bunq / sdk_php

PHP SDK for bunq API
MIT License
83 stars 54 forks source link

Allow creating an ApiContext with a wildcard IP #182

Open ElteHupkes opened 4 years ago

ElteHupkes commented 4 years ago

Steps to reproduce:

  1. Call ApiContext::create(...) where $permittedIps = ['*'];

What should happen:

  1. Since * is a valid IP according to the API, the SDK should accept it and create a context with a wildcard IP-address.

What happens:

  1. A BunqException('Invalid ip address "*"') is thrown. Upon calling ApiContext::create() the list of IP addresses is checked with InstallationUtil::assetAllIpIsValid(), which only accepts actual IP addresses, not a wildcard.

Traceback

SDK version and environment

Response id

Extra info:

I'm assuming the API will also validate the list of IPs so I see no reason for the SDK to do this as well. I have checked other SDKs to see if not allowing a wildcard is an intended "feature", but in the Java and C# SDK I do not see such a check. It might be a remnant of when wildcard IPs were not allowed. I do not currently have a workaround that doesn't involve reimplementing ApiContext entirely, because a lot of the required functionality is in either static methods or private methods that my hacky hands can't get to.

setpill commented 3 years ago

Removing the error would be as simple as making REGEX_IP (found here) accept *, however I am not sure whether that would cause any problems elsewhere in the code.

patrickkivits commented 3 years ago

It seems this issue is still not resolved, is there any update on this?