This repository was archived by the owner on Jan 15, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 116
/
Copy pathCrawler.php
147 lines (126 loc) · 4.68 KB
/
Crawler.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
<?php
/*
* This file is part of the SensioLabs Security Checker.
*
* (c) Fabien Potencier
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace SensioLabs\Security;
use SensioLabs\Security\Exception\HttpException;
use SensioLabs\Security\Exception\RuntimeException;
use Symfony\Component\HttpClient\HttpClient;
use Symfony\Component\Mime\Part\DataPart;
use Symfony\Component\Mime\Part\Multipart\FormDataPart;
use Symfony\Contracts\HttpClient\ResponseInterface;
/**
* @internal
*/
class Crawler
{
private $endPoint = 'https://security.symfony.com/check_lock';
private $timeout = 20;
private $headers = [];
public function setTimeout($timeout)
{
$this->timeout = $timeout;
}
public function setEndPoint($endPoint)
{
$this->endPoint = $endPoint;
}
public function setToken($token)
{
$this->addHeader('Authorization', 'Token '.$token);
}
/**
* Adds a global header that will be sent with all requests to the server.
*/
public function addHeader($key, $value)
{
$this->headers[] = $key.': '.$value;
}
/**
* Checks a Composer lock file.
*
* @param string $lock The path to the composer.lock file or a string able to be opened via file_get_contents
* @param string $format The format of the result
* @param array $headers An array of headers to add for this specific HTTP request
*
* @return Result
*/
public function check($lock, $format = 'json', array $headers = [])
{
$response = $this->doCheck($lock, $format, $headers);
$headers = $response->getHeaders();
if (!isset($headers['x-alerts']) || !ctype_digit($count = $headers['x-alerts'][0])) {
throw new RuntimeException('The web service did not return alerts count.');
}
return new Result((int) $count, $response->getContent(), $format);
}
/**
* @return array An array where the first element is a headers string and second one the response body
*/
private function doCheck($lock, $format = 'json', array $contextualHeaders = []): ResponseInterface
{
$client = HttpClient::create();
$body = new FormDataPart([
'lock' => new DataPart($this->getLockContents($lock), 'composer.lock'),
]);
$headers = array_merge($this->headers, [
'Accept' => $this->getContentType($format),
'User-Agent' => sprintf('SecurityChecker-CLI/%s FGC PHP', SecurityChecker::VERSION),
], $body->getPreparedHeaders()->toArray());
$response = $client->request('POST', $this->endPoint, [
'headers' => $headers,
'timeout' => $this->timeout,
'body' => $body->bodyToIterable(),
]);
if (400 === $statusCode = $response->getStatusCode()) {
$data = trim($response->getContent(false));
if ('json' === $format) {
$data = json_decode($data, true)['message'] ?? $data;
}
throw new HttpException(sprintf('%s (HTTP %s).', $data, $statusCode), $statusCode);
}
if (200 !== $statusCode) {
throw new HttpException(sprintf('The web service failed for an unknown reason (HTTP %s).', $statusCode), $statusCode);
}
return $response;
}
private function getContentType($format)
{
static $formats = [
'text' => 'text/plain',
'simple' => 'text/plain',
'markdown' => 'text/markdown',
'yaml' => 'text/yaml',
'json' => 'application/json',
'ansi' => 'text/plain+ansi',
];
return isset($formats[$format]) ? $formats[$format] : 'text';
}
private function getLockContents($lock)
{
$contents = json_decode(file_get_contents($lock), true);
$hash = isset($contents['content-hash']) ? $contents['content-hash'] : (isset($contents['hash']) ? $contents['hash'] : '');
$packages = ['content-hash' => $hash, 'packages' => [], 'packages-dev' => []];
foreach (['packages', 'packages-dev'] as $key) {
if (!\is_array($contents[$key])) {
continue;
}
foreach ($contents[$key] as $package) {
$data = [
'name' => $package['name'],
'version' => $package['version'],
];
if (isset($package['time']) && false !== strpos($package['version'], 'dev')) {
$data['time'] = $package['time'];
}
$packages[$key][] = $data;
}
}
return json_encode($packages);
}
}