From add1b0b67f587d35e6d87871180c81d764d9bf0d Mon Sep 17 00:00:00 2001 From: Jan Kristinus Date: Sat, 23 Sep 2023 17:19:23 +0200 Subject: [PATCH] workflow und phpstan level 5 CS --- .github/workflows/code-style.yml | 42 + .github/workflows/phpstan.yml | 27 - .github/workflows/phpunit.yml | 84 + .github/workflows/publish-to-redaxo.yml | 24 + .github/workflows/rexlint.yml | 20 - .github/workflows/rexstan.yml | 92 + .gitignore | 5 +- .php-cs-fixer.dist.php | 11 + .tools/bootstrap.php | 13 + .tools/rexstan.php | 40 + boot.php | 8 +- composer.json | 22 + composer.lock | 4251 +++++++++++++++- install.php | 2 +- lib/ycom.php | 4 +- lib/ycom_log.php | 8 +- lib/yform/value/ycom_user.php | 2 +- pages/docs.php | 8 +- pages/index.php | 1 - phpunit.xml.dist | 21 + plugins/auth/boot.php | 6 +- plugins/auth/composer.json | 8 - plugins/auth/composer.lock | 956 ---- plugins/auth/install.php | 8 +- plugins/auth/lib/ycom_auth.php | 91 +- plugins/auth/lib/ycom_auth_rules.php | 6 +- plugins/auth/lib/ycom_user_session.php | 7 +- .../auth/lib/yform/action/ycom_auth_db.php | 2 +- .../lib/yform/trait_value_auth_extern.php | 16 +- plugins/auth/lib/yform/validate/ycom_auth.php | 7 +- .../auth/lib/yform/value/ycom_auth_cas.php | 13 +- .../auth/lib/yform/value/ycom_auth_oauth2.php | 8 +- .../lib/yform/value/ycom_auth_returnto.php | 1 - .../auth/lib/yform/value/ycom_auth_saml.php | 8 +- plugins/auth/pages/content.ycom_auth.php | 6 +- plugins/auth/pages/log.php | 2 +- plugins/auth/pages/sessions.php | 6 +- plugins/auth/pages/settings.php | 64 +- plugins/auth/pages/system.log.ycom_user.php | 8 +- plugins/auth/update.php | 2 +- .../auth/vendor/apereo/phpcas/.gitattributes | 7 - plugins/auth/vendor/apereo/phpcas/CAS.php | 32 - plugins/auth/vendor/apereo/phpcas/LICENSE | 201 - plugins/auth/vendor/apereo/phpcas/NOTICE | 81 - plugins/auth/vendor/apereo/phpcas/README.md | 35 - .../auth/vendor/apereo/phpcas/composer.json | 55 - .../auth/vendor/apereo/phpcas/source/CAS.php | 2083 -------- .../source/CAS/AuthenticationException.php | 115 - .../apereo/phpcas/source/CAS/Autoload.php | 95 - .../apereo/phpcas/source/CAS/Client.php | 4380 ----------------- .../apereo/phpcas/source/CAS/CookieJar.php | 385 -- .../apereo/phpcas/source/CAS/Exception.php | 59 - .../CAS/GracefullTerminationException.php | 86 - .../source/CAS/InvalidArgumentException.php | 46 - .../phpcas/source/CAS/Languages/Catalan.php | 114 - .../CAS/Languages/ChineseSimplified.php | 114 - .../phpcas/source/CAS/Languages/English.php | 114 - .../phpcas/source/CAS/Languages/French.php | 116 - .../phpcas/source/CAS/Languages/German.php | 116 - .../phpcas/source/CAS/Languages/Greek.php | 115 - .../phpcas/source/CAS/Languages/Japanese.php | 113 - .../CAS/Languages/LanguageInterface.php | 96 - .../phpcas/source/CAS/Languages/Spanish.php | 117 - ...uenceBeforeAuthenticationCallException.php | 56 - .../OutOfSequenceBeforeClientException.php | 58 - .../CAS/OutOfSequenceBeforeProxyException.php | 59 - .../source/CAS/OutOfSequenceException.php | 49 - .../source/CAS/PGTStorage/AbstractStorage.php | 222 - .../phpcas/source/CAS/PGTStorage/Db.php | 440 -- .../phpcas/source/CAS/PGTStorage/File.php | 261 - .../phpcas/source/CAS/ProxiedService.php | 72 - .../source/CAS/ProxiedService/Abstract.php | 149 - .../source/CAS/ProxiedService/Exception.php | 46 - .../phpcas/source/CAS/ProxiedService/Http.php | 91 - .../CAS/ProxiedService/Http/Abstract.php | 360 -- .../source/CAS/ProxiedService/Http/Get.php | 85 - .../source/CAS/ProxiedService/Http/Post.php | 152 - .../phpcas/source/CAS/ProxiedService/Imap.php | 281 -- .../source/CAS/ProxiedService/Testable.php | 75 - .../apereo/phpcas/source/CAS/ProxyChain.php | 127 - .../source/CAS/ProxyChain/AllowedList.php | 119 - .../phpcas/source/CAS/ProxyChain/Any.php | 64 - .../source/CAS/ProxyChain/Interface.php | 53 - .../phpcas/source/CAS/ProxyChain/Trusted.php | 59 - .../source/CAS/ProxyTicketException.php | 71 - .../source/CAS/Request/AbstractRequest.php | 380 -- .../source/CAS/Request/CurlMultiRequest.php | 147 - .../phpcas/source/CAS/Request/CurlRequest.php | 198 - .../phpcas/source/CAS/Request/Exception.php | 45 - .../CAS/Request/MultiRequestInterface.php | 83 - .../source/CAS/Request/RequestInterface.php | 179 - .../source/CAS/TypeMismatchException.php | 70 - plugins/auth/vendor/autoload.php | 25 - plugins/auth/vendor/composer/ClassLoader.php | 572 --- plugins/auth/vendor/composer/LICENSE | 21 - .../vendor/composer/autoload_classmap.php | 55 - .../auth/vendor/composer/autoload_files.php | 13 - .../vendor/composer/autoload_namespaces.php | 9 - .../auth/vendor/composer/autoload_psr4.php | 18 - .../auth/vendor/composer/autoload_real.php | 57 - .../auth/vendor/composer/autoload_static.php | 141 - plugins/auth/vendor/composer/installed.json | 975 ---- .../vendor/guzzlehttp/guzzle/CHANGELOG.md | 1519 ------ plugins/auth/vendor/guzzlehttp/guzzle/LICENSE | 27 - .../auth/vendor/guzzlehttp/guzzle/README.md | 94 - .../vendor/guzzlehttp/guzzle/UPGRADING.md | 1253 ----- .../vendor/guzzlehttp/guzzle/composer.json | 105 - .../vendor/guzzlehttp/guzzle/src/Client.php | 477 -- .../guzzlehttp/guzzle/src/ClientInterface.php | 84 - .../guzzlehttp/guzzle/src/ClientTrait.php | 241 - .../guzzle/src/Cookie/CookieJar.php | 317 -- .../guzzle/src/Cookie/CookieJarInterface.php | 79 - .../guzzle/src/Cookie/FileCookieJar.php | 101 - .../guzzle/src/Cookie/SessionCookieJar.php | 77 - .../guzzle/src/Cookie/SetCookie.php | 446 -- .../src/Exception/BadResponseException.php | 39 - .../guzzle/src/Exception/ClientException.php | 10 - .../guzzle/src/Exception/ConnectException.php | 56 - .../guzzle/src/Exception/GuzzleException.php | 9 - .../Exception/InvalidArgumentException.php | 7 - .../guzzle/src/Exception/RequestException.php | 166 - .../guzzle/src/Exception/ServerException.php | 10 - .../Exception/TooManyRedirectsException.php | 7 - .../src/Exception/TransferException.php | 7 - .../guzzle/src/Handler/CurlFactory.php | 595 --- .../src/Handler/CurlFactoryInterface.php | 25 - .../guzzle/src/Handler/CurlHandler.php | 49 - .../guzzle/src/Handler/CurlMultiHandler.php | 262 - .../guzzle/src/Handler/EasyHandle.php | 112 - .../guzzle/src/Handler/MockHandler.php | 211 - .../guzzlehttp/guzzle/src/Handler/Proxy.php | 51 - .../guzzle/src/Handler/StreamHandler.php | 593 --- .../guzzlehttp/guzzle/src/HandlerStack.php | 275 -- .../guzzle/src/MessageFormatter.php | 198 - .../guzzlehttp/guzzle/src/Middleware.php | 260 - .../vendor/guzzlehttp/guzzle/src/Pool.php | 125 - .../guzzle/src/PrepareBodyMiddleware.php | 104 - .../guzzle/src/RedirectMiddleware.php | 228 - .../guzzlehttp/guzzle/src/RequestOptions.php | 264 - .../guzzlehttp/guzzle/src/RetryMiddleware.php | 116 - .../guzzlehttp/guzzle/src/TransferStats.php | 133 - .../vendor/guzzlehttp/guzzle/src/Utils.php | 385 -- .../guzzlehttp/guzzle/src/functions.php | 167 - .../guzzle/src/functions_include.php | 6 - .../vendor/guzzlehttp/promises/CHANGELOG.md | 110 - .../auth/vendor/guzzlehttp/promises/LICENSE | 24 - .../auth/vendor/guzzlehttp/promises/README.md | 546 -- .../vendor/guzzlehttp/promises/composer.json | 58 - .../promises/src/AggregateException.php | 17 - .../promises/src/CancellationException.php | 10 - .../guzzlehttp/promises/src/Coroutine.php | 169 - .../guzzlehttp/promises/src/EachPromise.php | 247 - .../promises/src/FulfilledPromise.php | 84 - .../guzzlehttp/promises/src/Promise.php | 278 -- .../promises/src/PromiseInterface.php | 97 - .../promises/src/PromisorInterface.php | 16 - .../promises/src/RejectedPromise.php | 91 - .../promises/src/RejectionException.php | 48 - .../guzzlehttp/promises/src/TaskQueue.php | 67 - .../promises/src/TaskQueueInterface.php | 24 - .../guzzlehttp/promises/src/functions.php | 363 -- .../promises/src/functions_include.php | 6 - .../auth/vendor/guzzlehttp/psr7/CHANGELOG.md | 396 -- plugins/auth/vendor/guzzlehttp/psr7/LICENSE | 26 - plugins/auth/vendor/guzzlehttp/psr7/README.md | 872 ---- .../auth/vendor/guzzlehttp/psr7/composer.json | 96 - .../guzzlehttp/psr7/src/AppendStream.php | 248 - .../guzzlehttp/psr7/src/BufferStream.php | 149 - .../guzzlehttp/psr7/src/CachingStream.php | 153 - .../guzzlehttp/psr7/src/DroppingStream.php | 49 - .../vendor/guzzlehttp/psr7/src/FnStream.php | 180 - .../guzzlehttp/psr7/src/InflateStream.php | 37 - .../guzzlehttp/psr7/src/LazyOpenStream.php | 41 - .../guzzlehttp/psr7/src/LimitStream.php | 157 - .../guzzlehttp/psr7/src/MessageTrait.php | 264 - .../guzzlehttp/psr7/src/MultipartStream.php | 159 - .../guzzlehttp/psr7/src/NoSeekStream.php | 28 - .../vendor/guzzlehttp/psr7/src/PumpStream.php | 179 - .../vendor/guzzlehttp/psr7/src/Request.php | 157 - .../vendor/guzzlehttp/psr7/src/Response.php | 160 - .../vendor/guzzlehttp/psr7/src/Rfc7230.php | 23 - .../guzzlehttp/psr7/src/ServerRequest.php | 344 -- .../vendor/guzzlehttp/psr7/src/Stream.php | 282 -- .../psr7/src/StreamDecoratorTrait.php | 155 - .../guzzlehttp/psr7/src/StreamWrapper.php | 175 - .../guzzlehttp/psr7/src/UploadedFile.php | 211 - .../auth/vendor/guzzlehttp/psr7/src/Uri.php | 740 --- .../guzzlehttp/psr7/src/UriNormalizer.php | 220 - .../guzzlehttp/psr7/src/UriResolver.php | 211 - .../auth/vendor/league/oauth2-client/LICENSE | 21 - .../vendor/league/oauth2-client/README.md | 58 - .../vendor/league/oauth2-client/composer.json | 58 - .../oauth2-client/src/Grant/AbstractGrant.php | 80 - .../src/Grant/AuthorizationCode.php | 41 - .../src/Grant/ClientCredentials.php | 39 - .../Grant/Exception/InvalidGrantException.php | 26 - .../oauth2-client/src/Grant/GrantFactory.php | 104 - .../oauth2-client/src/Grant/Password.php | 42 - .../oauth2-client/src/Grant/RefreshToken.php | 41 - .../HttpBasicAuthOptionProvider.php | 42 - .../OptionProviderInterface.php | 30 - .../OptionProvider/PostAuthOptionProvider.php | 51 - .../src/Provider/AbstractProvider.php | 843 ---- .../Exception/IdentityProviderException.php | 48 - .../src/Provider/GenericProvider.php | 233 - .../src/Provider/GenericResourceOwner.php | 61 - .../src/Provider/ResourceOwnerInterface.php | 36 - .../oauth2-client/src/Token/AccessToken.php | 243 - .../src/Token/AccessTokenInterface.php | 74 - .../ResourceOwnerAccessTokenInterface.php | 25 - .../src/Tool/ArrayAccessorTrait.php | 52 - .../src/Tool/BearerAuthorizationTrait.php | 36 - .../src/Tool/GuardedPropertyTrait.php | 70 - .../src/Tool/MacAuthorizationTrait.php | 83 - .../src/Tool/ProviderRedirectTrait.php | 122 - .../src/Tool/QueryBuilderTrait.php | 33 - .../oauth2-client/src/Tool/RequestFactory.php | 87 - .../src/Tool/RequiredParameterTrait.php | 56 - .../auth/vendor/onelogin/php-saml/CHANGELOG | 315 -- plugins/auth/vendor/onelogin/php-saml/LICENSE | 23 - .../auth/vendor/onelogin/php-saml/README.md | 1554 ------ .../onelogin/php-saml/_toolkit_loader.php | 34 - .../php-saml/advanced_settings_example.php | 165 - .../vendor/onelogin/php-saml/certs/README | 14 - .../vendor/onelogin/php-saml/composer.json | 34 - .../auth/vendor/onelogin/php-saml/phpunit.xml | 18 - .../onelogin/php-saml/settings_example.php | 137 - .../onelogin/php-saml/src/Saml2/Auth.php | 817 --- .../php-saml/src/Saml2/AuthnRequest.php | 214 - .../onelogin/php-saml/src/Saml2/Constants.php | 86 - .../onelogin/php-saml/src/Saml2/Error.php | 66 - .../php-saml/src/Saml2/IdPMetadataParser.php | 243 - .../php-saml/src/Saml2/LogoutRequest.php | 494 -- .../php-saml/src/Saml2/LogoutResponse.php | 347 -- .../onelogin/php-saml/src/Saml2/Metadata.php | 267 - .../onelogin/php-saml/src/Saml2/Response.php | 1237 ----- .../onelogin/php-saml/src/Saml2/Settings.php | 1166 ----- .../onelogin/php-saml/src/Saml2/Utils.php | 1579 ------ .../php-saml/src/Saml2/ValidationError.php | 100 - .../schemas/saml-schema-assertion-2.0.xsd | 283 -- .../schemas/saml-schema-authn-context-2.0.xsd | 23 - .../saml-schema-authn-context-types-2.0.xsd | 821 --- .../schemas/saml-schema-metadata-2.0.xsd | 336 -- .../schemas/saml-schema-protocol-2.0.xsd | 302 -- .../src/Saml2/schemas/sstc-metadata-attr.xsd | 35 - .../Saml2/schemas/sstc-saml-attribute-ext.xsd | 25 - .../sstc-saml-metadata-algsupport-v1.0.xsd | 41 - .../schemas/sstc-saml-metadata-ui-v1.0.xsd | 89 - .../src/Saml2/schemas/xenc-schema.xsd | 136 - .../php-saml/src/Saml2/schemas/xml.xsd | 287 -- .../src/Saml2/schemas/xmldsig-core-schema.xsd | 309 -- .../onelogin/php-saml/src/Saml2/version.json | 7 - .../vendor/paragonie/random_compat/LICENSE | 22 - .../paragonie/random_compat/build-phar.sh | 5 - .../paragonie/random_compat/composer.json | 34 - .../dist/random_compat.phar.pubkey | 5 - .../dist/random_compat.phar.pubkey.asc | 11 - .../paragonie/random_compat/lib/random.php | 32 - .../random_compat/other/build_phar.php | 57 - .../random_compat/psalm-autoload.php | 9 - .../vendor/paragonie/random_compat/psalm.xml | 19 - .../auth/vendor/psr/http-client/CHANGELOG.md | 23 - plugins/auth/vendor/psr/http-client/LICENSE | 19 - plugins/auth/vendor/psr/http-client/README.md | 12 - .../auth/vendor/psr/http-client/composer.json | 27 - .../src/ClientExceptionInterface.php | 10 - .../psr/http-client/src/ClientInterface.php | 20 - .../src/NetworkExceptionInterface.php | 24 - .../src/RequestExceptionInterface.php | 24 - .../auth/vendor/psr/http-factory/.gitignore | 2 - .../vendor/psr/http-factory/.pullapprove.yml | 7 - plugins/auth/vendor/psr/http-factory/LICENSE | 21 - .../auth/vendor/psr/http-factory/README.md | 10 - .../vendor/psr/http-factory/composer.json | 35 - .../src/RequestFactoryInterface.php | 18 - .../src/ResponseFactoryInterface.php | 18 - .../src/ServerRequestFactoryInterface.php | 24 - .../src/StreamFactoryInterface.php | 45 - .../src/UploadedFileFactoryInterface.php | 34 - .../http-factory/src/UriFactoryInterface.php | 17 - .../auth/vendor/psr/http-message/CHANGELOG.md | 36 - plugins/auth/vendor/psr/http-message/LICENSE | 19 - .../auth/vendor/psr/http-message/README.md | 13 - .../vendor/psr/http-message/composer.json | 26 - .../psr/http-message/src/MessageInterface.php | 187 - .../psr/http-message/src/RequestInterface.php | 129 - .../http-message/src/ResponseInterface.php | 68 - .../src/ServerRequestInterface.php | 261 - .../psr/http-message/src/StreamInterface.php | 158 - .../src/UploadedFileInterface.php | 123 - .../psr/http-message/src/UriInterface.php | 323 -- plugins/auth/vendor/psr/log/LICENSE | 19 - plugins/auth/vendor/psr/log/README.md | 58 - plugins/auth/vendor/psr/log/composer.json | 26 - .../vendor/ralouphie/getallheaders/LICENSE | 21 - .../vendor/ralouphie/getallheaders/README.md | 27 - .../ralouphie/getallheaders/composer.json | 26 - .../getallheaders/src/getallheaders.php | 46 - .../robrichards/xmlseclibs/CHANGELOG.txt | 228 - .../vendor/robrichards/xmlseclibs/LICENSE | 31 - .../vendor/robrichards/xmlseclibs/README.md | 85 - .../robrichards/xmlseclibs/composer.json | 21 - .../xmlseclibs/src/Utils/XPath.php | 44 - .../robrichards/xmlseclibs/src/XMLSecEnc.php | 511 -- .../xmlseclibs/src/XMLSecurityDSig.php | 1162 ----- .../xmlseclibs/src/XMLSecurityKey.php | 813 --- .../robrichards/xmlseclibs/xmlseclibs.php | 47 - .../bootstrap/value.ycom_auth_extern.tpl.php | 6 +- .../bootstrap/value.ycom_auth_saml.tpl.php | 6 +- .../bootstrap/value.ycom_password.tpl.php | 24 +- plugins/group/boot.php | 4 +- plugins/group/lib/ycom_group.php | 5 +- plugins/group/uninstall.php | 8 +- plugins/group/update.php | 2 +- plugins/media_auth/boot.php | 34 +- plugins/media_auth/lib/ycom_media_auth.php | 8 +- .../media_auth/lib/ycom_media_auth_rules.php | 5 +- plugins/media_auth/pages/settings.php | 4 +- plugins/media_auth/update.php | 2 +- uninstall.php | 6 +- update.php | 2 +- 321 files changed, 4795 insertions(+), 52531 deletions(-) create mode 100644 .github/workflows/code-style.yml delete mode 100644 .github/workflows/phpstan.yml create mode 100644 .github/workflows/phpunit.yml create mode 100644 .github/workflows/publish-to-redaxo.yml delete mode 100644 .github/workflows/rexlint.yml create mode 100644 .github/workflows/rexstan.yml create mode 100644 .php-cs-fixer.dist.php create mode 100644 .tools/bootstrap.php create mode 100644 .tools/rexstan.php create mode 100644 phpunit.xml.dist delete mode 100644 plugins/auth/composer.json delete mode 100644 plugins/auth/composer.lock delete mode 100644 plugins/auth/vendor/apereo/phpcas/.gitattributes delete mode 100644 plugins/auth/vendor/apereo/phpcas/CAS.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/LICENSE delete mode 100644 plugins/auth/vendor/apereo/phpcas/NOTICE delete mode 100644 plugins/auth/vendor/apereo/phpcas/README.md delete mode 100644 plugins/auth/vendor/apereo/phpcas/composer.json delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/AuthenticationException.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Autoload.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Client.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/CookieJar.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Exception.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/GracefullTerminationException.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/InvalidArgumentException.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Catalan.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/ChineseSimplified.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/English.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/French.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/German.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Greek.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Japanese.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/LanguageInterface.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Spanish.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeAuthenticationCallException.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeClientException.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeProxyException.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceException.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/AbstractStorage.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/Db.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/File.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Abstract.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Exception.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Abstract.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Get.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Post.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Imap.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Testable.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/AllowedList.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Any.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Interface.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Trusted.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyTicketException.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Request/AbstractRequest.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Request/CurlMultiRequest.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Request/CurlRequest.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Request/Exception.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Request/MultiRequestInterface.