Skip to content

Commit

Permalink
Formatting and warning fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
arietimmerman committed Nov 24, 2023
1 parent e6b71e7 commit 75ccb95
Show file tree
Hide file tree
Showing 14 changed files with 45 additions and 22 deletions.
1 change: 0 additions & 1 deletion src/AdvancedResourceServer.php
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@

class AdvancedResourceServer extends ResourceServer
{

/**
* @var null|AuthorizationValidatorInterface
*/
Expand Down
2 changes: 1 addition & 1 deletion src/Entities/AccessTokenEntityInterface.php
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ public function getClaims();

/**
* Return an array of scopes associated with the token
*
*
* @return ScopeEntityInterface[]
*/
public function getScopes();
Expand Down
4 changes: 2 additions & 2 deletions src/Entities/ClaimEntityInterface.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@

interface ClaimEntityInterface extends JsonSerializable
{
const TYPE_ID_TOKEN = 'id_token';
const TYPE_USERINFO = 'userinfo';
public const TYPE_ID_TOKEN = 'id_token';
public const TYPE_USERINFO = 'userinfo';

/**
* Get the scope's identifier.
Expand Down
3 changes: 1 addition & 2 deletions src/Entities/IdToken.php
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@

use DateTimeImmutable;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use Lcobucci\JWT\Token\RegisteredClaims;
use League\OAuth2\Server\CryptKey;
use Lcobucci\JWT\Configuration;
use Lcobucci\JWT\Signer\Key\InMemory;
Expand Down Expand Up @@ -105,7 +104,7 @@ public function setAudience($audience)
/**
* Get the value of expiration
*/
public function getExpiration() : \DateTimeImmutable
public function getExpiration(): \DateTimeImmutable
{
return $this->expiration;
}
Expand Down
5 changes: 3 additions & 2 deletions src/Grant/AuthCodeGrant.php
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,8 @@ public function canRespondToAccessTokenRequest(ServerRequestInterface $request)
$requestParameters = (array) $request->getParsedBody();

// Don't try to handle code when it isn't even an authorization_code request
if (!array_key_exists('grant_type', $requestParameters)
if (
!array_key_exists('grant_type', $requestParameters)
|| $requestParameters['grant_type'] !== 'authorization_code'
) {
return false;
Expand All @@ -114,7 +115,7 @@ public function canRespondToAccessTokenRequest(ServerRequestInterface $request)
public function validateAuthorizationRequest(ServerRequestInterface $request)
{
$result = parent::validateAuthorizationRequest($request);

$redirectUri = $this->getQueryStringParameter(
'redirect_uri',
$request
Expand Down
37 changes: 31 additions & 6 deletions src/Grant/ImplicitGrant.php
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@

namespace Idaas\OpenID\Grant;

use DateTimeImmutable;
use Idaas\OpenID\Entities\IdToken;
use Idaas\OpenID\IdTokenEvent;
use Idaas\OpenID\Repositories\ClaimRepositoryInterface;
Expand All @@ -11,6 +10,7 @@
use Idaas\OpenID\SessionInterface;
use League\OAuth2\Server\Entities\UserEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use League\OAuth2\Server\ResponseTypes\RedirectResponse;
use Psr\Http\Message\ServerRequestInterface;
Expand All @@ -35,6 +35,12 @@ class ImplicitGrant extends \League\OAuth2\Server\Grant\ImplicitGrant
*/
protected $session;

/**
* Same as $accessTokenTTL, but used for the ID Token
* @var \DateInterval
*/
protected $accessTokenTTLCopy;

/**
* @param \DateInterval $accessTokenTTL
* @param string $queryDelimiter
Expand All @@ -53,7 +59,7 @@ public function __construct(
$this->claimRepositoryInterface = $claimRepositoryInterface;
$this->session = $session;

$this->accessTokenTTL = $accessTokenTTL;
$this->accessTokenTTLCopy = $accessTokenTTL;
$this->idTokenTTL = $idTokenTTL;
$this->queryDelimiter = $queryDelimiter;
}
Expand All @@ -66,7 +72,11 @@ public function getIdentifier()
public function canRespondToAuthorizationRequest(ServerRequestInterface $request)
{
$result = (isset($request->getQueryParams()['response_type'])
&& ($request->getQueryParams()['response_type'] === 'id_token token' || $request->getQueryParams()['response_type'] === 'id_token' || $request->getQueryParams()['response_type'] === 'token')
&& (
$request->getQueryParams()['response_type'] === 'id_token token' ||
$request->getQueryParams()['response_type'] === 'id_token' ||
$request->getQueryParams()['response_type'] === 'token'
)
&& isset($request->getQueryParams()['client_id']));

