php-guard /
oauth-server
@@ -36,7 +36,7 @@ discard block |
||
| 36 | 36 | $grantType = $this->server->getGrantTypeRepository()->getGrantType($grantTypeName); |
| 37 | 37 | if (!$grantType) { |
| 38 | 38 | return new ErrorResponse('unsupported_grant_type', |
| 39 | - 'Unsupported grant type : ' . $grantTypeName, |
|
| 39 | + 'Unsupported grant type : '.$grantTypeName, |
|
| 40 | 40 | 'https://tools.ietf.org/html/rfc6749#section-5.2'); |
| 41 | 41 | } |
| 42 | 42 | |
@@ -54,18 +54,18 @@ discard block |
||
| 54 | 54 | } catch (OAuthException $e) { |
| 55 | 55 | if ($e->getError() == 'invalid_client' && $request->hasHeader('Authorization')) { |
| 56 | 56 | return new ErrorResponse($e->getError(), |
| 57 | - 'Client authentication failed : ' . $e->getMessage(), |
|
| 57 | + 'Client authentication failed : '.$e->getMessage(), |
|
| 58 | 58 | $e->getErrorUri(), 401, [ |
| 59 | 59 | 'WWW-Authenticate' => 'Basic' |
| 60 | 60 | ]); |
| 61 | 61 | } else { |
| 62 | 62 | return new ErrorResponse($e->getError(), |
| 63 | - 'Client authentication failed : ' . $e->getMessage(), |
|
| 63 | + 'Client authentication failed : '.$e->getMessage(), |
|
| 64 | 64 | $e->getErrorUri(), 401); |
| 65 | 65 | } |
| 66 | 66 | } |
| 67 | 67 | |
| 68 | - if(!$client) { |
|
| 68 | + if (!$client) { |
|
| 69 | 69 | if (!isset($request->getParsedBody()['client_id'])) { |
| 70 | 70 | return new ErrorResponse('invalid_request', |
| 71 | 71 | 'Client authentication not included, missing a parameter : client_id : ', |
@@ -81,7 +81,7 @@ discard block |
||
| 81 | 81 | |
| 82 | 82 | if ($client->hasCredentials()) { |
| 83 | 83 | return new ErrorResponse('invalid_client', |
| 84 | - 'Client authentication failed : ' . $guard->getError(), |
|
| 84 | + 'Client authentication failed : '.$guard->getError(), |
|
| 85 | 85 | 'https://tools.ietf.org/html/rfc6749#section-5.2', 401, [ |
| 86 | 86 | 'WWW-Authenticate' => 'Basic' |
| 87 | 87 | ]); |
@@ -90,7 +90,7 @@ discard block |
||
| 90 | 90 | |
| 91 | 91 | if (is_array($client->getSupportedGrantTypes()) && !in_array($grantType->getUri(), $client->getSupportedGrantTypes())) { |
| 92 | 92 | return new ErrorResponse('unauthorized_client', |
| 93 | - 'Unauthorized grant type : ' . $grantType->getUri(), |
|
| 93 | + 'Unauthorized grant type : '.$grantType->getUri(), |
|
| 94 | 94 | 'https://tools.ietf.org/html/rfc6749#section-5.2'); |
| 95 | 95 | } |
| 96 | 96 | |
@@ -96,8 +96,7 @@ |
||
| 96 | 96 | |
| 97 | 97 | try { |
| 98 | 98 | return $grantType->grant($request, $client); |
| 99 | - } |
|
| 100 | - catch (OAuthException $e) { |
|
| 99 | + } catch (OAuthException $e) { |
|
| 101 | 100 | return new ErrorResponse($e->getError(), |
| 102 | 101 | $e->getErrorDescription(), |
| 103 | 102 | $e->getErrorUri()); |
@@ -221,7 +221,7 @@ |
||
| 221 | 221 | if (!$scopePolicyManager->checkScope($client, $scope)) { |
| 222 | 222 | $supportedScopes = implode(', ', $scopePolicyManager->getSupportedScopes($client)); |
| 223 | 223 | throw new OAuthException('invalid_scope', |
| 224 | - 'Some of requested scopes are not supported. Scope supported : ' . $supportedScopes, |
|
| 224 | + 'Some of requested scopes are not supported. Scope supported : '.$supportedScopes, |
