php-guard /
oauth-server
@@ -136,9 +136,9 @@ |
||
| 136 | 136 | |
| 137 | 137 | public function handleRequest(ServerRequestInterface $request): ResponseInterface |
| 138 | 138 | { |
| 139 | - if($response = $this->verifyRequest($request)) { |
|
| 140 | - return $response; |
|
| 141 | - } |
|
| 139 | + if($response = $this->verifyRequest($request)) { |
|
| 140 | + return $response; |
|
| 141 | + } |
|
| 142 | 142 | |
| 143 | 143 | try { |
| 144 | 144 | if($response = $this->verifyConsent($this->requestData)) { |
@@ -90,7 +90,7 @@ discard block |
||
| 90 | 90 | |
| 91 | 91 | public function verifyRequest(ServerRequestInterface $request): ?ResponseInterface { |
| 92 | 92 | |
| 93 | - if($response = $this->parseRequestData($request)) { |
|
| 93 | + if ($response = $this->parseRequestData($request)) { |
|
| 94 | 94 | return $response; |
| 95 | 95 | } |
| 96 | 96 | |
@@ -107,7 +107,7 @@ discard block |
||
| 107 | 107 | $this->responseType->verifyAuthorizationRequest($this, $this->requestData); |
| 108 | 108 | |
| 109 | 109 | // Authorization Server Authenticates End-User |
| 110 | - if($response = $this->verifyResourceOwner()) { |
|
| 110 | + if ($response = $this->verifyResourceOwner()) { |
|
| 111 | 111 | return $response; |
| 112 | 112 | } |
| 113 | 113 | } catch (OAuthException $e) { |
@@ -136,12 +136,12 @@ discard block |
||
| 136 | 136 | |
| 137 | 137 | public function handleRequest(ServerRequestInterface $request): ResponseInterface |
| 138 | 138 | { |
| 139 | - if($response = $this->verifyRequest($request)) { |
|
| 139 | + if ($response = $this->verifyRequest($request)) { |
|
| 140 | 140 | return $response; |
| 141 | 141 | } |
| 142 | 142 | |
| 143 | 143 | try { |
| 144 | - if($response = $this->verifyConsent($this->requestData)) { |
|
| 144 | + if ($response = $this->verifyConsent($this->requestData)) { |
|
| 145 | 145 | return $response; |
| 146 | 146 | } |
| 147 | 147 | |
@@ -276,7 +276,7 @@ discard block |
||
| 276 | 276 | protected function verifyRedirectUri(?string $redirectUri = null) |
| 277 | 277 | { |
| 278 | 278 | $redirectUris = $this->getClient()->getMetadata()->getRedirectUris(); |
| 279 | - if(empty($redirectUris)) { |
|
| 279 | + if (empty($redirectUris)) { |
|
| 280 | 280 | throw new OAuthException('invalid_request', |
| 281 | 281 | 'Clients using flows with redirection MUST register their redirection URI values', |
| 282 | 282 | 'https://tools.ietf.org/html/rfc7591#section-2.1'); |
@@ -304,7 +304,7 @@ discard block |
||
| 304 | 304 | |
| 305 | 305 | $this->redirectUri = $redirectUri; |
| 306 | 306 | } catch (\InvalidArgumentException $e) { |
| 307 | - throw new OAuthException('invalid_request', 'The request includes the malformed parameter redirect_uri. ' . $e->getMessage(), |
|
| 307 | + throw new OAuthException('invalid_request', 'The request includes the malformed parameter redirect_uri. '.$e->getMessage(), |
|
| 308 | 308 | 'https://tools.ietf.org/html/rfc6749#section-4.1'); |
| 309 | 309 | } |
| 310 | 310 | } |
@@ -120,7 +120,7 @@ |
||
