From 68aab1d13050f4b0d353ab442e845ca03d2bd7e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timoth=C3=A9e=20Jaussoin?=
 <timothee.jaussoin@belledonne-communications.com>
Date: Tue, 28 Jun 2022 14:32:17 +0200
Subject: [PATCH] Keep the compatibility with old deprecated endpoints and
 parameters

---
 .../Controllers/Api/AccountController.php     | 14 +++++--
 flexiapi/routes/api.php                       |  4 ++
 .../Feature/AccountCreationTokenTest.php      | 41 +++++++++++++++++++
 flexisip-account-manager.spec                 |  2 +-
 4 files changed, 57 insertions(+), 4 deletions(-)

diff --git a/flexiapi/app/Http/Controllers/Api/AccountController.php b/flexiapi/app/Http/Controllers/Api/AccountController.php
index ad19bf6..b358f4d 100644
--- a/flexiapi/app/Http/Controllers/Api/AccountController.php
+++ b/flexiapi/app/Http/Controllers/Api/AccountController.php
@@ -73,15 +73,23 @@ class AccountController extends Controller
             'dtmf_protocol' => 'nullable|in:' . Account::dtmfProtocolsRule(),
             'domain' => 'min:3',
             'account_creation_token' => [
-                'required',
+                'required_without:token',
                 Rule::exists('account_creation_tokens', 'token')->where(function ($query) {
                     $query->where('used', false);
                 }),
                 'size:'.WebAuthenticateController::$emailCodeSize
-            ]
+            ],
+            // For retro-compatibility
+            'token' => [
+                'required_without:account_creation_token',
+                Rule::exists('account_creation_tokens', 'token')->where(function ($query) {
+                    $query->where('used', false);
+                }),
+                'size:'.WebAuthenticateController::$emailCodeSize
+            ],
         ]);
 
-        $token = AccountCreationToken::where('token', $request->get('account_creation_token'))->first();
+        $token = AccountCreationToken::where('token', $request->get('token') ?? $request->get('account_creation_token'))->first();
         $token->used = true;
         $token->save();
 
diff --git a/flexiapi/routes/api.php b/flexiapi/routes/api.php
index 8251e2e..3895b35 100644
--- a/flexiapi/routes/api.php
+++ b/flexiapi/routes/api.php
@@ -27,8 +27,12 @@ Route::middleware('auth:api')->get('/user', function (Request $request) {
 
 Route::get('ping', 'Api\PingController@ping');
 Route::post('account_creation_tokens/send-by-push', 'Api\AccountCreationTokenController@sendByPush');
+// Old URL, for retro-compatibility
+Route::post('tokens', 'Api\AccountCreationTokenController@sendByPush');
 Route::get('accounts/{sip}/info', 'Api\AccountController@info');
 Route::post('accounts/with-account-creation-token', 'Api\AccountController@store');
+// Old URL, for retro-compatibility
+Route::post('accounts/with-token', 'Api\AccountController@store');
 Route::post('accounts/{sip}/activate/email', 'Api\AccountController@activateEmail');
 Route::post('accounts/{sip}/activate/phone', 'Api\AccountController@activatePhone');
 
diff --git a/flexiapi/tests/Feature/AccountCreationTokenTest.php b/flexiapi/tests/Feature/AccountCreationTokenTest.php
index 909075b..729028a 100644
--- a/flexiapi/tests/Feature/AccountCreationTokenTest.php
+++ b/flexiapi/tests/Feature/AccountCreationTokenTest.php
@@ -64,10 +64,51 @@ class AccountCreationTokenTest extends TestCase
         $response->assertStatus(403);
     }
 
+    /**
+     * For retro-compatibility only
+     */
+    public function testRetrocopatibilityToken()
+    {
+        $token = AccountCreationToken::factory()->create();
+
+        $response = $this->json($this->method, '/api/tokens', [
+            'pn_provider' => $token->pn_provider,
+            'pn_param' => $token->pn_param,
+            'pn_prid' => $token->pn_prid
+        ]);
+        $response->assertStatus(403);
+    }
+
     public function testInvalidToken()
     {
         $token = AccountCreationToken::factory()->create();
 
+        // Valid token
+        $response = $this->json($this->method, '/api/accounts/with-token', [
+            'username' => 'username',
+            'algorithm' => 'SHA-256',
+            'password' => '2',
+            'token' => $token->token
+        ]);
+        $response->assertStatus(200);
+
+        // Expired token
+        $response = $this->json($this->method, '/api/accounts/with-token', [
+            'username' => 'username2',
+            'algorithm' => 'SHA-256',
+            'password' => '2',
+            'token' => $token->token
+        ]);
+        $response->assertStatus(422);
+    }
+
+    /**
+     * For retrocompatibility only
+     */
+    public function testRetrocompatibilityInvalidToken()
+    {
+        $token = AccountCreationToken::factory()->create();
+
         // Invalid token
         $response = $this->json($this->method, $this->accountRoute, [
             'username' => 'username',
diff --git a/flexisip-account-manager.spec b/flexisip-account-manager.spec
index 2581864..904ea3e 100644
--- a/flexisip-account-manager.spec
+++ b/flexisip-account-manager.spec
@@ -8,7 +8,7 @@
 #%define _datadir           %{_datarootdir}
 #%define _docdir            %{_datadir}/doc
 
-%define build_number 139
+%define build_number 140
 %define var_dir /var/opt/belledonne-communications
 %define opt_dir /opt/belledonne-communications/share/flexisip-account-manager