redCOMPONENT-COM / redCORE

extensions/libraries/redcore/api/oauth2/OpenID/ResponseType/IdTokenToken.php

Indentation +15 added lines, -15 removed lines

@@ -6,22 +6,22 @@
 
 class IdTokenToken implements IdTokenTokenInterface
 {
-    protected $accessToken;
-    protected $idToken;
+	protected $accessToken;
+	protected $idToken;
 
-    public function __construct(AccessTokenInterface $accessToken, IdTokenInterface $idToken)
-    {
-        $this->accessToken = $accessToken;
-        $this->idToken = $idToken;
-    }
+	public function __construct(AccessTokenInterface $accessToken, IdTokenInterface $idToken)
+	{
+		$this->accessToken = $accessToken;
+		$this->idToken = $idToken;
+	}
 
-    public function getAuthorizeResponse($params, $user_id = null)
-    {
-        $result = $this->accessToken->getAuthorizeResponse($params, $user_id);
-        $access_token = $result[1]['fragment']['access_token'];
-        $id_token = $this->idToken->createIdToken($params['client_id'], $user_id, $params['nonce'], null, $access_token);
-        $result[1]['fragment']['id_token'] = $id_token;
+	public function getAuthorizeResponse($params, $user_id = null)
+	{
+		$result = $this->accessToken->getAuthorizeResponse($params, $user_id);
+		$access_token = $result[1]['fragment']['access_token'];
+		$id_token = $this->idToken->createIdToken($params['client_id'], $user_id, $params['nonce'], null, $access_token);
+		$result[1]['fragment']['id_token'] = $id_token;
 
-        return $result;
-    }
+		return $result;
+	}
 }

extensions/libraries/redcore/api/oauth2/OpenID/ResponseType/AuthorizationCodeInterface.php

Indentation +14 added lines, -14 removed lines

@@ -10,18 +10,18 @@
  */
 interface AuthorizationCodeInterface extends BaseAuthorizationCodeInterface
 {
-    /**
-     * Handle the creation of the authorization code.
-     *
-     * @param $client_id                Client identifier related to the authorization code
-     * @param $user_id                  User ID associated with the authorization code
-     * @param $redirect_uri             An absolute URI to which the authorization server will redirect the
-     *                                  user-agent to when the end-user authorization step is completed.
-     * @param $scope        OPTIONAL    Scopes to be stored in space-separated string.
-     * @param $id_token     OPTIONAL    The OpenID Connect id_token.
-     *
-     * @see http://tools.ietf.org/html/rfc6749#section-4
-     * @ingroup oauth2_section_4
-     */
-    public function createAuthorizationCode($client_id, $user_id, $redirect_uri, $scope = null, $id_token = null);
+	/**
+	 * Handle the creation of the authorization code.
+	 *
+	 * @param $client_id                Client identifier related to the authorization code
+	 * @param $user_id                  User ID associated with the authorization code
+	 * @param $redirect_uri             An absolute URI to which the authorization server will redirect the
+	 *                                  user-agent to when the end-user authorization step is completed.
+	 * @param $scope        OPTIONAL    Scopes to be stored in space-separated string.
+	 * @param $id_token     OPTIONAL    The OpenID Connect id_token.
+	 *
+	 * @see http://tools.ietf.org/html/rfc6749#section-4
+	 * @ingroup oauth2_section_4
+	 */
+	public function createAuthorizationCode($client_id, $user_id, $redirect_uri, $scope = null, $id_token = null);
 }

extensions/libraries/redcore/api/oauth2/OpenID/ResponseType/CodeIdToken.php

Indentation +14 added lines, -14 removed lines

@@ -4,21 +4,21 @@
 
 class CodeIdToken implements CodeIdTokenInterface
 {
-    protected $authCode;
-    protected $idToken;
+	protected $authCode;
+	protected $idToken;
 
-    public function __construct(AuthorizationCodeInterface $authCode, IdTokenInterface $idToken)
-    {
-        $this->authCode = $authCode;
-        $this->idToken = $idToken;
-    }
+	public function __construct(AuthorizationCodeInterface $authCode, IdTokenInterface $idToken)
+	{
+		$this->authCode = $authCode;
+		$this->idToken = $idToken;
+	}
 
