Sultan
/
invoiceninja
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

enforce authorize with cache key for oauth routes

This commit is contained in:
David Bomba 2025-05-04 12:33:35 +10:00
parent 802d932ada
commit 7506bb790e
4 changed files with 9 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
app/Helpers/Bank/Nordigen/Nordigen.php
View File

@ -224,29 +224,28 @@ class Nordigen
* isAccountActive * isAccountActive
* *
* @param string $account_id * @param string $account_id
* @return bool * @return array
*/ */
public function isAccountActive(string $account_id): bool public function isAccountActive(string $account_id): array
{ {
try { try {
$account = $this->client->account($account_id)->getAccountMetaData(); $account = $this->client->account($account_id)->getAccountMetaData();
if ($account['status'] != 'READY') { if ($account['status'] != 'READY') {
nlog("Nordigen account '{$account_id}' is not ready (status={$account['status']})"); nlog("Nordigen account '{$account_id}' is not ready (status={$account['status']})");
return false;
} }
return true; return $account;
} catch (\Exception $e) { } catch (\Exception $e) {
nlog("Nordigen:: AccountActiveStatus:: {$e->getMessage()} {$e->getCode()}"); nlog("Nordigen:: AccountActiveStatus:: {$e->getMessage()} {$e->getCode()}");
if (strpos($e->getMessage(), 'Invalid Account ID') !== false) { if (strpos($e->getMessage(), 'Invalid Account ID') !== false) {
return false; ['status' => 'Invalid Account ID'];
} }
throw $e; return ['status' => 'EXPIRED'];
} }
} }

2
app/Http/Controllers/BankIntegrationController.php
View File

@ -291,7 +291,7 @@ class BankIntegrationController extends BaseController
$nordigen->disabledAccountEmail($bank_integration); $nordigen->disabledAccountEmail($bank_integration);
return; return;
} elseif (!$is_account_active || !$account || isset($account['requisition'])) { } elseif ($is_account_active['status'] != 'READY' || !$account || isset($account['requisition'])) {
$bank_integration->disabled_upstream = true; $bank_integration->disabled_upstream = true;
$bank_integration->save(); $bank_integration->save();

2
app/Http/Requests/GoCardless/OAuthConnectRequest.php
View File

@ -21,7 +21,7 @@ class OAuthConnectRequest extends FormRequest
{ {
public function authorize(): bool public function authorize(): bool
{ {
return true; return Cache::has($this->token);
} }
/** /**

2
app/Http/Requests/Yodlee/YodleeAuthRequest.php
View File

@ -32,7 +32,7 @@ class YodleeAuthRequest extends Request
*/ */
public function authorize() public function authorize()
{ {
return true; return Cache::has($this->state ?? $this->token);
} }
/** /**