|
| 225 | 225 | 'https://tools.ietf.org/html/rfc6749#section-4.1'); |
| 226 | 226 | } |
| 227 | 227 | |
@@ -30,7 +30,7 @@ discard block |
||
| 30 | 30 | * @return array |
| 31 | 31 | */ |
| 32 | 32 | public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner, |
| 33 | - RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
| 33 | + RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
| 34 | 34 | { |
| 35 | 35 | return []; |
| 36 | 36 | } |
@@ -63,7 +63,7 @@ discard block |
||
| 63 | 63 | |
| 64 | 64 | public function getExtendedResponseTypes(): ?array |
| 65 | 65 | { |
| 66 | - return null; |
|
| 66 | + return null; |
|
| 67 | 67 | } |
| 68 | 68 | |
| 69 | 69 | public function isQueryResponseModeSupported(): bool |
@@ -60,7 +60,7 @@ |
||
| 60 | 60 | * @throws \Exception |
| 61 | 61 | */ |
| 62 | 62 | public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner, |
| 63 | - RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
| 63 | + RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
| 64 | 64 | { |
| 65 | 65 | $data = $request->getMethod() === 'GET' ? $request->getQueryParams() : $request->getParsedBody(); |
| 66 | 66 | |
@@ -74,25 +74,25 @@ discard block |
||
| 74 | 74 | ]; |
| 75 | 75 | |
| 76 | 76 | // todo, include if auth_time is marked as an essential claim by the client otherwise it is optional (conf ?) |
| 77 | - if(isset($data['max_age']) && $data['max_age']) { |
|
| 77 | + if (isset($data['max_age']) && $data['max_age']) { |
|
| 78 | 78 | $claims['auth_time'] = $resourceOwner->getTimeWhenAuthenticationOccured(); |
| 79 | 79 | } |
| 80 | 80 | |
| 81 | - if(isset($data['nonce']) && !is_null($data['nonce'])) { |
|
| 81 | + if (isset($data['nonce']) && !is_null($data['nonce'])) { |
|
| 82 | 82 | $claims['nonce'] = $data['nonce']; |
| 83 | 83 | } |
| 84 | 84 | |
| 85 | - if(empty($extendedResponseTypes)) { |
|
| 85 | + if (empty($extendedResponseTypes)) { |
|
| 86 | 86 | $standardClaims = $this->userInfoClaimsStorage->getClaims($resourceOwner); |
| 87 | 87 | |
| 88 | 88 | foreach ($this->userInfoClaimsStorage->getClaimsByScope($scope) as $claimRequested) { |
| 89 | - if(isset($standardClaims[$claimRequested]) && $standardClaims[$claimRequested]) { |
|
| 89 | + if (isset($standardClaims[$claimRequested]) && $standardClaims[$claimRequested]) { |
|
| 90 | 90 | $claims[$claimRequested] = $standardClaims[$claimRequested]; |
| 91 | 91 | } |
| 92 | 92 | } |
| 93 | 93 | } |
| 94 | 94 | |
| 95 | - if(isset($extendedResponseTypes['code'])) { |
|
| 95 | + if (isset($extendedResponseTypes['code'])) { |
|
| 96 | 96 | //c_hash |
| 97 | 97 | /** |
| 98 | 98 | * @var \OAuth2OLD\ResponseTypes\ResponseTypeInterface $responseType |
@@ -103,7 +103,7 @@ discard block |
||
| 103 | 103 | $claims['c_hash'] = 'todo'; //todo |
| 104 | 104 | } |
| 105 | 105 | |
| 106 | - if(isset($extendedResponseTypes['token'])) { |
|
| 106 | + if (isset($extendedResponseTypes['token'])) { |
|
| 107 | 107 | //at_hash |
| 108 | 108 | /** |
| 109 | 109 | * @var \OAuth2OLD\ResponseTypes\ResponseTypeInterface $responseType |
@@ -111,8 +111,7 @@ |
||
| 111 | 111 | $token = $responseType->handle($request, $resourceOwner, $client, $scope)['token']; |
