updated CORS logic
Change-Id: I44006d34dfeedeb16022ae4609afb0c303ab9bb0 Signed-off-by: smarcet <smarcet@gmail.com>
This commit is contained in:
smarcet
parent
5f250bb89a
commit
f9e3208d6e
|
|
@ -17,6 +17,7 @@ use App\Http\Controllers\UserValidationRulesFactory;
|
|||
use App\Http\Utils\HTMLCleaner;
|
||||
use App\ModelSerializers\SerializerRegistry;
|
||||
use Auth\Repositories\IUserRepository;
|
||||
use Illuminate\Http\Request as LaravelRequest;
|
||||
use Illuminate\Support\Facades\Input;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
use Illuminate\Support\Facades\Request;
|
||||
|
|
@ -194,17 +195,18 @@ final class OAuth2UserApiController extends OAuth2ProtectedController
|
|||
}
|
||||
}
|
||||
|
||||
public function UpdateMyPic(){
|
||||
public function UpdateMyPic(LaravelRequest $request){
|
||||
try {
|
||||
if (!$this->resource_server_context->getCurrentUserId()) {
|
||||
return $this->error403();
|
||||
}
|
||||
|
||||
$file = request()->file('pic');
|
||||
|
||||
if (!is_null($file)) {
|
||||
$user = $this->openid_user_service->updateProfilePhoto($this->resource_server_context->getCurrentUserId(), $file);
|
||||
$file = $request->hasFile('file') ? $request->file('file'):null;
|
||||
if(is_null($file)){
|
||||
throw new ValidationException('file is not present');
|
||||
}
|
||||
$user = $this->openid_user_service->updateProfilePhoto($this->resource_server_context->getCurrentUserId(), $file);
|
||||
|
||||
return $this->updated(SerializerRegistry::getInstance()->getSerializer($user, SerializerRegistry::SerializerType_Private)->serialize());
|
||||
}
|
||||
catch (ValidationException $ex1)
|
||||
|
|
|
|||
|
|
@ -66,18 +66,16 @@ class Kernel extends HttpKernel
|
|||
'auth' => \App\Http\Middleware\Authenticate::class,
|
||||
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
|
||||
'ssl' => \App\Http\Middleware\SSLMiddleware::class,
|
||||
'can' => \Illuminate\Foundation\Http\Middleware\Authorize::class,
|
||||
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
|
||||
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
|
||||
'csrf' => \App\Http\Middleware\VerifyCsrfToken::class,
|
||||
'oauth2.endpoint' => \App\Http\Middleware\OAuth2BearerAccessTokenRequestValidator::class,
|
||||
'cors' => \Spatie\Cors\Cors::class,
|
||||
'oauth2.endpoint' => \App\Http\Middleware\OAuth2BearerAccessTokenRequestValidator::class,
|
||||
'oauth2.currentuser.serveradmin' => \App\Http\Middleware\CurrentUserIsOAuth2ServerAdmin::class,
|
||||
'oauth2.currentuser.serveradmin.json' => \App\Http\Middleware\CurrentUserIsOAuth2ServerAdminJson::class,
|
||||
'openstackid.currentuser.serveradmin' => \App\Http\Middleware\CurrentUserIsOpenIdServerAdmin::class,
|
||||
'openstackid.currentuser.serveradmin.json' => \App\Http\Middleware\CurrentUserIsOpenIdServerAdminJson::class,
|
||||
'oauth2.currentuser.allow.client.edition' => \App\Http\Middleware\CurrentUserCanEditOAuth2Client::class,
|
||||
'oauth2.currentuser.owns.client' => \App\Http\Middleware\CurrentUserOwnsOAuth2Client::class,
|
||||
'currentuser.checkroute' => \App\Http\Middleware\CurrentUserCheckRouteParams::class,
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,7 +29,6 @@ use OAuth2\Services\ITokenService;
|
|||
use OAuth2\IResourceServerContext;
|
||||
use OAuth2\Repositories\IApiEndpointRepository;
|
||||
use URL\Normalizer;
|
||||
use Illuminate\Support\Facades\Route;
|
||||
use Exception;
|
||||
use Utils\Services\ICheckPointService;
|
||||
use Utils\Services\ILogService;
|
||||
|
|
@ -111,6 +110,8 @@ final class OAuth2BearerAccessTokenRequestValidator
|
|||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
