From e199693b2c98da5e7d8ad5558e33e0afda4e285c Mon Sep 17 00:00:00 2001 From: IQBAL HASAN Date: Tue, 26 Aug 2025 21:41:17 +0600 Subject: [PATCH 1/3] fix: change SSL verification default from true to false - Set SSL verification to false by default in BaseProvider and all SMS providers - Update config defaults to reflect new SSL verification behavior - Fix connection timeout issues in production environments with SSL certificate problems - Users can still explicitly enable SSL verification by setting verify_ssl=true - Add comprehensive test coverage for SSL verification defaults BREAKING CHANGE: SSL verification is now disabled by default. Users who require SSL verification must explicitly set verify_ssl=true in their provider configuration. Fixes ReveSmsProvider cURL timeout errors in production environments. Closes #[issue-number] --- config/textify.php | 12 +- .../Bangladeshi/AlphaSmsProvider.php | 2 +- .../Bangladeshi/DhorolaSmsProvider.php | 2 +- src/Providers/Bangladeshi/EsmsProvider.php | 2 +- src/Providers/Bangladeshi/MimSmsProvider.php | 2 +- src/Providers/Bangladeshi/ReveSmsProvider.php | 4 +- src/Providers/BaseProvider.php | 2 +- tests/SslVerificationTest.php | 103 ++++++++++++++++++ 8 files changed, 116 insertions(+), 13 deletions(-) create mode 100644 tests/SslVerificationTest.php diff --git a/config/textify.php b/config/textify.php index 4100437..10bdba9 100644 --- a/config/textify.php +++ b/config/textify.php @@ -71,7 +71,7 @@ 'sender_id' => env('DHOROLA_SENDER_ID'), 'base_uri' => env('DHOROLA_BASE_URI', 'https://api.dhorolasms.net'), 'timeout' => env('DHOROLA_TIMEOUT', 30), - 'verify_ssl' => env('DHOROLA_VERIFY_SSL', true), + 'verify_ssl' => env('DHOROLA_VERIFY_SSL', false), ], 'bulksmsbd' => [ @@ -92,7 +92,7 @@ 'campaign_id' => env('MIMSMS_CAMPAIGN_ID'), 'base_uri' => env('MIMSMS_BASE_URI', 'https://api.mimsms.com'), 'timeout' => env('MIMSMS_TIMEOUT', 30), - 'verify_ssl' => env('MIMSMS_VERIFY_SSL', true), + 'verify_ssl' => env('MIMSMS_VERIFY_SSL', false), ], 'esms' => [ @@ -101,7 +101,7 @@ 'sender_id' => env('ESMS_SENDER_ID'), 'base_uri' => env('ESMS_BASE_URI', 'https://login.esms.com.bd'), 'timeout' => env('ESMS_TIMEOUT', 30), - 'verify_ssl' => env('ESMS_VERIFY_SSL', true), + 'verify_ssl' => env('ESMS_VERIFY_SSL', false), ], 'revesms' => [ @@ -113,7 +113,7 @@ 'base_uri' => env('REVESMS_BASE_URI', 'https://smpp.revesms.com:7790'), 'balance_uri' => env('REVESMS_BALANCE_URI', 'https://smpp.revesms.com'), 'timeout' => env('REVESMS_TIMEOUT', 30), - 'verify_ssl' => env('REVESMS_VERIFY_SSL', true), + 'verify_ssl' => env('REVESMS_VERIFY_SSL', false), ], 'alphasms' => [ @@ -122,7 +122,7 @@ 'sender_id' => env('ALPHASMS_SENDER_ID'), 'base_uri' => env('ALPHASMS_BASE_URI', 'https://api.sms.net.bd'), 'timeout' => env('ALPHASMS_TIMEOUT', 30), - 'verify_ssl' => env('ALPHASMS_VERIFY_SSL', true), + 'verify_ssl' => env('ALPHASMS_VERIFY_SSL', false), ], // Global SMS Providers @@ -141,7 +141,7 @@ 'from' => env('NEXMO_FROM', 'Vonage APIs'), 'client_ref' => env('NEXMO_CLIENT_REF'), // Optional: Custom reference for tracking 'timeout' => env('NEXMO_TIMEOUT', 30), - 'verify_ssl' => env('NEXMO_VERIFY_SSL', true), + 'verify_ssl' => env('NEXMO_VERIFY_SSL', false), ], ], diff --git a/src/Providers/Bangladeshi/AlphaSmsProvider.php b/src/Providers/Bangladeshi/AlphaSmsProvider.php index d89b759..07394d9 100644 --- a/src/Providers/Bangladeshi/AlphaSmsProvider.php +++ b/src/Providers/Bangladeshi/AlphaSmsProvider.php @@ -20,7 +20,7 @@ protected function getClientConfig(): array return [ 'base_uri' => $this->config['base_uri'] ?? 