| 112 | 112 | $result['token'] = $token; |
| 113 | 113 | $claims['at_hash'] = 'todo'; //todo |
| 114 | - } |
|
| 115 | - else { |
|
| 114 | + } else { |
|
| 116 | 115 | $requestedScopes = isset($data['scope']) ? explode(' ', $data['scope']) : []; |
| 117 | 116 | |
| 118 | 117 | if ((empty($requestedScopes) && !is_null($scope)) || (is_array($scope) && !empty(array_diff($requestedScopes, $scope)))) { |
@@ -41,7 +41,7 @@ |
||
| 41 | 41 | * @throws OAuthException |
| 42 | 42 | */ |
| 43 | 43 | public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner, |
| 44 | - RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
| 44 | + RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
|
| 45 | 45 | { |
| 46 | 46 | $data = $request->getMethod() === 'GET' ? $request->getQueryParams() : $request->getParsedBody(); |
| 47 | 47 | |
@@ -107,7 +107,7 @@ |
||
| 107 | 107 | |
| 108 | 108 | // todo, repository for response mode |
| 109 | 109 | // https://developer.okta.com/docs/api/resources/oidc#parameter-details |
| 110 | - /* |
|
| 110 | + /* |
|
| 111 | 111 | if (isset($data['response_mode']) && $data['response_mode'] == 'post_message') { |
| 112 | 112 | return $this->popupResponse(['access_token' => 'a'], $redirectUri); |
| 113 | 113 | } else { |
@@ -38,7 +38,7 @@ discard block |
||
| 38 | 38 | /** |
| 39 | 39 | * @var RegisteredClient $client |
| 40 | 40 | */ |
| 41 | - if($res = $this->verify($request, $result)) { |
|
| 41 | + if ($res = $this->verify($request, $result)) { |
|
| 42 | 42 | return $res; |
| 43 | 43 | } |
| 44 | 44 | |
@@ -56,7 +56,7 @@ discard block |
||
| 56 | 56 | $result = []; |
| 57 | 57 | |
| 58 | 58 | try { |
| 59 | - if(!$resourceOwner->isConsentGivenForClient($client)) { |
|
| 59 | + if (!$resourceOwner->isConsentGivenForClient($client)) { |
|
| 60 | 60 | throw new OAuthException('access_denied', |
| 61 | 61 | 'The resource owner server denied the request', |
| 62 | 62 | 'https://tools.ietf.org/html/rfc6749#section-4.1.1'); |
@@ -68,7 +68,7 @@ discard block |
||
| 68 | 68 | * @var ResponseTypeInterface $responseType |
| 69 | 69 | */ |
| 70 | 70 | foreach ($responseTypes as $responseType) { |
| 71 | - if($responseType->getExtendedResponseTypes()) { |
|
| 71 | + if ($responseType->getExtendedResponseTypes()) { |
|
| 72 | 72 | $extendedResponseTypes = array_merge($extendedResponseTypes, $responseType->getExtendedResponseTypes()); |
| 73 | 73 | } |
| 74 | 74 | $responseTypeNames[] = $responseType->getResponseType(); |
@@ -78,7 +78,7 @@ discard block |
||
| 78 | 78 | * @var ResponseTypeInterface $responseType |
| 79 | 79 | */ |
| 80 | 80 | foreach ($responseTypes as $responseType) { |
| 81 | - if(!in_array($responseType->getResponseType(), $extendedResponseTypes)) { |
|
| 81 | + if (!in_array($responseType->getResponseType(), $extendedResponseTypes)) { |
|
| 82 | 82 | $extendedResponseTypes = null; |
| 83 | 83 | if ($responseType->getExtendedResponseTypes()) { |
| 84 | 84 | $extendedResponseTypeNames = array_intersect($responseType->getExtendedResponseTypes(), array_keys($responseTypes)); |
@@ -98,7 +98,7 @@ discard block |
||
| 98 | 98 | $data['state'] ?? null); |
| 99 | 99 | } |