Log::debug(sprintf("OAuth2BearerAccessTokenRequestValidator::handle %s %s", $request->getMethod(), $request->getRequestUri()));
|
||||
|
||||
$url = $request->getRequestUri();
|
||||
$method = $request->getMethod();
|
||||
$realm = $request->getHost();
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ use Illuminate\Support\Facades\Log;
|
|||
use Utils\Services\ICheckPointService;
|
||||
use Utils\Services\ServiceLocator;
|
||||
use Utils\Services\UtilsServiceCatalog;
|
||||
|
||||
use Exception;
|
||||
/**
|
||||
* Class SingleAccessPoint
|
||||
* @package App\Http\Middleware
|
||||
|
|
@ -28,7 +28,7 @@ final class SingleAccessPoint
|
|||
public function handle($request, Closure $next)
|
||||
{
|
||||
// Perform action
|
||||
if(Config::get('server.Banning_Enable', true))
|
||||
if(Config::get('server.banning_enable', true))
|
||||
{
|
||||
try {
|
||||
//checkpoint security pattern entry point
|
||||
|
|
|
|||
|
|
@ -243,12 +243,8 @@ final class ParseMultiPartFormDataInputStream
|
|||
$val = self::boolVal($val);
|
||||
if(!empty($val) && is_int($val))
|
||||
$val = intval($val);
|
||||
if(!empty($val) && is_numeric($val))
|
||||
$val = intval($val);
|
||||
if(!empty($val) && is_double($val))
|
||||
$val = doubleval($val);
|
||||
if(!empty($val) && is_string($val))
|
||||
$val = strval($val);
|
||||
if (preg_match('/^(.*)\[\]$/i', $match[1], $tmp)) {
|
||||
$data[$tmp[1]][] = $val;
|
||||
} else {
|
||||
|
|
@ -321,7 +317,7 @@ final class ParseMultiPartFormDataInputStream
|
|||
|
||||
function parse_parameter( &$params, $parameter, $value ) {
|
||||
if ( strpos($parameter, '[') !== FALSE ) {
|
||||
$matches = [];
|
||||
$matches = array();
|
||||
if ( preg_match( '/^([^[]*)\[([^]]*)\](.*)$/', $parameter, $match ) ) {
|
||||
$name = $match[1];
|
||||
$key = $match[2];
|
||||
|
|
@ -329,17 +325,17 @@ final class ParseMultiPartFormDataInputStream
|
|||
|
||||
if ( $name !== '' && $name !== NULL ) {
|
||||
if ( ! isset($params[$name]) || ! is_array($params[$name]) ) {
|
||||
$params[$name] = [];
|
||||
$params[$name] = array();
|
||||
} else {
|
||||
}
|
||||
if ( strlen($rem) > 0 ) {
|
||||
if ( $key === '' || $key === NULL ) {
|
||||
$arr = [];
|
||||
$arr = array();
|
||||
$this->parse_parameter( $arr, $rem, $value );
|
||||
$params[$name][] = $arr;
|
||||
} else {
|
||||
if ( !isset($params[$name][$key]) || !is_array($params[$name][$key]) ) {
|
||||
$params[$name][$key] = [];
|
||||
$params[$name][$key] = array();
|
||||
}
|
||||
$this->parse_parameter( $params[$name][$key], $rem, $value );
|
||||
}
|
||||
|
|
@ -357,7 +353,7 @@ final class ParseMultiPartFormDataInputStream
|
|||
$this->parse_parameter( $params, $rem, $value );
|
||||
} else {
|
||||
if ( ! isset($params[$key]) || ! is_array($params[$key]) ) {
|
||||
$params[$key] = [];
|
||||
$params[$key] = array();
|
||||
}
|
||||
$this->parse_parameter( $params[$key], $rem, $value );
|
||||
}
|
||||
|
|
|
|||
|
|
@ -373,7 +373,11 @@ Route::group(
|
|||
[
|
||||
'namespace' => 'App\Http\Controllers\Api\OAuth2',
|
||||
'prefix' => 'api/v1',
|
||||
'middleware' => ['api']
|
||||
'middleware' => [
|
||||
'ssl',
|
||||
'cors',
|
||||
'oauth2.endpoint',
|
||||
]
|
||||
], function () {
|
||||
|
||||
Route::group(['prefix' => 'users'], function () {
|
||||
|
|
@ -382,7 +386,7 @@ Route::group(
|
|||
|
||||
Route::group(['prefix' => 'me'], function () {
|
||||
Route::get('', 'OAuth2UserApiController@me');
|
||||
Route::put('','OAuth2UserApiController@UpdateMe');
|
||||
Route::match(['options','put'],'','OAuth2UserApiController@UpdateMe');
|
||||
Route::group(['prefix' => 'pic'], function () {
|
||||
Route::put('','OAuth2UserApiController@UpdateMyPic');
|
||||
});
|
||||
|
|
|
|||
Loading…
Reference in New Issue