
|
||||
private readonly EntityManagerInterface $em,
|
||||
private readonly LoggerInterface $logger,
|
||||
#[Autowire(service: 'service_container')]
|
||||
private ContainerInterface $locator
|
||||
private ContainerInterface $locator,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -25,7 +25,7 @@ class DomainRefreshController extends AbstractController
|
||||
private readonly RDAPService $RDAPService,
|
||||
private readonly RateLimiterFactory $rdapRequestsLimiter,
|
||||
private readonly MessageBusInterface $bus,
|
||||
private readonly LoggerInterface $logger, private readonly KernelInterface $kernel
|
||||
private readonly LoggerInterface $logger, private readonly KernelInterface $kernel,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -32,7 +32,7 @@ class RegistrationController extends AbstractController
|
||||
private readonly EntityManagerInterface $em,
|
||||
private readonly SerializerInterface $serializer,
|
||||
private readonly LoggerInterface $logger,
|
||||
private readonly KernelInterface $kernel
|
||||
private readonly KernelInterface $kernel,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -16,7 +16,7 @@ class StatisticsController extends AbstractController
|
||||
private readonly CacheItemPoolInterface $pool,
|
||||
private readonly DomainRepository $domainRepository,
|
||||
private readonly WatchListRepository $watchListRepository,
|
||||
private readonly KernelInterface $kernel
|
||||
private readonly KernelInterface $kernel,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -51,7 +51,7 @@ class WatchListController extends AbstractController
|
||||
private readonly LoggerInterface $logger,
|
||||
private readonly ChatNotificationService $chatNotificationService,
|
||||
#[Autowire(service: 'service_container')]
|
||||
private ContainerInterface $locator
|
||||
private ContainerInterface $locator,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -7,7 +7,7 @@ final class OrderDomain
|
||||
public function __construct(
|
||||
public string $watchListToken,
|
||||
public string $ldhName,
|
||||
public \DateTimeImmutable $updatedAt
|
||||
public \DateTimeImmutable $updatedAt,
|
||||
) {
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,7 +7,7 @@ final class SendDomainEventNotif
|
||||
public function __construct(
|
||||
public string $watchListToken,
|
||||
public string $ldhName,
|
||||
public \DateTimeImmutable $updatedAt
|
||||
public \DateTimeImmutable $updatedAt,
|
||||
) {
|
||||
}
|
||||
}
|
||||
|
||||
@ -38,7 +38,7 @@ final readonly class OrderDomainHandler
|
||||
private StatService $statService,
|
||||
private ChatNotificationService $chatNotificationService,
|
||||
#[Autowire(service: 'service_container')]
|
||||
private ContainerInterface $locator
|
||||
private ContainerInterface $locator,
|
||||
) {
|
||||
$this->sender = new Address($mailerSenderEmail, $mailerSenderName);
|
||||
}
|
||||
|
||||
@ -16,7 +16,7 @@ final readonly class ProcessWatchListsTriggerHandler
|
||||
{
|
||||
public function __construct(
|
||||
private WatchListRepository $watchListRepository,
|
||||
private MessageBusInterface $bus
|
||||
private MessageBusInterface $bus,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ final readonly class SendDomainEventNotifHandler
|
||||
private StatService $statService,
|
||||
private DomainRepository $domainRepository,
|
||||
private WatchListRepository $watchListRepository,
|
||||
private ChatNotificationService $chatNotificationService
|
||||
private ChatNotificationService $chatNotificationService,
|
||||
) {
|
||||
$this->sender = new Address($mailerSenderEmail, $mailerSenderName);
|
||||
}
|
||||
|
||||
@ -36,7 +36,7 @@ final readonly class UpdateDomainsFromWatchlistHandler
|
||||
string $mailerSenderName,
|
||||
private MessageBusInterface $bus,
|
||||
private WatchListRepository $watchListRepository,
|
||||
private LoggerInterface $logger
|
||||
private LoggerInterface $logger,
|
||||
) {
|
||||
$this->sender = new Address($mailerSenderEmail, $mailerSenderName);
|
||||
}
|
||||
|
||||
@ -17,7 +17,7 @@ final readonly class UpdateRdapServersHandler
