Added punny code encoding (#16)

For email fields on

- Users
- OTP
_ Registration Request

Signed-off-by: smarcet@gmail.com <smarcet@gmail.com>
Change-Id: I5f35ab0cbb38f27712babe3385aa9172cf5b0a4e

Signed-off-by: smarcet@gmail.com <smarcet@gmail.com>

Added log info

Signed-off-by: smarcet@gmail.com <smarcet@gmail.com>
Change-Id: I6f8db9443f388731249d1627032b4efa7e8b9cf3

Fix on punny code

Signed-off-by: smarcet@gmail.com <smarcet@gmail.com>
Change-Id: Ia7ea361e4a75a54650ea15d36990c4f208ef8cec

Author: smarcet

app/Http/Controllers/Auth/EmailVerificationController.php

@@ -12,6 +12,7 @@
  * limitations under the License.
  **/
 use App\Http\Controllers\Controller;
+use App\libs\Utils\EmailUtils;
 use App\Services\Auth\IUserService;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Redirect;
@@ -46,7 +47,7 @@ public function showVerificationForm(LaravelRequest $request)
         $params = ['email' => ''];
         if($request->has("email")){
             $email = trim($request->get("email"));
-            if (filter_var($email, FILTER_VALIDATE_EMAIL) !== FALSE) {
+            if (EmailUtils::isValidEmail($email)) {
                 $params['email'] = $email;
             }
         }

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -13,6 +13,7 @@
  **/
 
 use App\Http\Controllers\Controller;
+use App\libs\Utils\EmailUtils;
 use App\Services\Auth\IUserService;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Log;
@@ -68,7 +69,7 @@ public function showLinkRequestForm(LaravelRequest $request)
 
             if($request->has("email")){
                 $email = trim($request->get("email"));
-                if (filter_var($email, FILTER_VALIDATE_EMAIL) !== FALSE) {
+                if (EmailUtils::isValidEmail($email)) {
                     $params['email'] = $email;
                 }
             }

app/Http/Middleware/ETagsMiddleware.php

@@ -1,6 +1,6 @@
 <?php namespace App\Http\Middleware;
 /**
- * Copyright 2015 OpenStack Foundation
+ * Copyright 2022 OpenStack Foundation
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -11,18 +11,15 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  **/
-
 use Closure;
-use Log;
-
+use Illuminate\Support\Facades\Log;
 /**
  * Class ETagsMiddleware
  * @package App\Http\Middleware
  */
 final class ETagsMiddleware
 {
 
-
     /**
      * Handle an incoming request.
      * @param  \Illuminate\Http\Request $request
@@ -31,21 +28,41 @@ final class ETagsMiddleware
      */
     public function handle($request, Closure $next)
     {
+        // Handle request
+        $method = $request->getMethod();
+
+        // Support using HEAD method for checking If-None-Match
+        if ($request->isMethod('HEAD')) {
+            $request->setMethod('GET');
+        }
+        //Handle response
         $response = $next($request);
+
         if ($response->getStatusCode() === 200 && $request->getMethod() === 'GET')
         {
-            $etag = md5($response->getContent());
+            $etag        = md5($response->getContent());
             $requestETag = str_replace('"', '', $request->getETags());
             $requestETag = str_replace('-gzip', '', $requestETag);
+            if($requestETag && is_array($requestETag))
+                Log::debug(sprintf("ETagsMiddleware::handle requestEtag %s calculated etag %s", $requestETag[0], $etag));
 
-            if ($requestETag && $requestETag[0] == $etag)
-            {
-                Log::debug('ETAG 304');
+            // Strip W/ if weak comparison algorithm can be used
+            $requestETag = array_map([$this, 'stripWeakTags'], $requestETag);
+
+            if (in_array($etag, $requestETag)) {
                 $response->setNotModified();
             }
+
             $response->setEtag($etag);
         }
 
