-
Notifications
You must be signed in to change notification settings - Fork 48
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* Change mock expectation to atLeastOnce() The previous implementation assumed that we'd only want to retrieve our URLs once, but we'd prefer to read them several times. * Add test for t[] vs t[0] handling for accessTokens * Add helper class for flattening arrays in query strings * #428: Fix issue with t[] vs t[0] in URLs breaking accessToken As detailed in Issue #428, certain sites (Facebook) regenerates URLs on their side where arguments using the array syntax of PHP gets an index appended in the URL. This breaks our signed requests and ends up with Facebook receiving a 400 HTTP error response instead of the image. By using the Http\QueryString class from Guzzle we can work around the issue by introducing two new URLs to the list of URLs we test when we check the signature. These URLs will have t[] replaced with t[0] (and up), or t[0], t[1], etc. replaced with t[]. This way we'll accept both possible changes. In cases where parameters are intermingled (t[]=foo&b[]=bar&t[]=baz) this will not help, but I'm fairly certain we won't see any requests like that in the wild. In addition any request made as t[1]=foo&t[0]=bar is undefined (and might give unexpected results). * Change helper class name and add build URL method * Add guzzlehttp/psr7 dependency and update lockfile * Rewrite index array converter for guzzlehttp\psr7. The old version had been removed and deprecated, but by adding a helper function to use `parse_url` data (which is what the Url class in guzzlehttp\psr7 does internally), we can work around limitations in the current one (as it _always_ escapes [] in query argument names, which is suitable for URLs to be used, but not for us - we're validating the content for the signature). * phpdoc-fix
- Loading branch information
1 parent
91c7f38
commit 6a1ff5f
Showing
5 changed files
with
273 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
<?php | ||
/** | ||
* This file is part of the Imbo package | ||
* | ||
* (c) Christer Edvartsen <cogo@starzinger.net> | ||
* | ||
* For the full copyright and license information, please view the LICENSE file that was | ||
* distributed with this source code. | ||
*/ | ||
|
||
namespace Imbo\Helpers; | ||
|
||
/** | ||
* Helper class for useful functions for building/manipulating URLs | ||
* | ||
* @author Mats Lindh <mats@lindh.no> | ||
* @package Core\Helpers | ||
*/ | ||
class Urls { | ||
/** | ||
* Generate a URL from an array with similar structure as returned from parse_url. | ||
* | ||
* @param array $parts An array in the format produced from parse_url | ||
* @return string | ||
*/ | ||
public static function buildFromParseUrlParts(array $parts) { | ||
$url = ''; | ||
|
||
$url .= isset($parts['scheme']) ? $parts['scheme'] : 'http'; | ||
$url .= '://'; | ||
|
||
if (isset($parts['user'])) { | ||
$url .= $parts['user']; | ||
|
||
if (isset($parts['pass'])) { | ||
$url .= ':' . $parts['pass']; | ||
} | ||
|
||
$url .= '@'; | ||
} | ||
|
||
$url .= isset($parts['host']) ? $parts['host'] : ''; | ||
$url .= isset($parts['port']) ? ':' . $parts['port'] : ''; | ||
$url .= isset($parts['path']) ? $parts['path'] : ''; | ||
$url .= isset($parts['query']) ? '?' . $parts['query'] : ''; | ||
$url .= isset($parts['fragment']) ? '#' . $parts['fragment'] : ''; | ||
|
||
return $url; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters