Skip to content

Commit

Permalink
Magento Release 2.4.5-p8
Browse files Browse the repository at this point in the history
  • Loading branch information
magento packaging service committed Jun 6, 2024
1 parent 750f3c8 commit a3c6d6e
Show file tree
Hide file tree
Showing 541 changed files with 43,643 additions and 36,819 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,16 @@
use Magento\Backend\Model\View\Result\Redirect;
use Magento\Framework\App\Action\HttpGetActionInterface;
use Magento\Framework\Exception\AuthenticationException;
use Magento\Framework\App\ActionInterface;
use Magento\Framework\App\RequestInterface;
use Magento\Framework\App\ResponseInterface;

/**
* Class ImsCallback is responsible to get the Access Token, User Profile,
* check if the assigned organization is valid, And Check if user exists and then do the login
*
* @SuppressWarnings(PHPMD.CouplingBetweenObjects)
*/
class ImsCallback extends Auth implements HttpGetActionInterface
{
public const ACTION_NAME = 'imscallback';
Expand Down Expand Up @@ -75,6 +84,28 @@ public function __construct(
$this->logger = $logger;
}

/**
* Validate IMS state is valid
*
* @param RequestInterface $request
* @return ResponseInterface
*/
public function dispatch(RequestInterface $request)
{
$request->setParam('form_key', $request->getParam('state', null));
if (!$this->_formKeyValidator->validate($request)) {
$this->logger->critical(__('Invalid state returned in callback from IMS.'));
$this->imsErrorMessage(
'Error signing in',
'Something went wrong and we could not sign you in. ' .
'Please try again or contact your administrator.'
);
$this->_actionFlag->set('', ActionInterface::FLAG_NO_DISPATCH, true);
return $this->_redirect($this->_helper->getHomePageUrl());
}
return parent::dispatch($request);
}

/**
* Execute AdobeIMS callback
*
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@
use Magento\Framework\Controller\Result\Raw;
use Magento\Framework\Controller\ResultFactory;
use Magento\Framework\Exception\AuthenticationException;
use Magento\Framework\App\RequestInterface;
use Magento\Framework\Exception\NotFoundException;

class ImsReauthCallback extends Auth implements HttpGetActionInterface
{
Expand Down Expand Up @@ -111,6 +113,7 @@ public function execute(): ResultInterface
}

try {
$this->validateStateKey($this->getRequest());
$code = $this->getRequest()->getParam('code');

if ($code === null) {
Expand Down Expand Up @@ -149,4 +152,19 @@ public function execute(): ResultInterface

return $resultRaw;
}

/**
* Validate IMS state is valid
*
* @param RequestInterface $request
* @return void
* @throws NotFoundException
*/
private function validateStateKey(RequestInterface $request): void
{
$request->setParam('form_key', $request->getParam('state', null));
if (!$this->_formKeyValidator->validate($request)) {
throw new NotFoundException(__('Invalid state returned from IMS'));
}
}
}
8 changes: 6 additions & 2 deletions app/code/Magento/AdminAdobeIms/Model/ImsConnection.php
Original file line number Diff line number Diff line change
Expand Up @@ -167,8 +167,12 @@ public function validateToken(?string $token, string $tokenType = 'access_token'
$curl->addHeader('cache-control', 'no-cache');

$curl->post(
$this->adminImsConfig->getValidateTokenUrl($token, $tokenType),
[]
$this->adminImsConfig->getValidateTokenUrl(),
[
'token' => $token,
'type' => $tokenType,
'client_id' => $this->adminImsConfig->getApiKey()
]
);

if ($curl->getBody() === '') {
Expand Down
8 changes: 6 additions & 2 deletions app/code/Magento/AdminAdobeIms/Model/LogOut.php
Original file line number Diff line number Diff line change
Expand Up @@ -112,8 +112,12 @@ private function externalLogOut(string $accessToken): void
$curl->addHeader('cache-control', 'no-cache');

$curl->post(
$this->adminImsConfig->getBackendLogoutUrl($accessToken),
[]
$this->adminImsConfig->getBackendLogoutUrl(),
[
'access_token' => $accessToken,
'client_secret' => $this->adminImsConfig->getPrivateKey(),
'client_id' => $this->adminImsConfig->getApiKey()
]
);

if ($curl->getStatus() !== self::HTTP_OK || ($this->checkUserProfile($accessToken))) {
Expand Down
36 changes: 18 additions & 18 deletions app/code/Magento/AdminAdobeIms/Service/ImsConfig.php
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
use Magento\Framework\Encryption\EncryptorInterface;
use Magento\Framework\Exception\LocalizedException;
use Magento\Framework\UrlInterface;
use Magento\Framework\Data\Form\FormKey;

class ImsConfig extends Config
{
Expand Down Expand Up @@ -58,25 +59,33 @@ class ImsConfig extends Config
*/
private BackendUrlInterface $backendUrl;

/**
* @var FormKey
*/
private FormKey $formKey;

/**
* @param ScopeConfigInterface $scopeConfig
* @param UrlInterface $url
* @param WriterInterface $writer
* @param EncryptorInterface $encryptor
* @param BackendUrlInterface $backendUrl
* @param FormKey $formKey
*/
public function __construct(
ScopeConfigInterface $scopeConfig,
UrlInterface $url,
WriterInterface $writer,
EncryptorInterface $encryptor,
BackendUrlInterface $backendUrl
BackendUrlInterface $backendUrl,
FormKey $formKey
) {
parent::__construct($scopeConfig, $url);
$this->writer = $writer;
$this->encryptor = $encryptor;
$this->scopeConfig = $scopeConfig;
$this->backendUrl = $backendUrl;
$this->formKey = $formKey;
}

/**
Expand Down Expand Up @@ -180,17 +189,11 @@ public function getProfileUrl(): string
/**
* Get Token validation url
*
* @param string $code
* @param string $tokenType
* @return string
*/
public function getValidateTokenUrl(string $code, string $tokenType): string
public function getValidateTokenUrl(): string
{
return str_replace(
['#{token}', '#{client_id}', '#{token_type}'],
[$code, $this->getApiKey(), $tokenType],
$this->scopeConfig->getValue(self::XML_PATH_VALIDATE_TOKEN_URL)
);
return $this->scopeConfig->getValue(self::XML_PATH_VALIDATE_TOKEN_URL);
}

/**
Expand Down Expand Up @@ -253,11 +256,12 @@ public function getAdminAdobeImsAuthUrl(?string $clientId): string
}

return str_replace(
['#{client_id}', '#{redirect_uri}', '#{scope}', '#{locale}'],
['#{client_id}', '#{redirect_uri}', '#{scope}', '#{state}', '#{locale}'],
[
$clientId,
$this->getAdminAdobeImsCallBackUrl(),
$this->getScopes(),
$this->formKey->getFormKey(),
$this->getLocale()
],
$this->scopeConfig->getValue(self::XML_PATH_ADMIN_AUTH_URL_PATTERN)
Expand All @@ -272,11 +276,12 @@ public function getAdminAdobeImsAuthUrl(?string $clientId): string
public function getAdminAdobeImsReAuthUrl(): string
{
return str_replace(
['#{client_id}', '#{redirect_uri}', '#{scope}', '#{locale}'],
['#{client_id}', '#{redirect_uri}', '#{scope}', '#{state}', '#{locale}'],
[
$this->getApiKey(),
$this->getAdminAdobeImsReAuthCallBackUrl(),
$this->getScopes(),
$this->formKey->getFormKey(),
$this->getLocale()
],
$this->scopeConfig->getValue(self::XML_PATH_ADMIN_REAUTH_URL_PATTERN)
Expand Down Expand Up @@ -345,16 +350,11 @@ private function getLocale(): string
/**
* Get BackendLogout URL
*
* @param string $accessToken
* @return string
*/
public function getBackendLogoutUrl(string $accessToken) : string
public function getBackendLogoutUrl() : string
{
return str_replace(
['#{access_token}', '#{client_secret}', '#{client_id}'],
[$accessToken, $this->getPrivateKey(), $this->getApiKey()],
$this->scopeConfig->getValue(self::XML_PATH_ADMIN_LOGOUT_URL)
);
return $this->scopeConfig->getValue(self::XML_PATH_ADMIN_LOGOUT_URL);
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,6 @@ public function checkOrganizationMembership(string $access_token): void
__('User is not a member of configured Adobe Organization.')
);
}

} catch (\Exception $exception) {
throw new AdobeImsOrganizationAuthorizationException(
__('Organization Membership check can\'t be performed')
Expand Down
Loading

0 comments on commit a3c6d6e

Please sign in to comment.