php-guard /
oauth-server
@@ -106,11 +106,11 @@ discard block |
||
| 106 | 106 | $this->responseType->verifyAuthorizationRequest($this, $requestData); |
| 107 | 107 | |
| 108 | 108 | // Authorization Server Authenticates End-User |
| 109 | - if($response = $this->verifyResourceOwner()) { |
|
| 109 | + if ($response = $this->verifyResourceOwner()) { |
|
| 110 | 110 | return $response; |
| 111 | 111 | } |
| 112 | 112 | |
| 113 | - if($response = $this->verifyConsent()) { |
|
| 113 | + if ($response = $this->verifyConsent()) { |
|
| 114 | 114 | return $response; |
| 115 | 115 | } |
| 116 | 116 | |
@@ -187,7 +187,7 @@ discard block |
||
| 187 | 187 | { |
| 188 | 188 | // set the default response in case of invalid response type |
| 189 | 189 | |
| 190 | - $this->responseMode = $this->responseModeManager->getDefaultResponseMode(); |
|
| 190 | + $this->responseMode = $this->responseModeManager->getDefaultResponseMode(); |
|
| 191 | 191 | |
| 192 | 192 | // response_type required |
| 193 | 193 | if (empty($requestData['response_type'])) { |
@@ -255,7 +255,7 @@ discard block |
||
| 255 | 255 | |
| 256 | 256 | $this->redirectUri = $redirectUri; |
| 257 | 257 | } catch (\InvalidArgumentException $e) { |
| 258 | - throw new OAuthException('invalid_request', 'The request includes the malformed parameter redirect_uri. ' . $e->getMessage(), |
|
| 258 | + throw new OAuthException('invalid_request', 'The request includes the malformed parameter redirect_uri. '.$e->getMessage(), |
|
| 259 | 259 | 'https://tools.ietf.org/html/rfc6749#section-4.1'); |
| 260 | 260 | } |
| 261 | 261 | } |
@@ -96,11 +96,11 @@ discard block |
||
| 96 | 96 | return $this->resourceOwner->authenticate($this->prompt == self::PROMPT_SELECT_ACCOUNT, $this->loginHint); |
| 97 | 97 | } |
| 98 | 98 | |
| 99 | - if($this->idTokenHint) { |
|
| 99 | + if ($this->idTokenHint) { |
|
| 100 | 100 | // check if user associated to this id token is the current user. |
| 101 | 101 | // var_dump($this->idTokenHint['sub']);die; |
| 102 | - if($this->idTokenHint['sub'] !== $this->resourceOwner->getIdentifier()) { |
|
| 103 | - if($this->prompt == self::PROMPT_NONE) { |
|
| 102 | + if ($this->idTokenHint['sub'] !== $this->resourceOwner->getIdentifier()) { |
|
| 103 | + if ($this->prompt == self::PROMPT_NONE) { |
|
| 104 | 104 | throw new OAuthException('invalid_request'); |
| 105 | 105 | } |
| 106 | 106 | else { |
@@ -160,7 +160,7 @@ discard block |
||
| 160 | 160 | $this->maxAge = empty($requestData['max_age']) ? null : $requestData['max_age']; |
| 161 | 161 | $this->uiLocales = empty($requestData['ui_locales']) ? null : explode(' ', $requestData['ui_locales']); |
| 162 | 162 | |
| 163 | - if(!empty($requestData['id_token_hint'])) { |
|
| 163 | + if (!empty($requestData['id_token_hint'])) { |
|
| 164 | 164 | try { |
| 165 | 165 | $this->idTokenHint = $this->idTokenManager->decode($requestData['id_token_hint']); |
| 166 | 166 | } catch (\Exception $exception) { |
@@ -102,8 +102,7 @@ |
||
| 102 | 102 | if($this->idTokenHint['sub'] !== $this->resourceOwner->getIdentifier()) { |
| 103 | 103 | if($this->prompt == self::PROMPT_NONE) { |
| 104 | 104 | throw new OAuthException('invalid_request'); |
| 105 | - } |
|
| 106 | - else { |
|
| 105 | + } else { |
|
| 107 | 106 | throw new OAuthException('login_required'); |
| 108 | 107 | } |
| 109 | 108 | } |
@@ -50,8 +50,8 @@ |
||
| 50 | 50 | } |
| 51 | 51 | |
| 52 | 52 | public function issueIdToken(ClientInterface $client, |
| 53 | - ResourceOwnerInterface $resourceOwner, |
|
| 54 | - array $additionalClaims = []): string |
|
| 53 | + ResourceOwnerInterface $resourceOwner, |
|
| 54 | + array $additionalClaims = []): string |
|
| 55 | 55 | { |
| 56 | 56 | $metadata = $client->getMetadata(); |
| 57 | 57 | |
@@ -45,7 +45,7 @@ discard block |
||
| 45 | 45 | public function decode(string $idToken): IdTokenInterface |
| 46 | 46 | { |
| 47 | 47 | $claims = $this->jwt->decode($idToken, self::KEY, 'HS256'); |
| 48 | - $idToken = new IdToken((array)$claims); |
|
| 48 | + $idToken = new IdToken((array) $claims); |
|
| 49 | 49 | return $idToken; |
| 50 | 50 | } |
| 51 | 51 | |
@@ -142,7 +142,7 @@ discard block |
||
| 142 | 142 | throw new \UnexpectedValueException('Client metadata Id token signed response alg value is unexpected. |
| 143 | 143 | It must end with "256", "384" or "513"'); |
| 144 | 144 | } |
| 145 | - $macAlgorithm = 'sha' . $macAlgorithm; |
|
| 145 | + $macAlgorithm = 'sha'.$macAlgorithm; |
|
| 146 | 146 | |
| 147 | 147 | $hash = hash($macAlgorithm, $target, true); |
| 148 | 148 | $hash = substr($hash, 0, strlen($hash) / 2); |
@@ -120,7 +120,7 @@ |
||
| 120 | 120 | if (!in_array($macAlgorithm, [256, 384, 512])) { |
| 121 | 121 | die("algotihmn not supported"); |
| 122 | 122 | } |
| 123 | - $macAlgorithm = 'sha' . $macAlgorithm; |
|
| 123 | + $macAlgorithm = 'sha'.$macAlgorithm; |
|
| 124 | 124 | |
| 125 | 125 | |
| 126 | 126 | $atHash = hash($macAlgorithm, $accessToken['access_token'], true); |
@@ -99,7 +99,7 @@ |
||
| 99 | 99 | |
| 100 | 100 | $resourceOwnerIdentifier = $this->authorizationCode->getResourceOwnerIdentifier(); |
| 101 | 101 | |
| 102 | - if(!is_string($resourceOwnerIdentifier)) { |
|
| 102 | + if (!is_string($resourceOwnerIdentifier)) { |
|
| 103 | 103 | throw new OAuthException('server_error', |
| 104 | 104 | 'The authorization server encountered an unexpected condition that prevented it from fulfilling |
| 105 | 105 | the request. The resource owner identifier of this authorization code is invalid.', |
