|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace roaresearch\yii2\oauth2server\filters; |
|
4
|
|
|
|
|
5
|
|
|
use roaresearch\yii2\oauth2server\{exceptions\HttpTokenException, Module}; |
|
6
|
|
|
use Yii; |
|
7
|
|
|
use yii\web\HttpException; |
|
8
|
|
|
|
|
9
|
|
|
/** |
|
10
|
|
|
* Trait to be applied to `\yii\base\Filter` classes which initialize the |
|
11
|
|
|
* OAuth2 Server and handles its responses. |
|
12
|
|
|
*/ |
|
13
|
|
|
trait ErrorToExceptionTrait |
|
14
|
|
|
{ |
|
15
|
|
|
/** |
|
16
|
|
|
* @var string the unique id for the oauth2 module |
|
17
|
|
|
*/ |
|
18
|
|
|
public string|Module $oauth2Module = 'oauth2'; |
|
19
|
|
|
|
|
20
|
|
|
/** |
|
21
|
|
|
* @inheritdoc |
|
22
|
|
|
*/ |
|
23
|
10 |
|
public function beforeAction($action): bool |
|
24
|
|
|
{ |
|
25
|
|
|
|
|
26
|
10 |
|
if (parent::beforeAction($action)) { |
|
27
|
9 |
|
if (is_string($this->oauth2Module)) { |
|
28
|
4 |
|
$this->oauth2Module = Yii::$app->getModule( |
|
|
|
|
|
|
29
|
4 |
|
$this->oauth2Module |
|
30
|
|
|
); |
|
31
|
|
|
} |
|
32
|
9 |
|
$this->oauth2Module->initOauth2Server(); |
|
33
|
|
|
|
|
34
|
9 |
|
return true; |
|
35
|
|
|
} |
|
36
|
|
|
|
|
37
|
|
|
return false; |
|
38
|
|
|
} |
|
39
|
|
|
|
|
40
|
|
|
/** |
|
41
|
|
|
* @inheritdoc |
|
42
|
|
|
*/ |
|
43
|
8 |
|
public function afterAction($event, $result) |
|
44
|
|
|
{ |
|
45
|
8 |
|
$this->ensureSuccessResponse(); |
|
46
|
|
|
|
|
47
|
6 |
|
return $result; |
|
48
|
|
|
} |
|
49
|
|
|
|
|
50
|
|
|
/** |
|
51
|
|
|
* Ensures that the OAuth2 Server returned a success response, otherwise |
|
52
|
|
|
* throws an `HttpTokenException` |
|
53
|
|
|
* @throws HttpTokenException |
|
54
|
|
|
*/ |
|
55
|
9 |
|
protected function ensureSuccessResponse(): void |
|
56
|
|
|
{ |
|
57
|
9 |
|
$response = $this->oauth2Module->getResponse(); |
|
58
|
9 |
|
if($response === null |
|
59
|
9 |
|
|| $response->isInformational() |
|
60
|
9 |
|
|| $response->isSuccessful() |
|
61
|
9 |
|
|| $response->isRedirection() |
|
62
|
|
|
) { |
|
63
|
6 |
|
return; |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
3 |
|
throw new HttpTokenException( |
|
67
|
3 |
|
$response->getStatusCode(), |
|
68
|
3 |
|
$this->getErrorMessage($response), |
|
69
|
3 |
|
$response->getParameter('error_uri') |
|
70
|
|
|
); |
|
71
|
|
|
} |
|
72
|
|
|
|
|
73
|
|
|
/** |
|
74
|
|
|
* Returns the translated error message on an unsuccessful response. |
|
75
|
|
|
* |
|
76
|
|
|
* @param \OAuth2\Response $response |
|
77
|
|
|
* @return string |
|
78
|
|
|
*/ |
|
79
|
3 |
|
protected function getErrorMessage(\OAuth2\Response $response): string |
|
80
|
|
|
{ |
|
81
|
3 |
|
return Module::t( |
|
82
|
|
|
'oauth2server', |
|
83
|
3 |
|
$response->getParameter('error_description') |
|
84
|
|
|
) |
|
85
|
|
|
?: Module::t( |
|
86
|
|
|
'oauth2server', |
|
87
|
|
|
'An internal server error occurred' |
|
88
|
|
|
); |
|
89
|
|
|
} |
|
90
|
|
|
} |
|
91
|
|
|
|
ROAResearch /
yii2-oauth2-server
Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly.
For example, imagine you have a variable
$accountIdthat can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to theidproperty of an instance of theAccountclass. This class holds a proper account, so the id value must no longer be false.Either this assignment is in error or a type check should be added for that assignment.