gh-mirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-12-23 03:31:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Always verify keys, should also help with Heroku instances.

Browse Source
This commit is contained in:
James Cole
2019-10-19 09:37:35 +02:00
parent 0d924990c8
commit 0708ea875a
3 changed files with 120 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
app/Console/Commands/Integrity/RestoreOAuthKeys.php
View File

@@ -23,6 +23,7 @@ namespace FireflyIII\Console\Commands\Integrity;
use Artisan; use Artisan;
use Crypt; use Crypt;
use FireflyIII\Support\System\OAuthKeys;
use Illuminate\Console\Command; use Illuminate\Console\Command;
/** /**
@@ -30,8 +31,6 @@ use Illuminate\Console\Command;
*/ */
class RestoreOAuthKeys extends Command class RestoreOAuthKeys extends Command
{ {
private const PRIVATE_KEY = 'oauth_private_key';
private const PUBLIC_KEY = 'oauth_public_key';
/** /**
* The console command description. * The console command description.
* *
@@ -62,7 +61,7 @@ class RestoreOAuthKeys extends Command
*/ */
private function generateKeys(): void private function generateKeys(): void
{ {
Artisan::call('passport:keys'); OAuthKeys::generateKeys();
} }
/** /**
@@ -70,7 +69,7 @@ class RestoreOAuthKeys extends Command
*/ */
private function keysInDatabase(): bool private function keysInDatabase(): bool
{ {
return app('fireflyconfig')->has(self::PRIVATE_KEY) && app('fireflyconfig')->has(self::PUBLIC_KEY); return OAuthKeys::keysInDatabase();
} }
/** /**
@@ -78,10 +77,7 @@ class RestoreOAuthKeys extends Command
*/ */
private function keysOnDrive(): bool private function keysOnDrive(): bool
{ {
$private = storage_path('oauth-private.key'); return OAuthKeys::hasKeyFiles();
$public = storage_path('oauth-public.key');
return file_exists($private) && file_exists($public);
} }
/** /**
@@ -89,12 +85,7 @@ class RestoreOAuthKeys extends Command
*/ */
private function restoreKeysFromDB(): void private function restoreKeysFromDB(): void
{ {
$privateContent = Crypt::decrypt(app('fireflyconfig')->get(self::PRIVATE_KEY)->data); OAuthKeys::restoreKeysFromDB();
$publicContent = Crypt::decrypt(app('fireflyconfig')->get(self::PUBLIC_KEY)->data);
$private = storage_path('oauth-private.key');
$public = storage_path('oauth-public.key');
file_put_contents($private, $privateContent);
file_put_contents($public, $publicContent);
} }
/** /**
@@ -129,9 +120,6 @@ class RestoreOAuthKeys extends Command
*/ */
private function storeKeysInDB(): void private function storeKeysInDB(): void
{ {
$private = storage_path('oauth-private.key'); OAuthKeys::storeKeysInDB();
$public = storage_path('oauth-public.key');
app('fireflyconfig')->set(self::PRIVATE_KEY, Crypt::encrypt(file_get_contents($private)));
app('fireflyconfig')->set(self::PUBLIC_KEY, Crypt::encrypt(file_get_contents($public)));
} }
} }

3
app/Http/Middleware/Installer.php
View File

@@ -27,6 +27,7 @@ namespace FireflyIII\Http\Middleware;
use Closure; use Closure;
use DB; use DB;
use FireflyIII\Exceptions\FireflyException; use FireflyIII\Exceptions\FireflyException;
use FireflyIII\Support\System\OAuthKeys;
use Illuminate\Database\QueryException; use Illuminate\Database\QueryException;
use Log; use Log;
@@ -71,6 +72,7 @@ class Installer
if ($this->hasNoTables() || $this->oldDBVersion() || $this->oldVersion()) { if ($this->hasNoTables() || $this->oldDBVersion() || $this->oldVersion()) {
return response()->redirectTo(route('installer.index')); return response()->redirectTo(route('installer.index'));
} }
OAuthKeys::verifyKeysRoutine();
// update scheme version // update scheme version
// update firefly version // update firefly version
@@ -182,4 +184,5 @@ class Installer
return false; return false;
} }
} }

111
app/Support/System/OAuthKeys.php Normal file
View File

@@ -0,0 +1,111 @@
<?php
/**
* OAuthKeys.php
* Copyright (c) 2019 thegrumpydictator@gmail.com
*
* This file is part of Firefly III (https://github.com/firefly-iii).
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace FireflyIII\Support\System;
use Artisan;
use Crypt;
use Laravel\Passport\Console\KeysCommand;
/**
* Class OAuthKeys
*/
class OAuthKeys
{
private const PRIVATE_KEY = 'oauth_private_key';
private const PUBLIC_KEY = 'oauth_public_key';
/**
*
*/
public static function generateKeys(): void
{
Artisan::registerCommand(new KeysCommand());
Artisan::call('passport:keys');
}
/**
* @return bool
*/
public static function hasKeyFiles(): bool
{
$private = storage_path('oauth-private.key');
$public = storage_path('oauth-public.key');
return file_exists($private) && file_exists($public);
}
/**
* @return bool
*/
public static function keysInDatabase(): bool
{
return app('fireflyconfig')->has(self::PRIVATE_KEY) && app('fireflyconfig')->has(self::PUBLIC_KEY);
}
/**
*
*/
public static function restoreKeysFromDB(): void
{
$privateContent = Crypt::decrypt(app('fireflyconfig')->get(self::PRIVATE_KEY)->data);
$publicContent = Crypt::decrypt(app('fireflyconfig')->get(self::PUBLIC_KEY)->data);
$private = storage_path('oauth-private.key');
$public = storage_path('oauth-public.key');
file_put_contents($private, $privateContent);
file_put_contents($public, $publicContent);
}
/**
*
*/
public static function storeKeysInDB(): void
{
$private = storage_path('oauth-private.key');
$public = storage_path('oauth-public.key');
app('fireflyconfig')->set(self::PRIVATE_KEY, Crypt::encrypt(file_get_contents($private)));
app('fireflyconfig')->set(self::PUBLIC_KEY, Crypt::encrypt(file_get_contents($public)));
}
/**
*
*/
public static function verifyKeysRoutine(): void
{
if (!self::keysInDatabase() && !self::hasKeyFiles()) {
self::generateKeys();
self::storeKeysInDB();
return;
}
if (self::keysInDatabase() && !self::hasKeyFiles()) {
self::restoreKeysFromDB();
return;
}
if (!self::keysInDatabase() && self::hasKeyFiles()) {
self::storeKeysInDB();
return;
}
}
}