metaclassing /
PHP7-Laravel5-EnterpriseAuth
@@ -1,14 +1,14 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -Route::middleware([config('enterpriseauth.routes.middleware')])->group(function () { |
|
| 3 | +Route::middleware([config('enterpriseauth.routes.middleware')])->group(function() { |
|
| 4 | 4 | Route::get(config('enterpriseauth.routes.login'), 'Metaclassing\EnterpriseAuth\Controllers\WebAuthController@redirectToOauthProvider'); |
| 5 | 5 | Route::get(config('enterpriseauth.routes.callback'), 'Metaclassing\EnterpriseAuth\Controllers\WebAuthController@handleOauthResponse'); |
| 6 | 6 | |
| 7 | 7 | // This handles a situation where a route with the NAME of login does not exist, we define it to keep from breaking framework redirects hard coded |
| 8 | - if (! \Route::has('login')) { |
|
| 8 | + if (!\Route::has('login')) { |
|
| 9 | 9 | Route::get('login', 'Metaclassing\EnterpriseAuth\Controllers\WebAuthController@loginOrRegister')->name('login'); |
| 10 | 10 | } |
| 11 | - if (! \Route::has('register')) { |
|
| 11 | + if (!\Route::has('register')) { |
|
| 12 | 12 | Route::get('register', 'Metaclassing\EnterpriseAuth\Controllers\WebAuthController@loginOrRegister')->name('register'); |
| 13 | 13 | } |
| 14 | 14 | }); |
@@ -1,7 +1,7 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | // Authenticated user information routes |
| 4 | -Route::middleware([config('enterpriseauth.apiroutes.middleware'), config('enterpriseauth.apiroutes.authmiddleware')])->group(function () { |
|
| 4 | +Route::middleware([config('enterpriseauth.apiroutes.middleware'), config('enterpriseauth.apiroutes.authmiddleware')])->group(function() { |
|
| 5 | 5 | |
| 6 | 6 | /** |
| 7 | 7 | * @SWG\Get( |
@@ -46,7 +46,7 @@ |
||
| 46 | 46 | */ |
| 47 | 47 | public function guest() |
| 48 | 48 | { |
| 49 | - return ! $this->check(); |
|
| 49 | + return !$this->check(); |
|
| 50 | 50 | } |
| 51 | 51 | |
| 52 | 52 | /** |
@@ -98,7 +98,7 @@ |
||
| 98 | 98 | { |
| 99 | 99 | //dd($user); |
| 100 | 100 | // WELL this is extremely stupid. if email address isnt set, use their UPN... |
| 101 | - if (! $user['mail']) { |
|
| 101 | + if (!$user['mail']) { |
|
| 102 | 102 | $user['mail'] = $user['userPrincipalName']; |
| 103 | 103 | } |
| 104 | 104 | |
@@ -39,8 +39,8 @@ discard block |
||
| 39 | 39 | $graph = new \Microsoft\Graph\Graph(); |
| 40 | 40 | $graph->setAccessToken($accessToken); |
| 41 | 41 | $user = $graph->createRequest('GET', '/me') |
| 42 | - ->setReturnType(\Microsoft\Graph\Model\User::class) |
|
| 43 | - ->execute(); |
|
| 42 | + ->setReturnType(\Microsoft\Graph\Model\User::class) |
|
| 43 | + ->execute(); |
|
| 44 | 44 | |
| 45 | 45 | return $user->jsonSerialize(); |
| 46 | 46 | } |
@@ -131,9 +131,9 @@ discard block |
||
| 131 | 131 | if (count($groups)) { |
| 132 | 132 | // remove the users existing database roles before assigning new ones |
| 133 | 133 | \DB::table('assigned_roles') |
| 134 | - ->where('entity_id', $user->id) |
|
| 135 | - ->where('entity_type', get_class($user)) |
|
| 136 | - ->delete(); |
|
| 134 | + ->where('entity_id', $user->id) |
|
| 135 | + ->where('entity_type', get_class($user)) |
|
| 136 | + ->delete(); |
|
| 137 | 137 | // add the user to each group they are assigned |
| 138 | 138 | $user->assign($groups); |
| 139 | 139 | } |
@@ -48,7 +48,7 @@ discard block |
||
| 48 | 48 | public function scrubMicrosoftGraphUserData($userData) |
| 49 | 49 | { |
| 50 | 50 | // Fix any stupid crap with missing or null fields |
| 51 | - if (! isset($userData['mail']) || ! $userData['mail']) { |
|
| 51 | + if (!isset($userData['mail']) || !$userData['mail']) { |
|
| 52 | 52 | $userData['mail'] = $userData['userPrincipalName']; |
| 53 | 53 | } |
| 54 | 54 | |
@@ -69,7 +69,7 @@ discard block |
||
| 69 | 69 | // Try to find an existing user |
| 70 | 70 | $user = $userType::where($userIdField, $userData['id'])->first(); |
| 71 | 71 | // If we dont have an existing user |
| 72 | - if (! $user) { |
|
| 72 | + if (!$user) { |
|
| 73 | 73 | // Go create a new one with this data |
| 74 | 74 | $UserFactory = new UserFactory(); |
