hybridauth / hybridauth

src/Provider/Apple.php

Indentation +226 added lines, -226 removed lines

@@ -60,230 +60,230 @@
  */
 class Apple extends OAuth2
 {
-    /**
-     * {@inheritdoc}
-     */
-    protected $scope = 'name email';
-
-    /**
-     * {@inheritdoc}
-     */
-    protected $apiBaseUrl = 'https://appleid.apple.com/auth/';
-
-    /**
-     * {@inheritdoc}
-     */
-    protected $authorizeUrl = 'https://appleid.apple.com/auth/authorize';
-
-    /**
-     * {@inheritdoc}
-     */
-    protected $accessTokenUrl = 'https://appleid.apple.com/auth/token';
-
-    /**
-     * {@inheritdoc}
-     */
-    protected $apiDocumentation = 'https://developer.apple.com/documentation/sign_in_with_apple';
-
-    /**
-     * {@inheritdoc}
-     * The Sign in with Apple servers require percent encoding (or URL encoding)
-     * for its query parameters. If you are using the Sign in with Apple REST API,
-     * you must provide values with encoded spaces (`%20`) instead of plus (`+`) signs.
-     */
-    protected $AuthorizeUrlParametersEncType = PHP_QUERY_RFC3986;
-
-    /**
-     * {@inheritdoc}
-     */
-    protected function initialize()
-    {
-        parent::initialize();
-        $this->AuthorizeUrlParameters['response_mode'] = 'form_post';
-    }
-
-    /**
-     * {@inheritdoc}
-     */
-    protected function configure()
-    {
-        $keys = $this->config->get('keys');
-        $keys['secret'] = $this->getSecret();
-        $this->config->set('keys', $keys);
-        return parent::configure();
-    }
-
-    /**
-     * {@inheritdoc}
-     *
-     * include id_token $tokenNames
-     */
-    public function getAccessToken()
-    {
-        $tokenNames = [
-            'access_token',
-            'id_token',
-            'access_token_secret',
-            'token_type',
-            'refresh_token',
-            'expires_in',
-            'expires_at',
-        ];
-
-        $tokens = [];
-
-        foreach ($tokenNames as $name) {
-            if ($this->getStoredData($name)) {
-                $tokens[$name] = $this->getStoredData($name);
-            }
-        }
-
-        return $tokens;
-    }
-
-    /**
-     * {@inheritdoc}
-     */
-    protected function validateAccessTokenExchange($response)
-    {
-        $collection = parent::validateAccessTokenExchange($response);
-
-        $this->storeData('id_token', $collection->get('id_token'));
-
-        return $collection;
-    }
-
-    public function getUserProfile()
-    {
-        $id_token = $this->getStoredData('id_token');
-
-        $verifyTokenSignature =
-            $this->config->exists('verifyTokenSignature') ? $this->config->get('verifyTokenSignature') : true;
-
-        if (!$verifyTokenSignature) {
-            // payload extraction by https://github.com/omidborjian
-            // https://github.com/hybridauth/hybridauth/issues/1095#issuecomment-626479263
-            // JWT splits the string to 3 components 1) first is header 2) is payload 3) is signature
-            $payload = explode('.', $id_token)[1];
-            $payload = json_decode(base64_decode($payload));
-        } else {
-            // validate the token signature and get the payload
-            $publicKeys = $this->apiRequest('keys');
-
-            \Firebase\JWT\JWT::$leeway = 120;
-
-            $error = false;
-            $payload = null;
-
-            foreach ($publicKeys->keys as $publicKey) {
-                try {
-                    $rsa = new RSA();
-                    $jwk = (array)$publicKey;
-
-                    $rsa->loadKey(
-                        [
-                            'e' => new BigInteger(base64_decode($jwk['e']), 256),
-                            'n' => new BigInteger(base64_decode(strtr($jwk['n'], '-_', '+/'), true), 256)
-                        ]
-                    );
-                    $pem = $rsa->getPublicKey();
-
-                    $payload = JWT::decode($id_token, $pem, ['RS256']);
-                    break;
-                } catch (\Exception $e) {
-                    $error = $e->getMessage();
-                    if ($e instanceof \Firebase\JWT\ExpiredException) {
-                        break;
-                    }
-                }
-            }
-
-            if ($error && !$payload) {
-                throw new \Exception($error);
-            }
-        }
-
-        $data = new Data\Collection($payload);
-
-        if (!$data->exists('sub')) {
-            throw new UnexpectedValueException('Missing token payload.');
-        }
-
-        $userProfile = new User\Profile();
-        $userProfile->identifier = $data->get('sub');
-        $userProfile->email = $data->get('email');
-        $this->storeData('expires_at', $data->get('exp'));
-
-        if (!empty($_REQUEST['user'])) {
-            $objUser = json_decode($_REQUEST['user']);
-            $user = new Data\Collection($objUser);
-            if (!$user->isEmpty()) {
-                $name = $user->get('name');
-                $userProfile->firstName = $name->firstName;
-                $userProfile->lastName = $name->lastName;
-                $userProfile->displayName = join(' ', [$userProfile->firstName, $userProfile->lastName]);
-            }
-        }
-
-        return $userProfile;
-    }
-
-    /**
-     * @return string secret token
-     */
-    private function getSecret()
-    {
-        // Your 10-character Team ID
-        if (!$team_id = $this->config->filter('keys')->get('team_id')) {
-            throw new InvalidApplicationCredentialsException(
-                'Missing parameter team_id: your team id is required to generate the JWS token.'
-            );
-        }
-
-        // Your Services ID, e.g. com.aaronparecki.services
-        if (!$client_id = $this->config->filter('keys')->get('id') ?: $this->config->filter('keys')->get('key')) {
-            throw new InvalidApplicationCredentialsException(
-                'Missing parameter id: your client id is required to generate the JWS token.'
-            );
-        }
-
-        // Find the 10-char Key ID value from the portal
-        if (!$key_id = $this->config->filter('keys')->get('key_id')) {
-            throw new InvalidApplicationCredentialsException(
-                'Missing parameter key_id: your key id is required to generate the JWS token.'
-            );
-        }
-
-        // Find the 10-char Key ID value from the portal
-        $key_content = $this->config->filter('keys')->get('key_content');
-
-        // Save your private key from Apple in a file called `key.txt`
-        if (!$key_content) {
-            if (!$key_file = $this->config->filter('keys')->get('key_file')) {
-                throw new InvalidApplicationCredentialsException(
-                    'Missing parameter key_content or key_file: your key is required to generate the JWS token.'
-                );
-            }
-
-            if (!file_exists($key_file)) {
-                throw new InvalidApplicationCredentialsException(
-                    "Your key file $key_file does not exist."
-                );
-            }
-
-            $key_content = file_get_contents($key_file);
-        }
-
-        $data = [
-            'iat' => time(),
-            'exp' => time() + 86400 * 180,
-            'iss' => $team_id,
-            'aud' => 'https://appleid.apple.com',
-            'sub' => $client_id
-        ];
-
-        $secret = JWT::encode($data, $key_content, 'ES256', $key_id);
-
-        return $secret;
-    }
+	/**
+	 * {@inheritdoc}
+	 */
+	protected $scope = 'name email';
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected $apiBaseUrl = 'https://appleid.apple.com/auth/';
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected $authorizeUrl = 'https://appleid.apple.com/auth/authorize';
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected $accessTokenUrl = 'https://appleid.apple.com/auth/token';
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected $apiDocumentation = 'https://developer.apple.com/documentation/sign_in_with_apple';
+
+	/**
+	 * {@inheritdoc}
+	 * The Sign in with Apple servers require percent encoding (or URL encoding)
+	 * for its query parameters. If you are using the Sign in with Apple REST API,
+	 * you must provide values with encoded spaces (`%20`) instead of plus (`+`) signs.
+	 */
+	protected $AuthorizeUrlParametersEncType = PHP_QUERY_RFC3986;
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected function initialize()
+	{
+		parent::initialize();
+		$this->AuthorizeUrlParameters['response_mode'] = 'form_post';
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected function configure()
+	{
+		$keys = $this->config->get('keys');
+		$keys['secret'] = $this->getSecret();
+		$this->config->set('keys', $keys);
+		return parent::configure();
+	}
+
+	/**
+	 * {@inheritdoc}
+	 *
+	 * include id_token $tokenNames
+	 */
+	public function getAccessToken()
+	{
+		$tokenNames = [
+			'access_token',
+			'id_token',
+			'access_token_secret',
+			'token_type',
+			'refresh_token',
+			'expires_in',
+			'expires_at',
+		];
+
+		$tokens = [];
+
+		foreach ($tokenNames as $name) {
+			if ($this->getStoredData($name)) {
+				$tokens[$name] = $this->getStoredData($name);
+			}
+		}
+
+		return $tokens;
+	}
+
+	/**
+	 * {@inheritdoc}
+	 */
+	protected function validateAccessTokenExchange($response)
+	{
+		$collection = parent::validateAccessTokenExchange($response);
+
+		$this->storeData('id_token', $collection->get('id_token'));
+
+		return $collection;
+	}
+
+	public function getUserProfile()
+	{
+		$id_token = $this->getStoredData('id_token');
+
+		$verifyTokenSignature =
+			$this->config->exists('verifyTokenSignature') ? $this->config->get('verifyTokenSignature') : true;
+
+		if (!$verifyTokenSignature) {
+			// payload extraction by https://github.com/omidborjian
+			// https://github.com/hybridauth/hybridauth/issues/1095#issuecomment-626479263
+			// JWT splits the string to 3 components 1) first is header 2) is payload 3) is signature
+			$payload = explode('.', $id_token)[1];
+			$payload = json_decode(base64_decode($payload));
+		} else {
+			// validate the token signature and get the payload
+			$publicKeys = $this->apiRequest('keys');
+
+			\Firebase\JWT\JWT::$leeway = 120;
+
+			$error = false;
+			$payload = null;
+
+			foreach ($publicKeys->keys as $publicKey) {
+				try {
+					$rsa = new RSA();
+					$jwk = (array)$publicKey;
+
+					$rsa->loadKey(
+						[
+							'e' => new BigInteger(base64_decode($jwk['e']), 256),
+							'n' => new BigInteger(base64_decode(strtr($jwk['n'], '-_', '+/'), true), 256)
+						]
+					);
+					$pem = $rsa->getPublicKey();
+
+					$payload = JWT::decode($id_token, $pem, ['RS256']);
+					break;
+				} catch (\Exception $e) {
+					$error = $e->getMessage();
+					if ($e instanceof \Firebase\JWT\ExpiredException) {
+						break;
+					}
+				}
+			}
+
+			if ($error && !$payload) {
+				throw new \Exception($error);
+			}
+		}
+
+		$data = new Data\Collection($payload);
+
+		if (!$data->exists('sub')) {
+			throw new UnexpectedValueException('Missing token payload.');
+		}
+
+		$userProfile = new User\Profile();
+		$userProfile->identifier = $data->get('sub');
+		$userProfile->email = $data->get('email');
+		$this->storeData('expires_at', $data->get('exp'));
+
+		if (!empty($_REQUEST['user'])) {
+			$objUser = json_decode($_REQUEST['user']);
+			$user = new Data\Collection($objUser);
+			if (!$user->isEmpty()) {
+				$name = $user->get('name');
+				$userProfile->firstName = $name->firstName;
+				$userProfile->lastName = $name->lastName;
+				$userProfile->displayName = join(' ', [$userProfile->firstName, $userProfile->lastName]);
+			}
+		}
+
+		return $userProfile;
+	}
+
+	/**
+	 * @return string secret token
+	 */
+	private function getSecret()
+	{
+		// Your 10-character Team ID
+		if (!$team_id = $this->config->filter('keys')->get('team_id')) {
+			throw new InvalidApplicationCredentialsException(
+				'Missing parameter team_id: your team id is required to generate the JWS token.'
+			);
+		}
+
+		// Your Services ID, e.g. com.aaronparecki.services
+		if (!$client_id = $this->config->filter('keys')->get('id') ?: $this->config->filter('keys')->get('key')) {
+			throw new InvalidApplicationCredentialsException(
+				'Missing parameter id: your client id is required to generate the JWS token.'
+			);
+		}
+
+		// Find the 10-char Key ID value from the portal
+		if (!$key_id = $this->config->filter('keys')->get('key_id')) {
+			throw new InvalidApplicationCredentialsException(
+				'Missing parameter key_id: your key id is required to generate the JWS token.'
+			);
+		}
+
+		// Find the 10-char Key ID value from the portal
+		$key_content = $this->config->filter('keys')->get('key_content');
+
+		// Save your private key from Apple in a file called `key.txt`
+		if (!$key_content) {
+			if (!$key_file = $this->config->filter('keys')->get('key_file')) {
+				throw new InvalidApplicationCredentialsException(
+					'Missing parameter key_content or key_file: your key is required to generate the JWS token.'
+				);
+			}
+
+			if (!file_exists($key_file)) {
+				throw new InvalidApplicationCredentialsException(
+					"Your key file $key_file does not exist."
+				);
+			}
+
+			$key_content = file_get_contents($key_file);
+		}
+
+		$data = [
+			'iat' => time(),
+			'exp' => time() + 86400 * 180,
+			'iss' => $team_id,
+			'aud' => 'https://appleid.apple.com',
+			'sub' => $client_id
+		];
+
+		$secret = JWT::encode($data, $key_content, 'ES256', $key_id);
+
+		return $secret;
+	}
 }