-    public function getAuthorizeResponse($params, $user_id = null)
-    {
-        $result = $this->authCode->getAuthorizeResponse($params, $user_id);
-        $id_token = $this->idToken->createIdToken($params['client_id'], $user_id, $params['nonce']);
-        $result[1]['query']['id_token'] = $id_token;
+	public function getAuthorizeResponse($params, $user_id = null)
+	{
+		$result = $this->authCode->getAuthorizeResponse($params, $user_id);
+		$id_token = $this->idToken->createIdToken($params['client_id'], $user_id, $params['nonce']);
+		$result[1]['query']['id_token'] = $id_token;
 
-        return $result;
-    }
+		return $result;
+	}
 }

extensions/libraries/redcore/api/oauth2/Request.php

Indentation +190 added lines, -190 removed lines

@@ -9,132 +9,132 @@ 
  */
 class Request implements RequestInterface
 {
-    public $attributes;
-    public $request;
-    public $query;
-    public $server;
-    public $files;
-    public $cookies;
-    public $headers;
-    public $content;
-
-    /**
-     * Constructor.
-     *
-     * @param array  $query      The GET parameters
-     * @param array  $request    The POST parameters
-     * @param array  $attributes The request attributes (parameters parsed from the PATH_INFO, ...)
-     * @param array  $cookies    The COOKIE parameters
-     * @param array  $files      The FILES parameters
-     * @param array  $server     The SERVER parameters
-     * @param string $content    The raw body data
-     *
-     * @api
-     */
-    public function __construct(array $query = array(), array $request = array(), array $attributes = array(), array $cookies = array(), array $files = array(), array $server = array(), $content = null, array $headers = null)
-    {
-        $this->initialize($query, $request, $attributes, $cookies, $files, $server, $content, $headers);
-    }
-
-    /**
-     * Sets the parameters for this request.
-     *
-     * This method also re-initializes all properties.
-     *
-     * @param array  $query      The GET parameters
-     * @param array  $request    The POST parameters
-     * @param array  $attributes The request attributes (parameters parsed from the PATH_INFO, ...)
-     * @param array  $cookies    The COOKIE parameters
-     * @param array  $files      The FILES parameters
-     * @param array  $server     The SERVER parameters
-     * @param string $content    The raw body data
-     *
-     * @api
-     */
-    public function initialize(array $query = array(), array $request = array(), array $attributes = array(), array $cookies = array(), array $files = array(), array $server = array(), $content = null, array $headers = null)
-    {
-        $this->request = $request;
-        $this->query = $query;
-        $this->attributes = $attributes;
-        $this->cookies = $cookies;
-        $this->files = $files;
-        $this->server = $server;
-        $this->content = $content;
-        $this->headers = is_null($headers) ? $this->getHeadersFromServer($this->server) : $headers;
-    }
-
-    public function query($name, $default = null)
-    {
-        return isset($this->query[$name]) ? $this->query[$name] : $default;
-    }
-
-    public function request($name, $default = null)
-    {
-        return isset($this->request[$name]) ? $this->request[$name] : $default;
-    }
-
-    public function server($name, $default = null)
-    {
-        return isset($this->server[$name]) ? $this->server[$name] : $default;
-    }
-
-    public function headers($name, $default = null)
-    {
-        $headers = array_change_key_case($this->headers);
-        $name = strtolower($name);
-
-        return isset($headers[$name]) ? $headers[$name] : $default;
-    }
-
-    public function getAllQueryParameters()
-    {
-        return $this->query;
-    }
-
-    /**
-     * Returns the request body content.
-     *
-     * @param Boolean $asResource If true, a resource will be returned
-     *
-     * @return string|resource The request body content or a resource to read the body stream.
-     */
-    public function getContent($asResource = false)
-    {
-        if (false === $this->content || (true === $asResource && null !== $this->content)) {
-            throw new \LogicException('getContent() can only be called once when using the resource return type.');
-        }
-
-        if (true === $asResource) {
-            $this->content = false;
-
-            return fopen('php://input', 'rb');
-        }
-
-        if (null === $this->content) {
-            $this->content = file_get_contents('php://input');
-        }
-
-        return $this->content;
-    }
-
-    private function getHeadersFromServer($server)
-    {
-        $headers = array();
-        foreach ($server as $key => $value) {
-            if (0 === strpos($key, 'HTTP_')) {
-                $headers[substr($key, 5)] = $value;
-            }
-            // CONTENT_* are not prefixed with HTTP_
-            elseif (in_array($key, array('CONTENT_LENGTH', 'CONTENT_MD5', 'CONTENT_TYPE'))) {
-                $headers[$key] = $value;
-            }
-        }
-
-        if (isset($server['PHP_AUTH_USER'])) {
-            $headers['PHP_AUTH_USER'] = $server['PHP_AUTH_USER'];
-            $headers['PHP_AUTH_PW'] = isset($server['PHP_AUTH_PW']) ? $server['PHP_AUTH_PW'] : '';
-        } else {
-            /*
+	public $attributes;
+	public $request;
+	public $query;
+	public $server;
+	public $files;
+	public $cookies;
+	public $headers;
+	public $content;
+
+	/**
+	 * Constructor.
+	 *
+	 * @param array  $query      The GET parameters
+	 * @param array  $request    The POST parameters
+	 * @param array  $attributes The request attributes (parameters parsed from the PATH_INFO, ...)
+	 * @param array  $cookies    The COOKIE parameters
+	 * @param array  $files      The FILES parameters
+	 * @param array  $server     The SERVER parameters
+	 * @param string $content    The raw body data
+	 *
+	 * @api
+	 */
+	public function __construct(array $query = array(), array $request = array(), array $attributes = array(), array $cookies = array(), array $files = array(), array $server = array(), $content = null, array $headers = null)
+	{
+		$this->initialize($query, $request, $attributes, $cookies, $files, $server, $content, $headers);
+	}
+
+	/**
+	 * Sets the parameters for this request.
+	 *
+	 * This method also re-initializes all properties.
+	 *
+	 * @param array  $query      The GET parameters
+	 * @param array  $request    The POST parameters
+	 * @param array  $attributes The request attributes (parameters parsed from the PATH_INFO, ...)
+	 * @param array  $cookies    The COOKIE parameters
+	 * @param array  $files      The FILES parameters
+	 * @param array  $server     The SERVER parameters
+	 * @param string $content    The raw body data
+	 *
+	 * @api
+	 */
+	public function initialize(array $query = array(), array $request = array(), array $attributes = array(), array $cookies = array(), array $files = array(), array $server = array(), $content = null, array $headers = null)
+	{
+		$this->request = $request;
+		$this->query = $query;
+		$this->attributes = $attributes;
+		$this->cookies = $cookies;
+		$this->files = $files;
+		$this->server = $server;
+		$this->content = $content;
+		$this->headers = is_null($headers) ? $this->getHeadersFromServer($this->server) : $headers;
+	}
+
+	public function query($name, $default = null)
+	{
+		return isset($this->query[$name]) ? $this->query[$name] : $default;
+	}
+
+	public function request($name, $default = null)
+	{
+		return isset($this->request[$name]) ? $this->request[$name] : $default;
+	}
+
+	public function server($name, $default = null)
+	{
+		return isset($this->server[$name]) ? $this->server[$name] : $default;
+	}
+
+	public function headers($name, $default = null)
+	{
+		$headers = array_change_key_case($this->headers);
+		$name = strtolower($name);
+
+		return isset($headers[$name]) ? $headers[$name] : $default;
+	}
+
+	public function getAllQueryParameters()
+	{
+		return $this->query;
+	}
+
+	/**
+	 * Returns the request body content.
+	 *
+	 * @param Boolean $asResource If true, a resource will be returned
+	 *
+	 * @return string|resource The request body content or a resource to read the body stream.
+	 */
+	public function getContent($asResource = false)
+	{
+		if (false === $this->content || (true === $asResource && null !== $this->content)) {
+			throw new \LogicException('getContent() can only be called once when using the resource return type.');
+		}
+
+		if (true === $asResource) {
+			$this->content = false;
+
+			return fopen('php://input', 'rb');
+		}
+
+		if (null === $this->content) {
+			$this->content = file_get_contents('php://input');
+		}
+
+		return $this->content;
+	}
+
+	private function getHeadersFromServer($server)
+	{
+		$headers = array();
+		foreach ($server as $key => $value) {
+			if (0 === strpos($key, 'HTTP_')) {
+				$headers[substr($key, 5)] = $value;
+			}
+			// CONTENT_* are not prefixed with HTTP_
+			elseif (in_array($key, array('CONTENT_LENGTH', 'CONTENT_MD5', 'CONTENT_TYPE'))) {
+				$headers[$key] = $value;
+			}
+		}
+
+		if (isset($server['PHP_AUTH_USER'])) {
+			$headers['PHP_AUTH_USER'] = $server['PHP_AUTH_USER'];
+			$headers['PHP_AUTH_PW'] = isset($server['PHP_AUTH_PW']) ? $server['PHP_AUTH_PW'] : '';
+		} else {
+			/*
              * php-cgi under Apache does not pass HTTP Basic user/pass to PHP by default
              * For this workaround to work, add this line to your .htaccess file:
              * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
@@ -146,68 +146,68 @@ 
              * RewriteRule ^(.*)$ app.php [QSA,L]
              */
 
-            $authorizationHeader = null;
-            if (isset($server['HTTP_AUTHORIZATION'])) {
-                $authorizationHeader = $server['HTTP_AUTHORIZATION'];
-            } elseif (isset($server['REDIRECT_HTTP_AUTHORIZATION'])) {
-                $authorizationHeader = $server['REDIRECT_HTTP_AUTHORIZATION'];
-            } elseif (function_exists('apache_request_headers')) {
-                $requestHeaders = (array) apache_request_headers();
-
-                // Server-side fix for bug in old Android versions (a nice side-effect of this fix means we don't care about capitalization for Authorization)
-                $requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders));
-
-                if (isset($requestHeaders['Authorization'])) {
-                    $authorizationHeader = trim($requestHeaders['Authorization']);
-                }
-            }
-
-            if (null !== $authorizationHeader) {
-                $headers['AUTHORIZATION'] = $authorizationHeader;
-                // Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW when authorization header is basic
-                if (0 === stripos($authorizationHeader, 'basic')) {
-                    $exploded = explode(':', base64_decode(substr($authorizationHeader, 6)));
-                    if (count($exploded) == 2) {
-                        list($headers['PHP_AUTH_USER'], $headers['PHP_AUTH_PW']) = $exploded;
-                    }
-                }
-            }
-        }
-
-        // PHP_AUTH_USER/PHP_AUTH_PW
-        if (isset($headers['PHP_AUTH_USER'])) {
-            $headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
-        }
-
-        return $headers;
-    }
-
-    /**
-     * Creates a new request with values from PHP's super globals.
-     *
-     * @return Request A new request
-     *
-     * @api
-     */
-    public static function createFromGlobals()
-    {
-        $class = get_called_class();
-        $request = new $class($_GET, $_POST, array(), $_COOKIE, $_FILES, $_SERVER);
-
-        $contentType = $request->server('CONTENT_TYPE', '');
-        $requestMethod = $request->server('REQUEST_METHOD', 'GET');
-        if (0 === strpos($contentType, 'application/x-www-form-urlencoded')
-            && in_array(strtoupper($requestMethod), array('PUT', 'DELETE'))
-        ) {
-            parse_str($request->getContent(), $data);
-            $request->request = $data;
-        } elseif (0 === strpos($contentType, 'application/json')
-            && in_array(strtoupper($requestMethod), array('POST', 'PUT', 'DELETE'))
-        ) {
-            $data = json_decode($request->getContent(), true);
-            $request->request = $data;
-        }
-
-        return $request;
-    }
+			$authorizationHeader = null;
+			if (isset($server['HTTP_AUTHORIZATION'])) {
+				$authorizationHeader = $server['HTTP_AUTHORIZATION'];
+			} elseif (isset($server['REDIRECT_HTTP_AUTHORIZATION'])) {
+				$authorizationHeader = $server['REDIRECT_HTTP_AUTHORIZATION'];
+			} elseif (function_exists('apache_request_headers')) {
+				$requestHeaders = (array) apache_request_headers();
+
+				// Server-side fix for bug in old Android versions (a nice side-effect of this fix means we don't care about capitalization for Authorization)
+				$requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders));
+
+				if (isset($requestHeaders['Authorization'])) {
+					$authorizationHeader = trim($requestHeaders['Authorization']);
+				}
+			}
+
+			if (null !== $authorizationHeader) {
+				$headers['AUTHORIZATION'] = $authorizationHeader;
+				// Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW when authorization header is basic
+				if (0 === stripos($authorizationHeader, 'basic')) {
+					$exploded = explode(':', base64_decode(substr($authorizationHeader, 6)));
+					if (count($exploded) == 2) {
+						list($headers['PHP_AUTH_USER'], $headers['PHP_AUTH_PW']) = $exploded;
+					}
+				}
+			}
+		}
+
+		// PHP_AUTH_USER/PHP_AUTH_PW
+		if (isset($headers['PHP_AUTH_USER'])) {
+			$headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
+		}
+
+		return $headers;
+	}
+
+	/**
+	 * Creates a new request with values from PHP's super globals.
+	 *
+	 * @return Request A new request
+	 *
+	 * @api
+	 */
+	public static function createFromGlobals()
+	{
+		$class = get_called_class();
+		$request = new $class($_GET, $_POST, array(), $_COOKIE, $_FILES, $_SERVER);
+
+		$contentType = $request->server('CONTENT_TYPE', '');
+		$requestMethod = $request->server('REQUEST_METHOD', 'GET');
+		if (0 === strpos($contentType, 'application/x-www-form-urlencoded')
+			&& in_array(strtoupper($requestMethod), array('PUT', 'DELETE'))
+		) {
+			parse_str($request->getContent(), $data);
+			$request->request = $data;
+		} elseif (0 === strpos($contentType, 'application/json')
+			&& in_array(strtoupper($requestMethod), array('POST', 'PUT', 'DELETE'))
+		) {
+			$data = json_decode($request->getContent(), true);
+			$request->request = $data;
+		}
+
+		return $request;
+	}
 }

