phorge-phorge/src/applications/metamta/controller/PhabricatorMetaMTAMailgunReceiveController.php

<?php

final class PhabricatorMetaMTAMailgunReceiveController
  extends PhabricatorMetaMTAController {

  public function shouldRequireLogin() {
    return false;
  }

  private function verifyMessage() {
    $api_key = PhabricatorEnv::getEnvConfig('mailgun.api-key');
    $request = $this->getRequest();
    $timestamp = $request->getStr('timestamp');
    $token = $request->getStr('token');
    $sig = $request->getStr('signature');
    $hash = hash_hmac('sha256', $timestamp.$token, $api_key);

    return phutil_hashes_are_identical($sig, $hash);
  }

  public function handleRequest(AphrontRequest $request) {

    // No CSRF for Mailgun.
    $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();

    if (!$this->verifyMessage()) {
      throw new Exception(
        pht('Mail signature is not valid. Check your Mailgun API key.'));
    }

    $user = $request->getUser();

    $raw_headers = $request->getStr('headers');
    $raw_headers = explode("\n", rtrim($raw_headers));
    $raw_dict = array();
    foreach (array_filter($raw_headers) as $header) {
      list($name, $value) = explode(':', $header, 2);
      $raw_dict[$name] = ltrim($value);
    }

    $headers = array(
      'to'      => $request->getStr('recipient'),
      'from'    => $request->getStr('from'),
      'subject' => $request->getStr('subject'),
    ) + $raw_dict;

    $received = new PhabricatorMetaMTAReceivedMail();
    $received->setHeaders($headers);
    $received->setBodies(array(
      'text' => $request->getStr('stripped-text'),
      'html' => $request->getStr('stripped-html'),
    ));

    $file_phids = array();
    foreach ($_FILES as $file_raw) {
      try {
        $file = PhabricatorFile::newFromPHPUpload(
          $file_raw,
          array(
            'viewPolicy' => PhabricatorPolicies::POLICY_NOONE,
          ));
        $file_phids[] = $file->getPHID();
      } catch (Exception $ex) {
        phlog($ex);
      }
    }
    $received->setAttachments($file_phids);
    $received->save();

    $received->processReceivedMail();

    $response = new AphrontWebpageResponse();
    $response->setContent(pht("Got it! Thanks, Mailgun!\n"));
    return $response;
  }

}
Mailgun receive support Summary: As you've suggested, I took the SendGrid code and massaged it until it played nice with Mailgun. btw - unless I'm missing something, it appears that the SendGrid receiver lets you spoof emails (it performs no validation on the data received). Test Plan: Opened a task with Mailgun. Felt great. Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley CC: Korvin, epriestley, aran Maniphest Tasks: T4326 Differential Revision: https://secure.phabricator.com/D7989 2014-01-21 10:36:33 -08:00			`<?php`

			`final class PhabricatorMetaMTAMailgunReceiveController`
			`extends PhabricatorMetaMTAController {`

			`public function shouldRequireLogin() {`
			`return false;`
			`}`

			`private function verifyMessage() {`
			`$api_key = PhabricatorEnv::getEnvConfig('mailgun.api-key');`
			`$request = $this->getRequest();`
			`$timestamp = $request->getStr('timestamp');`
			`$token = $request->getStr('token');`
			`$sig = $request->getStr('signature');`
Use phutil_hashes_are_identical() when comparing hashes in Phabricator Summary: See D14025. In all cases where we compare hashes, use strict, constant-time comparisons. Test Plan: Logged in, logged out, added TOTP, ran Conduit, terminated sessions, submitted forms, changed password. Tweaked CSRF token, got rejected. Reviewers: chad Reviewed By: chad Subscribers: chenxiruanhai Differential Revision: https://secure.phabricator.com/D14026 2015-09-01 15:52:44 -07:00			`$hash = hash_hmac('sha256', $timestamp.$token, $api_key);`
Mailgun receive support Summary: As you've suggested, I took the SendGrid code and massaged it until it played nice with Mailgun. btw - unless I'm missing something, it appears that the SendGrid receiver lets you spoof emails (it performs no validation on the data received). Test Plan: Opened a task with Mailgun. Felt great. Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley CC: Korvin, epriestley, aran Maniphest Tasks: T4326 Differential Revision: https://secure.phabricator.com/D7989 2014-01-21 10:36:33 -08:00
Use phutil_hashes_are_identical() when comparing hashes in Phabricator Summary: See D14025. In all cases where we compare hashes, use strict, constant-time comparisons. Test Plan: Logged in, logged out, added TOTP, ran Conduit, terminated sessions, submitted forms, changed password. Tweaked CSRF token, got rejected. Reviewers: chad Reviewed By: chad Subscribers: chenxiruanhai Differential Revision: https://secure.phabricator.com/D14026 2015-09-01 15:52:44 -07:00			`return phutil_hashes_are_identical($sig, $hash);`
Mailgun receive support Summary: As you've suggested, I took the SendGrid code and massaged it until it played nice with Mailgun. btw - unless I'm missing something, it appears that the SendGrid receiver lets you spoof emails (it performs no validation on the data received). Test Plan: Opened a task with Mailgun. Felt great. Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley CC: Korvin, epriestley, aran Maniphest Tasks: T4326 Differential Revision: https://secure.phabricator.com/D7989 2014-01-21 10:36:33 -08:00			`}`
Use phutil_hashes_are_identical() when comparing hashes in Phabricator Summary: See D14025. In all cases where we compare hashes, use strict, constant-time comparisons. Test Plan: Logged in, logged out, added TOTP, ran Conduit, terminated sessions, submitted forms, changed password. Tweaked CSRF token, got rejected. Reviewers: chad Reviewed By: chad Subscribers: chenxiruanhai Differential Revision: https://secure.phabricator.com/D14026 2015-09-01 15:52:44 -07:00
Update metamta for handleRequest Summary: Updates metamta for handleRequest Test Plan: Unable to test this, but looks safe? Reviewers: epriestley Reviewed By: epriestley Subscribers: Korvin Differential Revision: https://secure.phabricator.com/D14256 2015-10-12 12:02:11 -07:00			`public function handleRequest(AphrontRequest $request) {`
Mailgun receive support Summary: As you've suggested, I took the SendGrid code and massaged it until it played nice with Mailgun. btw - unless I'm missing something, it appears that the SendGrid receiver lets you spoof emails (it performs no validation on the data received). Test Plan: Opened a task with Mailgun. Felt great. Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley CC: Korvin, epriestley, aran Maniphest Tasks: T4326 Differential Revision: https://secure.phabricator.com/D7989 2014-01-21 10:36:33 -08:00
			`// No CSRF for Mailgun.`
			`$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();`