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/Request/RequestInterface.php delete mode 100644 plugins/auth/vendor/apereo/phpcas/source/CAS/TypeMismatchException.php delete mode 100644 plugins/auth/vendor/autoload.php delete mode 100644 plugins/auth/vendor/composer/ClassLoader.php delete mode 100644 plugins/auth/vendor/composer/LICENSE delete mode 100644 plugins/auth/vendor/composer/autoload_classmap.php delete mode 100644 plugins/auth/vendor/composer/autoload_files.php delete mode 100644 plugins/auth/vendor/composer/autoload_namespaces.php delete mode 100644 plugins/auth/vendor/composer/autoload_psr4.php delete mode 100644 plugins/auth/vendor/composer/autoload_real.php delete mode 100644 plugins/auth/vendor/composer/autoload_static.php delete mode 100644 plugins/auth/vendor/composer/installed.json delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/CHANGELOG.md delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/LICENSE delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/README.md delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/UPGRADING.md delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/composer.json delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Client.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/ClientInterface.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/ClientTrait.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/CookieJar.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/CookieJarInterface.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/FileCookieJar.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/SessionCookieJar.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/SetCookie.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/BadResponseException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/ClientException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/ConnectException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/GuzzleException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/InvalidArgumentException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/ServerException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/TooManyRedirectsException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/TransferException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/CurlFactoryInterface.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/CurlHandler.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/CurlMultiHandler.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/EasyHandle.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/MockHandler.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/StreamHandler.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/HandlerStack.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/MessageFormatter.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Middleware.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Pool.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/RedirectMiddleware.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/RequestOptions.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/RetryMiddleware.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/TransferStats.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/Utils.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/functions.php delete mode 100644 plugins/auth/vendor/guzzlehttp/guzzle/src/functions_include.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/CHANGELOG.md delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/LICENSE delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/README.md delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/composer.json delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/AggregateException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/CancellationException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/Coroutine.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/EachPromise.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/FulfilledPromise.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/Promise.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/PromiseInterface.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/PromisorInterface.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/RejectedPromise.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/RejectionException.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/TaskQueue.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/TaskQueueInterface.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/functions.php delete mode 100644 plugins/auth/vendor/guzzlehttp/promises/src/functions_include.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/CHANGELOG.md delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/LICENSE delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/README.md delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/composer.json delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/AppendStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/BufferStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/CachingStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/DroppingStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/FnStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/InflateStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/LazyOpenStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/LimitStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/MessageTrait.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/MultipartStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/NoSeekStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/PumpStream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/Request.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/Response.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/Rfc7230.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/ServerRequest.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/Stream.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/StreamDecoratorTrait.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/StreamWrapper.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/UploadedFile.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/Uri.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/UriNormalizer.php delete mode 100644 plugins/auth/vendor/guzzlehttp/psr7/src/UriResolver.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/LICENSE delete mode 100644 plugins/auth/vendor/league/oauth2-client/README.md delete mode 100644 plugins/auth/vendor/league/oauth2-client/composer.json delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Grant/AbstractGrant.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Grant/AuthorizationCode.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Grant/ClientCredentials.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Grant/Exception/InvalidGrantException.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Grant/GrantFactory.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Grant/Password.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Grant/RefreshToken.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/OptionProvider/HttpBasicAuthOptionProvider.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/OptionProvider/OptionProviderInterface.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/OptionProvider/PostAuthOptionProvider.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Provider/AbstractProvider.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Provider/Exception/IdentityProviderException.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Provider/GenericProvider.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Provider/GenericResourceOwner.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Provider/ResourceOwnerInterface.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Token/AccessToken.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Token/AccessTokenInterface.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Token/ResourceOwnerAccessTokenInterface.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Tool/ArrayAccessorTrait.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Tool/BearerAuthorizationTrait.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Tool/GuardedPropertyTrait.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Tool/MacAuthorizationTrait.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Tool/ProviderRedirectTrait.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Tool/QueryBuilderTrait.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Tool/RequestFactory.php delete mode 100644 plugins/auth/vendor/league/oauth2-client/src/Tool/RequiredParameterTrait.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/CHANGELOG delete mode 100644 plugins/auth/vendor/onelogin/php-saml/LICENSE delete mode 100644 plugins/auth/vendor/onelogin/php-saml/README.md delete mode 100644 plugins/auth/vendor/onelogin/php-saml/_toolkit_loader.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/advanced_settings_example.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/certs/README delete mode 100644 plugins/auth/vendor/onelogin/php-saml/composer.json delete mode 100644 plugins/auth/vendor/onelogin/php-saml/phpunit.xml delete mode 100644 plugins/auth/vendor/onelogin/php-saml/settings_example.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/Auth.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/AuthnRequest.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/Constants.