|
||||
{
|
||||
public function __construct(
|
||||
private RDAPService $RDAPService,
|
||||
private ParameterBagInterface $bag
|
||||
private ParameterBagInterface $bag,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@ class DomainOrderErrorNotification extends DomainWatchdogNotification
|
||||
{
|
||||
public function __construct(
|
||||
private readonly Address $sender,
|
||||
private readonly Domain $domain
|
||||
private readonly Domain $domain,
|
||||
) {
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
@ -19,7 +19,7 @@ class DomainOrderNotification extends DomainWatchdogNotification
|
||||
public function __construct(
|
||||
private readonly Address $sender,
|
||||
private readonly Domain $domain,
|
||||
private readonly Connector $connector
|
||||
private readonly Connector $connector,
|
||||
) {
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
@ -16,7 +16,7 @@ class DomainUpdateErrorNotification extends DomainWatchdogNotification
|
||||
{
|
||||
public function __construct(
|
||||
private readonly Address $sender,
|
||||
private readonly Domain $domain
|
||||
private readonly Domain $domain,
|
||||
) {
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
@ -17,7 +17,7 @@ class DomainUpdateNotification extends DomainWatchdogNotification
|
||||
{
|
||||
public function __construct(
|
||||
private readonly Address $sender,
|
||||
private readonly DomainEvent $domainEvent
|
||||
private readonly DomainEvent $domainEvent,
|
||||
) {
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
@ -15,7 +15,7 @@ readonly class EmailVerifier
|
||||
public function __construct(
|
||||
private VerifyEmailHelperInterface $verifyEmailHelper,
|
||||
private MailerInterface $mailer,
|
||||
private EntityManagerInterface $entityManager
|
||||
private EntityManagerInterface $entityManager,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -22,7 +22,7 @@ class JWTAuthenticator implements AuthenticationSuccessHandlerInterface
|
||||
public function __construct(
|
||||
protected JWTTokenManagerInterface $jwtManager,
|
||||
protected EventDispatcherInterface $dispatcher,
|
||||
protected KernelInterface $kernel
|
||||
protected KernelInterface $kernel,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -27,7 +27,7 @@ class OAuthAuthenticator extends OAuth2Authenticator implements AuthenticationEn
|
||||
private readonly UserRepository $userRepository,
|
||||
private readonly EntityManagerInterface $em,
|
||||
private readonly RouterInterface $router,
|
||||
private readonly JWTTokenManagerInterface $JWTManager
|
||||
private readonly JWTTokenManagerInterface $JWTManager,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -15,7 +15,7 @@ use Symfony\Component\Notifier\Transport\Dsn;
|
||||
readonly class ChatNotificationService
|
||||
{
|
||||
public function __construct(
|
||||
private LoggerInterface $logger
|
||||
private LoggerInterface $logger,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -3,8 +3,11 @@
|
||||
namespace App\Service\Connector;
|
||||
|
||||
use App\Entity\Domain;
|
||||
use Exception;
|
||||
use Psr\Cache\CacheItemInterface;
|
||||
use Psr\Cache\CacheItemPoolInterface;
|
||||
use Symfony\Component\DependencyInjection\Attribute\Autoconfigure;
|
||||
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||
|
||||
/**
|
||||
* The typical flow of a provider will go as follows:
|
||||
@ -13,21 +16,65 @@ use Psr\Cache\CacheItemPoolInterface;
|
||||
* $provider->authenticate($authData);
|
||||
* $provider->orderDomain($domain, $dryRun);
|
||||
*/
|
||||
#[Autoconfigure(public: true)]
|
||||
abstract class AbstractProvider
|
||||
{
|
||||
protected array $authData;
|
||||
|
||||
public function __construct(
|
||||
protected CacheItemPoolInterface $cacheItemPool
|
||||
protected CacheItemPoolInterface $cacheItemPool,
|
||||
) {
|
||||
}
|
||||
|
||||
/**
|
||||
* Perform a static check of the connector data.
|
||||
* To be valid, the data fields must match the Provider and the conditions must be accepted.
|
||||
* User consent is checked here.
