diff --git a/.php_cs.dist b/.php_cs.dist
index fa161d1..34f8f9c 100644
--- a/.php_cs.dist
+++ b/.php_cs.dist
@@ -2,6 +2,7 @@
$finder = Symfony\Component\Finder\Finder::create()
->exclude('bootstrap/cache')
+ ->exclude('database')
->exclude('storage')
->exclude('vendor')
->in(__DIR__)
diff --git a/config/authkit.php b/config/authkit.php
index 62cd0a2..0e52c46 100644
--- a/config/authkit.php
+++ b/config/authkit.php
@@ -15,7 +15,7 @@ return [
'enable' => true,
/**
- * Scopes to request from the OIDC provider
+ * Scopes to request from the OIDC provider.
*/
'scopes' => ['email'],
diff --git a/examples/custom/_common.php b/examples/custom/_common.php
index 79ba14e..d4297a2 100644
--- a/examples/custom/_common.php
+++ b/examples/custom/_common.php
@@ -1,7 +1,9 @@
@@ -23,7 +25,7 @@ function html_header()
function html_footer()
{
- return <<
EOT;
diff --git a/examples/custom/_config.php b/examples/custom/_config.php
index 0df6ac4..36af8c3 100644
--- a/examples/custom/_config.php
+++ b/examples/custom/_config.php
@@ -1,5 +1,7 @@
getRefreshToken();
// Now redirect them back to the home page!
header('Location: index.php');
-
diff --git a/examples/custom/index.php b/examples/custom/index.php
index 9153980..654e8a9 100644
--- a/examples/custom/index.php
+++ b/examples/custom/index.php
@@ -1,6 +1,8 @@
setRefreshCallback(function($token) {
- echo "Refreshing token...
";
+ $token->setRefreshCallback(static function($token) {
+ echo 'Refreshing token...
';
$_SESSION['access_token'] = $token->getAccessToken();
$_SESSION['refresh_token'] = $token->getRefreshToken();
});
// Fetch the user's information from the openid provider
$user_info = $token->getUserInfo();
- echo "Hello, ".$user_info['name']."!
";
- echo "Your id is: ".$token->getUserId()."
";
- echo "Logout
";
+ echo 'Hello, '.$user_info['name'].'!
';
+ echo 'Your id is: '.$token->getUserId().'
';
+ echo 'Logout
';
}
else
{
- echo "Not signed in.
";
- echo "Login
";
+ echo 'Not signed in.
';
+ echo 'Login
';
}
echo html_footer();
diff --git a/examples/custom/login.php b/examples/custom/login.php
index a077ec0..03b8c08 100644
--- a/examples/custom/login.php
+++ b/examples/custom/login.php
@@ -1,6 +1,8 @@
getRedirectUrl(OPENID_CALLBACK_URL);
header('Location: '.$redirect_url);
-
diff --git a/examples/custom/logout.php b/examples/custom/logout.php
index 2027655..0b6e334 100644
--- a/examples/custom/logout.php
+++ b/examples/custom/logout.php
@@ -1,6 +1,8 @@
getLogoutUrl(OPENID_REDIRECT_URL);
header('Location: '.$redirect_url);
-
diff --git a/src/Authkit2.php b/src/Authkit2.php
index 14bbf70..c80b032 100644
--- a/src/Authkit2.php
+++ b/src/Authkit2.php
@@ -1,5 +1,7 @@
*/
protected $callbacks = [];
/**
- * Oidc client with the application credentials
+ * Oidc client with the application credentials.
* @var \authkit2\Oidc\Client
*/
protected $client;
@@ -43,7 +45,6 @@ class Authkit2
*
* Basically, if we see the LARAVEL_START constant we assume Laravel and
* use Laravel facades, otherwise we use native php implementations.
- *
*/
protected function __construct()
{
@@ -60,7 +61,7 @@ class Authkit2
}
/**
- * Retrieve the instance of Authkit2 class
+ * Retrieve the instance of Authkit2 class.
*
* @return Authkit2
*/
@@ -75,13 +76,13 @@ class Authkit2
}
/**
- * Override any of the function implementations
+ * Override any of the function implementations.
