o2system /
security
@@ -16,7 +16,7 @@ |
||
| 16 | 16 | * @param $className |
| 17 | 17 | */ |
| 18 | 18 | spl_autoload_register( |
| 19 | - function ($className) {
|
|
| 19 | + function($className) {
|
|
| 20 | 20 | if (strpos($className, 'O2System\Security\\') === false) {
|
| 21 | 21 | return; |
| 22 | 22 | } |
@@ -188,20 +188,20 @@ discard block |
||
| 188 | 188 | |
| 189 | 189 | if ($authorization = input()->server('HTTP_AUTHORIZATION')) { |
| 190 | 190 | $authentication = unserialize(base64_decode($authorization)); |
| 191 | - if ($this->login($authentication[ 'username' ], $authentication[ 'password' ])) { |
|
| 191 | + if ($this->login($authentication['username'], $authentication['password'])) { |
|
| 192 | 192 | return true; |
| 193 | 193 | } |
| 194 | 194 | } else { |
| 195 | 195 | $authentication = $this->parseBasic(); |
| 196 | 196 | } |
| 197 | 197 | |
| 198 | - if ($this->login($authentication[ 'username' ], $authentication[ 'password' ])) { |
|
| 198 | + if ($this->login($authentication['username'], $authentication['password'])) { |
|
| 199 | 199 | |
| 200 | 200 | header('Authorization: Basic ' . base64_encode(serialize($authentication))); |
| 201 | 201 | |
| 202 | 202 | return true; |
| 203 | 203 | } else { |
| 204 | - unset($_SERVER[ 'PHP_AUTH_USER' ], $_SERVER[ 'PHP_AUTH_PW' ]); |
|
| 204 | + unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); |
|
| 205 | 205 | $this->protect(); |
| 206 | 206 | } |
| 207 | 207 | |
@@ -214,37 +214,37 @@ discard block |
||
| 214 | 214 | } |
| 215 | 215 | |
| 216 | 216 | if (isset($authentication) AND |
| 217 | - false !== ($password = $this->login($authentication[ 'username' ])) |
|
| 217 | + false !== ($password = $this->login($authentication['username'])) |
|
| 218 | 218 | ) { |
| 219 | - $A1 = md5($authentication[ 'username' ] . ':' . $this->realm . ':' . $password); |
|
| 220 | - $A2 = md5($_SERVER[ 'REQUEST_METHOD' ] . ':' . $authentication[ 'uri' ]); |
|
| 219 | + $A1 = md5($authentication['username'] . ':' . $this->realm . ':' . $password); |
|
| 220 | + $A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $authentication['uri']); |
|
| 221 | 221 | $response = md5( |
| 222 | 222 | $A1 |
| 223 | 223 | . ':' |
| 224 | - . $authentication[ 'nonce' ] |
|
| 224 | + . $authentication['nonce'] |
|
| 225 | 225 | . ':' |
| 226 | - . $authentication[ 'nc' ] |
|
| 226 | + . $authentication['nc'] |
|
| 227 | 227 | . ':' |
| 228 | - . $authentication[ 'cnonce' ] |
|
| 228 | + . $authentication['cnonce'] |
|
| 229 | 229 | . ':' |
| 230 | - . $authentication[ 'qop' ] |
|
| 230 | + . $authentication['qop'] |
|
| 231 | 231 | . ':' |
| 232 | 232 | . $A2 |
| 233 | 233 | ); |
| 234 | 234 | |
| 235 | - if ($authentication[ 'response' ] === $response) { |
|
| 235 | + if ($authentication['response'] === $response) { |
|
| 236 | 236 | header( |
| 237 | 237 | sprintf( |
| 238 | 238 | 'Authorization: Digest username="%s", realm="%s", nonce="%s", uri="%s", qop=%s, nc=%s, cnonce="%s", response="%s", opaque="%s"', |