|
||||
*
|
||||
* @param array $authData raw authentication data as supplied by the user
|
||||
*
|
||||
* @return array a cleaned up version of the authentication data
|
||||
*
|
||||
* @throws HttpException when the user does not accept the necessary conditions
|
||||
*/
|
||||
public function verifyAuthData(array $authData): array
|
||||
{
|
||||
return [
|
||||
...$this->verifySpecificAuthData($this->verifyLegalAuthData($authData)),
|
||||
'acceptConditions' => $authData['acceptConditions'],
|
||||
'ownerLegalAge' => $authData['ownerLegalAge'],
|
||||
'waiveRetractationPeriod' => $authData['waiveRetractationPeriod'],
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $authData raw authentication data as supplied by the user
|
||||
*
|
||||
* @return array a cleaned up version of the authentication data
|
||||
* @return array specific authentication data
|
||||
*/
|
||||
abstract public function verifyAuthData(array $authData): array;
|
||||
abstract protected function verifySpecificAuthData(array $authData): array;
|
||||
|
||||
/**
|
||||
* @param array $authData raw authentication data as supplied by the user
|
||||
*
|
||||
* @return array raw authentication data as supplied by the user
|
||||
*
|
||||
* @throws HttpException when the user does not accept the necessary conditions
|
||||
*/
|
||||
private function verifyLegalAuthData(array $authData): array
|
||||
{
|
||||
$acceptConditions = $authData['acceptConditions'];
|
||||
$ownerLegalAge = $authData['ownerLegalAge'];
|
||||
$waiveRetractationPeriod = $authData['waiveRetractationPeriod'];
|
||||
|
||||
if (true !== $acceptConditions
|
||||
|| true !== $ownerLegalAge
|
||||
|| true !== $waiveRetractationPeriod) {
|
||||
throw new HttpException(451, 'The user has not given explicit consent');
|
||||
}
|
||||
|
||||
return $authData;
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws \Exception when the registrar denies the authentication
|
||||
|
||||
@ -6,10 +6,10 @@ use App\Entity\Domain;
|
||||
use Psr\Cache\CacheItemInterface;
|
||||
use Psr\Cache\CacheItemPoolInterface;
|
||||
use Psr\Cache\InvalidArgumentException;
|
||||
use Symfony\Component\DependencyInjection\Attribute\Autoconfigure;
|
||||
use Symfony\Component\HttpClient\HttpOptions;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
|
||||
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||
use Symfony\Contracts\HttpClient\Exception\ClientExceptionInterface;
|
||||
use Symfony\Contracts\HttpClient\Exception\DecodingExceptionInterface;
|
||||
use Symfony\Contracts\HttpClient\Exception\RedirectionExceptionInterface;
|
||||
@ -17,6 +17,7 @@ use Symfony\Contracts\HttpClient\Exception\ServerExceptionInterface;
|
||||
use Symfony\Contracts\HttpClient\Exception\TransportExceptionInterface;
|
||||
use Symfony\Contracts\HttpClient\HttpClientInterface;
|
||||
|
||||
#[Autoconfigure(public: true)]
|
||||
class AutodnsProvider extends AbstractProvider
|
||||
{
|
||||
public function __construct(CacheItemPoolInterface $cacheItemPool, private readonly HttpClientInterface $client)
|
||||
@ -166,15 +167,11 @@ class AutodnsProvider extends AbstractProvider
|
||||
}
|
||||
}
|
||||
|
||||
public function verifyAuthData(array $authData): array
|
||||
public function verifySpecificAuthData(array $authData): array
|
||||
{
|
||||
$username = $authData['username'];
|
||||
$password = $authData['password'];
|
||||
|
||||
$acceptConditions = $authData['acceptConditions'];
|
||||
$ownerLegalAge = $authData['ownerLegalAge'];
|
||||
$waiveRetractationPeriod = $authData['waiveRetractationPeriod'];
|
||||
|
||||
if (empty($authData['context'])) {
|
||||
$authData['context'] = 4;
|
||||
}
|
||||
