Merge pull request #6839 from paulbalandan/fix-key-generate

samsonasik · web-flow · commit e86ef99cf7f2 · 2022-11-10T13:13:20.000+07:00
Handle key generation when key is not present in .env
diff --git a/system/Commands/Encryption/GenerateKey.php b/system/Commands/Encryption/GenerateKey.php
@@ -67,13 +67,15 @@ class GenerateKey extends BaseCommand
     public function run(array $params)
     {
         $prefix = $params['prefix'] ?? CLI::getOption('prefix');
+
         if (in_array($prefix, [null, true], true)) {
             $prefix = 'hex2bin';
         } elseif (! in_array($prefix, ['hex2bin', 'base64'], true)) {
             $prefix = CLI::prompt('Please provide a valid prefix to use.', ['hex2bin', 'base64'], 'required'); // @codeCoverageIgnore
         }
 
         $length = $params['length'] ?? CLI::getOption('length');
+
         if (in_array($length, [null, true], true)) {
             $length = 32;
         }
@@ -127,9 +129,7 @@ protected function setNewEncryptionKey(string $key, array $params): bool
 
         if ($currentKey !== '' && ! $this->confirmOverwrite($params)) {
             // Not yet testable since it requires keyboard input
-            // @codeCoverageIgnoreStart
-            return false;
-            // @codeCoverageIgnoreEnd
+            return false; // @codeCoverageIgnore
         }
 
         return $this->writeNewEncryptionKeyToFile($currentKey, $key);
@@ -163,13 +163,24 @@ protected function writeNewEncryptionKeyToFile(string $oldKey, string $newKey):
             copy($baseEnv, $envFile);
         }
 
-        $ret = file_put_contents($envFile, preg_replace(
-            $this->keyPattern($oldKey),
-            "\nencryption.key = {$newKey}",
-            file_get_contents($envFile)
-        ));
+        $oldFileContents = (string) file_get_contents($envFile);
+        $replacementKey  = "\nencryption.key = {$newKey}";
+
+        if (strpos($oldFileContents, 'encryption.key') === false) {
+            return file_put_contents($envFile, $replacementKey, FILE_APPEND) !== false;
+        }
+
+        $newFileContents = preg_replace($this->keyPattern($oldKey), $replacementKey, $oldFileContents);
+
+        if ($newFileContents === $oldFileContents) {
+            $newFileContents = preg_replace(
+                '/^[#\s]*encryption.key[=\s]*(?:hex2bin\:[a-f0-9]{64}|base64\:(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?)$/m',
+                $replacementKey,
+                $oldFileContents
+            );
+        }
 
-        return $ret !== false;
+        return file_put_contents($envFile, $newFileContents) !== false;
     }
 
     /**
diff --git a/tests/system/Commands/GenerateKeyTest.php b/tests/system/Commands/GenerateKeyTest.php
@@ -74,13 +74,13 @@ protected function resetEnvironment()
 
     public function testGenerateKeyShowsEncodedKey()
     {
-        command('key:generate -show');
+        command('key:generate --show');
         $this->assertStringContainsString('hex2bin:', $this->getBuffer());
 
-        command('key:generate -prefix base64 -show');
+        command('key:generate --prefix base64 --show');
         $this->assertStringContainsString('base64:', $this->getBuffer());
 
-        command('key:generate -prefix hex2bin -show');
+        command('key:generate --prefix hex2bin --show');
         $this->assertStringContainsString('hex2bin:', $this->getBuffer());
     }
 
@@ -95,12 +95,12 @@ public function testGenerateKeyCreatesNewKey()
         $this->assertStringContainsString(env('encryption.key'), file_get_contents($this->envPath));
         $this->assertStringContainsString('hex2bin:', file_get_contents($this->envPath));
 
-        command('key:generate -prefix base64 -force');
+        command('key:generate --prefix base64 --force');
         $this->assertStringContainsString('successfully set.', $this->getBuffer());
         $this->assertStringContainsString(env('encryption.key'), file_get_contents($this->envPath));
         $this->assertStringContainsString('base64:', file_get_contents($this->envPath));
 
-        command('key:generate -prefix hex2bin -force');
+        command('key:generate --prefix hex2bin --force');
         $this->assertStringContainsString('successfully set.', $this->getBuffer());
         $this->assertStringContainsString(env('encryption.key'), file_get_contents($this->envPath));
         $this->assertStringContainsString('hex2bin:', file_get_contents($this->envPath));
@@ -115,4 +115,53 @@ public function testDefaultShippedEnvIsMissing()
         $this->assertStringContainsString('Both default shipped', $this->getBuffer());
         $this->assertStringContainsString('Error in setting', $this->getBuffer());
     }
+
+    /**
+     * @see https://github.com/codeigniter4/CodeIgniter4/issues/6838
+     */
+    public function testKeyGenerateWhenKeyIsMissingInDotEnvFile()
+    {
+        file_put_contents($this->envPath, '');
+
+        command('key:generate');
+
+        $this->assertStringContainsString('Application\'s new encryption key was successfully set.', $this->getBuffer());
+        $this->assertSame("\nencryption.key = " . env('encryption.key'), file_get_contents($this->envPath));
+    }
+
+    public function testKeyGenerateWhenNewHexKeyIsSubsequentlyCommentedOut()
+    {
+        command('key:generate');
+        $key = env('encryption.key', '');
+        file_put_contents($this->envPath, str_replace(
+            'encryption.key = ' . $key,
+            '# encryption.key = ' . $key,
+            file_get_contents($this->envPath),
+            $count
+        ));
+        $this->assertSame(1, $count, 'Failed commenting out the previously set application key.');
+
+        CITestStreamFilter::$buffer = '';
+        command('key:generate --force');
+        $this->assertStringContainsString('was successfully set.', $this->getBuffer());
+        $this->assertNotSame($key, env('encryption.key', $key), 'Failed replacing the commented out key.');
+    }
+
+    public function testKeyGenerateWhenNewBase64KeyIsSubsequentlyCommentedOut()
+    {
+        command('key:generate --prefix base64');
+        $key = env('encryption.key', '');
+        file_put_contents($this->envPath, str_replace(
+            'encryption.key = ' . $key,
+            '# encryption.key = ' . $key,
+            file_get_contents($this->envPath),
+            $count
+        ));
+        $this->assertSame(1, $count, 'Failed commenting out the previously set application key.');
+
+        CITestStreamFilter::$buffer = '';
+        command('key:generate --force');
+        $this->assertStringContainsString('was successfully set.', $this->getBuffer());
+        $this->assertNotSame($key, env('encryption.key', $key), 'Failed replacing the commented out key.');
+    }
 }
