diff --git a/src/Entity/Client.php b/src/Entity/Client.php index b5943a8..f5259fc 100644 --- a/src/Entity/Client.php +++ b/src/Entity/Client.php @@ -20,9 +20,9 @@ class Client implements ClientEntityInterface * @param bool $isConfidential */ public function __construct( - string $identifier = null, - string $name = null, - array $redirectUri = null, + ?string $identifier = null, + ?string $name = null, + ?array $redirectUri = null, bool $isConfidential = false ) { $this->isConfidential = $isConfidential; diff --git a/src/Server.php b/src/Server.php index 4ebd491..6e098d1 100644 --- a/src/Server.php +++ b/src/Server.php @@ -59,9 +59,9 @@ final public function respondToDynamicClientRegistrationRequest(Request $request final public function respondToAuthorizationRequest( Request $request, - User $user = null, - bool $authorizationApproved = null, - callable $callback = null + ?User $user = null, + ?bool $authorizationApproved = null, + ?callable $callback = null ) : Response { $serverConfig = $this->config->getServer(); $authorizationServer = $this->authorizationServer; diff --git a/src/TokenGenerator.php b/src/TokenGenerator.php index 55ec8c2..55308e5 100644 --- a/src/TokenGenerator.php +++ b/src/TokenGenerator.php @@ -190,7 +190,6 @@ public function addIdTokenToResponse($response, $clientId, $subject, $nonce, $pr if (isset($body['error'])) { return $response; } - $accessToken = $this->generateAccessToken($clientId, $subject); $accessToken = $this->bindDpop($dpop, $accessToken); $accessToken = $this->signToken($accessToken); diff --git a/src/WAC.php b/src/WAC.php index 68b1aad..07da935 100644 --- a/src/WAC.php +++ b/src/WAC.php @@ -53,10 +53,10 @@ public function isAllowed($request, $webId, $origin=false, $allowedOrigins=[]) { $uri = $request->getUri(); $parentUri = $this->getParentUri($uri); - // @FIXME: $origin can be anything at this point, null, string, array, bool - // This causes trouble downstream where an unchecked `parse_url($origin)['host'];` occurs + // @FIXME: $origin can be anything at this point, null, string, array, bool + // This causes trouble downstream where an unchecked `parse_url($origin)['host'];` occurs - foreach ($requestedGrants as $requestedGrant) { + foreach ($requestedGrants as $requestedGrant) { switch ($requestedGrant['type']) { case "resource": if ($this->isPublicGranted($requestedGrant['grants'], $uri)) { @@ -141,9 +141,9 @@ private function isOriginGranted($requestedGrants, $uri, $origin, $allowedOrigin ) { return true; } - //error_log("REQUESTED GRANT: " . join(" or ", $requestedGrants) . " on $uri"); + // error_log("REQUESTED GRANT: " . join(" or ", $requestedGrants) . " on $uri"); $grants = $this->getOriginGrants($uri, $origin); - //error_log("GRANTED GRANTS for origin $origin: " . json_encode($grants)); + // error_log("GRANTED GRANTS for origin $origin: " . json_encode($grants)); return $this->checkGrants($requestedGrants, $uri, $grants); } @@ -307,14 +307,13 @@ private function getAclPath($path) { foreach ($aclOptions as $aclPath) { if ( - $this->filesystem->has($aclPath) - && $this->filesystem->read($aclPath) !== false + $this->filesystem->has($aclPath) && $this->filesystem->read($aclPath) !== false ) { return $aclPath; } } - //error_log("Seeking .acl from $path"); + // error_log("Seeking .acl from $path"); // see: https://github.com/solid/web-access-control-spec#acl-inheritance-algorithm // check for acl:default predicate, if not found, continue searching up the directory tree return $this->getParentAcl($path); @@ -323,10 +322,10 @@ private function normalizePath($path) { return preg_replace("|//|", "/", $path); } private function getParentAcl($path) { - //error_log("GET PARENT ACL $path"); - if ($this->filesystem->has($path.'/.acl')) { - //error_log("CHECKING ACL FILE ON $path/.acl"); - return $path . "/.acl"; + // error_log("GET PARENT ACL $path"); + if ($this->filesystem->has($this->normalizePath($path.'/.acl'))) { + // error_log("CHECKING ACL FILE ON $path/.acl"); + return $this->normalizePath($path . "/.acl"); } $parent = dirname($path); if ($parent == $path) {