			`if (!$this->verifyMessage()) {`
			`throw new Exception(`
Mark some strings for translation Summary: Add some more `pht`izations. Test Plan: Eyeball it. Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley, #blessed_reviewers Subscribers: hach-que, Korvin, epriestley Differential Revision: https://secure.phabricator.com/D13200 2015-06-09 23:06:52 +10:00			`pht('Mail signature is not valid. Check your Mailgun API key.'));`
Mailgun receive support Summary: As you've suggested, I took the SendGrid code and massaged it until it played nice with Mailgun. btw - unless I'm missing something, it appears that the SendGrid receiver lets you spoof emails (it performs no validation on the data received). Test Plan: Opened a task with Mailgun. Felt great. Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley CC: Korvin, epriestley, aran Maniphest Tasks: T4326 Differential Revision: https://secure.phabricator.com/D7989 2014-01-21 10:36:33 -08:00			`}`

			`$user = $request->getUser();`

			`$raw_headers = $request->getStr('headers');`
			`$raw_headers = explode("\n", rtrim($raw_headers));`
			`$raw_dict = array();`
			`foreach (array_filter($raw_headers) as $header) {`
			`list($name, $value) = explode(':', $header, 2);`
			`$raw_dict[$name] = ltrim($value);`
			`}`

			`$headers = array(`
			`'to' => $request->getStr('recipient'),`
			`'from' => $request->getStr('from'),`
			`'subject' => $request->getStr('subject'),`
			`) + $raw_dict;`

			`$received = new PhabricatorMetaMTAReceivedMail();`
			`$received->setHeaders($headers);`
			`$received->setBodies(array(`
			`'text' => $request->getStr('stripped-text'),`
			`'html' => $request->getStr('stripped-html'),`
			`));`

			`$file_phids = array();`
			`foreach ($_FILES as $file_raw) {`
			`try {`
			`$file = PhabricatorFile::newFromPHPUpload(`
			`$file_raw,`
			`array(`
Make file policies for emailed files more consistent Summary: Fixes T7712. Currently, files sent via email get default policies, like they were dragged and dropped onto the home page. User expectation is better aligned with giving files more restrictive policies, like they were draggged and dropped directly onto an object. Make files sent via email have restricted default visibility. Once we identify the sender, set them as the file author. Later, the file will become visible to other users via attachment to a task, revision, etc. Test Plan: Sent some files via email; verified they got restrictive policies, correct authorship, and appropriate object attachment. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T7712 Differential Revision: https://secure.phabricator.com/D12255 2015-04-02 13:41:39 -07:00			`'viewPolicy' => PhabricatorPolicies::POLICY_NOONE,`
Mailgun receive support Summary: As you've suggested, I took the SendGrid code and massaged it until it played nice with Mailgun. btw - unless I'm missing something, it appears that the SendGrid receiver lets you spoof emails (it performs no validation on the data received). Test Plan: Opened a task with Mailgun. Felt great. Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley CC: Korvin, epriestley, aran Maniphest Tasks: T4326 Differential Revision: https://secure.phabricator.com/D7989 2014-01-21 10:36:33 -08:00			`));`
			`$file_phids[] = $file->getPHID();`
			`} catch (Exception $ex) {`
			`phlog($ex);`
			`}`
			`}`
			`$received->setAttachments($file_phids);`
			`$received->save();`

			`$received->processReceivedMail();`

			`$response = new AphrontWebpageResponse();`
			`$response->setContent(pht("Got it! Thanks, Mailgun!\n"));`
			`return $response;`
			`}`

			`}`