guilhem_lavaux/gl-website-deployer
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update website

Browse source
This commit is contained in:
Guilhem Lavaux 2024-11-19 08:02:04 +01:00
parent 4413528994
commit 1d90fbf296
6865 changed files with 1091082 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

21
vendor/league/oauth2-client/LICENSE vendored Normal file
View file

@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2013-2020 Alex Bilbie <hello@alexbilbie.com>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

58
vendor/league/oauth2-client/README.md vendored Normal file
View file

@ -0,0 +1,58 @@
# OAuth 2.0 Client
This package provides a base for integrating with [OAuth 2.0](http://oauth.net/2/) service providers.
[![Gitter Chat](https://img.shields.io/badge/gitter-join_chat-brightgreen.svg?style=flat-square)](https://gitter.im/thephpleague/oauth2-client)
[![Source Code](https://img.shields.io/badge/source-thephpleague/oauth2--client-blue.svg?style=flat-square)](https://github.com/thephpleague/oauth2-client)
[![Latest Version](https://img.shields.io/github/release/thephpleague/oauth2-client.svg?style=flat-square)](https://github.com/thephpleague/oauth2-client/releases)
[![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](https://github.com/thephpleague/oauth2-client/blob/master/LICENSE)
[![Build Status](https://img.shields.io/github/actions/workflow/status/thephpleague/oauth2-client/continuous-integration.yml?label=CI&logo=github&style=flat-square)](https://github.com/thephpleague/oauth2-client/actions?query=workflow%3ACI)
[![Codecov Code Coverage](https://img.shields.io/codecov/c/gh/thephpleague/oauth2-client?label=codecov&logo=codecov&style=flat-square)](https://codecov.io/gh/thephpleague/oauth2-client)
[![Total Downloads](https://img.shields.io/packagist/dt/league/oauth2-client.svg?style=flat-square)](https://packagist.org/packages/league/oauth2-client)
---
The OAuth 2.0 login flow, seen commonly around the web in the form of "Connect with Facebook/Google/etc." buttons, is a common integration added to web applications, but it can be tricky and tedious to do right. To help, we've created the `league/oauth2-client` package, which provides a base for integrating with various OAuth 2.0 providers, without overburdening your application with the concerns of [RFC 6749](http://tools.ietf.org/html/rfc6749).
This OAuth 2.0 client library will work with any OAuth 2.0 provider that conforms to the OAuth 2.0 Authorization Framework. Out-of-the-box, we provide a `GenericProvider` class to connect to any service provider that uses [Bearer tokens](http://tools.ietf.org/html/rfc6750). See our [basic usage guide](https://oauth2-client.thephpleague.com/usage/) for examples using `GenericProvider`.
Many service providers provide additional functionality above and beyond the OAuth 2.0 specification. For this reason, you may extend and wrap this library to support additional behavior. There are already many [official](https://oauth2-client.thephpleague.com/providers/league/) and [third-party](https://oauth2-client.thephpleague.com/providers/thirdparty/) provider clients available (e.g., Facebook, GitHub, Google, Instagram, LinkedIn, etc.). If your provider isn't in the list, feel free to add it.
This package is compliant with [PSR-1][], [PSR-2][], [PSR-4][], and [PSR-7][]. If you notice compliance oversights, please send a patch via pull request. If you're interested in contributing to this library, please take a look at our [contributing guidelines](https://github.com/thephpleague/oauth2-client/blob/master/CONTRIBUTING.md).
## Requirements
We support the following versions of PHP:
* PHP 8.1
* PHP 8.0
* PHP 7.4
* PHP 7.3
* PHP 7.2
* PHP 7.1
* PHP 7.0
* PHP 5.6
## Provider Clients
We provide a list of [official PHP League provider clients](https://oauth2-client.thephpleague.com/providers/league/), as well as [third-party provider clients](https://oauth2-client.thephpleague.com/providers/thirdparty/).
To build your own provider client, please refer to "[Implementing a Provider Client](https://oauth2-client.thephpleague.com/providers/implementing/)."
## Usage
For usage and code examples, check out our [basic usage guide](https://oauth2-client.thephpleague.com/usage/).
## Contributing
Please see [our contributing guidelines](https://github.com/thephpleague/oauth2-client/blob/master/CONTRIBUTING.md) for details.
## License
The MIT License (MIT). Please see [LICENSE](https://github.com/thephpleague/oauth2-client/blob/master/LICENSE) for more information.
[PSR-1]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-1-basic-coding-standard.md
[PSR-2]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md
[PSR-4]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-4-autoloader.md
[PSR-7]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-7-http-message.md

58
vendor/league/oauth2-client/composer.json vendored Normal file
View file

@ -0,0 +1,58 @@
{
"name": "league/oauth2-client",
"description": "OAuth 2.0 Client Library",
"license": "MIT",
"config": {
"sort-packages": true
},
"require": {
"php": "^5.6 || ^7.0 || ^8.0",
"guzzlehttp/guzzle": "^6.0 || ^7.0",
"paragonie/random_compat": "^1 || ^2 || ^9.99"
},
"require-dev": {
"mockery/mockery": "^1.3.5",
"php-parallel-lint/php-parallel-lint": "^1.3.1",
"phpunit/phpunit": "^5.7 || ^6.0 || ^9.5",
"squizlabs/php_codesniffer": "^2.3 || ^3.0"
},
"keywords": [
"oauth",
"oauth2",
"authorization",
"authentication",
"idp",
"identity",
"sso",
"single sign on"
],
"authors": [
{
"name": "Alex Bilbie",
"email": "hello@alexbilbie.com",
"homepage": "http://www.alexbilbie.com",
"role": "Developer"
},
{
"name": "Woody Gilk",
"homepage": "https://github.com/shadowhand",
"role": "Contributor"
}
],
"autoload": {
"psr-4": {
"League\\OAuth2\\Client\\": "src/"
}
},
"autoload-dev": {
"psr-4": {
"League\\OAuth2\\Client\\Test\\": "test/src/"
}
},
"extra": {
"branch-alias": {
"dev-2.x": "2.0.x-dev"
}
}
}

80
vendor/league/oauth2-client/src/Grant/AbstractGrant.php vendored Normal file
View file

@ -0,0 +1,80 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Grant;
use League\OAuth2\Client\Tool\RequiredParameterTrait;
/**
* Represents a type of authorization grant.
*
* An authorization grant is a credential representing the resource
* owner's authorization (to access its protected resources) used by the
* client to obtain an access token. OAuth 2.0 defines four
* grant types -- authorization code, implicit, resource owner password
* credentials, and client credentials -- as well as an extensibility
* mechanism for defining additional types.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3 Authorization Grant (RFC 6749, §1.3)
*/
abstract class AbstractGrant
{
use RequiredParameterTrait;
/**
* Returns the name of this grant, eg. 'grant_name', which is used as the
* grant type when encoding URL query parameters.
*
* @return string
*/
abstract protected function getName();
/**
* Returns a list of all required request parameters.
*
* @return array
*/
abstract protected function getRequiredRequestParameters();
/**
* Returns this grant's name as its string representation. This allows for
* string interpolation when building URL query parameters.
*
* @return string
*/
public function __toString()
{
return $this->getName();
}
/**
* Prepares an access token request's parameters by checking that all
* required parameters are set, then merging with any given defaults.
*
* @param array $defaults
* @param array $options
* @return array
*/
public function prepareRequestParameters(array $defaults, array $options)
{
$defaults['grant_type'] = $this->getName();
$required = $this->getRequiredRequestParameters();
$provided = array_merge($defaults, $options);
$this->checkRequiredParameters($required, $provided);
return $provided;
}
}

41
vendor/league/oauth2-client/src/Grant/AuthorizationCode.php vendored Normal file
View file

@ -0,0 +1,41 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Grant;
/**
* Represents an authorization code grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3.1 Authorization Code (RFC 6749, §1.3.1)
*/
class AuthorizationCode extends AbstractGrant
{
/**
* @inheritdoc
*/
protected function getName()
{
return 'authorization_code';
}
/**
* @inheritdoc
*/
protected function getRequiredRequestParameters()
{
return [
'code',
];
}
}

39
vendor/league/oauth2-client/src/Grant/ClientCredentials.php vendored Normal file
View file

@ -0,0 +1,39 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Grant;
/**
* Represents a client credentials grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3.4 Client Credentials (RFC 6749, §1.3.4)
*/
class ClientCredentials extends AbstractGrant
{
/**
* @inheritdoc
*/
protected function getName()
{
return 'client_credentials';
}
/**
* @inheritdoc
*/
protected function getRequiredRequestParameters()
{
return [];
}
}

26
vendor/league/oauth2-client/src/Grant/Exception/InvalidGrantException.php vendored Normal file
View file

@ -0,0 +1,26 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Grant\Exception;
use InvalidArgumentException;
/**
* Exception thrown if the grant does not extend from AbstractGrant.
*
* @see League\OAuth2\Client\Grant\AbstractGrant
*/
class InvalidGrantException extends InvalidArgumentException
{
}

104
vendor/league/oauth2-client/src/Grant/GrantFactory.php vendored Normal file
View file

@ -0,0 +1,104 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Grant;
use League\OAuth2\Client\Grant\Exception\InvalidGrantException;
/**
* Represents a factory used when retrieving an authorization grant type.
*/
class GrantFactory
{
/**
* @var array
*/
protected $registry = [];
/**
* Defines a grant singleton in the registry.
*
* @param string $name
* @param AbstractGrant $grant
* @return self
*/
public function setGrant($name, AbstractGrant $grant)
{
$this->registry[$name] = $grant;
return $this;
}
/**
* Returns a grant singleton by name.
*
* If the grant has not be registered, a default grant will be loaded.
*
* @param string $name
* @return AbstractGrant
*/
public function getGrant($name)
{
if (empty($this->registry[$name])) {
$this->registerDefaultGrant($name);
}
return $this->registry[$name];
}
/**
* Registers a default grant singleton by name.
*
* @param string $name
* @return self
*/
protected function registerDefaultGrant($name)
{
// PascalCase the grant. E.g: 'authorization_code' becomes 'AuthorizationCode'
$class = str_replace(' ', '', ucwords(str_replace(['-', '_'], ' ', $name)));
$class = 'League\\OAuth2\\Client\\Grant\\' . $class;
$this->checkGrant($class);
return $this->setGrant($name, new $class);
}
/**
* Determines if a variable is a valid grant.
*
* @param mixed $class
* @return boolean
*/
public function isGrant($class)
{
return is_subclass_of($class, AbstractGrant::class);
}
/**
* Checks if a variable is a valid grant.
*
* @throws InvalidGrantException
* @param mixed $class
* @return void
*/
public function checkGrant($class)
{
if (!$this->isGrant($class)) {
throw new InvalidGrantException(sprintf(
'Grant "%s" must extend AbstractGrant',
is_object($class) ? get_class($class) : $class
));
}
}
}

42
vendor/league/oauth2-client/src/Grant/Password.php vendored Normal file
View file

@ -0,0 +1,42 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Grant;
/**
* Represents a resource owner password credentials grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3.3 Resource Owner Password Credentials (RFC 6749, §1.3.3)
*/
class Password extends AbstractGrant
{
/**
* @inheritdoc
*/
protected function getName()
{
return 'password';
}
/**
* @inheritdoc
*/
protected function getRequiredRequestParameters()
{
return [
'username',
'password',
];
}
}

41
vendor/league/oauth2-client/src/Grant/RefreshToken.php vendored Normal file
View file

@ -0,0 +1,41 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Grant;
/**
* Represents a refresh token grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-6 Refreshing an Access Token (RFC 6749, §6)
*/
class RefreshToken extends AbstractGrant
{
/**
* @inheritdoc
*/
protected function getName()
{
return 'refresh_token';
}
/**
* @inheritdoc
*/
protected function getRequiredRequestParameters()
{
return [
'refresh_token',
];
}
}

42
vendor/league/oauth2-client/src/OptionProvider/HttpBasicAuthOptionProvider.php vendored Normal file
View file

@ -0,0 +1,42 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\OptionProvider;
use InvalidArgumentException;
/**
* Add http basic auth into access token request options
* @link https://tools.ietf.org/html/rfc6749#section-2.3.1
*/
class HttpBasicAuthOptionProvider extends PostAuthOptionProvider
{
/**
* @inheritdoc
*/
public function getAccessTokenOptions($method, array $params)
{
if (empty($params['client_id']) || empty($params['client_secret'])) {
throw new InvalidArgumentException('clientId and clientSecret are required for http basic auth');
}
$encodedCredentials = base64_encode(sprintf('%s:%s', $params['client_id'], $params['client_secret']));
unset($params['client_id'], $params['client_secret']);
$options = parent::getAccessTokenOptions($method, $params);
$options['headers']['Authorization'] = 'Basic ' . $encodedCredentials;
return $options;
}
}

30
vendor/league/oauth2-client/src/OptionProvider/OptionProviderInterface.php vendored Normal file
View file

@ -0,0 +1,30 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\OptionProvider;
/**
* Interface for access token options provider
*/
interface OptionProviderInterface
{
/**
* Builds request options used for requesting an access token.
*
* @param string $method
* @param array $params
* @return array
*/
public function getAccessTokenOptions($method, array $params);
}

51
vendor/league/oauth2-client/src/OptionProvider/PostAuthOptionProvider.php vendored Normal file
View file

@ -0,0 +1,51 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\OptionProvider;
use League\OAuth2\Client\Provider\AbstractProvider;
use League\OAuth2\Client\Tool\QueryBuilderTrait;
/**
* Provide options for access token
*/
class PostAuthOptionProvider implements OptionProviderInterface
{
use QueryBuilderTrait;
/**
* @inheritdoc
*/
public function getAccessTokenOptions($method, array $params)
{
$options = ['headers' => ['content-type' => 'application/x-www-form-urlencoded']];
if ($method === AbstractProvider::METHOD_POST) {
$options['body'] = $this->getAccessTokenBody($params);
}
return $options;
}
/**
* Returns the request body for requesting an access token.
*
* @param array $params
* @return string
*/
protected function getAccessTokenBody(array $params)
{
return $this->buildQueryString($params);
}
}

941
vendor/league/oauth2-client/src/Provider/AbstractProvider.php vendored Normal file
View file

@ -0,0 +1,941 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Provider;
use GuzzleHttp\Client as HttpClient;
use GuzzleHttp\ClientInterface as HttpClientInterface;
use GuzzleHttp\Exception\BadResponseException;
use InvalidArgumentException;
use League\OAuth2\Client\Grant\AbstractGrant;
use League\OAuth2\Client\Grant\GrantFactory;
use League\OAuth2\Client\OptionProvider\OptionProviderInterface;
use League\OAuth2\Client\OptionProvider\PostAuthOptionProvider;
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Token\AccessToken;
use League\OAuth2\Client\Token\AccessTokenInterface;
use League\OAuth2\Client\Tool\ArrayAccessorTrait;
use League\OAuth2\Client\Tool\GuardedPropertyTrait;
use League\OAuth2\Client\Tool\QueryBuilderTrait;
use League\OAuth2\Client\Tool\RequestFactory;
use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\ResponseInterface;
use UnexpectedValueException;
/**
* Represents a service provider (authorization server).
*
* @link http://tools.ietf.org/html/rfc6749#section-1.1 Roles (RFC 6749, §1.1)
*/
abstract class AbstractProvider
{
use ArrayAccessorTrait;
use GuardedPropertyTrait;
use QueryBuilderTrait;
/**
* @var string|null Key used in a token response to identify the resource owner.
*/
const ACCESS_TOKEN_RESOURCE_OWNER_ID = null;
/**
* @var string HTTP method used to fetch access tokens.
*/
const METHOD_GET = 'GET';
/**
* @var string HTTP method used to fetch access tokens.
*/
const METHOD_POST = 'POST';
/**
* @var string PKCE method used to fetch authorization token.
* The PKCE code challenge will be hashed with sha256 (recommended).
*/
const PKCE_METHOD_S256 = 'S256';
/**
* @var string PKCE method used to fetch authorization token.
* The PKCE code challenge will be sent as plain text, this is NOT recommended.
* Only use `plain` if no other option is possible.
*/
const PKCE_METHOD_PLAIN = 'plain';
/**
* @var string
*/
protected $clientId;
/**
* @var string
*/
protected $clientSecret;
/**
* @var string
*/
protected $redirectUri;
/**
* @var string
*/
protected $state;
/**
* @var string|null
*/
protected $pkceCode = null;
/**
* @var GrantFactory
*/
protected $grantFactory;
/**
* @var RequestFactory
*/
protected $requestFactory;
/**
* @var HttpClientInterface
*/
protected $httpClient;
/**
* @var OptionProviderInterface
*/
protected $optionProvider;
/**
* Constructs an OAuth 2.0 service provider.
*
* @param array $options An array of options to set on this provider.
* Options include `clientId`, `clientSecret`, `redirectUri`, and `state`.
* Individual providers may introduce more options, as needed.
* @param array $collaborators An array of collaborators that may be used to
* override this provider's default behavior. Collaborators include
* `grantFactory`, `requestFactory`, and `httpClient`.
* Individual providers may introduce more collaborators, as needed.
*/
public function __construct(array $options = [], array $collaborators = [])
{
// We'll let the GuardedPropertyTrait handle mass assignment of incoming
// options, skipping any blacklisted properties defined in the provider
$this->fillProperties($options);
if (empty($collaborators['grantFactory'])) {
$collaborators['grantFactory'] = new GrantFactory();
}
$this->setGrantFactory($collaborators['grantFactory']);
if (empty($collaborators['requestFactory'])) {
$collaborators['requestFactory'] = new RequestFactory();
}
$this->setRequestFactory($collaborators['requestFactory']);
if (empty($collaborators['httpClient'])) {
$client_options = $this->getAllowedClientOptions($options);
$collaborators['httpClient'] = new HttpClient(
array_intersect_key($options, array_flip($client_options))
);
}
$this->setHttpClient($collaborators['httpClient']);
if (empty($collaborators['optionProvider'])) {
$collaborators['optionProvider'] = new PostAuthOptionProvider();
}
$this->setOptionProvider($collaborators['optionProvider']);
}
/**
* Returns the list of options that can be passed to the HttpClient
*
* @param array $options An array of options to set on this provider.
* Options include `clientId`, `clientSecret`, `redirectUri`, and `state`.
* Individual providers may introduce more options, as needed.
* @return array The options to pass to the HttpClient constructor
*/
protected function getAllowedClientOptions(array $options)
{
$client_options = ['timeout', 'proxy'];
// Only allow turning off ssl verification if it's for a proxy
if (!empty($options['proxy'])) {
$client_options[] = 'verify';
}
return $client_options;
}
/**
* Sets the grant factory instance.
*
* @param GrantFactory $factory
* @return self
*/
public function setGrantFactory(GrantFactory $factory)
{
$this->grantFactory = $factory;
return $this;
}
/**
* Returns the current grant factory instance.
*
* @return GrantFactory
*/
public function getGrantFactory()
{
return $this->grantFactory;
}
/**
* Sets the request factory instance.
*
* @param RequestFactory $factory
* @return self
*/
public function setRequestFactory(RequestFactory $factory)
{
$this->requestFactory = $factory;
return $this;
}
/**
* Returns the request factory instance.
*
* @return RequestFactory
*/
public function getRequestFactory()
{
return $this->requestFactory;
}
/**
* Sets the HTTP client instance.
*
* @param HttpClientInterface $client
* @return self
*/
public function setHttpClient(HttpClientInterface $client)
{
$this->httpClient = $client;
return $this;
}
/**
* Returns the HTTP client instance.
*
* @return HttpClientInterface
*/
public function getHttpClient()
{
return $this->httpClient;
}
/**
* Sets the option provider instance.
*
* @param OptionProviderInterface $provider
* @return self
*/
public function setOptionProvider(OptionProviderInterface $provider)
{
$this->optionProvider = $provider;
return $this;
}
/**
* Returns the option provider instance.
*
* @return OptionProviderInterface
*/
public function getOptionProvider()
{
return $this->optionProvider;
}
/**
* Returns the current value of the state parameter.
*
* This can be accessed by the redirect handler during authorization.
*
* @return string
*/
public function getState()
{
return $this->state;
}
/**
* Set the value of the pkceCode parameter.
*
* When using PKCE this should be set before requesting an access token.
*
* @param string $pkceCode
* @return self
*/
public function setPkceCode($pkceCode)
{
$this->pkceCode = $pkceCode;
return $this;
}
/**
* Returns the current value of the pkceCode parameter.
*
* This can be accessed by the redirect handler during authorization.
*
* @return string|null
*/
public function getPkceCode()
{
return $this->pkceCode;
}
/**
* Returns the base URL for authorizing a client.
*
* Eg. https://oauth.service.com/authorize
*
* @return string
*/
abstract public function getBaseAuthorizationUrl();
/**
* Returns the base URL for requesting an access token.
*
* Eg. https://oauth.service.com/token
*
* @param array $params
* @return string
*/
abstract public function getBaseAccessTokenUrl(array $params);
/**
* Returns the URL for requesting the resource owner's details.
*
* @param AccessToken $token
* @return string
*/
abstract public function getResourceOwnerDetailsUrl(AccessToken $token);
/**
* Returns a new random string to use as the state parameter in an
* authorization flow.
*
* @param int $length Length of the random string to be generated.
* @return string
*/
protected function getRandomState($length = 32)
{
// Converting bytes to hex will always double length. Hence, we can reduce
// the amount of bytes by half to produce the correct length.
return bin2hex(random_bytes($length / 2));
}
/**
* Returns a new random string to use as PKCE code_verifier and
* hashed as code_challenge parameters in an authorization flow.
* Must be between 43 and 128 characters long.
*
* @param int $length Length of the random string to be generated.
* @return string
*/
protected function getRandomPkceCode($length = 64)
{
return substr(
strtr(
base64_encode(random_bytes($length)),
'+/',
'-_'
),
0,
$length
);
}
/**
* Returns the default scopes used by this provider.
*
* This should only be the scopes that are required to request the details
* of the resource owner, rather than all the available scopes.
*
* @return array
*/
abstract protected function getDefaultScopes();
/**
* Returns the string that should be used to separate scopes when building
* the URL for requesting an access token.
*
* @return string Scope separator, defaults to ','
*/
protected function getScopeSeparator()
{
return ',';
}
/**
* @return string|null
*/
protected function getPkceMethod()
{
return null;
}
/**
* Returns authorization parameters based on provided options.
*
* @param array $options
* @return array Authorization parameters
*/
protected function getAuthorizationParameters(array $options)
{
if (empty($options['state'])) {
$options['state'] = $this->getRandomState();
}
if (empty($options['scope'])) {
$options['scope'] = $this->getDefaultScopes();
}
$options += [
'response_type' => 'code',
'approval_prompt' => 'auto'
];
if (is_array($options['scope'])) {
$separator = $this->getScopeSeparator();
$options['scope'] = implode($separator, $options['scope']);
}
// Store the state as it may need to be accessed later on.
$this->state = $options['state'];
$pkceMethod = $this->getPkceMethod();
if (!empty($pkceMethod)) {
$this->pkceCode = $this->getRandomPkceCode();
if ($pkceMethod === static::PKCE_METHOD_S256) {
$options['code_challenge'] = trim(
strtr(
base64_encode(hash('sha256', $this->pkceCode, true)),
'+/',
'-_'
),
'='
);
} elseif ($pkceMethod === static::PKCE_METHOD_PLAIN) {
$options['code_challenge'] = $this->pkceCode;
} else {
throw new InvalidArgumentException('Unknown PKCE method "' . $pkceMethod . '".');
}
$options['code_challenge_method'] = $pkceMethod;
}
// Business code layer might set a different redirect_uri parameter
// depending on the context, leave it as-is
if (!isset($options['redirect_uri'])) {
$options['redirect_uri'] = $this->redirectUri;
}
$options['client_id'] = $this->clientId;
return $options;
}
/**
* Builds the authorization URL's query string.
*
* @param array $params Query parameters
* @return string Query string
*/
protected function getAuthorizationQuery(array $params)
{
return $this->buildQueryString($params);
}
/**
* Builds the authorization URL.
*
* @param array $options
* @return string Authorization URL
*/
public function getAuthorizationUrl(array $options = [])
{
$base = $this->getBaseAuthorizationUrl();
$params = $this->getAuthorizationParameters($options);
$query = $this->getAuthorizationQuery($params);
return $this->appendQuery($base, $query);
}
/**
* Redirects the client for authorization.
*
* @param array $options
* @param callable|null $redirectHandler
* @return mixed
*/
public function authorize(
array $options = [],
callable $redirectHandler = null
) {
$url = $this->getAuthorizationUrl($options);
if ($redirectHandler) {
return $redirectHandler($url, $this);
}
// @codeCoverageIgnoreStart
header('Location: ' . $url);
exit;
// @codeCoverageIgnoreEnd
}
/**
* Appends a query string to a URL.
*
* @param string $url The URL to append the query to
* @param string $query The HTTP query string
* @return string The resulting URL
*/
protected function appendQuery($url, $query)
{
$query = trim($query, '?&');
if ($query) {
$glue = strstr($url, '?') === false ? '?' : '&';
return $url . $glue . $query;
}
return $url;
}
/**
* Returns the method to use when requesting an access token.
*
* @return string HTTP method
*/
protected function getAccessTokenMethod()
{
return self::METHOD_POST;
}
/**
* Returns the key used in the access token response to identify the resource owner.
*
* @return string|null Resource owner identifier key
*/
protected function getAccessTokenResourceOwnerId()
{
return static::ACCESS_TOKEN_RESOURCE_OWNER_ID;
}
/**
* Builds the access token URL's query string.
*
* @param array $params Query parameters
* @return string Query string
*/
protected function getAccessTokenQuery(array $params)
{
return $this->buildQueryString($params);
}
/**
* Checks that a provided grant is valid, or attempts to produce one if the
* provided grant is a string.
*
* @param AbstractGrant|string $grant
* @return AbstractGrant
*/
protected function verifyGrant($grant)
{
if (is_string($grant)) {
return $this->grantFactory->getGrant($grant);
}
$this->grantFactory->checkGrant($grant);
return $grant;
}
/**
* Returns the full URL to use when requesting an access token.
*
* @param array $params Query parameters
* @return string
*/
protected function getAccessTokenUrl(array $params)
{
$url = $this->getBaseAccessTokenUrl($params);
if ($this->getAccessTokenMethod() === self::METHOD_GET) {
$query = $this->getAccessTokenQuery($params);
return $this->appendQuery($url, $query);
}
return $url;
}
/**
* Returns a prepared request for requesting an access token.
*
* @param array $params Query string parameters
* @return RequestInterface
*/
protected function getAccessTokenRequest(array $params)
{
$method = $this->getAccessTokenMethod();
$url = $this->getAccessTokenUrl($params);
$options = $this->optionProvider->getAccessTokenOptions($this->getAccessTokenMethod(), $params);
return $this->getRequest($method, $url, $options);
}
/**
* Requests an access token using a specified grant and option set.
*
* @param mixed $grant
* @param array<string, mixed> $options
* @throws IdentityProviderException
* @return AccessTokenInterface
*/
public function getAccessToken($grant, array $options = [])
{
$grant = $this->verifyGrant($grant);
$params = [
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'redirect_uri' => $this->redirectUri,
];
if (!empty($this->pkceCode)) {
$params['code_verifier'] = $this->pkceCode;
}
$params = $grant->prepareRequestParameters($params, $options);
$request = $this->getAccessTokenRequest($params);
$response = $this->getParsedResponse($request);
if (false === is_array($response)) {
throw new UnexpectedValueException(
'Invalid response received from Authorization Server. Expected JSON.'
);
}
$prepared = $this->prepareAccessTokenResponse($response);
$token = $this->createAccessToken($prepared, $grant);
return $token;
}
/**
* Returns a PSR-7 request instance that is not authenticated.
*
* @param string $method
* @param string $url
* @param array $options
* @return RequestInterface
*/
public function getRequest($method, $url, array $options = [])
{
return $this->createRequest($method, $url, null, $options);
}
/**
* Returns an authenticated PSR-7 request instance.
*
* @param string $method
* @param string $url
* @param AccessTokenInterface|string|null $token
* @param array $options Any of "headers", "body", and "protocolVersion".
* @return RequestInterface
*/
public function getAuthenticatedRequest($method, $url, $token, array $options = [])
{
return $this->createRequest($method, $url, $token, $options);
}
/**
* Creates a PSR-7 request instance.
*
* @param string $method
* @param string $url
* @param AccessTokenInterface|string|null $token
* @param array $options
* @return RequestInterface
*/
protected function createRequest($method, $url, $token, array $options)
{
$defaults = [
'headers' => $this->getHeaders($token),
];
$options = array_merge_recursive($defaults, $options);
$factory = $this->getRequestFactory();
return $factory->getRequestWithOptions($method, $url, $options);
}
/**
* Sends a request instance and returns a response instance.
*
* WARNING: This method does not attempt to catch exceptions caused by HTTP
* errors! It is recommended to wrap this method in a try/catch block.
*
* @param RequestInterface $request
* @return ResponseInterface
*/
public function getResponse(RequestInterface $request)
{
return $this->getHttpClient()->send($request);
}
/**
* Sends a request and returns the parsed response.
*
* @param RequestInterface $request
* @throws IdentityProviderException
* @return mixed
*/
public function getParsedResponse(RequestInterface $request)
{
try {
$response = $this->getResponse($request);
} catch (BadResponseException $e) {
$response = $e->getResponse();
}
$parsed = $this->parseResponse($response);
$this->checkResponse($response, $parsed);
return $parsed;
}
/**
* Attempts to parse a JSON response.
*
* @param string $content JSON content from response body
* @return array Parsed JSON data
* @throws UnexpectedValueException if the content could not be parsed
*/
protected function parseJson($content)
{
$content = json_decode($content, true);
if (json_last_error() !== JSON_ERROR_NONE) {
throw new UnexpectedValueException(sprintf(
"Failed to parse JSON response: %s",
json_last_error_msg()
));
}
return $content;
}
/**
* Returns the content type header of a response.
*
* @param ResponseInterface $response
* @return string Semi-colon separated join of content-type headers.
*/
protected function getContentType(ResponseInterface $response)
{
return join(';', (array) $response->getHeader('content-type'));
}
/**
* Parses the response according to its content-type header.
*
* @throws UnexpectedValueException
* @param ResponseInterface $response
* @return array
*/
protected function parseResponse(ResponseInterface $response)
{
$content = (string) $response->getBody();
$type = $this->getContentType($response);
if (strpos($type, 'urlencoded') !== false) {
parse_str($content, $parsed);
return $parsed;
}
// Attempt to parse the string as JSON regardless of content type,
// since some providers use non-standard content types. Only throw an
// exception if the JSON could not be parsed when it was expected to.
try {
return $this->parseJson($content);
} catch (UnexpectedValueException $e) {
if (strpos($type, 'json') !== false) {
throw $e;
}
if ($response->getStatusCode() == 500) {
throw new UnexpectedValueException(
'An OAuth server error was encountered that did not contain a JSON body',
0,
$e
);
}
return $content;
}
}
/**
* Checks a provider response for errors.
*
* @throws IdentityProviderException
* @param ResponseInterface $response
* @param array|string $data Parsed response data
* @return void
*/
abstract protected function checkResponse(ResponseInterface $response, $data);
/**
* Prepares an parsed access token response for a grant.
*
* Custom mapping of expiration, etc should be done here. Always call the
* parent method when overloading this method.
*
* @param mixed $result
* @return array
*/
protected function prepareAccessTokenResponse(array $result)
{
if ($this->getAccessTokenResourceOwnerId() !== null) {
$result['resource_owner_id'] = $this->getValueByKey(
$result,
$this->getAccessTokenResourceOwnerId()
);
}
return $result;
}
/**
* Creates an access token from a response.
*
* The grant that was used to fetch the response can be used to provide
* additional context.
*
* @param array $response
* @param AbstractGrant $grant
* @return AccessTokenInterface
*/
protected function createAccessToken(array $response, AbstractGrant $grant)
{
return new AccessToken($response);
}
/**
* Generates a resource owner object from a successful resource owner
* details request.
*
* @param array $response
* @param AccessToken $token
* @return ResourceOwnerInterface
*/
abstract protected function createResourceOwner(array $response, AccessToken $token);
/**
* Requests and returns the resource owner of given access token.
*
* @param AccessToken $token
* @return ResourceOwnerInterface
*/
public function getResourceOwner(AccessToken $token)
{
$response = $this->fetchResourceOwnerDetails($token);
return $this->createResourceOwner($response, $token);
}
/**
* Requests resource owner details.
*
* @param AccessToken $token
* @return mixed
*/
protected function fetchResourceOwnerDetails(AccessToken $token)
{
$url = $this->getResourceOwnerDetailsUrl($token);
$request = $this->getAuthenticatedRequest(self::METHOD_GET, $url, $token);
$response = $this->getParsedResponse($request);
if (false === is_array($response)) {
throw new UnexpectedValueException(
'Invalid response received from Authorization Server. Expected JSON.'
);
}
return $response;
}
/**
* Returns the default headers used by this provider.
*
* Typically this is used to set 'Accept' or 'Content-Type' headers.
*
* @return array
*/
protected function getDefaultHeaders()
{
return [];
}
/**
* Returns the authorization headers used by this provider.
*
* Typically this is "Bearer" or "MAC". For more information see:
* http://tools.ietf.org/html/rfc6749#section-7.1
*
* No default is provided, providers must overload this method to activate
* authorization headers.
*
* @param mixed|null $token Either a string or an access token instance
* @return array
*/
protected function getAuthorizationHeaders($token = null)
{
return [];
}
/**
* Returns all headers used by this provider for a request.
*
* The request will be authenticated if an access token is provided.
*
* @param mixed|null $token object or string
* @return array
*/
public function getHeaders($token = null)
{
if ($token) {
return array_merge(
$this->getDefaultHeaders(),
$this->getAuthorizationHeaders($token)
);
}
return $this->getDefaultHeaders();
}
}

48
vendor/league/oauth2-client/src/Provider/Exception/IdentityProviderException.php vendored Normal file
View file

@ -0,0 +1,48 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Provider\Exception;
/**
* Exception thrown if the provider response contains errors.
*/
class IdentityProviderException extends \Exception
{
/**
* @var mixed
*/
protected $response;
/**
* @param string $message
* @param int $code
* @param mixed $response The response body
*/
public function __construct($message, $code, $response)
{
$this->response = $response;
parent::__construct($message, $code);
}
/**
* Returns the exception's response body.
*
* @return mixed
*/
public function getResponseBody()
{
return $this->response;
}
}

247
vendor/league/oauth2-client/src/Provider/GenericProvider.php vendored Normal file
View file

@ -0,0 +1,247 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Provider;
use InvalidArgumentException;
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Token\AccessToken;
use League\OAuth2\Client\Tool\BearerAuthorizationTrait;
use Psr\Http\Message\ResponseInterface;
/**
* Represents a generic service provider that may be used to interact with any
* OAuth 2.0 service provider, using Bearer token authentication.
*/
class GenericProvider extends AbstractProvider
{
use BearerAuthorizationTrait;
/**
* @var string
*/
private $urlAuthorize;
/**
* @var string
*/
private $urlAccessToken;
/**
* @var string
*/
private $urlResourceOwnerDetails;
/**
* @var string
*/
private $accessTokenMethod;
/**
* @var string
*/
private $accessTokenResourceOwnerId;
/**
* @var array|null
*/
private $scopes = null;
/**
* @var string
*/
private $scopeSeparator;
/**
* @var string
*/
private $responseError = 'error';
/**
* @var string
*/
private $responseCode;
/**
* @var string
*/
private $responseResourceOwnerId = 'id';
/**
* @var string|null
*/
private $pkceMethod = null;
/**
* @param array $options
* @param array $collaborators
*/
public function __construct(array $options = [], array $collaborators = [])
{
$this->assertRequiredOptions($options);
$possible = $this->getConfigurableOptions();
$configured = array_intersect_key($options, array_flip($possible));
foreach ($configured as $key => $value) {
$this->$key = $value;
}
// Remove all options that are only used locally
$options = array_diff_key($options, $configured);
parent::__construct($options, $collaborators);
}
/**
* Returns all options that can be configured.
*
* @return array
*/
protected function getConfigurableOptions()
{
return array_merge($this->getRequiredOptions(), [
'accessTokenMethod',
'accessTokenResourceOwnerId',
'scopeSeparator',
'responseError',
'responseCode',
'responseResourceOwnerId',
'scopes',
'pkceMethod',
]);
}
/**
* Returns all options that are required.
*
* @return array
*/
protected function getRequiredOptions()
{
return [
'urlAuthorize',
'urlAccessToken',
'urlResourceOwnerDetails',
];
}
/**
* Verifies that all required options have been passed.
*
* @param array $options
* @return void
* @throws InvalidArgumentException
*/
private function assertRequiredOptions(array $options)
{
$missing = array_diff_key(array_flip($this->getRequiredOptions()), $options);
if (!empty($missing)) {
throw new InvalidArgumentException(
'Required options not defined: ' . implode(', ', array_keys($missing))
);
}
}
/**
* @inheritdoc
*/
public function getBaseAuthorizationUrl()
{
return $this->urlAuthorize;
}
/**
* @inheritdoc
*/
public function getBaseAccessTokenUrl(array $params)
{
return $this->urlAccessToken;
}
/**
* @inheritdoc
*/
public function getResourceOwnerDetailsUrl(AccessToken $token)
{
return $this->urlResourceOwnerDetails;
}
/**
* @inheritdoc
*/
public function getDefaultScopes()
{
return $this->scopes;
}
/**
* @inheritdoc
*/
protected function getAccessTokenMethod()
{
return $this->accessTokenMethod ?: parent::getAccessTokenMethod();
}
/**
* @inheritdoc
*/
protected function getAccessTokenResourceOwnerId()
{
return $this->accessTokenResourceOwnerId ?: parent::getAccessTokenResourceOwnerId();
}
/**
* @inheritdoc
*/
protected function getScopeSeparator()
{
return $this->scopeSeparator ?: parent::getScopeSeparator();
}
/**
* @inheritdoc
*/
protected function getPkceMethod()
{
return $this->pkceMethod ?: parent::getPkceMethod();
}
/**
* @inheritdoc
*/
protected function checkResponse(ResponseInterface $response, $data)
{
if (!empty($data[$this->responseError])) {
$error = $data[$this->responseError];
if (!is_string($error)) {
$error = var_export($error, true);
}
$code = $this->responseCode && !empty($data[$this->responseCode])? $data[$this->responseCode] : 0;
if (!is_int($code)) {
$code = intval($code);
}
throw new IdentityProviderException($error, $code, $data);
}
}
/**
* @inheritdoc
*/
protected function createResourceOwner(array $response, AccessToken $token)
{
return new GenericResourceOwner($response, $this->responseResourceOwnerId);
}
}

61
vendor/league/oauth2-client/src/Provider/GenericResourceOwner.php vendored Normal file
View file

@ -0,0 +1,61 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Provider;
/**
* Represents a generic resource owner for use with the GenericProvider.
*/
class GenericResourceOwner implements ResourceOwnerInterface
{
/**
* @var array
*/
protected $response;
/**
* @var string
*/
protected $resourceOwnerId;
/**
* @param array $response
* @param string $resourceOwnerId
*/
public function __construct(array $response, $resourceOwnerId)
{
$this->response = $response;
$this->resourceOwnerId = $resourceOwnerId;
}
/**
* Returns the identifier of the authorized resource owner.
*
* @return mixed
*/
public function getId()
{
return $this->response[$this->resourceOwnerId];
}
/**
* Returns the raw resource owner response.
*
* @return array
*/
public function toArray()
{
return $this->response;
}
}

36
vendor/league/oauth2-client/src/Provider/ResourceOwnerInterface.php vendored Normal file
View file

@ -0,0 +1,36 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Provider;
/**
* Classes implementing `ResourceOwnerInterface` may be used to represent
* the resource owner authenticated with a service provider.
*/
interface ResourceOwnerInterface
{
/**
* Returns the identifier of the authorized resource owner.
*
* @return mixed
*/
public function getId();
/**
* Return all of the owner details available as an array.
*
* @return array
*/
public function toArray();
}

243
vendor/league/oauth2-client/src/Token/AccessToken.php vendored Normal file
View file

@ -0,0 +1,243 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Token;
use InvalidArgumentException;
use RuntimeException;
/**
* Represents an access token.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.4 Access Token (RFC 6749, §1.4)
*/
class AccessToken implements AccessTokenInterface, ResourceOwnerAccessTokenInterface
{
/**
* @var string
*/
protected $accessToken;
/**
* @var int
*/
protected $expires;
/**
* @var string
*/
protected $refreshToken;
/**
* @var string
*/
protected $resourceOwnerId;
/**
* @var array
*/
protected $values = [];
/**
* @var int
*/
private static $timeNow;
/**
* Set the time now. This should only be used for testing purposes.
*
* @param int $timeNow the time in seconds since epoch
* @return void
*/
public static function setTimeNow($timeNow)
{
self::$timeNow = $timeNow;
}
/**
* Reset the time now if it was set for test purposes.
*
* @return void
*/
public static function resetTimeNow()
{
self::$timeNow = null;
}
/**
* @return int
*/
public function getTimeNow()
{
return self::$timeNow ? self::$timeNow : time();
}
/**
* Constructs an access token.
*
* @param array $options An array of options returned by the service provider
* in the access token request. The `access_token` option is required.
* @throws InvalidArgumentException if `access_token` is not provided in `$options`.
*/
public function __construct(array $options = [])
{
if (empty($options['access_token'])) {
throw new InvalidArgumentException('Required option not passed: "access_token"');
}
$this->accessToken = $options['access_token'];
if (!empty($options['resource_owner_id'])) {
$this->resourceOwnerId = $options['resource_owner_id'];
}
if (!empty($options['refresh_token'])) {
$this->refreshToken = $options['refresh_token'];
}
// We need to know when the token expires. Show preference to
// 'expires_in' since it is defined in RFC6749 Section 5.1.
// Defer to 'expires' if it is provided instead.
if (isset($options['expires_in'])) {
if (!is_numeric($options['expires_in'])) {
throw new \InvalidArgumentException('expires_in value must be an integer');
}
$this->expires = $options['expires_in'] != 0 ? $this->getTimeNow() + $options['expires_in'] : 0;
} elseif (!empty($options['expires'])) {
// Some providers supply the seconds until expiration rather than
// the exact timestamp. Take a best guess at which we received.
$expires = $options['expires'];
if (!$this->isExpirationTimestamp($expires)) {
$expires += $this->getTimeNow();
}
$this->expires = $expires;
}
// Capture any additional values that might exist in the token but are
// not part of the standard response. Vendors will sometimes pass
// additional user data this way.
$this->values = array_diff_key($options, array_flip([
'access_token',
'resource_owner_id',
'refresh_token',
'expires_in',
'expires',
]));
}
/**
* Check if a value is an expiration timestamp or second value.
*
* @param integer $value
* @return bool
*/
protected function isExpirationTimestamp($value)
{
// If the given value is larger than the original OAuth 2 draft date,
// assume that it is meant to be a (possible expired) timestamp.
$oauth2InceptionDate = 1349067600; // 2012-10-01
return ($value > $oauth2InceptionDate);
}
/**
* @inheritdoc
*/
public function getToken()
{
return $this->accessToken;
}
/**
* @inheritdoc
*/
public function getRefreshToken()
{
return $this->refreshToken;
}
/**
* @inheritdoc
*/
public function getExpires()
{
return $this->expires;
}
/**
* @inheritdoc
*/
public function getResourceOwnerId()
{
return $this->resourceOwnerId;
}
/**
* @inheritdoc
*/
public function hasExpired()
{
$expires = $this->getExpires();
if (empty($expires)) {
throw new RuntimeException('"expires" is not set on the token');
}
return $expires < time();
}
/**
* @inheritdoc
*/
public function getValues()
{
return $this->values;
}
/**
* @inheritdoc
*/
public function __toString()
{
return (string) $this->getToken();
}
/**
* @inheritdoc
*/
public function jsonSerialize()
{
$parameters = $this->values;
if ($this->accessToken) {
$parameters['access_token'] = $this->accessToken;
}
if ($this->refreshToken) {
$parameters['refresh_token'] = $this->refreshToken;
}
if ($this->expires) {
$parameters['expires'] = $this->expires;
}
if ($this->resourceOwnerId) {
$parameters['resource_owner_id'] = $this->resourceOwnerId;
}
return $parameters;
}
}

74
vendor/league/oauth2-client/src/Token/AccessTokenInterface.php vendored Normal file
View file

@ -0,0 +1,74 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Token;
use JsonSerializable;
use ReturnTypeWillChange;
use RuntimeException;
interface AccessTokenInterface extends JsonSerializable
{
/**
* Returns the access token string of this instance.
*
* @return string
*/
public function getToken();
/**
* Returns the refresh token, if defined.
*
* @return string|null
*/
public function getRefreshToken();
/**
* Returns the expiration timestamp in seconds, if defined.
*
* @return integer|null
*/
public function getExpires();
/**
* Checks if this token has expired.
*
* @return boolean true if the token has expired, false otherwise.
* @throws RuntimeException if 'expires' is not set on the token.
*/
public function hasExpired();
/**
* Returns additional vendor values stored in the token.
*
* @return array
*/
public function getValues();
/**
* Returns a string representation of the access token
*
* @return string
*/
public function __toString();
/**
* Returns an array of parameters to serialize when this is serialized with
* json_encode().
*
* @return array
*/
#[ReturnTypeWillChange]
public function jsonSerialize();
}

25
vendor/league/oauth2-client/src/Token/ResourceOwnerAccessTokenInterface.php vendored Normal file
View file

@ -0,0 +1,25 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Token;
interface ResourceOwnerAccessTokenInterface extends AccessTokenInterface
{
/**
* Returns the resource owner identifier, if defined.
*
* @return string|null
*/
public function getResourceOwnerId();
}

52
vendor/league/oauth2-client/src/Tool/ArrayAccessorTrait.php vendored Normal file
View file

@ -0,0 +1,52 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Tool;
/**
* Provides generic array navigation tools.
*/
trait ArrayAccessorTrait
{
/**
* Returns a value by key using dot notation.
*
* @param array $data
* @param string $key
* @param mixed|null $default
* @return mixed
*/
private function getValueByKey(array $data, $key, $default = null)
{
if (!is_string($key) || empty($key) || !count($data)) {
return $default;
}
if (strpos($key, '.') !== false) {
$keys = explode('.', $key);
foreach ($keys as $innerKey) {
if (!is_array($data) || !array_key_exists($innerKey, $data)) {
return $default;
}
$data = $data[$innerKey];
}
return $data;
}
return array_key_exists($key, $data) ? $data[$key] : $default;
}
}

36
vendor/league/oauth2-client/src/Tool/BearerAuthorizationTrait.php vendored Normal file
View file

@ -0,0 +1,36 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Tool;
use League\OAuth2\Client\Token\AccessTokenInterface;
/**
* Enables `Bearer` header authorization for providers.
*
* @link http://tools.ietf.org/html/rfc6750 Bearer Token Usage (RFC 6750)
*/
trait BearerAuthorizationTrait
{
/**
* Returns authorization headers for the 'bearer' grant.
*
* @param AccessTokenInterface|string|null $token Either a string or an access token instance
* @return array
*/
protected function getAuthorizationHeaders($token = null)
{
return ['Authorization' => 'Bearer ' . $token];
}
}

70
vendor/league/oauth2-client/src/Tool/GuardedPropertyTrait.php vendored Normal file
View file

@ -0,0 +1,70 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Tool;
/**
* Provides support for blacklisting explicit properties from the
* mass assignment behavior.
*/
trait GuardedPropertyTrait
{
/**
* The properties that aren't mass assignable.
*
* @var array
*/
protected $guarded = [];
/**
* Attempts to mass assign the given options to explicitly defined properties,
* skipping over any properties that are defined in the guarded array.
*
* @param array $options
* @return mixed
*/
protected function fillProperties(array $options = [])
{
if (isset($options['guarded'])) {
unset($options['guarded']);
}
foreach ($options as $option => $value) {
if (property_exists($this, $option) && !$this->isGuarded($option)) {
$this->{$option} = $value;
}
}
}
/**
* Returns current guarded properties.
*
* @return array
*/
public function getGuarded()
{
return $this->guarded;
}
/**
* Determines if the given property is guarded.
*
* @param string $property
* @return bool
*/
public function isGuarded($property)
{
return in_array($property, $this->getGuarded());
}
}

83
vendor/league/oauth2-client/src/Tool/MacAuthorizationTrait.php vendored Normal file
View file

@ -0,0 +1,83 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Tool;
use League\OAuth2\Client\Token\AccessToken;
use League\OAuth2\Client\Token\AccessTokenInterface;
/**
* Enables `MAC` header authorization for providers.
*
* @link http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-05 Message Authentication Code (MAC) Tokens
*/
trait MacAuthorizationTrait
{
/**
* Returns the id of this token for MAC generation.
*
* @param AccessToken $token
* @return string
*/
abstract protected function getTokenId(AccessToken $token);
/**
* Returns the MAC signature for the current request.
*
* @param string $id
* @param integer $ts
* @param string $nonce
* @return string
*/
abstract protected function getMacSignature($id, $ts, $nonce);
/**
* Returns a new random string to use as the state parameter in an
* authorization flow.
*
* @param int $length Length of the random string to be generated.
* @return string
*/
abstract protected function getRandomState($length = 32);
/**
* Returns the authorization headers for the 'mac' grant.
*
* @param AccessTokenInterface|string|null $token Either a string or an access token instance
* @return array
* @codeCoverageIgnore
*
* @todo This is currently untested and provided only as an example. If you
* complete the implementation, please create a pull request for
* https://github.com/thephpleague/oauth2-client
*/
protected function getAuthorizationHeaders($token = null)
{
if ($token === null) {
return [];
}
$ts = time();
$id = $this->getTokenId($token);
$nonce = $this->getRandomState(16);
$mac = $this->getMacSignature($id, $ts, $nonce);
$parts = [];
foreach (compact('id', 'ts', 'nonce', 'mac') as $key => $value) {
$parts[] = sprintf('%s="%s"', $key, $value);
}
return ['Authorization' => 'MAC ' . implode(', ', $parts)];
}
}

122
vendor/league/oauth2-client/src/Tool/ProviderRedirectTrait.php vendored Normal file
View file

@ -0,0 +1,122 @@
<?php
namespace League\OAuth2\Client\Tool;
use GuzzleHttp\Exception\BadResponseException;
use GuzzleHttp\Psr7\Uri;
use InvalidArgumentException;
use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\ResponseInterface;
trait ProviderRedirectTrait
{
/**
* Maximum number of times to follow provider initiated redirects
*
* @var integer
*/
protected $redirectLimit = 2;
/**
* Retrieves a response for a given request and retrieves subsequent
* responses, with authorization headers, if a redirect is detected.
*
* @param RequestInterface $request
* @return ResponseInterface
* @throws BadResponseException
*/
protected function followRequestRedirects(RequestInterface $request)
{
$response = null;
$attempts = 0;
while ($attempts < $this->redirectLimit) {
$attempts++;
$response = $this->getHttpClient()->send($request, [
'allow_redirects' => false
]);
if ($this->isRedirect($response)) {
$redirectUrl = new Uri($response->getHeader('Location')[0]);
$request = $request->withUri($redirectUrl);
} else {
break;
}
}
return $response;
}
/**
* Returns the HTTP client instance.
*
* @return GuzzleHttp\ClientInterface
*/
abstract public function getHttpClient();
/**
* Retrieves current redirect limit.
*
* @return integer
*/
public function getRedirectLimit()
{
return $this->redirectLimit;
}
/**
* Determines if a given response is a redirect.
*
* @param ResponseInterface $response
*
* @return boolean
*/
protected function isRedirect(ResponseInterface $response)
{
$statusCode = $response->getStatusCode();
return $statusCode > 300 && $statusCode < 400 && $response->hasHeader('Location');
}
/**
* Sends a request instance and returns a response instance.
*
* WARNING: This method does not attempt to catch exceptions caused by HTTP
* errors! It is recommended to wrap this method in a try/catch block.
*
* @param RequestInterface $request
* @return ResponseInterface
*/
public function getResponse(RequestInterface $request)
{
try {
$response = $this->followRequestRedirects($request);
} catch (BadResponseException $e) {
$response = $e->getResponse();
}
return $response;
}
/**
* Updates the redirect limit.
*
* @param integer $limit
* @return League\OAuth2\Client\Provider\AbstractProvider
* @throws InvalidArgumentException
*/
public function setRedirectLimit($limit)
{
if (!is_int($limit)) {
throw new InvalidArgumentException('redirectLimit must be an integer.');
}
if ($limit < 1) {
throw new InvalidArgumentException('redirectLimit must be greater than or equal to one.');
}
$this->redirectLimit = $limit;
return $this;
}
}

33
vendor/league/oauth2-client/src/Tool/QueryBuilderTrait.php vendored Normal file
View file

@ -0,0 +1,33 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Tool;
/**
* Provides a standard way to generate query strings.
*/
trait QueryBuilderTrait
{
/**
* Build a query string from an array.
*
* @param array $params
*
* @return string
*/
protected function buildQueryString(array $params)
{
return http_build_query($params, '', '&', \PHP_QUERY_RFC3986);
}
}

87
vendor/league/oauth2-client/src/Tool/RequestFactory.php vendored Normal file
View file

@ -0,0 +1,87 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Tool;
use GuzzleHttp\Psr7\Request;
/**
* Used to produce PSR-7 Request instances.
*
* @link https://github.com/guzzle/guzzle/pull/1101
*/
class RequestFactory
{
/**
* Creates a PSR-7 Request instance.
*
* @param null|string $method HTTP method for the request.
* @param null|string $uri URI for the request.
* @param array $headers Headers for the message.
* @param string|resource|StreamInterface $body Message body.
* @param string $version HTTP protocol version.
*
* @return Request
*/
public function getRequest(
$method,
$uri,
array $headers = [],
$body = null,
$version = '1.1'
) {
return new Request($method, $uri, $headers, $body, $version);
}
/**
* Parses simplified options.
*
* @param array $options Simplified options.
*
* @return array Extended options for use with getRequest.
*/
protected function parseOptions(array $options)
{
// Should match default values for getRequest
$defaults = [
'headers' => [],
'body' => null,
'version' => '1.1',
];
return array_merge($defaults, $options);
}
/**
* Creates a request using a simplified array of options.
*
* @param null|string $method
* @param null|string $uri
* @param array $options
*
* @return Request
*/
public function getRequestWithOptions($method, $uri, array $options = [])
{
$options = $this->parseOptions($options);
return $this->getRequest(
$method,
$uri,
$options['headers'],
$options['body'],
$options['version']
);
}
}

56
vendor/league/oauth2-client/src/Tool/RequiredParameterTrait.php vendored Normal file
View file

@ -0,0 +1,56 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace League\OAuth2\Client\Tool;
use BadMethodCallException;
/**
* Provides functionality to check for required parameters.
*/
trait RequiredParameterTrait
{
/**
* Checks for a required parameter in a hash.
*
* @throws BadMethodCallException
* @param string $name
* @param array $params
* @return void
*/
private function checkRequiredParameter($name, array $params)
{
if (!isset($params[$name])) {
throw new BadMethodCallException(sprintf(
'Required parameter not passed: "%s"',
$name
));
}
}
/**
* Checks for multiple required parameters in a hash.
*
* @throws InvalidArgumentException
* @param array $names
* @param array $params
* @return void
*/
private function checkRequiredParameters(array $names, array $params)
{
foreach ($names as $name) {
$this->checkRequiredParameter($name, $params);
}
}
}