Move SIPBridge validator to service

Signed-off-by: Vitor Mattos <vitor@php.rio>

lib/Controller/RoomController.php

@@ -50,6 +50,7 @@ use OCA\Talk\Service\BreakoutRoomService;
 use OCA\Talk\Service\ParticipantService;
 use OCA\Talk\Service\RoomService;
 use OCA\Talk\Service\SessionService;
+use OCA\Talk\Service\SIPBridgeService;
 use OCA\Talk\TalkSession;
 use OCA\Talk\Webinary;
 use OCP\App\IAppManager;
@@ -94,6 +95,7 @@ class RoomController extends AEnvironmentAwareController {
 	protected MessageParser $messageParser;
 	protected ITimeFactory $timeFactory;
 	protected AvatarService $avatarService;
+	protected SIPBridgeService $SIPBridgeService;
 	protected IL10N $l10n;
 	protected IConfig $config;
 	protected Config $talkConfig;
@@ -121,6 +123,7 @@ class RoomController extends AEnvironmentAwareController {
 								MessageParser $messageParser,
 								ITimeFactory $timeFactory,
 								AvatarService $avatarService,
+								SIPBridgeService $SIPBridgeService,
 								IL10N $l10n,
 								IConfig $config,
 								Config $talkConfig,
@@ -145,6 +148,7 @@ class RoomController extends AEnvironmentAwareController {
 		$this->messageParser = $messageParser;
 		$this->timeFactory = $timeFactory;
 		$this->avatarService = $avatarService;
+		$this->SIPBridgeService = $SIPBridgeService;
 		$this->l10n = $l10n;
 		$this->config = $config;
 		$this->talkConfig = $talkConfig;
@@ -347,37 +351,15 @@ class RoomController extends AEnvironmentAwareController {
 	 * and the body of the request, calculated with the shared secret from the
 	 * configuration.
 	 *
-	 * @param string $data
+	 * @param string $token
 	 * @return bool True if the request is from the SIP bridge and valid, false if not from SIP bridge
 	 * @throws UnauthorizedException when the request tried to sign as SIP bridge but is not valid
 	 */
-	private function validateSIPBridgeRequest(string $data): bool {
+	private function validateSIPBridgeRequest(string $token): bool {
 		$random = $this->request->getHeader('TALK_SIPBRIDGE_RANDOM');
 		$checksum = $this->request->getHeader('TALK_SIPBRIDGE_CHECKSUM');
-
-		if ($random === '' && $checksum === '') {
-			return false;
-		}
-
-		if (strlen($random) < 32) {
-			throw new UnauthorizedException('Invalid random provided');
-		}
-
-		if (empty($checksum)) {
-			throw new UnauthorizedException('Invalid checksum provided');
-		}
-
 		$secret = $this->talkConfig->getSIPSharedSecret();
-		if (empty($secret)) {
-			throw new UnauthorizedException('No shared SIP secret provided');
-		}
-		$hash = hash_hmac('sha256', $random . $data, $secret);
-
-		if (hash_equals($hash, strtolower($checksum))) {
-			return true;
-		}
-
-		throw new UnauthorizedException('Invalid HMAC provided');
+		return $this->SIPBridgeService->validateSIPBridgeRequest($random, $checksum, $secret, $token);
 	}
 
 	protected function formatRoom(Room $room, ?Participant $currentParticipant, ?array $statuses = null, bool $isSIPBridgeRequest = false, bool $isListingBreakoutRooms = false): array {

lib/Service/SIPBridgeService.php

@@ -0,0 +1,68 @@
+<?php
+/*
+ * @copyright Copyright (c) 2022 Vitor Mattos <vitor@php.rio>
+ *
+ * @author Vitor Mattos <vitor@php.rio>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\Talk\Service;
+
+use OCA\Talk\Exceptions\UnauthorizedException;
+
+class SIPBridgeService {
+	/**
+	 * Check if the current request is coming from an allowed backend.
+	 *
+	 * The SIP bridge is sending the custom header "Talk-SIPBridge-Random"
+	 * containing at least 32 bytes random data, and the header
+	 * "Talk-SIPBridge-Checksum", which is the SHA256-HMAC of the random data
+	 * and the body of the request, calculated with the shared secret from the
+	 * configuration.
+	 *
+	 * @param string $random
+	 * @param string $checksum
+	 * @param string $secret
+	 * @param string $token
+	 * @return bool True if the request is from the SIP bridge and valid, false if not from SIP bridge
+	 * @throws UnauthorizedException when the request tried to sign as SIP bridge but is not valid
+	 */
+	public function validateSIPBridgeRequest(string $random, string $checksum, string $secret, string $token): bool {
+		if ($random === '' && $checksum === '') {
+			return false;
+		}
+
+		if (strlen($random) < 32) {
+			throw new UnauthorizedException('Invalid random provided');
+		}
+
+		if (empty($checksum)) {
+			throw new UnauthorizedException('Invalid checksum provided');
+		}
+
+		if (empty($secret)) {
+			throw new UnauthorizedException('No shared SIP secret provided');
+		}
+		$hash = hash_hmac('sha256', $random . $token, $secret);
+
+		if (hash_equals($hash, strtolower($checksum))) {
+			return true;
+		}
+
+		throw new UnauthorizedException('Invalid HMAC provided');
+	}
+}

tests/php/Service/SIPServiceTest.php

@@ -0,0 +1,68 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2020 Joas Schilling <coding@schilljs.com>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\Talk\Tests\php\Service;
+
+use OCA\Talk\Exceptions\UnauthorizedException;
+use OCA\Talk\Service\SIPBridgeService;
+use Test\TestCase;
+
+class SIPBridgeServiceTest extends TestCase {
+	/** @var SIPBridgeService */
+	protected $SIPBridgeService;
+
+	public function setUp(): void {
+		parent::setUp();
+
+		$this->SIPBridgeService = new SIPBridgeService();
+	}
+
+	/**
+	 * @dataProvider dataValidateSIPBridgeRequest
+	 */
+	public function testValidateSIPBridgeRequest(string $random, string $checksum, string $secret, string $token, string $exceptionMessage, bool $expectedReturn): void {
+		if ($exceptionMessage) {
+			$this->expectException(UnauthorizedException::class);
+			$this->expectErrorMessage($exceptionMessage);
+		}
+		$actual = $this->SIPBridgeService->validateSIPBridgeRequest($random, $checksum, $secret, $token);
+		if (!$exceptionMessage) {
+			$this->assertEquals($expectedReturn, $actual);
+		}
+	}
+
+	public function dataValidateSIPBridgeRequest(): array {
+		$validRandom = md5((string) rand());
+		$fakeData = json_encode(['fake' => 'data']);
+		$validSecret = 'valid secret';
+		$validChecksum = hash_hmac('sha256', $validRandom . $fakeData, $validSecret);
+		return [
+			['', '', '', '', '', false],
+			['1234', '', '', '', 'Invalid random provided', false],
+			[str_repeat('1', 32), '', '', '', 'Invalid checksum provided', false],
+			[str_repeat('1', 32), 'fake', '', '', 'No shared SIP secret provided', false],
+			[str_repeat('1', 32), 'fake', 'invalid', '', 'Invalid HMAC provided', false],
+			[$validRandom, $validChecksum, $validSecret, $fakeData, '', true],
+		];
+	}
+}