Tiqr /
tiqr-server-libphp
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | |
| 20 | 20 | use Psr\Log\LoggerInterface; |
| 21 | 21 | |
| 22 | -require_once(__DIR__ . '/../OATH/OCRAParser.php'); |
|
| 22 | +require_once(__DIR__.'/../OATH/OCRAParser.php'); |
|
| 23 | 23 | |
| 24 | 24 | abstract class Tiqr_OcraService_Abstract implements Tiqr_OcraService_Interface |
| 25 | 25 | { |
@@ -37,7 +37,7 @@ discard block |
||
| 37 | 37 | $this->logger = $logger; |
| 38 | 38 | |
| 39 | 39 | // Set the OCRA suite |
| 40 | - $this->_ocraSuite = $config['ocra.suite'] ?? 'OCRA-1:HOTP-SHA1-6:QH10-S'; // Use tiqr server default suite |
|
| 40 | + $this->_ocraSuite = $config['ocra.suite'] ?? 'OCRA-1:HOTP-SHA1-6:QH10-S'; // Use tiqr server default suite |
|
| 41 | 41 | $this->_ocraParser = new OATH_OCRAParser($this->_ocraSuite); |
| 42 | 42 | } |
| 43 | 43 | |
@@ -547,17 +547,17 @@ discard block |
||
| 547 | 547 | } |
| 548 | 548 | |
| 549 | 549 | $metadata = array("service"=> |
| 550 | - array("displayName" => $this->_name, |
|
| 551 | - "identifier" => $this->_identifier, |
|
| 552 | - "logoUrl" => $this->_logoUrl, |
|
| 553 | - "infoUrl" => $this->_infoUrl, |
|
| 554 | - "authenticationUrl" => $authenticationUrl, |
|
| 555 | - "ocraSuite" => $this->_ocraSuite, |
|
| 556 | - "enrollmentUrl" => $enrollmentUrl |
|
| 557 | - ), |
|
| 558 | - "identity"=> |
|
| 559 | - array("identifier" =>$data["userId"], |
|
| 560 | - "displayName"=>$data["displayName"])); |
|
| 550 | + array("displayName" => $this->_name, |
|
| 551 | + "identifier" => $this->_identifier, |
|
| 552 | + "logoUrl" => $this->_logoUrl, |
|
| 553 | + "infoUrl" => $this->_infoUrl, |
|
| 554 | + "authenticationUrl" => $authenticationUrl, |
|
| 555 | + "ocraSuite" => $this->_ocraSuite, |
|
| 556 | + "enrollmentUrl" => $enrollmentUrl |
|
| 557 | + ), |
|
| 558 | + "identity"=> |
|
| 559 | + array("identifier" =>$data["userId"], |
|
| 560 | + "displayName"=>$data["displayName"])); |
|
| 561 | 561 | |
| 562 | 562 | $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
| 563 | 563 | |
@@ -587,27 +587,27 @@ discard block |
||
| 587 | 587 | */ |
| 588 | 588 | public function getEnrollmentSecret(string $enrollmentKey): string |
| 589 | 589 | { |
| 590 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 591 | - if (!is_array($data)) { |
|
| 592 | - $this->logger->error('getEnrollmentSecret: enrollment key not found'); |
|
| 593 | - throw new RuntimeException('enrollment key not found'); |
|
| 594 | - } |
|
| 595 | - $userId = $data["userId"] ?? NULL; |
|
| 596 | - $sessionId = $data["sessionId"] ?? NULL; |
|
| 597 | - if (!is_string($userId) || !(is_string($sessionId))) { |
|
| 598 | - throw new RuntimeException('getEnrollmentSecret: invalid enrollment data'); |
|
| 599 | - } |
|
| 600 | - $enrollmentData = [ |
|
| 601 | - "userId" => $userId, |
|
| 602 | - "sessionId" => $sessionId |
|
| 603 | - ]; |
|
| 604 | - $enrollmentSecret = $this->_uniqueSessionKey(); |
|
| 605 | - $this->_stateStorage->setValue( |
|
| 606 | - self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret, |
|
| 607 | - $enrollmentData, |
|
| 608 | - self::ENROLLMENT_EXPIRE |
|
| 609 | - ); |
|
| 610 | - return $enrollmentSecret; |
|
| 590 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 591 | + if (!is_array($data)) { |
|
| 592 | + $this->logger->error('getEnrollmentSecret: enrollment key not found'); |
|
| 593 | + throw new RuntimeException('enrollment key not found'); |
|
| 594 | + } |
|
| 595 | + $userId = $data["userId"] ?? NULL; |
|
| 596 | + $sessionId = $data["sessionId"] ?? NULL; |
|
| 597 | + if (!is_string($userId) || !(is_string($sessionId))) { |
|
| 598 | + throw new RuntimeException('getEnrollmentSecret: invalid enrollment data'); |
|
| 599 | + } |
|
| 600 | + $enrollmentData = [ |
|
| 601 | + "userId" => $userId, |
|
| 602 | + "sessionId" => $sessionId |
|
| 603 | + ]; |
|
| 604 | + $enrollmentSecret = $this->_uniqueSessionKey(); |
|
| 605 | + $this->_stateStorage->setValue( |
|
| 606 | + self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret, |
|
| 607 | + $enrollmentData, |
|
| 608 | + self::ENROLLMENT_EXPIRE |
|
| 609 | + ); |
|
| 610 | + return $enrollmentSecret; |
|
| 611 | 611 | } |
| 612 | 612 | |
| 613 | 613 | /** |
@@ -263,8 +263,7 @@ discard block |
||
| 263 | 263 | if (isset($options['ocraservice']) && $options['ocraservice']['type'] != 'tiqr') { |
| 264 | 264 | $options['ocraservice']['ocra.suite'] = $this->_ocraSuite; |
| 265 | 265 | $this->_ocraService = Tiqr_OcraService::getOcraService($options['ocraservice']['type'], $options['ocraservice'], $logger); |
| 266 | - } |
|
| 267 | - else { // Create default ocraservice |
|
| 266 | + } else { // Create default ocraservice |
|
| 268 | 267 | $this->_ocraService = Tiqr_OcraService::getOcraService('tiqr', array('ocra.suite' => $this->_ocraSuite), $logger); |
| 269 | 268 | } |
| 270 | 269 | } |
@@ -487,7 +486,9 @@ discard block |
||
| 487 | 486 | $sessionId = session_id(); |
| 488 | 487 | } |
| 489 | 488 | $status = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_STATUS.$sessionId); |
| 490 | - if (is_null($status)) return self::ENROLLMENT_STATUS_IDLE; |
|
| 489 | + if (is_null($status)) { |
|
| 490 | + return self::ENROLLMENT_STATUS_IDLE; |
|
| 491 | + } |
|
| 491 | 492 | return $status; |
| 492 | 493 | } |
| 493 | 494 | |
@@ -843,8 +844,7 @@ discard block |
||
| 843 | 844 | |
| 844 | 845 | try { |
| 845 | 846 | return $this->_stateStorage->getValue("authenticated_".$sessionId); |
| 846 | - } |
|
| 847 | - catch (Exception $e) { |
|
| 847 | + } catch (Exception $e) { |
|
| 848 | 848 | $this->logger->error('getAuthenticatedUser failed', array('exception'=>$e)); |
| 849 | 849 | return NULL; |
| 850 | 850 | } |
@@ -116,7 +116,7 @@ discard block |
||
| 116 | 116 | // INVALID_USERID: The client authenticated a different user than the server expected. This error is returned when |
| 117 | 117 | // the application stated an authentication session specifying the userId and later during the authentication |
| 118 | 118 | // provides a different userId |
| 119 | - const AUTH_RESULT_INVALID_USERID = 5; |
|
| 119 | + const AUTH_RESULT_INVALID_USERID = 5; |
|
| 120 | 120 | |
| 121 | 121 | /** |
| 122 | 122 | * The default OCRA Suite (RFC 6287) to use for authentication in Tiqr |
@@ -240,7 +240,7 @@ discard block |
||
| 240 | 240 | * @param int $version The tiqr protocol version to use (defaults to the latest) |
| 241 | 241 | * @throws Exception |
| 242 | 242 | */ |
| 243 | - public function __construct(LoggerInterface $logger, array $options=array(), int $version = 2) |
|
| 243 | + public function __construct(LoggerInterface $logger, array $options = array(), int $version = 2) |
|
| 244 | 244 | { |
| 245 | 245 | $this->_options = $options; // Used to later get settings for Tiqr_Message_* |
| 246 | 246 | $this->logger = $logger; |
@@ -354,7 +354,7 @@ discard block |
||
| 354 | 354 | |
| 355 | 355 | $this->logger->info(sprintf('Creating and sending a %s push notification', $notificationType)); |
| 356 | 356 | $message->setId(time()); |
| 357 | - $message->setText("Please authenticate for " . $this->_name); |
|
| 357 | + $message->setText("Please authenticate for ".$this->_name); |
|
| 358 | 358 | $message->setAddress($notificationAddress); |
| 359 | 359 | $message->setCustomProperty('challenge', $this->_getChallengeUrl($sessionKey)); |
| 360 | 360 | $message->send(); |
@@ -400,13 +400,13 @@ discard block |
||
| 400 | 400 | * @return string The authentication sessionKey |
| 401 | 401 | * @throws Exception when starting the authentication session failed |
| 402 | 402 | */ |
| 403 | - public function startAuthenticationSession(string $userId="", string $sessionId="", string $spIdentifier=""): string |
|
| 403 | + public function startAuthenticationSession(string $userId = "", string $sessionId = "", string $spIdentifier = ""): string |
|
| 404 | 404 | { |
| 405 | - if ($sessionId=="") { |
|
| 405 | + if ($sessionId == "") { |
|
| 406 | 406 | $sessionId = session_id(); |
| 407 | 407 | } |
| 408 | 408 | |
| 409 | - if ($spIdentifier=="") { |
|
| 409 | + if ($spIdentifier == "") { |
|
| 410 | 410 | $spIdentifier = $this->_identifier; |
| 411 | 411 | } |
| 412 | 412 | |
@@ -415,11 +415,11 @@ discard block |
||
| 415 | 415 | |
| 416 | 416 | $data = array("sessionId"=>$sessionId, "challenge"=>$challenge, "spIdentifier" => $spIdentifier); |
| 417 | 417 | |
| 418 | - if ($userId!="") { |
|
| 418 | + if ($userId != "") { |
|
| 419 | 419 | $data["userId"] = $userId; |
| 420 | 420 | } |
| 421 | 421 | |
| 422 | - $this->_stateStorage->setValue(self::PREFIX_CHALLENGE . $sessionKey, $data, self::CHALLENGE_EXPIRE); |
|
| 422 | + $this->_stateStorage->setValue(self::PREFIX_CHALLENGE.$sessionKey, $data, self::CHALLENGE_EXPIRE); |
|
| 423 | 423 | |
| 424 | 424 | return $sessionKey; |
| 425 | 425 | } |
@@ -439,9 +439,9 @@ discard block |
||
| 439 | 439 | * @return String The enrollment key |
| 440 | 440 | * @throws Exception when start the enrollement session failed |
| 441 | 441 | */ |
| 442 | - public function startEnrollmentSession(string $userId, string $displayName, string $sessionId=""): string |
|
| 442 | + public function startEnrollmentSession(string $userId, string $displayName, string $sessionId = ""): string |
|
| 443 | 443 | { |
| 444 | - if ($sessionId=="") { |
|
| 444 | + if ($sessionId == "") { |
|
| 445 | 445 | $sessionId = session_id(); |
| 446 | 446 | } |
| 447 | 447 | $enrollmentKey = $this->_uniqueSessionKey(); |
@@ -450,7 +450,7 @@ discard block |
||
| 450 | 450 | "displayName" => $displayName, |
| 451 | 451 | "sessionId" => $sessionId |
| 452 | 452 | ]; |
| 453 | - $this->_stateStorage->setValue(self::PREFIX_ENROLLMENT . $enrollmentKey, $data, self::ENROLLMENT_EXPIRE); |
|
| 453 | + $this->_stateStorage->setValue(self::PREFIX_ENROLLMENT.$enrollmentKey, $data, self::ENROLLMENT_EXPIRE); |
|
| 454 | 454 | $this->_setEnrollmentStatus($sessionId, self::ENROLLMENT_STATUS_INITIALIZED); |
| 455 | 455 | |
| 456 | 456 | return $enrollmentKey; |
@@ -461,9 +461,9 @@ discard block |
||
| 461 | 461 | * @param string $sessionId The application's session identifier (defaults to php session) |
