Issues in Oauth2ServerServiceProvider.php (master) - Issues in master - mvdstam/oauth2-server-laravel - Measure and Improve Code Quality continuously with Scrutinizer

Issues (52)

Security Analysis 8 potential vulnerabilities

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation (7)

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection (1)

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Providers/Oauth2ServerServiceProvider.php (5 issues)

Labels

Security 5

Severity

Critical 5

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php


namespace Mvdstam\Oauth2ServerLaravel\Providers;


use DateInterval;
use Illuminate\Support\ServiceProvider;
use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\CryptKey;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
use League\OAuth2\Server\Entities\UserEntityInterface;
use League\OAuth2\Server\Grant\AuthCodeGrant;
use League\OAuth2\Server\Grant\GrantTypeInterface;
use League\OAuth2\Server\Grant\ImplicitGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\Repositories\UserRepositoryInterface;
use League\OAuth2\Server\ResourceServer;
use Mvdstam\Oauth2ServerLaravel\Commands\CreateClientCommand;
use Mvdstam\Oauth2ServerLaravel\Commands\CreateScopeCommand;
use Mvdstam\Oauth2ServerLaravel\Commands\CreateUserCommand;
use Mvdstam\Oauth2ServerLaravel\Commands\GenerateKeyPairCommand;
use Mvdstam\Oauth2ServerLaravel\Contracts\JWTFactoryInterface;
use Mvdstam\Oauth2ServerLaravel\Entities\AccessToken;
use Mvdstam\Oauth2ServerLaravel\Entities\AuthCode;
use Mvdstam\Oauth2ServerLaravel\Entities\Client;
use Mvdstam\Oauth2ServerLaravel\Entities\RefreshToken;
use Mvdstam\Oauth2ServerLaravel\Entities\Scope;
use Mvdstam\Oauth2ServerLaravel\Entities\User;
use Mvdstam\Oauth2ServerLaravel\Factories\JWTFactory;
use Mvdstam\Oauth2ServerLaravel\Repositories\AccessTokenRepository;
use Mvdstam\Oauth2ServerLaravel\Repositories\AuthCodeRepository;
use Mvdstam\Oauth2ServerLaravel\Repositories\ClientRepository;
use Mvdstam\Oauth2ServerLaravel\Repositories\RefreshTokenRepository;
use Mvdstam\Oauth2ServerLaravel\Repositories\ScopeRepository;
use Mvdstam\Oauth2ServerLaravel\Repositories\UserRepository;

class Oauth2ServerServiceProvider extends ServiceProvider
{

    public function boot()
    {
        $this
            ->publishConfig()
            ->loadRoutes()
            ->loadMigrations()
            ->registerCommands();
    }

    public function register()
    {
        // Merge config
        $this->mergeConfigFrom(
            dirname(__DIR__).'/config/oauth2-server.php', 'oauth2-server'
        );

        /*
         * Bind entities
         */
        $this->app->bind(AccessTokenEntityInterface::class, AccessToken::class);
        $this->app->bind(AuthCodeEntityInterface::class, AuthCode::class);
        $this->app->bind(ClientEntityInterface::class, Client::class);
        $this->app->bind(RefreshTokenEntityInterface::class, RefreshToken::class);
        $this->app->bind(ScopeEntityInterface::class, Scope::class);
        $this->app->bind(UserEntityInterface::class, User::class);

        /*
         * Bind repositories
         */
        $this->app->bind(AccessTokenRepositoryInterface::class, AccessTokenRepository::class);
        $this->app->bind(AuthCodeRepositoryInterface::class, AuthCodeRepository::class);
        $this->app->bind(ClientRepositoryInterface::class, ClientRepository::class);
        $this->app->bind(RefreshTokenRepositoryInterface::class, RefreshTokenRepository::class);
        $this->app->bind(ScopeRepositoryInterface::class, ScopeRepository::class);
        $this->app->bind(UserRepositoryInterface::class, UserRepository::class);

