Merge pull request #7195 from magento-cia/cia-2.4.4-develop-bugfixes-04112021

[cia] AC-1344: OAuth: remove SHA-1 as acceptable signature method

Author: admanesachin

app/code/Magento/Cms/Ui/Component/Listing/Column/BlockActions.php

@@ -66,24 +66,24 @@ public function prepareDataSource(array $dataSource)
                             'href' => $this->urlBuilder->getUrl(
                                 static::URL_PATH_EDIT,
                                 [
-                                    'block_id' => $item['block_id'],
+                                    'block_id' => $item['block_id']
                                 ]
                             ),
-                            'label' => __('Edit'),
+                            'label' => __('Edit')
                         ],
                         'delete' => [
                             'href' => $this->urlBuilder->getUrl(
                                 static::URL_PATH_DELETE,
                                 [
-                                    'block_id' => $item['block_id'],
+                                    'block_id' => $item['block_id']
                                 ]
                             ),
                             'label' => __('Delete'),
                             'confirm' => [
                                 'title' => __('Delete %1', $title),
-                                'message' => __('Are you sure you want to delete a %1 record?', $title),
+                                'message' => __('Are you sure you want to delete a %1 record?', $title)
                             ],
-                            'post' => true,
+                            'post' => true
                         ],
                     ];
                 }
@@ -102,6 +102,7 @@ public function prepareDataSource(array $dataSource)
     private function getEscaper()
     {
         if (!$this->escaper) {
+            // phpcs:ignore Magento2.PHP.AutogeneratedClassNotInConstructor
             $this->escaper = ObjectManager::getInstance()->get(Escaper::class);
         }
         return $this->escaper;

app/code/Magento/Integration/Model/Oauth/Token.php

@@ -59,7 +59,9 @@ class Token extends \Magento\Framework\Model\AbstractModel
 
     /**#@- */
 
-    /**#@- */
+    /**
+     * @var OauthHelper
+     */
     protected $_oauthHelper;
 
     /**
@@ -136,9 +138,10 @@ public function __construct(
         $this->_consumerFactory = $consumerFactory;
         $this->_oauthData = $oauthData;
         $this->_oauthHelper = $oauthHelper;
-        $this->reader = ObjectManager::getInstance()->get(UserTokenReaderInterface::class);
-        $this->issuer = ObjectManager::getInstance()->get(UserTokenIssuerInterface::class);
-        $this->tokenParamsFactory = ObjectManager::getInstance()->get(UserTokenParametersInterfaceFactory::class);
+        $this->reader = $reader ?? ObjectManager::getInstance()->get(UserTokenReaderInterface::class);
+        $this->issuer = $issuer ?? ObjectManager::getInstance()->get(UserTokenIssuerInterface::class);
+        $this->tokenParamsFactory = $paramsFactory ??
+            ObjectManager::getInstance()->get(UserTokenParametersInterfaceFactory::class);
     }
 
     /**
@@ -360,6 +363,7 @@ public function loadByConsumerIdAndUserType($consumerId, $userType)
     {
         $tokenData = $this->getResource()->selectTokenByConsumerIdAndUserType($consumerId, $userType);
         $this->setData($tokenData ? $tokenData : []);
+        $this->getResource()->afterLoad($this);
         return $this;
     }
 

app/code/Magento/Integration/Model/Oauth/Token/Provider.php

@@ -44,7 +44,7 @@ public function __construct(
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function validateConsumer($consumer)
     {
@@ -58,7 +58,7 @@ public function validateConsumer($consumer)
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function createRequestToken($consumer)
     {
@@ -73,7 +73,7 @@ public function createRequestToken($consumer)
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function validateRequestToken($requestToken, $consumer, $oauthVerifier)
     {
@@ -99,7 +99,7 @@ public function validateRequestToken($requestToken, $consumer, $oauthVerifier)
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function getAccessToken($consumer)
     {
@@ -118,7 +118,7 @@ public function getAccessToken($consumer)
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function validateAccessTokenRequest($accessToken, $consumer)
     {
@@ -144,7 +144,7 @@ public function validateAccessTokenRequest($accessToken, $consumer)
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function validateAccessToken($accessToken)
     {
@@ -168,15 +168,15 @@ public function validateAccessToken($accessToken)
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function validateOauthToken($oauthToken)
     {
         return strlen($oauthToken) == \Magento\Framework\Oauth\Helper\Oauth::LENGTH_TOKEN;
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function getConsumerByKey($consumerKey)
     {

app/code/Magento/Integration/Model/ResourceModel/Oauth/Consumer.php

@@ -5,17 +5,29 @@
  */
 namespace Magento\Integration\Model\ResourceModel\Oauth;
 
