mirror of
https://github.com/getnamingo/registry.git
synced 2025-05-22 12:29:22 +02:00
Fixed #36
This commit is contained in:
Pinga
parent
80d89a6b90
commit
a69a642a12
3 changed files with 167 additions and 2 deletions
|
|
@ -5,6 +5,9 @@ namespace App\Controllers;
|
||||||
use Psr\Http\Message\ResponseInterface as Response;
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
use Psr\Container\ContainerInterface;
|
use Psr\Container\ContainerInterface;
|
||||||
|
use Selective\XmlDSig\PublicKeyStore;
|
||||||
|
use Selective\XmlDSig\CryptoVerifier;
|
||||||
|
use Selective\XmlDSig\XmlSignatureVerifier;
|
||||||
|
|
||||||
class ApplicationsController extends Controller
|
class ApplicationsController extends Controller
|
||||||
{
|
{
|
||||||
|
|
@ -152,6 +155,83 @@ class ApplicationsController extends Controller
|
||||||
$accepted = null;
|
$accepted = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($phaseType === 'sunrise') {
|
||||||
|
if ($smd !== null && $smd !== '') {
|
||||||
|
// Extract the BASE64 encoded part
|
||||||
|
$beginMarker = "-----BEGIN ENCODED SMD-----";
|
||||||
|
$endMarker = "-----END ENCODED SMD-----";
|
||||||
|
$beginPos = strpos($smd, $beginMarker) + strlen($beginMarker);
|
||||||
|
$endPos = strpos($smd, $endMarker);
|
||||||
|
$encodedSMD = trim(substr($smd, $beginPos, $endPos - $beginPos));
|
||||||
|
|
||||||
|
// Decode the BASE64 content
|
||||||
|
$xmlContent = base64_decode($encodedSMD);
|
||||||
|
|
||||||
|
// Load the XML content using DOMDocument
|
||||||
|
$domDocument = new \DOMDocument();
|
||||||
|
$domDocument->preserveWhiteSpace = false;
|
||||||
|
$domDocument->formatOutput = true;
|
||||||
|
$domDocument->loadXML($xmlContent);
|
||||||
|
|
||||||
|
// Parse data
|
||||||
|
$xpath = new \DOMXPath($domDocument);
|
||||||
|
$xpath->registerNamespace('smd', 'urn:ietf:params:xml:ns:signedMark-1.0');
|
||||||
|
$xpath->registerNamespace('mark', 'urn:ietf:params:xml:ns:mark-1.0');
|
||||||
|
|
||||||
|
$notBefore = new \DateTime($xpath->evaluate('string(//smd:notBefore)'));
|
||||||
|
$notAfter = new \DateTime($xpath->evaluate('string(//smd:notAfter)'));
|
||||||
|
$markName = $xpath->evaluate('string(//mark:markName)');
|
||||||
|
$labels = [];
|
||||||
|
foreach ($xpath->query('//mark:label') as $x_label) {
|
||||||
|
$labels[] = $x_label->nodeValue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!in_array($label, $labels)) {
|
||||||
|
return view($response, 'admin/domains/createApplication.twig', [
|
||||||
|
'domainName' => $domainName,
|
||||||
|
'error' => "SMD file is not valid for the application being created.",
|
||||||
|
'registrars' => $registrars,
|
||||||
|
'registrar' => $registrar,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if current date and time is between notBefore and notAfter
|
||||||
|
$now = new \DateTime();
|
||||||
|
if (!($now >= $notBefore && $now <= $notAfter)) {
|
||||||
|
// Current time is outside the valid range, return an error view
|
||||||
|
return view($response, 'admin/domains/createApplication.twig', [
|
||||||
|
'domainName' => $domainName,
|
||||||
|
'error' => "Current time is outside the valid range.",
|
||||||
|
'registrars' => $registrars,
|
||||||
|
'registrar' => $registrar,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Verify the signature
|
||||||
|
$publicKeyStore = new PublicKeyStore();
|
||||||
|
$publicKeyStore->loadFromDocument($domDocument);
|
||||||
|
$cryptoVerifier = new CryptoVerifier($publicKeyStore);
|
||||||
|
