Merge pull request #17 from jaytaph/fctp

Fctp
minvws · Feb 6, 2023 · 6a52df6 · 6a52df6
2 parents 5357122 + 27edaf0
commit 6a52df6
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 7 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -14,7 +14,7 @@ jobs:
     strategy:
       max-parallel: 3
       matrix:
-        php-versions: [ '7.3', '7.4', '8.0' ]
+        php-versions: [ '7.3', '7.4', '8.0', '8.1', '8.2' ]
 
     steps:
     - uses: actions/checkout@v2

diff --git a/src/Exceptions/UziCardExpired.php b/src/Exceptions/UziCardExpired.php
@@ -0,0 +1,13 @@
+<?php
+
+namespace MinVWS\PUZI\Exceptions;
+
+/**
+ * Class UziVersionException
+ * SPDX-License-Identifier: EUPL-1.2
+ * @package MinVWS\PUZI\Exceptions
+ */
+class UziCardExpired extends UziException
+{
+    //
+}
diff --git a/src/UziReader.php b/src/UziReader.php
@@ -2,6 +2,7 @@
 
 namespace MinVWS\PUZI;
 
+use MinVWS\PUZI\Exceptions\UziCardExpired;
 use MinVWS\PUZI\Exceptions\UziCertificateException;
 use MinVWS\PUZI\Exceptions\UziCertificateNotUziException;
 use phpseclib3\File\X509;
@@ -45,7 +46,11 @@ public function getDataFromRequest(Request $request): UziUser
         $x509 = new X509();
         $cert = $x509->loadX509($request->server->get('SSL_CLIENT_CERT'));
         if (!isset($cert['tbsCertificate']['subject']['rdnSequence'])) {
-            throw new UziCertificateException('No subject rdnSequence');
+            throw new UziCertificateNotUziException('No subject rdnSequence');
+        }
+
+        if (! $x509->validateDate()) {
+            throw new UziCardExpired('Uzi card expired');
         }
 
         $surName = null;
@@ -63,7 +68,7 @@ public function getDataFromRequest(Request $request): UziUser
             }
         }
 
-        foreach ($cert['tbsCertificate']['extensions'] as $extension) {
+        foreach ($cert['tbsCertificate']['extensions'] ?? [] as $extension) {
             if ($extension['extnId'] !== "id-ce-subjectAltName") {
                 continue;
             }
@@ -108,6 +113,6 @@ public function getDataFromRequest(Request $request): UziUser
                 return $user;
             }
         }
-        throw new UziCertificateNotUziException('No valid UZI data found');
+        throw new UziCertificateNotUziException('No valid UZI card found');
     }
 }
diff --git a/tests/UziReaderTest.php b/tests/UziReaderTest.php
@@ -57,7 +57,7 @@ public function testCheckCertWithoutValidData(): void
         $uzi = new UziReader();
 
         $this->expectException(UziCertificateNotUziException::class);
-        $this->expectExceptionMessage("No valid UZI data found");
+        $this->expectExceptionMessage("No valid UZI card found");
 
         $request = new Request();
         $request->server->set('SSL_CLIENT_VERIFY', "SUCCESS");
@@ -71,7 +71,7 @@ public function testCheckCertWithInvalidSAN(): void
         $uzi = new UziReader();
 
         $this->expectException(UziCertificateNotUziException::class);
-        $this->expectExceptionMessage("No valid UZI data found");
+        $this->expectExceptionMessage("No valid UZI card found");
 
         $request = new Request();
         $request->server->set('SSL_CLIENT_VERIFY', "SUCCESS");
@@ -85,7 +85,7 @@ public function testCheckCertWithInvalidOtherName(): void
         $uzi = new UziReader();
 
         $this->expectException(UziCertificateNotUziException::class);
-        $this->expectExceptionMessage("No valid UZI data found");
+        $this->expectExceptionMessage("No valid UZI card found");
 
         $request = new Request();
         $request->server->set('SSL_CLIENT_VERIFY', "SUCCESS");