|
21 | 21 | namespace BigBlueButton\Util; |
22 | 22 |
|
23 | 23 | use BigBlueButton\Core\ApiMethod; |
| 24 | +use BigBlueButton\Enum\HashingAlgorithm; |
24 | 25 | use BigBlueButton\Parameters\CreateMeetingParameters; |
25 | 26 | use BigBlueButton\Parameters\DeleteRecordingsParameters; |
26 | 27 | use BigBlueButton\Parameters\EndMeetingParameters; |
|
36 | 37 | use BigBlueButton\Parameters\PutRecordingTextTrackParameters; |
37 | 38 | use BigBlueButton\Parameters\UpdateRecordingsParameters; |
38 | 39 |
|
39 | | -/** |
40 | | - * Class UrlBuilder. |
41 | | - */ |
42 | 40 | class UrlBuilder |
43 | 41 | { |
| 42 | + /** @deprecated Property will be private soon. Use setter/getter instead. */ |
44 | 43 | protected string $hashingAlgorithm; |
45 | 44 |
|
46 | | - private string $securitySalt; |
| 45 | + private string $secret; |
47 | 46 |
|
48 | | - private string $bbbServerBaseUrl; |
| 47 | + private string $baseUrl; |
49 | 48 |
|
50 | | - public function __construct(string $secret, string $serverBaseUrl, string $hashingAlgorithm) |
| 49 | + public function __construct(string $secret, string $baseUrl, string $hashingAlgorithm) |
51 | 50 | { |
52 | | - $this->securitySalt = $secret; |
53 | | - $this->bbbServerBaseUrl = $serverBaseUrl; |
54 | | - $this->hashingAlgorithm = $hashingAlgorithm; |
| 51 | + $this->setSecret($secret); |
| 52 | + $this->setBaseUrl($baseUrl); |
| 53 | + $this->setHashingAlgorithm($hashingAlgorithm); |
55 | 54 | } |
56 | 55 |
|
57 | | - /** |
58 | | - * Sets the hashing algorithm. |
59 | | - */ |
60 | | - public function setHashingAlgorithm(string $hashingAlgorithm): void |
| 56 | + // Getters & Setters |
| 57 | + public function setSecret(string $secret): self |
| 58 | + { |
| 59 | + $this->secret = $secret; |
| 60 | + |
| 61 | + return $this; |
| 62 | + } |
| 63 | + |
| 64 | + public function setBaseUrl(string $baseUrl): self |
| 65 | + { |
| 66 | + // add tailing dir-separator if missing |
| 67 | + if ('/' != mb_substr($baseUrl, -1)) { |
| 68 | + $baseUrl .= '/'; |
| 69 | + } |
| 70 | + |
| 71 | + $this->baseUrl = $baseUrl; |
| 72 | + |
| 73 | + return $this; |
| 74 | + } |
| 75 | + |
| 76 | + public function setHashingAlgorithm(string $hashingAlgorithm): self |
61 | 77 | { |
62 | 78 | $this->hashingAlgorithm = $hashingAlgorithm; |
| 79 | + |
| 80 | + return $this; |
| 81 | + } |
| 82 | + |
| 83 | + public function getHashingAlgorithm(): string |
| 84 | + { |
| 85 | + return $this->hashingAlgorithm; |
63 | 86 | } |
64 | 87 |
|
| 88 | + // Basic functions |
| 89 | + |
65 | 90 | /** |
66 | 91 | * Builds an API method URL that includes the url + params + its generated checksum. |
67 | 92 | */ |
68 | 93 | public function buildUrl(string $method = '', string $params = '', bool $append = true): string |
69 | 94 | { |
70 | | - return $this->bbbServerBaseUrl . 'api/' . $method . ($append ? '?' . $this->buildQs($method, $params) : ''); |
| 95 | + return $this->baseUrl . 'api/' . $method . ($append ? '?' . $this->buildQs($method, $params) : ''); |
71 | 96 | } |
72 | 97 |
|
73 | 98 | /** |
74 | 99 | * Builds a query string for an API method URL that includes the params + its generated checksum. |
| 100 | + * |
| 101 | + * @deprecated Function only used internal. Function will be private soon. No replacement. |
