@@ -17,7 +17,7 @@ discard block |
||
17 | 17 | use chillerlan\HTTP\Psr7; |
18 | 18 | use Psr\Http\Message\{RequestInterface, ResponseInterface, UriInterface}; |
19 | 19 | |
20 | -abstract class OAuth2Provider extends OAuthProvider implements OAuth2Interface{ |
|
20 | +abstract class OAuth2Provider extends OAuthProvider implements OAuth2Interface { |
|
21 | 21 | |
22 | 22 | /** |
23 | 23 | * @var int |
@@ -48,7 +48,7 @@ discard block |
||
48 | 48 | public function getAuthURL(array $params = null, array $scopes = null):UriInterface{ |
49 | 49 | $params = $params ?? []; |
50 | 50 | |
51 | - if(isset($params['client_secret'])){ |
|
51 | + if (isset($params['client_secret'])) { |
|
52 | 52 | unset($params['client_secret']); |
53 | 53 | } |
54 | 54 | |
@@ -59,11 +59,11 @@ discard block |
||
59 | 59 | 'type' => 'web_server', |
60 | 60 | ]); |
61 | 61 | |
62 | - if(!empty($scopes)){ |
|
62 | + if (!empty($scopes)) { |
|
63 | 63 | $params['scope'] = \implode($this->scopesDelimiter, $scopes); |
64 | 64 | } |
65 | 65 | |
66 | - if($this instanceof CSRFToken){ |
|
66 | + if ($this instanceof CSRFToken) { |
|
67 | 67 | $params = $this->setState($params); |
68 | 68 | } |
69 | 69 | |
@@ -79,19 +79,19 @@ discard block |
||
79 | 79 | protected function parseTokenResponse(ResponseInterface $response):AccessToken{ |
80 | 80 | $data = \json_decode(Psr7\decompress_content($response), true); // silly amazon... |
81 | 81 | |
82 | - if(!\is_array($data)){ |
|
82 | + if (!\is_array($data)) { |
|
83 | 83 | throw new ProviderException('unable to parse token response'); |
84 | 84 | } |
85 | 85 | |
86 | - foreach(['error_description', 'error'] as $field){ |
|
86 | + foreach (['error_description', 'error'] as $field) { |
|
87 | 87 | |
88 | - if(isset($data[$field])){ |
|
88 | + if (isset($data[$field])) { |
|
89 | 89 | throw new ProviderException('error retrieving access token: "'.$data[$field].'"'); |
90 | 90 | } |
91 | 91 | |
92 | 92 | } |
93 | 93 | |
94 | - if(!isset($data['access_token'])){ |
|
94 | + if (!isset($data['access_token'])) { |
|
95 | 95 | throw new ProviderException('token missing'); |
96 | 96 | } |
97 | 97 | |
@@ -117,7 +117,7 @@ discard block |
||
117 | 117 | */ |
118 | 118 | public function getAccessToken(string $code, string $state = null):AccessToken{ |
119 | 119 | |
120 | - if($this instanceof CSRFToken){ |
|
120 | + if ($this instanceof CSRFToken) { |
|
121 | 121 | $this->checkState($state); |
122 | 122 | } |
123 | 123 | |
@@ -135,7 +135,7 @@ discard block |
||
135 | 135 | ->withHeader('Accept-Encoding', 'identity') |
136 | 136 | ->withBody($this->streamFactory->createStream(\http_build_query($body, '', '&', \PHP_QUERY_RFC1738))); |
137 | 137 | |
138 | - foreach($this->authHeaders as $header => $value){ |
|
138 | + foreach ($this->authHeaders as $header => $value) { |
|
139 | 139 | $request = $request->withHeader($header, $value); |
140 | 140 | } |
141 | 141 | |
@@ -155,15 +155,15 @@ discard block |
||
155 | 155 | */ |
156 | 156 | public function getRequestAuthorization(RequestInterface $request, AccessToken $token):RequestInterface{ |
157 | 157 | |
158 | - if(\array_key_exists($this->authMethod, OAuth2Interface::AUTH_METHODS_HEADER)){ |
|
158 | + if (\array_key_exists($this->authMethod, OAuth2Interface::AUTH_METHODS_HEADER)) { |
|
159 | 159 | $request = $request->withHeader('Authorization', OAuth2Interface::AUTH_METHODS_HEADER[$this->authMethod].$token->accessToken); |
160 | 160 | } |
161 | - elseif(\array_key_exists($this->authMethod, OAuth2Interface::AUTH_METHODS_QUERY)){ |
|
161 | + elseif (\array_key_exists($this->authMethod, OAuth2Interface::AUTH_METHODS_QUERY)) { |
|
162 | 162 | $uri = Psr7\merge_query((string)$request->getUri(), [OAuth2Interface::AUTH_METHODS_QUERY[$this->authMethod] => $token->accessToken]); |
163 | 163 | |
164 | 164 | $request = $request->withUri($this->uriFactory->createUri($uri)); |
165 | 165 | } |
166 | - else{ |
