Skip to content

chore: code cleanup of back-channel PR #302 #326

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Sep 28, 2022
Merged

chore: code cleanup of back-channel PR #302 #326

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 12 additions & 14 deletions src/OpenIDConnectClient.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -378,7 +378,6 @@ public function authenticate() {

// Success!
return true;

}

throw new OpenIDConnectClientException ('Unable to verify JWT claims');
Expand Down Expand Up @@ -479,8 +478,8 @@ public function signOut($idToken, $redirect) {
* back-channel logout flows.
*
* This function should be evaluated as a boolean check
* in your route that receives the POST request for back-
* channel logout executed from the OP.
* in your route that receives the POST request for back-channel
* logout executed from the OP.
*
* @return bool
* @throws OpenIDConnectClientException
Expand All @@ -506,18 +505,15 @@ public function verifyLogoutToken()
}

// Verify Logout Token Claims
if ($this->verifyLogoutTokenClaims($claims, $logout_token)) {
$this->logoutToken = $logout_token;
if ($this->verifyLogoutTokenClaims($claims)) {
$this->verifiedClaims = $claims;
return true;
}
else {
return false;
}
}
else {
throw new OpenIDConnectClientException('Back-channel logout: There was no logout_token in the request');

return false;
}

throw new OpenIDConnectClientException('Back-channel logout: There was no logout_token in the request');
}

/**
Expand All @@ -526,6 +522,7 @@ public function verifyLogoutToken()
*
* @param object $claims
* @return bool
* @throws OpenIDConnectClientException
*/
public function verifyLogoutTokenClaims($claims)
{
Expand Down Expand Up @@ -572,11 +569,11 @@ public function verifyLogoutTokenClaims($claims)
return false;
}
// Validate the iat. At this point we can return true if it is ok
if (isset($claims->iat) && ((gettype($claims->iat) === 'integer') && ($claims->iat <= time() + $this->leeway))) {
if (isset($claims->iat) && ((is_int($claims->iat)) && ($claims->iat <= time() + $this->leeway))) {
return true;
} else {
return false;
}

return false;
}

/**
Expand Down Expand Up @@ -770,6 +767,7 @@ protected function generateRandString() {
* Start Here
* @return void
* @throws OpenIDConnectClientException
* @throws \Exception
*/
private function requestAuthorization() {

Expand Down