        /*
         * Bind miscellaneous classes
         */
        $this->app->bind(JWTFactoryInterface::class, JWTFactory::class);

        /*
         * OAuth2 Resource server
         */
        $this->app->singleton(ResourceServer::class, function() {
            return new ResourceServer(
                app(AccessTokenRepositoryInterface::class),
                app('oauth2-server.key.public')
            );
        });

        /*
         * OAuth2 Authorization server
         */
        $this->app->singleton(AuthorizationServer::class, function() {
            $authServer = new AuthorizationServer(
                app(ClientRepositoryInterface::class),
                app(AccessTokenRepositoryInterface::class),
                app(ScopeRepositoryInterface::class),
                app('oauth2-server.key.private'),
                app('oauth2-server.key.public')
            );

            if (method_exists($authServer, 'setEncryptionKey')) {
                call_user_func([$authServer, 'setEncryptionKey'], env('APP_KEY'));
            }

            return $authServer;
        });

        /*
         * Add active grants to authorization server
         */
        $this->app->resolving(AuthorizationServer::class, function(AuthorizationServer $authorizationServer) {
            foreach(config('oauth2-server.grants') as $grantConfig) {
                if (!(boolean) $grantConfig['enabled']) continue;

                /** @var GrantTypeInterface $grant */
                $grant = app($grantConfig['class']);
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}

                // Set refresh token TTL
                if ($grant->getIdentifier() !== 'implicit') {
                    $grant->setRefreshTokenTTL(new DateInterval($grantConfig['refresh_token_ttl']));
                }

                // Enable grant type
                $authorizationServer->enableGrantType(
                    $grant,
                    new DateInterval($grantConfig['access_token_ttl'])
                );
            }
        });

        /*
         * Authorization code grant type
         */
        $this->app->singleton(AuthCodeGrant::class, function() {
            return new AuthCodeGrant(
                app(AuthCodeRepositoryInterface::class),
                app(RefreshTokenRepositoryInterface::class),
                new DateInterval(config('oauth2-server.grants.authorization_code.access_token_ttl'))
            );
        });

        /*
         * Implicit grant type
         */
        $this->app->singleton(ImplicitGrant::class, function() {
            return new ImplicitGrant(
                new DateInterval(config('oauth2-server.grants.implicit.access_token_ttl'))
            );
        });

        /*
         * RSA keypair for JWT signing
         */
        $this->app->singleton('oauth2-server.key.public', function() {
            return new CryptKey(config('oauth2-server.key.public'));
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}
        });

        $this->app->singleton('oauth2-server.key.private', function() {
            return new CryptKey(config('oauth2-server.key.private'), config('oauth2-server.key.passphrase'));
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}
        });
    }

    protected function loadRoutes()
    {
        if (!$this->app->routesAreCached()) {
            require dirname(__DIR__) . '/Http/routes.php';
        }

        return $this;
    }

    protected function loadMigrations()
    {
        $this->publishes([
            dirname(__DIR__) . '/migrations' => database_path('migrations')
        ], 'migrations');

        return $this;
    }

    protected function publishConfig()
    {
        $this->publishes([
            dirname(__DIR__) . '/config/oauth2-server.php' => config_path('oauth2-server.php'),
        ]);

        return $this;
    }

    protected function registerCommands()
    {
        if ($this->app->runningInConsole()) {
            $this->commands([
                CreateScopeCommand::class,
                CreateClientCommand::class,
                CreateUserCommand::class,
                GenerateKeyPairCommand::class,
            ]);
        }

        return $this;
    }

}


Issues (52)

Security Analysis 8 potential vulnerabilities

src/Providers/Oauth2ServerServiceProvider.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1 path for user data to reach this point