| 120 | 120 | if (!in_array($macAlgorithm, [256, 384, 512])) { |
| 121 | 121 | die("algotihmn not supported"); |
| 122 | 122 | } |
| 123 | - $macAlgorithm = 'sha' . $macAlgorithm; |
|
| 123 | + $macAlgorithm = 'sha'.$macAlgorithm; |
|
| 124 | 124 | |
| 125 | 125 | |
| 126 | 126 | $atHash = hash($macAlgorithm, $accessToken['access_token'], true); |
@@ -96,11 +96,11 @@ discard block |
||
| 96 | 96 | return $this->resourceOwner->authenticate($this->prompt == self::PROMPT_SELECT_ACCOUNT, $this->loginHint); |
| 97 | 97 | } |
| 98 | 98 | |
| 99 | - if($this->idTokenHint) { |
|
| 99 | + if ($this->idTokenHint) { |
|
| 100 | 100 | // check if user associated to this id token is the current user. |
| 101 | 101 | // var_dump($this->idTokenHint['sub']);die; |
| 102 | - if($this->idTokenHint['sub'] !== $this->resourceOwner->getIdentifier()) { |
|
| 103 | - if($this->prompt == self::PROMPT_NONE) { |
|
| 102 | + if ($this->idTokenHint['sub'] !== $this->resourceOwner->getIdentifier()) { |
|
| 103 | + if ($this->prompt == self::PROMPT_NONE) { |
|
| 104 | 104 | throw new OAuthException('invalid_request'); |
| 105 | 105 | } |
| 106 | 106 | else { |
@@ -160,7 +160,7 @@ discard block |
||
| 160 | 160 | $this->maxAge = empty($requestData['max_age']) ? null : $requestData['max_age']; |
| 161 | 161 | $this->uiLocales = empty($requestData['ui_locales']) ? null : explode(' ', $requestData['ui_locales']); |
| 162 | 162 | |
| 163 | - if(!empty($requestData['id_token_hint'])) { |
|
| 163 | + if (!empty($requestData['id_token_hint'])) { |
|
| 164 | 164 | try { |
| 165 | 165 | $this->idTokenHint = $this->idTokenManager->decode($requestData['id_token_hint']); |
| 166 | 166 | } catch (\Exception $exception) { |
@@ -102,8 +102,7 @@ |
||
| 102 | 102 | if($this->idTokenHint['sub'] !== $this->resourceOwner->getIdentifier()) { |
| 103 | 103 | if($this->prompt == self::PROMPT_NONE) { |
| 104 | 104 | throw new OAuthException('invalid_request'); |
| 105 | - } |
|
| 106 | - else { |
|
| 105 | + } else { |
|
| 107 | 106 | throw new OAuthException('login_required'); |
| 108 | 107 | } |
| 109 | 108 | } |
@@ -142,22 +142,22 @@ |
||
| 142 | 142 | function jsonSerialize() |
| 143 | 143 | { |
| 144 | 144 | $data = []; |
| 145 | - if($this->formatted) { |
|
| 145 | + if ($this->formatted) { |
|
| 146 | 146 | $data['formatted'] = $this->formatted; |
| 147 | 147 | } |
| 148 | - if($this->streetAddress) { |
|
| 148 | + if ($this->streetAddress) { |
|
| 149 | 149 | $data['street_address'] = $this->streetAddress; |
| 150 | 150 | } |
| 151 | - if($this->locality) { |
|
| 151 | + if ($this->locality) { |
|
| 152 | 152 | $data['locality'] = $this->locality; |
| 153 | 153 | } |
| 154 | - if($this->region) { |
|
| 154 | + if ($this->region) { |
|
| 155 | 155 | $data['region'] = $this->region; |
| 156 | 156 | } |
| 157 | - if($this->postalCode) { |
|
| 157 | + if ($this->postalCode) { |
|
| 158 | 158 | $data['postal_code'] = $this->postalCode; |
| 159 | 159 | } |
| 160 | - if($this->country) { |
|
| 160 | + if ($this->country) { |
|
| 161 | 161 | $data['country'] = $this->country; |