$xmlSignatureVerifier = new XmlSignatureVerifier($cryptoVerifier);
|
||||||
|
$isValid = $xmlSignatureVerifier->verifyXml($xmlContent);
|
||||||
|
|
||||||
|
if (!$isValid) {
|
||||||
|
return view($response, 'admin/domains/createApplication.twig', [
|
||||||
|
'domainName' => $domainName,
|
||||||
|
'error' => "The XML signature of the SMD file is not valid.",
|
||||||
|
'registrars' => $registrars,
|
||||||
|
'registrar' => $registrar,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return view($response, 'admin/domains/createApplication.twig', [
|
||||||
|
'domainName' => $domainName,
|
||||||
|
'error' => "SMD upload is required in the 'sunrise' phase.",
|
||||||
|
'registrars' => $registrars,
|
||||||
|
'registrar' => $registrar,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$domain_already_reserved = $db->selectValue(
|
$domain_already_reserved = $db->selectValue(
|
||||||
'SELECT id FROM reserved_domain_names WHERE name = ? LIMIT 1',
|
'SELECT id FROM reserved_domain_names WHERE name = ? LIMIT 1',
|
||||||
[$label]
|
[$label]
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,9 @@ use App\Models\Domain;
|
||||||
use Psr\Http\Message\ResponseInterface as Response;
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
use Psr\Container\ContainerInterface;
|
use Psr\Container\ContainerInterface;
|
||||||
|
use Selective\XmlDSig\PublicKeyStore;
|
||||||
|
use Selective\XmlDSig\CryptoVerifier;
|
||||||
|
use Selective\XmlDSig\XmlSignatureVerifier;
|
||||||
|
|
||||||
class DomainsController extends Controller
|
class DomainsController extends Controller
|
||||||
{
|
{
|
||||||
|
|
@ -248,7 +251,7 @@ class DomainsController extends Controller
|
||||||
if (!isset($data['noticeid']) || $data['noticeid'] === '' ||
|
if (!isset($data['noticeid']) || $data['noticeid'] === '' ||
|
||||||
!isset($data['notafter']) || $data['notafter'] === '' ||
|
!isset($data['notafter']) || $data['notafter'] === '' ||
|
||||||
!isset($data['accepted']) || $data['accepted'] === '') {
|
!isset($data['accepted']) || $data['accepted'] === '') {
|
||||||
// Trigger an error or handle the situation as needed
|
// Trigger an error
|
||||||
return view($response, 'admin/domains/createDomain.twig', [
|
return view($response, 'admin/domains/createDomain.twig', [
|
||||||
'domainName' => $domainName,
|
'domainName' => $domainName,
|
||||||
'error' => "Error: 'noticeid', 'notafter', or 'accepted' cannot be empty when phaseType is 'claims'",
|
'error' => "Error: 'noticeid', 'notafter', or 'accepted' cannot be empty when phaseType is 'claims'",
|
||||||
|
|
@ -267,6 +270,87 @@ class DomainsController extends Controller
|
||||||
$accepted = null;
|
$accepted = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($phaseType === 'sunrise') {
|
||||||
|
if ($smd !== null && $smd !== '') {
|
||||||
|
// Extract the BASE64 encoded part
|
||||||
|
$beginMarker = "-----BEGIN ENCODED SMD-----";
|
||||||
|
$endMarker = "-----END ENCODED SMD-----";
|
||||||
|
$beginPos = strpos($smd, $beginMarker) + strlen($beginMarker);
|
||||||
|
$endPos = strpos($smd, $endMarker);
|
||||||
|
$encodedSMD = trim(substr($smd, $beginPos, $endPos - $beginPos));
|
||||||
|
|
||||||
|
// Decode the BASE64 content
|
||||||
|
$xmlContent = base64_decode($encodedSMD);
|
||||||
|
|
||||||
|
// Load the XML content using DOMDocument
|
||||||
|
$domDocument = new \DOMDocument();
|
||||||
|
$domDocument->preserveWhiteSpace = false;
|
||||||
|
$domDocument->formatOutput = true;
|
||||||
|
$domDocument->loadXML($xmlContent);
