allow specifying a different set of environment variables denoted by a prefix to the signed requests configuration keys

Dave Wong · Dave Wong · commit 14426f332c79 · 2018-09-25T10:57:33.000-04:00
diff --git a/src/Middlewares/Laravel/VerifySignature.php b/src/Middlewares/Laravel/VerifySignature.php
@@ -58,22 +58,27 @@ public function __construct(Configurations $configurations, Cache $cache)
      *         An instance of the request.
      * @param  \Closure $next
      *         A callback function of where to go next.
+     * @param  mixed $prefix
      *
      * @return mixed
      */
-    public function handle(Request $request, Closure $next)
+    public function handle(Request $request, Closure $next, $prefix = '')
     {
+        if (!empty($prefix)) {
+            $prefix .= '-';
+        }
+
         $signed = new Verifier($request);
 
         $key = sprintf(
             '%s.%s',
-            $this->configurations->get('signed-requests.cache-prefix'),
+            $this->configurations->get($prefix . 'signed-requests.cache-prefix'),
             $signed->getId()
         );
 
-        $tolerance = $this->configurations->get('signed-requests.request-replay.tolerance');
+        $tolerance = $this->configurations->get($prefix . 'signed-requests.request-replay.tolerance');
 
-        if (true !== $this->configurations->get('signed-requests.request-replay.allow')) {
+        if (true !== $this->configurations->get($prefix . 'signed-requests.request-replay.allow')) {
             $isExpired = $signed->isExpired($tolerance);
 
             if ($isExpired || $this->cache->has($key)) {
@@ -82,10 +87,10 @@ public function handle(Request $request, Closure $next)
         }
 
         $signed
-            ->setSignatureHeader($this->configurations->get('signed-requests.headers.signature'))
-            ->setAlgorithmHeader($this->configurations->get('signed-requests.headers.algorithm'));
+            ->setSignatureHeader($this->configurations->get($prefix . 'signed-requests.headers.signature'))
+            ->setAlgorithmHeader($this->configurations->get($prefix . 'signed-requests.headers.algorithm'));
 
-        if (!$signed->isValid($this->configurations->get('signed-requests.key'))) {
+        if (!$signed->isValid($this->configurations->get($prefix . 'signed-requests.key'))) {
             throw new InvalidSignatureException();
         }
 
diff --git a/tests/Middlewares/Laravel/VerifySignatureTest.php b/tests/Middlewares/Laravel/VerifySignatureTest.php
@@ -132,6 +132,55 @@ public function it_should_call_our_callback_if_the_request_is_valid()
         });
     }
 
+    /**
+     * @test
+     */
+    public function it_should_prefix_the_configuration_keys_if_a_prefix_is_supplied()
+    {
+        $id = (string) Uuid::uuid4();
+
+        $this->configurations->shouldReceive('get')
+            ->with('prefix-signed-requests.headers.signature')
+            ->andReturn('signature');
+
+        $this->configurations->shouldReceive('get')
+            ->with('prefix-signed-requests.headers.algorithm')
+            ->andReturn('algorithm');
+
+        $this->configurations->shouldReceive('get')
+            ->with('prefix-signed-requests.key')
+            ->andReturn('key');
+
+        $this->configurations->shouldReceive('get')
+            ->with('prefix-signed-requests.request-replay.allow')
+            ->andReturn(true);
+
+        $this->configurations->shouldReceive('get')
+            ->with('prefix-signed-requests.cache-prefix')
+            ->andReturn('prefix');
+        $this->configurations->shouldReceive('get')
+            ->with('prefix-signed-requests.request-replay.tolerance')
+            ->andReturn(60);
+
+        $query = [];
+        $request = [];
+        $attributes = [];
+        $cookies = [];
+        $files = [];
+        $server = [
+            'HTTP_X-SIGNED-ID' => $id,
+            'HTTP_ALGORITHM' => 'sha256'
+        ];
+
+        $request = new Request($query, $request, $attributes, $cookies, $files, $server, 'a');
+        $request->headers->set('signature', (string) new Signature(new Payload($request), 'sha256', 'key'));
+
+        $this->middleware->handle($request, function () {
+            // This should be called.
+            $this->assertTrue(true);
+        }, 'prefix');
+    }
+
     /**
      * @test
      * @expectedException \SoapBox\SignedRequests\Exceptions\ExpiredRequestException
