@@ -65,18 +65,18 @@ discard block |
||
65 | 65 | } |
66 | 66 | |
67 | 67 | $refreshToken = $request->getParsedBody()['refresh_token'] ?? ''; |
68 | - if(!$refreshToken) { |
|
68 | + if (!$refreshToken) { |
|
69 | 69 | throw new OAuthException('invalid_request', 'Missing a required parameter : refresh_token', |
70 | 70 | 'https://tools.ietf.org/html/rfc6749#section-4.3'); |
71 | 71 | } |
72 | 72 | |
73 | 73 | $refreshToken = $this->refreshTokenStorage->get($refreshToken); |
74 | - if(!$refreshToken || $refreshToken->getClientId() !== $client->getIdentifier()) { |
|
74 | + if (!$refreshToken || $refreshToken->getClientId() !== $client->getIdentifier()) { |
|
75 | 75 | throw new OAuthException('invalid_grant', 'Refresh token is invalid', |
76 | 76 | 'https://tools.ietf.org/html/rfc6749#section-4.3'); |
77 | 77 | } |
78 | 78 | |
79 | - if(!is_null($refreshToken->getExpiresAt()) && $refreshToken->getExpiresAt() < time()) { |
|
79 | + if (!is_null($refreshToken->getExpiresAt()) && $refreshToken->getExpiresAt() < time()) { |
|
80 | 80 | $this->refreshTokenStorage->revoke($refreshToken->getToken()); |
81 | 81 | |
82 | 82 | throw new OAuthException('invalid_grant', 'Refresh token has expired', |
@@ -84,16 +84,16 @@ discard block |
||
84 | 84 | } |
85 | 85 | |
86 | 86 | $includedScopes = isset($request->getParsedBody()['scope']) ? explode(' ', $request->getParsedBody()['scope']) : null; |
87 | - if(is_array($includedScopes) && !empty(array_diff($includedScopes, explode(' ', $refreshToken->getToken())))) { |
|
87 | + if (is_array($includedScopes) && !empty(array_diff($includedScopes, explode(' ', $refreshToken->getToken())))) { |
|
88 | 88 | throw new OAuthException('invalid_scope', |
89 | - 'Some of scope included are not granted for this token. Scope granted : ' . $refreshToken->getScope(), |
|
89 | + 'Some of scope included are not granted for this token. Scope granted : '.$refreshToken->getScope(), |
|
90 | 90 | 'https://tools.ietf.org/html/rfc6749#section-6'); |
91 | 91 | } |
92 | 92 | |
93 | 93 | // issue an access token token and, optionally, a refresh token |
94 | 94 | $accessToken = $this->accessTokenStorage->create($client->getIdentifier(), $refreshToken->getUserId(), $refreshToken->getScope()); |
95 | 95 | $newRefreshToken = null; |
96 | - if($this->configurationRepository->getConfig(Config::REGENERATE_REFRESH_TOKENS_AFTER_USE)) { |
|
96 | + if ($this->configurationRepository->getConfig(Config::REGENERATE_REFRESH_TOKENS_AFTER_USE)) { |
|
97 | 97 | $this->refreshTokenStorage->revoke($refreshToken->getToken()); |
98 | 98 | $newRefreshToken = $this->refreshTokenStorage->create( |
99 | 99 | $refreshToken->getClientId(), $refreshToken->getUserId(), $refreshToken->getScope())->getToken(); |
@@ -73,7 +73,7 @@ |
||
73 | 73 | |
74 | 74 | $this->authorizationCodeStorage->revoke($authorizationCode->getCode()); |
75 | 75 | |
76 | - if($authorizationCode->getExpiresAt() < time()) { |
|
76 | + if ($authorizationCode->getExpiresAt() < time()) { |
|
77 | 77 | throw new OAuthException('invalid_grant', 'Authorization code has expired', |
78 | 78 | 'https://tools.ietf.org/html/rfc6749#section-4.1.3'); |
79 | 79 | } |
@@ -96,11 +96,11 @@ |
||
96 | 96 | * @throws \Exception |
97 | 97 | */ |
98 | 98 | public function validate() { |
99 | - if(!$this->responseType) { |
|
99 | + if (!$this->responseType) { |
|
100 | 100 | throw new \Exception('Missing response_type parameter'); |
101 | 101 | } |
102 | 102 | |
103 | - if(!$this->clientId) { |
|
103 | + if (!$this->clientId) { |
|
104 | 104 | throw new \Exception('Missing client_id parameter'); |
105 | 105 | } |
106 | 106 | return true; |
@@ -44,7 +44,7 @@ |
||
44 | 44 | * @throws OAuthException |
45 | 45 | */ |
46 | 46 | public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner, |