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/Error.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/IdPMetadataParser.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/LogoutRequest.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/LogoutResponse.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/Metadata.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/Response.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/Settings.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/Utils.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/ValidationError.php delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-assertion-2.0.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-authn-context-2.0.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-authn-context-types-2.0.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-metadata-2.0.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-protocol-2.0.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-metadata-attr.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-attribute-ext.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-metadata-algsupport-v1.0.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-metadata-ui-v1.0.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xenc-schema.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xml.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xmldsig-core-schema.xsd delete mode 100644 plugins/auth/vendor/onelogin/php-saml/src/Saml2/version.json delete mode 100644 plugins/auth/vendor/paragonie/random_compat/LICENSE delete mode 100755 plugins/auth/vendor/paragonie/random_compat/build-phar.sh delete mode 100644 plugins/auth/vendor/paragonie/random_compat/composer.json delete mode 100644 plugins/auth/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey delete mode 100644 plugins/auth/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc delete mode 100644 plugins/auth/vendor/paragonie/random_compat/lib/random.php delete mode 100644 plugins/auth/vendor/paragonie/random_compat/other/build_phar.php delete mode 100644 plugins/auth/vendor/paragonie/random_compat/psalm-autoload.php delete mode 100644 plugins/auth/vendor/paragonie/random_compat/psalm.xml delete mode 100644 plugins/auth/vendor/psr/http-client/CHANGELOG.md delete mode 100644 plugins/auth/vendor/psr/http-client/LICENSE delete mode 100644 plugins/auth/vendor/psr/http-client/README.md delete mode 100644 plugins/auth/vendor/psr/http-client/composer.json delete mode 100644 plugins/auth/vendor/psr/http-client/src/ClientExceptionInterface.php delete mode 100644 plugins/auth/vendor/psr/http-client/src/ClientInterface.php delete mode 100644 plugins/auth/vendor/psr/http-client/src/NetworkExceptionInterface.php delete mode 100644 plugins/auth/vendor/psr/http-client/src/RequestExceptionInterface.php delete mode 100644 plugins/auth/vendor/psr/http-factory/.gitignore delete mode 100644 plugins/auth/vendor/psr/http-factory/.pullapprove.yml delete mode 100644 plugins/auth/vendor/psr/http-factory/LICENSE delete mode 100644 plugins/auth/vendor/psr/http-factory/README.md delete mode 100644 plugins/auth/vendor/psr/http-factory/composer.json delete mode 100644 plugins/auth/vendor/psr/http-factory/src/RequestFactoryInterface.php delete mode 100644 plugins/auth/vendor/psr/http-factory/src/ResponseFactoryInterface.php delete mode 100644 plugins/auth/vendor/psr/http-factory/src/ServerRequestFactoryInterface.php delete mode 100644 plugins/auth/vendor/psr/http-factory/src/StreamFactoryInterface.php delete mode 100644 plugins/auth/vendor/psr/http-factory/src/UploadedFileFactoryInterface.php delete mode 100644 plugins/auth/vendor/psr/http-factory/src/UriFactoryInterface.php delete mode 100644 plugins/auth/vendor/psr/http-message/CHANGELOG.md delete mode 100644 plugins/auth/vendor/psr/http-message/LICENSE delete mode 100644 plugins/auth/vendor/psr/http-message/README.md delete mode 100644 plugins/auth/vendor/psr/http-message/composer.json delete mode 100644 plugins/auth/vendor/psr/http-message/src/MessageInterface.php delete mode 100644 plugins/auth/vendor/psr/http-message/src/RequestInterface.php delete mode 100644 plugins/auth/vendor/psr/http-message/src/ResponseInterface.php delete mode 100644 plugins/auth/vendor/psr/http-message/src/ServerRequestInterface.php delete mode 100644 plugins/auth/vendor/psr/http-message/src/StreamInterface.php delete mode 100644 plugins/auth/vendor/psr/http-message/src/UploadedFileInterface.php delete mode 100644 plugins/auth/vendor/psr/http-message/src/UriInterface.php delete mode 100644 plugins/auth/vendor/psr/log/LICENSE delete mode 100644 plugins/auth/vendor/psr/log/README.md delete mode 100644 plugins/auth/vendor/psr/log/composer.json delete mode 100644 plugins/auth/vendor/ralouphie/getallheaders/LICENSE delete mode 100644 plugins/auth/vendor/ralouphie/getallheaders/README.md delete mode 100644 plugins/auth/vendor/ralouphie/getallheaders/composer.json delete mode 100644 plugins/auth/vendor/ralouphie/getallheaders/src/getallheaders.php delete mode 100644 plugins/auth/vendor/robrichards/xmlseclibs/CHANGELOG.txt delete mode 100644 plugins/auth/vendor/robrichards/xmlseclibs/LICENSE delete mode 100644 plugins/auth/vendor/robrichards/xmlseclibs/README.md delete mode 100644 plugins/auth/vendor/robrichards/xmlseclibs/composer.json delete mode 100644 plugins/auth/vendor/robrichards/xmlseclibs/src/Utils/XPath.php delete mode 100644 plugins/auth/vendor/robrichards/xmlseclibs/src/XMLSecEnc.php delete mode 100644 plugins/auth/vendor/robrichards/xmlseclibs/src/XMLSecurityDSig.php delete mode 100644 plugins/auth/vendor/robrichards/xmlseclibs/src/XMLSecurityKey.php delete mode 100644 plugins/auth/vendor/robrichards/xmlseclibs/xmlseclibs.php diff --git a/.github/workflows/code-style.yml b/.github/workflows/code-style.yml new file mode 100644 index 00000000..10fc9e39 --- /dev/null +++ b/.github/workflows/code-style.yml @@ -0,0 +1,42 @@ +name: PHP-CS-Fixer + +on: + push: + branches: [ master, main ] + pull_request: + branches: [ master, main ] + +permissions: + contents: read + +jobs: + code-style: + + runs-on: ubuntu-latest + permissions: + contents: write # for Git to git apply + + steps: + - uses: actions/checkout@v3 + + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: '8.1' + extensions: gd, intl, pdo_mysql + coverage: none # disable xdebug, pcov + + # install dependencies from composer.json + - name: Install test dependencies + env: + COMPOSER: composer.json + run: composer install --prefer-dist --no-progress + + # run php-cs-fixer + - name: Run PHP CS Fixer + run: composer cs-dry + + # commit and push fixed files +# - uses: stefanzweifel/git-auto-commit-action@v4 +# with: +# commit_message: Apply php-cs-fixer changes diff --git a/.github/workflows/phpstan.yml b/.github/workflows/phpstan.yml deleted file mode 100644 index fe8af682..00000000 --- a/.github/workflows/phpstan.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: PHP Checks - -on: - pull_request: - types: [opened, synchronize, reopened, ready_for_review] - -jobs: - - phpstan-analysis: - name: phpstan static code analysis - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - name: Setup PHP - uses: shivammathur/setup-php@v2 - with: - php-version: 7.4 - extensions: intl, imagick - coverage: none # disable xdebug, pcov - tools: cs2pr - - - name: Install Dependencies - run: composer install --prefer-dist - - - run: | - vendor/bin/phpstan analyse --no-progress diff --git a/.github/workflows/phpunit.yml b/.github/workflows/phpunit.yml new file mode 100644 index 00000000..0b4d17a3 --- /dev/null +++ b/.github/workflows/phpunit.yml @@ -0,0 +1,84 @@ +name: PHPUnit + +on: + push: + branches: [ master, main ] + pull_request: + branches: [ master, main ] + +permissions: + contents: read + +jobs: + phpunit: + + runs-on: ubuntu-latest + permissions: + contents: write # for Git to git apply + + steps: + - uses: actions/checkout@v3 + + # setup PHP v8, install some extensions + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: '8.2' + extensions: gd, intl, pdo_mysql + coverage: none # disable xdebug, pcov + + # download the latest REDAXO release and unzip it + # credits https://blog.markvincze.com/download-artifacts-from-a-latest-github-release-in-sh-and-powershell/ + - name: Download latest REDAXO release + run: | + LATEST_RELEASE=$(curl -L -s -H 'Accept: application/json' https://github.com/redaxo/redaxo/releases/latest) + REDAXO_VERSION=$(echo $LATEST_RELEASE | sed -e 's/.*"tag_name":"\([^"]*\)".