IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

adding basic transaction handling for incoming transactions, check signature

Browse Source
This commit is contained in:
Dario Rekowski on RockPI 2019-11-03 18:32:41 +00:00
parent 3e170d598d
commit fdd2c140e8
11 changed files with 187 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
composer.lock generated
View File

@ -613,16 +613,16 @@
},
{
"name": "psr/log",
"version": "1.1.1",
"version": "1.1.2",
"source": {
"type": "git",
"url": "https://github.com/php-fig/log.git",
"reference": "bf73deb2b3b896a9d9c75f3f0d88185d2faa27e2"
"reference": "446d54b4cb6bf489fc9d75f55843658e6f25d801"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/log/zipball/bf73deb2b3b896a9d9c75f3f0d88185d2faa27e2",
"reference": "bf73deb2b3b896a9d9c75f3f0d88185d2faa27e2",
"url": "https://api.github.com/repos/php-fig/log/zipball/446d54b4cb6bf489fc9d75f55843658e6f25d801",
"reference": "446d54b4cb6bf489fc9d75f55843658e6f25d801",
"shasum": ""
},
"require": {
@ -656,7 +656,7 @@
"psr",
"psr-3"
],
"time": "2019-10-25T08:06:51+00:00"
"time": "2019-11-01T11:05:21+00:00"
},
{
"name": "psr/simple-cache",
@ -785,16 +785,16 @@
},
{
"name": "symfony/config",
"version": "v4.3.5",
"version": "v4.3.6",
"source": {
"type": "git",
"url": "https://github.com/symfony/config.git",
"reference": "0acb26407a9e1a64a275142f0ae5e36436342720"
"reference": "f4ee0ebb91b16ca1ac105aa39f9284f3cac19a15"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/config/zipball/0acb26407a9e1a64a275142f0ae5e36436342720",
"reference": "0acb26407a9e1a64a275142f0ae5e36436342720",
"url": "https://api.github.com/repos/symfony/config/zipball/f4ee0ebb91b16ca1ac105aa39f9284f3cac19a15",
"reference": "f4ee0ebb91b16ca1ac105aa39f9284f3cac19a15",
"shasum": ""
},
"require": {
@ -845,20 +845,20 @@
],
"description": "Symfony Config Component",
"homepage": "https://symfony.com",
"time": "2019-09-19T15:51:53+00:00"
"time": "2019-10-30T13:18:51+00:00"
},
{
"name": "symfony/console",
"version": "v4.3.5",
"version": "v4.3.6",
"source": {
"type": "git",
"url": "https://github.com/symfony/console.git",
"reference": "929ddf360d401b958f611d44e726094ab46a7369"
"reference": "136c4bd62ea871d00843d1bc0316de4c4a84bb78"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/console/zipball/929ddf360d401b958f611d44e726094ab46a7369",
"reference": "929ddf360d401b958f611d44e726094ab46a7369",
"url": "https://api.github.com/repos/symfony/console/zipball/136c4bd62ea871d00843d1bc0316de4c4a84bb78",
"reference": "136c4bd62ea871d00843d1bc0316de4c4a84bb78",
"shasum": ""
},
"require": {
@ -920,11 +920,11 @@
],
"description": "Symfony Console Component",
"homepage": "https://symfony.com",
"time": "2019-10-07T12:36:49+00:00"
"time": "2019-10-30T12:58:49+00:00"
},
{
"name": "symfony/filesystem",
"version": "v4.3.5",
"version": "v4.3.6",
"source": {
"type": "git",
"url": "https://github.com/symfony/filesystem.git",
@ -1207,16 +1207,16 @@
},
{
"name": "symfony/yaml",
"version": "v4.3.5",
"version": "v4.3.6",
"source": {
"type": "git",
"url": "https://github.com/symfony/yaml.git",
"reference": "41e16350a2a1c7383c4735aa2f9fce74cf3d1178"
"reference": "324cf4b19c345465fad14f3602050519e09e361d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/yaml/zipball/41e16350a2a1c7383c4735aa2f9fce74cf3d1178",
"reference": "41e16350a2a1c7383c4735aa2f9fce74cf3d1178",
"url": "https://api.github.com/repos/symfony/yaml/zipball/324cf4b19c345465fad14f3602050519e09e361d",
"reference": "324cf4b19c345465fad14f3602050519e09e361d",
"shasum": ""
},
"require": {
@ -1262,7 +1262,7 @@
],
"description": "Symfony Yaml Component",
"homepage": "https://symfony.com",
"time": "2019-09-11T15:41:19+00:00"
"time": "2019-10-30T12:58:49+00:00"
},
{
"name": "zendframework/zend-diactoros",
@ -1594,16 +1594,16 @@
},
{
"name": "cakephp/debug_kit",
"version": "3.20.3",
"version": "3.20.5",
"source": {
"type": "git",
"url": "https://github.com/cakephp/debug_kit.git",
