add hash validation and exception in hasher

Hasher.php

@@ -32,6 +32,10 @@ public function __construct(PluginSettings $settings)
 
     public function encode(string $value): string
     {
+        if (!IdSite::isValid($value)) {
+            throw InvalidHasherValueException::handleEncode($value);
+        }
+
         return $this
             ->hashids
             ->encode($value)
@@ -40,9 +44,19 @@ public function encode(string $value): string
 
     public function decode(string $value): int
     {
-        return $this
+        $ids = $this
             ->hashids
-            ->decode($value)[0]
+            ->decode($value)
         ;
+
+        if (count($ids) !== 1) {
+            throw InvalidHasherValueException::handleDecode($value);
+        }
+
+        if (!IdSite::isValid($ids[0])) {
+            throw InvalidHasherValueException::handleDecode($value);
+        }
+
+        return $ids[0];
     }
 }

IdSite.php

@@ -0,0 +1,26 @@
+<?php
+
+/**
+ * Matomo - Open source web analytics
+ *
+ * @link https://matomo.org
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
+ *
+ * @copyright (c) 2024 Joubert RedRat
+ * @author Joubert RedRat <[email protected]>
+ * @license MIT
+ * @category Matomo_Plugins
+ * @package ProtectTrackID
+ */
+
+declare(strict_types=1);
+
+namespace Piwik\Plugins\ProtectTrackID;
+
+class IdSite
+{
+    public static function isValid($value): bool
+    {
+        return \filter_var($value, FILTER_VALIDATE_INT) !== false;
+    }
+}

InvalidHasherValueException.php

@@ -0,0 +1,39 @@
+<?php
+
+/**
+ * Matomo - Open source web analytics
+ *
+ * @link https://matomo.org
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
+ *
+ * @copyright (c) 2024 Joubert RedRat
+ * @author Joubert RedRat <[email protected]>
+ * @license MIT
+ * @category Matomo_Plugins
+ * @package ProtectTrackID
+ */
+
+declare(strict_types=1);
+
+namespace Piwik\Plugins\ProtectTrackID;
+
+use InvalidArgumentException;
+
+class InvalidHasherValueException extends InvalidArgumentException
+{
+    public static function handleEncode(string $value): self
+    {
+        return new self(sprintf(
+            'Invalid value for Hasher encode, expected id site integer, got %1$s.',
+            $value
+        ));
+    }
+
+    public static function handleDecode(string $value): self
+    {
+        return new self(sprintf(
+            'Invalid value for Hasher decode, expected valid hash, got %1$s.',
+            $value
+        ));
+    }
+}

tests/Unit/HasherTest.php

@@ -12,10 +12,13 @@
  * @package ProtectTrackID
  */
 
+declare(strict_types=1);
+
 namespace Piwik\Plugins\ProtectTrackID\tests\Unit;
 
 use PHPUnit\Framework\TestCase;
 use Piwik\Plugins\ProtectTrackID\Hasher;
+use Piwik\Plugins\ProtectTrackID\InvalidHasherValueException;
 use Piwik\Plugins\ProtectTrackID\PluginSettings;
 
 /**
@@ -25,36 +28,48 @@
  */
 class HasherTest extends TestCase
 {
+    const BASE = 'ABCDEFGHIJKLMNOPijklmnopqrstuvxwyz12345';
+    const SALT = 'd4768387-2f45-47cc-b581-7f66c5b724af';
+    const LENGTH = 20;
     const ID_1_RAW = '1';
     const ID_1_HASEHD = '4jMymK3Eq1k21pxLOJlv';
 
     public function testEncode(): void
     {
-        $pluginSettings = new PluginSettings(
-            'ABCDEFGHIJKLMNOPijklmnopqrstuvxwyz12345',
-            'd4768387-2f45-47cc-b581-7f66c5b724af',
-            20
-        );
-
-        $hasher = new Hasher($pluginSettings);
+        $hasher = new Hasher($this->getPluginSettings());
         $hashExpected = self::ID_1_HASEHD;
         $hashGot = $hasher->encode(self::ID_1_RAW);
 
         self::assertEquals($hashExpected, $hashGot);
     }
 
-    public function testDecode(): void
+    public function testEncodeWithInvalidId(): void
     {
-        $pluginSettings = new PluginSettings(
-            'ABCDEFGHIJKLMNOPijklmnopqrstuvxwyz12345',
-            'd4768387-2f45-47cc-b581-7f66c5b724af',
-            20
-        );
+        $this->expectException(InvalidHasherValueException::class);
 
-        $hasher = new Hasher($pluginSettings);
+        $hasher = new Hasher($this->getPluginSettings());
+        $hasher->encode('foo');
+    }
+
+    public function testDecode(): void
+    {
+        $hasher = new Hasher($this->getPluginSettings());
         $idExpected = self::ID_1_RAW;
         $idGot = $hasher->decode(self::ID_1_HASEHD);
 
         self::assertEquals($idExpected, $idGot);
     }
+
+    public function testDecodeWithInvalidHash(): void
+    {
+        $this->expectException(InvalidHasherValueException::class);
+
+        $hasher = new Hasher($this->getPluginSettings());
+        $hasher->decode('foo');
+    }
+
+    private function getPluginSettings(): PluginSettings
+    {
+        return new PluginSettings(self::BASE, self::SALT, self::LENGTH);
+    }
 }

tests/Unit/IdSiteTest.php

@@ -0,0 +1,63 @@
+<?php
+/**
+ * Matomo - free/libre analytics platform
+ *
+ * @link https://matomo.org
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
+ *
+ * @copyright (c) 2024 Joubert RedRat
+ * @author Joubert RedRat <[email protected]>
+ * @license MIT
+ * @category Matomo_Plugins
+ * @package ProtectTrackID
+ */
+
+declare(strict_types=1);
+
+namespace Piwik\Plugins\ProtectTrackID\tests\Unit;
+
+use PHPUnit\Framework\TestCase;
+use Piwik\Plugins\ProtectTrackID\IdSite;
+
+/**
+ * @group ProtectTrackID
+ * @group IdSiteTest
+ * @group Plugins
+ */
+class IdSiteTest extends TestCase
+{
+    public function testIsValidString(): void
+    {
+        self::assertTrue(IdSite::isValid('2'));
+    }
+
+    public function testIsValidInt(): void
+    {
+        self::assertTrue(IdSite::isValid(2));
+    }
+
+    public function testIsNotValidStringFloat(): void
+    {
+        self::assertFalse(IdSite::isValid('2.1'));
+    }
+
+    public function testIsNotValidString(): void
+    {
+        self::assertFalse(IdSite::isValid('foo'));
+    }
+
+    public function testIsNotValidNull(): void
+    {
+        self::assertFalse(IdSite::isValid(null));
+    }
+
+    public function testIsNotValidFloat(): void
+    {
+        self::assertFalse(IdSite::isValid(2.1));
+    }
+
+    public function testIsNotValidBool(): void
+    {
+        self::assertFalse(IdSite::isValid(false));
+    }
+}

tests/Unit/InvalidHasherValueExceptionTest.php

@@ -0,0 +1,45 @@
+<?php
+/**
+ * Matomo - free/libre analytics platform
+ *
+ * @link https://matomo.org
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
+ *
+ * @copyright (c) 2024 Joubert RedRat
+ * @author Joubert RedRat <[email protected]>
+ * @license MIT
+ * @category Matomo_Plugins
+ * @package ProtectTrackID
+ */
+
+declare(strict_types=1);
+
+namespace Piwik\Plugins\ProtectTrackID\tests\Unit;
+
+use PHPUnit\Framework\TestCase;
+use Piwik\Plugins\ProtectTrackID\InvalidHasherValueException;
+
+/**
+ * @group ProtectTrackID
+ * @group InvalidHasherValueExceptionTest
+ * @group Plugins
+ */
+
+class InvalidHasherValueExceptionTest extends TestCase
+{
+    public function testHandleEncode(): void
+    {
+        $this->expectException(InvalidHasherValueException::class);
+        $this->expectExceptionMessage('Invalid value for Hasher encode, expected id site integer, got foo.');
+
+        throw InvalidHasherValueException::handleEncode('foo');
+    }
+
+    public function testHandleDecode(): void
+    {
+        $this->expectException(InvalidHasherValueException::class);
+        $this->expectExceptionMessage('Invalid value for Hasher decode, expected valid hash, got foo.');
+
+        throw InvalidHasherValueException::handleDecode('foo');
+    }
+}

tests/Unit/InvalidSettingValueExceptionTest.php

@@ -12,6 +12,8 @@
  * @package ProtectTrackID
  */
 
+declare(strict_types=1);
+
 namespace Piwik\Plugins\ProtectTrackID\tests\Unit;
 
 use PHPUnit\Framework\TestCase;

tests/Unit/PluginSettingsTest.php

@@ -12,6 +12,8 @@
  * @package ProtectTrackID
  */
 
+declare(strict_types=1);
+
 namespace Piwik\Plugins\ProtectTrackID\tests\Unit;
 
 use PHPUnit\Framework\TestCase;