75 | 102 | */ |
76 | 103 | public function buildQs(string $method = '', string $params = ''): string |
77 | 104 | { |
78 | | - return $params . '&checksum=' . hash($this->hashingAlgorithm, $method . $params . $this->securitySalt); |
| 105 | + return $params . '&checksum=' . hash($this->hashingAlgorithm, $method . $params . $this->secret); |
79 | 106 | } |
80 | 107 |
|
81 | 108 | // URL-Generators |
@@ -144,18 +171,110 @@ public function getPutRecordingTextTrackUrl(PutRecordingTextTrackParameters $put |
144 | 171 | return $this->buildUrl(ApiMethod::PUT_RECORDING_TEXT_TRACK, $putRecordingTextTrackParams->getHTTPQuery()); |
145 | 172 | } |
146 | 173 |
|
| 174 | + /** |
| 175 | + * BBB-Server < 3.0 can only use SHA1 in the handling with hooks. |
| 176 | + * Please configure the HASH_ALGO_FOR_HOOKS environment variable in case SHA1 shall not be used. |
| 177 | + * |
| 178 | + * @see https://github.com/bigbluebutton/bbb-webhooks/issues/30 |
| 179 | + */ |
147 | 180 | public function getHooksCreateUrl(HooksCreateParameters $hookCreateParams): string |
148 | 181 | { |
149 | | - return $this->buildUrl(ApiMethod::HOOKS_CREATE, $hookCreateParams->getHTTPQuery()); |
| 182 | + // store current hashing algorithm |
| 183 | + $hashingAlgorithm = $this->getHashingAlgorithm(); |
| 184 | + |
| 185 | + // change hashing algorithm for hooks |
| 186 | + $this->setHashingAlgorithm($this->getHashingAlgorithmForHooks()); |
| 187 | + |
| 188 | + // build URL |
| 189 | + $url = $this->buildUrl(ApiMethod::HOOKS_CREATE, $hookCreateParams->getHTTPQuery()); |
| 190 | + |
| 191 | + // reset to 'normal' hashing algorithm |
| 192 | + $this->setHashingAlgorithm($hashingAlgorithm); |
| 193 | + |
| 194 | + return $url; |
150 | 195 | } |
151 | 196 |
|
| 197 | + /** |
| 198 | + * BBB-Server < 3.0 can only use SHA1 in the handling with hooks. |
| 199 | + * Please configure the HASH_ALGO_FOR_HOOKS environment variable in case SHA1 shall not be used. |
| 200 | + * |
| 201 | + * @see https://github.com/bigbluebutton/bbb-webhooks/issues/30 |
| 202 | + */ |
152 | 203 | public function getHooksListUrl(): string |
153 | 204 | { |
154 | | - return $this->buildUrl(ApiMethod::HOOKS_LIST); |
| 205 | + // store current hashing algorithm |
| 206 | + $hashingAlgorithm = $this->getHashingAlgorithm(); |
| 207 | + |
| 208 | + // change hashing algorithm for hooks |
| 209 | + $this->setHashingAlgorithm($this->getHashingAlgorithmForHooks()); |
| 210 | + |
| 211 | + // build URL |
| 212 | + $url = $this->buildUrl(ApiMethod::HOOKS_LIST); |
| 213 | + |
| 214 | + // reset to 'normal' hashing algorithm |
| 215 | + $this->setHashingAlgorithm($hashingAlgorithm); |
| 216 | + |
| 217 | + return $url; |
155 | 218 | } |
156 | 219 |
|
| 220 | + /** |
| 221 | + * BBB-Server < 3.0 can only use SHA1 in the handling with hooks. |
| 222 | + * Please configure the HASH_ALGO_FOR_HOOKS environment variable in case SHA1 shall not be used. |
| 223 | + * |
| 224 | + * @see https://github.com/bigbluebutton/bbb-webhooks/issues/30 |
| 225 | + */ |
157 | 226 | public function getHooksDestroyUrl(HooksDestroyParameters $hooksDestroyParams): string |
158 | 227 | { |
159 | | - return $this->buildUrl(ApiMethod::HOOKS_DESTROY, $hooksDestroyParams->getHTTPQuery()); |