"reference": "2ebc6b61fdb4741e890c564ab4d55a9b1d29c47f"
"reference": "7c399398fc31db2cfad93400c0986a160ddc3834"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/cakephp/debug_kit/zipball/2ebc6b61fdb4741e890c564ab4d55a9b1d29c47f",
"reference": "2ebc6b61fdb4741e890c564ab4d55a9b1d29c47f",
"url": "https://api.github.com/repos/cakephp/debug_kit/zipball/7c399398fc31db2cfad93400c0986a160ddc3834",
"reference": "7c399398fc31db2cfad93400c0986a160ddc3834",
"shasum": ""
},
"require": {
@ -1650,7 +1650,7 @@
"debug",
"kit"
],
"time": "2019-10-09T01:55:34+00:00"
"time": "2019-11-01T01:21:14+00:00"
},
{
"name": "composer/ca-bundle",
@ -1710,16 +1710,16 @@
},
{
"name": "composer/composer",
"version": "1.9.0",
"version": "1.9.1",
"source": {
"type": "git",
"url": "https://github.com/composer/composer.git",
"reference": "314aa57fdcfc942065996f59fb73a8b3f74f3fa5"
"reference": "bb01f2180df87ce7992b8331a68904f80439dd2f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/composer/composer/zipball/314aa57fdcfc942065996f59fb73a8b3f74f3fa5",
"reference": "314aa57fdcfc942065996f59fb73a8b3f74f3fa5",
"url": "https://api.github.com/repos/composer/composer/zipball/bb01f2180df87ce7992b8331a68904f80439dd2f",
"reference": "bb01f2180df87ce7992b8331a68904f80439dd2f",
"shasum": ""
},
"require": {
@ -1786,7 +1786,7 @@
"dependency",
"package"
],
"time": "2019-08-02T18:55:33+00:00"
"time": "2019-11-01T16:20:17+00:00"
},
{
"name": "composer/semver",
@ -4005,16 +4005,16 @@
},
{
"name": "symfony/finder",
"version": "v4.3.5",
"version": "v4.3.6",
"source": {
"type": "git",
"url": "https://github.com/symfony/finder.git",
"reference": "5e575faa95548d0586f6bedaeabec259714e44d1"
"reference": "72a068f77e317ae77c0a0495236ad292cfb5ce6f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/finder/zipball/5e575faa95548d0586f6bedaeabec259714e44d1",
"reference": "5e575faa95548d0586f6bedaeabec259714e44d1",
"url": "https://api.github.com/repos/symfony/finder/zipball/72a068f77e317ae77c0a0495236ad292cfb5ce6f",
"reference": "72a068f77e317ae77c0a0495236ad292cfb5ce6f",
"shasum": ""
},
"require": {
@ -4050,7 +4050,7 @@
],
"description": "Symfony Finder Component",
"homepage": "https://symfony.com",
"time": "2019-09-16T11:29:48+00:00"
"time": "2019-10-30T12:53:54+00:00"
},
{
"name": "symfony/polyfill-php72",
@ -4109,16 +4109,16 @@
},
{
"name": "symfony/process",
"version": "v4.3.5",
"version": "v4.3.6",
"source": {
"type": "git",
"url": "https://github.com/symfony/process.git",
"reference": "50556892f3cc47d4200bfd1075314139c4c9ff4b"
"reference": "3b2e0cb029afbb0395034509291f21191d1a4db0"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/process/zipball/50556892f3cc47d4200bfd1075314139c4c9ff4b",
"reference": "50556892f3cc47d4200bfd1075314139c4c9ff4b",
"url": "https://api.github.com/repos/symfony/process/zipball/3b2e0cb029afbb0395034509291f21191d1a4db0",
"reference": "3b2e0cb029afbb0395034509291f21191d1a4db0",
"shasum": ""
},
"require": {
@ -4154,20 +4154,20 @@
],
"description": "Symfony Process Component",
"homepage": "https://symfony.com",
"time": "2019-09-26T21:17:10+00:00"
"time": "2019-10-28T17:07:32+00:00"
},
{
"name": "symfony/var-dumper",
"version": "v4.3.5",
"version": "v4.3.6",
"source": {
"type": "git",
"url": "https://github.com/symfony/var-dumper.git",
"reference": "bde8957fc415fdc6964f33916a3755737744ff05"
"reference": "ea4940845535c85ff5c505e13b3205b0076d07bf"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/var-dumper/zipball/bde8957fc415fdc6964f33916a3755737744ff05",
"reference": "bde8957fc415fdc6964f33916a3755737744ff05",
"url": "https://api.github.com/repos/symfony/var-dumper/zipball/ea4940845535c85ff5c505e13b3205b0076d07bf",
"reference": "ea4940845535c85ff5c505e13b3205b0076d07bf",
"shasum": ""
},
"require": {
@ -4230,7 +4230,7 @@
"debug",
"dump"
],
"time": "2019-10-04T19:48:13+00:00"
"time": "2019-10-13T12:02:04+00:00"
},
{
"name": "theseer/tokenizer",

