This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace OAuth\Common\Storage; |
||
4 | |||
5 | use OAuth\Common\Storage\Exception\AuthorizationStateNotFoundException; |
||
6 | use OAuth\Common\Storage\Exception\TokenNotFoundException; |
||
7 | use OAuth\Common\Token\TokenInterface; |
||
8 | use Predis\Client as Predis; |
||
9 | |||
10 | // Stores a token in a Redis server. Requires the Predis library available at https://github.com/nrk/predis |
||
11 | class Redis implements TokenStorageInterface |
||
12 | { |
||
13 | /** |
||
14 | * @var string |
||
15 | */ |
||
16 | protected $key; |
||
17 | |||
18 | protected $stateKey; |
||
19 | |||
20 | /** |
||
21 | * @var object|\Redis |
||
22 | */ |
||
23 | protected $redis; |
||
24 | |||
25 | /** |
||
26 | * @var object|TokenInterface |
||
27 | */ |
||
28 | protected $cachedTokens; |
||
29 | |||
30 | /** |
||
31 | * @var object |
||
32 | */ |
||
33 | protected $cachedStates; |
||
34 | |||
35 | /** |
||
36 | * @param Predis $redis An instantiated and connected redis client |
||
37 | * @param string $key The key to store the token under in redis |
||
38 | * @param string $stateKey the key to store the state under in redis |
||
39 | */ |
||
40 | public function __construct(Predis $redis, $key, $stateKey) |
||
41 | { |
||
42 | $this->redis = $redis; |
||
43 | $this->key = $key; |
||
44 | $this->stateKey = $stateKey; |
||
45 | $this->cachedTokens = []; |
||
46 | $this->cachedStates = []; |
||
0 ignored issues
–
show
|
|||
47 | } |
||
48 | |||
49 | /** |
||
50 | * {@inheritdoc} |
||
51 | */ |
||
52 | public function retrieveAccessToken($service) |
||
53 | { |
||
54 | if (!$this->hasAccessToken($service)) { |
||
55 | throw new TokenNotFoundException('Token not found in redis'); |
||
56 | } |
||
57 | |||
58 | if (isset($this->cachedTokens[$service])) { |
||
59 | return $this->cachedTokens[$service]; |
||
60 | } |
||
61 | |||
62 | $val = $this->redis->hget($this->key, $service); |
||
63 | |||
64 | return $this->cachedTokens[$service] = unserialize($val); |
||
65 | } |
||
66 | |||
67 | /** |
||
68 | * {@inheritdoc} |
||
69 | */ |
||
70 | public function storeAccessToken($service, TokenInterface $token) |
||
71 | { |
||
72 | // (over)write the token |
||
73 | $this->redis->hset($this->key, $service, serialize($token)); |
||
74 | $this->cachedTokens[$service] = $token; |
||
75 | |||
76 | // allow chaining |
||
77 | return $this; |
||
78 | } |
||
79 | |||
80 | /** |
||
81 | * {@inheritdoc} |
||
82 | */ |
||
83 | public function hasAccessToken($service) |
||
84 | { |
||
85 | if (isset($this->cachedTokens[$service]) |
||
86 | && $this->cachedTokens[$service] instanceof TokenInterface |
||
87 | ) { |
||
88 | return true; |
||
89 | } |
||
90 | |||
91 | return $this->redis->hexists($this->key, $service); |
||
92 | } |
||
93 | |||
94 | /** |
||
95 | * {@inheritdoc} |
||
96 | */ |
||
97 | public function clearToken($service) |
||
98 | { |
||
99 | $this->redis->hdel($this->key, $service); |
||
100 | unset($this->cachedTokens[$service]); |
||
101 | |||
102 | // allow chaining |
||
103 | return $this; |
||
104 | } |
||
105 | |||
106 | /** |
||
107 | * {@inheritdoc} |
||
108 | */ |
||
109 | public function clearAllTokens() |
||
110 | { |
||
111 | // memory |
||
112 | $this->cachedTokens = []; |
||
0 ignored issues
–
show
It seems like
array() of type array is incompatible with the declared type object of property $cachedTokens .
Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property..
Loading history...
|
|||
113 | |||
114 | // redis |
||
115 | $keys = $this->redis->hkeys($this->key); |
||
116 | $me = $this; // 5.3 compat |
||
117 | |||
118 | // pipeline for performance |
||
119 | $this->redis->pipeline( |
||
120 | function ($pipe) use ($keys, $me): void { |
||
121 | foreach ($keys as $k) { |
||
122 | $pipe->hdel($me->getKey(), $k); |
||
123 | } |
||
124 | } |
||
125 | ); |
||
126 | |||
127 | // allow chaining |
||
128 | return $this; |
||
129 | } |
||
130 | |||
131 | /** |
||
132 | * {@inheritdoc} |
||
133 | */ |
||
134 | public function retrieveAuthorizationState($service) |
||
135 | { |
||
136 | if (!$this->hasAuthorizationState($service)) { |
||
137 | throw new AuthorizationStateNotFoundException('State not found in redis'); |
||
138 | } |
||
139 | |||
140 | if (isset($this->cachedStates[$service])) { |
||
141 | return $this->cachedStates[$service]; |
||
142 | } |
||
143 | |||
144 | $val = $this->redis->hget($this->stateKey, $service); |
||
145 | |||
146 | return $this->cachedStates[$service] = $val; |
||
147 | } |
||
148 | |||
149 | /** |
||
150 | * {@inheritdoc} |
||
151 | */ |
||
152 | public function storeAuthorizationState($service, $state) |
||
153 | { |
||
154 | // (over)write the token |
||
155 | $this->redis->hset($this->stateKey, $service, $state); |
||
156 | $this->cachedStates[$service] = $state; |
||
157 | |||
158 | // allow chaining |
||
159 | return $this; |
||
160 | } |
||
161 | |||
162 | /** |
||
163 | * {@inheritdoc} |
||
164 | */ |
||
165 | public function hasAuthorizationState($service) |
||
166 | { |
||
167 | if (isset($this->cachedStates[$service]) |
||
168 | && null !== $this->cachedStates[$service] |
||
169 | ) { |
||
170 | return true; |
||
171 | } |
||
172 | |||
173 | return $this->redis->hexists($this->stateKey, $service); |
||
174 | } |
||
175 | |||
176 | /** |
||
177 | * {@inheritdoc} |
||
178 | */ |
||
179 | public function clearAuthorizationState($service) |
||
180 | { |
||
181 | $this->redis->hdel($this->stateKey, $service); |
||
182 | unset($this->cachedStates[$service]); |
||
183 | |||
184 | // allow chaining |
||
185 | return $this; |
||
186 | } |
||
187 | |||
188 | /** |
||
189 | * {@inheritdoc} |
||
190 | */ |
||
191 | public function clearAllAuthorizationStates() |
||
192 | { |
||
193 | // memory |
||
194 | $this->cachedStates = []; |
||
0 ignored issues
–
show
It seems like
array() of type array is incompatible with the declared type object of property $cachedStates .
Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property..
Loading history...
|
|||
195 | |||
196 | // redis |
||
197 | $keys = $this->redis->hkeys($this->stateKey); |
||
198 | $me = $this; // 5.3 compat |
||
199 | |||
200 | // pipeline for performance |
||
201 | $this->redis->pipeline( |
||
202 | function ($pipe) use ($keys, $me): void { |
||
203 | foreach ($keys as $k) { |
||
204 | $pipe->hdel($me->getKey(), $k); |
||
205 | } |
||
206 | } |
||
207 | ); |
||
208 | |||
209 | // allow chaining |
||
210 | return $this; |
||
211 | } |
||
212 | |||
213 | /** |
||
214 | * @return Predis $redis |
||
215 | */ |
||
216 | public function getRedis() |
||
217 | { |
||
218 | return $this->redis; |
||
219 | } |
||
220 | |||
221 | /** |
||
222 | * @return string $key |
||
223 | */ |
||
224 | public function getKey() |
||
225 | { |
||
226 | return $this->key; |
||
227 | } |
||
228 | } |
||
229 |
Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property.
Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property..