ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-12-22 21:19:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Updated dependencies, more strict static analysis

Browse Source
This commit is contained in:
Lukáš Unger 2018-02-12 10:19:16 +01:00
parent 7a6c35bc29
commit cd5233392e
No known key found for this signature in database
GPG Key ID: 48E84B8B7A223C26
9 changed files with 22 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.travis.yml
View File

@ -4,7 +4,11 @@ sudo: false
cache: cache:
directories: directories:
- vendor - vendor
env:
- DEPENDENCIES=""
- DEPENDENCIES="--prefer-lowest --prefer-stable"
php: php:
- 7.0 - 7.0
@ -12,7 +16,7 @@ php:
- 7.2 - 7.2
install: install:
- travis_retry composer install --no-interaction --prefer-source - composer update --no-interaction --prefer-dist $DEPENDENCIES
script: script:
- vendor/bin/phpunit - vendor/bin/phpunit

9
composer.json
View File

@ -7,16 +7,17 @@
"php": ">=7.0.0", "php": ">=7.0.0",
"ext-openssl": "*", "ext-openssl": "*",
"league/event": "^2.1", "league/event": "^2.1",
"lcobucci/jwt": "^3.1", "lcobucci/jwt": "^3.2.2",
"paragonie/random_compat": "^2.0", "paragonie/random_compat": "^2.0",
"psr/http-message": "^1.0", "psr/http-message": "^1.0.1",
"defuse/php-encryption": "^2.1" "defuse/php-encryption": "^2.1"
}, },
"require-dev": { "require-dev": {
"phpunit/phpunit": "^6.3 || ^7.0", "phpunit/phpunit": "^6.3 || ^7.0",
"zendframework/zend-diactoros": "^1.0", "zendframework/zend-diactoros": "^1.3.2",
"phpstan/phpstan": "^0.9.2", "phpstan/phpstan": "^0.9.2",
"phpstan/phpstan-phpunit": "^0.9.4" "phpstan/phpstan-phpunit": "^0.9.4",
"phpstan/phpstan-strict-rules": "^0.9.0"
}, },
"repositories": [ "repositories": [
{ {

6
phpstan.neon
View File

@ -2,8 +2,4 @@ includes:
- vendor/phpstan/phpstan-phpunit/extension.neon - vendor/phpstan/phpstan-phpunit/extension.neon
- vendor/phpstan/phpstan-phpunit/rules.neon - vendor/phpstan/phpstan-phpunit/rules.neon
- vendor/phpstan/phpstan-phpunit/strictRules.neon - vendor/phpstan/phpstan-phpunit/strictRules.neon
parameters: - vendor/phpstan/phpstan-strict-rules/rules.neon
ignoreErrors:
- '#Class Zend\\Diactoros\\ServerRequest constructor invoked with \d+ parameters, 0-6 required#'
- '#Parameter \#2 \$key of method Lcobucci\\JWT\\Builder::sign\(\) expects string, Lcobucci\\JWT\\Signer\\Key given#'
reportUnmatchedIgnoredErrors: false

5
src/Exception/OAuthServerException.php
View File

@ -262,13 +262,10 @@ class OAuthServerException extends \Exception
$this->redirectUri .= (strstr($this->redirectUri, '?') === false) ? '?' : '&'; $this->redirectUri .= (strstr($this->redirectUri, '?') === false) ? '?' : '&';
} }
/** @var ResponseInterface $response */ return $response->withStatus(302)->withHeader('Location', $this->redirectUri . http_build_query($payload));
$response = $response->withStatus(302)->withHeader('Location', $this->redirectUri . http_build_query($payload));
return $response;
} }
foreach ($headers as $header => $content) { foreach ($headers as $header => $content) {
/** @var ResponseInterface $response */
$response = $response->withHeader($header, $content); $response = $response->withHeader($header, $content);
} }

2
src/Grant/AbstractGrant.php
View File

@ -204,7 +204,7 @@ abstract class AbstractGrant implements GrantTypeInterface
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();
} elseif ( } elseif (
is_array($client->getRedirectUri()) is_array($client->getRedirectUri())
&& in_array($redirectUri, $client->getRedirectUri()) === false && in_array($redirectUri, $client->getRedirectUri(), true) === false
) { ) {
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();

8
src/Grant/AuthCodeGrant.php
View File

@ -235,13 +235,13 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();
} elseif ( } elseif (
is_array($client->getRedirectUri()) is_array($client->getRedirectUri())
&& in_array($redirectUri, $client->getRedirectUri()) === false && in_array($redirectUri, $client->getRedirectUri(), true) === false
) { ) {
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();
} }
} elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1 } elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1
|| empty($client->getRedirectUri())) { || empty($client->getRedirectUri())) {
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();
} else { } else {
@ -278,7 +278,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
} }
$codeChallengeMethod = $this->getQueryStringParameter('code_challenge_method', $request, 'plain'); $codeChallengeMethod = $this->getQueryStringParameter('code_challenge_method', $request, 'plain');
if (in_array($codeChallengeMethod, ['plain', 'S256']) === false) { if (in_array($codeChallengeMethod, ['plain', 'S256'], true) === false) {
throw OAuthServerException::invalidRequest( throw OAuthServerException::invalidRequest(
'code_challenge_method', 'code_challenge_method',
'Code challenge method must be `plain` or `S256`' 'Code challenge method must be `plain` or `S256`'

4
src/Grant/ImplicitGrant.php
View File

@ -144,12 +144,12 @@ class ImplicitGrant extends AbstractAuthorizeGrant
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();
} elseif ( } elseif (
is_array($client->getRedirectUri()) is_array($client->getRedirectUri())
&& in_array($redirectUri, $client->getRedirectUri()) === false && in_array($redirectUri, $client->getRedirectUri(), true) === false
) { ) {
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();
} }
} elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1 } elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1
|| empty($client->getRedirectUri())) { || empty($client->getRedirectUri())) {
$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();

3
src/Grant/RefreshTokenGrant.php
View File

@ -11,7 +11,6 @@
namespace League\OAuth2\Server\Grant; namespace League\OAuth2\Server\Grant;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\RequestEvent; use League\OAuth2\Server\RequestEvent;
@ -53,7 +52,7 @@ class RefreshTokenGrant extends AbstractGrant
// The OAuth spec says that a refreshed access token can have the original scopes or fewer so ensure // The OAuth spec says that a refreshed access token can have the original scopes or fewer so ensure
// the request doesn't include any new scopes // the request doesn't include any new scopes
foreach ($scopes as $scope) { foreach ($scopes as $scope) {
if (in_array($scope->getIdentifier(), $oldRefreshToken['scopes']) === false) { if (in_array($scope->getIdentifier(), $oldRefreshToken['scopes'], true) === false) {
throw OAuthServerException::invalidScope($scope->getIdentifier()); throw OAuthServerException::invalidScope($scope->getIdentifier());
} }
} }

4
src/ResponseTypes/RedirectResponse.php
View File

@ -35,8 +35,6 @@ class RedirectResponse extends AbstractResponseType
*/ */
public function generateHttpResponse(ResponseInterface $response) public function generateHttpResponse(ResponseInterface $response)
{ {
/** @var ResponseInterface $response */ return $response->withStatus(302)->withHeader('Location', $this->redirectUri);
$response = $response->withStatus(302)->withHeader('Location', $this->redirectUri);
return $response;
} }
} }