@@ -17,7 +17,7 @@ discard block |
||
17 | 17 | use chillerlan\HTTP\Psr7; |
18 | 18 | use Psr\Http\Message\{RequestInterface, ResponseInterface, UriInterface}; |
19 | 19 | |
20 | -abstract class OAuth2Provider extends OAuthProvider implements OAuth2Interface{ |
|
20 | +abstract class OAuth2Provider extends OAuthProvider implements OAuth2Interface { |
|
21 | 21 | |
22 | 22 | /** |
23 | 23 | * @var int |
@@ -53,7 +53,7 @@ discard block |
||
53 | 53 | public function getAuthURL(array $params = null, array $scopes = null):UriInterface{ |
54 | 54 | $params = $params ?? []; |
55 | 55 | |
56 | - if(isset($params['client_secret'])){ |
|
56 | + if (isset($params['client_secret'])) { |
|
57 | 57 | unset($params['client_secret']); |
58 | 58 | } |
59 | 59 | |
@@ -64,11 +64,11 @@ discard block |
||
64 | 64 | 'type' => 'web_server', |
65 | 65 | ]); |
66 | 66 | |
67 | - if($scopes !== null){ |
|
67 | + if ($scopes !== null) { |
|
68 | 68 | $params['scope'] = \implode($this->scopesDelimiter, $scopes); |
69 | 69 | } |
70 | 70 | |
71 | - if($this instanceof CSRFToken){ |
|
71 | + if ($this instanceof CSRFToken) { |
|
72 | 72 | $params = $this->setState($params); |
73 | 73 | } |
74 | 74 | |
@@ -84,19 +84,19 @@ discard block |
||
84 | 84 | protected function parseTokenResponse(ResponseInterface $response):AccessToken{ |
85 | 85 | $data = \json_decode(Psr7\decompress_content($response), true); // silly amazon... |
86 | 86 | |
87 | - if(!\is_array($data)){ |
|
87 | + if (!\is_array($data)) { |
|
88 | 88 | throw new ProviderException('unable to parse token response'); |
89 | 89 | } |
90 | 90 | |
91 | - foreach(['error_description', 'error'] as $field){ |
|
91 | + foreach (['error_description', 'error'] as $field) { |
|
92 | 92 | |
93 | - if(isset($data[$field])){ |
|
93 | + if (isset($data[$field])) { |
|
94 | 94 | throw new ProviderException('error retrieving access token: "'.$data[$field].'"'); |
95 | 95 | } |
96 | 96 | |
97 | 97 | } |
98 | 98 | |
99 | - if(!isset($data['access_token'])){ |
|
99 | + if (!isset($data['access_token'])) { |
|
100 | 100 | throw new ProviderException('token missing'); |
101 | 101 | } |
102 | 102 | |
@@ -122,7 +122,7 @@ discard block |
||
122 | 122 | */ |
123 | 123 | public function getAccessToken(string $code, string $state = null):AccessToken{ |
124 | 124 | |
125 | - if($this instanceof CSRFToken){ |
|
125 | + if ($this instanceof CSRFToken) { |
|
126 | 126 | $this->checkState($state); |
127 | 127 | } |
128 | 128 | |
@@ -140,7 +140,7 @@ discard block |
||
140 | 140 | ->withHeader('Accept-Encoding', 'identity') |
141 | 141 | ->withBody($this->streamFactory->createStream(\http_build_query($body, '', '&', \PHP_QUERY_RFC1738))); |
142 | 142 | |
143 | - foreach($this->authHeaders as $header => $value){ |
|
143 | + foreach ($this->authHeaders as $header => $value) { |
|
144 | 144 | $request = $request->withHeader($header, $value); |
145 | 145 | } |
146 | 146 | |
@@ -160,15 +160,15 @@ discard block |
||
160 | 160 | */ |
161 | 161 | public function getRequestAuthorization(RequestInterface $request, AccessToken $token):RequestInterface{ |
162 | 162 | |
163 | - if(\array_key_exists($this->authMethod, OAuth2Interface::AUTH_METHODS_HEADER)){ |
|
163 | + if (\array_key_exists($this->authMethod, OAuth2Interface::AUTH_METHODS_HEADER)) { |
|
164 | 164 | $request = $request->withHeader('Authorization', OAuth2Interface::AUTH_METHODS_HEADER[$this->authMethod].$token->accessToken); |
165 | 165 | } |
166 | - elseif(\array_key_exists($this->authMethod, OAuth2Interface::AUTH_METHODS_QUERY)){ |
|
166 | + elseif (\array_key_exists($this->authMethod, OAuth2Interface::AUTH_METHODS_QUERY)) { |
|
167 | 167 | $uri = Psr7\merge_query((string)$request->getUri(), [OAuth2Interface::AUTH_METHODS_QUERY[$this->authMethod] => $token->accessToken]); |
168 | 168 | |
169 | 169 | $request = $request->withUri($this->uriFactory->createUri($uri)); |
170 | 170 | } |
171 | - else{ |