+use Magento\Framework\App\ObjectManager;
+use Magento\Framework\Encryption\Encryptor;
+
 class Consumer extends \Magento\Framework\Model\ResourceModel\Db\AbstractDb
 {
+
+    /**
+     * @var Encryptor
+     */
+    private $encryptor;
+
     /**
      * @param \Magento\Framework\Model\ResourceModel\Db\Context $context
      * @param string $connectionName
+     * @param Encryptor $encryptor
      */
     public function __construct(
         \Magento\Framework\Model\ResourceModel\Db\Context $context,
-        $connectionName = null
+        $connectionName = null,
+        Encryptor $encryptor = null
     ) {
         parent::__construct($context, $connectionName);
+        $this->encryptor = $encryptor ?? ObjectManager::getInstance()->get(Encryptor::class);
     }
 
     /**
@@ -61,4 +73,40 @@ public function getTimeInSecondsSinceCreation($consumerId)
 
         return $connection->fetchOne($select);
     }
+
+    /**
+     * @inheritdoc
+     */
+    protected function _beforeSave(\Magento\Framework\Model\AbstractModel $object)
+    {
+        if ($object->getSecret()) {
+            $object->setSecret($this->encryptor->encrypt($object->getSecret()));
+        }
+
+        return parent::_beforeSave($object);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    protected function _afterLoad(\Magento\Framework\Model\AbstractModel $object)
+    {
+        if ($object->getSecret()) {
+            $object->setSecret($this->encryptor->decrypt($object->getSecret()));
+        }
+
+        return parent::_afterLoad($object);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    protected function _afterSave(\Magento\Framework\Model\AbstractModel $object)
+    {
+        if ($object->getSecret()) {
+            $object->setSecret($this->encryptor->decrypt($object->getSecret()));
+        }
+
+        return parent::_afterSave($object);
+    }
 }

app/code/Magento/Integration/Model/ResourceModel/Oauth/Token.php

@@ -6,6 +6,9 @@
 namespace Magento\Integration\Model\ResourceModel\Oauth;
 
 use Magento\Authorization\Model\UserContextInterface;
+use Magento\Framework\Encryption\Encryptor;
+use Magento\Framework\Oauth\Helper\Oauth as OauthHelper;
+use Magento\Framework\App\ObjectManager;
 
 /**
  * OAuth token resource model
@@ -18,26 +21,34 @@ class Token extends \Magento\Framework\Model\ResourceModel\Db\AbstractDb
     protected $_dateTime;
 
     /**
-     * Date
+     * Date Formatting
      *
      * @var \Magento\Framework\Stdlib\DateTime\DateTime
      */
     protected $date;
 
+    /**
+     * @var Encryptor
+     */
+    private $encryptor;
+
     /**
      * @param \Magento\Framework\Model\ResourceModel\Db\Context $context
      * @param \Magento\Framework\Stdlib\DateTime $dateTime
      * @param \Magento\Framework\Stdlib\DateTime\DateTime $date
      * @param string $connectionName
+     * @param Encryptor $encryptor
      */
     public function __construct(
         \Magento\Framework\Model\ResourceModel\Db\Context $context,
         \Magento\Framework\Stdlib\DateTime $dateTime,
         \Magento\Framework\Stdlib\DateTime\DateTime $date,
-        $connectionName = null
+        $connectionName = null,
+        $encryptor = null
     ) {
         $this->_dateTime = $dateTime;
         $this->date = $date;
+        $this->encryptor = $encryptor ?? ObjectManager::getInstance()->get(Encryptor::class);
         parent::__construct($context, $connectionName);
     }
 
@@ -195,4 +206,42 @@ public function selectTokenByCustomerId($customerId)
             ->where('user_type = ?', UserContextInterface::USER_TYPE_CUSTOMER);
         return $connection->fetchRow($select);
     }
+
+    /**
+     * @inheritdoc
+     */
+    protected function _beforeSave(\Magento\Framework\Model\AbstractModel $object)
+    {
+        if ($object->getType() === \Magento\Integration\Model\Oauth\Token::TYPE_ACCESS) {
+
+            if (!empty($object->getSecret())) {
+                $object->setSecret($this->encryptor->encrypt($object->getSecret()));
+            }
+        }
+            return parent::_beforeSave($object);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    protected function _afterLoad(\Magento\Framework\Model\AbstractModel $object)
+    {
+        if ($object->getType() === \Magento\Integration\Model\Oauth\Token::TYPE_ACCESS) {
+            $object->setSecret($this->encryptor->decrypt($object->getSecret()));
+        }
+
+        return parent::_afterLoad($object);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    protected function _afterSave(\Magento\Framework\Model\AbstractModel $object)
+    {
+        if ($object->getType() === \Magento\Integration\Model\Oauth\Token::TYPE_ACCESS) {
+            $object->setSecret($this->encryptor->decrypt($object->getSecret()));
+        }
+
+        return parent::_afterSave($object);
+    }
 }