| 239 | - $authentication[ 'username' ], |
|
| 239 | + $authentication['username'], |
|
| 240 | 240 | $this->realm, |
| 241 | - $authentication[ 'nonce' ], |
|
| 242 | - $authentication[ 'uri' ], |
|
| 243 | - $authentication[ 'qop' ], |
|
| 244 | - $authentication[ 'nc' ], |
|
| 245 | - $authentication[ 'cnonce' ], |
|
| 241 | + $authentication['nonce'], |
|
| 242 | + $authentication['uri'], |
|
| 243 | + $authentication['qop'], |
|
| 244 | + $authentication['nc'], |
|
| 245 | + $authentication['cnonce'], |
|
| 246 | 246 | $response, |
| 247 | - $authentication[ 'opaque' ] |
|
| 247 | + $authentication['opaque'] |
|
| 248 | 248 | ) |
| 249 | 249 | ); |
| 250 | 250 | |
@@ -252,7 +252,7 @@ discard block |
||
| 252 | 252 | } |
| 253 | 253 | } |
| 254 | 254 | |
| 255 | - unset($_SERVER[ 'PHP_AUTH_DIGEST' ], $_SERVER[ 'HTTP_AUTHORIZATION' ]); |
|
| 255 | + unset($_SERVER['PHP_AUTH_DIGEST'], $_SERVER['HTTP_AUTHORIZATION']); |
|
| 256 | 256 | $this->protect(); |
| 257 | 257 | |
| 258 | 258 | break; |
@@ -283,7 +283,7 @@ discard block |
||
| 283 | 283 | return call_user_func_array($this->validation, func_get_args()); |
| 284 | 284 | } else { |
| 285 | 285 | if (array_key_exists($username, $this->users)) { |
| 286 | - if ($this->users[ $username ] === $password) { |
|
| 286 | + if ($this->users[$username] === $password) { |
|
| 287 | 287 | return true; |
| 288 | 288 | } |
| 289 | 289 | } |
@@ -296,7 +296,7 @@ discard block |
||
| 296 | 296 | return call_user_func_array($this->validation, func_get_args()); |
| 297 | 297 | } else { |
| 298 | 298 | if (array_key_exists($username, $this->users)) { |
| 299 | - return $this->users[ $username ]; |
|
| 299 | + return $this->users[$username]; |
|
| 300 | 300 | } |
| 301 | 301 | } |
| 302 | 302 | } |
@@ -373,14 +373,14 @@ discard block |
||
| 373 | 373 | foreach ($parts as $part) { |
| 374 | 374 | $elements = explode('=', $part); |
| 375 | 375 | $elements = array_map( |
| 376 | - function ($element) { |
|
| 376 | + function($element) { |
|
| 377 | 377 | return trim(str_replace('"', '', $element)); |
| 378 | 378 | |
| 379 | 379 | }, |
| 380 | 380 | $elements |
| 381 | 381 | ); |
| 382 | 382 | |
| 383 | - $data[ $elements[ 0 ] ] = $elements[ 1 ]; |
|
| 383 | + $data[$elements[0]] = $elements[1]; |
|
| 384 | 384 | } |
| 385 | 385 | |
| 386 | 386 | return empty($data) |
@@ -67,6 +67,6 @@ |
||
| 67 | 67 | */ |
| 68 | 68 | public static function map($algorithm) |
| 69 | 69 | { |
| 70 | - return static::$supported[ $algorithm ]; |
|
| 70 | + return static::$supported[$algorithm]; |
|
| 71 | 71 | } |
| 72 | 72 | } |
| 73 | 73 | \ No newline at end of file |
@@ -59,15 +59,15 @@ discard block |
||
| 59 | 59 | |
| 60 | 60 | if (class_exists('\O2System\Framework', false) or class_exists('\O2System\Reactor', false)) { |
| 61 | 61 | $this->options = config()->getItem('cookie')->getArrayCopy(); |
| 62 | - $this->options[ 'expire' ] = time() + $this->options[ 'lifetime' ]; |
|
| 63 | - unset($this->options[ 'lifetime' ]); |
|
| 62 | + $this->options['expire'] = time() + $this->options['lifetime']; |
|
| 63 | + unset($this->options['lifetime']); |
|
| 64 | 64 | } |
| 65 | 65 | |
| 66 | - $this->options[ 'domain' ] = empty($this->options[ 'domain' ]) |
|
| 67 | - ? isset($_SERVER[ 'HTTP_HOST' ]) |
|
| 68 | - ? $_SERVER[ 'HTTP_HOST' ] |
|
| 69 | - : $_SERVER[ 'SERVER_NAME' ] |
|
| 70 | - : $this->options[ 'domain' ]; |
|
| 66 | + $this->options['domain'] = empty($this->options['domain']) |
|
| 67 | + ? isset($_SERVER['HTTP_HOST']) |
|
| 68 | + ? $_SERVER['HTTP_HOST'] |
|
| 69 | + : $_SERVER['SERVER_NAME'] |
|
| 70 | + : $this->options['domain']; |
|
| 71 | 71 | } |
| 72 | 72 | |
| 73 | 73 | // ------------------------------------------------------------------------ |
@@ -85,7 +85,7 @@ discard block |
||
| 85 | 85 | { |
| 86 | 86 | foreach ($options as $key => $value) { |
| 87 | 87 | if (array_key_exists($key, $this->options)) { |
| 88 | - $this->options[ $key ] = $value; |
|
| 88 | + $this->options[$key] = $value; |
|
| 89 | 89 | } |
| 90 | 90 | } |
| 91 | 91 | |
@@ -110,8 +110,8 @@ discard block |
||
| 110 | 110 | ? serialize($value) |
| 111 | 111 | : $value; |
| 112 | 112 | |
| 113 | - $name = isset($this->options[ 'prefix' ]) |
|
| 114 | - ? $this->options[ 'prefix' ] . $name |
|
| 113 | + $name = isset($this->options['prefix']) |
|
| 114 | + ? $this->options['prefix'] . $name |
|
| 115 | 115 | : $name; |
| 116 | 116 | |
| 117 | 117 | $value = $this->crypt->encrypt($value); |
@@ -119,9 +119,9 @@ discard block |
||
| 119 | 119 | return setcookie( |
| 120 | 120 | $name, |
| 121 | 121 | $value, |
| 122 | - $this->options[ 'expire' ], |
|
| 123 | - $this->options[ 'path' ], |
|
| 124 | - '.' . ltrim($this->options[ 'domain' ], '.'), |
|
| 122 | + $this->options['expire'], |
|
| 123 | + $this->options['path'], |
|
| 124 | + '.' . ltrim($this->options['domain'], '.'), |
|
| 125 | 125 | false, |
| 126 | 126 | false |
| 127 | 127 | ); |
@@ -140,8 +140,8 @@ discard block |
||
| 140 | 140 | */ |
| 141 | 141 | public function decrypt($name) |
| 142 | 142 | { |
| 143 | - $name = isset($this->options[ 'prefix' ]) |
|
| 144 | - ? $this->options[ 'prefix' ] . $name |
|
| 143 | + $name = isset($this->options['prefix']) |
|
| 144 | + ? $this->options['prefix'] . $name |
|
| 145 | 145 | : $name; |
| 146 | 146 | |
| 147 | 147 | if ($value = input()->cookie($name)) { |
@@ -119,8 +119,8 @@ discard block |
||
| 119 | 119 | $tokenParts = array_map('trim', $tokenParts); |
| 120 | 120 | |
| 121 | 121 | return [ |
| 122 | - 'oauth_consumer_key' => $tokenParts[ 1 ], |
|
| 123 | - 'oauth_consumer_secret' => $tokenParts[ 0 ], |
|
| 122 | + 'oauth_consumer_key' => $tokenParts[1], |
|
| 123 | + 'oauth_consumer_secret' => $tokenParts[0], |
|
| 124 | 124 | ]; |
| 125 | 125 | } |
| 126 | 126 | |
@@ -201,8 +201,8 @@ discard block |
||
| 201 | 201 | 'oauth_consumer_key' => $this->key, |
| 202 | 202 | ]; |
| 203 | 203 | |
| 204 | - $parameters[ 'oauth_signature' ] = $oauth->generateSignature($httpMethod, $callbackUrl, $parameters); |
|
| 205 | - $parameters[ 'oauth_version' ] = $this->version; |
|
| 204 | + $parameters['oauth_signature'] = $oauth->generateSignature($httpMethod, $callbackUrl, $parameters); |
|
| 205 | + $parameters['oauth_version'] = $this->version; |
|
| 206 | 206 | |
| 207 | 207 | $parts = []; |
| 208 | 208 | foreach ($parameters as $key => $value) { |
@@ -31,10 +31,10 @@ |
||
| 31 | 31 | */ |
| 32 | 32 | public function getSecretCode(Oauth\Client\Account $client, array $options = []) |
| 33 | 33 | { |
| 34 | - $scope = $this->config[ 'scope' ]; |
|
| 35 | - if (isset($options[ 'scope' ])) { |
|
| 36 | - if (is_array($options[ 'scope' ])) { |
|
| 37 | - $scope = array_merge($scope, $options[ 'scope' ]); |
|
| 34 | + $scope = $this->config['scope']; |
|
| 35 | + if (isset($options['scope'])) { |
|
| 36 | + if (is_array($options['scope'])) { |
|
| 37 | + $scope = array_merge($scope, $options['scope']); |
|
| 38 | 38 | } |
| 39 | 39 | } |
| 40 | 40 | |
@@ -107,19 +107,19 @@ discard block |
||
| 107 | 107 | $privateKey = $client->offsetGet('private_key'); |
| 108 | 108 | } |
| 109 | 109 | |
| 110 | - $scope = $this->config[ 'token' ][ 'scope' ]; |
|
| 111 | - if (isset($options[ 'scope' ])) { |
|
| 112 | - if (is_array($options[ 'scope' ])) { |
|
| 113 | - $scope = array_merge($scope, $options[ 'scope' ]); |
|
| 110 | + $scope = $this->config['token']['scope']; |
|
| 111 | + if (isset($options['scope'])) { |
|
| 112 | + if (is_array($options['scope'])) { |
|
| 113 | + $scope = array_merge($scope, $options['scope']); |
|
| 114 | 114 | } |
| 115 | 115 | } |
| 116 | 116 | |
| 117 | - if (isset($options[ 'lifetime' ])) { |
|
| 118 | - $this->config[ 'token' ][ 'lifetime' ] = $options[ 'lifetime' ]; |
|
| 117 | + if (isset($options['lifetime'])) { |
|
| 118 | + $this->config['token']['lifetime'] = $options['lifetime']; |
|
| 119 | 119 | } |
| 120 | 120 | |
| 121 | - if (isset($options[ 'refresh_lifetime' ])) { |
|
| 122 | - $this->config[ 'token' ][ 'refresh_lifetime' ] = $options[ 'refresh_lifetime' ]; |
|
| 121 | + if (isset($options['refresh_lifetime'])) { |
|
| 122 | + $this->config['token']['refresh_lifetime'] = $options['refresh_lifetime']; |
|
| 123 | 123 | } |
| 124 | 124 | |
| 125 | 125 | $payload = $this->createPayload($client, $scope); |
@@ -129,9 +129,9 @@ discard block |
||
| 129 | 129 | |
| 130 | 130 | return [ |
| 131 | 131 | "access_token" => $accessToken, |
| 132 | - "expires_in" => $this->config[ 'token' ][ 'lifetime' ], |
|
| 133 | - "token_type" => $this->config[ 'token' ][ 'type' ], |
|
| 134 | - "scope" => $payload[ 'scope' ], |
|
| 132 | + "expires_in" => $this->config['token']['lifetime'], |
|
| 133 | + "token_type" => $this->config['token']['type'], |
|
