gbili/webservice
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allow api methods whitelisting

Browse Source
This commit is contained in:
Guillermo Dev
2018-12-05 00:25:41 +01:00
parent 02573f343c
commit 941b47eb06
3 changed files with 62 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
log/log.txt
View File

@@ -1,16 +1,16 @@
(n-a) - [14.10.2018 12:35:19] - 400 NoArguments - 2.01ms - (none) (n-a) - [04.12.2018 23:25:12] - 400 NoArguments - 1.29ms - (none)
(n-a) - [14.10.2018 12:35:19] - 400 NoArguments - 0.73ms - (none) (n-a) - [04.12.2018 23:25:12] - 400 NoArguments - 1.13ms - (none)
(n-a) - [14.10.2018 12:35:19] - 400 MissingMethod - 1.23ms - (none) (n-a) - [04.12.2018 23:25:12] - 400 MissingMethod - 0.91ms - (none)
(n-a) - [14.10.2018 12:35:19] - 400 MissingMethod - 0.04ms - (none) (n-a) - [04.12.2018 23:25:12] - 400 MissingMethod - 0.07ms - (none)
(n-a) - [14.10.2018 12:35:19] - 400 MissingMethod - 0.06ms - (none) (n-a) - [04.12.2018 23:25:12] - 400 MissingMethod - 0.05ms - (none)
(n-a) - [14.10.2018 12:35:19] - 400 BadMethod - 0.06ms - someNonExistentMockFunction() (n-a) - [04.12.2018 23:25:12] - 400 BadMethod - 0.06ms - (none)
(n-a) - [14.10.2018 12:35:19] - 400 BadMethod - 0.05ms - someNonExistentMockFunction() (n-a) - [04.12.2018 23:25:12] - 400 BadMethod - 0.06ms - (none)
(n-a) - [14.10.2018 12:35:19] - 400 TooFewArgs - 0.85ms - someMockFunction() (n-a) - [04.12.2018 23:25:12] - 400 TooFewArgs - 0.91ms - (none)
(n-a) - [14.10.2018 12:35:19] - 400 TooFewArgs - 0.18ms - someMockFunction(val) (n-a) - [04.12.2018 23:25:12] - 400 TooFewArgs - 0.23ms - (none)
(n-a) - [14.10.2018 12:35:19] - 400 TooManyArgs - 0.15ms - someMockFunction(val, val, val, val) (n-a) - [04.12.2018 23:25:12] - 400 TooManyArgs - 0.28ms - (none)
(n-a) - [14.10.2018 12:35:19] - 200 - 0.03ms - someMockFunction(val, val) (n-a) - [04.12.2018 23:25:12] - 200 - 0.05ms - someMockFunction(val, val)
(n-a) - [14.10.2018 12:35:19] - 200 - 0.03ms - someMockFunction(val, val, val) (n-a) - [04.12.2018 23:25:12] - 200 - 0.05ms - someMockFunction(val, val, val)
(n-a) - [14.10.2018 12:35:19] - 200 - 0.03ms - someMockFunction(val, val, val) (n-a) - [04.12.2018 23:25:12] - 200 - 0.04ms - someMockFunction(val, val, val)
(n-a) - [14.10.2018 12:35:19] - 200 - 0.03ms - someOtherMockFunction(one, two, threeOpt) (n-a) - [04.12.2018 23:25:12] - 200 - 0.04ms - someOtherMockFunction(one, two, threeOpt)
(n-a) - [14.10.2018 12:35:19] - 200 - 0.03ms - someOtherMockFunction(two, threeOpt, one) (n-a) - [04.12.2018 23:25:12] - 200 - 0.05ms - someOtherMockFunction(two, threeOpt, one)
(n-a) - [14.10.2018 12:35:19] - 200 - 0.03ms - someOtherMockFunction(two, threeOpt, one) (n-a) - [04.12.2018 23:25:12] - 200 - 0.06ms - someOtherMockFunction(two, threeOpt, one)

12
src/Webservice/Exception/ConfigException.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
namespace Bsr\Webservice\Exception;
/**
* This exception should be raised by the WebService engine when
* there is an error in the provided configuration information.
*
* @package Bsr\Webservice\Exception
*/
class ConfigException extends \Exception {
}

39
src/Webservice/WebService.php
View File

@@ -3,6 +3,7 @@
namespace Bsr\Webservice; namespace Bsr\Webservice;
use Bsr\Webservice\Exception\UsageException; use Bsr\Webservice\Exception\UsageException;
use Bsr\Webservice\Exception\ConfigException;
use Bsr\Webservice\Exception\WebException; use Bsr\Webservice\Exception\WebException;
use Bsr\Utils\Configuration\Configuration; use Bsr\Utils\Configuration\Configuration;
use Bsr\Utils\Logger\Logger; use Bsr\Utils\Logger\Logger;
@@ -91,19 +92,33 @@ abstract class WebService
$params = $this->filterParams($params); $params = $this->filterParams($params);
$this->isAllowedMethodNameOrThrow($params["func"]);
$this->func = $params["func"]; $this->func = $params["func"];
unset($params['func']); unset($params['func']);
$this->paramsMatchMethodDeclarationOrThrow($params);
Logger::info(array( Logger::info(array(
'func' => $this->func.'('.implode(', ', $params).')', 'func' => $this->func.'('.implode(', ', $params).')',
)); ));
if (!is_callable(array($this, $this->func))) { return call_user_func_array(array($this, $this->func), $params);
throw new UsageException("BadMethod", "Method {$this->func} does not exists.", UsageException::BAD_METHOD); }
/**
* Verify that the provided params match the declaration of the requested method
* @param array $params
* @throws UsageException
*/
protected function paramsMatchMethodDeclarationOrThrow($params)
{
if (!is_callable(array($this, $this->func))) {
throw new UsageException("BadMethod", "Method {$this->func} does not exist.", UsageException::BAD_METHOD);
} }
$rm = new \ReflectionMethod($this, $this->func);
$nbParams = count($params); $nbParams = count($params);
$rm = new \ReflectionMethod($this, $this->func);
$nbArgsFix = $rm->getNumberOfRequiredParameters(); $nbArgsFix = $rm->getNumberOfRequiredParameters();
$nbArgs = $rm->getNumberOfParameters(); $nbArgs = $rm->getNumberOfParameters();
@@ -114,8 +129,24 @@ abstract class WebService
if ($nbParams > $nbArgs) { if ($nbParams > $nbArgs) {
throw new UsageException("TooManyArgs", "You must provide at most $nbArgs arguments.", UsageException::TOO_MANY_ARGS); throw new UsageException("TooManyArgs", "You must provide at most $nbArgs arguments.", UsageException::TOO_MANY_ARGS);
} }
}
return call_user_func_array(array($this, $this->func), $params); /**
* If no configuration is available assumes that all public methods are allowed
* @param string the requested method name from api param func
*/
protected function isAllowedMethodNameOrThrow($requestedMethodName)
{
$allowedMethodNames = Configuration::get('webservice.api_method_names', null);
if (null === $allowedMethodNames) {
return;
}
if (!is_array($allowedMethodNames)) {
throw new ConfigException('Bad config. You should pass an array of method names as strings, in "webservice" key and "api_method_names" subkey');
}
if (!in_array($requestedMethodName, $allowedMethodNames)) {
throw new UsageException("BadMethod", "Method {$requestedMethodName} is not whitelisted. Pick one of :" . implode(', ', $allowedMethodNames), UsageException::BAD_METHOD);
}
} }
/** /**