Spacing +1 added lines, -1 removed lines

@@ -176,7 +176,7 @@
 
         // PHP_AUTH_USER/PHP_AUTH_PW
         if (isset($headers['PHP_AUTH_USER'])) {
-            $headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
+            $headers['AUTHORIZATION'] = 'Basic ' . base64_encode($headers['PHP_AUTH_USER'] . ':' . $headers['PHP_AUTH_PW']);
         }
 
         return $headers;

extensions/libraries/redcore/api/oauth2/oauth2.php

Spacing +1 added lines, -1 removed lines

@@ -427,7 +427,7 @@
 				'oauth2.authorize',
 				array(
 					'view' => $this,
-					'options' => array (
+					'options' => array(
 						'clientId' => $clientId,
 						'formAction' => $formAction,
 						'scopes' => $clientScopes,

Braces +1 added lines, -2 removed lines

@@ -538,8 +538,7 @@
 		if ($this->response instanceof OAuth2\ResponseInterface)
 		{
 			$this->response->send();
-		}
-		else
+		} else
 		{
 			$app = JFactory::getApplication();
 

extensions/libraries/redcore/api/oauth2/TokenType/Bearer.php

Indentation +117 added lines, -117 removed lines

@@ -10,121 +10,121 @@
 */
 class Bearer implements TokenTypeInterface
 {
-    private $config;
-
-    public function __construct(array $config = array())
-    {
-        $this->config = array_merge(array(
-            'token_param_name'         => 'access_token',
-            'token_bearer_header_name' => 'Bearer',
-        ), $config);
-    }
-
-    public function getTokenType()
-    {
-        return 'Bearer';
-    }
-
-    /**
-     * Check if the request has supplied token
-     *
-     * @see https://github.com/bshaffer/oauth2-server-php/issues/349#issuecomment-37993588
-     */
-    public function requestHasToken(RequestInterface $request)
-    {
-        $headers = $request->headers('AUTHORIZATION');
-
-        // check the header, then the querystring, then the request body
-        return !empty($headers) || (bool) ($request->request($this->config['token_param_name'])) || (bool) ($request->query($this->config['token_param_name']));
-    }
-
-    /**
-     * This is a convenience function that can be used to get the token, which can then
-     * be passed to getAccessTokenData(). The constraints specified by the draft are
-     * attempted to be adheared to in this method.
-     *
-     * As per the Bearer spec (draft 8, section 2) - there are three ways for a client
-     * to specify the bearer token, in order of preference: Authorization Header,
-     * POST and GET.
-     *
-     * NB: Resource servers MUST accept tokens via the Authorization scheme
-     * (http://tools.ietf.org/html/rfc6750#section-2).
-     *
-     * @todo Should we enforce TLS/SSL in this function?
-     *
-     * @see http://tools.ietf.org/html/rfc6750#section-2.1
-     * @see http://tools.ietf.org/html/rfc6750#section-2.2
-     * @see http://tools.ietf.org/html/rfc6750#section-2.3
-     *
-     * Old Android version bug (at least with version 2.2)
-     * @see http://code.google.com/p/android/issues/detail?id=6684
-     *
-     */
-    public function getAccessTokenParameter(RequestInterface $request, ResponseInterface $response)
-    {
-        $headers = $request->headers('AUTHORIZATION');
-
-        /**
-         * Ensure more than one method is not used for including an
-         * access token
-         *
-         * @see http://tools.ietf.org/html/rfc6750#section-3.1
-         */
-        $methodsUsed = !empty($headers) + (bool) ($request->query($this->config['token_param_name'])) + (bool) ($request->request($this->config['token_param_name']));
-        if ($methodsUsed > 1) {
-            $response->setError(400, 'invalid_request', 'Only one method may be used to authenticate at a time (Auth header, GET or POST)');
-
-            return null;
-        }
-
-        /**
-         * If no authentication is provided, set the status code
-         * to 401 and return no other error information
-         *
-         * @see http://tools.ietf.org/html/rfc6750#section-3.1
-         */
-        if ($methodsUsed == 0) {
-            $response->setStatusCode(401);
-
-            return null;
-        }
-
-        // HEADER: Get the access token from the header
-        if (!empty($headers)) {
-            if (!preg_match('/' . $this->config['token_bearer_header_name'] . '\s(\S+)/i', $headers, $matches)) {
-                $response->setError(400, 'invalid_request', 'Malformed auth header');
-
-                return null;
-            }
-
-            return $matches[1];
-        }
-
-        if ($request->request($this->config['token_param_name'])) {
-            // // POST: Get the token from POST data
-            if (!in_array(strtolower($request->server('REQUEST_METHOD')), array('post', 'put'))) {
-                $response->setError(400, 'invalid_request', 'When putting the token in the body, the method must be POST or PUT', '#section-2.2');
-
-                return null;
-            }
-