*/\1/') + echo "Downloaded REDAXO $REDAXO_VERSION" + curl -Ls -o redaxo.zip https://github.com/redaxo/redaxo/releases/download/$REDAXO_VERSION/redaxo_$REDAXO_VERSION.zip + unzip -oq redaxo.zip -d redaxo_cms + rm redaxo.zip + + # start mysql service, create a database called redaxo5, apply config patch + - name: Init database + run: | + sudo /etc/init.d/mysql start + mysql -uroot -h127.0.0.1 -proot -e 'create database redaxo5;' + + # run REDAXO setup with the following parameters + # Language: de + # DB password: root + # Create DB: no + # Admin username: admin + # Admin password: adminpassword + # Error E-mail: test@redaxo.invalid + - name: Setup REDAXO + run: | + php redaxo_cms/redaxo/bin/console setup:run -n --lang=de_de --agree-license --db-host=127.0.0.1 --db-name=redaxo5 --db-password=root --db-createdb=no --db-setup=normal --admin-username=admin --admin-password=adminpassword --error-email=test@redaxo.invalid --ansi + php redaxo_cms/redaxo/bin/console config:set --type boolean debug.enabled true + php redaxo_cms/redaxo/bin/console config:set --type boolean debug.throw_always_exception true + + # copy Addon files, ignore some directories... + # install the addon + # if the addon name does not match the repository name, ${{ github.event.repository.name }} must be replaced with the addon name + # if additional addons are needed, they can be installed via the console commands + # see: https://www.redaxo.org/doku/main/basis-addons#console + - name: Copy and install Addons + run: | + rsync -av --exclude='./vendor' --exclude='.github' --exclude='.git' --exclude='redaxo_cms' './' 'redaxo_cms/redaxo/src/addons/${{ github.event.repository.name }}' + redaxo_cms/redaxo/bin/console package:install 'cronjob' + redaxo_cms/redaxo/bin/console package:install '${{ github.event.repository.name }}' + + # install dependencies from composer.json + - name: Install test dependencies + working-directory: redaxo_cms/redaxo/src/addons/${{ github.event.repository.name }} + env: + COMPOSER: composer.json + run: composer install --prefer-dist --no-progress + + - name: Setup Problem Matchers for PHPUnit + run: echo "::add-matcher::${{ runner.tool_cache }}/phpunit.json" + + # run unit tests, see composer.json + - name: Run phpunit + working-directory: redaxo_cms/redaxo/src/addons/${{ github.event.repository.name }} + run: composer test diff --git a/.github/workflows/publish-to-redaxo.yml b/.github/workflows/publish-to-redaxo.yml new file mode 100644 index 00000000..c1927fd1 --- /dev/null +++ b/.github/workflows/publish-to-redaxo.yml @@ -0,0 +1,24 @@ +name: Publish release + +on: + release: + types: + - published + +jobs: + redaxo_publish: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: shivammathur/setup-php@v2 + with: + php-version: "8.2" + - uses: ramsey/composer-install@v2 + with: + composer-options: "--no-dev" + - uses: FriendsOfREDAXO/installer-action@v1 + with: + myredaxo-username: ${{ secrets.MYREDAXO_USERNAME }} + myredaxo-api-key: ${{ secrets.MYREDAXO_API_KEY }} + description: ${{ github.event.release.body }} + diff --git a/.github/workflows/rexlint.yml b/.github/workflows/rexlint.yml deleted file mode 100644 index d4d4b752..00000000 --- a/.github/workflows/rexlint.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: PHP Checks - -on: - push: - -jobs: - - rex-lint: - name: REX Linting - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Setup PHP - uses: shivammathur/setup-php@v2 - with: - php-version: 7.4 - extension: intl - coverage: none # disable xdebug, pcov - - run: | - composer require --dev friendsofredaxo/linter && vendor/bin/rexlint diff --git a/.github/workflows/rexstan.yml b/.github/workflows/rexstan.yml new file mode 100644 index 00000000..8ab55b3d --- /dev/null +++ b/.github/workflows/rexstan.yml @@ -0,0 +1,92 @@ +name: rexstan + +on: + push: + branches: [ master, main ] + pull_request: + branches: [ master, main ] + +permissions: + contents: read + +jobs: + rexstan: + env: + ADDON_KEY: ${{ github.event.repository.name }} + + runs-on: ubuntu-latest + permissions: + contents: write # for Git to git apply + + steps: + - uses: actions/checkout@v3 + + # setup PHP v8, install some extensions + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: '8.2' + extensions: gd, intl, pdo_mysql + coverage: none # disable xdebug, pcov + + # download the latest REDAXO release and unzip it + # credits https://blog.markvincze.com/download-artifacts-from-a-latest-github-release-in-sh-and-powershell/ + - name: Download latest REDAXO release + run: | + LATEST_RELEASE=$(curl -L -s -H 'Accept: application/json' https://github.com/redaxo/redaxo/releases/latest) + REDAXO_VERSION=$(echo $LATEST_RELEASE | sed -e 's/.*"tag_name":"\([^"]*\)".*/\1/') + echo "Downloaded REDAXO $REDAXO_VERSION" + curl -Ls -o redaxo.zip https://github.com/redaxo/redaxo/releases/download/$REDAXO_VERSION/redaxo_$REDAXO_VERSION.zip + unzip -oq redaxo.zip -d redaxo_cms + rm redaxo.zip + + # start mysql service, create a database called redaxo5, apply config patch + - name: Init database + run: | + sudo /etc/init.d/mysql start + mysql -uroot -h127.0.0.1 -proot -e 'create database redaxo5;' + + # run REDAXO setup with the following parameters + # Language: de + # DB password: root + # Create DB: no + # Admin username: admin + # Admin password: adminpassword + # Error E-mail: test@redaxo.invalid + - name: Setup REDAXO + run: | + php redaxo_cms/redaxo/bin/console setup:run -n --lang=de_de --agree-license --db-host=127.0.0.1 --db-name=redaxo5 --db-password=root --db-createdb=no --db-setup=normal --admin-username=admin --admin-password=adminpassword --error-email=test@redaxo.invalid --ansi + php redaxo_cms/redaxo/bin/console config:set --type boolean debug.enabled true + php redaxo_cms/redaxo/bin/console config:set --type boolean debug.throw_always_exception true + + # copy Addon files, ignore some directories... + # install the addon + # if the addon name does not match the repository name, ${{ github.event.repository.name }} must be replaced with the addon name + # install latest rexstan + # if additional addons are needed, they can be installed via the console commands + # see: https://www.redaxo.org/doku/main/basis-addons#console + - name: Copy and install Addons + run: | + rsync -av --exclude='./vendor' --exclude='.github' --exclude='.git' --exclude='redaxo_cms' './' 'redaxo_cms/redaxo/src/addons/${{ github.event.repository.name }}' + redaxo_cms/redaxo/bin/console install:download 'rexstan' '1.*' + redaxo_cms/redaxo/bin/console package:install 'rexstan' + redaxo_cms/redaxo/bin/console package:install 'cronjob' + redaxo_cms/redaxo/bin/console package:install 'phpmailer' + redaxo_cms/redaxo/bin/console package:install '${{ github.event.repository.name }}' + + # install dependencies from composer.json + - name: Install test dependencies + working-directory: redaxo_cms/redaxo/src/addons/${{ github.event.repository.name }} + env: + COMPOSER: composer.json + run: composer install --prefer-dist --no-progress + + # execute rexstan.php to create the needed user-config.neon + - name: Execute .tools/rexstan.php + run: php -f redaxo/src/addons/${{ github.event.repository.name }}/.tools/rexstan.php + working-directory: redaxo_cms + + # run rexstan + - id: rexstan + name: Run rexstan + run: redaxo_cms/redaxo/bin/console rexstan:analyze diff --git a/.gitignore b/.gitignore index b5c5dac5..ee771c87 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ - -vendor/ \ No newline at end of file +vendor/ +.phpunit.result.cache +.php-cs-fixer.cache diff --git a/.php-cs-fixer.dist.php b/.php-cs-fixer.dist.php new file mode 100644 index 00000000..72be5932 --- /dev/null +++ b/.php-cs-fixer.dist.php @@ -0,0 +1,11 @@ +in(__DIR__) +; + +return (new Redaxo\PhpCsFixerConfig\Config()) + ->setFinder($finder) + ; diff --git a/.tools/bootstrap.php b/.tools/bootstrap.php new file mode 100644 index 00000000..56c33b7e --- /dev/null +++ b/.tools/bootstrap.php @@ -0,0 +1,13 @@ +getAssetsUrl('ycom_backend.js')); diff --git a/composer.json b/composer.json index 2c63c085..6e3de749 100644 --- a/composer.json +++ b/composer.json @@ -1,2 +1,24 @@ { + "name": "yakamara/yform", + "require": { + "onelogin/php-saml": "^3", + "apereo/phpcas": "^1", + "league/oauth2-client": "^2", + "psr/log": "^1" + }, + "replace": { + "psr/container": "*", + "psr/http-message": "*", + "psr/log": "*" + }, + "require-dev": { + "redaxo/php-cs-fixer-config": "^2.0", + "friendsofphp/php-cs-fixer": "^3.14", + "phpunit/phpunit": "^9.5" + }, + "scripts": { + "cs-dry": "php-cs-fixer fix -v --ansi --dry-run --config=.php-cs-fixer.dist.php", + "cs-fix": "php-cs-fixer fix -v --ansi --config=.php-cs-fixer.dist.php", + "test": "phpunit --testdox -vvv" + } } diff --git a/composer.lock b/composer.lock index 62a29d36..2dbca8d3 100644 --- a/composer.lock +++ b/composer.lock @@ -4,9 +4,4254 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "d751713988987e9331980363e24189ce", - "packages": [], - "packages-dev": [], + "content-hash": "19f9ec63bb47c63141499bf4c7d593f1", + "packages": [ + { + "name": "apereo/phpcas", + "version": "1.6.1", + "source": { + "type": "git", + "url": "https://github.com/apereo/phpCAS.git", + "reference": "c129708154852656aabb13d8606cd5b12dbbabac" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/apereo/phpCAS/zipball/c129708154852656aabb13d8606cd5b12dbbabac", + "reference": "c129708154852656aabb13d8606cd5b12dbbabac", + "shasum": "" + }, + "require": { + "ext-curl": "*", + "ext-dom": "*", + "php": ">=7.1.0", + "psr/log": "^1.0 || ^2.0 || ^3.0" + }, + "require-dev": { + "monolog/monolog": "^1.0.0 || ^2.0.0", + "phpstan/phpstan": "^1.5", + "phpunit/phpunit": ">=7.5" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.3.x-dev" + } + }, + "autoload": { + "files": [ + "source/CAS.php" + ], + "classmap": [ + "source/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Apache-2.0" + ], + "authors": [ + { + "name": "Joachim Fritschi", + "email": "jfritschi@freenet.de", + "homepage": "https://github.com/jfritschi" + }, + { + "name": "Adam Franco", + "homepage": "https://github.com/adamfranco" + }, + { + "name": "Henry Pan", + "homepage": "https://github.com/phy25" + } + ], + "description": "Provides a simple API for authenticating users against a CAS server", + "homepage": "https://wiki.jasig.org/display/CASC/phpCAS", + "keywords": [ + "apereo", + "cas", + "jasig" + ], + "support": { + "issues": "https://github.com/apereo/phpCAS/issues", + "source": "https://github.com/apereo/phpCAS/tree/1.6.1" + }, + "time": "2023-02-19T19:52:35+00:00" + }, + { + "name": "guzzlehttp/guzzle", + "version": "7.8.0", + "source": { + "type": "git", + "url": "https://github.com/guzzle/guzzle.git", + "reference": "1110f66a6530a40fe7aea0378fe608ee2b2248f9" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/guzzle/zipball/1110f66a6530a40fe7aea0378fe608ee2b2248f9", + "reference": "1110f66a6530a40fe7aea0378fe608ee2b2248f9", + "shasum": "" + }, + "require": { + "ext-json": "*", + "guzzlehttp/promises": "^1.5.3 || ^2.0.1", + "guzzlehttp/psr7": "^1.9.1 || ^2.5.1", + "php": "^7.2.5 || ^8.0", + "psr/http-client": "^1.0", + "symfony/deprecation-contracts": "^2.2 || ^3.0" + }, + "provide": { + "psr/http-client-implementation": "1.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.1", + "ext-curl": "*", + "php-http/client-integration-tests": "dev-master#2c025848417c1135031fdf9c728ee53d0a7ceaee as 3.0.999", + "php-http/message-factory": "^1.1", + "phpunit/phpunit": "^8.5.29 || ^9.5.23", + "psr/log": "^1.1 || ^2.0 || ^3.0" + }, + "suggest": { + "ext-curl": "Required for CURL handler support", + "ext-intl": "Required for Internationalized Domain Name (IDN) support", + "psr/log": "Required for using the Log middleware" + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": false + } + }, + "autoload": { + "files": [ + "src/functions_include.php" + ], + "psr-4": { + "GuzzleHttp\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "Jeremy Lindblom", + "email": "jeremeamia@gmail.com", + "homepage": "https://github.com/jeremeamia" + }, + { + "name": "George Mponos", + "email": "gmponos@gmail.com", + "homepage": "https://github.com/gmponos" + }, + { + "name": "Tobias Nyholm", + "email": "tobias.nyholm@gmail.com", + "homepage": "https://github.com/Nyholm" + }, + { + "name": "Márk Sági-Kazár", + "email": "mark.sagikazar@gmail.com", + "homepage": "https://github.com/sagikazarmark" + }, + { + "name": "Tobias Schultze", + "email": "webmaster@tubo-world.de", + "homepage": "https://github.com/Tobion" + } + ], + "description": "Guzzle is a PHP HTTP client library", + "keywords": [ + "client", + "curl", + "framework", + "http", + "http client", + "psr-18", + "psr-7", + "rest", + "web service" + ], + "support": { + "issues": "https://github.com/guzzle/guzzle/issues", + "source": "https://github.com/guzzle/guzzle/tree/7.8.0" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://github.com/Nyholm", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/guzzle", + "type": "tidelift" + } + ], + "time": "2023-08-27T10:20:53+00:00" + }, + { + "name": "guzzlehttp/promises", + "version": "2.0.1", + "source": { + "type": "git", + "url": "https://github.com/guzzle/promises.git", + "reference": "111166291a0f8130081195ac4556a5587d7f1b5d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/promises/zipball/111166291a0f8130081195ac4556a5587d7f1b5d", + "reference": "111166291a0f8130081195ac4556a5587d7f1b5d", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.1", + "phpunit/phpunit": "^8.5.29 || ^9.5.23" + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": false + } + }, + "autoload": { + "psr-4": { + "GuzzleHttp\\Promise\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "Tobias Nyholm", + "email": "tobias.nyholm@gmail.com", + "homepage": "https://github.com/Nyholm" + }, + { + "name": "Tobias Schultze", + "email": "webmaster@tubo-world.de", + "homepage": "https://github.com/Tobion" + } + ], + "description": "Guzzle promises library", + "keywords": [ + "promise" + ], + "support": { + "issues": "https://github.com/guzzle/promises/issues", + "source": "https://github.com/guzzle/promises/tree/2.0.1" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://github.com/Nyholm", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/promises", + "type": "tidelift" + } + ], + "time": "2023-08-03T15:11:55+00:00" + }, + { + "name": "guzzlehttp/psr7", + "version": "2.6.1", + "source": { + "type": "git", + "url": "https://github.com/guzzle/psr7.git", + "reference": "be45764272e8873c72dbe3d2edcfdfcc3bc9f727" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/psr7/zipball/be45764272e8873c72dbe3d2edcfdfcc3bc9f727", + "reference": "be45764272e8873c72dbe3d2edcfdfcc3bc9f727", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0", + "psr/http-factory": "^1.0", + "psr/http-message": "^1.1 || ^2.0", + "ralouphie/getallheaders": "^3.0" + }, + "provide": { + "psr/http-factory-implementation": "1.0", + "psr/http-message-implementation": "1.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.1", + "http-interop/http-factory-tests": "^0.9", + "phpunit/phpunit": "^8.5.29 || ^9.5.23" + }, + "suggest": { + "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses" + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": false + } + }, + "autoload": { + "psr-4": { + "GuzzleHttp\\Psr7\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "George Mponos", + "email": "gmponos@gmail.com", + "homepage": "https://github.com/gmponos" + }, + { + "name": "Tobias Nyholm", + "email": "tobias.nyholm@gmail.com", + "homepage": "https://github.com/Nyholm" + }, + { + "name": "Márk Sági-Kazár", + "email": "mark.sagikazar@gmail.com", + "homepage": "https://github.com/sagikazarmark" + }, + { + "name": "Tobias Schultze", + "email": "webmaster@tubo-world.de", + "homepage": "https://github.com/Tobion" + }, + { + "name": "Márk Sági-Kazár", + "email": "mark.sagikazar@gmail.com", + "homepage": "https://sagikazarmark.hu" + } + ], + "description": "PSR-7 message implementation that also provides common utility methods", + "keywords": [ + "http", + "message", + "psr-7", + "request", + "response", + "stream", + "uri", + "url" + ], + "support": { + "issues": "https://github.com/guzzle/psr7/issues", + "source": "https://github.com/guzzle/psr7/tree/2.6.1" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://github.com/Nyholm", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/psr7", + "type": "tidelift" + } + ], + "time": "2023-08-27T10:13:57+00:00" + }, + { + "name": "league/oauth2-client", + "version": "2.7.0", + "source": { + "type": "git", + "url": "https://github.com/thephpleague/oauth2-client.git", + "reference": "160d6274b03562ebeb55ed18399281d8118b76c8" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/thephpleague/oauth2-client/zipball/160d6274b03562ebeb55ed18399281d8118b76c8", + "reference": "160d6274b03562ebeb55ed18399281d8118b76c8", + "shasum": "" + }, + "require": { + "guzzlehttp/guzzle": "^6.0 || ^7.0", + "paragonie/random_compat": "^1 || ^2 || ^9.99", + "php": "^5.6 || ^7.0 || ^8.0" + }, + "require-dev": { + "mockery/mockery": "^1.3.5", + "php-parallel-lint/php-parallel-lint": "^1.3.1", + "phpunit/phpunit": "^5.7 || ^6.0 || ^9.5", + "squizlabs/php_codesniffer": "^2.3 || ^3.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-2.x": "2.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "League\\OAuth2\\Client\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Alex Bilbie", + "email": "hello@alexbilbie.com", + "homepage": "http://www.alexbilbie.com", + "role": "Developer" + }, + { + "name": "Woody Gilk", + "homepage": "https://github.com/shadowhand", + "role": "Contributor" + } + ], + "description": "OAuth 2.0 Client Library", + "keywords": [ + "Authentication", + "SSO", + "authorization", + "identity", + "idp", + "oauth", + "oauth2", + "single sign on" + ], + "support": { + "issues": "https://github.com/thephpleague/oauth2-client/issues", + "source": "https://github.com/thephpleague/oauth2-client/tree/2.7.0" + }, + "time": "2023-04-16T18:19:15+00:00" + }, + { + "name": "onelogin/php-saml", + "version": "3.6.1", + "source": { + "type": "git", + "url": "https://github.com/onelogin/php-saml.git", + "reference": "a7328b11887660ad248ea10952dd67a5aa73ba3b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/onelogin/php-saml/zipball/a7328b11887660ad248ea10952dd67a5aa73ba3b", + "reference": "a7328b11887660ad248ea10952dd67a5aa73ba3b", + "shasum": "" + }, + "require": { + "php": ">=5.4", + "robrichards/xmlseclibs": ">=3.1.1" + }, + "require-dev": { + "pdepend/pdepend": "^2.5.0", + "php-coveralls/php-coveralls": "^1.0.2 || ^2.0", + "phploc/phploc": "^2.1 || ^3.0 || ^4.0", + "phpunit/phpunit": "<7.5.18", + "sebastian/phpcpd": "^2.0 || ^3.0 || ^4.0", + "squizlabs/php_codesniffer": "^3.1.1" + }, + "suggest": { + "ext-curl": "Install curl lib to be able to use the IdPMetadataParser for parsing remote XMLs", + "ext-gettext": "Install gettext and php5-gettext libs to handle translations", + "ext-openssl": "Install openssl lib in order to handle with x509 certs (require to support sign and encryption)" + }, + "type": "library", + "autoload": { + "psr-4": { + "OneLogin\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "description": "OneLogin PHP SAML Toolkit", + "homepage": "https://developers.onelogin.com/saml/php", + "keywords": [ + "SAML2", + "onelogin", + "saml" + ], + "support": { + "email": "sixto.garcia@onelogin.com", + "issues": "https://github.com/onelogin/php-saml/issues", + "source": "https://github.com/onelogin/php-saml/" + }, + "time": "2021-03-02T10:13:07+00:00" + }, + { + "name": "paragonie/random_compat", + "version": "v9.99.100", + "source": { + "type": "git", + "url": "https://github.com/paragonie/random_compat.git", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a", + "shasum": "" + }, + "require": { + "php": ">= 7" + }, + "require-dev": { + "phpunit/phpunit": "4.*|5.*", + "vimeo/psalm": "^1" + }, + "suggest": { + "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." + }, + "type": "library", + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com" + } + ], + "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", + "keywords": [ + "csprng", + "polyfill", + "pseudorandom", + "random" + ], + "support": { + "email": "info@paragonie.com", + "issues": "https://github.com/paragonie/random_compat/issues", + "source": "https://github.com/paragonie/random_compat" + }, + "time": "2020-10-15T08:29:30+00:00" + }, + { + "name": "psr/http-client", + "version": "1.0.3", + "source": { + "type": "git", + "url": "https://github.com/php-fig/http-client.git", + "reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/http-client/zipball/bb5906edc1c324c9a05aa0873d40117941e5fa90", + "reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90", + "shasum": "" + }, + "require": { + "php": "^7.0 || ^8.0", + "psr/http-message": "^1.0 || ^2.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Http\\Client\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "https://www.php-fig.org/" + } + ], + "description": "Common interface for HTTP clients", + "homepage": "https://github.com/php-fig/http-client", + "keywords": [ + "http", + "http-client", + "psr", + "psr-18" + ], + "support": { + "source": "https://github.com/php-fig/http-client" + }, + "time": "2023-09-23T14:17:50+00:00" + }, + { + "name": "psr/http-factory", + "version": "1.0.2", + "source": { + "type": "git", + "url": "https://github.com/php-fig/http-factory.git", + "reference": "e616d01114759c4c489f93b099585439f795fe35" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/http-factory/zipball/e616d01114759c4c489f93b099585439f795fe35", + "reference": "e616d01114759c4c489f93b099585439f795fe35", + "shasum": "" + }, + "require": { + "php": ">=7.0.0", + "psr/http-message": "^1.0 || ^2.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Http\\Message\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "https://www.php-fig.org/" + } + ], + "description": "Common interfaces for PSR-7 HTTP message factories", + "keywords": [ + "factory", + "http", + "message", + "psr", + "psr-17", + "psr-7", + "request", + "response" + ], + "support": { + "source": "https://github.com/php-fig/http-factory/tree/1.0.2" + }, + "time": "2023-04-10T20:10:41+00:00" + }, + { + "name": "ralouphie/getallheaders", + "version": "3.0.3", + "source": { + "type": "git", + "url": "https://github.com/ralouphie/getallheaders.git", + "reference": "120b605dfeb996808c31b6477290a714d356e822" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ralouphie/getallheaders/zipball/120b605dfeb996808c31b6477290a714d356e822", + "reference": "120b605dfeb996808c31b6477290a714d356e822", + "shasum": "" + }, + "require": { + "php": ">=5.6" + }, + "require-dev": { + "php-coveralls/php-coveralls": "^2.1", + "phpunit/phpunit": "^5 || ^6.5" + }, + "type": "library", + "autoload": { + "files": [ + "src/getallheaders.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Ralph Khattar", + "email": "ralph.khattar@gmail.com" + } + ], + "description": "A polyfill for getallheaders.", + "support": { + "issues": "https://github.com/ralouphie/getallheaders/issues", + "source": "https://github.com/ralouphie/getallheaders/tree/develop" + }, + "time": "2019-03-08T08:55:37+00:00" + }, + { + "name": "robrichards/xmlseclibs", + "version": "3.1.1", + "source": { + "type": "git", + "url": "https://github.com/robrichards/xmlseclibs.git", + "reference": "f8f19e58f26cdb42c54b214ff8a820760292f8df" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/robrichards/xmlseclibs/zipball/f8f19e58f26cdb42c54b214ff8a820760292f8df", + "reference": "f8f19e58f26cdb42c54b214ff8a820760292f8df", + "shasum": "" + }, + "require": { + "ext-openssl": "*", + "php": ">= 5.4" + }, + "type": "library", + "autoload": { + "psr-4": { + "RobRichards\\XMLSecLibs\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "description": "A PHP library for XML Security", + "homepage": "https://github.com/robrichards/xmlseclibs", + "keywords": [ + "security", + "signature", + "xml", + "xmldsig" + ], + "support": { + "issues": "https://github.com/robrichards/xmlseclibs/issues", + "source": "https://github.com/robrichards/xmlseclibs/tree/3.1.1" + }, + "time": "2020-09-05T13:00:25+00:00" + }, + { + "name": "symfony/deprecation-contracts", + "version": "v3.3.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/deprecation-contracts.git", + "reference": "7c3aff79d10325257a001fcf92d991f24fc967cf" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/7c3aff79d10325257a001fcf92d991f24fc967cf", + "reference": "7c3aff79d10325257a001fcf92d991f24fc967cf", + "shasum": "" + }, + "require": { + "php": ">=8.1" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "3.4-dev" + }, + "thanks": { + "name": "symfony/contracts", + "url": "https://github.com/symfony/contracts" + } + }, + "autoload": { + "files": [ + "function.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "A generic function and convention to trigger deprecation notices", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/deprecation-contracts/tree/v3.3.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-05-23T14:45:45+00:00" + } + ], + "packages-dev": [ + { + "name": "composer/pcre", + "version": "3.1.0", + "source": { + "type": "git", + "url": "https://github.com/composer/pcre.git", + "reference": "4bff79ddd77851fe3cdd11616ed3f92841ba5bd2" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/composer/pcre/zipball/4bff79ddd77851fe3cdd11616ed3f92841ba5bd2", + "reference": "4bff79ddd77851fe3cdd11616ed3f92841ba5bd2", + "shasum": "" + }, + "require": { + "php": "^7.4 || ^8.0" + }, + "require-dev": { + "phpstan/phpstan": "^1.3", + "phpstan/phpstan-strict-rules": "^1.1", + "symfony/phpunit-bridge": "^5" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "3.x-dev" + } + }, + "autoload": { + "psr-4": { + "Composer\\Pcre\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Jordi Boggiano", + "email": "j.boggiano@seld.be", + "homepage": "http://seld.be" + } + ], + "description": "PCRE wrapping library that offers type-safe preg_* replacements.", + "keywords": [ + "PCRE", + "preg", + "regex", + "regular expression" + ], + "support": { + "issues": "https://github.com/composer/pcre/issues", + "source": "https://github.com/composer/pcre/tree/3.1.0" + }, + "funding": [ + { + "url": "https://packagist.com", + "type": "custom" + }, + { + "url": "https://github.com/composer", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/composer/composer", + "type": "tidelift" + } + ], + "time": "2022-11-17T09:50:14+00:00" + }, + { + "name": "composer/semver", + "version": "3.4.0", + "source": { + "type": "git", + "url": "https://github.com/composer/semver.git", + "reference": "35e8d0af4486141bc745f23a29cc2091eb624a32" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/composer/semver/zipball/35e8d0af4486141bc745f23a29cc2091eb624a32", + "reference": "35e8d0af4486141bc745f23a29cc2091eb624a32", + "shasum": "" + }, + "require": { + "php": "^5.3.2 || ^7.0 || ^8.0" + }, + "require-dev": { + "phpstan/phpstan": "^1.4", + "symfony/phpunit-bridge": "^4.2 || ^5" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "3.x-dev" + } + }, + "autoload": { + "psr-4": { + "Composer\\Semver\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nils Adermann", + "email": "naderman@naderman.de", + "homepage": "http://www.naderman.de" + }, + { + "name": "Jordi Boggiano", + "email": "j.boggiano@seld.be", + "homepage": "http://seld.be" + }, + { + "name": "Rob Bast", + "email": "rob.bast@gmail.com", + "homepage": "http://robbast.nl" + } + ], + "description": "Semver library that offers utilities, version constraint parsing and validation.", + "keywords": [ + "semantic", + "semver", + "validation", + "versioning" + ], + "support": { + "irc": "ircs://irc.libera.chat:6697/composer", + "issues": "https://github.com/composer/semver/issues", + "source": "https://github.com/composer/semver/tree/3.4.0" + }, + "funding": [ + { + "url": "https://packagist.com", + "type": "custom" + }, + { + "url": "https://github.com/composer", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/composer/composer", + "type": "tidelift" + } + ], + "time": "2023-08-31T09:50:34+00:00" + }, + { + "name": "composer/xdebug-handler", + "version": "3.0.3", + "source": { + "type": "git", + "url": "https://github.com/composer/xdebug-handler.git", + "reference": "ced299686f41dce890debac69273b47ffe98a40c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/composer/xdebug-handler/zipball/ced299686f41dce890debac69273b47ffe98a40c", + "reference": "ced299686f41dce890debac69273b47ffe98a40c", + "shasum": "" + }, + "require": { + "composer/pcre": "^1 || ^2 || ^3", + "php": "^7.2.5 || ^8.0", + "psr/log": "^1 || ^2 || ^3" + }, + "require-dev": { + "phpstan/phpstan": "^1.0", + "phpstan/phpstan-strict-rules": "^1.1", + "symfony/phpunit-bridge": "^6.