Used in code-execution context

General Strategies to prevent injection

1 path for user data to reach this point

Used in path-write context

General Strategies to prevent injection

1 path for user data to reach this point

General Strategies to prevent injection

1 path for user data to reach this point

Used in path-write context

General Strategies to prevent injection

1 path for user data to reach this point

General Strategies to prevent injection

1		<?php
2
3
4		namespace Mvdstam\Oauth2ServerLaravel\Providers;
5
6
7		use DateInterval;
8		use Illuminate\Support\ServiceProvider;
9		use League\OAuth2\Server\AuthorizationServer;
10		use League\OAuth2\Server\CryptKey;
11		use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
12		use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
13		use League\OAuth2\Server\Entities\ClientEntityInterface;
14		use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
15		use League\OAuth2\Server\Entities\ScopeEntityInterface;
16		use League\OAuth2\Server\Entities\UserEntityInterface;
17		use League\OAuth2\Server\Grant\AuthCodeGrant;
18		use League\OAuth2\Server\Grant\GrantTypeInterface;
19		use League\OAuth2\Server\Grant\ImplicitGrant;
20		use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
21		use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
22		use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
23		use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
24		use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
25		use League\OAuth2\Server\Repositories\UserRepositoryInterface;
26		use League\OAuth2\Server\ResourceServer;
27		use Mvdstam\Oauth2ServerLaravel\Commands\CreateClientCommand;
28		use Mvdstam\Oauth2ServerLaravel\Commands\CreateScopeCommand;
29		use Mvdstam\Oauth2ServerLaravel\Commands\CreateUserCommand;
30		use Mvdstam\Oauth2ServerLaravel\Commands\GenerateKeyPairCommand;
31		use Mvdstam\Oauth2ServerLaravel\Contracts\JWTFactoryInterface;
32		use Mvdstam\Oauth2ServerLaravel\Entities\AccessToken;
33		use Mvdstam\Oauth2ServerLaravel\Entities\AuthCode;
34		use Mvdstam\Oauth2ServerLaravel\Entities\Client;
35		use Mvdstam\Oauth2ServerLaravel\Entities\RefreshToken;
36		use Mvdstam\Oauth2ServerLaravel\Entities\Scope;
37		use Mvdstam\Oauth2ServerLaravel\Entities\User;
38		use Mvdstam\Oauth2ServerLaravel\Factories\JWTFactory;
39		use Mvdstam\Oauth2ServerLaravel\Repositories\AccessTokenRepository;
40		use Mvdstam\Oauth2ServerLaravel\Repositories\AuthCodeRepository;
41		use Mvdstam\Oauth2ServerLaravel\Repositories\ClientRepository;
42		use Mvdstam\Oauth2ServerLaravel\Repositories\RefreshTokenRepository;
43		use Mvdstam\Oauth2ServerLaravel\Repositories\ScopeRepository;
44		use Mvdstam\Oauth2ServerLaravel\Repositories\UserRepository;
45
46		class Oauth2ServerServiceProvider extends ServiceProvider
47		{
48
49	55	public function boot()
50		{
51		$this
52	55	->publishConfig()
53	55	->loadRoutes()
54	55	->loadMigrations()
55	55	->registerCommands();
56	55	}
57
58	55	public function register()
59		{
60		// Merge config
61	55	$this->mergeConfigFrom(
62	55	dirname(__DIR__).'/config/oauth2-server.php', 'oauth2-server'
63		);
64
65		/*
66		* Bind entities
67		*/
68	55	$this->app->bind(AccessTokenEntityInterface::class, AccessToken::class);
69	55	$this->app->bind(AuthCodeEntityInterface::class, AuthCode::class);
70	55	$this->app->bind(ClientEntityInterface::class, Client::class);
71	55	$this->app->bind(RefreshTokenEntityInterface::class, RefreshToken::class);
72	55	$this->app->bind(ScopeEntityInterface::class, Scope::class);
73	55	$this->app->bind(UserEntityInterface::class, User::class);
74
75		/*
76		* Bind repositories
77		*/
78	55	$this->app->bind(AccessTokenRepositoryInterface::class, AccessTokenRepository::class);
79	55	$this->app->bind(AuthCodeRepositoryInterface::class, AuthCodeRepository::class);
80	55	$this->app->bind(ClientRepositoryInterface::class, ClientRepository::class);
