|
@ -1,5 +1,7 @@ |
|
|
<?php |
|
|
<?php |
|
|
|
|
|
|
|
|
|
|
|
declare(strict_types=1); |
|
|
|
|
|
|
|
|
namespace authkit2; |
|
|
namespace authkit2; |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
@ -26,13 +28,13 @@ class Authkit2 |
|
|
private const LIB_PREFIX = 'authkit2.'; |
|
|
private const LIB_PREFIX = 'authkit2.'; |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Functions this class provides |
|
|
* Functions this class provides. |
|
|
* @array<string,callable> |
|
|
* @array<string,callable> |
|
|
*/ |
|
|
*/ |
|
|
protected $callbacks = []; |
|
|
protected $callbacks = []; |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Oidc client with the application credentials |
|
|
* Oidc client with the application credentials. |
|
|
* @var \authkit2\Oidc\Client |
|
|
* @var \authkit2\Oidc\Client |
|
|
*/ |
|
|
*/ |
|
|
protected $client; |
|
|
protected $client; |
|
@ -43,7 +45,6 @@ class Authkit2 |
|
|
* |
|
|
* |
|
|
* Basically, if we see the LARAVEL_START constant we assume Laravel and |
|
|
* Basically, if we see the LARAVEL_START constant we assume Laravel and |
|
|
* use Laravel facades, otherwise we use native php implementations. |
|
|
* use Laravel facades, otherwise we use native php implementations. |
|
|
* |
|
|
|
|
|
*/ |
|
|
*/ |
|
|
protected function __construct() |
|
|
protected function __construct() |
|
|
{ |
|
|
{ |
|
@ -60,7 +61,7 @@ class Authkit2 |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Retrieve the instance of Authkit2 class |
|
|
* Retrieve the instance of Authkit2 class. |
|
|
* |
|
|
* |
|
|
* @return Authkit2 |
|
|
* @return Authkit2 |
|
|
*/ |
|
|
*/ |
|
@ -75,13 +76,13 @@ class Authkit2 |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Override any of the function implementations |
|
|
* Override any of the function implementations. |
|
|
* |
|
|
* |
|
|
* Name is the same as the callable function name, e.g., |
|
|
* Name is the same as the callable function name, e.g., |
|
|
* Authkit2::cache_set() can be overriden with Authkit2->cache_set = function(...) {} |
|
|
* Authkit2::cache_set() can be overriden with Authkit2->cache_set = function(...) {} |
|
|
* |
|
|
* |
|
|
* @param string $name |
|
|
* @param string $name |
|
|
* @param callable $value |
|
|
* @param callable $value |
|
|
* @return void |
|
|
* @return void |
|
|
*/ |
|
|
*/ |
|
|
public function __set(string $name, $value): void |
|
|
public function __set(string $name, $value): void |
|
@ -101,10 +102,10 @@ class Authkit2 |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Call any of the provided methods |
|
|
* Call any of the provided methods. |
|
|
* |
|
|
* |
|
|
* @param string $name |
|
|
* @param string $name |
|
|
* @param mixed[] $arguments |
|
|
* @param mixed[] $arguments |
|
|
* @return mixed |
|
|
* @return mixed |
|
|
*/ |
|
|
*/ |
|
|
public static function __callStatic(string $name, array $arguments) |
|
|
public static function __callStatic(string $name, array $arguments) |
|
@ -122,8 +123,8 @@ class Authkit2 |
|
|
* Helper method for getting cache values, and generating and setting if |
|
|
* Helper method for getting cache values, and generating and setting if |
|
|
* they do not exist. |
|
|
* they do not exist. |
|
|
* |
|
|
* |
|
|
* @param string $key cache key |
|
|
* @param string $key cache key |
|
|
* @param callable $generator method that returns the value if we do not have it cached |
|
|
* @param callable $generator method that returns the value if we do not have it cached |
|
|
* @return mixed |
|
|
* @return mixed |
|
|
*/ |
|
|
*/ |
|
|
protected function cache_helper(string $key, callable $generator) |
|
|
protected function cache_helper(string $key, callable $generator) |
|
@ -139,7 +140,7 @@ class Authkit2 |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Initialize common library functions that don't require an environment-specific |
|
|
* Initialize common library functions that don't require an environment-specific |
|
|
* implementation |
|
|
* implementation. |
|
|
* |
|
|
* |
|
|
* @return array<string,callable> |
|
|
* @return array<string,callable> |
|
|
*/ |
|
|
*/ |
|