4
config/app.default.php
View File

@ -396,5 +396,7 @@ return [
'LoginServer' => [
'host' => 'http://127.0.0.1',
'port' => 1201
]
],
'GroupNode' => false
];

18
config/routes.php
View File

@ -46,10 +46,22 @@ use Cake\Routing\Route\DashedRoute;
Router::defaultRouteClass(DashedRoute::class);
Router::scope('/', function (RouteBuilder $routes) {
// Register scoped middleware for in scopes.
$routes->registerMiddleware('csrf', new CsrfProtectionMiddleware([
$csrf = new CsrfProtectionMiddleware([
'httpOnly' => true
]));
]);
// Token check will be skipped when callback returns `true`.
$csrf->whitelistCallback(function ($request) {
// Skip token check for API URLs.
//die($request->getParam('controller'));
if($request->getParam('controller') === 'TransactionJsonRequestHandler') {
return true;
}
});
// Register scoped middleware for in scopes.
$routes->registerMiddleware('csrf', $csrf);
/**
* Apply a middleware to the current route scope.

2
mithril_client

@ -1 +1 @@
Subproject commit 2e6245c8eb8d86945f5b251f01e5a1d56c84cce7
Subproject commit 680e56876d6e7f2778bff4eb49c880063716b391

20
src/Application.php
View File

@ -18,9 +18,12 @@ use Cake\Core\Configure;
use Cake\Core\Exception\MissingPluginException;
use Cake\Error\Middleware\ErrorHandlerMiddleware;
use Cake\Http\BaseApplication;
use Cake\Http\Middleware\CsrfProtectionMiddleware;
use Cake\Routing\Middleware\AssetMiddleware;
use Cake\Routing\Middleware\RoutingMiddleware;
/**
* Application setup class.
*
@ -51,6 +54,8 @@ class Application extends BaseApplication
// Load more plugins here
}
/**
* Setup the middleware queue your application will use.
@ -60,7 +65,22 @@ class Application extends BaseApplication
*/
public function middleware($middlewareQueue)
{
//$csrf = new CsrfProtectionMiddleware();
// Token check will be skipped when callback returns `true`.
/*$csrf->whitelistCallback(function ($request) {
// Skip token check for API URLs.
//if ($request->getParam('prefix') === 'api') {
if($request->getAttribute('base') === 'TransactionJsonRequestHandler') {
return true;
}
});
*/
// Ensure routing middleware is added to the queue before CSRF protection middleware.
//$middlewareQueue->;
$middlewareQueue
// ->add($csrf)
// Catch any exceptions in the lower layers,
// and make an error page/response
->add(new ErrorHandlerMiddleware(null, Configure::read('Error')))

