ACP2E-2969: REST API unable to make requests with slash (/) in SKU when using Oauth1

aplapana · aplapana · commit b412ae0abc0e · 2024-04-24T10:32:00.000+03:00
diff --git a/dev/tests/api-functional/framework/Magento/TestFramework/Authentication/Rest/OauthClient.php b/dev/tests/api-functional/framework/Magento/TestFramework/Authentication/Rest/OauthClient.php
@@ -6,6 +6,7 @@
 
 namespace Magento\TestFramework\Authentication\Rest;
 
+use Magento\Framework\Oauth\Helper\Utility;
 use Magento\TestFramework\Helper\Bootstrap;
 use OAuth\Common\Consumer\Credentials;
 use OAuth\Common\Http\Client\ClientInterface;
@@ -37,13 +38,15 @@ class OauthClient extends AbstractService
      * @param TokenStorageInterface|null $storage
      * @param SignatureInterface|null $signature
      * @param UriInterface|null $baseApiUri
+     * @param Utility|null $helper
      */
     public function __construct(
         Credentials $credentials,
         ClientInterface $httpClient = null,
         TokenStorageInterface $storage = null,
         SignatureInterface $signature = null,
-        UriInterface $baseApiUri = null
+        UriInterface $baseApiUri = null,
+        Utility $helper = null
     ) {
         if (!isset($httpClient)) {
             $httpClient = new \Magento\TestFramework\Authentication\Rest\CurlClient();
@@ -52,8 +55,11 @@ public function __construct(
         if (!isset($storage)) {
             $storage = new \OAuth\Common\Storage\Memory();
         }
+        if (!isset($helper)) {
+            $helper = new Utility();
+        }
         if (!isset($signature)) {
-            $signature = new \Magento\TestFramework\Authentication\Rest\OauthClient\Signature($credentials);
+            $signature = new \Magento\TestFramework\Authentication\Rest\OauthClient\Signature($helper, $credentials);
         }
         parent::__construct($credentials, $httpClient, $storage, $signature, $baseApiUri);
     }
diff --git a/dev/tests/api-functional/framework/Magento/TestFramework/Authentication/Rest/OauthClient/Signature.php b/dev/tests/api-functional/framework/Magento/TestFramework/Authentication/Rest/OauthClient/Signature.php
@@ -6,17 +6,29 @@
 
 namespace Magento\TestFramework\Authentication\Rest\OauthClient;
 
+use OAuth\Common\Consumer\CredentialsInterface;
 use OAuth\Common\Http\Uri\UriInterface;
+use Magento\Framework\Oauth\Helper\Utility;
 
 /**
  * Signature class for Magento REST API.
  */
 class Signature extends \OAuth\OAuth1\Signature\Signature
 {
+    /**
+     * @param Utility $helper
+     * @param CredentialsInterface $credentials
+     */
+    public function __construct(readonly Utility $helper, CredentialsInterface $credentials)
+    {
+        parent::__construct($credentials);
+    }
+
     /**
      * @inheritDoc
      *
-     * In addition to the original method, allows array parameters for filters.
+     * In addition to the original method, allows array parameters for filters
+     * and matches validation signature algorithm
      */
     public function getSignature(UriInterface $uri, array $params, $method = 'POST')
     {
@@ -30,39 +42,17 @@ function ($carry, $item) {
             []
         );
 
-        $signatureData = [];
-        foreach (array_merge($queryStringData, $params) as $key => $value) {
-            $signatureData[rawurlencode($key)] = rawurlencode($value);
-        }
-
-        ksort($signatureData);
-
-        // determine base uri
-        $baseUri = $uri->getScheme() . '://' . $uri->getRawAuthority();
-
-        if ('/' == $uri->getPath()) {
-            $baseUri .= $uri->hasExplicitTrailingHostSlash() ? '/' : '';
-        } else {
-            $baseUri .= $uri->getPath();
+        foreach ($params as $key => $value) {
+            $queryStringData[rawurlencode($key)] = rawurlencode($value);
         }
 
-        $baseString = strtoupper($method) . '&';
-        $baseString .= rawurlencode($baseUri) . '&';
-        $baseString .= rawurlencode($this->buildSignatureDataString($signatureData));
-
-        return base64_encode($this->hash($baseString));
-    }
-
-    /**
-     * @inheritDoc
-     */
-    protected function hash($data)
-    {
-        switch (strtoupper($this->algorithm)) {
-            case 'HMAC-SHA256':
-                return hash_hmac('sha256', $data, $this->getSigningKey(), true);
-            default:
-                return parent::hash($data);
-        }
+        return $this->helper->sign(
+            $queryStringData,
+            'SHA256',
+            $this->credentials->getConsumerSecret(),
+            $this->tokenSecret,
+            $method,
+            (string) $uri
+        );
     }
 }
diff --git a/lib/internal/Magento/Framework/Oauth/Helper/Utility.php b/lib/internal/Magento/Framework/Oauth/Helper/Utility.php
@@ -43,9 +43,6 @@ public function sign(
         $url = null
     ): string {
         unset($params['oauth_signature']);
-        if (strtoupper($method) === 'GET') {
-            return parent::sign($params, $params['oauth_signature_method'], $consumerSecret, $tokenSecret, $method, $url);
-        }
 
         $binaryHash = HMACEncryption::compute(
             $this->assembleKey($consumerSecret, $tokenSecret),