@ -156,7 +157,7 @@ class Authkit2 |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Initialize the class by binding all the PHP native implementations of |
|
|
* Initialize the class by binding all the PHP native implementations of |
|
|
* functions |
|
|
* functions. |
|
|
* |
|
|
* |
|
|
* @return array<string,callable> |
|
|
* @return array<string,callable> |
|
|
*/ |
|
|
*/ |
|
@ -172,7 +173,7 @@ class Authkit2 |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Initialize the class by binding Laravel adapters as the implementation |
|
|
* Initialize the class by binding Laravel adapters as the implementation |
|
|
* of all functions |
|
|
* of all functions. |
|
|
* |
|
|
* |
|
|
* @return array<string,callable> |
|
|
* @return array<string,callable> |
|
|
*/ |
|
|
*/ |
|
@ -180,35 +181,35 @@ class Authkit2 |
|
|
{ |
|
|
{ |
|
|
return [ |
|
|
return [ |
|
|
'session_get' => |
|
|
'session_get' => |
|
|
/** |
|
|
/** |
|
|
* Fetch a variable from the session |
|
|
* Fetch a variable from the session. |
|
|
* @param string $key |
|
|
* @param string $key |
|
|
* @return mixed |
|
|
* @return mixed |
|
|
*/ |
|
|
*/ |
|
|
function(string $key) { return \Session::get($key); }, |
|
|
static function(string $key) { return \Session::get($key); }, |
|
|
'session_set' => |
|
|
'session_set' => |
|
|
/** |
|
|
/** |
|
|
* Set a variable in the session |
|
|
* Set a variable in the session. |
|
|
* @param string $key |
|
|
* @param string $key |
|
|
* @param mixed $value |
|
|
* @param mixed $value |
|
|
* @return void |
|
|
* @return void |
|
|
*/ |
|
|
*/ |
|
|
function(string $key, $value): void { \Session::put($key, $value); }, |
|
|
static function(string $key, $value): void { \Session::put($key, $value); }, |
|
|
'cache_get' => |
|
|
'cache_get' => |
|
|
/** |
|
|
/** |
|
|
* Fetch a value from cache |
|
|
* Fetch a value from cache. |
|
|
* @param string $key |
|
|
* @param string $key |
|
|
* @return mixed |
|
|
* @return mixed |
|
|
*/ |
|
|
*/ |
|
|
function(string $key) { return \Cache::get($key); }, |
|
|
static function(string $key) { return \Cache::get($key); }, |
|
|
'cache_set' => |
|
|
'cache_set' => |
|
|
/** |
|
|
/** |
|
|
* Set a value in cache |
|
|
* Set a value in cache. |
|
|
* @param string $key |
|
|
* @param string $key |
|
|
* @param mixed $value |
|
|
* @param mixed $value |
|
|
* @return void |
|
|
* @return void |
|
|
*/ |
|
|
*/ |
|
|
function(string $key, $value): void { \Cache::set($key, $value); } |
|
|
static function(string $key, $value): void { \Cache::set($key, $value); } |
|
|
]; |
|
|
]; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
@ -216,7 +217,7 @@ class Authkit2 |
|
|
* Retrieve a property out of the $_SESSION variable; null if the |
|
|
* Retrieve a property out of the $_SESSION variable; null if the |
|
|
* property doesn't exist. |
|
|
* property doesn't exist. |
|
|
* |
|
|
* |
|
|
* @param string $key |
|
|
* @param string $key |
|
|
* @return mixed |
|
|
* @return mixed |
|
|
*/ |
|
|
*/ |
|
|
protected function native_session_get(string $key) |
|
|
protected function native_session_get(string $key) |
|
@ -226,10 +227,10 @@ class Authkit2 |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Set a value in the $_SESSION variable |
|
|
* Set a value in the $_SESSION variable. |
|
|
* |
|
|
* |
|
|
* @param string $key |
|
|
* @param string $key |
|
|
* @param mixed $value |
|
|
* @param mixed $value |
|
|
* @return void |
|
|
* @return void |
|
|
*/ |
|
|
*/ |
|
|
protected function native_session_set(string $key, $value): void |
|
|
protected function native_session_set(string $key, $value): void |
|
@ -239,7 +240,7 @@ class Authkit2 |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Check whether a PHP session exists, and if not try and start one |
|
|
* Check whether a PHP session exists, and if not try and start one. |
|
|
* |
|
|
* |
|
|
* @internal |
|
|
* @internal |
|
|
* @return void |
|
|
* @return void |
|
@ -247,17 +248,21 @@ class Authkit2 |
|
|
protected function native_session_check(): void |
|
|
protected function native_session_check(): void |
|
|
{ |
|
|
{ |
|
|
if (session_status() == \PHP_SESSION_NONE) |
|
|
if (session_status() == \PHP_SESSION_NONE) |
|
|
|
|
|
{ |
|
|
session_start(); |
|
|
session_start(); |
|
|
else if (session_status() == \PHP_SESSION_DISABLED) |
|
|
} |
|
|
throw new \Exception("Authkit2 requires PHP sessions are enabled"); |
|
|
elseif (session_status() == \PHP_SESSION_DISABLED) |
|
|
|
|
|
{ |
|
|
|
|
|
throw new \Exception('Authkit2 requires PHP sessions are enabled'); |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Dummy cache implementation to avoid errors; always returns default |
|
|
* Dummy cache implementation to avoid errors; always returns default. |
|
|
* |
|
|
* |
|
|
* @todo Check if apcu is available and use if so? Fall back to temp files? |
|
|
* @todo Check if apcu is available and use if so? Fall back to temp files? |
|
|
* @param string $key cache key to retrieve |
|
|
* @param string $key cache key to retrieve |
|
|
* @param mixed $default value to return if the specified key is not found |
|
|
* @param mixed $default value to return if the specified key is not found |
|
|
* @return mixed |
|
|
* @return mixed |
|
|
*/ |
|
|
*/ |
|
|
protected function native_cache_get(string $key, $default = null) |
|
|
protected function native_cache_get(string $key, $default = null) |
|
@ -266,10 +271,10 @@ class Authkit2 |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Dummy cache implementation |
|
|
* Dummy cache implementation. |
|
|
* |
|
|
* |
|
|
* @param string $key cache key to set |
|
|
* @param string $key cache key to set |
|
|
* @param mixed $value value to cache |
|
|
* @param mixed $value value to cache |
|
|
* @return void |
|
|
* @return void |
|
|
*/ |
|
|
*/ |
|
|
protected function native_cache_set(string $key, $value): void |
|
|
protected function native_cache_set(string $key, $value): void |
|
@ -277,11 +282,11 @@ class Authkit2 |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Configure the authkit2 library |
|
|
* Configure the authkit2 library. |
|
|
* |
|
|
* |
|
|
* @param string $client_id |
|
|
* @param string $client_id |
|
|
* @param string $client_secret |
|
|
* @param string $client_secret |
|
|
* @param string $endpoint |
|
|
* @param string $endpoint |
|
|
* @return void |
|
|
* @return void |
|
|
*/ |
|
|
*/ |
|
|
protected function ak2_configure(string $client_id, string $client_secret, string $endpoint): void |
|
|
protected function ak2_configure(string $client_id, string $client_secret, string $endpoint): void |
|
@ -290,7 +295,7 @@ class Authkit2 |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Fetch a OIDC client authenticated as this application |
|
|
* Fetch a OIDC client authenticated as this application. |
|
|
* |
|
|
* |
|
|
* @return Oidc\Client |
|
|
* @return Oidc\Client |
|
|
*/ |
|
|
*/ |
|
@ -308,8 +313,8 @@ class Authkit2 |
|
|
* expired then requests will simply fail. This use case is intended for |
|
|
* expired then requests will simply fail. This use case is intended for |
|
|
* authenticating requests using tokens other applications have sent to us. |
|
|
* authenticating requests using tokens other applications have sent to us. |
|
|
* |
|
|
* |
|
|
* @param string $access_token |
|
|
* @param string $access_token |
|
|
* @param ?string $refresh_token |
|
|
* @param ?string $refresh_token |
|
|
* @return Oidc\Token |
|
|
* @return Oidc\Token |
|
|
*/ |
|
|
*/ |
|
|
protected function ak2_get_token(string $access_token, ?string $refresh_token = null): Oidc\Token |
|
|
protected function ak2_get_token(string $access_token, ?string $refresh_token = null): Oidc\Token |
|
@ -321,12 +326,11 @@ class Authkit2 |
|
|
* Refresh a token object -- generate a new access token from its |
|
|
* Refresh a token object -- generate a new access token from its |
|
|
* refresh_token. |
|
|
* refresh_token. |
|
|
* |
|
|
* |
|
|
* @param Oidc\Token $token |
|
|
* @param Oidc\Token $token |
|
|
* @return Oidc\Token a newly generated token |
|
|
* @return Oidc\Token a newly generated token |
|
|
*/ |
|
|
*/ |
|
|
protected function ak2_refresh_token(Oidc\Token $token): Oidc\Token |
|
|
protected function ak2_refresh_token(Oidc\Token $token): Oidc\Token |
|
|
{ |
|
|
{ |
|
|
return $this->client->refreshToken($token); |
|
|
return $this->client->refreshToken($token); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
} |
|
|
} |
|
|