mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-22 13:09:44 +05:30
Add toggle to disable key permissions check
This commit is contained in:
parent
8e5df6d628
commit
696c78de58
@ -29,8 +29,9 @@ class CryptKey
|
||||
/**
|
||||
* @param string $keyPath
|
||||
* @param null|string $passPhrase
|
||||
* @param bool $keyPermissionsCheck
|
||||
*/
|
||||
public function __construct($keyPath, $passPhrase = null)
|
||||
public function __construct($keyPath, $passPhrase = null, $keyPermissionsCheck = true)
|
||||
{
|
||||
if (preg_match(self::RSA_KEY_PATTERN, $keyPath)) {
|
||||
$keyPath = $this->saveKeyToFile($keyPath);
|
||||
@ -44,20 +45,16 @@ class CryptKey
|
||||
throw new \LogicException(sprintf('Key path "%s" does not exist or is not readable', $keyPath));
|
||||
}
|
||||
|
||||
if ($keyPermissionsCheck === true) {
|
||||
// Verify the permissions of the key
|
||||
$keyPathPerms = decoct(fileperms($keyPath) & 0777);
|
||||
if ($keyPathPerms !== '600') {
|
||||
// Attempt to correct the permissions
|
||||
if (chmod($keyPath, 0600) === false) {
|
||||
if (in_array($keyPathPerms, ['600', '660'], true) === false) {
|
||||
// @codeCoverageIgnoreStart
|
||||
trigger_error(
|
||||
sprintf(
|
||||
'Key file "%s" permissions are not correct, should be 600 instead of %s, unable to automatically resolve the issue',
|
||||
trigger_error(sprintf(
|
||||
'Key file "%s" permissions are not correct, should be 600 or 660 instead of %s',
|
||||
$keyPath,
|
||||
$keyPathPerms
|
||||
),
|
||||
E_USER_NOTICE
|
||||
);
|
||||
), E_USER_NOTICE);
|
||||
// @codeCoverageIgnoreEnd
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user