| 162 | 162 | } |
| 163 | 163 | return empty($data) ? '' : json_encode($data); |
@@ -445,7 +445,7 @@ |
||
| 445 | 445 | { |
| 446 | 446 | $getter = 'get'.ucfirst($this->snakeToCamel($offset)); |
| 447 | 447 | $result = $this->{$getter}(); |
| 448 | - if(is_object($result)) { |
|
| 448 | + if (is_object($result)) { |
|
| 449 | 449 | return json_encode($result); |
| 450 | 450 | } |
| 451 | 451 | return $result; |
@@ -51,8 +51,8 @@ |
||
| 51 | 51 | } |
| 52 | 52 | |
| 53 | 53 | public function issueIdToken(RegisteredClient $client, |
| 54 | - string $resourceOwnerIdentifier, |
|
| 55 | - array $additionalClaims = []): string |
|
| 54 | + string $resourceOwnerIdentifier, |
|
| 55 | + array $additionalClaims = []): string |
|
| 56 | 56 | { |
| 57 | 57 | $metadata = $client->getMetadata(); |
| 58 | 58 | |
@@ -45,7 +45,7 @@ discard block |
||
| 45 | 45 | public function decode(string $idToken): IdTokenInterface |
| 46 | 46 | { |
| 47 | 47 | $claims = $this->jwt->decode($idToken, self::KEY, 'HS256'); |
| 48 | - $idToken = new IdToken((array)$claims); |
|
| 48 | + $idToken = new IdToken((array) $claims); |
|
| 49 | 49 | return $idToken; |
| 50 | 50 | } |
| 51 | 51 | |
@@ -142,7 +142,7 @@ discard block |
||
| 142 | 142 | throw new \UnexpectedValueException('Client metadata Id token signed response alg value is unexpected. |
| 143 | 143 | It must end with "256", "384" or "513"'); |
| 144 | 144 | } |
| 145 | - $macAlgorithm = 'sha' . $macAlgorithm; |
|
| 145 | + $macAlgorithm = 'sha'.$macAlgorithm; |
|
| 146 | 146 | |
| 147 | 147 | $hash = hash($macAlgorithm, $target, true); |
| 148 | 148 | $hash = substr($hash, 0, strlen($hash) / 2); |
@@ -25,7 +25,7 @@ |
||
| 25 | 25 | |
| 26 | 26 | function getClaims() : array |
| 27 | 27 | { |
| 28 | - return $this->claims; |
|
| 28 | + return $this->claims; |
|
| 29 | 29 | } |
| 30 | 30 | |
| 31 | 31 | /** |
@@ -24,7 +24,7 @@ |
||
| 24 | 24 | int $expiresAt, ?string $requestedScope = null, ?string $redirectUri = null, |
| 25 | 25 | ?string $codeChallenge = null, ?string $codeChallengeMethod = null) |
| 26 | 26 | { |
| 27 | - parent::__construct($code, $scope, $clientIdentifier, $resourceOwnerIdentifier, $expiresAt, $requestedScope, $redirectUri); |
|
| 27 | + parent::__construct($code, $scope, $clientIdentifier, $resourceOwnerIdentifier, $expiresAt, $requestedScope, $redirectUri); |
|
| 28 | 28 | $this->codeChallenge = $codeChallenge; |
| 29 | 29 | $this->codeChallengeMethod = $codeChallengeMethod; |
| 30 | 30 | } |
@@ -59,7 +59,7 @@ |
||
| 59 | 59 | $supportedScopes = explode(' ', $client->getMetadata()->getScope()); |
| 60 | 60 | if (!empty(array_diff($scopes, $supportedScopes))) { |
| 61 | 61 | throw new OAuthException('invalid_scope', |
| 62 | - 'The request scope is invalid. Supported scopes : ' . $client->getMetadata()->getScope(), |
|
| 62 | + 'The request scope is invalid. Supported scopes : '.$client->getMetadata()->getScope(), |
|
| 63 | 63 | 'https://tools.ietf.org/html/rfc6749#section-4.1'); |
| 64 | 64 | } |
| 65 | 65 | } |