-            $contentType = $request->server('CONTENT_TYPE');
-            if (false !== $pos = strpos($contentType, ';')) {
-                $contentType = substr($contentType, 0, $pos);
-            }
-
-            if ($contentType !== null && $contentType != 'application/x-www-form-urlencoded') {
-                // IETF specifies content-type. NB: Not all webservers populate this _SERVER variable
-                // @see http://tools.ietf.org/html/rfc6750#section-2.2
-                $response->setError(400, 'invalid_request', 'The content type for POST requests must be "application/x-www-form-urlencoded"');
-
-                return null;
-            }
-
-            return $request->request($this->config['token_param_name']);
-        }
-
-        // GET method
-        return $request->query($this->config['token_param_name']);
-    }
+	private $config;
+
+	public function __construct(array $config = array())
+	{
+		$this->config = array_merge(array(
+			'token_param_name'         => 'access_token',
+			'token_bearer_header_name' => 'Bearer',
+		), $config);
+	}
+
+	public function getTokenType()
+	{
+		return 'Bearer';
+	}
+
+	/**
+	 * Check if the request has supplied token
+	 *
+	 * @see https://github.com/bshaffer/oauth2-server-php/issues/349#issuecomment-37993588
+	 */
+	public function requestHasToken(RequestInterface $request)
+	{
+		$headers = $request->headers('AUTHORIZATION');
+
+		// check the header, then the querystring, then the request body
+		return !empty($headers) || (bool) ($request->request($this->config['token_param_name'])) || (bool) ($request->query($this->config['token_param_name']));
+	}
+
+	/**
+	 * This is a convenience function that can be used to get the token, which can then
+	 * be passed to getAccessTokenData(). The constraints specified by the draft are
+	 * attempted to be adheared to in this method.
+	 *
+	 * As per the Bearer spec (draft 8, section 2) - there are three ways for a client
+	 * to specify the bearer token, in order of preference: Authorization Header,
+	 * POST and GET.
+	 *
+	 * NB: Resource servers MUST accept tokens via the Authorization scheme
+	 * (http://tools.ietf.org/html/rfc6750#section-2).
+	 *
+	 * @todo Should we enforce TLS/SSL in this function?
+	 *
+	 * @see http://tools.ietf.org/html/rfc6750#section-2.1
+	 * @see http://tools.ietf.org/html/rfc6750#section-2.2
+	 * @see http://tools.ietf.org/html/rfc6750#section-2.3
+	 *
+	 * Old Android version bug (at least with version 2.2)
+	 * @see http://code.google.com/p/android/issues/detail?id=6684
+	 *
+	 */
+	public function getAccessTokenParameter(RequestInterface $request, ResponseInterface $response)
+	{
+		$headers = $request->headers('AUTHORIZATION');
+
+		/**
+		 * Ensure more than one method is not used for including an
+		 * access token
+		 *
+		 * @see http://tools.ietf.org/html/rfc6750#section-3.1
+		 */
+		$methodsUsed = !empty($headers) + (bool) ($request->query($this->config['token_param_name'])) + (bool) ($request->request($this->config['token_param_name']));
+		if ($methodsUsed > 1) {
+			$response->setError(400, 'invalid_request', 'Only one method may be used to authenticate at a time (Auth header, GET or POST)');
+
+			return null;
+		}
+
+		/**
+		 * If no authentication is provided, set the status code
+		 * to 401 and return no other error information
+		 *
+		 * @see http://tools.ietf.org/html/rfc6750#section-3.1
+		 */
+		if ($methodsUsed == 0) {
+			$response->setStatusCode(401);
+
+			return null;
+		}
+
+		// HEADER: Get the access token from the header
+		if (!empty($headers)) {
+			if (!preg_match('/' . $this->config['token_bearer_header_name'] . '\s(\S+)/i', $headers, $matches)) {
+				$response->setError(400, 'invalid_request', 'Malformed auth header');
+
+				return null;
+			}
+
+			return $matches[1];
+		}
+
+		if ($request->request($this->config['token_param_name'])) {
+			// // POST: Get the token from POST data
+			if (!in_array(strtolower($request->server('REQUEST_METHOD')), array('post', 'put'))) {
+				$response->setError(400, 'invalid_request', 'When putting the token in the body, the method must be POST or PUT', '#section-2.2');
+
+				return null;
+			}
+
+			$contentType = $request->server('CONTENT_TYPE');
+			if (false !== $pos = strpos($contentType, ';')) {
+				$contentType = substr($contentType, 0, $pos);
+			}
+
+			if ($contentType !== null && $contentType != 'application/x-www-form-urlencoded') {
+				// IETF specifies content-type. NB: Not all webservers populate this _SERVER variable
+				// @see http://tools.ietf.org/html/rfc6750#section-2.2
+				$response->setError(400, 'invalid_request', 'The content type for POST requests must be "application/x-www-form-urlencoded"');
+
+				return null;
+			}
+
+			return $request->request($this->config['token_param_name']);
+		}
+
+		// GET method
+		return $request->query($this->config['token_param_name']);
+	}
 }

extensions/libraries/redcore/api/oauth2/TokenType/Mac.php

Indentation +8 added lines, -8 removed lines

@@ -10,13 +10,13 @@
 */
 class Mac implements TokenTypeInterface
 {
-    public function getTokenType()
-    {
-        return 'mac';
-    }
+	public function getTokenType()
+	{
+		return 'mac';
+	}
 
-    public function getAccessTokenParameter(RequestInterface $request, ResponseInterface $response)
-    {
-        throw new \LogicException("Not supported");
-    }
+	public function getAccessTokenParameter(RequestInterface $request, ResponseInterface $response)
+	{
+		throw new \LogicException("Not supported");
+	}
 }

extensions/libraries/redcore/api/oauth2/TokenType/TokenTypeInterface.php

Indentation +10 added lines, -10 removed lines

@@ -7,15 +7,15 @@
 
 interface TokenTypeInterface
 {
-    /**
-     * Token type identification string
-     *
-     * ex: "bearer" or "mac"
-     */
-    public function getTokenType();
+	/**
+	 * Token type identification string
+	 *
+	 * ex: "bearer" or "mac"
+	 */
+	public function getTokenType();
 
-    /**
-     * Retrieves the token string from the request object
-     */
-    public function getAccessTokenParameter(RequestInterface $request, ResponseInterface $response);
+	/**
+	 * Retrieves the token string from the request object
+	 */
+	public function getAccessTokenParameter(RequestInterface $request, ResponseInterface $response);
 }

extensions/libraries/redcore/api/oauth2/RequestInterface.php

Indentation +5 added lines, -5 removed lines

@@ -4,13 +4,13 @@
 
 interface RequestInterface
 {
-    public function query($name, $default = null);
+	public function query($name, $default = null);
 
-    public function request($name, $default = null);
+	public function request($name, $default = null);
 
-    public function server($name, $default = null);
+	public function server($name, $default = null);
 
-    public function headers($name, $default = null);
+	public function headers($name, $default = null);
 
-    public function getAllQueryParameters();
+	public function getAllQueryParameters();
 }