| 228 | + // store current hashing algorithm |
| 229 | + $hashingAlgorithm = $this->getHashingAlgorithm(); |
| 230 | + |
| 231 | + // change hashing algorithm for hooks |
| 232 | + $this->setHashingAlgorithm($this->getHashingAlgorithmForHooks()); |
| 233 | + |
| 234 | + // build URL |
| 235 | + $url = $this->buildUrl(ApiMethod::HOOKS_DESTROY, $hooksDestroyParams->getHTTPQuery()); |
| 236 | + |
| 237 | + // reset to 'normal' hashing algorithm |
| 238 | + $this->setHashingAlgorithm($hashingAlgorithm); |
| 239 | + |
| 240 | + return $url; |
| 241 | + } |
| 242 | + |
| 243 | + /** |
| 244 | + * This function defines the algorithm to be used for hooks. |
| 245 | + * |
| 246 | + * This function will evolve in phases: |
| 247 | + * - Phase 1: SHA1 as default (or superseded by environment-variable HASH_ALGO_FOR_HOOKS). |
| 248 | + * - Phase 2: same algo everywhere as default (or superseded by environment-variable HASH_ALGO_FOR_HOOKS and which will trigger in this case a deprecation-warning). |
| 249 | + * - Phase 3: removal of this function, adaptation of the other hook-functions in this class and remove the use of env-variable HASH_ALGO_FOR_HOOKS. |
| 250 | + * |
| 251 | + * Background: |
| 252 | + * BB-Server below 3.0 are using SHA1-algorithm for hooks only, but allow higher algorithms for |
| 253 | + * other APIs. This is creating issues since the algorithm of choice is used in the urlBuilder-class |
| 254 | + * for the hashing of the checksum. This is resulting in denied requests for hooks if the algorithm |
| 255 | + * of choice is not SHA1. |
| 256 | + * The current planning for BBB-Server 3.0 (and on) is to align the hashing algorithm for hooks with |
| 257 | + * the rest of the system. Having this in mind two situations need to be covered: |
| 258 | + * - BBB-Server < 3.0 ==> SHA1 is default for hooks (even rest is using other algorithm) |
| 259 | + * - BBB-Server >= 3.0 ==> same algorithm everywhere (according to planning). |
| 260 | + * |
| 261 | + * @deprecated This function will evolve in phases and will later disappear |
| 262 | + */ |
| 263 | + private function getHashingAlgorithmForHooks(): string |
| 264 | + { |
| 265 | + // ---------------------------------- phase 1 ---------------------------------- |
| 266 | + // in case this env-variable is not set, SHA1 shall be used as default (phase 1) |
| 267 | + return getenv('HASH_ALGO_FOR_HOOKS') ?: HashingAlgorithm::SHA_1; |
| 268 | + // ---------------------------------- phase 1 ---------------------------------- |
| 269 | + |
| 270 | + /* ---------------------------------- phase 2 ---------------------------------- |
| 271 | + * if (getenv('HASH_ALGO_FOR_HOOKS')) { |
| 272 | + * trigger_error('The environment variable HASH_ALGO_FOR_HOOKS will be removed soon. This will require you to run a BBB-Server 3.0 or higher!', E_USER_DEPRECATED); |
| 273 | + * } |
| 274 | + * |
| 275 | + * // in case this env-variable is not set, the 'normal' algorithm shall be used as default (phase 2) |
| 276 | + * return getenv('HASH_ALGO_FOR_HOOKS') ?: $this->getHashingAlgorithm(); |
| 277 | + * |
| 278 | + * ---------------------------------- phase 2 ---------------------------------- */ |
160 | 279 | } |
161 | 280 | } |
0 commit comments