check_signature

in src/zgoog_cl_content_repo_gcs.clas.abap [0:0]

• 84 lines of code
• 19 McCabe index (conditional complexity)

  METHOD check_signature.

    DATA: lv_message    TYPE string,
          lv_seckey     TYPE string,
          lv_amode      TYPE string,
          lv_authid     TYPE string,
          lv_expiration TYPE string,
          lv_contrep    TYPE string,
          lv_dummy      TYPE string ##NEEDED,
          lv_nosig      TYPE c LENGTH 1.

    DATA: ls_param      TYPE ltyp_s_parameter.

    CLEAR rv_signature.

    LOOP AT gt_parameters INTO ls_param.
      IF ls_param-usage = gv_parameter_sec_used.
        CONCATENATE lv_message ls_param-value INTO lv_message.
      ENDIF.
      IF ls_param-name = 'secKey'.
        lv_seckey = ls_param-value.
      ELSEIF ls_param-name = 'accessMode'.
        lv_amode = url_hex_decode( iv_value = ls_param-value ).
      ELSEIF ls_param-name = 'authId'.
        lv_authid = url_hex_decode( iv_value = ls_param-value ).
      ELSEIF ls_param-name = 'expiration'.
        lv_expiration = url_hex_decode( iv_value = ls_param-value ).
      ELSEIF ls_param-name = 'contRep'.
        lv_contrep = url_hex_decode( iv_value = ls_param-value ).
      ENDIF.
    ENDLOOP.

    IF iv_contrep IS SUPPLIED.
      lv_contrep = iv_contrep.
    ENDIF.

    IF lv_seckey IS NOT INITIAL.
      check_expiration( iv_expiration = lv_expiration ).
      IF gs_error IS NOT INITIAL.
        EXIT.
      ENDIF.

      IF NOT lv_amode CA iv_docprot AND iv_docprot <> ' '.
        MESSAGE e182(cms) WITH lv_amode gv_command iv_docprot INTO lv_dummy.
        sys_error_set( ).
        gs_error-status_code = 401.
        EXIT.
      ENDIF.

      IF lv_contrep <> space.
        SELECT SINGLE http_nosig FROM crep_http
          INTO lv_nosig
          WHERE crep_id = lv_contrep.

        IF sy-subrc <> 0 AND gv_crep_type <> scmst_crtyp_rfc.
          MESSAGE e002(cms) WITH lv_contrep INTO lv_dummy.
          " Content Repository &1 doesn't exist
          sys_error_set( ).
          gs_error-status_code = '400'.
          EXIT.
        ENDIF.

        IF lv_nosig = 'X'.
          rv_signature = space.
          EXIT.
        ENDIF.

      ENDIF.

      verify_signature( iv_seckey  = lv_seckey
                        iv_message = lv_message
                        iv_contrep = lv_contrep
                        iv_authid  = lv_authid ).
      IF gs_error IS INITIAL.
        rv_signature = 'X'.
      ENDIF.
    ELSE.
      " If Seckey is initial check if signature is required for the repository.
      IF lv_contrep <> space.
        " Repository Type HTTP
        SELECT SINGLE http_nosig FROM crep_http
          INTO lv_nosig
          WHERE crep_id = lv_contrep.
        IF sy-subrc <> 0 AND gv_crep_type <> scmst_crtyp_rfc.
          MESSAGE e002(cms) WITH lv_contrep INTO lv_dummy.
          " Content Repository &1 existiert nicht
          sys_error_set( ).
          gs_error-status_code = '400'.
          EXIT.
        ENDIF.

        IF lv_nosig = 'X'.
          EXIT.
        ELSE.
          " Error the signature is required and it'f not passed thus report an error.
          MESSAGE e109(cms) WITH lv_contrep INTO lv_dummy.
          sys_error_set( ).
          gs_error-status_code = 401.
          EXIT.
        ENDIF.
      ENDIF.
    ENDIF.