Adding support to check regions

challgren · challgren · commit 6c103db5323b · 2021-08-13T23:15:08.000-05:00
Signed-off-by: Chris Hallgren &lt;challgren@gmail.com&gt;
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
 /.phpunit.result.cache
 /.idea/
 /vendor
+/composer.lock
diff --git a/src/PhpAwsSmtpPassword.php b/src/PhpAwsSmtpPassword.php
@@ -4,6 +4,29 @@
 
 class PhpAwsSmtpPassword
 {
+    protected static $allowed_regions = [
+        'us-east-1',       # US East (N. Virginia)
+        'us-east-2',       # US East (Ohio)
+        'us-west-1',       # US West (N. California)
+        'us-west-2',       # US West (Oregon)
+        'af-south-1',      # Africa (Cape Town)
+        'ap-south-1',      # Asia Pacific (Mumbai)
+        'ap-northeast-2',  # Asia Pacific (Seoul)
+        'ap-southeast-1',  # Asia Pacific (Singapore)
+        'ap-southeast-2',  # Asia Pacific (Sydney)
+        'ap-northeast-1',  # Asia Pacific (Tokyo)
+        'ca-central-1',    # Canada (Central)
+        'eu-central-1',    # Europe (Frankfurt)
+        'eu-west-1',       # Europe (Ireland)
+        'eu-west-2',       # Europe (London)
+        'eu-south-1',      # Europe (Milan)
+        'eu-west-3',       # Europe (Paris)
+        'eu-north-1',      # Europe (Stockholm)
+        'me-south-1',      # Middle East (Bahrain)
+        'sa-east-1',       # South America (Sao Paulo)
+        'us-gov-west-1',   # AWS GovCloud (US)
+    ];
+
     /**
      * Per https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html this should never change
      * @var string Date to hash with
@@ -43,6 +66,10 @@ class PhpAwsSmtpPassword
      */
     public static function convert($key, $region)
     {
+        $region = strtolower($region);
+        if (!in_array($region, PhpAwsSmtpPassword::$allowed_regions)) {
+            throw new \InvalidArgumentException($region . ' is not setup for SES.');
+        }
         $signature = hash_hmac('sha256', PhpAwsSmtpPassword::$date, 'AWS4' . $key, true);
         $signature = hash_hmac('sha256', $region, $signature, true);
         $signature = hash_hmac('sha256', PhpAwsSmtpPassword::$service, $signature, true);
diff --git a/tests/TestCase/PhpAwsSmtpPasswordTest.php b/tests/TestCase/PhpAwsSmtpPasswordTest.php
@@ -6,15 +6,23 @@
 
 class PhpAwsSmtpPasswordTest extends TestCase
 {
+    protected $key = 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY';
+    protected $region = 'us-east-1';
+
     /**
      * Tests the convert function
      */
     public function testConvert()
     {
-        $key = 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY';
-        $region = 'us-east-1';
         $expected = 'WzRdsEz/2FJQQt+rwbD6tTVhwGOQ7EZuFPZcbvrfFUsZYv0=';
 
-        $this->assertEquals($expected, PhpAwsSmtpPassword::convert($key, $region));
+        $this->assertEquals($expected, PhpAwsSmtpPassword::convert($this->key, $this->region));
+    }
+
+    public function testConvertInvalidRegion()
+    {
+        $this->expectException('InvalidArgumentException');
+        $this->expectExceptionMessage('us-central-1 is not setup for SES.');
+        PhpAwsSmtpPassword::convert($this->key, 'us-central-1');
     }
 }

-Original file line number
+Diff line change
@@ @@ -1,3 +1,4 @@ @@
 /.phpunit.result.cache
 /.idea/
 /vendor
 +/composer.lock