22677854876

Committed 04 Mar 2026 04:07PM UTC coverage: 87.038% (-4.3%) from 91.356%

Build # 22677854876

Build Type

push

github

Committed by

tg666

Commit Message

Added port to Referer header if exists

Coverage Stats

0 of 3 new or added lines in 1 file covered. (0.0%)

113 existing lines in 8 files now uncovered.

1484 of 1705 relevant lines covered (87.04%)

0.87 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

92.0

/src/Security/SignatureStrategy.php

<?php

declare(strict_types=1);

namespace SixtyEightPublishers\ImageStorage\Security;

use SixtyEightPublishers\FileStorage\Config\ConfigInterface;
use SixtyEightPublishers\ImageStorage\Config\Config;
use function array_pop;
use function explode;
use function hash_equals;
use function hash_hmac;
use function is_string;
use function ltrim;

final class SignatureStrategy implements SignatureStrategyInterface
{
    public function __construct(
        private readonly ConfigInterface $config,
        private readonly KnownModifiers $knownModifiers,
    ) {}

    public function createToken(string $path): ?string
    {
        if ($this->isKnown(path: $path)) {
            return null;
        }

        return $this->doCreateToken(path: $path);
    }

    public function verifyToken(string $token, string $path): bool
    {
        if ($this->isKnown($path)) {
            return true;
        }

        if ('' === $token) {
            return false;
        }

        return hash_equals($token, $this->doCreateToken(path: $path));
    }

    private function doCreateToken(string $path): string
    {
        $algo = $this->config[Config::SIGNATURE_ALGORITHM];
        $key = $this->config[Config::SIGNATURE_KEY];

        return hash_hmac(
            is_string($algo) ? $algo : 'sha256',
            ltrim($path, '/'),
            is_string($key) ? $key : '',
        );
    }

    private function isKnown(string $path): bool
    {
        if (!$this->config[Config::DISABLE_SIGNATURE_ON_KNOWN_MODIFIERS]) {
            return false;
        }

        $parts = explode('/', $path);
        array_pop($parts); # filename
        $modifiers = array_pop($parts);

        if (null === $modifiers) {
            return false;
        }

        return $this->knownModifiers->isKnown(
            modifiers: $modifiers,
        );
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	namespace SixtyEightPublishers\ImageStorage\Security;
6
7	use SixtyEightPublishers\FileStorage\Config\ConfigInterface;
8	use SixtyEightPublishers\ImageStorage\Config\Config;
9	use function array_pop;
10	use function explode;
11	use function hash_equals;
12	use function hash_hmac;
13	use function is_string;
14	use function ltrim;
15
16	final class SignatureStrategy implements SignatureStrategyInterface
17	{
18	public function __construct(	1✔
19	private readonly ConfigInterface $config,
20	private readonly KnownModifiers $knownModifiers,
21	) {}	1✔
22
23	public function createToken(string $path): ?string
24	{
25	if ($this->isKnown(path: $path)) {	1✔
26	return null;	1✔
27	}
28
29	return $this->doCreateToken(path: $path);	1✔
30	}
31
32	public function verifyToken(string $token, string $path): bool
33	{
34	if ($this->isKnown($path)) {	1✔
35	return true;	1✔
36	}
37
38	if ('' === $token) {	1✔
UNCOV 39	return false;	×
40	}
41
42	return hash_equals($token, $this->doCreateToken(path: $path));	1✔
43	}
44
45	private function doCreateToken(string $path): string
46	{
47	$algo = $this->config[Config::SIGNATURE_ALGORITHM];	1✔
48	$key = $this->config[Config::SIGNATURE_KEY];	1✔
49
50	return hash_hmac(	1✔
51	is_string($algo) ? $algo : 'sha256',	1✔
52	ltrim($path, '/'),	1✔
53	is_string($key) ? $key : '',	1✔
54	);
55	}
56
57	private function isKnown(string $path): bool
58	{
59	if (!$this->config[Config::DISABLE_SIGNATURE_ON_KNOWN_MODIFIERS]) {	1✔
60	return false;	1✔
61	}
62
63	$parts = explode('/', $path);	1✔
64	array_pop($parts); # filename	1✔
65	$modifiers = array_pop($parts);	1✔
66
67	if (null === $modifiers) {	1✔
UNCOV 68	return false;	×
69	}
70
71	return $this->knownModifiers->isKnown(	1✔
72	modifiers: $modifiers,	1✔
73	);
74	}
75	}

68publishers / image-storage / 22677854876

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous