flash/oatmeal
flash/oatmeal
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixes + make scope field optional.

Browse source
This commit is contained in:
flash 2024-09-03 16:14:03 +00:00
parent e32f37bc67
commit 33dd519029
6 changed files with 26 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
oatmeal.php
View file

@ -1,9 +1,6 @@
<?php <?php
namespace Oatmeal; namespace Oatmeal;
use Index\Environment;
use Index\Data\DbTools;
define('OAT_STARTUP', microtime(true)); define('OAT_STARTUP', microtime(true));
define('OAT_ROOT', __DIR__); define('OAT_ROOT', __DIR__);
define('OAT_DEBUG', is_file(OAT_ROOT . '/.debug')); define('OAT_DEBUG', is_file(OAT_ROOT . '/.debug'));
@ -12,9 +9,9 @@ define('OAT_DIR_SOURCE', OAT_ROOT . '/src');
require_once OAT_ROOT . '/vendor/autoload.php'; require_once OAT_ROOT . '/vendor/autoload.php';
Environment::setDebug(OAT_DEBUG); error_reporting(OAT_DEBUG ? -1 : 0);
mb_internal_encoding('utf-8'); mb_internal_encoding('UTF-8');
date_default_timezone_set('utc'); date_default_timezone_set('GMT');
$oatmeal = new OatmealContext((function() { $oatmeal = new OatmealContext((function() {
$path = OAT_ROOT . '/.rng'; $path = OAT_ROOT . '/.rng';

9
src/AuthzCodeRoutes.php
View file

@ -1,10 +1,8 @@
<?php <?php
namespace Oatmeal; namespace Oatmeal;
use Index\XString; use Index\{CSRFP,UriBase64,XString};
use Index\Http\Routing\{HttpGet,HttpPost,RouteHandler}; use Index\Http\Routing\{HttpGet,HttpPost,RouteHandler};
use Index\Security\CSRFP;
use Index\Serialisation\UriBase64;
final class AuthzCodeRoutes extends RouteHandler { final class AuthzCodeRoutes extends RouteHandler {
public function __construct( public function __construct(
@ -58,7 +56,7 @@ final class AuthzCodeRoutes extends RouteHandler {
<div> <div>
<label> <label>
<span>Scope:</span> <span>Scope:</span>
<input type=text name=scope required> <input type=text name=scope>
</label> </label>
</div> </div>
<div> <div>
@ -146,9 +144,10 @@ HTML;
$query = [ $query = [
'response_type' => 'code', 'response_type' => 'code',
'client_id' => $clientId, 'client_id' => $clientId,
'scope' => $scope,
]; ];
if($scope !== '')
$query['scope'] = $scope;
if($redirectUri !== '') if($redirectUri !== '')
$query['redirect_uri'] = $redirectUri; $query['redirect_uri'] = $redirectUri;
if($state !== '') if($state !== '')

2
src/ClientCredsRoutes.php
View file

@ -1,8 +1,8 @@
<?php <?php
namespace Oatmeal; namespace Oatmeal;
use Index\CSRFP;
use Index\Http\Routing\{HttpGet,HttpPost,RouteHandler}; use Index\Http\Routing\{HttpGet,HttpPost,RouteHandler};
use Index\Security\CSRFP;
final class ClientCredsRoutes extends RouteHandler { final class ClientCredsRoutes extends RouteHandler {
public function __construct( public function __construct(

9
src/DeviceCodeRoutes.php
View file

@ -1,8 +1,8 @@
<?php <?php
namespace Oatmeal; namespace Oatmeal;
use Index\CSRFP;
use Index\Http\Routing\{HttpGet,HttpPost,RouteHandler}; use Index\Http\Routing\{HttpGet,HttpPost,RouteHandler};
use Index\Security\CSRFP;
final class DeviceCodeRoutes extends RouteHandler { final class DeviceCodeRoutes extends RouteHandler {
public function __construct( public function __construct(
@ -53,7 +53,7 @@ final class DeviceCodeRoutes extends RouteHandler {
<div> <div>
<label> <label>
<span>Scope:</span> <span>Scope:</span>
<input type=text name=scope required> <input type=text name=scope>
</label> </label>
</div> </div>
<div> <div>
@ -93,7 +93,10 @@ HTML;
$scope = (string)$content->getParam('scope'); $scope = (string)$content->getParam('scope');
$headers = []; $headers = [];
$body = ['scope' => $scope]; $body = [];
if($scope !== '')
$body['scope'] = $scope;
if($clientSecret === '') if($clientSecret === '')
$body['client_id'] = $clientId; $body['client_id'] = $clientId;

2
src/OatmealContext.php
View file

@ -1,8 +1,8 @@
<?php <?php
namespace Oatmeal; namespace Oatmeal;
use Index\CSRFP;
use Index\Http\Routing\{HttpRouter,IRouter,IRouteHandler}; use Index\Http\Routing\{HttpRouter,IRouter,IRouteHandler};
use Index\Security\CSRFP;
class OatmealContext { class OatmealContext {
private CSRFP $csrfp; private CSRFP $csrfp;

12
src/RefreshTokenRoutes.php
View file

@ -1,8 +1,8 @@
<?php <?php
namespace Oatmeal; namespace Oatmeal;
use Index\CSRFP;
use Index\Http\Routing\{HttpGet,HttpPost,RouteHandler}; use Index\Http\Routing\{HttpGet,HttpPost,RouteHandler};
use Index\Security\CSRFP;
final class RefreshTokenRoutes extends RouteHandler { final class RefreshTokenRoutes extends RouteHandler {
public function __construct( public function __construct(
@ -50,6 +50,12 @@ final class RefreshTokenRoutes extends RouteHandler {
<input type=password name=client_secret> <input type=password name=client_secret>
</label> </label>
</div> </div>
<div>
<label>
<span>Scope:</span>
<input type=text name=scope>
</label>
</div>
<div> <div>
<span>Authentication:</span> <span>Authentication:</span>
<label> <label>
@ -101,6 +107,7 @@ HTML;
$clientSecret = (string)$content->getParam('client_secret'); $clientSecret = (string)$content->getParam('client_secret');
$refreshToken = (string)$content->getParam('refresh_token'); $refreshToken = (string)$content->getParam('refresh_token');
$auth = (string)$content->getParam('auth'); $auth = (string)$content->getParam('auth');
$scope = (string)$content->getParam('scope');
$headers = []; $headers = [];
$body = [ $body = [
@ -108,6 +115,9 @@ HTML;
'refresh_token' => $refreshToken, 'refresh_token' => $refreshToken,
]; ];
if($scope !== '')
$body['scope'] = $scope;
if($clientSecret === '') if($clientSecret === '')
$body['client_id'] = $clientId; $body['client_id'] = $clientId;
elseif($auth === 'body' || ($auth !== 'header' && mt_rand(0, 10) > 5)) { elseif($auth === 'body' || ($auth !== 'header' && mt_rand(0, 10) > 5)) {