- Addresses issues identified during code review
This commit is contained in:
Vlad
@@ -4,21 +4,34 @@ namespace MailPoet\Mailer\Methods;
|
||||
if(!defined('ABSPATH')) exit;
|
||||
|
||||
class AmazonSES {
|
||||
function __construct($region, $accessKey, $secretKey, $from) {
|
||||
$this->awsAccessKey = $accessKey;
|
||||
$this->awsSecret_key = $secretKey;
|
||||
$this->awsRegion = $region;
|
||||
$this->awsEndpoint = sprintf('email.%s.amazonaws.com', $region);
|
||||
$this->awsSigningAlgorithm = 'AWS4-HMAC-SHA256';
|
||||
$this->awsService = 'ses';
|
||||
$this->awsTerminationString = 'aws4_request';
|
||||
$this->hashAlgorithm = 'sha256';
|
||||
$this->url = 'https://' . $this->awsEndpoint;
|
||||
public $aws_access_key;
|
||||
public $aws_secret_key;
|
||||
public $aws_region;
|
||||
public $aws_endpoint;
|
||||
public $aws_signing_algorithm;
|
||||
public $aws_service;
|
||||
public $aws_termination_string;
|
||||
public $hash_algorithm;
|
||||
public $url;
|
||||
public $from;
|
||||
public $date;
|
||||
public $date_without_time;
|
||||
|
||||
function __construct($region, $access_key, $secret_key, $from) {
|
||||
$this->aws_access_key = $access_key;
|
||||
$this->aws_secret_key = $secret_key;
|
||||
$this->aws_region = $region;
|
||||
$this->aws_endpoint = sprintf('email.%s.amazonaws.com', $region);
|
||||
$this->aws_signing_algorithm = 'AWS4-HMAC-SHA256';
|
||||
$this->aws_service = 'ses';
|
||||
$this->aws_termination_string = 'aws4_request';
|
||||
$this->hash_algorithm = 'sha256';
|
||||
$this->url = 'https://' . $this->aws_endpoint;
|
||||
$this->from = $from;
|
||||
$this->date = gmdate('Ymd\THis\Z');
|
||||
$this->dateWithoutTime = gmdate('Ymd');
|
||||
$this->date_without_time = gmdate('Ymd');
|
||||
}
|
||||
|
||||
|
||||
function send($newsletter, $subscriber) {
|
||||
$result = wp_remote_post(
|
||||
$this->url,
|
||||
@@ -29,7 +42,7 @@ class AmazonSES {
|
||||
wp_remote_retrieve_response_code($result) === 200
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
function getBody($newsletter, $subscriber) {
|
||||
$body = array(
|
||||
'Action' => 'SendEmail',
|
||||
@@ -47,7 +60,7 @@ class AmazonSES {
|
||||
}
|
||||
return $body;
|
||||
}
|
||||
|
||||
|
||||
function request($newsletter, $subscriber) {
|
||||
$body = $this->getBody($newsletter, $subscriber);
|
||||
return array(
|
||||
@@ -55,59 +68,88 @@ class AmazonSES {
|
||||
'httpversion' => '1.1',
|
||||
'method' => 'POST',
|
||||
'headers' => array(
|
||||
'Host' => $this->awsEndpoint,
|
||||
'Host' => $this->aws_endpoint,
|
||||
'Authorization' => $this->signRequest($body),
|
||||
'X-Amz-Date' => $this->date
|
||||
),
|
||||
'body' => urldecode(http_build_query($body))
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
function signRequest($body) {
|
||||
$stringToSign = $this->createStringToSign(
|
||||
$string_to_sign = $this->createStringToSign(
|
||||
$this->getCredentialScope(),
|
||||
$this->getCanonicalRequest($body)
|
||||
);
|
||||
$signature = hash_hmac($this->hashAlgorithm, $stringToSign, $this->getSigningKey());
|
||||
|
||||
$signature = hash_hmac(
|
||||
$this->hash_algorithm,
|
||||
$string_to_sign,
|
||||
$this->getSigningKey()
|
||||
);
|
||||
|
||||
return sprintf(
|
||||
'%s Credential=%s/%s, SignedHeaders=host;x-amz-date, Signature=%s',
|
||||
$this->awsSigningAlgorithm,
|
||||
$this->awsAccessKey,
|
||||
$this->aws_signing_algorithm,
|
||||
$this->aws_access_key,
|
||||
$this->getCredentialScope(),
|
||||
$signature);
|
||||
}
|
||||
|
||||
|
||||
function getCredentialScope() {
|
||||
return sprintf('%s/%s/%s/%s', $this->dateWithoutTime, $this->awsRegion, $this->awsService, $this->awsTerminationString);
|
||||
return sprintf(
|
||||
'%s/%s/%s/%s',
|
||||
$this->date_without_time,
|
||||
$this->aws_region,
|
||||
$this->aws_service,
|
||||
$this->aws_termination_string);
|
||||
}
|
||||
|
||||
|
||||
function getCanonicalRequest($body) {
|
||||
return implode("\n", array(
|
||||
'POST',
|
||||
'/',
|
||||
'',
|
||||
'host:' . $this->awsEndpoint,
|
||||
'host:' . $this->aws_endpoint,
|
||||
'x-amz-date:' . $this->date,
|
||||
'',
|
||||
'host;x-amz-date',
|
||||
hash($this->hashAlgorithm, urldecode(http_build_query($body)))
|
||||
hash($this->hash_algorithm, urldecode(http_build_query($body)))
|
||||
));
|
||||
}
|
||||
|
||||
function createStringToSign($credentialScope, $canonicalRequest) {
|
||||
|
||||
function createStringToSign($credential_scope, $canonical_request) {
|
||||
return implode("\n", array(
|
||||
$this->awsSigningAlgorithm,
|
||||
$this->aws_signing_algorithm,
|
||||
$this->date,
|
||||
$credentialScope,
|
||||
hash($this->hashAlgorithm, $canonicalRequest)
|
||||
$credential_scope,
|
||||
hash($this->hash_algorithm, $canonical_request)
|
||||
));
|
||||
}
|
||||
|
||||
|
||||
function getSigningKey() {
|
||||
$dateKey = hash_hmac($this->hashAlgorithm, $this->dateWithoutTime, 'AWS4' . $this->awsSecret_key, true);
|
||||
$regionKey = hash_hmac($this->hashAlgorithm, $this->awsRegion, $dateKey, true);
|
||||
$serviceKey = hash_hmac($this->hashAlgorithm, $this->awsService, $regionKey, true);
|
||||
return hash_hmac($this->hashAlgorithm, $this->awsTerminationString, $serviceKey, true);
|
||||
$date_key = hash_hmac(
|
||||
$this->hash_algorithm,
|
||||
$this->date_without_time,
|
||||
'AWS4' . $this->aws_secret_key,
|
||||
true
|
||||
);
|
||||
$region_key = hash_hmac(
|
||||
$this->hash_algorithm,
|
||||
$this->aws_region,
|
||||
$date_key,
|
||||
true
|
||||
);
|
||||
$service_key = hash_hmac(
|
||||
$this->hash_algorithm,
|
||||
$this->aws_service,
|
||||
$region_key,
|
||||
true
|
||||
);
|
||||
return hash_hmac(
|
||||
$this->hash_algorithm,
|
||||
$this->aws_termination_string,
|
||||
$service_key,
|
||||
true
|
||||
);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user