From 80cf42d279945c21659e43b46c3191362d7a3172 Mon Sep 17 00:00:00 2001 From: Pedro Date: Mon, 8 Jun 2020 16:39:38 +0700 Subject: [PATCH 1/2] Check api key length for global and normal api keys --- src/ApiEndpoints/CloudFlareAPI.php | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/src/ApiEndpoints/CloudFlareAPI.php b/src/ApiEndpoints/CloudFlareAPI.php index da7b44a..809c898 100644 --- a/src/ApiEndpoints/CloudFlareAPI.php +++ b/src/ApiEndpoints/CloudFlareAPI.php @@ -47,11 +47,13 @@ abstract class CloudFlareAPI { const REQUEST_ALL_PAGES = -1; const API_ENDPOINT_BASE = 'https://api.cloudflare.com/client/v4/'; - // The length of the Api key. + // The length of the Global Api key. // The Api will throw a non-descriptive http code: 400 exception if the key // length is greater than 37. If the key is invalid but the expected length // the Api will return a more informative http code of 403. - const API_KEY_LENGTH = 37; + const GLOBAL_API_KEY_LENGTH = 37; + // The length of the Api key. + const API_KEY_LENGTH = 40; // The CloudFlare API sets a maximum of 1,200 requests in a 5-minute period. const API_RATE_LIMIT = 1200; @@ -93,10 +95,15 @@ public function __construct($apikey, $email, MockHandler $mock_handler = NULL) { $this->apikey = $apikey; $this->email = $email; $headers = [ - 'X-Auth-Key' => $apikey, - 'X-Auth-Email' => $email, 'Content-Type' => 'application/json', ]; + if (strlen($apikey) === self::API_KEY_LENGTH) { + $headers['Authorization'] = 'Bearer ' . $apikey; + } + else { + $headers['X-Auth-Key'] = $apikey; + $headers['X-Auth-Email'] = $email; + } $client_params = [ 'base_uri' => self::API_ENDPOINT_BASE, @@ -141,7 +148,8 @@ protected function makeRequest($request_type, $api_end_point, $request_params = } // This check seems superfluous. However, the Api only returns a http 400 // code. This proactive check gives us more information. - $is_api_key_valid = strlen($this->apikey) == CloudFlareAPI::API_KEY_LENGTH; + $api_key_length = strlen($this->apikey); + $is_api_key_valid = $api_key_length == self::API_KEY_LENGTH || $api_key_length == self::GLOBAL_API_KEY_LENGTH; $is_api_key_alpha_numeric = ctype_alnum($this->apikey); $is_api_key_lower_case = !(preg_match('/[A-Z]/', $this->apikey)); @@ -153,7 +161,7 @@ protected function makeRequest($request_type, $api_end_point, $request_params = throw new CloudFlareInvalidCredentialException('Invalid Api Key: Key can only contain alphanumeric characters.', 403); } - if (!$is_api_key_lower_case) { + if ($api_key_length == self::GLOBAL_API_KEY_LENGTH && !$is_api_key_lower_case) { throw new CloudFlareInvalidCredentialException('Invalid Api Key: Key can only contain lowercase or numerical characters.', 403); } From 74b4da2c947833d417c7258d84afebca1bb4777a Mon Sep 17 00:00:00 2001 From: Lio Novelli Date: Tue, 12 Jan 2021 12:17:31 +0100 Subject: [PATCH 2/2] Increase request timeout limit. --- src/ApiEndpoints/CloudFlareAPI.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ApiEndpoints/CloudFlareAPI.php b/src/ApiEndpoints/CloudFlareAPI.php index 809c898..c6ea88f 100644 --- a/src/ApiEndpoints/CloudFlareAPI.php +++ b/src/ApiEndpoints/CloudFlareAPI.php @@ -65,10 +65,10 @@ abstract class CloudFlareAPI { const MAX_TAG_PURGES_PER_REQUEST = 30; // Time in seconds. - const HTTP_CONNECTION_TIMEOUT = 1.5; + const HTTP_CONNECTION_TIMEOUT = 15; // Time in seconds. - const HTTP_TIMEOUT = 3; + const HTTP_TIMEOUT = 30; // MAX Number of results returned by the API in one request. const MAX_ITEMS_PER_PAGE = 50;