Tiqr /
tiqr-server-libphp
@@ -47,7 +47,7 @@ discard block |
||
| 47 | 47 | /** |
| 48 | 48 | * @see Tiqr_StateStorage_StateStorageInterface::setValue() |
| 49 | 49 | */ |
| 50 | - public function setValue(string $key, $value, int $expire=0): void |
|
| 50 | + public function setValue(string $key, $value, int $expire = 0): void |
|
| 51 | 51 | { |
| 52 | 52 | if (empty($key)) { |
| 53 | 53 | throw new InvalidArgumentException('Empty key not allowed'); |
@@ -109,8 +109,8 @@ discard block |
||
| 109 | 109 | |
| 110 | 110 | private function getPath(): string |
| 111 | 111 | { |
| 112 | - if (substr($this->path, -1)!=="/") { |
|
| 113 | - return $this->path . "/"; |
|
| 112 | + if (substr($this->path, -1) !== "/") { |
|
| 113 | + return $this->path."/"; |
|
| 114 | 114 | } |
| 115 | 115 | return $this->path; |
| 116 | 116 | } |
@@ -51,7 +51,7 @@ discard block |
||
| 51 | 51 | * The default configuration |
| 52 | 52 | */ |
| 53 | 53 | const DEFAULT_HOST = '127.0.0.1'; |
| 54 | - const DEFAULT_PORT = 11211; |
|
| 54 | + const DEFAULT_PORT = 11211; |
|
| 55 | 55 | |
| 56 | 56 | /** |
| 57 | 57 | * Get the prefix to use for all keys in memcache. |
@@ -103,7 +103,7 @@ discard block |
||
| 103 | 103 | /** |
| 104 | 104 | * @see Tiqr_StateStorage_StateStorageInterface::setValue() |
| 105 | 105 | */ |
| 106 | - public function setValue(string $key, $value, int $expire=0): void |
|
| 106 | + public function setValue(string $key, $value, int $expire = 0): void |
|
| 107 | 107 | { |
| 108 | 108 | if (empty($key)) { |
| 109 | 109 | throw new InvalidArgumentException('Empty key not allowed'); |
@@ -157,7 +157,7 @@ discard block |
||
| 157 | 157 | if ($result === false) { |
| 158 | 158 | // Memcache interface does not provide error information, either the key does not exists or |
| 159 | 159 | // there was an error communicating with the memcache |
| 160 | - $this->logger->info( sprintf('Unable to get key "%s" from memcache StateStorage', $key) ); |
|
| 160 | + $this->logger->info(sprintf('Unable to get key "%s" from memcache StateStorage', $key)); |
|
| 161 | 161 | return null; |
| 162 | 162 | } |
| 163 | 163 | return $result; |
@@ -77,7 +77,7 @@ discard block |
||
| 77 | 77 | throw new InvalidArgumentException('Empty key not allowed'); |
| 78 | 78 | } |
| 79 | 79 | try { |
| 80 | - $sth = $this->handle->prepare('SELECT `key` FROM ' . $this->tablename . ' WHERE `key` = ?'); |
|
| 80 | + $sth = $this->handle->prepare('SELECT `key` FROM '.$this->tablename.' WHERE `key` = ?'); |
|
| 81 | 81 | $sth->execute(array($key)); |
| 82 | 82 | return $sth->fetchColumn() !== false; |
| 83 | 83 | } |
@@ -97,9 +97,9 @@ discard block |
||
| 97 | 97 | */ |
| 98 | 98 | private function cleanExpired(): void { |
| 99 | 99 | try { |
| 100 | - $sth = $this->handle->prepare("DELETE FROM " . $this->tablename . " WHERE `expire` < ? AND NOT `expire` = 0"); |
|
| 100 | + $sth = $this->handle->prepare("DELETE FROM ".$this->tablename." WHERE `expire` < ? AND NOT `expire` = 0"); |
|
| 101 | 101 | $sth->execute(array(time())); |
| 102 | - $deletedRows=$sth->rowCount(); |
|
| 102 | + $deletedRows = $sth->rowCount(); |
|
| 103 | 103 | $this->logger->notice( |
| 104 | 104 | sprintf("Deleted %i expired keys", $deletedRows) |
| 105 | 105 | ); |
@@ -115,12 +115,12 @@ discard block |
||
| 115 | 115 | /** |
| 116 | 116 | * @see Tiqr_StateStorage_StateStorageInterface::setValue() |
| 117 | 117 | */ |
| 118 | - public function setValue(string $key, $value, int $expire=0): void |
|
| 118 | + public function setValue(string $key, $value, int $expire = 0): void |
|
| 119 | 119 | { |
| 120 | 120 | if (empty($key)) { |
| 121 | 121 | throw new InvalidArgumentException('Empty key not allowed'); |
| 122 | 122 | } |
| 123 | - if (((float) rand() /(float) getrandmax()) < $this->cleanupProbability) { |
|
| 123 | + if (((float) rand() / (float) getrandmax()) < $this->cleanupProbability) { |
|
| 124 | 124 | $this->cleanExpired(); |
| 125 | 125 | } |
| 126 | 126 | if ($this->keyExists($key)) { |
@@ -130,7 +130,7 @@ discard block |
||
| 130 | 130 | } |
| 131 | 131 | // $expire == 0 means never expire |
| 132 | 132 | if ($expire != 0) { |
| 133 | - $expire+=time(); // Store unix timestamp after which the expires |
|
| 133 | + $expire += time(); // Store unix timestamp after which the expires |
|
| 134 | 134 | } |
| 135 | 135 | try { |
| 136 | 136 | $sth->execute(array(serialize($value), $expire, $key)); |
@@ -153,7 +153,7 @@ discard block |
||
| 153 | 153 | throw new InvalidArgumentException('Empty key not allowed'); |
| 154 | 154 | } |
| 155 | 155 | try { |
| 156 | - $sth = $this->handle->prepare("DELETE FROM " . $this->tablename . " WHERE `key` = ?"); |
|
| 156 | + $sth = $this->handle->prepare("DELETE FROM ".$this->tablename." WHERE `key` = ?"); |
|
| 157 | 157 | $sth->execute(array($key)); |
| 158 | 158 | } |
| 159 | 159 | catch (Exception $e) { |
@@ -183,7 +183,7 @@ discard block |
||
| 183 | 183 | } |
| 184 | 184 | |
| 185 | 185 | try { |
| 186 | - $sth = $this->handle->prepare('SELECT `value` FROM ' . $this->tablename . ' WHERE `key` = ? AND (`expire` >= ? OR `expire` = 0)'); |
|
| 186 | + $sth = $this->handle->prepare('SELECT `value` FROM '.$this->tablename.' WHERE `key` = ? AND (`expire` >= ? OR `expire` = 0)'); |
|
| 187 | 187 | $sth->execute(array($key, time())); |
| 188 | 188 | } |
| 189 | 189 | catch (Exception $e) { |
@@ -197,9 +197,9 @@ discard block |
||
| 197 | 197 | if (false === $result) { |
| 198 | 198 | // Occurs normally |
| 199 | 199 | $this->logger->info(sprintf('getValue: Key "%s" not found in PDO StateStorage', $key)); |
| 200 | - return NULL; // Key not found |
|
| 200 | + return NULL; // Key not found |
|
| 201 | 201 | } |
| 202 | - $result=unserialize($result, array('allowed_classes' => false)); |
|
| 202 | + $result = unserialize($result, array('allowed_classes' => false)); |
|
| 203 | 203 | if (false === $result) { |
| 204 | 204 | throw new RuntimeException(sprintf('getValue: unserialize error for key "%s" in PDO StateStorage', $key)); |
| 205 | 205 | } |
@@ -39,7 +39,7 @@ |
||
| 39 | 39 | * @return Tiqr_OcraService_Interface |
| 40 | 40 | * @throws Exception An exception if an unknown orca service type is requested. |
| 41 | 41 | */ |
| 42 | - public static function getOcraService(string $type="tiqr", array $options=array(), LoggerInterface $logger) |
|
| 42 | + public static function getOcraService(string $type = "tiqr", array $options = array(), LoggerInterface $logger) |
|
| 43 | 43 | { |
| 44 | 44 | switch ($type) { |
| 45 | 45 | case "tiqr": |
@@ -41,7 +41,7 @@ |
||
| 41 | 41 | * |
| 42 | 42 | * @throws Exception An exception if an unknown user storage is requested. |
| 43 | 43 | */ |
| 44 | - public static function getStorage(string $type="file", array $options=array(), LoggerInterface $logger): Tiqr_UserStorage_Interface |
|
| 44 | + public static function getStorage(string $type = "file", array $options = array(), LoggerInterface $logger): Tiqr_UserStorage_Interface |
|
| 45 | 45 | { |
| 46 | 46 | switch ($type) { |
| 47 | 47 | case "file": |
@@ -81,7 +81,7 @@ |
||
| 81 | 81 | 'verifyResponse for user "%s" failed', |
| 82 | 82 | $userId |
| 83 | 83 | ), |
| 84 | - array( 'exception' => $e) |
|
| 84 | + array('exception' => $e) |
|
| 85 | 85 | ); |
| 86 | 86 | return false; |
| 87 | 87 | } |
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | |
| 20 | 20 | use Psr\Log\LoggerInterface; |
| 21 | 21 | |
| 22 | -require_once(__DIR__ . '/../OATH/OCRAParser.php'); |
|
| 22 | +require_once(__DIR__.'/../OATH/OCRAParser.php'); |
|
| 23 | 23 | |
| 24 | 24 | abstract class Tiqr_OcraService_Abstract implements Tiqr_OcraService_Interface |
| 25 | 25 | { |
@@ -37,7 +37,7 @@ discard block |
||
| 37 | 37 | $this->logger = $logger; |
| 38 | 38 | |
| 39 | 39 | // Set the OCRA suite |
| 40 | - $this->_ocraSuite = $config['ocra.suite'] ?? 'OCRA-1:HOTP-SHA1-6:QH10-S'; // Use tiqr server default suite |
|
| 40 | + $this->_ocraSuite = $config['ocra.suite'] ?? 'OCRA-1:HOTP-SHA1-6:QH10-S'; // Use tiqr server default suite |
|
| 41 | 41 | $this->_ocraParser = new OATH_OCRAParser($this->_ocraSuite); |
| 42 | 42 | } |
| 43 | 43 | |
@@ -117,7 +117,7 @@ discard block |
||
| 117 | 117 | // INVALID_USERID: The client authenticated a different user than the server expected. This error is returned when |
| 118 | 118 | // the application stated an authentication session specifying the userId and later during the authentication |
| 119 | 119 | // provides a different userId |
| 120 | - const AUTH_RESULT_INVALID_USERID = 5; |
|
| 120 | + const AUTH_RESULT_INVALID_USERID = 5; |
|
| 121 | 121 | |
| 122 | 122 | /** |
| 123 | 123 | * The default OCRA Suite (RFC 6287) to use for authentication in Tiqr |
@@ -223,7 +223,7 @@ discard block |
||
| 223 | 223 | * @param int $version The tiqr protocol version to use (defaults to the latest) |
| 224 | 224 | * @throws Exception |
| 225 | 225 | */ |
| 226 | - public function __construct(LoggerInterface $logger, array $options=array(), int $version = 2) |
|
| 226 | + public function __construct(LoggerInterface $logger, array $options = array(), int $version = 2) |
|
| 227 | 227 | { |
| 228 | 228 | $this->_options = $options; // Used to later get settings for Tiqr_Message_* |
| 229 | 229 | $this->logger = $logger; |
@@ -337,7 +337,7 @@ discard block |
||
| 337 | 337 | |
| 338 | 338 | $this->logger->info(sprintf('Creating and sending a %s push notification', $notificationType)); |
| 339 | 339 | $message->setId(time()); |
| 340 | - $message->setText("Please authenticate for " . $this->_name); |
|
| 340 | + $message->setText("Please authenticate for ".$this->_name); |
|
| 341 | 341 | $message->setAddress($notificationAddress); |
| 342 | 342 | $message->setCustomProperty('challenge', $this->_getChallengeUrl($sessionKey)); |
| 343 | 343 | $message->send(); |
@@ -383,13 +383,13 @@ discard block |
||
| 383 | 383 | * @return string The authentication sessionKey |
| 384 | 384 | * @throws Exception when starting the authentication session failed |
| 385 | 385 | */ |