|
166 | + else { |
|
167 | 167 | throw new ProviderException('invalid auth type'); |
168 | 168 | } |
169 | 169 | |
@@ -178,13 +178,13 @@ discard block |
||
178 | 178 | */ |
179 | 179 | public function getClientCredentialsToken(array $scopes = null):AccessToken{ |
180 | 180 | |
181 | - if(!$this instanceof ClientCredentials){ |
|
181 | + if (!$this instanceof ClientCredentials) { |
|
182 | 182 | throw new ProviderException('client credentials token not supported'); |
183 | 183 | } |
184 | 184 | |
185 | 185 | $params = ['grant_type' => 'client_credentials']; |
186 | 186 | |
187 | - if($scopes !== null){ |
|
187 | + if ($scopes !== null) { |
|
188 | 188 | $params['scope'] = \implode($this->scopesDelimiter, $scopes); |
189 | 189 | } |
190 | 190 | |
@@ -196,7 +196,7 @@ discard block |
||
196 | 196 | ->withBody($this->streamFactory->createStream(\http_build_query($params, '', '&', \PHP_QUERY_RFC1738))) |
197 | 197 | ; |
198 | 198 | |
199 | - foreach($this->authHeaders as $header => $value){ |
|
199 | + foreach ($this->authHeaders as $header => $value) { |
|
200 | 200 | $request = $request->withAddedHeader($header, $value); |
201 | 201 | } |
202 | 202 | |
@@ -215,19 +215,19 @@ discard block |
||
215 | 215 | */ |
216 | 216 | public function refreshAccessToken(AccessToken $token = null):AccessToken{ |
217 | 217 | |
218 | - if(!$this instanceof TokenRefresh){ |
|
218 | + if (!$this instanceof TokenRefresh) { |
|
219 | 219 | throw new ProviderException('token refresh not supported'); |
220 | 220 | } |
221 | 221 | |
222 | - if($token === null){ |
|
222 | + if ($token === null) { |
|
223 | 223 | $token = $this->storage->getAccessToken($this->serviceName); |
224 | 224 | } |
225 | 225 | |
226 | 226 | $refreshToken = $token->refreshToken; |
227 | 227 | |
228 | - if(empty($refreshToken)){ |
|
228 | + if (empty($refreshToken)) { |
|
229 | 229 | |
230 | - if(!$this instanceof AccessTokenForRefresh){ |
|
230 | + if (!$this instanceof AccessTokenForRefresh) { |
|
231 | 231 | throw new ProviderException(\sprintf('no refresh token available, token expired [%s]', \date('Y-m-d h:i:s A', $token->expires))); |
232 | 232 | } |
233 | 233 | |
@@ -249,13 +249,13 @@ discard block |
||
249 | 249 | ->withBody($this->streamFactory->createStream(\http_build_query($body, '', '&', \PHP_QUERY_RFC1738))) |
250 | 250 | ; |
251 | 251 | |
252 | - foreach($this->authHeaders as $header => $value){ |
|
252 | + foreach ($this->authHeaders as $header => $value) { |
|
253 | 253 | $request = $request->withAddedHeader($header, $value); |
254 | 254 | } |
255 | 255 | |
256 | 256 | $newToken = $this->parseTokenResponse($this->http->sendRequest($request)); |
257 | 257 | |
258 | - if(empty($newToken->refreshToken)){ |
|
258 | + if (empty($newToken->refreshToken)) { |
|
259 | 259 | $newToken->refreshToken = $refreshToken; |
260 | 260 | } |
261 | 261 | |
@@ -272,13 +272,13 @@ discard block |
||
272 | 272 | */ |
273 | 273 | protected function checkState(string $state = null):void{ |
274 | 274 | |
275 | - if(empty($state) || !$this->storage->hasCSRFState($this->serviceName)){ |
|
275 | + if (empty($state) || !$this->storage->hasCSRFState($this->serviceName)) { |
|
276 | 276 | throw new ProviderException('invalid state for '.$this->serviceName); |
277 | 277 | } |
278 | 278 | |
279 | 279 | $knownState = $this->storage->getCSRFState($this->serviceName); |
280 | 280 | |
281 | - if(!\hash_equals($knownState, $state)){ |
|
281 | + if (!\hash_equals($knownState, $state)) { |
|
282 | 282 | throw new ProviderException('invalid CSRF state: '.$this->serviceName.' '.$state); |
283 | 283 | } |
284 | 284 | |
@@ -291,7 +291,7 @@ discard block |
||
291 | 291 | */ |
292 | 292 | protected function setState(array $params):array{ |
293 | 293 | |
294 | - if(!isset($params['state'])){ |
|
294 | + if (!isset($params['state'])) { |
|
295 | 295 | $params['state'] = \sha1(\random_bytes(256)); |
296 | 296 | } |
297 | 297 |