mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-22 21:19:46 +05:30
Merge pull request #814 from SunMar/master
Allow CryptTrait to accept a \Defuse\Crypto\Key as encryption key #812
This commit is contained in:
Andrew Millington
GitHub
commit
cc19da50b4
@ -29,7 +29,6 @@ enabled:
|
|||||||
- phpdoc_inline_tag
|
- phpdoc_inline_tag
|
||||||
- phpdoc_no_access
|
- phpdoc_no_access
|
||||||
- phpdoc_no_simplified_null_return
|
- phpdoc_no_simplified_null_return
|
||||||
- phpdoc_order
|
|
||||||
- phpdoc_property
|
- phpdoc_property
|
||||||
- phpdoc_scalar
|
- phpdoc_scalar
|
||||||
- phpdoc_separation
|
- phpdoc_separation
|
||||||
|
|||||||
@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|||||||
|
|
||||||
### Added
|
### Added
|
||||||
- Added event emitters for issued access and refresh tokens (PR #860)
|
- Added event emitters for issued access and refresh tokens (PR #860)
|
||||||
|
- Can now use Defuse\Crypto\Key for encryption/decryption of keys which is faster than the Cryto class (PR #812)
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
- Remove paragone/random_compat from dependencies
|
- Remove paragone/random_compat from dependencies
|
||||||
|
|||||||
@ -9,6 +9,7 @@
|
|||||||
|
|
||||||
namespace League\OAuth2\Server;
|
namespace League\OAuth2\Server;
|
||||||
|
|
||||||
|
use Defuse\Crypto\Key;
|
||||||
use League\Event\EmitterAwareInterface;
|
use League\Event\EmitterAwareInterface;
|
||||||
use League\Event\EmitterAwareTrait;
|
use League\Event\EmitterAwareTrait;
|
||||||
use League\OAuth2\Server\Exception\OAuthServerException;
|
use League\OAuth2\Server\Exception\OAuthServerException;
|
||||||
@ -68,7 +69,7 @@ class AuthorizationServer implements EmitterAwareInterface
|
|||||||
private $scopeRepository;
|
private $scopeRepository;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var string
|
* @var string|Key
|
||||||
*/
|
*/
|
||||||
private $encryptionKey;
|
private $encryptionKey;
|
||||||
|
|
||||||
@ -84,7 +85,7 @@ class AuthorizationServer implements EmitterAwareInterface
|
|||||||
* @param AccessTokenRepositoryInterface $accessTokenRepository
|
* @param AccessTokenRepositoryInterface $accessTokenRepository
|
||||||
* @param ScopeRepositoryInterface $scopeRepository
|
* @param ScopeRepositoryInterface $scopeRepository
|
||||||
* @param CryptKey|string $privateKey
|
* @param CryptKey|string $privateKey
|
||||||
* @param string $encryptionKey
|
* @param string|Key $encryptionKey
|
||||||
* @param null|ResponseTypeInterface $responseType
|
* @param null|ResponseTypeInterface $responseType
|
||||||
*/
|
*/
|
||||||
public function __construct(
|
public function __construct(
|
||||||
|
|||||||
@ -12,11 +12,12 @@
|
|||||||
namespace League\OAuth2\Server;
|
namespace League\OAuth2\Server;
|
||||||
|
|
||||||
use Defuse\Crypto\Crypto;
|
use Defuse\Crypto\Crypto;
|
||||||
|
use Defuse\Crypto\Key;
|
||||||
|
|
||||||
trait CryptTrait
|
trait CryptTrait
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* @var string
|
* @var string|Key
|
||||||
*/
|
*/
|
||||||
protected $encryptionKey;
|
protected $encryptionKey;
|
||||||
|
|
||||||
@ -32,6 +33,10 @@ trait CryptTrait
|
|||||||
protected function encrypt($unencryptedData)
|
protected function encrypt($unencryptedData)
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
|
if ($this->encryptionKey instanceof Key) {
|
||||||
|
return Crypto::encrypt($unencryptedData, $this->encryptionKey);
|
||||||
|
}
|
||||||
|
|
||||||
return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey);
|
return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey);
|
||||||
} catch (\Exception $e) {
|
} catch (\Exception $e) {
|
||||||
throw new \LogicException($e->getMessage());
|
throw new \LogicException($e->getMessage());
|
||||||
@ -50,6 +55,10 @@ trait CryptTrait
|
|||||||
protected function decrypt($encryptedData)
|
protected function decrypt($encryptedData)
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
|
if ($this->encryptionKey instanceof Key) {
|
||||||
|
return Crypto::decrypt($encryptedData, $this->encryptionKey);
|
||||||
|
}
|
||||||
|
|
||||||
return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey);
|
return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey);
|
||||||
} catch (\Exception $e) {
|
} catch (\Exception $e) {
|
||||||
throw new \LogicException($e->getMessage());
|
throw new \LogicException($e->getMessage());
|
||||||
@ -59,7 +68,7 @@ trait CryptTrait
|
|||||||
/**
|
/**
|
||||||
* Set the encryption key
|
* Set the encryption key
|
||||||
*
|
*
|
||||||
* @param string $key
|
* @param string|Key $key
|
||||||
*/
|
*/
|
||||||
public function setEncryptionKey($key = null)
|
public function setEncryptionKey($key = null)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -11,6 +11,7 @@
|
|||||||
|
|
||||||
namespace League\OAuth2\Server\Grant;
|
namespace League\OAuth2\Server\Grant;
|
||||||
|
|
||||||
|
use Defuse\Crypto\Key;
|
||||||
use League\Event\EmitterAwareInterface;
|
use League\Event\EmitterAwareInterface;
|
||||||
use League\OAuth2\Server\CryptKey;
|
use League\OAuth2\Server\CryptKey;
|
||||||
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
||||||
@ -136,7 +137,7 @@ interface GrantTypeInterface extends EmitterAwareInterface
|
|||||||
/**
|
/**
|
||||||
* Set the encryption key
|
* Set the encryption key
|
||||||
*
|
*
|
||||||
* @param string|null $key
|
* @param string|Key|null $key
|
||||||
*/
|
*/
|
||||||
public function setEncryptionKey($key = null);
|
public function setEncryptionKey($key = null);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -11,6 +11,7 @@
|
|||||||
|
|
||||||
namespace League\OAuth2\Server\ResponseTypes;
|
namespace League\OAuth2\Server\ResponseTypes;
|
||||||
|
|
||||||
|
use Defuse\Crypto\Key;
|
||||||
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
|
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
|
||||||
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
|
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
|
||||||
use Psr\Http\Message\ResponseInterface;
|
use Psr\Http\Message\ResponseInterface;
|
||||||
@ -37,7 +38,7 @@ interface ResponseTypeInterface
|
|||||||
/**
|
/**
|
||||||
* Set the encryption key
|
* Set the encryption key
|
||||||
*
|
*
|
||||||
* @param string|null $key
|
* @param string|Key|null $key
|
||||||
*/
|
*/
|
||||||
public function setEncryptionKey($key = null);
|
public function setEncryptionKey($key = null);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -2,22 +2,34 @@
|
|||||||
|
|
||||||
namespace LeagueTests\Utils;
|
namespace LeagueTests\Utils;
|
||||||
|
|
||||||
|
use Defuse\Crypto\Key;
|
||||||
use LeagueTests\Stubs\CryptTraitStub;
|
use LeagueTests\Stubs\CryptTraitStub;
|
||||||
use PHPUnit\Framework\TestCase;
|
use PHPUnit\Framework\TestCase;
|
||||||
|
|
||||||
class CryptTraitTest extends TestCase
|
class CryptTraitTest extends TestCase
|
||||||
{
|
{
|
||||||
/**
|
|
||||||
* @var \LeagueTests\Stubs\CryptTraitStub
|
|
||||||
*/
|
|
||||||
protected $cryptStub;
|
protected $cryptStub;
|
||||||
|
|
||||||
public function setUp()
|
protected function setUp()
|
||||||
{
|
{
|
||||||
$this->cryptStub = new CryptTraitStub;
|
$this->cryptStub = new CryptTraitStub();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testEncryptDecrypt()
|
public function testEncryptDecryptWithPassword()
|
||||||
|
{
|
||||||
|
$this->cryptStub->setEncryptionKey(base64_encode(random_bytes(36)));
|
||||||
|
|
||||||
|
$this->encryptDecrypt();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testEncryptDecryptWithKey()
|
||||||
|
{
|
||||||
|
$this->cryptStub->setEncryptionKey(Key::createNewRandomKey());
|
||||||
|
|
||||||
|
$this->encryptDecrypt();
|
||||||
|
}
|
||||||
|
|
||||||
|
private function encryptDecrypt()
|
||||||
{
|
{
|
||||||
$payload = 'alex loves whisky';
|
$payload = 'alex loves whisky';
|
||||||
$encrypted = $this->cryptStub->doEncrypt($payload);
|
$encrypted = $this->cryptStub->doEncrypt($payload);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user