Tiqr /
tiqr-server-libphp
@@ -54,8 +54,8 @@ |
||
| 54 | 54 | } |
| 55 | 55 | |
| 56 | 56 | $envelope = array("expire"=>$expire, |
| 57 | - "createdAt"=>time(), |
|
| 58 | - "value"=>$value); |
|
| 57 | + "createdAt"=>time(), |
|
| 58 | + "value"=>$value); |
|
| 59 | 59 | $filename = $this->getFilenameByKey($key); |
| 60 | 60 | |
| 61 | 61 | if (!file_put_contents($filename, serialize($envelope))) { |
@@ -47,7 +47,7 @@ discard block |
||
| 47 | 47 | /** |
| 48 | 48 | * @see Tiqr_StateStorage_StateStorageInterface::setValue() |
| 49 | 49 | */ |
| 50 | - public function setValue(string $key, $value, int $expire=0): void |
|
| 50 | + public function setValue(string $key, $value, int $expire = 0): void |
|
| 51 | 51 | { |
| 52 | 52 | if (empty($key)) { |
| 53 | 53 | throw new InvalidArgumentException('Empty key not allowed'); |
@@ -109,8 +109,8 @@ discard block |
||
| 109 | 109 | |
| 110 | 110 | private function getPath(): string |
| 111 | 111 | { |
| 112 | - if (substr($this->path, -1)!=="/") { |
|
| 113 | - return $this->path . "/"; |
|
| 112 | + if (substr($this->path, -1) !== "/") { |
|
| 113 | + return $this->path."/"; |
|
| 114 | 114 | } |
| 115 | 115 | return $this->path; |
| 116 | 116 | } |
@@ -51,7 +51,7 @@ discard block |
||
| 51 | 51 | * The default configuration |
| 52 | 52 | */ |
| 53 | 53 | const DEFAULT_HOST = '127.0.0.1'; |
| 54 | - const DEFAULT_PORT = 11211; |
|
| 54 | + const DEFAULT_PORT = 11211; |
|
| 55 | 55 | |
| 56 | 56 | /** |
| 57 | 57 | * Get the prefix to use for all keys in memcache. |
@@ -103,7 +103,7 @@ discard block |
||
| 103 | 103 | /** |
| 104 | 104 | * @see Tiqr_StateStorage_StateStorageInterface::setValue() |
| 105 | 105 | */ |
| 106 | - public function setValue(string $key, $value, int $expire=0): void |
|
| 106 | + public function setValue(string $key, $value, int $expire = 0): void |
|
| 107 | 107 | { |
| 108 | 108 | if (empty($key)) { |
| 109 | 109 | throw new InvalidArgumentException('Empty key not allowed'); |
@@ -157,7 +157,7 @@ discard block |
||
| 157 | 157 | if ($result === false) { |
| 158 | 158 | // Memcache interface does not provide error information, either the key does not exists or |
| 159 | 159 | // there was an error communicating with the memcache |
| 160 | - $this->logger->info( sprintf('Unable to get key "%s" from memcache StateStorage', $key) ); |
|
| 160 | + $this->logger->info(sprintf('Unable to get key "%s" from memcache StateStorage', $key)); |
|
| 161 | 161 | return null; |
| 162 | 162 | } |
| 163 | 163 | return $result; |
@@ -21,7 +21,6 @@ |
||
| 21 | 21 | * |
| 22 | 22 | * |
| 23 | 23 | * Create SQL table (MySQL): |
| 24 | - |
|
| 25 | 24 | * CREATE TABLE IF NOT EXISTS tiqrstate ( |
| 26 | 25 | key varchar(255) PRIMARY KEY, |
| 27 | 26 | expire BIGINT, |
@@ -77,7 +77,7 @@ discard block |
||
| 77 | 77 | throw new InvalidArgumentException('Empty key not allowed'); |
| 78 | 78 | } |
| 79 | 79 | try { |
| 80 | - $sth = $this->handle->prepare('SELECT `key` FROM ' . $this->tablename . ' WHERE `key` = ?'); |
|
| 80 | + $sth = $this->handle->prepare('SELECT `key` FROM '.$this->tablename.' WHERE `key` = ?'); |
|
| 81 | 81 | $sth->execute(array($key)); |
| 82 | 82 | return $sth->fetchColumn() !== false; |
| 83 | 83 | } |
@@ -97,9 +97,9 @@ discard block |
||
| 97 | 97 | */ |
| 98 | 98 | private function cleanExpired(): void { |
| 99 | 99 | try { |
| 100 | - $sth = $this->handle->prepare("DELETE FROM " . $this->tablename . " WHERE `expire` < ? AND NOT `expire` = 0"); |
|
| 100 | + $sth = $this->handle->prepare("DELETE FROM ".$this->tablename." WHERE `expire` < ? AND NOT `expire` = 0"); |
|
| 101 | 101 | $sth->execute(array(time())); |
| 102 | - $deletedRows=$sth->rowCount(); |
|
| 102 | + $deletedRows = $sth->rowCount(); |
|
| 103 | 103 | $this->logger->notice( |
| 104 | 104 | sprintf("Deleted %i expired keys", $deletedRows) |
| 105 | 105 | ); |
@@ -115,12 +115,12 @@ discard block |
||
| 115 | 115 | /** |
| 116 | 116 | * @see Tiqr_StateStorage_StateStorageInterface::setValue() |
| 117 | 117 | */ |
| 118 | - public function setValue(string $key, $value, int $expire=0): void |
|
| 118 | + public function setValue(string $key, $value, int $expire = 0): void |
|
| 119 | 119 | { |
| 120 | 120 | if (empty($key)) { |
| 121 | 121 | throw new InvalidArgumentException('Empty key not allowed'); |
| 122 | 122 | } |
| 123 | - if (((float) rand() /(float) getrandmax()) < $this->cleanupProbability) { |
|
| 123 | + if (((float) rand() / (float) getrandmax()) < $this->cleanupProbability) { |
|
| 124 | 124 | $this->cleanExpired(); |
| 125 | 125 | } |
| 126 | 126 | if ($this->keyExists($key)) { |
@@ -130,7 +130,7 @@ discard block |
||
| 130 | 130 | } |
| 131 | 131 | // $expire == 0 means never expire |
| 132 | 132 | if ($expire != 0) { |
| 133 | - $expire+=time(); // Store unix timestamp after which the expires |
|
| 133 | + $expire += time(); // Store unix timestamp after which the expires |
|
| 134 | 134 | } |
| 135 | 135 | try { |
| 136 | 136 | $sth->execute(array(serialize($value), $expire, $key)); |
@@ -153,7 +153,7 @@ discard block |
||
| 153 | 153 | throw new InvalidArgumentException('Empty key not allowed'); |
| 154 | 154 | } |
| 155 | 155 | try { |
| 156 | - $sth = $this->handle->prepare("DELETE FROM " . $this->tablename . " WHERE `key` = ?"); |
|
| 156 | + $sth = $this->handle->prepare("DELETE FROM ".$this->tablename." WHERE `key` = ?"); |
|
| 157 | 157 | $sth->execute(array($key)); |
| 158 | 158 | } |
| 159 | 159 | catch (Exception $e) { |
@@ -183,7 +183,7 @@ discard block |
||
| 183 | 183 | } |
| 184 | 184 | |
| 185 | 185 | try { |
| 186 | - $sth = $this->handle->prepare('SELECT `value` FROM ' . $this->tablename . ' WHERE `key` = ? AND (`expire` >= ? OR `expire` = 0)'); |
|
| 186 | + $sth = $this->handle->prepare('SELECT `value` FROM '.$this->tablename.' WHERE `key` = ? AND (`expire` >= ? OR `expire` = 0)'); |
|
| 187 | 187 | $sth->execute(array($key, time())); |
| 188 | 188 | } |
| 189 | 189 | catch (Exception $e) { |
@@ -197,9 +197,9 @@ discard block |
||
| 197 | 197 | if (false === $result) { |
| 198 | 198 | // Occurs normally |
| 199 | 199 | $this->logger->info(sprintf('getValue: Key "%s" not found in PDO StateStorage', $key)); |
| 200 | - return NULL; // Key not found |
|
| 200 | + return NULL; // Key not found |
|
| 201 | 201 | } |
| 202 | - $result=unserialize($result, array('allowed_classes' => false)); |
|
| 202 | + $result = unserialize($result, array('allowed_classes' => false)); |
|
| 203 | 203 | if (false === $result) { |
| 204 | 204 | throw new RuntimeException(sprintf('getValue: unserialize error for key "%s" in PDO StateStorage', $key)); |
| 205 | 205 | } |
@@ -80,8 +80,7 @@ discard block |
||
| 80 | 80 | $sth = $this->handle->prepare('SELECT `key` FROM ' . $this->tablename . ' WHERE `key` = ?'); |
| 81 | 81 | $sth->execute(array($key)); |
| 82 | 82 | return $sth->fetchColumn() !== false; |
| 83 | - } |
|
| 84 | - catch (Exception $e) { |
|
| 83 | + } catch (Exception $e) { |
|
| 85 | 84 | $this->logger->error( |
| 86 | 85 | sprintf('Error checking for key "%s" in PDO StateStorage', $key), |
| 87 | 86 | array('exception' => $e) |
@@ -103,8 +102,7 @@ discard block |
||
| 103 | 102 | $this->logger->notice( |
| 104 | 103 | sprintf("Deleted %i expired keys", $deletedRows) |
| 105 | 104 | ); |
| 106 | - } |
|
| 107 | - catch (Exception $e) { |
|
| 105 | + } catch (Exception $e) { |
|
| 108 | 106 | $this->logger->error( |
| 109 | 107 | sprintf("Deleting expired keys failed: %s", $e->getMessage()), |
| 110 | 108 | array('exception', $e) |
@@ -134,8 +132,7 @@ discard block |
||
| 134 | 132 | } |
| 135 | 133 | try { |
| 136 | 134 | $sth->execute(array(serialize($value), $expire, $key)); |
| 137 | - } |
|
| 138 | - catch (Exception $e) { |
|
| 135 | + } catch (Exception $e) { |
|
| 139 | 136 | $this->logger->error( |
| 140 | 137 | sprintf('Unable to store key "%s" in PDO StateStorage', $key), |
| 141 | 138 | array('exception' => $e) |
@@ -155,8 +152,7 @@ discard block |
||
| 155 | 152 | try { |
| 156 | 153 | $sth = $this->handle->prepare("DELETE FROM " . $this->tablename . " WHERE `key` = ?"); |
| 157 | 154 | $sth->execute(array($key)); |
| 158 | - } |
|
| 159 | - catch (Exception $e) { |
|
| 155 | + } catch (Exception $e) { |
|
| 160 | 156 | $this->logger->error( |
| 161 | 157 | sprintf('Error deleting key "%s" from PDO StateStorage', $key), |
| 162 | 158 | array('exception' => $e) |
@@ -185,8 +181,7 @@ discard block |
||
| 185 | 181 | try { |
| 186 | 182 | $sth = $this->handle->prepare('SELECT `value` FROM ' . $this->tablename . ' WHERE `key` = ? AND (`expire` >= ? OR `expire` = 0)'); |
| 187 | 183 | $sth->execute(array($key, time())); |
| 188 | - } |
|
| 189 | - catch (Exception $e) { |
|
| 184 | + } catch (Exception $e) { |
|
| 190 | 185 | $this->logger->error( |
| 191 | 186 | sprintf('Error getting value for key "%s" from PDO StateStorage', $key), |
| 192 | 187 | array('exception' => $e) |
@@ -39,7 +39,7 @@ |
||
| 39 | 39 | * @return Tiqr_OcraService_Interface |
| 40 | 40 | * @throws Exception An exception if an unknown orca service type is requested. |
| 41 | 41 | */ |
| 42 | - public static function getOcraService(string $type="tiqr", array $options=array(), LoggerInterface $logger) |
|
| 42 | + public static function getOcraService(string $type = "tiqr", array $options = array(), LoggerInterface $logger) |
|
| 43 | 43 | { |
| 44 | 44 | switch ($type) { |
| 45 | 45 | case "tiqr": |
@@ -41,7 +41,7 @@ |
||
| 41 | 41 | * |
| 42 | 42 | * @throws Exception An exception if an unknown user storage is requested. |
| 43 | 43 | */ |
| 44 | - public static function getStorage(string $type="file", array $options=array(), LoggerInterface $logger): Tiqr_UserStorage_Interface |
|
| 44 | + public static function getStorage(string $type = "file", array $options = array(), LoggerInterface $logger): Tiqr_UserStorage_Interface |
|
| 45 | 45 | { |
| 46 | 46 | switch ($type) { |
| 47 | 47 | case "file": |
@@ -36,8 +36,7 @@ |
||
| 36 | 36 | // response as the client calculated. |
| 37 | 37 | try { |
| 38 | 38 | $expected = OCRA::generateOCRA($this->_ocraSuite, $userSecret, "", $challenge, "", $sessionInformation, ""); |
| 39 | - } |
|
| 40 | - catch (Exception $e) { |
|
| 39 | + } catch (Exception $e) { |
|
| 41 | 40 | $this->logger->warning(sprintf('Error calculating OCRA response for user "%s"', $userId), array('exception'=>$e)); |
| 42 | 41 | return false; |
| 43 | 42 | } |
@@ -81,7 +81,7 @@ |
||
| 81 | 81 | 'verifyResponse for user "%s" failed', |
| 82 | 82 | $userId |
| 83 | 83 | ), |
| 84 | - array( 'exception' => $e) |
|
| 84 | + array('exception' => $e) |
|
| 85 | 85 | ); |
| 86 | 86 | return false; |
| 87 | 87 | } |
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | |
| 20 | 20 | use Psr\Log\LoggerInterface; |
| 21 | 21 | |
| 22 | -require_once(__DIR__ . '/../OATH/OCRAParser.php'); |
|
| 22 | +require_once(__DIR__.'/../OATH/OCRAParser.php'); |
|
| 23 | 23 | |
| 24 | 24 | abstract class Tiqr_OcraService_Abstract implements Tiqr_OcraService_Interface |
| 25 | 25 | { |
@@ -37,7 +37,7 @@ discard block |
||
| 37 | 37 | $this->logger = $logger; |
| 38 | 38 | |
| 39 | 39 | // Set the OCRA suite |
| 40 | - $this->_ocraSuite = $config['ocra.suite'] ?? 'OCRA-1:HOTP-SHA1-6:QH10-S'; // Use tiqr server default suite |
|
| 40 | + $this->_ocraSuite = $config['ocra.suite'] ?? 'OCRA-1:HOTP-SHA1-6:QH10-S'; // Use tiqr server default suite |
|
| 41 | 41 | $this->_ocraParser = new OATH_OCRAParser($this->_ocraSuite); |
| 42 | 42 | } |
| 43 | 43 | |
@@ -547,17 +547,17 @@ discard block |
||
| 547 | 547 | } |
| 548 | 548 | |
| 549 | 549 | $metadata = array("service"=> |
| 550 | - array("displayName" => $this->_name, |
|
| 551 | - "identifier" => $this->_identifier, |
|
| 552 | - "logoUrl" => $this->_logoUrl, |
|
| 553 | - "infoUrl" => $this->_infoUrl, |
|
| 554 | - "authenticationUrl" => $authenticationUrl, |
|
| 555 | - "ocraSuite" => $this->_ocraSuite, |
|
| 556 | - "enrollmentUrl" => $enrollmentUrl |
|
| 557 | - ), |
|
| 558 | - "identity"=> |
|
| 559 | - array("identifier" =>$data["userId"], |
|
| 560 | - "displayName"=>$data["displayName"])); |
|
| 550 | + array("displayName" => $this->_name, |
|
| 551 | + "identifier" => $this->_identifier, |
|
| 552 | + "logoUrl" => $this->_logoUrl, |
|
| 553 | + "infoUrl" => $this->_infoUrl, |
|
| 554 | + "authenticationUrl" => $authenticationUrl, |
|
| 555 | + "ocraSuite" => $this->_ocraSuite, |
|
| 556 | + "enrollmentUrl" => $enrollmentUrl |
|
| 557 | + ), |
|
| 558 | + "identity"=> |
|
| 559 | + array("identifier" =>$data["userId"], |
|
| 560 | + "displayName"=>$data["displayName"])); |
|
| 561 | 561 | |
| 562 | 562 | $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
| 563 | 563 | |
@@ -587,27 +587,27 @@ discard block |
||
| 587 | 587 | */ |
| 588 | 588 | public function getEnrollmentSecret(string $enrollmentKey): string |
| 589 | 589 | { |
| 590 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 591 | - if (!is_array($data)) { |
|
| 592 | - $this->logger->error('getEnrollmentSecret: enrollment key not found'); |
|
| 593 | - throw new RuntimeException('enrollment key not found'); |
|
| 594 | - } |
|
| 595 | - $userId = $data["userId"] ?? NULL; |
|
| 596 | - $sessionId = $data["sessionId"] ?? NULL; |
|
| 597 | - if (!is_string($userId) || !(is_string($sessionId))) { |
|
| 598 | - throw new RuntimeException('getEnrollmentSecret: invalid enrollment data'); |
|
| 599 | - } |
|
| 600 | - $enrollmentData = [ |
|
| 601 | - "userId" => $userId, |
|
| 602 | - "sessionId" => $sessionId |
|
| 603 | - ]; |
|
| 604 | - $enrollmentSecret = $this->_uniqueSessionKey(); |
|
| 605 | - $this->_stateStorage->setValue( |
|
| 606 | - self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret, |
|
| 607 | - $enrollmentData, |
|
| 608 | - self::ENROLLMENT_EXPIRE |
|
| 609 | - ); |
|
| 610 | - return $enrollmentSecret; |
|
| 590 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 591 | + if (!is_array($data)) { |
|
| 592 | + $this->logger->error('getEnrollmentSecret: enrollment key not found'); |
|
| 593 | + throw new RuntimeException('enrollment key not found'); |
|
| 594 | + } |
|
| 595 | + $userId = $data["userId"] ?? NULL; |
|
| 596 | + $sessionId = $data["sessionId"] ?? NULL; |
|
| 597 | + if (!is_string($userId) || !(is_string($sessionId))) { |
|
| 598 | + throw new RuntimeException('getEnrollmentSecret: invalid enrollment data'); |
|
| 599 | + } |
|
| 600 | + $enrollmentData = [ |
|
| 601 | + "userId" => $userId, |
|
| 602 | + "sessionId" => $sessionId |
|
| 603 | + ]; |
|
| 604 | + $enrollmentSecret = $this->_uniqueSessionKey(); |
|
| 605 | + $this->_stateStorage->setValue( |
|
| 606 | + self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret, |
|
| 607 | + $enrollmentData, |
|
| 608 | + self::ENROLLMENT_EXPIRE |
|
| 609 | + ); |
|
| 610 | + return $enrollmentSecret; |
|
| 611 | 611 | } |
| 612 | 612 | |
| 613 | 613 | /** |
@@ -117,7 +117,7 @@ discard block |
||
| 117 | 117 | // INVALID_USERID: The client authenticated a different user than the server expected. This error is returned when |
| 118 | 118 | // the application stated an authentication session specifying the userId and later during the authentication |
| 119 | 119 | // provides a different userId |
| 120 | - const AUTH_RESULT_INVALID_USERID = 5; |
|
| 120 | + const AUTH_RESULT_INVALID_USERID = 5; |
|
| 121 | 121 | |
| 122 | 122 | /** |
| 123 | 123 | * The default OCRA Suite (RFC 6287) to use for authentication in Tiqr |
@@ -223,7 +223,7 @@ discard block |
||
| 223 | 223 | * @param int $version The tiqr protocol version to use (defaults to the latest) |
| 224 | 224 | * @throws Exception |
| 225 | 225 | */ |
| 226 | - public function __construct(LoggerInterface $logger, array $options=array(), int $version = 2) |
|
| 226 | + public function __construct(LoggerInterface $logger, array $options = array(), int $version = 2) |
|
| 227 | 227 | { |
| 228 | 228 | $this->_options = $options; // Used to later get settings for Tiqr_Message_* |
| 229 | 229 | $this->logger = $logger; |
@@ -337,7 +337,7 @@ discard block |
||
| 337 | 337 | |
| 338 | 338 | $this->logger->info(sprintf('Creating and sending a %s push notification', $notificationType)); |
| 339 | 339 | $message->setId(time()); |
| 340 | - $message->setText("Please authenticate for " . $this->_name); |
|
| 340 | + $message->setText("Please authenticate for ".$this->_name); |
|
| 341 | 341 | $message->setAddress($notificationAddress); |
| 342 | 342 | $message->setCustomProperty('challenge', $this->_getChallengeUrl($sessionKey)); |
| 343 | 343 | $message->send(); |
@@ -383,13 +383,13 @@ discard block |
||
| 383 | 383 | * @return string The authentication sessionKey |
| 384 | 384 | * @throws Exception when starting the authentication session failed |
| 385 | 385 | */ |
| 386 | - public function startAuthenticationSession(string $userId="", string $sessionId="", string $spIdentifier=""): string |
|
| 386 | + public function startAuthenticationSession(string $userId = "", string $sessionId = "", string $spIdentifier = ""): string |
|
| 387 | 387 | { |
| 388 | - if ($sessionId=="") { |
|
| 388 | + if ($sessionId == "") { |
|
| 389 | 389 | $sessionId = session_id(); |
| 390 | 390 | } |
| 391 | 391 | |
| 392 | - if ($spIdentifier=="") { |
|
| 392 | + if ($spIdentifier == "") { |
|
| 393 | 393 | $spIdentifier = $this->_identifier; |
| 394 | 394 | } |
| 395 | 395 | |
@@ -398,11 +398,11 @@ discard block |
||
| 398 | 398 | |
| 399 | 399 | $data = array("sessionId"=>$sessionId, "challenge"=>$challenge, "spIdentifier" => $spIdentifier); |
| 400 | 400 | |
| 401 | - if ($userId!="") { |
|
| 401 | + if ($userId != "") { |
|
| 402 | 402 | $data["userId"] = $userId; |
| 403 | 403 | } |
| 404 | 404 | |
| 405 | - $this->_stateStorage->setValue(self::PREFIX_CHALLENGE . $sessionKey, $data, self::CHALLENGE_EXPIRE); |
|
| 405 | + $this->_stateStorage->setValue(self::PREFIX_CHALLENGE.$sessionKey, $data, self::CHALLENGE_EXPIRE); |
|
| 406 | 406 | |
| 407 | 407 | return $sessionKey; |
| 408 | 408 | } |
@@ -422,9 +422,9 @@ discard block |
||
| 422 | 422 | * @return String The enrollment key |
| 423 | 423 | * @throws Exception when start the enrollement session failed |
| 424 | 424 | */ |
| 425 | - public function startEnrollmentSession(string $userId, string $displayName, string $sessionId=""): string |
|
| 425 | + public function startEnrollmentSession(string $userId, string $displayName, string $sessionId = ""): string |
|
| 426 | 426 | { |
| 427 | - if ($sessionId=="") { |
|
| 427 | + if ($sessionId == "") { |
|
| 428 | 428 | $sessionId = session_id(); |
| 429 | 429 | } |
| 430 | 430 | $enrollmentKey = $this->_uniqueSessionKey(); |
@@ -433,7 +433,7 @@ discard block |
||
| 433 | 433 | "displayName" => $displayName, |
| 434 | 434 | "sessionId" => $sessionId |
| 435 | 435 | ]; |
| 436 | - $this->_stateStorage->setValue(self::PREFIX_ENROLLMENT . $enrollmentKey, $data, self::ENROLLMENT_EXPIRE); |
|
| 436 | + $this->_stateStorage->setValue(self::PREFIX_ENROLLMENT.$enrollmentKey, $data, self::ENROLLMENT_EXPIRE); |
|
| 437 | 437 | $this->_setEnrollmentStatus($sessionId, self::ENROLLMENT_STATUS_INITIALIZED); |
| 438 | 438 | |
| 439 | 439 | return $enrollmentKey; |
@@ -444,9 +444,9 @@ discard block |
||
| 444 | 444 | * @param string $sessionId The application's session identifier (defaults to php session) |
| 445 | 445 | * @throws Exception when resetting the session failed |
| 446 | 446 | */ |
| 447 | - public function resetEnrollmentSession(string $sessionId=""): void |
|
| 447 | + public function resetEnrollmentSession(string $sessionId = ""): void |
|
| 448 | 448 | { |
| 449 | - if ($sessionId=="") { |
|
| 449 | + if ($sessionId == "") { |
|
| 450 | 450 | $sessionId = session_id(); |
| 451 | 451 | } |
| 452 | 452 | |
@@ -481,9 +481,9 @@ discard block |
||
| 481 | 481 | * |
| 482 | 482 | * @throws Exception when an error communicating with the state storage backend was detected |
| 483 | 483 | */ |
| 484 | - public function getEnrollmentStatus(string $sessionId=""): int |
|
| 484 | + public function getEnrollmentStatus(string $sessionId = ""): int |
|
| 485 | 485 | { |
| 486 | - if ($sessionId=="") { |
|
| 486 | + if ($sessionId == "") { |
|
| 487 | 487 | $sessionId = session_id(); |
| 488 | 488 | } |
| 489 | 489 | $status = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_STATUS.$sessionId); |
@@ -540,7 +540,7 @@ discard block |
||
| 540 | 540 | */ |
| 541 | 541 | public function getEnrollmentMetadata(string $enrollmentKey, string $authenticationUrl, string $enrollmentUrl): array |
| 542 | 542 | { |
| 543 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 543 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT.$enrollmentKey); |
|
| 544 | 544 | if (!is_array($data)) { |
| 545 | 545 | $this->logger->error('Unable to find enrollment metadata in state storage'); |
| 546 | 546 | throw new Exception('Unable to find enrollment metadata in state storage'); |
@@ -559,7 +559,7 @@ discard block |
||
| 559 | 559 | array("identifier" =>$data["userId"], |
| 560 | 560 | "displayName"=>$data["displayName"])); |
| 561 | 561 | |
| 562 | - $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 562 | + $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT.$enrollmentKey); |
|
| 563 | 563 | |
| 564 | 564 | $this->_setEnrollmentStatus($data["sessionId"], self::ENROLLMENT_STATUS_RETRIEVED); |
| 565 | 565 | return $metadata; |
@@ -587,7 +587,7 @@ discard block |
||
| 587 | 587 | */ |
| 588 | 588 | public function getEnrollmentSecret(string $enrollmentKey): string |
| 589 | 589 | { |
| 590 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT . $enrollmentKey); |
|
| 590 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT.$enrollmentKey); |
|
| 591 | 591 | if (!is_array($data)) { |
| 592 | 592 | $this->logger->error('getEnrollmentSecret: enrollment key not found'); |
| 593 | 593 | throw new RuntimeException('enrollment key not found'); |
@@ -603,7 +603,7 @@ discard block |
||
| 603 | 603 | ]; |
| 604 | 604 | $enrollmentSecret = $this->_uniqueSessionKey(); |
| 605 | 605 | $this->_stateStorage->setValue( |
| 606 | - self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret, |
|
| 606 | + self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret, |
|
| 607 | 607 | $enrollmentData, |
| 608 | 608 | self::ENROLLMENT_EXPIRE |
| 609 | 609 | ); |
@@ -631,11 +631,11 @@ discard block |
||
| 631 | 631 | public function validateEnrollmentSecret(string $enrollmentSecret): string |
| 632 | 632 | { |
| 633 | 633 | try { |
| 634 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret); |
|
| 634 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret); |
|
| 635 | 635 | if (NULL === $data) { |
| 636 | 636 | throw new RuntimeException('Enrollment secret not found'); |
| 637 | 637 | } |
| 638 | - if ( !is_array($data) || !is_string($data["userId"] ?? NULL)) { |
|
| 638 | + if (!is_array($data) || !is_string($data["userId"] ?? NULL)) { |
|
| 639 | 639 | throw new RuntimeException('Invalid enrollment data'); |
| 640 | 640 | } |
| 641 | 641 | |
@@ -665,17 +665,17 @@ discard block |
||
| 665 | 665 | public function finalizeEnrollment(string $enrollmentSecret): bool |
| 666 | 666 | { |
| 667 | 667 | try { |
| 668 | - $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret); |
|
| 668 | + $data = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret); |
|
| 669 | 669 | if (NULL === $data) { |
| 670 | 670 | throw new RuntimeException('Enrollment secret not found'); |
| 671 | 671 | } |
| 672 | 672 | if (is_array($data)) { |
| 673 | 673 | // Enrollment is finalized, destroy our session data. |
| 674 | - $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT_SECRET . $enrollmentSecret); |
|
| 674 | + $this->_stateStorage->unsetValue(self::PREFIX_ENROLLMENT_SECRET.$enrollmentSecret); |
|
| 675 | 675 | $this->_setEnrollmentStatus($data["sessionId"], self::ENROLLMENT_STATUS_FINALIZED); |
| 676 | 676 | } else { |
| 677 | 677 | $this->logger->error( |
| 678 | - 'Enrollment status is not finalized, enrollmentsecret was not found in state storage. ' . |
|
| 678 | + 'Enrollment status is not finalized, enrollmentsecret was not found in state storage. '. |
|
| 679 | 679 | 'Warning! the method will still return "true" as a result.' |
| 680 | 680 | ); |
| 681 | 681 | } |
@@ -723,7 +723,7 @@ discard block |
||
| 723 | 723 | public function authenticate(string $userId, string $userSecret, string $sessionKey, string $response): int |
| 724 | 724 | { |
| 725 | 725 | try { |
| 726 | - $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE . $sessionKey); |
|
| 726 | + $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE.$sessionKey); |
|
| 727 | 727 | if (is_null($state)) { |
| 728 | 728 | $this->logger->notice('The auth challenge could not be found in the state storage'); |
| 729 | 729 | return self::AUTH_RESULT_INVALID_CHALLENGE; |
@@ -733,9 +733,9 @@ discard block |
||
| 733 | 733 | throw $e; |
| 734 | 734 | } |
| 735 | 735 | |
| 736 | - $sessionId = $state["sessionId"] ?? NULL; // Application's sessionId |
|
| 737 | - $challenge = $state["challenge"] ?? NULL; // The challenge we sent to the Tiqr client |
|
| 738 | - if (!is_string($sessionId) || (!is_string($challenge)) ) { |
|
| 736 | + $sessionId = $state["sessionId"] ?? NULL; // Application's sessionId |
|
| 737 | + $challenge = $state["challenge"] ?? NULL; // The challenge we sent to the Tiqr client |
|
| 738 | + if (!is_string($sessionId) || (!is_string($challenge))) { |
|
| 739 | 739 | throw new RuntimeException('Invalid state for state storage'); |
| 740 | 740 | } |
| 741 | 741 | |
@@ -744,7 +744,7 @@ discard block |
||
| 744 | 744 | $challengeUserId = $state["userId"] ?? NULL; |
| 745 | 745 | |
| 746 | 746 | // If the application requested a specific userId, verify that that is that userId that we're now authenticating |
| 747 | - if ($challengeUserId!==NULL && ($userId !== $challengeUserId)) { |
|
| 747 | + if ($challengeUserId !== NULL && ($userId !== $challengeUserId)) { |
|
| 748 | 748 | $this->logger->error( |
| 749 | 749 | sprintf('Authentication failed: the requested userId "%s" does not match userId "%s" that is being authenticated', |
| 750 | 750 | $challengeUserId, $userId) |
@@ -761,7 +761,7 @@ discard block |
||
| 761 | 761 | |
| 762 | 762 | if ($equal) { |
| 763 | 763 | // Set application session as authenticated |
| 764 | - $this->_stateStorage->setValue(self::PREFIX_AUTHENTICATED . $sessionId, $userId, self::LOGIN_EXPIRE); |
|
| 764 | + $this->_stateStorage->setValue(self::PREFIX_AUTHENTICATED.$sessionId, $userId, self::LOGIN_EXPIRE); |
|
| 765 | 765 | $this->logger->notice(sprintf('Authenticated user "%s" in session "%s"', $userId, $sessionId)); |
| 766 | 766 | |
| 767 | 767 | // Cleanup challenge |
@@ -770,7 +770,7 @@ discard block |
||
| 770 | 770 | // Cleaning up only after successful authentication enables the user to retry authentication after e.g. an |
| 771 | 771 | // invalid response |
| 772 | 772 | try { |
| 773 | - $this->_stateStorage->unsetValue(self::PREFIX_CHALLENGE . $sessionKey); // May throw |
|
| 773 | + $this->_stateStorage->unsetValue(self::PREFIX_CHALLENGE.$sessionKey); // May throw |
|
| 774 | 774 | } catch (Exception $e) { |
| 775 | 775 | // Only log error |
| 776 | 776 | $this->logger->warning('Could not delete authentication session key', array('error' => $e)); |
@@ -792,9 +792,9 @@ discard block |
||
| 792 | 792 | * |
| 793 | 793 | * @throws Exception when there was an error communicating with the storage backed |
| 794 | 794 | */ |
| 795 | - public function logout(string $sessionId=""): void |
|
| 795 | + public function logout(string $sessionId = ""): void |
|
| 796 | 796 | { |
| 797 | - if ($sessionId=="") { |
|
| 797 | + if ($sessionId == "") { |
|
| 798 | 798 | $sessionId = session_id(); |
| 799 | 799 | } |
| 800 | 800 | |
@@ -834,9 +834,9 @@ discard block |
||
| 834 | 834 | * |
| 835 | 835 | * Does not throw |
| 836 | 836 | */ |
| 837 | - public function getAuthenticatedUser(string $sessionId=""): ?string |
|
| 837 | + public function getAuthenticatedUser(string $sessionId = ""): ?string |
|
| 838 | 838 | { |
| 839 | - if ($sessionId=="") { |
|
| 839 | + if ($sessionId == "") { |
|
| 840 | 840 | $this->logger->debug('Using the PHP session id, as no session id was provided'); |
| 841 | 841 | $sessionId = session_id(); |
| 842 | 842 | } |
@@ -864,7 +864,7 @@ discard block |
||
| 864 | 864 | // We probably just generated the challenge and stored it in the StateStorage |
| 865 | 865 | // We can save a roundtrip to the storage backend here by reusing this information |
| 866 | 866 | |
| 867 | - $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE . $sessionKey); |
|
| 867 | + $state = $this->_stateStorage->getValue(self::PREFIX_CHALLENGE.$sessionKey); |
|
| 868 | 868 | if (is_null($state)) { |
| 869 | 869 | $this->logger->error( |
| 870 | 870 | sprintf( |
@@ -880,7 +880,7 @@ discard block |
||
| 880 | 880 | $spIdentifier = $state["spIdentifier"] ?? ''; |
| 881 | 881 | |
| 882 | 882 | // Last bit is the spIdentifier |
| 883 | - return $this->_protocolAuth."://".(!is_null($userId)?urlencode($userId).'@':'').$this->getIdentifier()."/".$sessionKey."/".$challenge."/".urlencode($spIdentifier)."/".$this->_protocolVersion; |
|
| 883 | + return $this->_protocolAuth."://".(!is_null($userId) ?urlencode($userId).'@' : '').$this->getIdentifier()."/".$sessionKey."/".$challenge."/".urlencode($spIdentifier)."/".$this->_protocolVersion; |
|
| 884 | 884 | } |
| 885 | 885 | |
| 886 | 886 | /** |
@@ -902,7 +902,7 @@ discard block |
||
| 902 | 902 | protected function _uniqueSessionKey(): string |
| 903 | 903 | { |
| 904 | 904 | |
| 905 | - return bin2hex( Tiqr_Random::randomBytes(self::SESSION_KEY_LENGTH_BYTES) ); |
|
| 905 | + return bin2hex(Tiqr_Random::randomBytes(self::SESSION_KEY_LENGTH_BYTES)); |
|
| 906 | 906 | } |
| 907 | 907 | |
| 908 | 908 | /** |
@@ -263,8 +263,7 @@ discard block |
||
| 263 | 263 | if (isset($options['ocraservice']) && $options['ocraservice']['type'] != 'tiqr') { |
| 264 | 264 | $options['ocraservice']['ocra.suite'] = $this->_ocraSuite; |
| 265 | 265 | $this->_ocraService = Tiqr_OcraService::getOcraService($options['ocraservice']['type'], $options['ocraservice'], $logger); |
| 266 | - } |
|
| 267 | - else { // Create default ocraservice |
|
| 266 | + } else { // Create default ocraservice |
|
| 268 | 267 | $this->_ocraService = Tiqr_OcraService::getOcraService('tiqr', array('ocra.suite' => $this->_ocraSuite), $logger); |
| 269 | 268 | } |
| 270 | 269 | } |
@@ -487,7 +486,9 @@ discard block |
||
| 487 | 486 | $sessionId = session_id(); |
| 488 | 487 | } |
| 489 | 488 | $status = $this->_stateStorage->getValue(self::PREFIX_ENROLLMENT_STATUS.$sessionId); |
| 490 | - if (is_null($status)) return self::ENROLLMENT_STATUS_IDLE; |
|
| 489 | + if (is_null($status)) { |
|
| 490 | + return self::ENROLLMENT_STATUS_IDLE; |
|
| 491 | + } |
|
| 491 | 492 | return $status; |
| 492 | 493 | } |
| 493 | 494 | |
@@ -843,8 +844,7 @@ discard block |
||
| 843 | 844 | |
| 844 | 845 | try { |
| 845 | 846 | return $this->_stateStorage->getValue("authenticated_".$sessionId); |
| 846 | - } |
|
| 847 | - catch (Exception $e) { |
|
| 847 | + } catch (Exception $e) { |
|
| 848 | 848 | $this->logger->error('getAuthenticatedUser failed', array('exception'=>$e)); |
| 849 | 849 | return NULL; |
| 850 | 850 | } |
