spiral /
framework
@@ -38,25 +38,25 @@ discard block |
||
| 38 | 38 | */ |
| 39 | 39 | public function load(string $id): ?TokenInterface |
| 40 | 40 | { |
| 41 | - if (strpos($id, ':') === false) { |
|
| 41 | + if (strpos($id, ':') === false){ |
|
| 42 | 42 | return null; |
| 43 | 43 | } |
| 44 | 44 | |
| 45 | 45 | list($pk, $hash) = explode(':', $id, 2); |
| 46 | 46 | |
| 47 | - if (!is_numeric($pk)) { |
|
| 47 | + if (!is_numeric($pk)){ |
|
| 48 | 48 | return null; |
| 49 | 49 | } |
| 50 | 50 | |
| 51 | 51 | /** @var TokenInterface $token */ |
| 52 | 52 | $token = $this->orm->getRepository(Token::class)->findByPK((int)$pk); |
| 53 | 53 | |
| 54 | - if ($token === null || $token->getID() !== $id) { |
|
| 54 | + if ($token === null || $token->getID() !== $id){ |
|
| 55 | 55 | // hijacked or deleted |
| 56 | 56 | return null; |
| 57 | 57 | } |
| 58 | 58 | |
| 59 | - if ($token->getExpiresAt() !== null && $token->getExpiresAt() < new \DateTime()) { |
|
| 59 | + if ($token->getExpiresAt() !== null && $token->getExpiresAt() < new \DateTime()){ |
|
| 60 | 60 | $this->delete($token); |
| 61 | 61 | return null; |
| 62 | 62 | } |
@@ -69,13 +69,13 @@ discard block |
||
| 69 | 69 | */ |
| 70 | 70 | public function create(array $payload, \DateTimeInterface $expiresAt = null): TokenInterface |
| 71 | 71 | { |
| 72 | - try { |
|
| 72 | + try{ |
|
| 73 | 73 | $token = new Token($this->randomHash(128), $payload, new \DateTimeImmutable(), $expiresAt); |
| 74 | 74 | |
| 75 | 75 | (new Transaction($this->orm))->persist($token)->run(); |
| 76 | 76 | |
| 77 | 77 | return $token; |
| 78 | - } catch (\Throwable $e) { |
|
| 78 | + }catch (\Throwable $e){ |
|
| 79 | 79 | throw new TokenStorageException('Unable to create token', $e->getCode(), $e); |
| 80 | 80 | } |
| 81 | 81 | } |
@@ -85,9 +85,9 @@ discard block |
||
| 85 | 85 | */ |
| 86 | 86 | public function delete(TokenInterface $token): void |
| 87 | 87 | { |
| 88 | - try { |
|
| 88 | + try{ |
|
| 89 | 89 | (new Transaction($this->orm))->delete($token)->run(); |
| 90 | - } catch (\Throwable $e) { |
|
| 90 | + }catch (\Throwable $e){ |
|
| 91 | 91 | throw new TokenStorageException('Unable to delete token', $e->getCode(), $e); |
| 92 | 92 | } |
| 93 | 93 | } |
@@ -38,25 +38,29 @@ discard block |
||
| 38 | 38 | */ |
| 39 | 39 | public function load(string $id): ?TokenInterface |
| 40 | 40 | { |
| 41 | - if (strpos($id, ':') === false) { |
|
| 41 | + if (strpos($id, ':') === false) |
|
| 42 | + { |
|
| 42 | 43 | return null; |
| 43 | 44 | } |
| 44 | 45 | |
| 45 | 46 | list($pk, $hash) = explode(':', $id, 2); |
| 46 | 47 | |
| 47 | - if (!is_numeric($pk)) { |
|
| 48 | + if (!is_numeric($pk)) |
|
| 49 | + { |
|
| 48 | 50 | return null; |
| 49 | 51 | } |
| 50 | 52 | |
| 51 | 53 | /** @var TokenInterface $token */ |
| 52 | 54 | $token = $this->orm->getRepository(Token::class)->findByPK((int)$pk); |
| 53 | 55 | |
| 54 | - if ($token === null || $token->getID() !== $id) { |
|
| 56 | + if ($token === null || $token->getID() !== $id) |
|
| 57 | + { |
|
| 55 | 58 | // hijacked or deleted |
| 56 | 59 | return null; |
| 57 | 60 | } |
| 58 | 61 | |
| 59 | - if ($token->getExpiresAt() !== null && $token->getExpiresAt() < new \DateTime()) { |
|
| 62 | + if ($token->getExpiresAt() !== null && $token->getExpiresAt() < new \DateTime()) |
|
| 63 | + { |
|
| 60 | 64 | $this->delete($token); |
| 61 | 65 | return null; |
| 62 | 66 | } |
@@ -69,13 +73,16 @@ discard block |
||
| 69 | 73 | */ |
| 70 | 74 | public function create(array $payload, \DateTimeInterface $expiresAt = null): TokenInterface |
| 71 | 75 | { |
| 72 | - try { |
|
| 76 | + try |
|
| 77 | + { |
|
| 73 | 78 | $token = new Token($this->randomHash(128), $payload, new \DateTimeImmutable(), $expiresAt); |
| 74 | 79 | |
| 75 | 80 | (new Transaction($this->orm))->persist($token)->run(); |
| 76 | 81 | |
| 77 | 82 | return $token; |
| 78 | - } catch (\Throwable $e) { |
|
| 83 | + } |
|
| 84 | + catch (\Throwable $e) |
|
| 85 | + { |
|
| 79 | 86 | throw new TokenStorageException('Unable to create token', $e->getCode(), $e); |
| 80 | 87 | } |
| 81 | 88 | } |
@@ -85,9 +92,12 @@ discard block |
||
| 85 | 92 | */ |
| 86 | 93 | public function delete(TokenInterface $token): void |
| 87 | 94 | { |
| 88 | - try { |
|
| 95 | + try |
|
| 96 | + { |
|
| 89 | 97 | (new Transaction($this->orm))->delete($token)->run(); |
| 90 | - } catch (\Throwable $e) { |
|
| 98 | + } |
|
| 99 | + catch (\Throwable $e) |
|
| 100 | + { |
|
| 91 | 101 | throw new TokenStorageException('Unable to delete token', $e->getCode(), $e); |
| 92 | 102 | } |
| 93 | 103 | } |
@@ -100,7 +100,7 @@ |
||
| 100 | 100 | public static function unpack(array $data): Token |
| 101 | 101 | { |
| 102 | 102 | $expiresAt = null; |
| 103 | - if ($data['expiresAt'] != null) { |
|
| 103 | + if ($data['expiresAt'] != null){ |
|
| 104 | 104 | $expiresAt = (new \DateTimeImmutable())->setTimestamp($data['expiresAt']); |
| 105 | 105 | } |
| 106 | 106 | |
@@ -100,7 +100,8 @@ |
||
| 100 | 100 | public static function unpack(array $data): Token |
| 101 | 101 | { |
| 102 | 102 | $expiresAt = null; |
| 103 | - if ($data['expiresAt'] != null) { |
|
| 103 | + if ($data['expiresAt'] != null) |
|
| 104 | + { |
|
| 104 | 105 | $expiresAt = (new \DateTimeImmutable())->setTimestamp($data['expiresAt']); |
| 105 | 106 | } |
| 106 | 107 | |
@@ -40,18 +40,18 @@ discard block |
||
| 40 | 40 | */ |
| 41 | 41 | public function load(string $id): ?TokenInterface |
| 42 | 42 | { |
| 43 | - try { |
|
| 43 | + try{ |
|
| 44 | 44 | $tokenData = $this->session->getSection(self::SESSION_SECTION)->get('token'); |
| 45 | 45 | $token = Token::unpack($tokenData); |
| 46 | - } catch (\Throwable $e) { |
|
| 46 | + }catch (\Throwable $e){ |
|
| 47 | 47 | throw new TokenStorageException('Unable to load session token', $e->getCode(), $e); |
| 48 | 48 | } |
| 49 | 49 | |
| 50 | - if ($token->getID() !== $id) { |
|
| 50 | + if ($token->getID() !== $id){ |
|
| 51 | 51 | return null; |
| 52 | 52 | } |
| 53 | 53 | |
| 54 | - if ($token->getExpiresAt() !== null && $token->getExpiresAt() > new \DateTime()) { |
|
| 54 | + if ($token->getExpiresAt() !== null && $token->getExpiresAt() > new \DateTime()){ |
|
| 55 | 55 | $this->delete($token); |
| 56 | 56 | return null; |
| 57 | 57 | } |
@@ -64,12 +64,12 @@ discard block |
||
| 64 | 64 | */ |
| 65 | 65 | public function create(array $payload, \DateTimeInterface $expiresAt = null): TokenInterface |
| 66 | 66 | { |
| 67 | - try { |
|
| 67 | + try{ |
|
| 68 | 68 | $token = new Token($this->randomHash(123), $payload, $expiresAt); |
| 69 | 69 | $this->session->getSection(self::SESSION_SECTION)->set('token', $token->pack()); |
| 70 | 70 | |
| 71 | 71 | return $token; |
| 72 | - } catch (\Throwable $e) { |
|
| 72 | + }catch (\Throwable $e){ |
|
| 73 | 73 | throw new TokenStorageException('Unable to create session token', $e->getCode(), $e); |
| 74 | 74 | } |
| 75 | 75 | } |
@@ -40,18 +40,23 @@ discard block |
||
| 40 | 40 | */ |
| 41 | 41 | public function load(string $id): ?TokenInterface |
| 42 | 42 | { |
| 43 | - try { |
|
| 43 | + try |
|
| 44 | + { |
|
| 44 | 45 | $tokenData = $this->session->getSection(self::SESSION_SECTION)->get('token'); |
| 45 | 46 | $token = Token::unpack($tokenData); |
| 46 | - } catch (\Throwable $e) { |
|
| 47 | + } |
|
| 48 | + catch (\Throwable $e) |
|
| 49 | + { |
|
| 47 | 50 | throw new TokenStorageException('Unable to load session token', $e->getCode(), $e); |
| 48 | 51 | } |
| 49 | 52 | |
| 50 | - if ($token->getID() !== $id) { |
|
| 53 | + if ($token->getID() !== $id) |
|
| 54 | + { |
|
| 51 | 55 | return null; |
| 52 | 56 | } |
| 53 | 57 | |
| 54 | - if ($token->getExpiresAt() !== null && $token->getExpiresAt() > new \DateTime()) { |
|
| 58 | + if ($token->getExpiresAt() !== null && $token->getExpiresAt() > new \DateTime()) |
|
| 59 | + { |
|
| 55 | 60 | $this->delete($token); |
| 56 | 61 | return null; |
| 57 | 62 | } |
@@ -64,12 +69,15 @@ discard block |
||
| 64 | 69 | */ |
| 65 | 70 | public function create(array $payload, \DateTimeInterface $expiresAt = null): TokenInterface |
| 66 | 71 | { |
| 67 | - try { |
|
| 72 | + try |
|
| 73 | + { |
|
| 68 | 74 | $token = new Token($this->randomHash(123), $payload, $expiresAt); |
| 69 | 75 | $this->session->getSection(self::SESSION_SECTION)->set('token', $token->pack()); |
| 70 | 76 | |
| 71 | 77 | return $token; |
| 72 | - } catch (\Throwable $e) { |
|
| 78 | + } |
|
| 79 | + catch (\Throwable $e) |
|
| 80 | + { |
|
| 73 | 81 | throw new TokenStorageException('Unable to create session token', $e->getCode(), $e); |
| 74 | 82 | } |
| 75 | 83 | } |
@@ -60,7 +60,7 @@ discard block |
||
| 60 | 60 | CookiesConfig $cookiesConfig, |
| 61 | 61 | SessionFactory $factory, |
| 62 | 62 | ScopeInterface $scope |
| 63 | - ) { |
|
| 63 | + ){ |
|
| 64 | 64 | $this->config = $config; |
| 65 | 65 | $this->httpConfig = $httpConfig; |
| 66 | 66 | $this->cookiesConfig = $cookiesConfig; |
@@ -79,14 +79,14 @@ discard block |
||
| 79 | 79 | $this->fetchID($request) |
| 80 | 80 | ); |
| 81 | 81 | |
| 82 | - try { |
|
| 82 | + try{ |
|
| 83 | 83 | $response = $this->scope->runScope( |
| 84 | 84 | [SessionInterface::class => $session], |
| 85 | 85 | function () use ($handler, $request, $session) { |
| 86 | 86 | return $handler->handle($request->withAttribute(static::ATTRIBUTE, $session)); |
| 87 | 87 | } |
| 88 | 88 | ); |
| 89 | - } catch (\Throwable $e) { |
|
| 89 | + }catch (\Throwable $e){ |
|
| 90 | 90 | $session->abort(); |
| 91 | 91 | throw $e; |
| 92 | 92 | } |
@@ -105,14 +105,14 @@ discard block |
||
| 105 | 105 | Request $request, |
| 106 | 106 | Response $response |
| 107 | 107 | ): Response { |
| 108 | - if (!$session->isStarted()) { |
|
| 108 | + if (!$session->isStarted()){ |
|
| 109 | 109 | return $response; |
| 110 | 110 | } |
| 111 | 111 | |
| 112 | 112 | $session->commit(); |
| 113 | 113 | |
| 114 | 114 | //SID changed |
| 115 | - if ($this->fetchID($request) != $session->getID()) { |
|
| 115 | + if ($this->fetchID($request) != $session->getID()){ |
|
| 116 | 116 | return $this->withCookie($request, $response, $session->getID()); |
| 117 | 117 | } |
| 118 | 118 | |
@@ -129,7 +129,7 @@ discard block |
||
| 129 | 129 | protected function fetchID(Request $request): ?string |
| 130 | 130 | { |
| 131 | 131 | $cookies = $request->getCookieParams(); |
| 132 | - if (empty($cookies[$this->config->getCookie()])) { |
|
| 132 | + if (empty($cookies[$this->config->getCookie()])){ |
|
| 133 | 133 | return null; |
| 134 | 134 | } |
| 135 | 135 | |
@@ -162,8 +162,8 @@ discard block |
||
| 162 | 162 | protected function clientSignature(Request $request): string |
| 163 | 163 | { |
| 164 | 164 | $signature = ''; |
| 165 | - foreach (static::SIGNATURE_HEADERS as $header) { |
|
| 166 | - $signature .= $request->getHeaderLine($header) . ';'; |
|
| 165 | + foreach (static::SIGNATURE_HEADERS as $header){ |
|
| 166 | + $signature .= $request->getHeaderLine($header).';'; |
|
| 167 | 167 | } |
| 168 | 168 | |
| 169 | 169 | return hash('sha256', $signature); |
@@ -79,14 +79,18 @@ discard block |
||
| 79 | 79 | $this->fetchID($request) |
| 80 | 80 | ); |
| 81 | 81 | |
| 82 | - try { |
|
| 82 | + try |
|
| 83 | + { |
|
| 83 | 84 | $response = $this->scope->runScope( |
| 84 | 85 | [SessionInterface::class => $session], |
| 85 | - function () use ($handler, $request, $session) { |
|
| 86 | + function () use ($handler, $request, $session) |
|
| 87 | + { |
|
| 86 | 88 | return $handler->handle($request->withAttribute(static::ATTRIBUTE, $session)); |
| 87 | 89 | } |
| 88 | 90 | ); |
| 89 | - } catch (\Throwable $e) { |
|
| 91 | + } |
|
| 92 | + catch (\Throwable $e) |
|
| 93 | + { |
|
| 90 | 94 | $session->abort(); |
| 91 | 95 | throw $e; |
| 92 | 96 | } |
@@ -105,14 +109,16 @@ discard block |
||
| 105 | 109 | Request $request, |
| 106 | 110 | Response $response |
| 107 | 111 | ): Response { |
| 108 | - if (!$session->isStarted()) { |
|
| 112 | + if (!$session->isStarted()) |
|
| 113 | + { |
|
| 109 | 114 | return $response; |
| 110 | 115 | } |
| 111 | 116 | |
| 112 | 117 | $session->commit(); |
| 113 | 118 | |
| 114 | 119 | //SID changed |
| 115 | - if ($this->fetchID($request) != $session->getID()) { |
|
| 120 | + if ($this->fetchID($request) != $session->getID()) |
|
| 121 | + { |
|
| 116 | 122 | return $this->withCookie($request, $response, $session->getID()); |
| 117 | 123 | } |
| 118 | 124 | |
@@ -129,7 +135,8 @@ discard block |
||
| 129 | 135 | protected function fetchID(Request $request): ?string |
| 130 | 136 | { |
| 131 | 137 | $cookies = $request->getCookieParams(); |
| 132 | - if (empty($cookies[$this->config->getCookie()])) { |
|
| 138 | + if (empty($cookies[$this->config->getCookie()])) |
|
| 139 | + { |
|
| 133 | 140 | return null; |
| 134 | 141 | } |
| 135 | 142 | |
@@ -162,7 +169,8 @@ discard block |
||
| 162 | 169 | protected function clientSignature(Request $request): string |
| 163 | 170 | { |
| 164 | 171 | $signature = ''; |
| 165 | - foreach (static::SIGNATURE_HEADERS as $header) { |
|
| 172 | + foreach (static::SIGNATURE_HEADERS as $header) |
|
| 173 | + { |
|
| 166 | 174 | $signature .= $request->getHeaderLine($header) . ';'; |
| 167 | 175 | } |
| 168 | 176 | |
@@ -49,7 +49,7 @@ |
||
| 49 | 49 | new Route('/auth/<action>', new Controller(AuthController::class)) |
| 50 | 50 | ); |
| 51 | 51 | |
| 52 | - $views->addDirectory('custom', __DIR__ . '/../../views/custom/'); |
|
| 52 | + $views->addDirectory('custom', __DIR__.'/../../views/custom/'); |
|
| 53 | 53 | $views->addEngine(TestEngine::class); |
| 54 | 54 | |
| 55 | 55 | $validation->addAlias('aliased', 'notEmpty'); |
@@ -21,7 +21,7 @@ |
||
| 21 | 21 | { |
| 22 | 22 | public function boot(EnvironmentInterface $env, BootloadManager $bootloadManager): void |
| 23 | 23 | { |
| 24 | - if ($env->get('CYCLE_AUTH')) { |
|
| 24 | + if ($env->get('CYCLE_AUTH')){ |
|
| 25 | 25 | $bootloadManager->bootload([CycleTokensBootloader::class]); |
| 26 | 26 | return; |
| 27 | 27 | } |
@@ -21,7 +21,8 @@ |
||
| 21 | 21 | { |
| 22 | 22 | public function boot(EnvironmentInterface $env, BootloadManager $bootloadManager): void |
| 23 | 23 | { |
| 24 | - if ($env->get('CYCLE_AUTH')) { |
|
| 24 | + if ($env->get('CYCLE_AUTH')) |
|
| 25 | + { |
|
| 25 | 26 | $bootloadManager->bootload([CycleTokensBootloader::class]); |
| 26 | 27 | return; |
| 27 | 28 | } |
@@ -28,7 +28,7 @@ |
||
| 28 | 28 | |
| 29 | 29 | public function tokenAction(AuthContextInterface $authContext) |
| 30 | 30 | { |
| 31 | - if ($authContext->getToken() !== null) { |
|
| 31 | + if ($authContext->getToken() !== null){ |
|
| 32 | 32 | return $authContext->getToken()->getID(); |
| 33 | 33 | } |
| 34 | 34 | |
@@ -28,7 +28,8 @@ |
||
| 28 | 28 | |
| 29 | 29 | public function tokenAction(AuthContextInterface $authContext) |
| 30 | 30 | { |
| 31 | - if ($authContext->getToken() !== null) { |
|
| 31 | + if ($authContext->getToken() !== null) |
|
| 32 | + { |
|
| 32 | 33 | return $authContext->getToken()->getID(); |
| 33 | 34 | } |
| 34 | 35 | |