@ -185,22 +182,10 @@ class AutodnsProvider extends AbstractProvider
|
||||
throw new BadRequestHttpException('Bad authData schema');
|
||||
}
|
||||
|
||||
if (
|
||||
true !== $acceptConditions
|
||||
|| true !== $authData['ownerConfirm']
|
||||
|| true !== $ownerLegalAge
|
||||
|| true !== $waiveRetractationPeriod
|
||||
) {
|
||||
throw new HttpException(451, 'The user has not given explicit consent');
|
||||
}
|
||||
|
||||
return [
|
||||
'username' => $authData['username'],
|
||||
'password' => $authData['password'],
|
||||
'acceptConditions' => $authData['acceptConditions'],
|
||||
'ownerLegalAge' => $authData['ownerLegalAge'],
|
||||
'ownerConfirm' => $authData['ownerConfirm'],
|
||||
'waiveRetractationPeriod' => $authData['waiveRetractationPeriod'],
|
||||
'context' => $authData['context'],
|
||||
];
|
||||
}
|
||||
|
||||
@ -5,6 +5,7 @@ namespace App\Service\Connector;
|
||||
use App\Entity\Domain;
|
||||
use Psr\Cache\CacheItemInterface;
|
||||
use Psr\Cache\CacheItemPoolInterface;
|
||||
use Symfony\Component\DependencyInjection\Attribute\Autoconfigure;
|
||||
use Symfony\Component\HttpClient\HttpOptions;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
|
||||
@ -16,6 +17,7 @@ use Symfony\Contracts\HttpClient\Exception\ServerExceptionInterface;
|
||||
use Symfony\Contracts\HttpClient\Exception\TransportExceptionInterface;
|
||||
use Symfony\Contracts\HttpClient\HttpClientInterface;
|
||||
|
||||
#[Autoconfigure(public: true)]
|
||||
class GandiProvider extends AbstractProvider
|
||||
{
|
||||
private const BASE_URL = 'https://api.gandi.net';
|
||||
@ -82,31 +84,18 @@ class GandiProvider extends AbstractProvider
|
||||
}
|
||||
}
|
||||
|
||||
public function verifyAuthData(array $authData): array
|
||||
public function verifySpecificAuthData(array $authData): array
|
||||
{
|
||||
$token = $authData['token'];
|
||||
|
||||
$acceptConditions = $authData['acceptConditions'];
|
||||
$ownerLegalAge = $authData['ownerLegalAge'];
|
||||
$waiveRetractationPeriod = $authData['waiveRetractationPeriod'];
|
||||
|
||||
if (!is_string($token) || empty($token)
|
||||
|| (array_key_exists('sharingId', $authData) && !is_string($authData['sharingId']))
|
||||
) {
|
||||
throw new BadRequestHttpException('Bad authData schema');
|
||||
}
|
||||
|
||||
if (true !== $acceptConditions
|
||||
|| true !== $ownerLegalAge
|
||||
|| true !== $waiveRetractationPeriod) {
|
||||
throw new HttpException(451, 'The user has not given explicit consent');
|
||||
}
|
||||
|
||||
$authDataReturned = [
|
||||
'token' => $token,
|
||||
'acceptConditions' => $acceptConditions,
|
||||
'ownerLegalAge' => $ownerLegalAge,
|
||||
'waiveRetractationPeriod' => $waiveRetractationPeriod,
|
||||
];
|
||||
|
||||
if (array_key_exists('sharingId', $authData)) {
|
||||
|
||||
@ -8,7 +8,6 @@ use Psr\Cache\CacheItemPoolInterface;
|
||||
use Psr\Cache\InvalidArgumentException;
|
||||
use Symfony\Component\DependencyInjection\Attribute\Autoconfigure;
|
||||
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
|
||||
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||
use Symfony\Contracts\HttpClient\Exception\ClientExceptionInterface;
|
||||
use Symfony\Contracts\HttpClient\Exception\RedirectionExceptionInterface;
|
||||
use Symfony\Contracts\HttpClient\Exception\ServerExceptionInterface;
|
||||
@ -99,33 +98,20 @@ class NamecheapProvider extends AbstractProvider
|
||||
return $data->CommandResponse;
|
||||
}
|
||||
|
||||
public function verifyAuthData(array $authData): array
|
||||
public function verifySpecificAuthData(array $authData): array
|
||||
{
|
||||
$apiUser = $authData['ApiUser'];
|
||||
$apiKey = $authData['ApiKey'];
|
||||
|
||||
$acceptConditions = $authData['acceptConditions'];
|
||||
