diff --git a/src/Controller/CreateFileDataAction.php b/src/Controller/CreateFileDataAction.php index 82422b82188d1a2e1c48c3b8f1b47d8930cedc4c..da26c2051ec119175476ceffd6a7445c5233aba6 100644 --- a/src/Controller/CreateFileDataAction.php +++ b/src/Controller/CreateFileDataAction.php @@ -32,11 +32,14 @@ final class CreateFileDataAction extends BaseBlobController public function __invoke(Request $request): FileData { $sig = $request->headers->get('x-dbp-signature',''); + if (!$sig) { + throw ApiError::withDetails(Response::HTTP_UNAUTHORIZED, 'Signature missing', 'blob:createFileData-missing-sig'); + } $bucketId = (string) $request->query->get('bucketID', ''); $creationTime = (string) $request->query->get('creationTime', ''); $prefix = $request->query->get('prefix', ''); - if (!$sig || !$bucketId || !$creationTime) { + if (!$bucketId || !$creationTime) { throw ApiError::withDetails(Response::HTTP_FORBIDDEN, 'Signature cannot checked', 'blob:createFileData-unset-sig-params'); } diff --git a/src/Controller/DeleteFileDatasByPrefix.php b/src/Controller/DeleteFileDatasByPrefix.php index a2dad844214fe889b070b98876a4764c58cb5244..94f2cfd77abb43d7d7fae7315b182320813080ba 100644 --- a/src/Controller/DeleteFileDatasByPrefix.php +++ b/src/Controller/DeleteFileDatasByPrefix.php @@ -25,11 +25,14 @@ class DeleteFileDatasByPrefix extends BaseBlobController public function __invoke(Request $request) { $sig = $request->headers->get('x-dbp-signature', ''); + if (!$sig) { + throw ApiError::withDetails(Response::HTTP_UNAUTHORIZED, 'Signature missing', 'blob:createFileData-missing-sig'); + } $bucketId = $request->query->get('bucketID', ''); $creationTime = $request->query->get('creationTime', ''); $prefix = $request->query->get('prefix', ''); - if (!$sig || !$bucketId || !$creationTime || !$prefix) { + if (!$bucketId || !$creationTime || !$prefix) { throw ApiError::withDetails(Response::HTTP_FORBIDDEN, 'Signature cannot checked', 'blob:delete-files-per-prefix-unset-sig-params'); } diff --git a/src/DataProvider/FileDataDataProvider.php b/src/DataProvider/FileDataDataProvider.php index 88c4d1dc4c2dfa6cfec9639a3ef4309808495908..a05a93391481e344072a2d8afeff0471009fcd20 100644 --- a/src/DataProvider/FileDataDataProvider.php +++ b/src/DataProvider/FileDataDataProvider.php @@ -53,6 +53,10 @@ class FileDataDataProvider extends AbstractDataProvider protected function getFileDataById($id, array $filters): object { + $sig = $this->requestStack->getCurrentRequest()->headers->get('x-dbp-signature',''); + if (!$sig) { + throw ApiError::withDetails(Response::HTTP_UNAUTHORIZED, 'Signature missing', 'blob:createFileData-missing-sig'); + } $bucketId = $filters['bucketID'] ?? ''; if (!$bucketId) { throw ApiError::withDetails(Response::HTTP_BAD_REQUEST, 'BucketID is missing', 'blob:get-files-by-prefix-missing-bucketID'); @@ -85,6 +89,10 @@ class FileDataDataProvider extends AbstractDataProvider protected function getPage(int $currentPageNumber, int $maxNumItemsPerPage, array $filters = [], array $options = []): array { + $sig = $this->requestStack->getCurrentRequest()->headers->get('x-dbp-signature',''); + if (!$sig) { + throw ApiError::withDetails(Response::HTTP_UNAUTHORIZED, 'Signature missing', 'blob:createFileData-missing-sig'); + } $bucketId = $filters['bucketID'] ?? ''; if (!$bucketId) { throw ApiError::withDetails(Response::HTTP_BAD_REQUEST, 'BucketID is missing', 'blob:get-files-by-prefix-missing-bucketID'); @@ -126,10 +134,13 @@ class FileDataDataProvider extends AbstractDataProvider private function checkSignature(string $secret, array $filters): void { $sig = $this->requestStack->getCurrentRequest()->headers->get('x-dbp-signature',''); + if (!$sig) { + throw ApiError::withDetails(Response::HTTP_UNAUTHORIZED, 'Signature missing', 'blob:createFileData-missing-sig'); + } $bucketId = $filters['bucketID'] ?? ''; $creationTime = $filters['creationTime'] ?? '0'; - if (!$sig || !$bucketId || !$creationTime) { + if (!$bucketId || !$creationTime) { throw ApiError::withDetails(Response::HTTP_FORBIDDEN, 'Signature parameter missing', 'blob:dataprovider-missing-signature-params'); }