+        $request->setMethod($method);
+
         return $response;
     }
+
+    private function stripWeakTags($etag)
+    {
+        return str_replace('W/', '', $etag);
+    }
 }

app/Http/Utils/Filters/Filter.php

@@ -11,6 +11,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  **/
+
+use App\libs\Utils\PunnyCodeHelper;
 use Doctrine\Common\Collections\Criteria;
 use Doctrine\ORM\QueryBuilder;
 use Illuminate\Support\Facades\Validator;
@@ -349,7 +351,7 @@ public function apply2Query(QueryBuilder $query, array $mappings)
      * @param string $original_format
      * @return mixed
      */
-    private function convertValue($value, $original_format)
+    private function convertValue(string $value, string $original_format)
     {
         switch ($original_format) {
             case 'datetime_epoch':
@@ -360,8 +362,10 @@ private function convertValue($value, $original_format)
                 return intval($value);
                 break;
             case 'json_string':
-                return sprintf("%s",$value);
+                return sprintf("%s", $value);
                 break;
+            case 'json_email':
+                return PunnyCodeHelper::encodeEmail($value);
             default:
                 return $value;
                 break;

app/Http/Utils/ParseMultiPartFormDataInputStream.php

@@ -158,9 +158,13 @@ private function decide($string)
     private function file($string)
     {
         preg_match('/name=\"([^\"]*)\".*stream[\n|\r]+([^\n\r].*)?$/s', $string, $match);
-        return [
-            $match[1] => ($match[2] !== NULL ? $match[2] : '')
-        ];
+        if(count($match) >=2 ) {
+            return [
+                $match[1] => ($match[2] !== NULL ? $match[2] : '')
+            ];
+        }
+        Log::warning(sprintf( "ParseMultiPartFormDataInputStream::file %s", $string));
+        return [];
     }
 
     /**

app/ModelSerializers/AbstractSerializer.php

@@ -14,6 +14,7 @@
 use models\utils\IEntity;
 use OAuth2\IResourceServerContext;
 use Utils\JsonUtils;
+use Illuminate\Support\Facades\Log;
 /**
  * Class AbstractSerializer
  * @package App\ModelSerializers
@@ -143,8 +144,11 @@ public function serialize($expand = null, array $fields = [], array $relations =
                 if(count($fields) > 0 && !in_array($mapping[0], $fields)) continue;
                 $value = null;
                 foreach($method_prefix as $prefix){
+                    Log::debug(sprintf("AbstractSerializer::serialize prefix %s attribute %s", $prefix, $attribute));
                     if(method_exists($this->object, $prefix.$attribute)){
-                        $value   = call_user_func([$this->object, $prefix.$attribute ]);
+                        $value = call_user_func([$this->object, $prefix.$attribute]);
+                        if(is_string($value))
+                            Log::debug(sprintf("AbstractSerializer::serialize prefix %s attribute %s value %s", $prefix, $attribute, $value));
                         break;
                     }
                 }

app/Models/OAuth2/OAuth2OTP.php

@@ -11,6 +11,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  **/
+
+use App\libs\Utils\PunnyCodeHelper;
 use App\Models\Utils\BaseEntity;
 use Doctrine\ORM\Mapping AS ORM;
 use DateTime;
@@ -192,15 +194,15 @@ public function setScope(?string $scope): void
      */
     public function getEmail(): ?string
     {
-        return $this->email;
+        return PunnyCodeHelper::decodeEmail($this->email);
     }
 
     /**
      * @param string $email
      */
     public function setEmail(?string $email): void
     {
-        $this->email =  !empty($email) ? strtolower(trim($email)):null;
+        $this->email = PunnyCodeHelper::encodeEmail($email);
     }
 
     /**
@@ -361,7 +363,7 @@ public function isValid():bool{
     }
 
     public function getUserName():?string{
-        return $this->connection == OAuth2Protocol::OAuth2PasswordlessEmail ? $this->email : $this->phone_number;
+        return $this->connection == OAuth2Protocol::OAuth2PasswordlessEmail ? $this->getEmail() : $this->phone_number;
     }
 