| 462 | 462 | * @throws Exception when resetting the session failed |
| 463 | 463 | */ |
| 464 | - public function resetEnrollmentSession(string $sessionId=""): void |
|
| 464 | + public function resetEnrollmentSession(string $sessionId = ""): void |
|
| 465 | 465 | { |
| 466 | - if ($sessionId=="") { |
|
| 466 | + if ($sessionId == "") { |
|
| 467 | 467 | $sessionId = session_id(); |
| 468 | 468 | } |
| 469 | 469 | |
@@ -498,9 +498,9 @@ discard block |
||
| 498 | 498 | * |
| 499 | 499 | * @throws Exception when an error communicating with the state storage backend was detected |
| 500 | 500 | */ |
| 501 | - public function getEnrollmentStatus(string $sessionId=""): int |
|
| 501 | + public function getEnrollmentStatus(string $sessionId = ""): int |
|
| 502 | 502 | { |
| 503 | - if ($sessionId=="") { |
|
| 503 | + if ($sessionId == "") { |
|
| 504 | 504 | $sessionId = session_id(); |
| 505 | 505 | } |
| 506 | 506 | $status = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_STATUS.$sessionId); |
@@ -557,7 +557,7 @@ discard block |
||
| 557 | 557 | */ |
| 558 | 558 | public function getEnrollmentMetadata(string $enrollmentKey, string $authenticationUrl, string $enrollmentUrl): array |
| 559 | 559 | { |
| 560 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 560 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT.$enrollmentKey); |
|
| 561 | 561 | if (!is_array($data)) { |
| 562 | 562 | $this->logger->error('Unable to find enrollment metadata in state storage'); |
| 563 | 563 | throw new Exception('Unable to find enrollment metadata in state storage'); |
@@ -576,7 +576,7 @@ discard block |
||
| 576 | 576 | array("identifier" =>$data["userId"], |
| 577 | 577 | "displayName"=>$data["displayName"])); |
| 578 | 578 | |
| 579 | - $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 579 | + $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT.$enrollmentKey); |
|
| 580 | 580 | |
| 581 | 581 | $this->_setEnrollmentStatus($data["sessionId"], self::ENROLLMENT_STATUS_RETRIEVED); |
| 582 | 582 | return $metadata; |
@@ -604,7 +604,7 @@ discard block |
||
| 604 | 604 | */ |
| 605 | 605 | public function getEnrollmentSecret(string $enrollmentKey): string |
| 606 | 606 | { |
| 607 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 607 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT.$enrollmentKey); |
|
| 608 | 608 | if (!is_array($data)) { |
| 609 | 609 | $this->logger->error('getEnrollmentSecret: enrollment key not found'); |
| 610 | 610 | throw new RuntimeException('enrollment key not found'); |
@@ -620,7 +620,7 @@ discard block |
||
| 620 | 620 | ]; |
| 621 | 621 | $enrollmentSecret = $this->_uniqueSessionKey(); |
| 622 | 622 | $this->_stateStorage->setValue( |
| 623 | - self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret, |
|
| 623 | + self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret, |
|
| 624 | 624 | $enrollmentData, |
| 625 | 625 | self::ENROLLMENT_EXPIRE |
| 626 | 626 | ); |
@@ -648,11 +648,11 @@ discard block |
||
| 648 | 648 | public function validateEnrollmentSecret(string $enrollmentSecret): string |
| 649 | 649 | { |
| 650 | 650 | try { |
| 651 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret); |
|
| 651 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret); |
|
| 652 | 652 | if (NULL === $data) { |
| 653 | 653 | throw new RuntimeException('Enrollment secret not found'); |
| 654 | 654 | } |
| 655 | - if ( !is_array($data) || !is_string($data["userId"] ?? NULL)) { |
|
| 655 | + if (!is_array($data) || !is_string($data["userId"] ?? NULL)) { |
|
| 656 | 656 | throw new RuntimeException('Invalid enrollment data'); |
| 657 | 657 | } |
| 658 | 658 | |
@@ -682,17 +682,17 @@ discard block |
||
| 682 | 682 | public function finalizeEnrollment(string $enrollmentSecret): bool |
| 683 | 683 | { |
| 684 | 684 | try { |
| 685 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret); |
|
| 685 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret); |
|
| 686 | 686 | if (NULL === $data) { |
| 687 | 687 | throw new RuntimeException('Enrollment secret not found'); |
| 688 | 688 | } |
| 689 | 689 | if (is_array($data)) { |
| 690 | 690 | // Enrollment is finalized, destroy our session data. |
| 691 | - $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret); |
|
| 691 | + $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret); |
|
| 692 | 692 | $this->_setEnrollmentStatus($data["sessionId"], self::ENROLLMENT_STATUS_FINALIZED); |
| 693 | 693 | } else { |
| 694 | 694 | $this->logger->error( |
| 695 | - 'Enrollment status is not finalized, enrollmentsecret was not found in state storage. ' . |
|
| 695 | + 'Enrollment status is not finalized, enrollmentsecret was not found in state storage. '. |
|
| 696 | 696 | 'Warning! the method will still return "true" as a result.' |
| 697 | 697 | ); |
| 698 | 698 | } |
@@ -740,7 +740,7 @@ discard block |
||
| 740 | 740 | public function authenticate(string $userId, string $userSecret, string $sessionKey, string $response): int |
| 741 | 741 | { |
| 742 | 742 | try { |
| 743 | - $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE . $sessionKey); |
|
| 743 | + $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE.$sessionKey); |
|
| 744 | 744 | if (is_null($state)) { |
| 745 | 745 | $this->logger->notice('The auth challenge could not be found in the state storage'); |
| 746 | 746 | return self::AUTH_RESULT_INVALID_CHALLENGE; |
@@ -750,9 +750,9 @@ discard block |
||
| 750 | 750 | throw $e; |
| 751 | 751 | } |
| 752 | 752 | |
| 753 | - $sessionId = $state["sessionId"] ?? NULL; // Application's sessionId |
|
| 754 | - $challenge = $state["challenge"] ?? NULL; // The challenge we sent to the Tiqr client |
|
| 755 | - if (!is_string($sessionId) || (!is_string($challenge)) ) { |
|
| 753 | + $sessionId = $state["sessionId"] ?? NULL; // Application's sessionId |
|
| 754 | + $challenge = $state["challenge"] ?? NULL; // The challenge we sent to the Tiqr client |
|
| 755 | + if (!is_string($sessionId) || (!is_string($challenge))) { |
|
| 756 | 756 | throw new RuntimeException('Invalid state for state storage'); |
| 757 | 757 | } |
| 758 | 758 | |
@@ -761,7 +761,7 @@ discard block |
||
| 761 | 761 | $challengeUserId = $state["userId"] ?? NULL; |
| 762 | 762 | |
| 763 | 763 | // If the application requested a specific userId, verify that that is that userId that we're now authenticating |
| 764 | - if ($challengeUserId!==NULL && ($userId !== $challengeUserId)) { |
|
| 764 | + if ($challengeUserId !== NULL && ($userId !== $challengeUserId)) { |
|
| 765 | 765 | $this->logger->error( |
| 766 | 766 | sprintf('Authentication failed: the requested userId "%s" does not match userId "%s" that is being authenticated', |
| 767 | 767 | $challengeUserId, $userId) |
@@ -778,7 +778,7 @@ discard block |
||
| 778 | 778 | |
| 779 | 779 | if ($equal) { |
| 780 | 780 | // Set application session as authenticated |
| 781 | - $this->_stateStorage->setValue(self::PREFIX_AUTHENTICATED . $sessionId, $userId, self::LOGIN_EXPIRE); |
|
| 781 | + $this->_stateStorage->setValue(self::PREFIX_AUTHENTICATED.$sessionId, $userId, self::LOGIN_EXPIRE); |
|
| 782 | 782 | $this->logger->notice(sprintf('Authenticated user "%s" in session "%s"', $userId, $sessionId)); |
| 783 | 783 | |
| 784 | 784 | // Cleanup challenge |
@@ -787,7 +787,7 @@ discard block |
||
| 787 | 787 | // Cleaning up only after successful authentication enables the user to retry authentication after e.g. an |
| 788 | 788 | // invalid response |
| 789 | 789 | try { |
| 790 | - $this->_stateStorage->unsetValue(self::PREFIX_CHALLENGE . $sessionKey); // May throw |
|
| 790 | + $this->_stateStorage->unsetValue(self::PREFIX_CHALLENGE.$sessionKey); // May throw |
|
| 791 | 791 | } catch (Exception $e) { |
| 792 | 792 | // Only log error |
| 793 | 793 | $this->logger->warning('Could not delete authentication session key', array('error' => $e)); |
@@ -809,9 +809,9 @@ discard block |
||
| 809 | 809 | * |
| 810 | 810 | * @throws Exception when there was an error communicating with the storage backed |
| 811 | 811 | */ |
| 812 | - public function logout(string $sessionId=""): void |
|
| 812 | + public function logout(string $sessionId = ""): void |
|
| 813 | 813 | { |
| 814 | - if ($sessionId=="") { |
|
| 814 | + if ($sessionId == "") { |
|
| 815 | 815 | $sessionId = session_id(); |
| 816 | 816 | } |
| 817 | 817 | |
@@ -851,9 +851,9 @@ discard block |
||
| 851 | 851 | * |
| 852 | 852 | * Does not throw |
| 853 | 853 | */ |
| 854 | - public function getAuthenticatedUser(string $sessionId=""): ?string |
|
| 854 | + public function getAuthenticatedUser(string $sessionId = ""): ?string |
|
| 855 | 855 | { |
| 856 | - if ($sessionId=="") { |
|
| 856 | + if ($sessionId == "") { |
|
| 857 | 857 | $this->logger->debug('Using the PHP session id, as no session id was provided'); |
| 858 | 858 | $sessionId = session_id(); |
| 859 | 859 | } |
@@ -882,7 +882,7 @@ discard block |
||
| 882 | 882 | // We probably just generated the challenge and stored it in the StateStorage |
| 883 | 883 | // We can save a roundtrip to the storage backend here by reusing this information |
| 884 | 884 | |
| 885 | - $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE . $sessionKey); |
|
| 885 | + $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE.$sessionKey); |
|
| 886 | 886 | if (is_null($state)) { |
| 887 | 887 | $this->logger->error( |
| 888 | 888 | sprintf( |
@@ -897,22 +897,22 @@ discard block |
||
| 897 | 897 | $challenge = $state["challenge"] ?? ''; |
| 898 | 898 | $spIdentifier = $state["spIdentifier"] ?? ''; |
| 899 | 899 | |
| 900 | - if ( (strpos($this->_protocolAuth, 'https://') === 0) || (strpos($this->_protocolAuth, 'http://') === 0) ) { |
|
| 900 | + if ((strpos($this->_protocolAuth, 'https://') === 0) || (strpos($this->_protocolAuth, 'http://') === 0)) { |
|
| 901 | 901 | // Create universal Link |
| 902 | - $parameters=array(); |
|
| 902 | + $parameters = array(); |
|
| 903 | 903 | if (!is_null($userId)) { |
| 904 | - $parameters[]='u='.urlencode($userId); |
|
| 904 | + $parameters[] = 'u='.urlencode($userId); |
|
| 905 | 905 | } |