47 | - RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
47 | + RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
48 | 48 | { |
49 | 49 | if (is_array($client->getSupportedGrantTypes()) && !in_array('authorization_code', $client->getSupportedGrantTypes())) { |
50 | 50 | throw new OAuthException('unauthorized_client', |
@@ -28,7 +28,7 @@ |
||
28 | 28 | * @return array |
29 | 29 | */ |
30 | 30 | public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner, |
31 | - RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array; |
|
31 | + RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array; |
|
32 | 32 | |
33 | 33 | public function getDefaultResponseMode(): string; |
34 | 34 | public function isQueryResponseModeSupported(): bool; |
@@ -40,7 +40,7 @@ |
||
40 | 40 | * @return array |
41 | 41 | */ |
42 | 42 | public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner, |
43 | - RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
43 | + RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
44 | 44 | { |
45 | 45 | // TODO: Implement handle() method. |
46 | 46 | } |
@@ -62,7 +62,7 @@ |
||
62 | 62 | |
63 | 63 | } |
64 | 64 | |
65 | - if(!$state && $this->configurationRepository->getConfig(Config::ENFORCE_STATE)) { |
|
65 | + if (!$state && $this->configurationRepository->getConfig(Config::ENFORCE_STATE)) { |
|
66 | 66 | throw new OAuthException('invalid_request', |
67 | 67 | 'Missing a required parameter : state', |
68 | 68 | 'http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint' |
@@ -33,7 +33,7 @@ |
||
33 | 33 | * @return array |
34 | 34 | */ |
35 | 35 | public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner, |
36 | - RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
36 | + RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
37 | 37 | { |
38 | 38 | $claims = []; |
39 | 39 |
@@ -37,12 +37,12 @@ |
||
37 | 37 | { |
38 | 38 | $claims = []; |
39 | 39 | |
40 | - if(isset($extendedResponseTypes['code'])) { |
|
40 | + if (isset($extendedResponseTypes['code'])) { |
|
41 | 41 | //c_hash |
42 | 42 | $code = $extendedResponseTypes['code']->handle()['code']; |
43 | 43 | $result['code'] = $code; |
44 | 44 | } |
45 | - if(isset($extendedResponseTypes['token'])) { |
|
45 | + if (isset($extendedResponseTypes['token'])) { |
|
46 | 46 | //at_hash |
47 | 47 | $token = $extendedResponseTypes['token']->handle()['token']; |
48 | 48 | $result['token'] = $token; |
@@ -30,7 +30,7 @@ discard block |
||
30 | 30 | * @return array |
31 | 31 | */ |
32 | 32 | public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner, |
33 | - RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
33 | + RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
34 | 34 | { |
35 | 35 | return []; |
36 | 36 | } |
@@ -63,6 +63,6 @@ discard block |
||
63 | 63 | |
64 | 64 | public function getExtendedResponseTypes(): ?array |
65 | 65 | { |
66 | - return null; |
|
66 | + return null; |
|
67 | 67 | } |
68 | 68 | } |
69 | 69 | \ No newline at end of file |
@@ -30,12 +30,12 @@ |
||
30 | 30 | { |
31 | 31 | $missingClaims = array_diff(self::REQUIRED_CLAIMS, array_keys($claims)); |
32 | 32 | if (!empty($missingClaims)) { |
33 | - throw new \Exception('Missing claims : ' . implode(', ', $missingClaims)); |
|
33 | + throw new \Exception('Missing claims : '.implode(', ', $missingClaims)); |
|
34 | 34 | } |
35 | 35 | |
36 | 36 | $undefinedClaims = array_diff(array_keys($claims), self::DEFINED_CLAIMS); |
37 | 37 | if (!empty($undefinedClaims)) { |
38 | - throw new \Exception('Undefined claims : ' . implode(', ', $undefinedClaims)); |
|
38 | + throw new \Exception('Undefined claims : '.implode(', ', $undefinedClaims)); |
|
39 | 39 | } |
40 | 40 | |
41 | 41 | // todo check nonce required if present in authentication request |