$ownerLegalAge = $authData['ownerLegalAge'];
|
||||
$waiveRetractationPeriod = $authData['waiveRetractationPeriod'];
|
||||
|
||||
if (!is_string($apiUser) || empty($apiUser)
|
||||
|| !is_string($apiKey) || empty($apiKey)
|
||||
) {
|
||||
throw new BadRequestHttpException('Bad authData schema');
|
||||
}
|
||||
|
||||
if (true !== $acceptConditions
|
||||
|| true !== $ownerLegalAge
|
||||
|| true !== $waiveRetractationPeriod) {
|
||||
throw new HttpException(451, 'The user has not given explicit consent');
|
||||
}
|
||||
|
||||
return [
|
||||
'ApiUser' => $authData['ApiUser'],
|
||||
'ApiKey' => $authData['ApiKey'],
|
||||
'acceptConditions' => $authData['acceptConditions'],
|
||||
'ownerLegalAge' => $authData['ownerLegalAge'],
|
||||
'waiveRetractationPeriod' => $authData['waiveRetractationPeriod'],
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
@ -9,9 +9,10 @@ use Ovh\Exceptions\InvalidParameterException;
|
||||
use Psr\Cache\CacheItemInterface;
|
||||
use Psr\Cache\CacheItemPoolInterface;
|
||||
use Psr\Cache\InvalidArgumentException;
|
||||
use Symfony\Component\DependencyInjection\Attribute\Autoconfigure;
|
||||
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
|
||||
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||
|
||||
#[Autoconfigure(public: true)]
|
||||
class OvhProvider extends AbstractProvider
|
||||
{
|
||||
public const REQUIRED_ROUTES = [
|
||||
@ -130,7 +131,7 @@ class OvhProvider extends AbstractProvider
|
||||
/**
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function verifyAuthData(array $authData): array
|
||||
public function verifySpecificAuthData(array $authData): array
|
||||
{
|
||||
$appKey = $authData['appKey'];
|
||||
$appSecret = $authData['appSecret'];
|
||||
@ -139,10 +140,6 @@ class OvhProvider extends AbstractProvider
|
||||
$ovhSubsidiary = $authData['ovhSubsidiary'];
|
||||
$pricingMode = $authData['pricingMode'];
|
||||
|
||||
$acceptConditions = $authData['acceptConditions'];
|
||||
$ownerLegalAge = $authData['ownerLegalAge'];
|
||||
$waiveRetractationPeriod = $authData['waiveRetractationPeriod'];
|
||||
|
||||
if (!is_string($appKey) || empty($appKey)
|
||||
|| !is_string($appSecret) || empty($appSecret)
|
||||
|| !is_string($consumerKey) || empty($consumerKey)
|
||||
@ -153,12 +150,6 @@ class OvhProvider extends AbstractProvider
|
||||
throw new BadRequestHttpException('Bad authData schema');
|
||||
}
|
||||
|
||||
if (true !== $acceptConditions
|
||||
|| true !== $ownerLegalAge
|
||||
|| true !== $waiveRetractationPeriod) {
|
||||
throw new HttpException(451, 'The user has not given explicit consent');
|
||||
}
|
||||
|
||||
return [
|
||||
'appKey' => $appKey,
|
||||
'appSecret' => $appSecret,
|
||||
@ -166,9 +157,6 @@ class OvhProvider extends AbstractProvider
|
||||
'consumerKey' => $consumerKey,
|
||||
'ovhSubsidiary' => $ovhSubsidiary,
|
||||
'pricingMode' => $pricingMode,
|
||||
'acceptConditions' => $acceptConditions,
|
||||
'ownerLegalAge' => $ownerLegalAge,
|
||||
'waiveRetractationPeriod' => $waiveRetractationPeriod,
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
@ -98,7 +98,7 @@ readonly class RDAPService
|
||||
private TldRepository $tldRepository,
|
||||
private EntityManagerInterface $em,
|
||||
private LoggerInterface $logger,
|
||||
private StatService $statService
|
||||
private StatService $statService,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
@ -7,7 +7,7 @@ use Psr\Cache\CacheItemPoolInterface;
|
||||
readonly class StatService
|
||||
{
|
||||
public function __construct(
|
||||
private CacheItemPoolInterface $pool
|
||||
private CacheItemPoolInterface $pool,
|
||||
) {
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user