$queryParams = $request->getQueryParams();
Expand Down Expand Up @@ -147,7 +157,7 @@ public function completeAuthorizationRequest(AuthorizationRequest $authorization
// The user approved the client, redirect them back with an access token
if ($authorizationRequest->isAuthorizationApproved() === true) {
$accessToken = $this->issueAccessToken(
$this->accessTokenTTL,
$this->accessTokenTTLCopy,
$authorizationRequest->getClient(),
$authorizationRequest->getUser()->getIdentifier(),
$authorizationRequest->getScopes()
Expand Down Expand Up @@ -192,7 +202,10 @@ public function completeAuthorizationRequest(AuthorizationRequest $authorization
$idToken->addExtra($key, $value);
}
} else {
$this->accessTokenRepository->storeClaims($accessToken, $claimsRequested);
// This check is not really needed, as accessTokenRepisitory is guaranted to be of this type
if ($this->accessTokenRepository instanceof \Idaas\OpenID\Repositories\AccessTokenRepositoryInterface) {
$this->accessTokenRepository->storeClaims($accessToken, $claimsRequested);
}
}

/**
Expand All @@ -210,7 +223,10 @@ public function completeAuthorizationRequest(AuthorizationRequest $authorization

//Only add the access token and related parameters if requested
//TODO: Check if OpenID Connect flow is allowed if only a token is requested.
if ($authorizationRequest->getResponseType() == 'id_token token' || $authorizationRequest->getResponseType() == 'token') {
if (
$authorizationRequest->getResponseType() == 'id_token token' ||
$authorizationRequest->getResponseType() == 'token'
) {
$accessToken->setPrivateKey($this->privateKey);
$parameters['access_token'] = (string) $accessToken;
$parameters['token_type'] = 'Bearer';
Expand Down Expand Up @@ -243,4 +259,13 @@ public function completeAuthorizationRequest(AuthorizationRequest $authorization
)
);
}

public function setAccessTokenRepository(AccessTokenRepositoryInterface $accessTokenRepository)
{
if (!($accessTokenRepository instanceof \Idaas\OpenID\Repositories\AccessTokenRepositoryInterface)) {
throw new \LogicException('The access token repository must be an instance of Idaas\OpenID\Repositories\AccessTokenRepositoryInterface');
}

$this->accessTokenRepository = $accessTokenRepository;
}
}
2 changes: 1 addition & 1 deletion src/IdTokenEvent.php
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@

class IdTokenEvent extends Event
{
const TOKEN_POPULATED = 'id_token.populated';
public const TOKEN_POPULATED = 'id_token.populated';

/**
* @var IdToken
Expand Down
3 changes: 2 additions & 1 deletion src/ProviderController.php
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
<?php

// FIXME: This class used Laravel classes
namespace Idaas\OpenID;

use Illuminate\Http\Request;
Expand Down Expand Up @@ -52,7 +53,7 @@ public function jwks(ProviderRepository $providerRepository)

$key = $crypt->x509;
$key = str_replace(array('-----BEGIN CERTIFICATE-----','-----END CERTIFICATE-----',"\r", "\n", " "), "", $key);
$keyForParsing = "-----BEGIN CERTIFICATE-----\n".chunk_split($key, 64, "\n")."-----END CERTIFICATE-----\n";
$keyForParsing = "-----BEGIN CERTIFICATE-----\n" . chunk_split($key, 64, "\n") . "-----END CERTIFICATE-----\n";

$result = openssl_pkey_get_details(openssl_pkey_get_public(openssl_x509_read($keyForParsing)));

Expand Down
1 change: 0 additions & 1 deletion src/Repositories/AccessTokenRepositoryInterface.php
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@

interface AccessTokenRepositoryInterface extends LeagueAccessTokenRepositoryInterface
{

/**
* @param array $claims ClaimEntityInterface[]
*/
Expand Down
2 changes: 1 addition & 1 deletion src/Repositories/ClaimRepositoryInterface.php
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ public function getClaimEntityByIdentifier($identifier, $type, $essential);
/**
* @return ClaimEntityInterface[]
*/
public function getClaimsByScope(ScopeEntityInterface $scope) : iterable;
public function getClaimsByScope(ScopeEntityInterface $scope): iterable;

public function claimsRequestToEntities(array $json = null);
}
1 change: 0 additions & 1 deletion src/ResponseHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@

class ResponseHandler
{

protected $handlers;

public function __construct()
Expand Down
3 changes: 2 additions & 1 deletion src/ResponseHandlers/RedirectResponseHandler.php
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,8 @@ public function generateResponse(AuthenticationRequest $authenticationRequest, $
{
$queryDelimiter = '?';

if ($authenticationRequest->getResponseMode() === 'fragment' ||
if (
$authenticationRequest->getResponseMode() === 'fragment' ||
strpos($authenticationRequest->getResponseType(), 'code') === false
) {
$queryDelimiter = '#';
Expand Down
2 changes: 1 addition & 1 deletion src/SessionInformation.php
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ public static function fromJSON($json)

public function toJSON()
{
return json_encode(['acr'=>$this->acr, 'amr'=>$this->amr,'azp'=>$this->azp]);
return json_encode(['acr' => $this->acr, 'amr' => $this->amr,'azp' => $this->azp]);
}

public function __toString()
Expand Down
1 change: 0 additions & 1 deletion src/UserInfo.php
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@

class UserInfo
{

protected $userRepository;
protected $tokenRepository;
protected $resourceServer;
Expand Down

0 comments on commit 75ccb95

Please sign in to comment.