Implemented decoding of base64 encoded json input in middleware, refa…

…ctored middleware to update the correct input source not just general request.

Controllers/EntityController.php

@@ -61,7 +61,7 @@ public function getAllPaginated(Request $request, RangeRequest $rangeRequest)
         $offset = $rangeRequest->isGetLast() ? $totalCount - $limit : $rangeRequest->getOffset();
 
         if ($request->has('q')) {
-            $collection = $this->searchAllEntities(base64_decode($request->query('q')), $limit, $offset, $totalCount);
+            $collection = $this->searchAllEntities($request->query('q'), $limit, $offset, $totalCount);
         } else {
             $collection = $this->getAllEntities($limit, $offset);
         }
@@ -367,9 +367,8 @@ protected function searchAllEntities($query, $limit = null, $offset = null, &$to
         /* @var ElasticquentTrait $model */
         $model = $this->getModel();
 
-        $queryArray = json_decode($query, true);
-        if (is_array($queryArray)) { // Complex query
-            $searchResults = $this->complexSearch($queryArray);
+        if (is_array($query)) { // Complex query
+            $searchResults = $this->complexSearch($query);
         } else {
             $searchResults = $model->searchByQuery([
                 'match_phrase_prefix' => [
@@ -396,9 +395,9 @@ protected function searchAllEntities($query, $limit = null, $offset = null, &$to
     }
 
     /**
-     * @param $model
-     * @param $queryArray
+     * @param array $queryArray
      * @return mixed
+     * @internal param $model
      */
     protected function complexSearch(array $queryArray)
     {

Middleware/TransformInputDataMiddleware.php

@@ -12,6 +12,7 @@
 
 use Closure;
 use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\ParameterBag;
 
 class TransformInputDataMiddleware
 {
@@ -25,7 +26,7 @@ class TransformInputDataMiddleware
      */
     public function handle($request, Closure $next)
     {
-        $this->transformRequestInput($request, $request->all());
+        $this->transformRequestInput($request, $request->query);
         $this->transformRequestInput($request, $request->json());
 
         return $next($request);
@@ -58,27 +59,66 @@ protected function renameKeys(array $array)
     }
 
     /**
-     * @param $request
+     * Transform the input to snake_case keys and process encoded input values
+     * @param Request $request
+     * @param ParameterBag $input
      */
-    protected function transformRequestInput(Request $request, $input)
+    protected function transformRequestInput(Request $request, ParameterBag $input)
     {
         foreach ($input as $key => $value) {
 
+            $value = $this->extractEncodedJson($input, $key, $value);
+
             // Handle snakecase conversion in sub arrays
             if (is_array($value)) {
                 $value = $this->renameKeys($value);
-                $request->offsetSet($key, $value);
+                $input->set($key, $value);
             }
 
             // Find any potential camelCase keys in the 'root' array, and convert
             // them to snake_case
             if (! ctype_lower($key)) {
                 // Only convert if the key will change
                 if ($key != snake_case($key)) {
-                    $request->offsetSet(snake_case($key), $value);
-                    $request->offsetUnset($key);
+                    $input->set(snake_case($key), $value);
+                    $input->remove($key);
                 }
             }
         }
     }
+
+
+    /**
+     * If the input is both base64 encoded and json encoded extract it to array
+     * @param ParameterBag $input
+     * @param $key
+     * @param $value
+     * @return mixed
+     */
+    private function extractEncodedJson(ParameterBag $input, $key, $value)
+    {
+
+        //if it's not a string it can't be base64 encoded, exit early
+        if (!is_string($value)){
+            return $value;
+        }
+
+        $decoded = base64_decode($value, true);
+
+        //strict mode above allows for a quick check to see if the value is not encoded
+        if (!$decoded){
+            return $value;
+        }
+
+        $jsonParsed = json_decode($decoded, true);
+
+        //if value couldn't be json decoded, it wasn't valid json, return the original value
+        if (!$jsonParsed){
+            return $value;
+        }
+
+        $input->set($key, $jsonParsed);
+        return $jsonParsed;
+    }
+
 }

tests/integration/EntityTest.php

@@ -203,7 +203,7 @@ public function testGetAllPaginatedSimpleSearch()
 
         $this->app->instance(TestEntity::class, $mockModel);
 
-        $this->getJson('/test/entities/pages?q='.base64_encode('foobar'), ['Range' => 'entities=0-']);
+        $this->getJson('/test/entities/pages?q='.base64_encode(json_encode('foobar')), ['Range' => 'entities=0-']);
 
         $this->assertResponseStatus(404);
     }
@@ -244,6 +244,9 @@ public function testGetAllPaginatedComplexSearch()
         $this->assertResponseStatus(404);
     }
 
+    /**
+     * @group testing
+     */
     public function testGetAllPaginatedComplexSearchMatchAll()
     {
         $results = $this->getFactory(TestEntity::class)->count(5)->make();
@@ -797,7 +800,7 @@ public function testEntitySearch()
 
         sleep(1); //give the elastic search agent time to index
 
-        $this->getJson('/test/entities/pages?q='.base64_encode('searchforthisstring'), ['Range' => 'entities=0-9']);
+        $this->getJson('/test/entities/pages?q=searchforthisstring', ['Range' => 'entities=0-9']);
 
         $collection = json_decode($this->response->getContent());
         $this->assertResponseStatus(206);
@@ -811,7 +814,7 @@ public function testEntitySearch()
 
     public function testEntitySearchNoResults()
     {
-        $this->getJson('/test/entities/pages?q='.base64_encode('thisstringwontreturnresults'), ['Range' => 'entities=0-9']);
+        $this->getJson('/test/entities/pages?q=thisstringwontreturnresults', ['Range' => 'entities=0-9']);
 
         $this->assertResponseStatus(404);
         $this->shouldReturnJson();