|
171 | + else { |
|
172 | 172 | throw new ProviderException('invalid auth type'); |
173 | 173 | } |
174 | 174 | |
@@ -183,13 +183,13 @@ discard block |
||
183 | 183 | */ |
184 | 184 | public function getClientCredentialsToken(array $scopes = null):AccessToken{ |
185 | 185 | |
186 | - if(!$this instanceof ClientCredentials){ |
|
186 | + if (!$this instanceof ClientCredentials) { |
|
187 | 187 | throw new ProviderException('client credentials token not supported'); |
188 | 188 | } |
189 | 189 | |
190 | 190 | $params = ['grant_type' => 'client_credentials']; |
191 | 191 | |
192 | - if($scopes !== null){ |
|
192 | + if ($scopes !== null) { |
|
193 | 193 | $params['scope'] = \implode($this->scopesDelimiter, $scopes); |
194 | 194 | } |
195 | 195 | |
@@ -201,7 +201,7 @@ discard block |
||
201 | 201 | ->withBody($this->streamFactory->createStream(\http_build_query($params, '', '&', \PHP_QUERY_RFC1738))) |
202 | 202 | ; |
203 | 203 | |
204 | - foreach($this->authHeaders as $header => $value){ |
|
204 | + foreach ($this->authHeaders as $header => $value) { |
|
205 | 205 | $request = $request->withAddedHeader($header, $value); |
206 | 206 | } |
207 | 207 | |
@@ -220,19 +220,19 @@ discard block |
||
220 | 220 | */ |
221 | 221 | public function refreshAccessToken(AccessToken $token = null):AccessToken{ |
222 | 222 | |
223 | - if(!$this instanceof TokenRefresh){ |
|
223 | + if (!$this instanceof TokenRefresh) { |
|
224 | 224 | throw new ProviderException('token refresh not supported'); |
225 | 225 | } |
226 | 226 | |
227 | - if($token === null){ |
|
227 | + if ($token === null) { |
|
228 | 228 | $token = $this->storage->getAccessToken($this->serviceName); |
229 | 229 | } |
230 | 230 | |
231 | 231 | $refreshToken = $token->refreshToken; |
232 | 232 | |
233 | - if(empty($refreshToken)){ |
|
233 | + if (empty($refreshToken)) { |
|
234 | 234 | |
235 | - if(!$this instanceof AccessTokenForRefresh){ |
|
235 | + if (!$this instanceof AccessTokenForRefresh) { |
|
236 | 236 | throw new ProviderException(\sprintf('no refresh token available, token expired [%s]', \date('Y-m-d h:i:s A', $token->expires))); |
237 | 237 | } |
238 | 238 | |
@@ -254,13 +254,13 @@ discard block |
||
254 | 254 | ->withBody($this->streamFactory->createStream(\http_build_query($body, '', '&', \PHP_QUERY_RFC1738))) |
255 | 255 | ; |
256 | 256 | |
257 | - foreach($this->authHeaders as $header => $value){ |
|
257 | + foreach ($this->authHeaders as $header => $value) { |
|
258 | 258 | $request = $request->withAddedHeader($header, $value); |
259 | 259 | } |
260 | 260 | |
261 | 261 | $newToken = $this->parseTokenResponse($this->http->sendRequest($request)); |
262 | 262 | |
263 | - if(empty($newToken->refreshToken)){ |
|
263 | + if (empty($newToken->refreshToken)) { |
|
264 | 264 | $newToken->refreshToken = $refreshToken; |
265 | 265 | } |
266 | 266 | |
@@ -277,13 +277,13 @@ discard block |
||
277 | 277 | */ |
278 | 278 | protected function checkState(string $state = null):void{ |
279 | 279 | |
280 | - if(empty($state) || !$this->storage->hasCSRFState($this->serviceName)){ |
|
280 | + if (empty($state) || !$this->storage->hasCSRFState($this->serviceName)) { |
|
281 | 281 | throw new ProviderException('invalid state for '.$this->serviceName); |
282 | 282 | } |
283 | 283 | |
284 | 284 | $knownState = $this->storage->getCSRFState($this->serviceName); |
285 | 285 | |
286 | - if(!\hash_equals($knownState, $state)){ |
|
286 | + if (!\hash_equals($knownState, $state)) { |
|
287 | 287 | throw new ProviderException('invalid CSRF state: '.$this->serviceName.' '.$state); |
288 | 288 | } |
289 | 289 | |
@@ -296,7 +296,7 @@ discard block |
||
296 | 296 | */ |
297 | 297 | protected function setState(array $params):array{ |
298 | 298 | |
299 | - if(!isset($params['state'])){ |
|
299 | + if (!isset($params['state'])) { |
|
300 | 300 | $params['state'] = \sha1(\random_bytes(256)); |
301 | 301 | } |
302 | 302 |