Spacing +12 added lines, -12 removed lines

@@ -160,7 +160,7 @@ 
         $verifyTokenSignature =
             $this->config->exists('verifyTokenSignature') ? $this->config->get('verifyTokenSignature') : true;
 
-        if (!$verifyTokenSignature) {
+        if ( ! $verifyTokenSignature) {
             // payload extraction by https://github.com/omidborjian
             // https://github.com/hybridauth/hybridauth/issues/1095#issuecomment-626479263
             // JWT splits the string to 3 components 1) first is header 2) is payload 3) is signature
@@ -178,7 +178,7 @@ 
             foreach ($publicKeys->keys as $publicKey) {
                 try {
                     $rsa = new RSA();
-                    $jwk = (array)$publicKey;
+                    $jwk = (array) $publicKey;
 
                     $rsa->loadKey(
                         [
@@ -198,14 +198,14 @@ 
                 }
             }
 
-            if ($error && !$payload) {
+            if ($error && ! $payload) {
                 throw new \Exception($error);
             }
         }
 
         $data = new Data\Collection($payload);
 
-        if (!$data->exists('sub')) {
+        if ( ! $data->exists('sub')) {
             throw new UnexpectedValueException('Missing token payload.');
         }
 
@@ -214,10 +214,10 @@ 
         $userProfile->email = $data->get('email');
         $this->storeData('expires_at', $data->get('exp'));
 
-        if (!empty($_REQUEST['user'])) {
+        if ( ! empty($_REQUEST['user'])) {
             $objUser = json_decode($_REQUEST['user']);
             $user = new Data\Collection($objUser);
-            if (!$user->isEmpty()) {
+            if ( ! $user->isEmpty()) {
                 $name = $user->get('name');
                 $userProfile->firstName = $name->firstName;
                 $userProfile->lastName = $name->lastName;
@@ -234,21 +234,21 @@ 
     private function getSecret()
     {
         // Your 10-character Team ID
-        if (!$team_id = $this->config->filter('keys')->get('team_id')) {
+        if ( ! $team_id = $this->config->filter('keys')->get('team_id')) {
             throw new InvalidApplicationCredentialsException(
                 'Missing parameter team_id: your team id is required to generate the JWS token.'
             );
         }
 
         // Your Services ID, e.g. com.aaronparecki.services
-        if (!$client_id = $this->config->filter('keys')->get('id') ?: $this->config->filter('keys')->get('key')) {
+        if ( ! $client_id = $this->config->filter('keys')->get('id') ?: $this->config->filter('keys')->get('key')) {
             throw new InvalidApplicationCredentialsException(
                 'Missing parameter id: your client id is required to generate the JWS token.'
             );
         }
 
         // Find the 10-char Key ID value from the portal
-        if (!$key_id = $this->config->filter('keys')->get('key_id')) {
+        if ( ! $key_id = $this->config->filter('keys')->get('key_id')) {
             throw new InvalidApplicationCredentialsException(
                 'Missing parameter key_id: your key id is required to generate the JWS token.'
             );
@@ -258,14 +258,14 @@ 
         $key_content = $this->config->filter('keys')->get('key_content');
 
         // Save your private key from Apple in a file called `key.txt`
-        if (!$key_content) {
-            if (!$key_file = $this->config->filter('keys')->get('key_file')) {
+        if ( ! $key_content) {
+            if ( ! $key_file = $this->config->filter('keys')->get('key_file')) {
                 throw new InvalidApplicationCredentialsException(
                     'Missing parameter key_content or key_file: your key is required to generate the JWS token.'
                 );
             }
 
-            if (!file_exists($key_file)) {
+            if ( ! file_exists($key_file)) {
                 throw new InvalidApplicationCredentialsException(
                     "Your key file $key_file does not exist."
                 );