From 642db2feae4047941183012a95b3a3a6c7038e2d Mon Sep 17 00:00:00 2001 From: Richard McDaniel Date: Sun, 15 Jun 2025 16:53:42 -0500 Subject: [PATCH 1/4] Fix exception message (#237) --- tests/Fixtures/StateMachine.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/Fixtures/StateMachine.php b/tests/Fixtures/StateMachine.php index 6a42ea1..cd735a3 100644 --- a/tests/Fixtures/StateMachine.php +++ b/tests/Fixtures/StateMachine.php @@ -44,7 +44,7 @@ public function apply($action) if (isset($this->transitions[$action]) && $this->transitions[$action]['from'] === $this->currentState) { $this->currentState = $this->transitions[$action]['to']; } else { - throw new Exception('Transition not found,'); + throw new Exception('Transition not found.'); } } } From 3034b95b08c946e61f5ffdae8eca044dc3012f49 Mon Sep 17 00:00:00 2001 From: Richard McDaniel Date: Sun, 15 Jun 2025 17:06:37 -0500 Subject: [PATCH 2/4] Exclude workflowId (#238) --- src/Webhooks.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Webhooks.php b/src/Webhooks.php index 0005663..36220f2 100644 --- a/src/Webhooks.php +++ b/src/Webhooks.php @@ -104,7 +104,7 @@ static function (Request $request, $workflowId) use ($workflow, $method) { $params = self::resolveNamedParameters( $workflow, $method->getName(), - $request->except('workflow_id') + $request->except('workflowId') ); $workflowInstance->{$method->getName()}(...$params); return response()->json([ From 45cf9294b0c5dc25de0c8e422205a1f90fbb16d0 Mon Sep 17 00:00:00 2001 From: Richard McDaniel Date: Sun, 15 Jun 2025 17:20:47 -0500 Subject: [PATCH 3/4] Use awaitWithTimeout (#239) --- tests/Unit/Traits/TimersTest.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/Unit/Traits/TimersTest.php b/tests/Unit/Traits/TimersTest.php index cb92d77..3b0363a 100644 --- a/tests/Unit/Traits/TimersTest.php +++ b/tests/Unit/Traits/TimersTest.php @@ -77,7 +77,7 @@ public function testDefersIfNotElapsed(): void $this->assertNull($result); $this->assertSame(0, $workflow->logs()->count()); - WorkflowStub::timer('1 minute', static fn () => false) + WorkflowStub::awaitWithTimeout('1 minute', static fn () => false) ->then(static function ($value) use (&$result) { $result = $value; }); @@ -128,7 +128,7 @@ public function testLoadsStoredResult(): void 'result' => Serializer::serialize(true), ]); - WorkflowStub::timer('1 minute', static fn () => true) + WorkflowStub::awaitWithTimeout('1 minute', static fn () => true) ->then(static function ($value) use (&$result) { $result = $value; }); From cb9ea8e15aeb657cf87958cc14e68814be0a8689 Mon Sep 17 00:00:00 2001 From: Richard McDaniel Date: Thu, 26 Jun 2025 16:06:52 -0500 Subject: [PATCH 4/4] Update token comparison (#243) --- src/Auth/SignatureAuthenticator.php | 4 ++-- src/Auth/TokenAuthenticator.php | 5 +++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/src/Auth/SignatureAuthenticator.php b/src/Auth/SignatureAuthenticator.php index f878fa0..5b0deaf 100644 --- a/src/Auth/SignatureAuthenticator.php +++ b/src/Auth/SignatureAuthenticator.php @@ -11,8 +11,8 @@ class SignatureAuthenticator implements WebhookAuthenticator public function validate(Request $request): Request { if (! hash_equals( - $request->header(config('workflows.webhook_auth.signature.header')) ?? '', - hash_hmac('sha256', $request->getContent(), config('workflows.webhook_auth.signature.secret')) + (string) $request->header(config('workflows.webhook_auth.signature.header')), + (string) hash_hmac('sha256', $request->getContent(), config('workflows.webhook_auth.signature.secret')) )) { abort(401, 'Unauthorized'); } diff --git a/src/Auth/TokenAuthenticator.php b/src/Auth/TokenAuthenticator.php index 64d552f..caa50a0 100644 --- a/src/Auth/TokenAuthenticator.php +++ b/src/Auth/TokenAuthenticator.php @@ -10,8 +10,9 @@ class TokenAuthenticator implements WebhookAuthenticator { public function validate(Request $request): Request { - if ($request->header(config('workflows.webhook_auth.token.header')) !== config( - 'workflows.webhook_auth.token.token' + if (! hash_equals( + (string) config('workflows.webhook_auth.token.token'), + (string) $request->header(config('workflows.webhook_auth.token.header')) )) { abort(401, 'Unauthorized'); } pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy