thomasvargiu /
php-openid-client
@@ -52,7 +52,7 @@ discard block |
||
| 52 | 52 | ): array { |
| 53 | 53 | $registrationEndpoint = $issuer->getMetadata()->getRegistrationEndpoint(); |
| 54 | 54 | |
| 55 | - if (! $registrationEndpoint) { |
|
| 55 | + if (!$registrationEndpoint) { |
|
| 56 | 56 | throw new InvalidArgumentException('Issuer does not support dynamic client registration'); |
| 57 | 57 | } |
| 58 | 58 | |
@@ -80,7 +80,7 @@ discard block |
||
| 80 | 80 | |
| 81 | 81 | $data = parse_metadata_response($response, 201); |
| 82 | 82 | |
| 83 | - if (! \array_key_exists('client_id', $data)) { |
|
| 83 | + if (!\array_key_exists('client_id', $data)) { |
|
| 84 | 84 | throw new RuntimeException('Registration response did not return a client_id field'); |
| 85 | 85 | } |
| 86 | 86 | |
@@ -101,7 +101,7 @@ discard block |
||
| 101 | 101 | |
| 102 | 102 | $claims = parse_metadata_response($response, 200); |
| 103 | 103 | |
| 104 | - if (! \array_key_exists('client_id', $claims)) { |
|
| 104 | + if (!\array_key_exists('client_id', $claims)) { |
|
| 105 | 105 | throw new RuntimeException('Registration response did not return a client_id field'); |
| 106 | 106 | } |
| 107 | 107 | |
@@ -139,7 +139,7 @@ discard block |
||
| 139 | 139 | |
| 140 | 140 | $data = parse_metadata_response($response, 200); |
| 141 | 141 | |
| 142 | - if (! \array_key_exists('client_id', $data)) { |
|
| 142 | + if (!\array_key_exists('client_id', $data)) { |
|
| 143 | 143 | throw new RuntimeException('Registration response did not return a client_id field'); |
| 144 | 144 | } |
| 145 | 145 | |
@@ -98,7 +98,7 @@ discard block |
||
| 98 | 98 | unset($params[$key]); |
| 99 | 99 | } elseif ('claims' === $key && (\is_array($value) || $value instanceof JsonSerializable)) { |
| 100 | 100 | $params['claims'] = \json_encode($value); |
| 101 | - } elseif (! \is_string($value)) { |
|
| 101 | + } elseif (!\is_string($value)) { |
|
| 102 | 102 | $params[$key] = (string) $value; |
| 103 | 103 | } |
| 104 | 104 | } |
@@ -132,7 +132,7 @@ discard block |
||
| 132 | 132 | $this->tokenSetVerifier->validate($tokenSet, $client, $authSession, true, $maxAge); |
| 133 | 133 | } |
| 134 | 134 | |
| 135 | - if (! $tokenSet->getCode()) { |
|
| 135 | + if (!$tokenSet->getCode()) { |
|
| 136 | 136 | return $tokenSet; |
| 137 | 137 | } |
| 138 | 138 | |
@@ -149,15 +149,15 @@ discard block |
||
| 149 | 149 | ): TokenSetInterface { |
| 150 | 150 | $code = $tokenSet->getCode(); |
| 151 | 151 | |
| 152 | - if (! $code) { |
|
| 152 | + if (!$code) { |
|
| 153 | 153 | throw new RuntimeException('Unable to fetch token without a code'); |
| 154 | 154 | } |
| 155 | 155 | |
| 156 | - if (! $redirectUri) { |
|
| 156 | + if (!$redirectUri) { |
|
| 157 | 157 | $redirectUri = $client->getMetadata()->getRedirectUris()[0] ?? null; |
| 158 | 158 | } |
| 159 | 159 | |
| 160 | - if (! $redirectUri) { |
|
| 160 | + if (!$redirectUri) { |
|
| 161 | 161 | throw new InvalidArgumentException('A redirect_uri should be provided'); |
| 162 | 162 | } |
| 163 | 163 | |
@@ -167,7 +167,7 @@ discard block |
||
| 167 | 167 | 'redirect_uri' => $redirectUri, |
| 168 | 168 | ]); |
| 169 | 169 | |
| 170 | - if (! ($params['id_token'] ?? null)) { |
|
| 170 | + if (!($params['id_token'] ?? null)) { |
|
| 171 | 171 | return TokenSet::fromParams($params); |
| 172 | 172 | } |
| 173 | 173 | |
@@ -39,7 +39,7 @@ discard block |
||
| 39 | 39 | $expectedAlg = $metadata->get($use . '_encrypted_response_alg'); |
| 40 | 40 | $expectedEnc = $metadata->get($use . '_encrypted_response_enc'); |
| 41 | 41 | |
| 42 | - if (! $expectedAlg) { |
|
| 42 | + if (!$expectedAlg) { |
|
| 43 | 43 | return $token; |
| 44 | 44 | } |
| 45 | 45 | |
@@ -53,7 +53,7 @@ discard block |
||
| 53 | 53 | throw new RuntimeException(\sprintf('Unexpected JWE enc received, expected %s, got: %s', $expectedEnc, $header['enc'] ?? '')); |
| 54 | 54 | } |
| 55 | 55 | |
| 56 | - if (! \class_exists(JWELoader::class)) { |
|
| 56 | + if (!\class_exists(JWELoader::class)) { |
|
| 57 | 57 | throw new LogicException('In order to decrypt JWT you should install web-token/jwt-encryption package'); |
| 58 | 58 | } |
| 59 | 59 | |
@@ -47,7 +47,7 @@ discard block |
||
| 47 | 47 | return $this->jwsBuilder; |
| 48 | 48 | } |
| 49 | 49 | |
| 50 | - if (! \class_exists(HS256::class)) { |
|
| 50 | + if (!\class_exists(HS256::class)) { |
|
| 51 | 51 | throw new LogicException('To use the client_secret_jwt auth method you should install web-token/jwt-signature-algorithm-hmac package'); |
| 52 | 52 | } |
| 53 | 53 | |
@@ -62,7 +62,7 @@ discard block |
||
| 62 | 62 | $clientId = $client->getMetadata()->getClientId(); |
| 63 | 63 | $clientSecret = $client->getMetadata()->getClientSecret(); |
| 64 | 64 | |
| 65 | - if (! $clientSecret) { |
|
| 65 | + if (!$clientSecret) { |
|
| 66 | 66 | throw new InvalidArgumentException($this->getSupportedMethod() . ' cannot be used without client_secret metadata'); |
| 67 | 67 | } |
| 68 | 68 | |
@@ -83,7 +83,7 @@ discard block |
||
| 83 | 83 | ? $metadata->getUserinfoSignedResponseAlg() |
| 84 | 84 | : $metadata->getIdTokenSignedResponseAlg(); |
| 85 | 85 | |
| 86 | - if (! $expectedAlg) { |
|
| 86 | + if (!$expectedAlg) { |
|
| 87 | 87 | throw new RuntimeException('Unable to verify id_token without an alg value'); |
| 88 | 88 | } |
| 89 | 89 | |
@@ -95,7 +95,7 @@ discard block |
||
| 95 | 95 | |
| 96 | 96 | $payload = \json_decode(base64url_decode(\explode('.', $idToken)[1] ?? '{}'), true); |
| 97 | 97 | |
| 98 | - if (! \is_array($payload)) { |
|
| 98 | + if (!\is_array($payload)) { |
|
| 99 | 99 | throw new InvalidArgumentException('Unable to decode token payload'); |
| 100 | 100 | } |
| 101 | 101 | |
@@ -120,7 +120,7 @@ discard block |
||
| 120 | 120 | |
| 121 | 121 | $requiredClaims = []; |
| 122 | 122 | |
| 123 | - if (! $fromUserInfo) { |
|
| 123 | + if (!$fromUserInfo) { |
|
| 124 | 124 | $requiredClaims = ['iss', 'sub', 'aud', 'exp', 'iat']; |
| 125 | 125 | } |
| 126 | 126 | |
@@ -146,7 +146,7 @@ discard block |
||
| 146 | 146 | if (0 === \strpos($expectedAlg, 'HS')) { |
| 147 | 147 | $clientSecret = $metadata->getClientSecret(); |
| 148 | 148 | |
| 149 | - if (! $clientSecret) { |
|
| 149 | + if (!$clientSecret) { |
|
| 150 | 150 | throw new RuntimeException('Unable to verify token without client_secret'); |
| 151 | 151 | } |
| 152 | 152 | |
@@ -159,7 +159,7 @@ discard block |
||
| 159 | 159 | |
| 160 | 160 | if ($kid) { |
| 161 | 161 | $jwk = $jwks->selectKey('sig', null, ['kid' => $kid]); |
| 162 | - if (! $jwk) { |
|
| 162 | + if (!$jwk) { |
|
| 163 | 163 | throw new RuntimeException('Unable to find the jwk with the provided kid: ' . $kid); |
| 164 | 164 | } |
| 165 | 165 | |
@@ -168,7 +168,7 @@ discard block |
||
| 168 | 168 | $result = $jwsVerifier->verifyWithKeySet($jws, $jwks, 0); |
| 169 | 169 | } |
| 170 | 170 | |
| 171 | - if (! $result) { |
|
| 171 | + if (!$result) { |
|
| 172 | 172 | throw new InvalidArgumentException('Failed to validate JWT signature'); |
| 173 | 173 | } |
| 174 | 174 | |
@@ -37,11 +37,11 @@ |
||
| 37 | 37 | $tokenSet = $request->getAttribute(TokenSetInterface::class); |
| 38 | 38 | $client = $this->client ?: $request->getAttribute(ClientInterface::class); |
| 39 | 39 | |
| 40 | - if (! $client instanceof ClientInterface) { |
|
| 40 | + if (!$client instanceof ClientInterface) { |
|
| 41 | 41 | throw new LogicException('No OpenID client provided'); |
| 42 | 42 | } |
| 43 | 43 | |
| 44 | - if (! $tokenSet instanceof TokenSetInterface) { |
|
| 44 | + if (!$tokenSet instanceof TokenSetInterface) { |
|
| 45 | 45 | throw new RuntimeException('Unable to get token response attribute'); |
| 46 | 46 | } |
| 47 | 47 | |
@@ -57,7 +57,7 @@ discard block |
||
| 57 | 57 | { |
| 58 | 58 | $accessToken = $tokenSet->getAccessToken(); |
| 59 | 59 | |
| 60 | - if (! $accessToken) { |
|
| 60 | + if (!$accessToken) { |
|
| 61 | 61 | throw new RuntimeException('Unable to get an access token from the token set'); |
| 62 | 62 | } |
| 63 | 63 | |
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | $endpointUri = $issuerMetadata->getMtlsEndpointAliases()['userinfo_endpoint'] ?? $endpointUri; |
| 73 | 73 | } |
| 74 | 74 | |
| 75 | - if (! $endpointUri) { |
|
| 75 | + if (!$endpointUri) { |
|
| 76 | 76 | throw new InvalidArgumentException('Invalid issuer userinfo endpoint'); |
| 77 | 77 | } |
| 78 | 78 | |
@@ -101,20 +101,20 @@ discard block |
||
| 101 | 101 | $payload = \json_decode((string) $response->getBody(), true); |
| 102 | 102 | } |
| 103 | 103 | |
| 104 | - if (! \is_array($payload)) { |
|
| 104 | + if (!\is_array($payload)) { |
|
| 105 | 105 | throw new RuntimeException('Unable to parse userinfo claims'); |
| 106 | 106 | } |
| 107 | 107 | |
| 108 | 108 | $idToken = $tokenSet->getIdToken(); |
| 109 | 109 | |
| 110 | - if (! $idToken) { |
|
| 110 | + if (!$idToken) { |
|
| 111 | 111 | return $payload; |
| 112 | 112 | } |
| 113 | 113 | |
| 114 | 114 | // check expected sub |
| 115 | 115 | $expectedSub = $tokenSet->claims()['sub'] ?? null; |
| 116 | 116 | |
| 117 | - if (! $expectedSub) { |
|
| 117 | + if (!$expectedSub) { |
|
| 118 | 118 | throw new RuntimeException('Unable to get sub claim from id_token'); |
| 119 | 119 | } |
| 120 | 120 | |