*
* Name is the same as the callable function name, e.g.,
* Authkit2::cache_set() can be overriden with Authkit2->cache_set = function(...) {}
*
- * @param string $name
- * @param callable $value
+ * @param string $name
+ * @param callable $value
* @return void
*/
public function __set(string $name, $value): void
@@ -101,10 +102,10 @@ class Authkit2
}
/**
- * Call any of the provided methods
+ * Call any of the provided methods.
*
- * @param string $name
- * @param mixed[] $arguments
+ * @param string $name
+ * @param mixed[] $arguments
* @return mixed
*/
public static function __callStatic(string $name, array $arguments)
@@ -122,8 +123,8 @@ class Authkit2
* Helper method for getting cache values, and generating and setting if
* they do not exist.
*
- * @param string $key cache key
- * @param callable $generator method that returns the value if we do not have it cached
+ * @param string $key cache key
+ * @param callable $generator method that returns the value if we do not have it cached
* @return mixed
*/
protected function cache_helper(string $key, callable $generator)
@@ -139,7 +140,7 @@ class Authkit2
/**
* Initialize common library functions that don't require an environment-specific
- * implementation
+ * implementation.
*
* @return array
*/
@@ -156,7 +157,7 @@ class Authkit2
/**
* Initialize the class by binding all the PHP native implementations of
- * functions
+ * functions.
*
* @return array
*/
@@ -172,7 +173,7 @@ class Authkit2
/**
* Initialize the class by binding Laravel adapters as the implementation
- * of all functions
+ * of all functions.
*
* @return array
*/
@@ -180,35 +181,35 @@ class Authkit2
{
return [
'session_get' =>
- /**
- * Fetch a variable from the session
- * @param string $key
- * @return mixed
- */
- function(string $key) { return \Session::get($key); },
+ /**
+ * Fetch a variable from the session.
+ * @param string $key
+ * @return mixed
+ */
+ static function(string $key) { return \Session::get($key); },
'session_set' =>
- /**
- * Set a variable in the session
- * @param string $key
- * @param mixed $value
- * @return void
- */
- function(string $key, $value): void { \Session::put($key, $value); },
+ /**
+ * Set a variable in the session.
+ * @param string $key
+ * @param mixed $value
+ * @return void
+ */
+ static function(string $key, $value): void { \Session::put($key, $value); },
'cache_get' =>
- /**
- * Fetch a value from cache
- * @param string $key
- * @return mixed
- */
- function(string $key) { return \Cache::get($key); },
+ /**
+ * Fetch a value from cache.
+ * @param string $key
+ * @return mixed
+ */
+ static function(string $key) { return \Cache::get($key); },
'cache_set' =>
- /**
- * Set a value in cache
- * @param string $key
- * @param mixed $value
- * @return void
- */
- function(string $key, $value): void { \Cache::set($key, $value); }
+ /**
+ * Set a value in cache.
+ * @param string $key
+ * @param mixed $value
+ * @return void
+ */
+ static function(string $key, $value): void { \Cache::set($key, $value); }
];
}
@@ -216,7 +217,7 @@ class Authkit2
* Retrieve a property out of the $_SESSION variable; null if the
* property doesn't exist.
*
- * @param string $key
+ * @param string $key
* @return mixed
*/
protected function native_session_get(string $key)
@@ -226,10 +227,10 @@ class Authkit2
}
/**
- * Set a value in the $_SESSION variable
+ * Set a value in the $_SESSION variable.
*
- * @param string $key
- * @param mixed $value
+ * @param string $key
+ * @param mixed $value
* @return void
*/
protected function native_session_set(string $key, $value): void
@@ -239,7 +240,7 @@ class Authkit2
}
/**
- * Check whether a PHP session exists, and if not try and start one
+ * Check whether a PHP session exists, and if not try and start one.
*
* @internal
* @return void
@@ -247,17 +248,21 @@ class Authkit2
protected function native_session_check(): void
{
if (session_status() == \PHP_SESSION_NONE)
+ {
session_start();
- else if (session_status() == \PHP_SESSION_DISABLED)
- throw new \Exception("Authkit2 requires PHP sessions are enabled");
+ }
+ elseif (session_status() == \PHP_SESSION_DISABLED)
+ {
+ throw new \Exception('Authkit2 requires PHP sessions are enabled');
+ }
}
/**
- * Dummy cache implementation to avoid errors; always returns default
+ * Dummy cache implementation to avoid errors; always returns default.
*
* @todo Check if apcu is available and use if so? Fall back to temp files?
- * @param string $key cache key to retrieve
- * @param mixed $default value to return if the specified key is not found
+ * @param string $key cache key to retrieve
+ * @param mixed $default value to return if the specified key is not found
* @return mixed
*/
protected function native_cache_get(string $key, $default = null)
@@ -266,10 +271,10 @@ class Authkit2
}
/**
- * Dummy cache implementation
+ * Dummy cache implementation.
*
- * @param string $key cache key to set
- * @param mixed $value value to cache
+ * @param string $key cache key to set
+ * @param mixed $value value to cache
* @return void
*/
protected function native_cache_set(string $key, $value): void
@@ -277,11 +282,11 @@ class Authkit2
}
/**
- * Configure the authkit2 library
+ * Configure the authkit2 library.
*
- * @param string $client_id
- * @param string $client_secret
- * @param string $endpoint
+ * @param string $client_id
+ * @param string $client_secret
+ * @param string $endpoint
* @return void
*/
protected function ak2_configure(string $client_id, string $client_secret, string $endpoint): void
@@ -290,7 +295,7 @@ class Authkit2
}
/**
- * Fetch a OIDC client authenticated as this application
+ * Fetch a OIDC client authenticated as this application.
*
* @return Oidc\Client
*/
@@ -308,8 +313,8 @@ class Authkit2
* expired then requests will simply fail. This use case is intended for
* authenticating requests using tokens other applications have sent to us.
*
- * @param string $access_token
- * @param ?string $refresh_token
+ * @param string $access_token
+ * @param ?string $refresh_token
* @return Oidc\Token
*/
protected function ak2_get_token(string $access_token, ?string $refresh_token = null): Oidc\Token
@@ -321,12 +326,11 @@ class Authkit2
* Refresh a token object -- generate a new access token from its
* refresh_token.
*
- * @param Oidc\Token $token
+ * @param Oidc\Token $token
* @return Oidc\Token a newly generated token
*/
protected function ak2_refresh_token(Oidc\Token $token): Oidc\Token
{
return $this->client->refreshToken($token);
}
-
}
diff --git a/src/Events/UserEvent.php b/src/Events/UserEvent.php
index 2b5c8ef..c74a196 100644
--- a/src/Events/UserEvent.php
+++ b/src/Events/UserEvent.php
@@ -8,7 +8,7 @@ use Illuminate\Queue\SerializesModels;
use Illuminate\Foundation\Events\Dispatchable;
/**
- * Event providing a user model as context
+ * Event providing a user model as context.
*/
abstract class UserEvent
{
@@ -16,14 +16,14 @@ abstract class UserEvent
use SerializesModels;
/**
- * User that this event refers to
+ * User that this event refers to.
*
* @var mixed
*/
public $user;
/**
- * Initialize new event
+ * Initialize new event.
*
* @param mixed $user
*/
diff --git a/src/Events/UserInfoEvent.php b/src/Events/UserInfoEvent.php
index 557417d..efdcf2e 100644
--- a/src/Events/UserInfoEvent.php
+++ b/src/Events/UserInfoEvent.php
@@ -5,21 +5,21 @@ declare(strict_types=1);
namespace authkit2\Events;
/**
- * Notification for a user along with their info provided by OIDC provider
+ * Notification for a user along with their info provided by OIDC provider.
*/
class UserInfoEvent extends UserEvent
{
/**
- * Additional fields returned during login
+ * Additional fields returned during login.
*
* @var mixed
*/
public $fields;
/**
- * Initialize new event
+ * Initialize new event.
*
- * @param mixed $user
+ * @param mixed $user
* @param array $fields
*/
public function __construct($user, array $fields)
diff --git a/src/Events/UserLogin.php b/src/Events/UserLogin.php
index b6c8f65..5ff7c91 100644
--- a/src/Events/UserLogin.php
+++ b/src/Events/UserLogin.php
@@ -5,21 +5,21 @@ declare(strict_types=1);
namespace authkit2\Events;
/**
- * Notification that a user has logged into the app
+ * Notification that a user has logged into the app.
*/
class UserLogin extends UserEvent
{
/**
- * Additional fields returned during login
+ * Additional fields returned during login.
*
* @var mixed
*/
public $user_info;
/**
- * Initialize new event
+ * Initialize new event.
*
- * @param mixed $user
+ * @param mixed $user
* @param array $user_info
*/
public function __construct($user, array $user_info)
diff --git a/src/Events/UserLogout.php b/src/Events/UserLogout.php
index 916cc33..d36f3dd 100644
--- a/src/Events/UserLogout.php
+++ b/src/Events/UserLogout.php
@@ -5,7 +5,7 @@ declare(strict_types=1);
namespace authkit2\Events;
/**
- * Notification that a user has logged out of the app
+ * Notification that a user has logged out of the app.
*/
class UserLogout extends UserEvent
{
diff --git a/src/Http/Controllers/AuthenticationController.php b/src/Http/Controllers/AuthenticationController.php
index e2b235b..57bd369 100644
--- a/src/Http/Controllers/AuthenticationController.php
+++ b/src/Http/Controllers/AuthenticationController.php
@@ -3,16 +3,17 @@
declare(strict_types=1);
namespace authkit2\Http\Controllers;
+
use Illuminate\Http\Request;
use authkit2\Models\Token;
/**
- * Methods for handling user authentication operations
+ * Methods for handling user authentication operations.
*/
class AuthenticationController extends Controller
{
/**
- * OIDC flow to mediate the actual login process and exchanges
+ * OIDC flow to mediate the actual login process and exchanges.
* @var \authkit2\Oidc\Flows\UserFlow
*/
protected $user_flow;
@@ -23,7 +24,7 @@ class AuthenticationController extends Controller
}
/**
- * Start the login flow for a user
+ * Start the login flow for a user.
*
* Redirects the user to the SSO service
*
@@ -37,13 +38,13 @@ class AuthenticationController extends Controller
}
/**
- * Handle the response from the SSO service
+ * Handle the response from the SSO service.
*
* Exchange the code for a token and fetches basic user information.
* Attempts to log the user into this app, and creates them if they
* don't exist. Then redirects the user to the configured post_login url.
*
- * @param Request $request
+ * @param Request $request
* @return mixed
*/
public function callback(Request $request)
@@ -96,12 +97,12 @@ class AuthenticationController extends Controller
abort(500);
die();
}
- else if (!method_exists($user, 'save'))
+ elseif (!method_exists($user, 'save'))
{
abort(500);
die();
}
- else if (!method_exists($user, 'getAuthIdentifierName'))
+ elseif (!method_exists($user, 'getAuthIdentifierName'))
{
abort(500);
die();
@@ -149,7 +150,7 @@ class AuthenticationController extends Controller
}
/**
- * Explicitly log out of this application and the SSO service
+ * Explicitly log out of this application and the SSO service.
*
* @return mixed
*/
diff --git a/src/Http/Controllers/Controller.php b/src/Http/Controllers/Controller.php
index 28f9540..270c042 100644
--- a/src/Http/Controllers/Controller.php
+++ b/src/Http/Controllers/Controller.php
@@ -7,7 +7,7 @@ namespace authkit2\Http\Controllers;
use Illuminate\Routing\Controller as BaseController;
/**
- * Base controller class
+ * Base controller class.
*/
class Controller extends BaseController
{
diff --git a/src/Models/Token.php b/src/Models/Token.php
index fde8bbd..8f54852 100644
--- a/src/Models/Token.php
+++ b/src/Models/Token.php
@@ -1,11 +1,13 @@
authkit->setRefreshCallback(
/**
* When a token has been refreshed, save the updated values
- * to the token model
- * @param \authkit2\Oidc\Token $oidc_token
+ * to the token model.
+ * @param \authkit2\Oidc\Token $oidc_token
* @return void
*/
- function(\authkit2\Oidc\Token $oidc_token) use ($token) : void {
+ static function(\authkit2\Oidc\Token $oidc_token) use ($token): void {
$token->access_token = $oidc_token->getAccessToken();
$token->refresh_token = $oidc_token->getRefreshToken();
$token->save();
@@ -55,20 +58,22 @@ class UserObserver
* Before we save a user model, remove the token/client so the ORM doesn't
* try and write those out.
*
- * @param mixed $user
+ * @param mixed $user
* @return void
*/
public function saving($user): void
{
if (isset($user->authkit))
+ {
static::$token_cache[$user->{$user->getAuthIdentifierName()}] = $user->authkit;
+ }
unset($user->authkit);
}
/**
- * After a user model is saved, restore the client and token
+ * After a user model is saved, restore the client and token.
*
- * @param mixed $user
+ * @param mixed $user
* @return void
*/
public function saved($user): void
@@ -79,6 +84,5 @@ class UserObserver
$user->authkit = static::$token_cache[$user_id];
unset(static::$token_cache[$user_id]);
}
-
}
}
diff --git a/src/Oidc/Authentication/Authentication.php b/src/Oidc/Authentication/Authentication.php
index 22bc7f3..6471394 100644
--- a/src/Oidc/Authentication/Authentication.php
+++ b/src/Oidc/Authentication/Authentication.php
@@ -1,19 +1,21 @@
authenticate($request),
$options
@@ -40,9 +42,9 @@ abstract class Authentication
}
/**
- * Fetch a guzzle client with the authentication middleware included
+ * Fetch a guzzle client with the authentication middleware included.
*
- * @param mixed[] $options options to pass through to the guzzle client
+ * @param mixed[] $options options to pass through to the guzzle client
* @return \GuzzleHttp\Client
*/
public function getClient(array $options = []): \GuzzleHttp\Client
diff --git a/src/Oidc/Authentication/ClientAuthentication.php b/src/Oidc/Authentication/ClientAuthentication.php
index aeb23f2..8e54b19 100644
--- a/src/Oidc/Authentication/ClientAuthentication.php
+++ b/src/Oidc/Authentication/ClientAuthentication.php
@@ -1,28 +1,30 @@
*/
protected $oidc_config;
/**
- * Keys for validating signed JWT tokens
+ * Keys for validating signed JWT tokens.
* @var array
*/
protected $oidc_jwks;
/**
- * Create a new OIDC client using the passed in client credentials
+ * Create a new OIDC client using the passed in client credentials.
*
* @param string $url
* @param string $client_id
@@ -62,7 +65,7 @@ class Client
}
/**
- * Retrieve a HTTP client containing our authentication middleware
+ * Retrieve a HTTP client containing our authentication middleware.
*
* @return \GuzzleHttp\Client
*/
@@ -72,7 +75,7 @@ class Client
}
/**
- * Retrieve the configured OpenId Connect realm url; null if never set
+ * Retrieve the configured OpenId Connect realm url; null if never set.
*
* @return ?string
*/
@@ -82,7 +85,7 @@ class Client
}
/**
- * Get the OpenId Connect configuration
+ * Get the OpenId Connect configuration.
*
* @return array
*/
@@ -95,18 +98,17 @@ class Client
/**
* @return array
*/
- function() use ($url) {
+ static function() use ($url) {
$response = (new \GuzzleHttp\Client())->get($url.'/.well-known/openid-configuration');
- return json_decode($response->getBody(), true);
+ return json_decode((string)$response->getBody(), true);
}
);
-
}
return $this->oidc_config;
}
/**
- * Get the web key set for verifying JWTs
+ * Get the web key set for verifying JWTs.
*
* @return array
*/
@@ -119,7 +121,7 @@ class Client
/**
* @return array
*/
- function() use ($client) {
+ static function() use ($client) {
$response = $client->get($client->getConfiguration()['jwks_uri']);
return json_decode(json_encode($response), true);
}
@@ -129,7 +131,7 @@ class Client
}
/**
- * Get the signing algorithms for signing JWTs
+ * Get the signing algorithms for signing JWTs.
*
* @return string[]
*/
@@ -139,9 +141,9 @@ class Client
}
/**
- * Fetch a specific OpenId Connect endpoint from the configuration
+ * Fetch a specific OpenId Connect endpoint from the configuration.
*
- * @param string $endpoint_name
+ * @param string $endpoint_name
* @return string
*/
public function getEndpointUrl(string $endpoint_name): string
@@ -150,40 +152,40 @@ class Client
}
/**
- * Make a HTTP get request to a OIDC endpoint or other URL
+ * Make a HTTP get request to a OIDC endpoint or other URL.
*
- * @param string $url
- * @param array $params query string parameters
- * @return object json decoded response
+ * @param string $url
+ * @param array $params query string parameters
+ * @return object json decoded response
*/
protected function get(string $url, array $params = []): object
{
$response = $this->getClient()->get($url, [
'query' => $params
]);
- return json_decode($response->getBody());
+ return json_decode((string)$response->getBody());
}
/**
- * Make a HTTP post request to a OIDC endpoint or other URL
- *
- * If form parameters are provided the request is sent as
- * application/x-www-form-urlencoded
- *
- * @param string $url
- * @param array $params form fields
- * @return object json decoded response
- */
+ * Make a HTTP post request to a OIDC endpoint or other URL.
+ *
+ * If form parameters are provided the request is sent as
+ * application/x-www-form-urlencoded
+ *
+ * @param string $url
+ * @param array $params form fields
+ * @return object json decoded response
+ */
protected function post(string $url, array $params = []): object
{
$response = $this->getClient()->post($url, [
'form_params' => $params
]);
- return json_decode($response->getBody());
+ return json_decode((string)$response->getBody());
}
/**
- * Create a 'service account' token tied to this client's id
+ * Create a 'service account' token tied to this client's id.
*
* @return Token
*/
@@ -197,10 +199,10 @@ class Client
/**
* Convert a returned authorization code from the three legged flow
- * into a token
+ * into a token.
*
- * @param string $code
- * @param string $redirect_uri
+ * @param string $code
+ * @param string $redirect_uri
* @return Token
*/
public function createTokenFromAuthorizationCode(string $code, string $redirect_uri): Token
@@ -215,9 +217,9 @@ class Client
}
/**
- * Create a new access token from a refresh token
+ * Create a new access token from a refresh token.
*
- * @param string $refresh_token
+ * @param string $refresh_token
* @return Token
*/
public function createTokenFromRefreshToken(string $refresh_token): Token
@@ -231,12 +233,12 @@ class Client
/**
* Generate the URL to redirect to in order to initiate the three-legged
- * oauth flow
+ * oauth flow.
*
- * @param string $redirect_uri url to redirect the user to after authentication
- * @param string[] $scopes scopes to request from the openid provider
- * @param string $state nonce
- * @return string fully formed url
+ * @param string $redirect_uri url to redirect the user to after authentication
+ * @param string[] $scopes scopes to request from the openid provider
+ * @param string $state nonce
+ * @return string fully formed url
*/
public function createAuthorizationRedirectUrl(string $redirect_uri, array $scopes, string $state): string
{
@@ -251,9 +253,9 @@ class Client
/**
* Generate the URL to redirect to in order to initiate a signout from the
- * OIDC provider
+ * OIDC provider.
*
- * @param string $redirect_uri url to redirect the user to after logout
+ * @param string $redirect_uri url to redirect the user to after logout
* @return string fully formed url
*/
public function createLogoutUrl(string $redirect_uri): string
@@ -264,30 +266,31 @@ class Client
}
/**
- * Refresh a token using a refresh token
+ * Refresh a token using a refresh token.
*
- * @param Token $token expired token that includes a refresh token
+ * @param Token $token expired token that includes a refresh token
* @return Token newly generated token
*/
public function refreshToken(Token $token): Token
{
$refresh_token = $token->getRefreshToken();
if (!isset($refresh_token))
- throw new \Exception("Cannot refresh token initialized without refresh token");
+ {
+ throw new \Exception('Cannot refresh token initialized without refresh token');
+ }
return $this->createTokenFromRefreshToken($refresh_token);
}
/**
- * Fetch the available information on the user from the OIDC provider
+ * Fetch the available information on the user from the OIDC provider.
*
- * @param Token $token token representing the user
+ * @param Token $token token representing the user
* @return array
*/
public function getTokenUserInfo(Token $token): array
{
- return json_decode($token->getClient()->get($this->getEndpointUrl('userinfo'))->getBody(), true);
+ return json_decode((string)$token->getClient()->get($this->getEndpointUrl('userinfo'))->getBody(), true);
}
// todo: introspect, etc
-
}
diff --git a/src/Oidc/Flows/ServiceAccountFlow.php b/src/Oidc/Flows/ServiceAccountFlow.php
index 49f2554..fdeab19 100644
--- a/src/Oidc/Flows/ServiceAccountFlow.php
+++ b/src/Oidc/Flows/ServiceAccountFlow.php
@@ -1,22 +1,25 @@
client->createTokenFromClient();
}
}
-
-
diff --git a/src/Oidc/Flows/UserFlow.php b/src/Oidc/Flows/UserFlow.php
index 145a80f..f039500 100644
--- a/src/Oidc/Flows/UserFlow.php
+++ b/src/Oidc/Flows/UserFlow.php
@@ -1,23 +1,26 @@
client->createLogoutUrl($redirect_uri);
}
-
}
-
diff --git a/src/Oidc/Token.php b/src/Oidc/Token.php
index d33886c..6f3d0df 100644
--- a/src/Oidc/Token.php
+++ b/src/Oidc/Token.php
@@ -1,59 +1,61 @@
*/
protected $user_info = null;
/**
- * Decoded access token JWT data
+ * Decoded access token JWT data.
* @var array
*/
protected $access_token_data = null;
/**
- * Decoded refresh token JWT data
+ * Decoded refresh token JWT data.
* @var array
*/
protected $refresh_token_data = null;
/**
- * Callback to be notified when this token is refreshed
+ * Callback to be notified when this token is refreshed.
* @var callable
*/
protected $refresh_callback;
/**
- * Initialize token with the from*() static methods
+ * Initialize token with the from*() static methods.
*/
protected function __construct()
{
@@ -61,11 +63,11 @@ class Token
/**
* Create a token given a access_token and optionally refresh_token, passed
- * as a string
+ * as a string.
*
- * @param Client $client
- * @param string $access_token
- * @param ?string $refresh_token
+ * @param Client $client
+ * @param string $access_token
+ * @param ?string $refresh_token
* @return Token
*/
public static function fromString(Client $client, string $access_token, ?string $refresh_token = null): Token
@@ -78,9 +80,9 @@ class Token
}
/**
- * Get a HTTP client that's authenticated with this token's credentials
+ * Get a HTTP client that's authenticated with this token's credentials.
*
- * @param array $options
+ * @param array $options
* @return \GuzzleHttp\Client
*/
public function getClient(array $options = []): \GuzzleHttp\Client
@@ -90,13 +92,15 @@ class Token
$state = new \stdClass();
$state->refresher =
- function(Token $token) use ($state) : Token {
+ function(Token $token) use ($state): Token {
$client = $this->client;
$refresh_callback = $this->refresh_callback;
// Refresh the token
if (!isset($this->refresh_token))
- throw new \Exception("Token expired");
+ {
+ throw new \Exception('Token expired');
+ }
$new_token = $client->createTokenFromRefreshToken($this->refresh_token);
// Rebind this callback to the new token
@@ -118,9 +122,9 @@ class Token
}
/**
- * Callback to notify when this token is refreshed
+ * Callback to notify when this token is refreshed.
*
- * @param callable $callback
+ * @param callable $callback
* @return void
*/
public function setRefreshCallback(callable $callback): void
@@ -129,10 +133,10 @@ class Token
}
/**
- * Create a token from a OIDC response from the token endpoint
+ * Create a token from a OIDC response from the token endpoint.
*
- * @param Client $client
- * @param object $response
+ * @param Client $client
+ * @param object $response
* @return Token
*/
public static function fromResponse(Client $client, object $response): Token
@@ -145,7 +149,7 @@ class Token
}
/**
- * Fetch the raw decoded data out of our JWT access token
+ * Fetch the raw decoded data out of our JWT access token.
*
* @return array
*/
@@ -159,7 +163,7 @@ class Token
}
/**
- * Fetch the raw decoded data out of our JWT refresh token
+ * Fetch the raw decoded data out of our JWT refresh token.
*
* @return array
*/
@@ -169,7 +173,7 @@ class Token
{
if (!isset($this->refresh_token))
{
- throw new \UnexpectedValueException("Refresh token not set!");
+ throw new \UnexpectedValueException('Refresh token not set!');
}
$this->refresh_token_data = json_decode(json_encode($this->decode($this->refresh_token)), true);
}
@@ -177,9 +181,9 @@ class Token
}
/**
- * Decode a token as a JWT token
+ * Decode a token as a JWT token.
*
- * @param string $token
+ * @param string $token
* @return object
*/
protected function decode(string $token): object
@@ -223,7 +227,7 @@ class Token
}
/**
- * Check whether the access token is expired
+ * Check whether the access token is expired.
*
* As long as the refresh token is valid, this is recoverly by calling
* passing this token to refresh on the client.
@@ -236,7 +240,9 @@ class Token
{
$token_data = $this->getAccessTokenData();
if ($token_data['exp'] <= time())
+ {
return true;
+ }
return false;
}
catch (\Firebase\JWT\ExpiredException $ex)
@@ -246,7 +252,7 @@ class Token
}
/**
- * Check whether this token needs a refresh to be used
+ * Check whether this token needs a refresh to be used.
*
* @return bool
*/
@@ -256,7 +262,7 @@ class Token
}
/**
- * Fetch the underlying access token this token represents
+ * Fetch the underlying access token this token represents.
*
* @return string
*/
@@ -266,7 +272,7 @@ class Token
}
/**
- * Fetch the user's refresh token
+ * Fetch the user's refresh token.
*
* @return ?string
*/
@@ -277,7 +283,7 @@ class Token
/**
* Fetch the user info associated with this token from the OIDC
- * provider
+ * provider.
*
* @return array
*/
@@ -287,7 +293,7 @@ class Token
}
/**
- * Fetch the roles encoded in this token
+ * Fetch the roles encoded in this token.
*
* @return string[]
*/
@@ -297,7 +303,7 @@ class Token
}
/**
- * Fetch the uuid encoded in this token
+ * Fetch the uuid encoded in this token.
*
* @return string
*/
@@ -305,5 +311,4 @@ class Token
{
return 'crn:user:'.$this->getAccessTokenData()['sub'];
}
-
}
diff --git a/src/Providers/Authkit2ServiceProvider.php b/src/Providers/Authkit2ServiceProvider.php
index 4ae7edc..2f6dc7a 100644
--- a/src/Providers/Authkit2ServiceProvider.php
+++ b/src/Providers/Authkit2ServiceProvider.php
@@ -1,15 +1,16 @@
app->singleton(\authkit2\Oidc\Flows\ServiceAccountFlow::class, function() : \authkit2\Oidc\Flows\ServiceAccountFlow {
+ $this->app->singleton(\authkit2\Oidc\Flows\ServiceAccountFlow::class, static function(): \authkit2\Oidc\Flows\ServiceAccountFlow {
return new \authkit2\Oidc\Flows\ServiceAccountFlow(Authkit2::get_client());
});
- $this->app->singleton(\authkit2\Oidc\Flows\UserFlow::class, function() : \authkit2\Oidc\Flows\UserFlow {
+ $this->app->singleton(\authkit2\Oidc\Flows\UserFlow::class, static function(): \authkit2\Oidc\Flows\UserFlow {
return new \authkit2\Oidc\Flows\UserFlow(Authkit2::get_client());
});
}
/**
- * Initialize and register all authentication resources
+ * Initialize and register all authentication resources.
*
* @return void
*/
@@ -83,7 +83,7 @@ class AuthnServiceProvider extends ServiceProvider
/**
* Generate any missing config values for keycloak by reading JSON
- * auth config
+ * auth config.
*
* @return void
*/
@@ -125,7 +125,7 @@ class AuthnServiceProvider extends ServiceProvider
// running a composer require/composer install without credentials present.
if (config('authkit.authn.openid.client_id') != null && config('authkit.authn.openid.client_secret') != null && config('authkit.authn.openid.endpoint') != null)
{
- $this->app->booted(function() {
+ $this->app->booted(static function() {
Authkit2::configure(config('authkit.authn.openid.client_id'), config('authkit.authn.openid.client_secret'), config('authkit.authn.openid.endpoint'));
});
}
diff --git a/src/Providers/AuthzServiceProvider.php b/src/Providers/AuthzServiceProvider.php
index ab4b403..401915a 100644
--- a/src/Providers/AuthzServiceProvider.php
+++ b/src/Providers/AuthzServiceProvider.php
@@ -8,12 +8,12 @@ use Illuminate\Support\ServiceProvider;
/**
* Authorization provider to register and configure all
- * assets involved in permission checking
+ * assets involved in permission checking.
*/
class AuthzServiceProvider extends ServiceProvider
{
/**
- * Register the additional service providers the authorization process depends on
+ * Register the additional service providers the authorization process depends on.
*
* @return void
*/
@@ -22,7 +22,7 @@ class AuthzServiceProvider extends ServiceProvider
}
/**
- * Initialize and register all authorization resources
+ * Initialize and register all authorization resources.
*
* @return void
*/