| 75 | 75 | $user = $UserFactory->convertAzureUser($userData); |
@@ -81,7 +81,7 @@ discard block |
||
| 81 | 81 | public function certAuth() |
| 82 | 82 | { |
| 83 | 83 | // Make sure we got a client certificate from the web server |
| 84 | - if (! $_SERVER['SSL_CLIENT_CERT']) { |
|
| 84 | + if (!$_SERVER['SSL_CLIENT_CERT']) { |
|
| 85 | 85 | throw new \Exception('TLS client certificate missing'); |
| 86 | 86 | } |
| 87 | 87 | // try to parse the certificate we got |
@@ -90,7 +90,7 @@ discard block |
||
| 90 | 90 | $asciicert = str_replace("\t", '', $_SERVER['SSL_CLIENT_CERT']); |
| 91 | 91 | $cert = $x509->loadX509($asciicert); |
| 92 | 92 | $names = $x509->getExtension('id-ce-subjectAltName'); |
| 93 | - if (! $names) { |
|
| 93 | + if (!$names) { |
|
| 94 | 94 | throw new \Exception('TLS client cert missing subject alternative names'); |
| 95 | 95 | } |
| 96 | 96 | // Search subject alt names for user principal name |
@@ -104,12 +104,12 @@ discard block |
||
| 104 | 104 | } |
| 105 | 105 | } |
| 106 | 106 | } |
| 107 | - if (! $upn) { |
|
| 107 | + if (!$upn) { |
|
| 108 | 108 | throw new \Exception('Could not find user principal name in TLS client cert'); |
| 109 | 109 | } |
| 110 | 110 | $user_class = config('enterpriseauth.user_class'); |
| 111 | 111 | $user = $user_class::where('userPrincipalName', $upn)->first(); |
| 112 | - if (! $user) { |
|
| 112 | + if (!$user) { |
|
| 113 | 113 | throw new \Exception('No user found with user principal name '.$upn); |
| 114 | 114 | } |
| 115 | 115 | //dd($user); |
@@ -16,26 +16,26 @@ discard block |
||
| 16 | 16 | // Make sure nobody is including or running this thing without all the required env settings |
| 17 | 17 | $requiredVariables = ['AZURE_AD_CLIENT_ID', 'AZURE_AD_CLIENT_SECRET', 'AZURE_AD_TENANT', 'AZURE_AD_CALLBACK_URL']; |
| 18 | 18 | foreach ($requiredVariables as $env) { |
| 19 | - if (! env($env)) { |
|
| 19 | + if (!env($env)) { |
|
| 20 | 20 | throw new \Exception('enterpriseauth setup error: missing mandatory .env value for '.$env); |
| 21 | 21 | } |
| 22 | 22 | } |
| 23 | 23 | |
| 24 | 24 | // Actually I have my own oauth token cache based authentication guard now lol |
| 25 | 25 | config(['auth.guards.api.driver' => 'oauthtoken']); |
| 26 | - Auth::extend('oauthtoken', function ($app, $name, array $config) { |
|
| 26 | + Auth::extend('oauthtoken', function($app, $name, array $config) { |
|
| 27 | 27 | return new OauthTokenGuard(Auth::createUserProvider($config['provider']), $app->make('request')); |
| 28 | 28 | }); |
| 29 | 29 | |
| 30 | 30 | // Make sure that this vendor dir and the routes dir are in any scanned paths for swagger documentation |
| 31 | 31 | $swaggerScanPaths = config('l5-swagger.paths.annotations'); |
| 32 | - if (! is_array($swaggerScanPaths)) { |
|
| 32 | + if (!is_array($swaggerScanPaths)) { |
|
| 33 | 33 | $swaggerScanPaths = [$swaggerScanPaths]; |
| 34 | 34 | } |
| 35 | - if (! in_array(base_path('routes'), $swaggerScanPaths)) { |
|
| 35 | + if (!in_array(base_path('routes'), $swaggerScanPaths)) { |
|
| 36 | 36 | $swaggerScanPaths[] = base_path('routes'); |
| 37 | 37 | } |
| 38 | - if (! in_array(__DIR__.'/../routes/', $swaggerScanPaths)) { |
|
| 38 | + if (!in_array(__DIR__.'/../routes/', $swaggerScanPaths)) { |
|
| 39 | 39 | $swaggerScanPaths[] = __DIR__.'/../routes/'; |
| 40 | 40 | } |
| 41 | 41 | config(['l5-swagger.paths.annotations' => $swaggerScanPaths]); |
@@ -65,7 +65,7 @@ discard block |
||
| 65 | 65 | { |
| 66 | 66 | // If the routes files for the swagger oauth config is NOT present, and we have all the right info, then generate it really quick |
| 67 | 67 | $swaggerAzureadFile = __DIR__.'/../routes/swagger.azuread.php'; |
| 68 | - if (! file_exists($swaggerAzureadFile)) { |
|
| 68 | + if (!file_exists($swaggerAzureadFile)) { |
|
| 69 | 69 | $aad = new AzureActiveDirectory(env('AZURE_AD_TENANT')); |
| 70 | 70 | //$authorizationUrl = $aad->authorizationEndpoint . '?resource=https://graph.microsoft.com'; |
| 71 | 71 | $authorizationUrl = $aad->authorizationEndpoint; |
