Skip to content

Commit

Permalink
Merge pull request #2780 from appwrite/0.12-acme-fix
Browse files Browse the repository at this point in the history
[0.12] Added ACME validator
  • Loading branch information
TorstenDittmann committed Feb 11, 2022
2 parents b40ebf5 + 7f23fb8 commit 892f6fa
Showing 1 changed file with 19 additions and 1 deletion.
20 changes: 19 additions & 1 deletion app/controllers/general.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
use Utopia\Logger\Log\User;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Utopia\Validator\Text;
use Appwrite\Utopia\View;
use Utopia\Exception;
use Utopia\Config\Config;
Expand Down Expand Up @@ -524,9 +525,26 @@
->inject('request')
->inject('response')
->action(function ($request, $response) {
$uriChunks = \explode('/', $request->getURI());
$token = $uriChunks[\count($uriChunks) - 1];

$validator = new Text(100, [
...Text::NUMBERS,
...Text::ALPHABET_LOWER,
...Text::ALPHABET_UPPER,
'-',
'_'
]);

if (!$validator->isValid($token) || \count($uriChunks) !== 4) {
throw new Exception('Invalid challenge token.', 400);
}

$filePath = '/.well-known/acme-challenge' . $token;

$base = \realpath(APP_STORAGE_CERTIFICATES);
$path = \str_replace('/.well-known/acme-challenge/', '', $request->getURI());
$absolute = \realpath($base.'/.well-known/acme-challenge/'.$path);
$absolute = \realpath($base.'/.well-known/acme-challenge/'.$filePath);

if (!$base) {
throw new Exception('Storage error', 500);
Expand Down

0 comments on commit 892f6fa

Please sign in to comment.