diff --git a/server/src/Client/OpenIDConnectClient.php b/server/src/Client/OpenIDConnectClient.php index b98b024..f0d4894 100644 --- a/server/src/Client/OpenIDConnectClient.php +++ b/server/src/Client/OpenIDConnectClient.php @@ -351,7 +351,15 @@ private function retrieve(string $key) { $value = Redis::get($key); if (Str::isJson($value)) { - $value = (object) json_decode($value); + $decoded = json_decode($value); + if (json_last_error() !== JSON_ERROR_NONE) { + Log::error('[JSON DECODE ERROR]', [ + 'key' => $key, + 'error' => json_last_error_msg() + ]); + return null; + } + $value = (object) $decoded; } return $value; @@ -709,6 +717,14 @@ private function loadDPoPKeyPair(): ?array } $keyData = json_decode(Storage::get($keyPath), true); + + if (json_last_error() !== JSON_ERROR_NONE) { + Log::error('[DPOP KEY JSON DECODE ERROR]', [ + 'error' => json_last_error_msg(), + 'key_path' => $keyPath + ]); + return null; + } if (!$keyData || !isset($keyData['private_key'], $keyData['public_jwk'])) { return null; diff --git a/server/src/Services/PodService.php b/server/src/Services/PodService.php index 13357da..e744b07 100644 --- a/server/src/Services/PodService.php +++ b/server/src/Services/PodService.php @@ -51,7 +51,12 @@ public function createPod(SolidIdentity $identity, string $name, ?string $descri */ private function getStorageUrlFromWebId(string $webId): string { - $parsed = parse_url($webId); + $parsed = parse_url($webId); + + if ($parsed === false || !isset($parsed['scheme'], $parsed['host'])) { + throw new \InvalidArgumentException("Invalid WebID format: {$webId}"); + } + $baseUrl = $parsed['scheme'] . '://' . $parsed['host']; if (isset($parsed['port'])) { @@ -141,6 +146,11 @@ private function createPodInStorage(SolidIdentity $identity, string $storageUrl, // Extract issuer from WebID URL $parsed = parse_url($webId); + + if ($parsed === false || !isset($parsed['scheme'], $parsed['host'])) { + throw new \Exception("Invalid WebID format: {$webId}"); + } + $issuer = $parsed['scheme'] . '://' . $parsed['host']; if (isset($parsed['port'])) { $issuer .= ':' . $parsed['port']; @@ -352,6 +362,11 @@ public function getUserPods(SolidIdentity $identity): array try { // Extract issuer from WebID $parsed = parse_url($webId); + + if ($parsed === false || !isset($parsed['scheme'], $parsed['host'])) { + throw new \Exception("Invalid WebID format: {$webId}"); + } + $issuer = $parsed['scheme'] . '://' . $parsed['host']; if (isset($parsed['port'])) { $issuer .= ':' . $parsed['port']; @@ -795,10 +810,14 @@ private function generatePodMetadata(string $name, ?string $description = null): public function getPodUrlFromWebId(string $webId): string { // Extract pod URL from WebID - // WebID format: http://solid:3000/test/profile/card#me - // Pod URL: http://solid:3000/test/ + // WebID format: https://example-solid-server.com/username/profile/card#me + // Pod URL: https://example-solid-server.com/username/ $parsed = parse_url($webId); + + if ($parsed === false || !isset($parsed['scheme'], $parsed['host'])) { + throw new \InvalidArgumentException("Invalid WebID format: {$webId}"); + } $path = $parsed['path'] ?? ''; // Remove /profile/card from the path diff --git a/server/src/Support/Utils.php b/server/src/Support/Utils.php index ebaa4e2..d1f86a9 100644 --- a/server/src/Support/Utils.php +++ b/server/src/Support/Utils.php @@ -48,10 +48,22 @@ public static function searchPods(array $data = [], string $key, string $value, /** * Get the Solid server URL from configuration. * + * Constructs the URL from individual server configuration components. + * * @return string */ public static function getSolidServerUrl(): string { - return config('solid.server.url', 'http://localhost:3000'); + $host = config('solid.server.host', 'http://localhost'); + $port = config('solid.server.port', 3000); + $secure = config('solid.server.secure', false); + + // Remove protocol from host if present + $host = preg_replace('#^.*://#', '', $host); + + // Construct URL with proper protocol + $protocol = $secure ? 'https' : 'http'; + + return "{$protocol}://{$host}:{$port}"; } }