Skip to content

Fix/bootstrap #208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
ylebre wants to merge 11 commits into from
Closed

Fix/bootstrap #208

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
b5274fa
handle token request cases for authorization_code and refresh_token d…
ylebre Jun 23, 2025
f8fb8fa
Get client_id from either GET or POST
ylebre Jun 25, 2025
9dbf457
Change PHP Codesniffer style so `break` and `case` need to be indente…
Potherca Jun 26, 2025
e6906c6
rename decrypt call
ylebre Jun 26, 2025
e93cac6
remove client_secret
ylebre Jun 26, 2025
80ee0f9
straight from GET or POST
ylebre Jun 26, 2025
487936c
remove elseif nag
ylebre Jun 26, 2025
490efe9
fix indentation
ylebre Jun 26, 2025
ae6bd93
remove switch case property that is not working as intended
ylebre Jun 26, 2025
28384b5
exclude PSR2.ControlStructures.ControlStructureSpacing.SpacingAfterOp…
ylebre Jun 26, 2025
35e4294
inject
ylebre Jun 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .config/phpcs.xml.dist
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,13 @@
<rule ref="PHPCompatibility"/>
<config name="testVersion" value="8.0-"/>

<!-- Set indent for `break` to 0 so it aligns with `case` and `default` -->
<rule ref="PSR2">
<exclude name="PSR2.ControlStructures.SwitchDeclaration"/>
<exclude name="PSR2.ControlStructures.ElseIfDeclaration.NotAllowed"/>
<exclude name="PSR2.ControlStructures.ControlStructureSpacing.SpacingAfterOpenBrace"/>
</rule>

<!-- Include the whole PSR-12 standard -->
<rule ref="PSR12">
<!-- Until things have been cleaned up a bit, these violations are allowed -->
Expand Down
6 changes: 5 additions & 1 deletion solid/lib/AppInfo/Application.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,11 @@ public function register(IRegistrationContext $context): void {
}

public function boot(IBootContext $context): void {
self::$userSubDomainsEnabled = OC::$server->get(AppConfig::class)->getValueBool(self::APP_ID, 'userSubDomainsEnabled');
$context->injectFn($this->registerUserSubDomains(...));
require_once(__DIR__.'/../../vendor/autoload.php');
}

protected function registerUserSubDomains(IAppConfig $config): void {
self::$userSubDomainsEnabled = $config->getValueBool(self::APP_ID, 'userSubDomainsEnabled');
}
}
48 changes: 35 additions & 13 deletions solid/lib/Controller/ServerController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,12 @@ private function getKeys() {
}

private function createAuthServerConfig() {
$clientId = isset($_GET['client_id']) ? $_GET['client_id'] : null;
$clientId = null;
if (isset($_GET['client_id'])) {
$clientId = $_GET['client_id'];
} else if (isset($_POST['client_id'])) {
$clientId = $_POST['client_id'];
}
$client = $this->getClient($clientId);
$keys = $this->getKeys();
try {
Expand Down Expand Up @@ -297,7 +302,25 @@ public function session() {
*/
public function token() {
$request = \Laminas\Diactoros\ServerRequestFactory::fromGlobals($_SERVER, $_GET, $_POST, $_COOKIE, $_FILES);
$code = $request->getParsedBody()['code'];
$grantType = $request->getParsedBody()['grant_type'];
switch ($grantType) {
case "authorization_code":
$code = $request->getParsedBody()['code'];
// FIXME: not sure if decoding this here is the way to go.
// FIXME: because this is a public page, the nonce from the session is not available here.
$codeInfo = $this->tokenGenerator->getCodeInfo($code);
$userId = $codeInfo['user_id'];
break;
case "refresh_token":
$refreshToken = $request->getParsedBody()['refresh_token'];
$tokenInfo = $this->tokenGenerator->getCodeInfo($refreshToken); // FIXME: getCodeInfo should be named 'decrypt' or 'getInfo'?
$userId = $tokenInfo['user_id'];
break;
default:
$userId = false;
break;
}

$clientId = $request->getParsedBody()['client_id'];

$httpDpop = $request->getServerParams()['HTTP_DPOP'];
Expand All @@ -306,17 +329,16 @@ public function token() {
$server = new \Pdsinterop\Solid\Auth\Server($this->authServerFactory, $this->authServerConfig, $response);
$response = $server->respondToAccessTokenRequest($request);

// FIXME: not sure if decoding this here is the way to go.
// FIXME: because this is a public page, the nonce from the session is not available here.
$codeInfo = $this->tokenGenerator->getCodeInfo($code);
$response = $this->tokenGenerator->addIdTokenToResponse(
$response,
$clientId,
$codeInfo['user_id'],
($_SESSION['nonce'] ?? ''),
$this->config->getPrivateKey(),
$httpDpop
);
if ($userId) {
$response = $this->tokenGenerator->addIdTokenToResponse(
$response,
$clientId,
$userId,
($_SESSION['nonce'] ?? ''),
$this->config->getPrivateKey(),
$httpDpop
);
}

return $this->respond($response); // ->addHeader('Access-Control-Allow-Origin', '*');
}
Expand Down
1 change: 0 additions & 1 deletion solid/tests/Integration/AppTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
use OCP\AppFramework\App;
use Test\TestCase;


/**
* This test shows how to make a small Integration Test. Query your class
* directly from the container, only pass in mocks if needed and run your tests
Expand Down
Loading