|
||||||
|
|
||||||
|
// Parse data
|
||||||
|
$xpath = new \DOMXPath($domDocument);
|
||||||
|
$xpath->registerNamespace('smd', 'urn:ietf:params:xml:ns:signedMark-1.0');
|
||||||
|
$xpath->registerNamespace('mark', 'urn:ietf:params:xml:ns:mark-1.0');
|
||||||
|
|
||||||
|
$notBefore = new \DateTime($xpath->evaluate('string(//smd:notBefore)'));
|
||||||
|
$notAfter = new \DateTime($xpath->evaluate('string(//smd:notAfter)'));
|
||||||
|
$markName = $xpath->evaluate('string(//mark:markName)');
|
||||||
|
$labels = [];
|
||||||
|
foreach ($xpath->query('//mark:label') as $x_label) {
|
||||||
|
$labels[] = $x_label->nodeValue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!in_array($label, $labels)) {
|
||||||
|
return view($response, 'admin/domains/createDomain.twig', [
|
||||||
|
'domainName' => $domainName,
|
||||||
|
'error' => "SMD file is not valid for the domain name being registered.",
|
||||||
|
'registrars' => $registrars,
|
||||||
|
'registrar' => $registrar,
|
||||||
|
'launch_phases' => $launch_phases
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if current date and time is between notBefore and notAfter
|
||||||
|
$now = new \DateTime();
|
||||||
|
if (!($now >= $notBefore && $now <= $notAfter)) {
|
||||||
|
// Current time is outside the valid range, return an error view
|
||||||
|
return view($response, 'admin/domains/createDomain.twig', [
|
||||||
|
'domainName' => $domainName,
|
||||||
|
'error' => "Current time is outside the valid range.",
|
||||||
|
'registrars' => $registrars,
|
||||||
|
'registrar' => $registrar,
|
||||||
|
'launch_phases' => $launch_phases
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Verify the signature
|
||||||
|
$publicKeyStore = new PublicKeyStore();
|
||||||
|
$publicKeyStore->loadFromDocument($domDocument);
|
||||||
|
$cryptoVerifier = new CryptoVerifier($publicKeyStore);
|
||||||
|
$xmlSignatureVerifier = new XmlSignatureVerifier($cryptoVerifier);
|
||||||
|
$isValid = $xmlSignatureVerifier->verifyXml($xmlContent);
|
||||||
|
|
||||||
|
if (!$isValid) {
|
||||||
|
return view($response, 'admin/domains/createDomain.twig', [
|
||||||
|
'domainName' => $domainName,
|
||||||
|
'error' => "The XML signature of the SMD file is not valid.",
|
||||||
|
'registrars' => $registrars,
|
||||||
|
'registrar' => $registrar,
|
||||||
|
'launch_phases' => $launch_phases
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return view($response, 'admin/domains/createDomain.twig', [
|
||||||
|
'domainName' => $domainName,
|
||||||
|
'error' => "SMD upload is required in the 'sunrise' phase.",
|
||||||
|
'registrars' => $registrars,
|
||||||
|
'registrar' => $registrar,
|
||||||
|
'launch_phases' => $launch_phases
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$domain_already_reserved = $db->selectValue(
|
$domain_already_reserved = $db->selectValue(
|
||||||
'SELECT id FROM reserved_domain_names WHERE name = ? LIMIT 1',
|
'SELECT id FROM reserved_domain_names WHERE name = ? LIMIT 1',
|
||||||
[$label]
|
[$label]
|
||||||
|
|
|
||||||
|
|
@ -44,7 +44,8 @@
|
||||||
"guzzlehttp/guzzle": "^7.8",
|
"guzzlehttp/guzzle": "^7.8",
|
||||||
"league/flysystem": "^3.23",
|
"league/flysystem": "^3.23",
|
||||||
"mpociot/vat-calculator": "^3.6",
|
"mpociot/vat-calculator": "^3.6",
|
||||||
"ramsey/uuid": "^4.7"
|
"ramsey/uuid": "^4.7",
|
||||||
|
"selective/xmldsig": "^3.1"
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
"psr-4": {
|
"psr-4": {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue