Skip to content
This repository has been archived by the owner on Apr 14, 2019. It is now read-only.

Commit

Permalink
Fix WSSE future token issue
Browse files Browse the repository at this point in the history
By adding the clock skew option

Source: djoos/EscapeWSSEAuthenticationBundle#84
  • Loading branch information
sagikazarmark committed Jun 17, 2016
1 parent 4817361 commit ff1a2c6
Show file tree
Hide file tree
Showing 6 changed files with 99 additions and 1 deletion.
2 changes: 1 addition & 1 deletion app/config/oro.yml
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ stof_doctrine_extensions:
tree: true

escape_wsse_authentication:
authentication_provider_class: Oro\Bundle\UserBundle\Security\WsseAuthProvider
authentication_provider_class: HotfixBundle\Security\Core\Authentication\Provider\WsseProvider # Oro\Bundle\UserBundle\Security\WsseAuthProvider
authentication_listener_class: Oro\Bundle\UserBundle\Security\WsseAuthListener

genemu_form:
Expand Down
20 changes: 20 additions & 0 deletions src/HotfixBundle/DependencyInjection/Compiler/WssePass.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
<?php

namespace HotfixBundle\DependencyInjection\Compiler;

use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;

class WssePass implements CompilerPassInterface
{
/**
* {@inheritdoc}
*/
public function process(ContainerBuilder $container)
{
if ($container->hasDefinition('escape_wsse_authentication.provider')) {
$definition = $container->getDefinition('escape_wsse_authentication.provider');
$definition->addMethodCall('setClockSkew', ['%hotfix.wsse.clock_skew%']);
}
}
}
44 changes: 44 additions & 0 deletions src/HotfixBundle/DependencyInjection/Configuration.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
<?php

namespace HotfixBundle\DependencyInjection;

use Symfony\Component\Config\Definition\Builder\ArrayNodeDefinition;
use Symfony\Component\Config\Definition\Builder\TreeBuilder;
use Symfony\Component\Config\Definition\ConfigurationInterface;

class Configuration implements ConfigurationInterface
{
/**
* {@inheritdoc}
*/
public function getConfigTreeBuilder()
{
$treeBuilder = new TreeBuilder();
$rootNode = $treeBuilder->root('hotfix');

$this->addWsse($rootNode);

return $treeBuilder;
}

/**
* @param ArrayNodeDefinition $rootNode
*/
private function addWsse(ArrayNodeDefinition $rootNode)
{
$rootNode
->children()
->arrayNode('wsse')
->addDefaultsIfNotSet()
->children()
->integerNode('clock_skew')
->cannotBeEmpty()
->defaultValue(0)
->info('An amount of seconds to tolerate differences between client and server')
->end()
->end()
->end()
->end()
;
}
}
5 changes: 5 additions & 0 deletions src/HotfixBundle/DependencyInjection/HotfixExtension.php
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,12 @@ class HotfixExtension extends Extension
*/
public function load(array $configs, ContainerBuilder $container)
{
$configuration = new Configuration();
$config = $this->processConfiguration($configuration, $configs);

$loader = new YamlFileLoader($container, new FileLocator(__DIR__ . '/../Resources/config'));
$loader->load('services.yml');

$container->setParameter('hotfix.wsse.clock_skew', $config['wsse']['clock_skew']);
}
}
3 changes: 3 additions & 0 deletions src/HotfixBundle/HotfixBundle.php
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
namespace HotfixBundle;

use HotfixBundle\DependencyInjection\Compiler\ViewListenerPriorityPass;
use HotfixBundle\DependencyInjection\Compiler\WssePass;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\HttpKernel\Bundle\Bundle;

Expand All @@ -14,6 +15,8 @@ class HotfixBundle extends Bundle
public function build(ContainerBuilder $container)
{
parent::build($container);

$container->addCompilerPass(new ViewListenerPriorityPass());
$container->addCompilerPass(new WssePass());
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
<?php

namespace HotfixBundle\Security\Core\Authentication\Provider;

use Oro\Bundle\UserBundle\Security\WsseAuthProvider;

class WsseProvider extends WsseAuthProvider
{
/**
* @var int
*/
protected $clockSkew;

/**
* @param int $clockSkew
*/
public function setClockSkew($clockSkew)
{
$this->$clockSkew = $clockSkew;
}

protected function isTokenFromFuture($created)
{
return strtotime($created) - $this->clockSkew > strtotime($this->getCurrentTime());
}
}

0 comments on commit ff1a2c6

Please sign in to comment.