| 906 | - $parameters[]='s='.urlencode($sessionKey); |
|
| 907 | - $parameters[]='q='.urlencode($challenge); |
|
| 908 | - $parameters[]='i='.urlencode($this->getIdentifier()); |
|
| 909 | - $parameters[]='v='.urlencode($this->_protocolVersion); |
|
| 906 | + $parameters[] = 's='.urlencode($sessionKey); |
|
| 907 | + $parameters[] = 'q='.urlencode($challenge); |
|
| 908 | + $parameters[] = 'i='.urlencode($this->getIdentifier()); |
|
| 909 | + $parameters[] = 'v='.urlencode($this->_protocolVersion); |
|
| 910 | 910 | return $this->_protocolAuth.'?'.implode('&', $parameters); |
| 911 | 911 | } |
| 912 | 912 | |
| 913 | 913 | // Create custom URL scheme |
| 914 | 914 | // Last bit is the spIdentifier |
| 915 | - return $this->_protocolAuth."://".(!is_null($userId)?urlencode($userId).'@':'').$this->getIdentifier()."/".$sessionKey."/".$challenge."/".urlencode($spIdentifier)."/".$this->_protocolVersion; |
|
| 915 | + return $this->_protocolAuth."://".(!is_null($userId) ?urlencode($userId).'@' : '').$this->getIdentifier()."/".$sessionKey."/".$challenge."/".urlencode($spIdentifier)."/".$this->_protocolVersion; |
|
| 916 | 916 | } |
| 917 | 917 | |
| 918 | 918 | /** |
@@ -923,7 +923,7 @@ discard block |
||
| 923 | 923 | { |
| 924 | 924 | // The are two formats see: https://tiqr.org/technical/protocol/ |
| 925 | 925 | |
| 926 | - if ( (strpos($this->_protocolEnroll, 'https://') === 0) || (strpos($this->_protocolEnroll, 'http://') === 0) ) { |
|
| 926 | + if ((strpos($this->_protocolEnroll, 'https://') === 0) || (strpos($this->_protocolEnroll, 'http://') === 0)) { |
|
| 927 | 927 | // Create universal Link |
| 928 | 928 | return $this->_protocolEnroll.'?metadata='.urlencode($metadataUrl); |
| 929 | 929 | } |
@@ -942,7 +942,7 @@ discard block |
||
| 942 | 942 | protected function _uniqueSessionKey(): string |
| 943 | 943 | { |
| 944 | 944 | |
| 945 | - return bin2hex( Tiqr_Random::randomBytes(self::SESSION_KEY_LENGTH_BYTES) ); |
|
| 945 | + return bin2hex(Tiqr_Random::randomBytes(self::SESSION_KEY_LENGTH_BYTES)); |
|
| 946 | 946 | } |
| 947 | 947 | |
| 948 | 948 | /** |
@@ -42,7 +42,7 @@ |
||
| 42 | 42 | public static function randomBytes(int $length): string |
| 43 | 43 | { |
| 44 | 44 | // Get $length cryptographically secure pseudo-random bytes |
| 45 | - $rnd=\random_bytes($length); |
|
| 45 | + $rnd = \random_bytes($length); |
|
| 46 | 46 | |
| 47 | 47 | if (strlen($rnd) !== $length) { |
| 48 | 48 | throw new Exception("random_bytes did not return the requested number of bytes"); |
@@ -47,7 +47,7 @@ |
||
| 47 | 47 | * @throws RuntimeException When the options configuration array misses a required parameter |
| 48 | 48 | * |
| 49 | 49 | */ |
| 50 | - public static function getStorage(string $type="file", array $options=array(), LoggerInterface $logger) |
|
| 50 | + public static function getStorage(string $type = "file", array $options = array(), LoggerInterface $logger) |
|
| 51 | 51 | { |
| 52 | 52 | switch ($type) { |
| 53 | 53 | case "file": |
@@ -22,6 +22,6 @@ |
||
| 22 | 22 | { |
| 23 | 23 | // $code must be int, otherwise this throws with Error("Wrong parameters for ReadWriteException") |
| 24 | 24 | // PDOException::getCode() can return a sting |
| 25 | - return new self($e->getMessage(), (int)$e->getCode(), $e ); |
|
| 25 | + return new self($e->getMessage(), (int) $e->getCode(), $e); |
|
| 26 | 26 | } |
| 27 | 27 | } |
