Skip to content
This repository was archived by the owner on Mar 23, 2024. It is now read-only.

Commit 0914944

Browse files
codemashercodemasher
committed
:octocat:
1 parent c4b1b1a commit 0914944

11 files changed

+221
-124
lines changed

composer.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,9 +21,9 @@
2121
},
2222
"require": {
2323
"php": "^7.2",
24+
"ext-json":"*",
2425
"chillerlan/php-traits": "^2.0",
25-
"chillerlan/php-httpinterface": "^2.0",
26-
"chillerlan/php-magic-apiclient": "^1.1",
26+
"chillerlan/php-httpinterface": "dev-master",
2727
"psr/log": "^1.0"
2828
},
2929
"require-dev": {

examples/OAuth2Testprovider.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,15 +13,15 @@
1313
namespace chillerlan\OAuthExamples;
1414

1515
use chillerlan\OAuth\Core\{
16-
ClientCredentials, CSRFToken, CSRFTokenTrait, OAuth2ClientCredentialsTrait,
16+
ClientCredentials, CSRFToken, OAuth2CSRFTokenTrait, OAuth2ClientCredentialsTrait,
1717
OAuth2Provider, OAuth2TokenRefreshTrait, TokenExpires, TokenRefresh,
1818
};
1919

2020
/**
2121
*
2222
*/
2323
class OAuth2Testprovider extends OAuth2Provider implements ClientCredentials, CSRFToken, TokenExpires, TokenRefresh{
24-
use CSRFTokenTrait, OAuth2ClientCredentialsTrait, OAuth2TokenRefreshTrait;
24+
use OAuth2CSRFTokenTrait, OAuth2ClientCredentialsTrait, OAuth2TokenRefreshTrait;
2525

2626
protected $apiURL = 'https://api.example.com/';
2727
protected $authURL = 'https://example.com/oauth2/authorize';

src/Core/AccessToken.php

Lines changed: 25 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -12,9 +12,7 @@
1212

1313
namespace chillerlan\OAuth\Core;
1414

15-
use chillerlan\Traits\{
16-
ImmutableSettingsContainer, ImmutableSettingsInterface, Crypto\MemzeroDestructorTrait
17-
};
15+
use chillerlan\Settings\SettingsContainerAbstract;
1816

1917
/**
2018
* Base token implementation for any OAuth version.
@@ -31,10 +29,7 @@
3129
* @property int $expires
3230
* @property string $provider
3331
*/
34-
class AccessToken implements ImmutableSettingsInterface{
35-
use MemzeroDestructorTrait, ImmutableSettingsContainer{
36-
__construct as constructContainer;
37-
}
32+
class AccessToken extends SettingsContainerAbstract{
3833

3934
/**
4035
* Denotes an unknown end of life time.
@@ -99,11 +94,33 @@ class AccessToken implements ImmutableSettingsInterface{
9994
* @param iterable|null $properties
10095
*/
10196
public function __construct(iterable $properties = null){
102-
$this->constructContainer($properties);
97+
parent::__construct($properties);
10398

10499
$this->setExpiry($this->expires);
105100
}
106101

102+
/**
103+
* @return void
104+
*/
105+
public function __destruct(){
106+
107+
if(!function_exists('sodium_memzero')){
108+
return; // @codeCoverageIgnore
109+
}
110+
111+
foreach(array_keys(get_object_vars($this)) as $key){
112+
113+
if(is_scalar($this->{$key})){
114+
$this->{$key} = (string)$this->{$key};
115+
116+
sodium_memzero($this->{$key});
117+
}
118+
119+
unset($this->{$key});
120+
}
121+
122+
}
123+
107124
/**
108125
* AccessToken setter
109126
*

src/Core/OAuth1Provider.php

Lines changed: 28 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@
1212

1313
namespace chillerlan\OAuth\Core;
1414

15-
use chillerlan\HTTP\HTTPResponseInterface;
15+
use chillerlan\HTTP\Psr7;
16+
use Psr\Http\Message\ResponseInterface;
1617
use DateTime;
1718

1819
abstract class OAuth1Provider extends OAuthProvider implements OAuth1Interface{
@@ -32,44 +33,40 @@ abstract class OAuth1Provider extends OAuthProvider implements OAuth1Interface{
3233
*
3334
* @return string
3435
*/
35-
public function getAuthURL(array $params = null):string {
36+
public function getAuthURL(array $params = null):string{
3637

3738
$params = array_merge(
3839
$params ?? [],
3940
['oauth_token' => $this->getRequestToken()->requestToken]
4041
);
4142

42-
return $this->authURL.'?'.$this->httpBuildQuery($params);
43+
return $this->authURL.'?'.Psr7\build_http_query($params);
4344
}
4445

4546
/**
4647
* @return \chillerlan\OAuth\Core\AccessToken
4748
*/
48-
public function getRequestToken():AccessToken {
49-
$params = $this->getRequestTokenHeaderParams();
49+
public function getRequestToken():AccessToken{
50+
$params = $this->getRequestTokenHeaderParams();
51+
$headers = array_merge($this->authHeaders, [
52+
'Authorization' => 'OAuth '.Psr7\build_http_query($params, true, ', ', '"')
53+
]);
5054

5155
return $this->parseTokenResponse(
52-
$this->httpPOST(
53-
$this->requestTokenURL,
54-
[],
55-
null,
56-
array_merge($this->authHeaders, [
57-
'Authorization' => 'OAuth '.$this->httpBuildQuery($params, true, ', ', '"')
58-
])
59-
),
56+
$this->http->request($this->requestTokenURL, 'POST', null, null, $headers),
6057
true
6158
);
6259
}
6360

6461
/**
65-
* @param \chillerlan\HTTP\HTTPResponseInterface $response
66-
* @param bool|null $checkCallbackConfirmed
62+
* @param \Psr\Http\Message\ResponseInterface $response
63+
* @param bool|null $checkCallbackConfirmed
6764
*
6865
* @return \chillerlan\OAuth\Core\AccessToken
6966
* @throws \chillerlan\OAuth\Core\ProviderException
7067
*/
71-
protected function parseTokenResponse(HTTPResponseInterface $response, bool $checkCallbackConfirmed = null):AccessToken {
72-
parse_str($response->body, $data);
68+
protected function parseTokenResponse(ResponseInterface $response, bool $checkCallbackConfirmed = null):AccessToken{
69+
parse_str($response->getBody()->getContents(), $data);
7370

7471
if(!$data || !is_array($data)){
7572
throw new ProviderException('unable to parse token response');
@@ -110,7 +107,7 @@ protected function parseTokenResponse(HTTPResponseInterface $response, bool $che
110107
*
111108
* @return string
112109
*/
113-
protected function nonce():string {
110+
protected function nonce():string{
114111
$nonce = random_bytes(32);
115112

116113
// use the sodium extension if available
@@ -120,7 +117,7 @@ protected function nonce():string {
120117
/**
121118
* @return array
122119
*/
123-
protected function getRequestTokenHeaderParams():array {
120+
protected function getRequestTokenHeaderParams():array{
124121
$params = [
125122
'oauth_callback' => $this->options->callbackURL,
126123
'oauth_consumer_key' => $this->options->key,
@@ -143,7 +140,7 @@ protected function getRequestTokenHeaderParams():array {
143140
* @return string
144141
* @throws \chillerlan\OAuth\Core\ProviderException
145142
*/
146-
public function getSignature(string $url, array $params, string $method = null):string {
143+
public function getSignature(string $url, array $params, string $method = null):string{
147144
$parseURL = parse_url($url);
148145

149146
if(!isset($parseURL['host']) || !isset($parseURL['scheme']) || !in_array($parseURL['scheme'], ['http', 'https'], true)){
@@ -158,7 +155,7 @@ public function getSignature(string $url, array $params, string $method = null):
158155
$method ?? 'POST'
159156
);
160157

161-
$key = implode('&', $this->rawurlencode([$this->options->secret, $this->tokenSecret ?? '']));
158+
$key = implode('&', Psr7\raw_urlencode([$this->options->secret, $this->tokenSecret ?? '']));
162159

163160
return base64_encode(hash_hmac('sha1', $data, $key, true));
164161
}
@@ -179,10 +176,10 @@ protected function getSignatureData(string $signatureURL, array $signatureParams
179176
$data = [
180177
strtoupper($method),
181178
$signatureURL,
182-
$this->httpBuildQuery($signatureParams),
179+
Psr7\build_http_query($signatureParams),
183180
];
184181

185-
return implode('&', $this->rawurlencode($data));
182+
return implode('&', Psr7\raw_urlencode($data));
186183
}
187184

188185
/**
@@ -192,7 +189,7 @@ protected function getSignatureData(string $signatureURL, array $signatureParams
192189
*
193190
* @return \chillerlan\OAuth\Core\AccessToken
194191
*/
195-
public function getAccessToken(string $token, string $verifier, string $tokenSecret = null):AccessToken {
192+
public function getAccessToken(string $token, string $verifier, string $tokenSecret = null):AccessToken{
196193
$this->tokenSecret = $tokenSecret;
197194

198195
if(empty($this->tokenSecret)){
@@ -202,7 +199,7 @@ public function getAccessToken(string $token, string $verifier, string $tokenSec
202199
$body = ['oauth_verifier' => $verifier];
203200

204201
return $this->parseTokenResponse(
205-
$this->httpPOST($this->accessTokenURL, [], $body, $this->getAccessTokenHeaders($body))
202+
$this->http->request($this->accessTokenURL, 'POST', null, $body, $this->getAccessTokenHeaders($body))
206203
);
207204
}
208205

@@ -211,7 +208,7 @@ public function getAccessToken(string $token, string $verifier, string $tokenSec
211208
*
212209
* @return array
213210
*/
214-
protected function getAccessTokenHeaders(array $body):array {
211+
protected function getAccessTokenHeaders(array $body):array{
215212
return $this->requestHeaders($this->storage->getAccessToken($this->serviceName), $this->accessTokenURL, 'POST', $body, []);
216213
}
217214

@@ -233,11 +230,10 @@ protected function requestHeaders(AccessToken $token, string $url, string $metho
233230

234231
if(isset($params['oauth_session_handle'])){
235232
$parameters['oauth_session_handle'] = $params['oauth_session_handle'];
236-
unset($params['oauth_session_handle']);
237233
}
238234

239235
return array_merge($headers ?? [], $this->apiHeaders, [
240-
'Authorization' => 'OAuth '.$this->httpBuildQuery($parameters, true, ', ', '"')
236+
'Authorization' => 'OAuth '.Psr7\build_http_query($parameters, true, ', ', '"')
241237
]);
242238
}
243239

@@ -247,7 +243,7 @@ protected function requestHeaders(AccessToken $token, string $url, string $metho
247243
* @return array
248244
* @throws \Exception
249245
*/
250-
protected function requestHeaderParams(AccessToken $token):array {
246+
protected function requestHeaderParams(AccessToken $token):array{
251247
return [
252248
'oauth_consumer_key' => $this->options->key,
253249
'oauth_nonce' => $this->nonce(),
@@ -265,9 +261,9 @@ protected function requestHeaderParams(AccessToken $token):array {
265261
* @param null $body
266262
* @param array $headers
267263
*
268-
* @return \chillerlan\HTTP\HTTPResponseInterface
264+
* @return \Psr\Http\Message\ResponseInterface
269265
*/
270-
public function request(string $path, array $params = null, string $method = null, $body = null, array $headers = null):HTTPResponseInterface{
266+
public function request(string $path, array $params = null, string $method = null, $body = null, array $headers = null):ResponseInterface{
271267
$method = $method ?? 'GET';
272268

273269
$headers = $this->requestHeaders(
@@ -278,7 +274,7 @@ public function request(string $path, array $params = null, string $method = nul
278274
$headers
279275
);
280276

281-
return $this->httpRequest($this->apiURL.$path, $params, $method, $body, $headers);
277+
return $this->http->request($this->apiURL.$path, $method, $params, $body, $headers);
282278
}
283279

284280
}

src/Core/CSRFTokenTrait.php renamed to src/Core/OAuth2CSRFTokenTrait.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
<?php
22
/**
3-
* Trait CSRFTokenTrait
3+
* Trait OAuth2CSRFTokenTrait
44
*
5-
* @filesource CSRFTokenTrait.php
5+
* @filesource OAuth2CSRFTokenTrait.php
66
* @created 17.03.2018
77
* @package chillerlan\OAuth\Core
88
* @author smiley <smiley@chillerlan.net>
@@ -18,7 +18,7 @@
1818
* @property string $serviceName
1919
* @property \chillerlan\OAuth\Storage\OAuthStorageInterface $storage
2020
*/
21-
trait CSRFTokenTrait{
21+
trait OAuth2CSRFTokenTrait{
2222

2323
/**
2424
* @param string|null $state
@@ -47,7 +47,7 @@ protected function checkState(string $state = null):OAuth2Interface{
4747
*
4848
* @return array
4949
*/
50-
protected function setState(array $params):array {
50+
protected function setState(array $params):array{
5151

5252
if(!isset($params['state'])){
5353
$params['state'] = sha1(random_bytes(256));

src/Core/OAuth2ClientCredentialsTrait.php

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
* @property string $clientCredentialsTokenURL
1919
* @property string $accessTokenURL
2020
* @property \chillerlan\OAuth\Storage\OAuthStorageInterface $storage
21+
* @property \chillerlan\HTTP\HTTPClientInterface $http
2122
*/
2223
trait OAuth2ClientCredentialsTrait{
2324

@@ -26,11 +27,13 @@ trait OAuth2ClientCredentialsTrait{
2627
*
2728
* @return \chillerlan\OAuth\Core\AccessToken
2829
*/
29-
public function getClientCredentialsToken(array $scopes = null):AccessToken {
30+
public function getClientCredentialsToken(array $scopes = null):AccessToken{
31+
3032
$token = $this->parseTokenResponse(
31-
$this->httpPOST(
33+
$this->http->request(
3234
$this->clientCredentialsTokenURL ?? $this->accessTokenURL,
33-
[],
35+
'POST',
36+
null,
3437
$this->getClientCredentialsTokenBody($scopes ?? []),
3538
$this->getClientCredentialsTokenHeaders()
3639
)
@@ -46,7 +49,7 @@ public function getClientCredentialsToken(array $scopes = null):AccessToken {
4649
*
4750
* @return array
4851
*/
49-
protected function getClientCredentialsTokenBody(array $scopes):array {
52+
protected function getClientCredentialsTokenBody(array $scopes):array{
5053
return [
5154
'grant_type' => 'client_credentials',
5255
'scope' => implode($this->scopesDelimiter, $scopes),
@@ -56,7 +59,7 @@ protected function getClientCredentialsTokenBody(array $scopes):array {
5659
/**
5760
* @return array
5861
*/
59-
protected function getClientCredentialsTokenHeaders():array {
62+
protected function getClientCredentialsTokenHeaders():array{
6063
return array_merge($this->authHeaders, [
6164
'Authorization' => 'Basic '.base64_encode($this->options->key.':'.$this->options->secret),
6265
]);

0 commit comments

Comments
 (0)