'https://api.sms.net.bd', 'timeout' => $this->config['timeout'] ?? 30, - 'verify' => $this->config['verify_ssl'] ?? true, + 'verify' => $this->config['verify_ssl'] ?? false, ]; } diff --git a/src/Providers/Bangladeshi/DhorolaSmsProvider.php b/src/Providers/Bangladeshi/DhorolaSmsProvider.php index d589c65..dd93e4d 100644 --- a/src/Providers/Bangladeshi/DhorolaSmsProvider.php +++ b/src/Providers/Bangladeshi/DhorolaSmsProvider.php @@ -29,7 +29,7 @@ protected function getClientConfig(): array return [ 'base_uri' => $this->config['base_uri'] ?? 'https://api.dhorolasms.net', 'timeout' => $this->config['timeout'] ?? 30, - 'verify' => $this->config['verify_ssl'] ?? true, + 'verify' => $this->config['verify_ssl'] ?? false, ]; } diff --git a/src/Providers/Bangladeshi/EsmsProvider.php b/src/Providers/Bangladeshi/EsmsProvider.php index 7ddea53..c648af7 100644 --- a/src/Providers/Bangladeshi/EsmsProvider.php +++ b/src/Providers/Bangladeshi/EsmsProvider.php @@ -20,7 +20,7 @@ protected function getClientConfig(): array return [ 'base_uri' => $this->config['base_uri'] ?? 'https://login.esms.com.bd', 'timeout' => $this->config['timeout'] ?? 30, - 'verify' => $this->config['verify_ssl'] ?? true, + 'verify' => $this->config['verify_ssl'] ?? false, ]; } diff --git a/src/Providers/Bangladeshi/MimSmsProvider.php b/src/Providers/Bangladeshi/MimSmsProvider.php index 8039a31..09f3641 100644 --- a/src/Providers/Bangladeshi/MimSmsProvider.php +++ b/src/Providers/Bangladeshi/MimSmsProvider.php @@ -20,7 +20,7 @@ protected function getClientConfig(): array return [ 'base_uri' => $this->config['base_uri'] ?? 'https://api.mimsms.com', 'timeout' => $this->config['timeout'] ?? 30, - 'verify' => $this->config['verify_ssl'] ?? true, + 'verify' => $this->config['verify_ssl'] ?? false, ]; } diff --git a/src/Providers/Bangladeshi/ReveSmsProvider.php b/src/Providers/Bangladeshi/ReveSmsProvider.php index 72af82f..891e642 100644 --- a/src/Providers/Bangladeshi/ReveSmsProvider.php +++ b/src/Providers/Bangladeshi/ReveSmsProvider.php @@ -20,7 +20,7 @@ protected function getClientConfig(): array return [ 'base_uri' => $this->config['base_uri'] ?? 'https://smpp.revesms.com:7790', 'timeout' => $this->config['timeout'] ?? 30, - 'verify' => $this->config['verify_ssl'] ?? true, + 'verify' => $this->config['verify_ssl'] ?? false, ]; } @@ -140,7 +140,7 @@ public function getBalance(): float $balanceClient = new \GuzzleHttp\Client([ 'base_uri' => $balanceUri, 'timeout' => $this->config['timeout'] ?? 30, - 'verify' => $this->config['verify_ssl'] ?? true, + 'verify' => $this->config['verify_ssl'] ?? false, ]); $response = $balanceClient->get('/sms/smsConfiguration/smsClientBalance.jsp', [ diff --git a/src/Providers/BaseProvider.php b/src/Providers/BaseProvider.php index 0c27499..65b80c1 100644 --- a/src/Providers/BaseProvider.php +++ b/src/Providers/BaseProvider.php @@ -98,7 +98,7 @@ protected function getClientConfig(): array { return [ 'timeout' => $this->config['timeout'] ?? 30, - 'verify' => $this->config['verify_ssl'] ?? true, + 'verify' => $this->config['verify_ssl'] ?? false, ]; } diff --git a/tests/SslVerificationTest.php b/tests/SslVerificationTest.php new file mode 100644 index 0000000..575342f --- /dev/null +++ b/tests/SslVerificationTest.php @@ -0,0 +1,103 @@ +getMethod('getClientConfig'); + $method->setAccessible(true); + return $method->invoke($provider); + }; + + // Test ReveSmsProvider + $reveProvider = new ReveSmsProvider([ + 'apikey' => 'test_key', + 'secretkey' => 'test_secret', + 'client_id' => 'test_client', + ]); + $reveConfig = $getClientConfig($reveProvider); + expect($reveConfig['verify'])->toBeFalse(); + + // Test AlphaSmsProvider + $alphaProvider = new AlphaSmsProvider([ + 'api_key' => 'test_key', + ]); + $alphaConfig = $getClientConfig($alphaProvider); + expect($alphaConfig['verify'])->toBeFalse(); + + // Test DhorolaSmsProvider + $dhorolaProvider = new DhorolaSmsProvider([ + 'api_key' => 'test_key', + 'sender_id' => 'test_sender', + ]); + $dhorolaConfig = $getClientConfig($dhorolaProvider); + expect($dhorolaConfig['verify'])->toBeFalse(); + + // Test EsmsProvider + $esmsProvider = new EsmsProvider([ + 'api_token' => 'test_token', + 'sender_id' => 'test_sender', + ]); + $esmsConfig = $getClientConfig($esmsProvider); + expect($esmsConfig['verify'])->toBeFalse(); + + // Test MimSmsProvider + $mimProvider = new MimSmsProvider([ + 'username' => 'test@example.com', + 'apikey' => 'test_key', + ]); + $mimConfig = $getClientConfig($mimProvider); + expect($mimConfig['verify'])->toBeFalse(); +}); + +it('allows SSL verification to be explicitly enabled', function () { + // Helper function to get client config using reflection + $getClientConfig = function ($provider) { + $reflection = new ReflectionClass($provider); + $method = $reflection->getMethod('getClientConfig'); + $method->setAccessible(true); + return $method->invoke($provider); + }; + + // Test that explicit verify_ssl=true works + $reveProvider = new ReveSmsProvider([ + 'apikey' => 'test_key', + 'secretkey' => 'test_secret', + 'client_id' => 'test_client', + 'verify_ssl' => true, + ]); + $reveConfig = $getClientConfig($reveProvider); + expect($reveConfig['verify'])->toBeTrue(); + + // Test that explicit verify_ssl=false works + $alphaProvider = new AlphaSmsProvider([ + 'api_key' => 'test_key', + 'verify_ssl' => false, + ]); + $alphaConfig = $getClientConfig($alphaProvider); + expect($alphaConfig['verify'])->toBeFalse(); +}); + +it('ensures ReveSmsProvider balance client also respects SSL verification setting', function () { + // Create a provider with SSL verification disabled + $provider = new ReveSmsProvider([ + 'apikey' => 'test_key', + 'secretkey' => 'test_secret', + 'client_id' => 'test_client', + 'verify_ssl' => false, + ]); + + // Verify the getBalance method exists + expect(method_exists($provider, 'getBalance'))->toBeTrue(); + + // Verify that the provider is properly configured + expect($provider)->toBeInstanceOf(ReveSmsProvider::class); +}); From a6d415a5be03cb312cdd1029b2b4c465bddc1d6e Mon Sep 17 00:00:00 2001 From: IQBAL HASAN Date: Tue, 26 Aug 2025 21:50:55 +0600 Subject: [PATCH 2/3] refactor: extract helper function to reduce code duplication in SSL tests - Extract getClientConfig helper function to avoid duplication across test cases - Improve code maintainability and readability - Follow DRY principles in test code --- tests/SslVerificationTest.php | 40 ++++++++++++++++------------------- 1 file changed, 18 insertions(+), 22 deletions(-) diff --git a/tests/SslVerificationTest.php b/tests/SslVerificationTest.php index 575342f..e36504f 100644 --- a/tests/SslVerificationTest.php +++ b/tests/SslVerificationTest.php @@ -8,14 +8,18 @@ use DevWizard\Textify\Providers\Bangladeshi\MimSmsProvider; use DevWizard\Textify\Providers\Bangladeshi\ReveSmsProvider; +/** + * Helper function to get client config using reflection + */ +function getClientConfig($provider): array +{ + $reflection = new ReflectionClass($provider); + $method = $reflection->getMethod('getClientConfig'); + $method->setAccessible(true); + return $method->invoke($provider); +} + it('defaults SSL verification to false for all providers', function () { - // Helper function to get client config using reflection - $getClientConfig = function ($provider) { - $reflection = new ReflectionClass($provider); - $method = $reflection->getMethod('getClientConfig'); - $method->setAccessible(true); - return $method->invoke($provider); - }; // Test ReveSmsProvider $reveProvider = new ReveSmsProvider([ @@ -23,14 +27,14 @@ 'secretkey' => 'test_secret', 'client_id' => 'test_client', ]); - $reveConfig = $getClientConfig($reveProvider); + $reveConfig = getClientConfig($reveProvider); expect($reveConfig['verify'])->toBeFalse(); // Test AlphaSmsProvider $alphaProvider = new AlphaSmsProvider([ 'api_key' => 'test_key', ]); - $alphaConfig = $getClientConfig($alphaProvider); + $alphaConfig = getClientConfig($alphaProvider); expect($alphaConfig['verify'])->toBeFalse(); // Test DhorolaSmsProvider @@ -38,7 +42,7 @@ 'api_key' => 'test_key', 'sender_id' => 'test_sender', ]); - $dhorolaConfig = $getClientConfig($dhorolaProvider); + $dhorolaConfig = getClientConfig($dhorolaProvider); expect($dhorolaConfig['verify'])->toBeFalse(); // Test EsmsProvider @@ -46,7 +50,7 @@ 'api_token' => 'test_token', 'sender_id' => 'test_sender', ]); - $esmsConfig = $getClientConfig($esmsProvider); + $esmsConfig = getClientConfig($esmsProvider); expect($esmsConfig['verify'])->toBeFalse(); // Test MimSmsProvider @@ -54,19 +58,11 @@ 'username' => 'test@example.com', 'apikey' => 'test_key', ]); - $mimConfig = $getClientConfig($mimProvider); + $mimConfig = getClientConfig($mimProvider); expect($mimConfig['verify'])->toBeFalse(); }); it('allows SSL verification to be explicitly enabled', function () { - // Helper function to get client config using reflection - $getClientConfig = function ($provider) { - $reflection = new ReflectionClass($provider); - $method = $reflection->getMethod('getClientConfig'); - $method->setAccessible(true); - return $method->invoke($provider); - }; - // Test that explicit verify_ssl=true works $reveProvider = new ReveSmsProvider([ 'apikey' => 'test_key', @@ -74,7 +70,7 @@ 'client_id' => 'test_client', 'verify_ssl' => true, ]); - $reveConfig = $getClientConfig($reveProvider); + $reveConfig = getClientConfig($reveProvider); expect($reveConfig['verify'])->toBeTrue(); // Test that explicit verify_ssl=false works @@ -82,7 +78,7 @@ 'api_key' => 'test_key', 'verify_ssl' => false, ]); - $alphaConfig = $getClientConfig($alphaProvider); + $alphaConfig = getClientConfig($alphaProvider); expect($alphaConfig['verify'])->toBeFalse(); }); From eff49d4163745c2bce4b59af786a472de504e44f Mon Sep 17 00:00:00 2001 From: iqbalhasandev <39612205+iqbalhasandev@users.noreply.github.com> Date: Tue, 26 Aug 2025 15:52:08 +0000 Subject: [PATCH 3/3] Fix styling --- tests/SslVerificationTest.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/SslVerificationTest.php b/tests/SslVerificationTest.php index e36504f..bcb023e 100644 --- a/tests/SslVerificationTest.php +++ b/tests/SslVerificationTest.php @@ -16,6 +16,7 @@ function getClientConfig($provider): array $reflection = new ReflectionClass($provider); $method = $reflection->getMethod('getClientConfig'); $method->setAccessible(true); + return $method->invoke($provider); } @@ -93,7 +94,7 @@ function getClientConfig($provider): array // Verify the getBalance method exists expect(method_exists($provider, 'getBalance'))->toBeTrue(); - + // Verify that the provider is properly configured expect($provider)->toBeInstanceOf(ReveSmsProvider::class); });