     /**
@@ -402,7 +404,7 @@ public function generateValue(): string
     public static function fromRequest(OAuth2AccessTokenRequestPasswordless $request, int $length):OAuth2OTP{
         $instance = new self($length);
         $instance->connection = $request->getConnection();
-        $instance->email = $request->getEmail();
+        $instance->setEmail($request->getEmail());
         $instance->phone_number = $request->getPhoneNumber();
         $instance->scope = $request->getScopes();
         $instance->setValue($request->getOTP());
@@ -420,7 +422,7 @@ public static function fromParams(string $user_name, string $connection, string
         $instance = new self(strlen($value));
         $instance->connection = $connection;
         if($connection == OAuth2Protocol::OAuth2PasswordlessConnectionEmail)
-            $instance->email = $user_name;
+            $instance->setEmail($user_name);
         if($connection == OAuth2Protocol::OAuth2PasswordlessConnectionEmail)
             $instance->phone_number = $user_name;
         $instance->setValue($value);

app/Repositories/DoctrineOAuth2OTPRepository.php

@@ -12,6 +12,7 @@
  * limitations under the License.
  **/
 use App\libs\OAuth2\Repositories\IOAuth2OTPRepository;
+use App\libs\Utils\PunnyCodeHelper;
 use Models\OAuth2\Client;
 use Models\OAuth2\OAuth2OTP;
 /**
@@ -46,6 +47,8 @@ public function getLatestByConnectionAndUserNameNotRedeemed
         ?Client $client
     ):?OAuth2OTP
     {
+        $user_name = PunnyCodeHelper::encodeEmail($user_name);
+
         $query = $this->getEntityManager()
             ->createQueryBuilder()
             ->select("e")
@@ -78,6 +81,8 @@ public function getByUserNameNotRedeemed
         ?Client $client = null
     )
     {
+        $user_name = PunnyCodeHelper::encodeEmail($user_name);
+
         $query = $this->getEntityManager()
             ->createQueryBuilder()
             ->select("e")

app/Repositories/DoctrineUserRegistrationRequestRepository.php

@@ -13,14 +13,16 @@
  **/
 use App\libs\Auth\Models\UserRegistrationRequest;
 use App\libs\Auth\Repositories\IUserRegistrationRequestRepository;
+use App\libs\Utils\PunnyCodeHelper;
 use utils\DoctrineCaseFilterMapping;
 use utils\DoctrineSwitchFilterMapping;
 /**
  * Class DoctrineUserRegistrationRequestRepository
  * @package App\Repositories
  */
 final class DoctrineUserRegistrationRequestRepository
-    extends ModelDoctrineRepository implements IUserRegistrationRequestRepository
+    extends ModelDoctrineRepository
+    implements IUserRegistrationRequestRepository
 {
 
     /**
@@ -81,7 +83,7 @@ public function getByHash(string $hash): ?UserRegistrationRequest
     public function getByEmail(string $email): ?UserRegistrationRequest
     {
         return $this->findOneBy([
-            'email' => strtolower(trim($email))
+            'email' => PunnyCodeHelper::encodeEmail($email)
         ]);
     }
 }

app/Repositories/DoctrineUserRepository.php

@@ -11,6 +11,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  **/
+
+use App\libs\Utils\PunnyCodeHelper;
 use Auth\Repositories\IUserRepository;
 use Auth\User;
 use utils\DoctrineFilterMapping;
@@ -49,8 +51,8 @@ protected function getFilterMappings()
             'last_name'   => 'e.last_name:json_string',
             'full_name'   => new DoctrineFilterMapping("concat(e.first_name, ' ', e.last_name) :operator :value"),
             'github_user' => 'e.github_user:json_string',
-            'email'       => ['e.email:json_string', 'e.second_email:json_string', 'e.third_email:json_string'],
-            'primary_email' => 'e.email:json_string',
+            'email'       => ['e.email:json_email', 'e.second_email:json_email', 'e.third_email:json_email'],
+            'primary_email' => 'e.email:json_email',
             'active'      => 'e.active:json_boolean',
             'group_id'    => new DoctrineJoinFilterMapping('e.groups', "g", "g.id :operator :value")
         ];
@@ -87,12 +89,14 @@ public function getByToken(string $token): ?User
      */
     public function getByEmailOrName(string $term): ?User
     {
+        $term = PunnyCodeHelper::encodeEmail($term);
+
         return $this->getEntityManager()
             ->createQueryBuilder()
             ->select("e")
             ->from($this->getBaseEntity(), "e")
             ->Where("e.email = (:term)")
-            ->setParameter("term", trim($term))
+            ->setParameter("term", $term)
             ->getQuery()
             ->getOneOrNullResult();
     }