| 134 | + "scope" => $payload['scope'], |
|
| 135 | 135 | ]; |
| 136 | 136 | } |
| 137 | 137 | |
@@ -149,7 +149,7 @@ discard block |
||
| 149 | 149 | protected function createPayload(Oauth\Client\Account $client, array $scope = []) |
| 150 | 150 | { |
| 151 | 151 | // token to encrypt |
| 152 | - $expires = time() + $this->config[ 'token' ][ 'lifetime' ]; |
|
| 152 | + $expires = time() + $this->config['token']['lifetime']; |
|
| 153 | 153 | |
| 154 | 154 | $id = Token::generate(40, Token::ALPHAHASH_STRING); |
| 155 | 155 | $payload = [ |
@@ -157,7 +157,7 @@ discard block |
||
| 157 | 157 | // the internal id of the token |
| 158 | 158 | 'jti' => $id, |
| 159 | 159 | // a unique token identifier for the token (JWT ID) |
| 160 | - 'iss' => $this->config[ 'issuer' ], |
|
| 160 | + 'iss' => $this->config['issuer'], |
|
| 161 | 161 | // the id of the server who issued the token (Issuer) |
| 162 | 162 | 'aud' => $client->id, |
| 163 | 163 | // the id of the client who requested the token (Audience) |
@@ -165,7 +165,7 @@ discard block |
||
| 165 | 165 | // the id of the user for which the token was released (Subject) |
| 166 | 166 | 'exp' => $expires, |
| 167 | 167 | 'iat' => time(), |
| 168 | - 'token_type' => $this->config[ 'token' ][ 'type' ], |
|
| 168 | + 'token_type' => $this->config['token']['type'], |
|
| 169 | 169 | 'scope' => empty($scope) ? null : implode(' ', $scope), |
| 170 | 170 | ]; |
| 171 | 171 | |
@@ -91,51 +91,51 @@ discard block |
||
| 91 | 91 | $httpAuthorization = explode(' ', $httpAuthorization); |
| 92 | 92 | $httpAuthorization = array_map('trim', $httpAuthorization); |
| 93 | 93 | |
| 94 | - switch (strtoupper($httpAuthorization[ 0 ])) { |
|
| 94 | + switch (strtoupper($httpAuthorization[0])) { |
|
| 95 | 95 | default: |
| 96 | 96 | case 'OAUTH': |
| 97 | 97 | array_shift($httpAuthorization); |
| 98 | - $httpAuthorization = array_map(function ($string) { |
|
| 98 | + $httpAuthorization = array_map(function($string) { |
|
| 99 | 99 | $string = str_replace(['"', ','], '', $string); |
| 100 | 100 | $string = explode('=', $string); |
| 101 | 101 | |
| 102 | 102 | return [ |
| 103 | - 'key' => str_replace('oauth_', '', $string[ 0 ]), |
|
| 104 | - 'value' => $string[ 1 ], |
|
| 103 | + 'key' => str_replace('oauth_', '', $string[0]), |
|
| 104 | + 'value' => $string[1], |
|
| 105 | 105 | ]; |
| 106 | 106 | }, $httpAuthorization); |
| 107 | 107 | |
| 108 | 108 | $oauthParams = []; |
| 109 | 109 | foreach ($httpAuthorization as $param) { |
| 110 | - $oauthParams[ $param[ 'key' ] ] = $param[ 'value' ]; |
|
| 110 | + $oauthParams[$param['key']] = $param['value']; |
|
| 111 | 111 | } |
| 112 | 112 | |
| 113 | - $this->oauth->signature_method = $oauthParams[ 'signature_method' ]; |
|
| 114 | - $this->oauth->nonce = $oauthParams[ 'nonce' ]; |
|
| 115 | - $this->oauth->timestamp = $oauthParams[ 'timestamp' ]; |
|
| 116 | - $this->oauth->consumer_key = $oauthParams[ 'consumer_key' ]; |
|
| 117 | - $this->oauth->version = $oauthParams[ 'version' ]; |
|
| 113 | + $this->oauth->signature_method = $oauthParams['signature_method']; |
|
| 114 | + $this->oauth->nonce = $oauthParams['nonce']; |
|
| 115 | + $this->oauth->timestamp = $oauthParams['timestamp']; |
|
| 116 | + $this->oauth->consumer_key = $oauthParams['consumer_key']; |
|
| 117 | + $this->oauth->version = $oauthParams['version']; |
|
| 118 | 118 | |
| 119 | - if (isset($oauthParams[ 'callback' ])) { |
|
| 120 | - $this->oauth->callback = urldecode($oauthParams[ 'callback' ]); |
|
| 119 | + if (isset($oauthParams['callback'])) { |
|
| 120 | + $this->oauth->callback = urldecode($oauthParams['callback']); |
|
| 121 | 121 | } |
| 122 | 122 | |
| 123 | - if (isset($oauthParams[ 'signature' ])) { |
|
| 124 | - $this->oauth->signature = $oauthParams[ 'signature' ]; |
|
| 123 | + if (isset($oauthParams['signature'])) { |
|
| 124 | + $this->oauth->signature = $oauthParams['signature']; |
|
| 125 | 125 | } |
| 126 | 126 | |
| 127 | 127 | $this->oauth->callconsumerHandler(); |
| 128 | 128 | break; |
| 129 | 129 | case 'BASIC': |
| 130 | 130 | case 'BEARER': |
| 131 | - $this->oauth->bearer = $httpAuthorization[ 1 ]; |
|
| 131 | + $this->oauth->bearer = $httpAuthorization[1]; |
|
| 132 | 132 | $bearer = base64_decode($this->oauth->bearer); |
| 133 | 133 | $bearer = explode(':', $bearer); |
| 134 | 134 | $bearer = array_map('trim', $bearer); |
| 135 | 135 | |
| 136 | 136 | if (count($bearer) == 2) { |
| 137 | - $this->oauth->consumer_key = $bearer[ 0 ]; |
|
| 138 | - $this->oauth->consumer_secret = $bearer[ 1 ]; |
|
| 137 | + $this->oauth->consumer_key = $bearer[0]; |
|
| 138 | + $this->oauth->consumer_secret = $bearer[1]; |
|
| 139 | 139 | |
| 140 | 140 | $this->oauth->callconsumerHandler(); |
| 141 | 141 | } |
@@ -149,8 +149,8 @@ discard block |
||
| 149 | 149 | $verifier = array_map('trim', $verifier); |
| 150 | 150 | |
| 151 | 151 | if (count($verifier) == 2) { |
| 152 | - $this->oauth->token = $verifier[ 0 ]; |
|
| 153 | - $this->oauth->token_secret = $verifier[ 1 ]; |
|
| 152 | + $this->oauth->token = $verifier[0]; |
|
| 153 | + $this->oauth->token_secret = $verifier[1]; |
|
| 154 | 154 | } |
| 155 | 155 | } |
| 156 | 156 | |
@@ -195,16 +195,16 @@ discard block |
||
| 195 | 195 | if ( ! empty($this->token)) { |
| 196 | 196 | if ($this->model->insertTokenNonce([ |
| 197 | 197 | 'id_consumer_token' => $this->token->id, |
| 198 | - 'nonce' => $token[ 'nonce' ] = Oauth::generateNonce(), |
|
| 199 | - 'timestamp' => $token[ 'timestamp' ] = date('Y-m-d H:m:s'), |
|
| 200 | - 'expires' => $token[ 'expires' ] = time() + 3600, |
|
| 198 | + 'nonce' => $token['nonce'] = Oauth::generateNonce(), |
|
| 199 | + 'timestamp' => $token['timestamp'] = date('Y-m-d H:m:s'), |
|
| 200 | + 'expires' => $token['expires'] = time() + 3600, |
|
| 201 | 201 | ])) { |
| 202 | 202 | return new DataStructures\Token([ |
| 203 | 203 | 'key' => $this->token->key, |
| 204 | 204 | 'secret' => $this->token->secret, |
| 205 | - 'nonce' => $token[ 'nonce' ], |
|
| 206 | - 'timestamp' => $token[ 'timestamp' ], |
|
| 207 | - 'expires' => $token[ 'expires' ], |
|
| 205 | + 'nonce' => $token['nonce'], |
|
| 206 | + 'timestamp' => $token['timestamp'], |
|
| 207 | + 'expires' => $token['expires'], |
|
| 208 | 208 | 'verifier' => (new Token($this->token->key, $this->token->secret))->getVerifier(), |
| 209 | 209 | ]); |
| 210 | 210 | } |
@@ -212,17 +212,17 @@ discard block |
||
| 212 | 212 | |
| 213 | 213 | $token = $this->generateToken('ACCESS'); |
| 214 | 214 | $token = new DataStructures\Token([ |
| 215 | - 'id' => $token[ 'id' ], |
|
| 216 | - 'key' => $token[ 'key' ], |
|
| 217 | - 'secret' => $token[ 'secret' ], |
|
| 218 | - 'verifier' => (new Token($token[ 'key' ], $token[ 'secret' ]))->getVerifier(), |
|
| 215 | + 'id' => $token['id'], |
|
| 216 | + 'key' => $token['key'], |
|
| 217 | + 'secret' => $token['secret'], |
|
| 218 | + 'verifier' => (new Token($token['key'], $token['secret']))->getVerifier(), |
|
| 219 | 219 | ]); |
| 220 | 220 | |
| 221 | 221 | if ($this->model->insertTokenNonce([ |
| 222 | - 'id_consumer_token' => $token[ 'id' ], |
|
| 223 | - 'nonce' => $token[ 'nonce' ] = Oauth::generateNonce(), |
|
| 224 | - 'timestamp' => $token[ 'timestamp' ] = date('Y-m-d H:m:s'), |
|
| 225 | - 'expires' => $token[ 'expires' ] = time() + 3600, |
|
| 222 | + 'id_consumer_token' => $token['id'], |
|
| 223 | + 'nonce' => $token['nonce'] = Oauth::generateNonce(), |
|
| 224 | + 'timestamp' => $token['timestamp'] = date('Y-m-d H:m:s'), |
|
| 225 | + 'expires' => $token['expires'] = time() + 3600, |
|
| 226 | 226 | ])) { |
| 227 | 227 | return $token; |
| 228 | 228 | } |
@@ -279,15 +279,15 @@ discard block |
||
| 279 | 279 | |
| 280 | 280 | if ($this->model->insertToken([ |
| 281 | 281 | 'id_consumer' => $this->consumer->id, |
| 282 | - 'key' => $token[ 'key' ], |
|
| 283 | - 'secret' => $token[ 'secret' ], |
|
| 282 | + 'key' => $token['key'], |
|
| 283 | + 'secret' => $token['secret'], |
|
| 284 | 284 | 'type' => $type, |
| 285 | 285 | 'callback' => $callback, |
| 286 | 286 | ])) { |
| 287 | - $token[ 'id' ] = $this->model->db->getLastInsertId(); |
|
| 287 | + $token['id'] = $this->model->db->getLastInsertId(); |
|
| 288 | 288 | |
| 289 | 289 | if ($this->model->insertTokenNonce([ |
| 290 | - 'id_consumer_token' => $token[ 'id' ], |
|
| 290 | + 'id_consumer_token' => $token['id'], |
|
| 291 | 291 | 'nonce' => $nonce, |
| 292 | 292 | 'timestamp' => date('Y-m-d H:m:s'), |
| 293 | 293 | 'expires' => time() + 3600, |
@@ -90,7 +90,7 @@ |
||
| 90 | 90 | } |
| 91 | 91 | |
| 92 | 92 | if ($payload) { |
| 93 | - $payload[ 'timestamp' ] = time(); |
|
| 93 | + $payload['timestamp'] = time(); |
|
| 94 | 94 | |
| 95 | 95 | $segments[] = Base64::encode(Json::encode($signature)); |
| 96 | 96 | $segments[] = $token = Base64::encode(Signature::generate([ |