| 386 | - public function startAuthenticationSession(string $userId="", string $sessionId="", string $spIdentifier=""): string |
|
| 386 | + public function startAuthenticationSession(string $userId = "", string $sessionId = "", string $spIdentifier = ""): string |
|
| 387 | 387 | { |
| 388 | - if ($sessionId=="") { |
|
| 388 | + if ($sessionId == "") { |
|
| 389 | 389 | $sessionId = session_id(); |
| 390 | 390 | } |
| 391 | 391 | |
| 392 | - if ($spIdentifier=="") { |
|
| 392 | + if ($spIdentifier == "") { |
|
| 393 | 393 | $spIdentifier = $this->_identifier; |
| 394 | 394 | } |
| 395 | 395 | |
@@ -398,11 +398,11 @@ discard block |
||
| 398 | 398 | |
| 399 | 399 | $data = array("sessionId"=>$sessionId, "challenge"=>$challenge, "spIdentifier" => $spIdentifier); |
| 400 | 400 | |
| 401 | - if ($userId!="") { |
|
| 401 | + if ($userId != "") { |
|
| 402 | 402 | $data["userId"] = $userId; |
| 403 | 403 | } |
| 404 | 404 | |
| 405 | - $this->_stateStorage->setValue(self::PREFIX_CHALLENGE . $sessionKey, $data, self::CHALLENGE_EXPIRE); |
|
| 405 | + $this->_stateStorage->setValue(self::PREFIX_CHALLENGE.$sessionKey, $data, self::CHALLENGE_EXPIRE); |
|
| 406 | 406 | |
| 407 | 407 | return $sessionKey; |
| 408 | 408 | } |
@@ -422,9 +422,9 @@ discard block |
||
| 422 | 422 | * @return String The enrollment key |
| 423 | 423 | * @throws Exception when start the enrollement session failed |
| 424 | 424 | */ |
| 425 | - public function startEnrollmentSession(string $userId, string $displayName, string $sessionId=""): string |
|
| 425 | + public function startEnrollmentSession(string $userId, string $displayName, string $sessionId = ""): string |
|
| 426 | 426 | { |
| 427 | - if ($sessionId=="") { |
|
| 427 | + if ($sessionId == "") { |
|
| 428 | 428 | $sessionId = session_id(); |
| 429 | 429 | } |
| 430 | 430 | $enrollmentKey = $this->_uniqueSessionKey(); |
@@ -433,7 +433,7 @@ discard block |
||
| 433 | 433 | "displayName" => $displayName, |
| 434 | 434 | "sessionId" => $sessionId |
| 435 | 435 | ]; |
| 436 | - $this->_stateStorage->setValue(self::PREFIX_ENROLLMENT . $enrollmentKey, $data, self::ENROLLMENT_EXPIRE); |
|
| 436 | + $this->_stateStorage->setValue(self::PREFIX_ENROLLMENT.$enrollmentKey, $data, self::ENROLLMENT_EXPIRE); |
|
| 437 | 437 | $this->_setEnrollmentStatus($sessionId, self::ENROLLMENT_STATUS_INITIALIZED); |
| 438 | 438 | |
| 439 | 439 | return $enrollmentKey; |
@@ -444,9 +444,9 @@ discard block |
||
| 444 | 444 | * @param string $sessionId The application's session identifier (defaults to php session) |
| 445 | 445 | * @throws Exception when resetting the session failed |
| 446 | 446 | */ |
| 447 | - public function resetEnrollmentSession(string $sessionId=""): void |
|
| 447 | + public function resetEnrollmentSession(string $sessionId = ""): void |
|
| 448 | 448 | { |
| 449 | - if ($sessionId=="") { |
|
| 449 | + if ($sessionId == "") { |
|
| 450 | 450 | $sessionId = session_id(); |
| 451 | 451 | } |
| 452 | 452 | |
@@ -481,9 +481,9 @@ discard block |
||
| 481 | 481 | * |
| 482 | 482 | * @throws Exception when an error communicating with the state storage backend was detected |
| 483 | 483 | */ |
| 484 | - public function getEnrollmentStatus(string $sessionId=""): int |
|
| 484 | + public function getEnrollmentStatus(string $sessionId = ""): int |
|
| 485 | 485 | { |
| 486 | - if ($sessionId=="") { |
|
| 486 | + if ($sessionId == "") { |
|
| 487 | 487 | $sessionId = session_id(); |
| 488 | 488 | } |
| 489 | 489 | $status = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_STATUS.$sessionId); |
@@ -540,7 +540,7 @@ discard block |
||
| 540 | 540 | */ |
| 541 | 541 | public function getEnrollmentMetadata(string $enrollmentKey, string $authenticationUrl, string $enrollmentUrl): array |
| 542 | 542 | { |
| 543 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 543 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT.$enrollmentKey); |
|
| 544 | 544 | if (!is_array($data)) { |
| 545 | 545 | $this->logger->error('Unable to find enrollment metadata in state storage'); |
| 546 | 546 | throw new Exception('Unable to find enrollment metadata in state storage'); |
@@ -559,7 +559,7 @@ discard block |
||
| 559 | 559 | array("identifier" =>$data["userId"], |
| 560 | 560 | "displayName"=>$data["displayName"])); |
| 561 | 561 | |
| 562 | - $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 562 | + $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT.$enrollmentKey); |
|
| 563 | 563 | |
| 564 | 564 | $this->_setEnrollmentStatus($data["sessionId"], self::ENROLLMENT_STATUS_RETRIEVED); |
| 565 | 565 | return $metadata; |
@@ -587,7 +587,7 @@ discard block |
||
| 587 | 587 | */ |
| 588 | 588 | public function getEnrollmentSecret(string $enrollmentKey): string |
| 589 | 589 | { |
| 590 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 590 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT.$enrollmentKey); |
|
| 591 | 591 | if (!is_array($data)) { |
| 592 | 592 | $this->logger->error('getEnrollmentSecret: enrollment key not found'); |
| 593 | 593 | throw new RuntimeException('enrollment key not found'); |
@@ -603,7 +603,7 @@ discard block |
||
| 603 | 603 | ]; |
| 604 | 604 | $enrollmentSecret = $this->_uniqueSessionKey(); |
| 605 | 605 | $this->_stateStorage->setValue( |
| 606 | - self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret, |
|
| 606 | + self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret, |
|
| 607 | 607 | $enrollmentData, |
| 608 | 608 | self::ENROLLMENT_EXPIRE |
| 609 | 609 | ); |
@@ -631,11 +631,11 @@ discard block |
||
| 631 | 631 | public function validateEnrollmentSecret(string $enrollmentSecret): string |
| 632 | 632 | { |
| 633 | 633 | try { |
| 634 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret); |
|
| 634 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret); |
|
| 635 | 635 | if (NULL === $data) { |
| 636 | 636 | throw new RuntimeException('Enrollment secret not found'); |
| 637 | 637 | } |
| 638 | - if ( !is_array($data) || !is_string($data["userId"] ?? NULL)) { |
|
| 638 | + if (!is_array($data) || !is_string($data["userId"] ?? NULL)) { |
|
| 639 | 639 | throw new RuntimeException('Invalid enrollment data'); |
| 640 | 640 | } |
| 641 | 641 | |
@@ -665,17 +665,17 @@ discard block |
||
| 665 | 665 | public function finalizeEnrollment(string $enrollmentSecret): bool |
| 666 | 666 | { |
| 667 | 667 | try { |
| 668 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret); |
|
| 668 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret); |
|
| 669 | 669 | if (NULL === $data) { |
| 670 | 670 | throw new RuntimeException('Enrollment secret not found'); |
| 671 | 671 | } |
| 672 | 672 | if (is_array($data)) { |
| 673 | 673 | // Enrollment is finalized, destroy our session data. |
| 674 | - $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret); |
|
| 674 | + $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret); |
|
| 675 | 675 | $this->_setEnrollmentStatus($data["sessionId"], self::ENROLLMENT_STATUS_FINALIZED); |
| 676 | 676 | } else { |
| 677 | 677 | $this->logger->error( |
| 678 | - 'Enrollment status is not finalized, enrollmentsecret was not found in state storage. ' . |
|
| 678 | + 'Enrollment status is not finalized, enrollmentsecret was not found in state storage. '. |
|
| 679 | 679 | 'Warning! the method will still return "true" as a result.' |
| 680 | 680 | ); |
| 681 | 681 | } |
@@ -723,7 +723,7 @@ discard block |
||
| 723 | 723 | public function authenticate(string $userId, string $userSecret, string $sessionKey, string $response): int |
| 724 | 724 | { |
| 725 | 725 | try { |
| 726 | - $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE . $sessionKey); |
|
| 726 | + $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE.$sessionKey); |
|
| 727 | 727 | if (is_null($state)) { |
| 728 | 728 | $this->logger->notice('The auth challenge could not be found in the state storage'); |
| 729 | 729 | return self::AUTH_RESULT_INVALID_CHALLENGE; |
@@ -733,9 +733,9 @@ discard block |
||
| 733 | 733 | throw $e; |
| 734 | 734 | } |
| 735 | 735 | |
| 736 | - $sessionId = $state["sessionId"] ?? NULL; // Application's sessionId |
|
| 737 | - $challenge = $state["challenge"] ?? NULL; // The challenge we sent to the Tiqr client |
|
| 738 | - if (!is_string($sessionId) || (!is_string($challenge)) ) { |
|
| 736 | + $sessionId = $state["sessionId"] ?? NULL; // Application's sessionId |
|
| 737 | + $challenge = $state["challenge"] ?? NULL; // The challenge we sent to the Tiqr client |
|
| 738 | + if (!is_string($sessionId) || (!is_string($challenge))) { |
|
| 739 | 739 | throw new RuntimeException('Invalid state for state storage'); |
| 740 | 740 | } |
| 741 | 741 | |
@@ -744,7 +744,7 @@ discard block |
||
| 744 | 744 | $challengeUserId = $state["userId"] ?? NULL; |
| 745 | 745 | |
| 746 | 746 | // If the application requested a specific userId, verify that that is that userId that we're now authenticating |
| 747 | - if ($challengeUserId!==NULL && ($userId !== $challengeUserId)) { |
|
| 747 | + if ($challengeUserId !== NULL && ($userId !== $challengeUserId)) { |
|
| 748 | 748 | $this->logger->error( |
| 749 | 749 | sprintf('Authentication failed: the requested userId "%s" does not match userId "%s" that is being authenticated', |
| 750 | 750 | $challengeUserId, $userId) |
@@ -761,7 +761,7 @@ discard block |
||
| 761 | 761 | |
| 762 | 762 | if ($equal) { |
| 763 | 763 | // Set application session as authenticated |
| 764 | - $this->_stateStorage->setValue(self::PREFIX_AUTHENTICATED . $sessionId, $userId, self::LOGIN_EXPIRE); |
|
| 764 | + $this->_stateStorage->setValue(self::PREFIX_AUTHENTICATED.$sessionId, $userId, self::LOGIN_EXPIRE); |
|
| 765 | 765 | $this->logger->notice(sprintf('Authenticated user "%s" in session "%s"', $userId, $sessionId)); |
| 766 | 766 | |
| 767 | 767 | // Cleanup challenge |
@@ -770,7 +770,7 @@ discard block |
||
| 770 | 770 | // Cleaning up only after successful authentication enables the user to retry authentication after e.g. an |
| 771 | 771 | // invalid response |
| 772 | 772 | try { |
| 773 | - $this->_stateStorage->unsetValue(self::PREFIX_CHALLENGE . $sessionKey); // May throw |
|
| 773 | + $this->_stateStorage->unsetValue(self::PREFIX_CHALLENGE.$sessionKey); // May throw |
|
| 774 | 774 | } catch (Exception $e) { |
| 775 | 775 | // Only log error |
| 776 | 776 | $this->logger->warning('Could not delete authentication session key', array('error' => $e)); |
@@ -792,9 +792,9 @@ discard block |
||
| 792 | 792 | * |
| 793 | 793 | * @throws Exception when there was an error communicating with the storage backed |
| 794 | 794 | */ |
| 795 | - public function logout(string $sessionId=""): void |
|
| 795 | + public function logout(string $sessionId = ""): void |
|
| 796 | 796 | { |
| 797 | - if ($sessionId=="") { |
|
| 797 | + if ($sessionId == "") { |
|
| 798 | 798 | $sessionId = session_id(); |
| 799 | 799 | } |
| 800 | 800 | |
@@ -834,9 +834,9 @@ discard block |
||
| 834 | 834 | * |
| 835 | 835 | * Does not throw |
| 836 | 836 | */ |
| 837 | - public function getAuthenticatedUser(string $sessionId=""): ?string |
|
| 837 | + public function getAuthenticatedUser(string $sessionId = ""): ?string |
|
| 838 | 838 | { |
| 839 | - if ($sessionId=="") { |
|
| 839 | + if ($sessionId == "") { |
|
| 840 | 840 | $this->logger->debug('Using the PHP session id, as no session id was provided'); |
| 841 | 841 | $sessionId = session_id(); |
| 842 | 842 | } |
@@ -864,7 +864,7 @@ discard block |
||
| 864 | 864 | // We probably just generated the challenge and stored it in the StateStorage |
| 865 | 865 | // We can save a roundtrip to the storage backend here by reusing this information |
| 866 | 866 | |
| 867 | - $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE . $sessionKey); |
|
| 867 | + $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE.$sessionKey); |
|
| 868 | 868 | if (is_null($state)) { |
| 869 | 869 | $this->logger->error( |
| 870 | 870 | sprintf( |
@@ -880,7 +880,7 @@ discard block |
||
| 880 | 880 | $spIdentifier = $state["spIdentifier"] ?? ''; |
| 881 | 881 | |
| 882 | 882 | // Last bit is the spIdentifier |
| 883 | - return $this->_protocolAuth."://".(!is_null($userId)?urlencode($userId).'@':'').$this->getIdentifier()."/".$sessionKey."/".$challenge."/".urlencode($spIdentifier)."/".$this->_protocolVersion; |
|
| 883 | + return $this->_protocolAuth."://".(!is_null($userId) ?urlencode($userId).'@' : '').$this->getIdentifier()."/".$sessionKey."/".$challenge."/".urlencode($spIdentifier)."/".$this->_protocolVersion; |
|
| 884 | 884 | } |
| 885 | 885 | |
| 886 | 886 | /** |
@@ -902,7 +902,7 @@ discard block |
||
| 902 | 902 | protected function _uniqueSessionKey(): string |
| 903 | 903 | { |
| 904 | 904 | |
| 905 | - return bin2hex( Tiqr_Random::randomBytes(self::SESSION_KEY_LENGTH_BYTES) ); |
|
| 905 | + return bin2hex(Tiqr_Random::randomBytes(self::SESSION_KEY_LENGTH_BYTES)); |
|
| 906 | 906 | } |
| 907 | 907 | |
| 908 | 908 | /** |
@@ -42,7 +42,7 @@ |
||
| 42 | 42 | public static function randomBytes(int $length): string |
| 43 | 43 | { |
| 44 | 44 | // Get $length cryptographically secure pseudo-random bytes |
| 45 | - $rnd=\random_bytes($length); |
|
| 45 | + $rnd = \random_bytes($length); |
|
| 46 | 46 | |
| 47 | 47 | if (strlen($rnd) !== $length) { |
| 48 | 48 | throw new Exception("random_bytes did not return the requested number of bytes"); |