| 100 | 100 | |
| 101 | - if(isset($data['state'])) { |
|
| 101 | + if (isset($data['state'])) { |
|
| 102 | 102 | $result['state'] = $data['state']; |
| 103 | 103 | } |
| 104 | 104 | |
@@ -258,7 +258,7 @@ discard block |
||
| 258 | 258 | if (!$scopePolicyManager->checkScope($client, $scope)) { |
| 259 | 259 | $supportedScopes = implode(', ', $scopePolicyManager->getSupportedScopes($client)); |
| 260 | 260 | throw new OAuthException('invalid_scope', |
| 261 | - 'Some of requested scopes are not supported. Scope supported : ' . $supportedScopes, |
|
| 261 | + 'Some of requested scopes are not supported. Scope supported : '.$supportedScopes, |
|
| 262 | 262 | 'https://tools.ietf.org/html/rfc6749#section-4.1'); |
| 263 | 263 | } |
| 264 | 264 | |
@@ -417,12 +417,12 @@ discard block |
||
| 417 | 417 | $responseType = $this->server->getResponseTypeRepository()->getResponseType($responseTypeName); |
| 418 | 418 | if (!$responseType) { |
| 419 | 419 | throw new OAuthException('invalid_request', |
| 420 | - 'Unknown response_type : ' . $responseTypeName); |
|
| 420 | + 'Unknown response_type : '.$responseTypeName); |
|
| 421 | 421 | } |
| 422 | 422 | |
| 423 | 423 | if (!$responseType->isMultiValuedResponseTypeSupported()) { |
| 424 | 424 | throw new OAuthException('invalid_request', |
| 425 | - 'Multi-valued response_type not supported with response_type : ' . $responseTypeName); |
|
| 425 | + 'Multi-valued response_type not supported with response_type : '.$responseTypeName); |
|
| 426 | 426 | } |
| 427 | 427 | |
| 428 | 428 | $responseTypes[$responseTypeName] = $responseType; |
@@ -46,7 +46,7 @@ |
||
| 46 | 46 | $certsRepository = $this->sqlOauth->getRepository(Cert::class); |
| 47 | 47 | |
| 48 | 48 | $actualCerts = $certsRepository->findBy([], ['createdAt' => 'DESC'], 2); |
| 49 | - if(!isset($actualCerts[0])) { |
|
| 49 | + if (!isset($actualCerts[0])) { |
|
| 50 | 50 | list('privKey' => $privKey, 'pubKey' => $pubKey, 'rsa' => $rsa) = $this->generateRSAKeys(); |
| 51 | 51 | |
| 52 | 52 | $oldCert = new Cert(); |
@@ -30,12 +30,12 @@ |
||
| 30 | 30 | { |
| 31 | 31 | $missingClaims = array_diff(self::REQUIRED_CLAIMS, array_keys($claims)); |
| 32 | 32 | if (!empty($missingClaims)) { |
| 33 | - throw new \Exception('Missing claims : ' . implode(', ', $missingClaims)); |
|
| 33 | + throw new \Exception('Missing claims : '.implode(', ', $missingClaims)); |
|
| 34 | 34 | } |
| 35 | 35 | |
| 36 | 36 | $undefinedClaims = array_diff(array_keys($claims), self::DEFINED_CLAIMS); |
| 37 | 37 | if (!empty($undefinedClaims)) { |
| 38 | - throw new \Exception('Undefined claims : ' . implode(', ', $undefinedClaims)); |
|
| 38 | + throw new \Exception('Undefined claims : '.implode(', ', $undefinedClaims)); |
|
| 39 | 39 | } |
| 40 | 40 | |
| 41 | 41 | // todo check nonce required if present in authentication request |
@@ -445,7 +445,7 @@ |
||
| 445 | 445 | { |
| 446 | 446 | $getter = 'get'.ucfirst($this->snakeToCamel($offset)); |
| 447 | 447 | $result = $this->{$getter}(); |
| 448 | - if(is_object($result)) { |
|
| 448 | + if (is_object($result)) { |
|
| 449 | 449 | return json_encode($result); |
| 450 | 450 | } |
| 451 | 451 | return $result; |