81	55	$this->app->bind(RefreshTokenRepositoryInterface::class, RefreshTokenRepository::class);
82	55	$this->app->bind(ScopeRepositoryInterface::class, ScopeRepository::class);
83	55	$this->app->bind(UserRepositoryInterface::class, UserRepository::class);
84
85		/*
86		* Bind miscellaneous classes
87		*/
88	55	$this->app->bind(JWTFactoryInterface::class, JWTFactory::class);
89
90		/*
91		* OAuth2 Resource server
92		*/
93	55	$this->app->singleton(ResourceServer::class, function() {
94	6	return new ResourceServer(
95	6	app(AccessTokenRepositoryInterface::class),
96	6	app('oauth2-server.key.public')
97		);
98	55	});
99
100		/*
101		* OAuth2 Authorization server
102		*/
103	55	$this->app->singleton(AuthorizationServer::class, function() {
104	12	$authServer = new AuthorizationServer(
105	12	app(ClientRepositoryInterface::class),
106	12	app(AccessTokenRepositoryInterface::class),
107	12	app(ScopeRepositoryInterface::class),
108	12	app('oauth2-server.key.private'),
109	12	app('oauth2-server.key.public')
110		);
111
112	12	if (method_exists($authServer, 'setEncryptionKey')) {
113	12	call_user_func([$authServer, 'setEncryptionKey'], env('APP_KEY'));
114		}
115
116	12	return $authServer;
117	55	});
118
119		/*
120		* Add active grants to authorization server
121		*/
122	55	$this->app->resolving(AuthorizationServer::class, function(AuthorizationServer $authorizationServer) {
123	12	foreach(config('oauth2-server.grants') as $grantConfig) {
124	12	if (!(boolean) $grantConfig['enabled']) continue;
125
126		/** @var GrantTypeInterface $grant */
127	11	$grant = app($grantConfig['class']);
		0 ignored issues – show Security Code Execution introduced 2017-03-23 14:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$grantConfig['class']` can contain request data and is used in code execution context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_SERVER` in vendor/src/Illuminate/Foundation/Bootstrap/SetRequestForConsole.php on line 20 Data is passed through array_replace() in vendor/Request.php on line 324 Data is passed through call_user_func() in vendor/Request.php on line 1936 `\Illuminate\Http\Request::create($url, 'GET', array(), array(), array(), $_SERVER)` is passed to Container::instance() in vendor/src/Illuminate/Foundation/Bootstrap/SetRequestForConsole.php on line 20 Container::$instances is assigned in vendor/src/Illuminate/Container/Container.php on line 346 Tainted property Container::$instances is read in vendor/src/Illuminate/Container/Container.php on line 635 Container::make() returns tainted data in vendor/src/Illuminate/Foundation/helpers.php on line 106 app() returns tainted data in vendor/src/Illuminate/Foundation/helpers.php on line 257 config() returns tainted data, and `$grantConfig` is assigned in src/Providers/Oauth2ServerServiceProvider.php on line 123 Used in code-execution context app() uses Container::make() ($abstract) in vendor/src/Illuminate/Foundation/helpers.php on line 106 Container::make() uses Container::build() ($concrete) in vendor/src/Illuminate/Container/Container.php on line 644 Container::build() uses dynamic function name in vendor/src/Illuminate/Container/Container.php on line 746 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
128
129		// Set refresh token TTL
130	11	if ($grant->getIdentifier() !== 'implicit') {
131	10	$grant->setRefreshTokenTTL(new DateInterval($grantConfig['refresh_token_ttl']));
132		}
133
134		// Enable grant type
135	11	$authorizationServer->enableGrantType(
136	11	$grant,
137	11	new DateInterval($grantConfig['access_token_ttl'])
138		);
139		}
140	55	});
141
142		/*
143		* Authorization code grant type
144		*/
145	55	$this->app->singleton(AuthCodeGrant::class, function() {
146	1	return new AuthCodeGrant(
147	1	app(AuthCodeRepositoryInterface::class),
148	1	app(RefreshTokenRepositoryInterface::class),
149	1	new DateInterval(config('oauth2-server.grants.authorization_code.access_token_ttl'))
150		);
151	55	});
152
153		/*
154		* Implicit grant type
155		*/
156	55	$this->app->singleton(ImplicitGrant::class, function() {
157	1	return new ImplicitGrant(
158	1	new DateInterval(config('oauth2-server.grants.implicit.access_token_ttl'))
159		);
160	55	});
161
162		/*
163		* RSA keypair for JWT signing
164		*/
165	55	$this->app->singleton('oauth2-server.key.public', function() {
166	14	return new CryptKey(config('oauth2-server.key.public'));
		0 ignored issues – show Security File Manipulation introduced 2017-05-21 11:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this `config('oauth2-server.key.public')` can contain request data and is used in file manipulation context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_SERVER` in vendor/src/Illuminate/Foundation/Bootstrap/SetRequestForConsole.php on line 20 Data is passed through array_replace() in vendor/Request.php on line 324 Data is passed through call_user_func() in vendor/Request.php on line 1936 `\Illuminate\Http\Request::create($url, 'GET', array(), array(), array(), $_SERVER)` is passed to Container::instance() in vendor/src/Illuminate/Foundation/Bootstrap/SetRequestForConsole.php on line 20 Container::$instances is assigned in vendor/src/Illuminate/Container/Container.php on line 346 Tainted property Container::$instances is read in vendor/src/Illuminate/Container/Container.php on line 635 Container::make() returns tainted data in vendor/src/Illuminate/Foundation/helpers.php on line 106 app() returns tainted data in vendor/src/Illuminate/Foundation/helpers.php on line 257 config() returns tainted data in src/Providers/Oauth2ServerServiceProvider.php on line 166 Used in path-write context CryptKey::__construct() uses CryptKey::saveKeyToFile() ($key) in vendor/src/CryptKey.php on line 36 CryptKey::saveKeyToFile() uses touch() ($filename) in vendor/src/CryptKey.php on line 62 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history... Security File Manipulation introduced 2017-09-03 10:24 UTC by Report Bug Copy Issue Report Show Similar Issues like this `config('oauth2-server.key.public')` can contain request data and is used in file manipulation context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_SERVER` in vendor/src/Illuminate/Foundation/Bootstrap/SetRequestForConsole.php on line 20 Data is passed through array_replace() in vendor/Request.php on line 324 Data is passed through call_user_func() in vendor/Request.php on line 1936 `\Illuminate\Http\Request::create($url, 'GET', array(), array(), array(), $_SERVER)` is passed to Container::instance() in vendor/src/Illuminate/Foundation/Bootstrap/SetRequestForConsole.php on line 20 Container::$instances is assigned in vendor/src/Illuminate/Container/Container.php on line 346 Tainted property Container::$instances is read in vendor/src/Illuminate/Container/Container.php on line 635 Container::make() returns tainted data in vendor/src/Illuminate/Foundation/helpers.php on line 106 app() returns tainted data in vendor/src/Illuminate/Foundation/helpers.php on line 257 config() returns tainted data in src/Providers/Oauth2ServerServiceProvider.php on line 166 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
167	55	});
168
169	55	$this->app->singleton('oauth2-server.key.private', function() {
170	12	return new CryptKey(config('oauth2-server.key.private'), config('oauth2-server.key.passphrase'));
