|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
declare(strict_types=1); |
|
4
|
|
|
|
|
5
|
|
|
/* |
|
6
|
|
|
* The MIT License (MIT) |
|
7
|
|
|
* |
|
8
|
|
|
* Copyright (c) 2014-2018 Spomky-Labs |
|
9
|
|
|
* |
|
10
|
|
|
* This software may be modified and distributed under the terms |
|
11
|
|
|
* of the MIT license. See the LICENSE file for details. |
|
12
|
|
|
*/ |
|
13
|
|
|
|
|
14
|
|
|
namespace OAuth2Framework\Bundle\Component\Endpoint\ClientRegistration; |
|
15
|
|
|
|
|
16
|
|
|
use Jose\Bundle\JoseFramework\Helper\ConfigurationHelper; |
|
17
|
|
|
use OAuth2Framework\Bundle\Component\Component; |
|
18
|
|
|
use Symfony\Component\Config\Definition\Builder\NodeDefinition; |
|
19
|
|
|
use Symfony\Component\Config\FileLocator; |
|
20
|
|
|
use Symfony\Component\DependencyInjection\ContainerBuilder; |
|
21
|
|
|
use Symfony\Component\DependencyInjection\Loader\PhpFileLoader; |
|
22
|
|
|
|
|
23
|
|
|
class SoftwareStatementSource implements Component |
|
24
|
|
|
{ |
|
25
|
|
|
/** |
|
26
|
|
|
* @return string |
|
27
|
|
|
*/ |
|
28
|
|
|
public function name(): string |
|
29
|
|
|
{ |
|
30
|
|
|
return 'software_statement'; |
|
31
|
|
|
} |
|
32
|
|
|
|
|
33
|
|
|
/** |
|
34
|
|
|
* {@inheritdoc} |
|
35
|
|
|
*/ |
|
36
|
|
|
public function load(array $configs, ContainerBuilder $container) |
|
37
|
|
|
{ |
|
38
|
|
|
if (!$configs['endpoint']['client_registration']['software_statement']['enabled']) { |
|
39
|
|
|
return; |
|
40
|
|
|
} |
|
41
|
|
|
$container->setParameter('oauth2_server.endpoint.client_registration.software_statement.required', $configs['endpoint']['client_registration']['software_statement']['required']); |
|
42
|
|
|
$container->setParameter('oauth2_server.endpoint.client_registration.software_statement.allowed_signature_algorithms', $configs['endpoint']['client_registration']['software_statement']['allowed_signature_algorithms']); |
|
43
|
|
|
$container->setParameter('oauth2_server.endpoint.client_registration.software_statement.key_set', $configs['endpoint']['client_registration']['software_statement']['key_set']); |
|
44
|
|
|
|
|
45
|
|
|
$loader = new PhpFileLoader($container, new FileLocator(__DIR__.'/../../../Resources/config/endpoint/client_registration')); |
|
46
|
|
|
$loader->load('software_statement.php'); |
|
47
|
|
|
} |
|
48
|
|
|
|
|
49
|
|
|
/** |
|
50
|
|
|
* {@inheritdoc} |
|
51
|
|
|
*/ |
|
52
|
|
|
public function getNodeDefinition(NodeDefinition $node) |
|
53
|
|
|
{ |
|
54
|
|
|
$node->children() |
|
55
|
|
|
->arrayNode($this->name()) |
|
56
|
|
|
->addDefaultsIfNotSet() |
|
57
|
|
|
->canBeEnabled() |
|
58
|
|
|
->validate() |
|
59
|
|
|
->ifTrue(function ($config) { |
|
60
|
|
|
return true === $config['enabled'] && empty($config['key_set']); |
|
61
|
|
|
}) |
|
62
|
|
|
->thenInvalid('The option "key_set" must be set.') |
|
63
|
|
|
->end() |
|
64
|
|
|
->validate() |
|
65
|
|
|
->ifTrue(function ($config) { |
|
66
|
|
|
return true === $config['enabled'] && empty($config['allowed_signature_algorithms']); |
|
67
|
|
|
}) |
|
68
|
|
|
->thenInvalid('At least one signature algorithm must be set.') |
|
69
|
|
|
->end() |
|
70
|
|
|
->children() |
|
71
|
|
|
->booleanNode('required')->defaultFalse()->end() |
|
72
|
|
|
->scalarNode('key_set')->end() |
|
73
|
|
|
->arrayNode('allowed_signature_algorithms') |
|
74
|
|
|
->info('Signature algorithms allowed for the software statements. The algorithm "none" should not be used.') |
|
75
|
|
|
->useAttributeAsKey('name') |
|
76
|
|
|
->prototype('scalar')->end() |
|
77
|
|
|
->treatNullLike([]) |
|
78
|
|
|
->end() |
|
79
|
|
|
->end() |
|
80
|
|
|
->end() |
|
81
|
|
|
->end(); |
|
82
|
|
|
} |
|
83
|
|
|
|
|
84
|
|
|
/** |
|
85
|
|
|
* {@inheritdoc} |
|
86
|
|
|
*/ |
|
87
|
|
|
public function build(ContainerBuilder $container) |
|
88
|
|
|
{ |
|
89
|
|
|
//Nothing to do |
|
90
|
|
|
} |
|
91
|
|
|
|
|
92
|
|
|
/** |
|
93
|
|
|
* {@inheritdoc} |
|
94
|
|
|
*/ |
|
95
|
|
|
public function prepend(ContainerBuilder $container, array $config): array |
|
96
|
|
|
{ |
|
97
|
|
|
/*$currentPath = $path.'['.$this->name().']'; |
|
|
|
|
|
|
98
|
|
|
$accessor = PropertyAccess::createPropertyAccessor(); |
|
99
|
|
|
$sourceConfig = $accessor->getValue($config, $currentPath); |
|
100
|
|
|
|
|
101
|
|
|
if (true === $sourceConfig['enabled']) { |
|
102
|
|
|
// FIXME |
|
103
|
|
|
ConfigurationHelper::addJWSLoader($container, $this->name(), $sourceConfig['allowed_signature_algorithms'], [], ['jws_compact'], false); |
|
104
|
|
|
ConfigurationHelper::addKeyset($container, 'client_registration_software_statement.key_set.signature', 'jwkset', ['value' => $sourceConfig['key_set']]); |
|
105
|
|
|
}*/ |
|
106
|
|
|
return []; |
|
107
|
|
|
} |
|
108
|
|
|
} |
|
109
|
|
|
|
OAuth2-Framework /
oauth2-framework
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it.
The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production.
This check looks for comments that seem to be mostly valid code and reports them.