65
src/Model/Transactions/Transaction.php Normal file
View File

@ -0,0 +1,65 @@
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
namespace App\Model\Transactions;
//use Model\Messages\Gradido\Transaction;
//use Model\Messages\Gradido\TransactionBody;
class Transaction extends TransactionBase {
private $mProtoTransaction = null;
private $mProtoTransactionBody = null;
private $errors = [];
public function __construct($base64Data) {
$transactionBin = base64_decode($base64Data);
if($transactionBin == FALSE) {
$this->addError('base64 decode failed');
} else {
$this->mProtoTransaction = new \Messages\Gradido\Transaction();
$this->mProtoTransaction->mergeFromString($transactionBin);
$this->mProtoTransactionBody = new Messages\Gradido\TransactionBody();
$this->mProtoTransactionBody->mergeFromString($this->mProtoTransaction->getBodyBytes());
$data = $this->mProtoTransactionBody->getData();
var_dump($data);
}
}
public function validate() {
$sigPairs = $this->mProtoTransaction->getSigMap()->getSigPair();
$bodyBytes = $this->mProtoTransaction->getBodyBytes();
// check signature(s)
foreach($sigPairs as $sigPair) {
$pubkey = $sigPair->getPubKey();
$signature = $sigPair->getEd25519();
if (!\Sodium\crypto_sign_verify_detached($signature, $bodyBytes, $pubkey)) {
$this->addError('signature for key ' . bin2hex($pubkey) . ' isn\'t valid ' );
return false;
}
}
return true;
}
public function getErrors() {
return $this->errors;
}
public function hasErrors() {
return count($this->errors) > 0;
}
private function addError($message) {
array_push($this->errors, $message);
}
}

7
src/Model/Transactions/TransactionBase.php Normal file
View File

@ -0,0 +1,7 @@
<?php
namespace App\Model\Transactions;
class TransactionBase {
}

7
src/Model/Transactions/TransactionBody.php Normal file
View File

@ -0,0 +1,7 @@
<?php
namespace App\Model\Transactions;
class TransactionBody extends TransactionBase {
}

9
src/Model/Transactions/TransactionCreation.php Normal file
View File

@ -0,0 +1,9 @@
<?php
namespace App\Model\Transactions;
//use App\Model\Transactions\TransactionBase;
class TransactionCreation extends TransactionBase {
}

10
src/Model/Transactions/TransactionTransfer.php Normal file
View File

@ -0,0 +1,10 @@
<?php
namespace App\Model\Transactions;
//use App\Model\Transactions\TransactionBase;
class TransactionTransfer extends TransactionBase {
}

8
src/Template/Layout/frontend.ctp
View File

@ -17,7 +17,7 @@ use Cake\Routing\Router;
$cakeDescription = 'Gradido';
$session = $this->getRequest()->getSession();
$transactionPendings = $session->read('Transactions.pending');
//echo "transactions pending: " . $transactionPendings;
?>
<!DOCTYPE html>
<html>
@ -40,7 +40,7 @@ $transactionPendings = $session->read('Transactions.pending');
<body>
<div class="versionstring dev-info">
<p class="grd_small">Community Server in Entwicklung</p>
<p class="grd_small">Alpha 0.4.3</p>
<p class="grd_small">Alpha 0.4.4</p>
</div>
<nav class="grd-left-bar expanded" data-topbar role="navigation">
<div class="grd-left-bar-section">
@ -49,12 +49,12 @@ $transactionPendings = $session->read('Transactions.pending');
<?php if(intval($transactionPendings) > 0) : ?>
<li>
<a href="<?= Router::url('/', true) ?>account/checkTransactions" class="grd-nav-bn">
<a href="<?= Router::url('', true) ?>account/checkTransactions" class="grd-nav-bn">
<?= __("Transaktionen unterzeichnen") . '&nbsp;(' . intval($transactionPendings) . ')'?>
</a>
</li>
<?php else: ?>
<li><a href="<?= Router::url('/', true) ?>account/logout" class="grd-nav-bn"><?= __("Logout"); ?></a></li>
<li><a href="<?= Router::url('', true) ?>account/logout" class="grd-nav-bn"><?= __("Logout"); ?></a></li>
<?php endif; ?>
</ul>
</div>