		0 ignored issues – show Security File Manipulation introduced 2017-03-23 14:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this `config('oauth2-server.key.private')` can contain request data and is used in file manipulation context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_SERVER` in vendor/src/Illuminate/Foundation/Bootstrap/SetRequestForConsole.php on line 20 Data is passed through array_replace() in vendor/Request.php on line 324 Data is passed through call_user_func() in vendor/Request.php on line 1936 `\Illuminate\Http\Request::create($url, 'GET', array(), array(), array(), $_SERVER)` is passed to Container::instance() in vendor/src/Illuminate/Foundation/Bootstrap/SetRequestForConsole.php on line 20 Container::$instances is assigned in vendor/src/Illuminate/Container/Container.php on line 346 Tainted property Container::$instances is read in vendor/src/Illuminate/Container/Container.php on line 635 Container::make() returns tainted data in vendor/src/Illuminate/Foundation/helpers.php on line 106 app() returns tainted data in vendor/src/Illuminate/Foundation/helpers.php on line 257 config() returns tainted data in src/Providers/Oauth2ServerServiceProvider.php on line 170 Used in path-write context CryptKey::__construct() uses CryptKey::saveKeyToFile() ($key) in vendor/src/CryptKey.php on line 36 CryptKey::saveKeyToFile() uses touch() ($filename) in vendor/src/CryptKey.php on line 62 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history... Security File Manipulation introduced 2017-09-03 10:24 UTC by Report Bug Copy Issue Report Show Similar Issues like this `config('oauth2-server.key.private')` can contain request data and is used in file manipulation context(s) leading to a potential security vulnerability. 1 path for user data to reach this point Read from `$_SERVER` in vendor/src/Illuminate/Foundation/Bootstrap/SetRequestForConsole.php on line 20 Data is passed through array_replace() in vendor/Request.php on line 324 Data is passed through call_user_func() in vendor/Request.php on line 1936 `\Illuminate\Http\Request::create($url, 'GET', array(), array(), array(), $_SERVER)` is passed to Container::instance() in vendor/src/Illuminate/Foundation/Bootstrap/SetRequestForConsole.php on line 20 Container::$instances is assigned in vendor/src/Illuminate/Container/Container.php on line 346 Tainted property Container::$instances is read in vendor/src/Illuminate/Container/Container.php on line 635 Container::make() returns tainted data in vendor/src/Illuminate/Foundation/helpers.php on line 106 app() returns tainted data in vendor/src/Illuminate/Foundation/helpers.php on line 257 config() returns tainted data in src/Providers/Oauth2ServerServiceProvider.php on line 170 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
171	55	});
172	55	}
173
174	55	protected function loadRoutes()
175		{
176	55	if (!$this->app->routesAreCached()) {
177	55	require dirname(__DIR__) . '/Http/routes.php';
178		}
179
180	55	return $this;
181		}
182
183	55	protected function loadMigrations()
184		{
185	55	$this->publishes([
186	55	dirname(__DIR__) . '/migrations' => database_path('migrations')
187	55	], 'migrations');
188
189	55	return $this;
190		}
191
192	55	protected function publishConfig()
193		{
194	55	$this->publishes([
195	55	dirname(__DIR__) . '/config/oauth2-server.php' => config_path('oauth2-server.php'),
196		]);
197
198	55	return $this;
199		}
200
201	55	protected function registerCommands()
202		{
203	55	if ($this->app->runningInConsole()) {
204	55	$this->commands([
205	55	CreateScopeCommand::class,
206		CreateClientCommand::class,
207		CreateUserCommand::class,
208		GenerateKeyPairCommand::class,
209		]);
210		}
211
212	55	return $this;
213		}
214
215		}
216

mvdstam / oauth2-server-laravel

Issues (52)

Security Analysis 8 potential vulnerabilities

src/Providers/Oauth2ServerServiceProvider.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1 path for user data to reach this point

Used in code-execution context

General Strategies to prevent injection

1 path for user data to reach this point

Used in path-write context

General Strategies to prevent injection

1 path for user data to reach this point

General Strategies to prevent injection

1 path for user data to reach this point

Used in path-write context

General Strategies to prevent injection

1 path for user data to reach this point

General Strategies to prevent injection

Duplication Side-by-Side

Filter issues like