diff --git a/run-solid-test-suite.sh b/run-solid-test-suite.sh index 25f4048..bf310c7 100755 --- a/run-solid-test-suite.sh +++ b/run-solid-test-suite.sh @@ -4,12 +4,12 @@ set -e function setup { docker network create testnet docker build -t solid-nextcloud . - docker build -t pubsub-server https://github.com/pdsinterop/php-solid-pubsub-server.git#main + docker build -t pubsub-server https://github.com/pdsinterop/php-solid-pubsub-server.git#feature-secure-webhook-to-ws docker pull michielbdejong/nextcloud-cookie docker pull solidtestsuite/webid-provider-tests:v2.1.0 docker tag solidtestsuite/webid-provider-tests:v2.1.0 webid-provider-tests - docker pull solidtestsuite/solid-crud-tests:v7.0.5 - docker tag solidtestsuite/solid-crud-tests:v7.0.5 solid-crud-tests + docker pull solidtestsuite/solid-crud-tests:v7.0.6 + docker tag solidtestsuite/solid-crud-tests:v7.0.6 solid-crud-tests docker pull solidtestsuite/web-access-control-tests:v7.1.0 docker tag solidtestsuite/web-access-control-tests:v7.1.0 web-access-control-tests } @@ -21,6 +21,7 @@ function teardown { function startPubSub { docker run -d --name pubsub --network=testnet pubsub-server + docker exec -it pubsub php server/serverWh2Ws.php & } function startSolidNextcloud { diff --git a/solid/appinfo/routes.php b/solid/appinfo/routes.php index c996d70..c49d7bc 100644 --- a/solid/appinfo/routes.php +++ b/solid/appinfo/routes.php @@ -55,7 +55,7 @@ ['name' => 'solidWebhook#register', 'url' => '/webhook/register', 'verb' => 'POST'], ['name' => 'solidWebhook#unregister', 'url' => '/webhook/unregister', 'verb' => 'POST'], - ['name' => 'solidWebsocket#register', 'url' => '/websocket/register', 'verb' => 'POST'], + ['name' => 'solidWebhook#registerWs', 'url' => '/websocket/register', 'verb' => 'POST'], ['name' => 'app#appLauncher', 'url' => '/', 'verb' => 'GET'], ] diff --git a/solid/composer.lock b/solid/composer.lock index 1e02fb3..efe72e2 100644 --- a/solid/composer.lock +++ b/solid/composer.lock @@ -719,16 +719,16 @@ }, { "name": "league/flysystem", - "version": "1.1.9", + "version": "1.1.10", "source": { "type": "git", "url": "https://github.com/thephpleague/flysystem.git", - "reference": "094defdb4a7001845300334e7c1ee2335925ef99" + "reference": "3239285c825c152bcc315fe0e87d6b55f5972ed1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/flysystem/zipball/094defdb4a7001845300334e7c1ee2335925ef99", - "reference": "094defdb4a7001845300334e7c1ee2335925ef99", + "url": "https://api.github.com/repos/thephpleague/flysystem/zipball/3239285c825c152bcc315fe0e87d6b55f5972ed1", + "reference": "3239285c825c152bcc315fe0e87d6b55f5972ed1", "shasum": "" }, "require": { @@ -801,7 +801,7 @@ ], "support": { "issues": "https://github.com/thephpleague/flysystem/issues", - "source": "https://github.com/thephpleague/flysystem/tree/1.1.9" + "source": "https://github.com/thephpleague/flysystem/tree/1.1.10" }, "funding": [ { @@ -809,7 +809,7 @@ "type": "other" } ], - "time": "2021-12-09T09:40:50+00:00" + "time": "2022-10-04T09:16:37+00:00" }, { "name": "league/flysystem-cached-adapter", diff --git a/solid/lib/Controller/SolidWebhookController.php b/solid/lib/Controller/SolidWebhookController.php index 6a88a81..5b37ca6 100644 --- a/solid/lib/Controller/SolidWebhookController.php +++ b/solid/lib/Controller/SolidWebhookController.php @@ -83,6 +83,31 @@ public function listWebhooks(): DataResponse { return new DataResponse($this->webhookService->findAll($this->webId)); } + /** + * @PublicPage + * @NoAdminRequired + * @NoCSRFRequired + */ + public function registerWs(string $topic): DataResponse { + $toSub = "http://pubsub:8081"; + $toPub = "http://pubsub:8082"; + // FIXME: is this secure enough? + // https://www.php.net/manual/en/function.random-bytes.php says it + // generates "cryptographically secure pseudo-random bytes" + $token = bin2hex(random_bytes(20)); + $target = "$toPub/$token"; + if ($this->checkReadAccess($topic)) { + $webhook = $this->webhookService->create($this->webId, $topic, $target); + return new DataResponse([ + "@context" => "https://www.w3.org/ns/solid/notification/v1", + "type" => "WebSocketSubscription2021", + "source" => "$toSub/$token" + ]); + } else { + return new DataResponse("Error: denied access", 401); + } + } + /** * @PublicPage * @NoAdminRequired