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "Composer\\XdebugHandler\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "John Stevenson", + "email": "john-stevenson@blueyonder.co.uk" + } + ], + "description": "Restarts a process without Xdebug.", + "keywords": [ + "Xdebug", + "performance" + ], + "support": { + "irc": "irc://irc.freenode.org/composer", + "issues": "https://github.com/composer/xdebug-handler/issues", + "source": "https://github.com/composer/xdebug-handler/tree/3.0.3" + }, + "funding": [ + { + "url": "https://packagist.com", + "type": "custom" + }, + { + "url": "https://github.com/composer", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/composer/composer", + "type": "tidelift" + } + ], + "time": "2022-02-25T21:32:43+00:00" + }, + { + "name": "doctrine/instantiator", + "version": "2.0.0", + "source": { + "type": "git", + "url": "https://github.com/doctrine/instantiator.git", + "reference": "c6222283fa3f4ac679f8b9ced9a4e23f163e80d0" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/doctrine/instantiator/zipball/c6222283fa3f4ac679f8b9ced9a4e23f163e80d0", + "reference": "c6222283fa3f4ac679f8b9ced9a4e23f163e80d0", + "shasum": "" + }, + "require": { + "php": "^8.1" + }, + "require-dev": { + "doctrine/coding-standard": "^11", + "ext-pdo": "*", + "ext-phar": "*", + "phpbench/phpbench": "^1.2", + "phpstan/phpstan": "^1.9.4", + "phpstan/phpstan-phpunit": "^1.3", + "phpunit/phpunit": "^9.5.27", + "vimeo/psalm": "^5.4" + }, + "type": "library", + "autoload": { + "psr-4": { + "Doctrine\\Instantiator\\": "src/Doctrine/Instantiator/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Marco Pivetta", + "email": "ocramius@gmail.com", + "homepage": "https://ocramius.github.io/" + } + ], + "description": "A small, lightweight utility to instantiate objects in PHP without invoking their constructors", + "homepage": "https://www.doctrine-project.org/projects/instantiator.html", + "keywords": [ + "constructor", + "instantiate" + ], + "support": { + "issues": "https://github.com/doctrine/instantiator/issues", + "source": "https://github.com/doctrine/instantiator/tree/2.0.0" + }, + "funding": [ + { + "url": "https://www.doctrine-project.org/sponsorship.html", + "type": "custom" + }, + { + "url": "https://www.patreon.com/phpdoctrine", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/doctrine%2Finstantiator", + "type": "tidelift" + } + ], + "time": "2022-12-30T00:23:10+00:00" + }, + { + "name": "friendsofphp/php-cs-fixer", + "version": "v3.28.0", + "source": { + "type": "git", + "url": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer.git", + "reference": "113e09fea3d2306319ffaa2423fe3de768b28cff" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/PHP-CS-Fixer/PHP-CS-Fixer/zipball/113e09fea3d2306319ffaa2423fe3de768b28cff", + "reference": "113e09fea3d2306319ffaa2423fe3de768b28cff", + "shasum": "" + }, + "require": { + "composer/semver": "^3.3", + "composer/xdebug-handler": "^3.0.3", + "ext-json": "*", + "ext-tokenizer": "*", + "php": "^7.4 || ^8.0", + "sebastian/diff": "^4.0 || ^5.0", + "symfony/console": "^5.4 || ^6.0", + "symfony/event-dispatcher": "^5.4 || ^6.0", + "symfony/filesystem": "^5.4 || ^6.0", + "symfony/finder": "^5.4 || ^6.0", + "symfony/options-resolver": "^5.4 || ^6.0", + "symfony/polyfill-mbstring": "^1.27", + "symfony/polyfill-php80": "^1.27", + "symfony/polyfill-php81": "^1.27", + "symfony/process": "^5.4 || ^6.0", + "symfony/stopwatch": "^5.4 || ^6.0" + }, + "require-dev": { + "facile-it/paraunit": "^1.3 || ^2.0", + "justinrainbow/json-schema": "^5.2", + "keradus/cli-executor": "^2.0", + "mikey179/vfsstream": "^1.6.11", + "php-coveralls/php-coveralls": "^2.5.3", + "php-cs-fixer/accessible-object": "^1.1", + "php-cs-fixer/phpunit-constraint-isidenticalstring": "^1.2", + "php-cs-fixer/phpunit-constraint-xmlmatchesxsd": "^1.2.1", + "phpspec/prophecy": "^1.16", + "phpspec/prophecy-phpunit": "^2.0", + "phpunit/phpunit": "^9.5", + "phpunitgoodpractices/polyfill": "^1.6", + "phpunitgoodpractices/traits": "^1.9.2", + "symfony/phpunit-bridge": "^6.2.3", + "symfony/yaml": "^5.4 || ^6.0" + }, + "suggest": { + "ext-dom": "For handling output formats in XML", + "ext-mbstring": "For handling non-UTF8 characters." + }, + "bin": [ + "php-cs-fixer" + ], + "type": "application", + "autoload": { + "psr-4": { + "PhpCsFixer\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Dariusz Rumiński", + "email": "dariusz.ruminski@gmail.com" + } + ], + "description": "A tool to automatically fix PHP code style", + "keywords": [ + "Static code analysis", + "fixer", + "standards", + "static analysis" + ], + "support": { + "issues": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/issues", + "source": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/tree/v3.28.0" + }, + "funding": [ + { + "url": "https://github.com/keradus", + "type": "github" + } + ], + "time": "2023-09-22T20:43:40+00:00" + }, + { + "name": "kubawerlos/php-cs-fixer-custom-fixers", + "version": "v3.16.2", + "source": { + "type": "git", + "url": "https://github.com/kubawerlos/php-cs-fixer-custom-fixers.git", + "reference": "d3f2590069d06ba49ad24cac03f802e8ad0aaeba" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/kubawerlos/php-cs-fixer-custom-fixers/zipball/d3f2590069d06ba49ad24cac03f802e8ad0aaeba", + "reference": "d3f2590069d06ba49ad24cac03f802e8ad0aaeba", + "shasum": "" + }, + "require": { + "ext-filter": "*", + "ext-tokenizer": "*", + "friendsofphp/php-cs-fixer": "^3.22", + "php": "^7.4 || ^8.0" + }, + "require-dev": { + "phpunit/phpunit": "^9.6.4 || ^10.0.14" + }, + "type": "library", + "autoload": { + "psr-4": { + "PhpCsFixerCustomFixers\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Kuba Werłos", + "email": "werlos@gmail.com" + } + ], + "description": "A set of custom fixers for PHP CS Fixer", + "support": { + "issues": "https://github.com/kubawerlos/php-cs-fixer-custom-fixers/issues", + "source": "https://github.com/kubawerlos/php-cs-fixer-custom-fixers/tree/v3.16.2" + }, + "time": "2023-08-06T13:50:15+00:00" + }, + { + "name": "myclabs/deep-copy", + "version": "1.11.1", + "source": { + "type": "git", + "url": "https://github.com/myclabs/DeepCopy.git", + "reference": "7284c22080590fb39f2ffa3e9057f10a4ddd0e0c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/7284c22080590fb39f2ffa3e9057f10a4ddd0e0c", + "reference": "7284c22080590fb39f2ffa3e9057f10a4ddd0e0c", + "shasum": "" + }, + "require": { + "php": "^7.1 || ^8.0" + }, + "conflict": { + "doctrine/collections": "<1.6.8", + "doctrine/common": "<2.13.3 || >=3,<3.2.2" + }, + "require-dev": { + "doctrine/collections": "^1.6.8", + "doctrine/common": "^2.13.3 || ^3.2.2", + "phpunit/phpunit": "^7.5.20 || ^8.5.23 || ^9.5.13" + }, + "type": "library", + "autoload": { + "files": [ + "src/DeepCopy/deep_copy.php" + ], + "psr-4": { + "DeepCopy\\": "src/DeepCopy/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "description": "Create deep copies (clones) of your objects", + "keywords": [ + "clone", + "copy", + "duplicate", + "object", + "object graph" + ], + "support": { + "issues": "https://github.com/myclabs/DeepCopy/issues", + "source": "https://github.com/myclabs/DeepCopy/tree/1.11.1" + }, + "funding": [ + { + "url": "https://tidelift.com/funding/github/packagist/myclabs/deep-copy", + "type": "tidelift" + } + ], + "time": "2023-03-08T13:26:56+00:00" + }, + { + "name": "nikic/php-parser", + "version": "v4.17.1", + "source": { + "type": "git", + "url": "https://github.com/nikic/PHP-Parser.git", + "reference": "a6303e50c90c355c7eeee2c4a8b27fe8dc8fef1d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/a6303e50c90c355c7eeee2c4a8b27fe8dc8fef1d", + "reference": "a6303e50c90c355c7eeee2c4a8b27fe8dc8fef1d", + "shasum": "" + }, + "require": { + "ext-tokenizer": "*", + "php": ">=7.0" + }, + "require-dev": { + "ircmaxell/php-yacc": "^0.0.7", + "phpunit/phpunit": "^6.5 || ^7.0 || ^8.0 || ^9.0" + }, + "bin": [ + "bin/php-parse" + ], + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "4.9-dev" + } + }, + "autoload": { + "psr-4": { + "PhpParser\\": "lib/PhpParser" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Nikita Popov" + } + ], + "description": "A PHP parser written in PHP", + "keywords": [ + "parser", + "php" + ], + "support": { + "issues": "https://github.com/nikic/PHP-Parser/issues", + "source": "https://github.com/nikic/PHP-Parser/tree/v4.17.1" + }, + "time": "2023-08-13T19:53:39+00:00" + }, + { + "name": "phar-io/manifest", + "version": "2.0.3", + "source": { + "type": "git", + "url": "https://github.com/phar-io/manifest.git", + "reference": "97803eca37d319dfa7826cc2437fc020857acb53" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phar-io/manifest/zipball/97803eca37d319dfa7826cc2437fc020857acb53", + "reference": "97803eca37d319dfa7826cc2437fc020857acb53", + "shasum": "" + }, + "require": { + "ext-dom": "*", + "ext-phar": "*", + "ext-xmlwriter": "*", + "phar-io/version": "^3.0.1", + "php": "^7.2 || ^8.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.0.x-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Arne Blankerts", + "email": "arne@blankerts.de", + "role": "Developer" + }, + { + "name": "Sebastian Heuer", + "email": "sebastian@phpeople.de", + "role": "Developer" + }, + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "Developer" + } + ], + "description": "Component for reading phar.io manifest information from a PHP Archive (PHAR)", + "support": { + "issues": "https://github.com/phar-io/manifest/issues", + "source": "https://github.com/phar-io/manifest/tree/2.0.3" + }, + "time": "2021-07-20T11:28:43+00:00" + }, + { + "name": "phar-io/version", + "version": "3.2.1", + "source": { + "type": "git", + "url": "https://github.com/phar-io/version.git", + "reference": "4f7fd7836c6f332bb2933569e566a0d6c4cbed74" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phar-io/version/zipball/4f7fd7836c6f332bb2933569e566a0d6c4cbed74", + "reference": "4f7fd7836c6f332bb2933569e566a0d6c4cbed74", + "shasum": "" + }, + "require": { + "php": "^7.2 || ^8.0" + }, + "type": "library", + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Arne Blankerts", + "email": "arne@blankerts.de", + "role": "Developer" + }, + { + "name": "Sebastian Heuer", + "email": "sebastian@phpeople.de", + "role": "Developer" + }, + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "Developer" + } + ], + "description": "Library for handling version information and constraints", + "support": { + "issues": "https://github.com/phar-io/version/issues", + "source": "https://github.com/phar-io/version/tree/3.2.1" + }, + "time": "2022-02-21T01:04:05+00:00" + }, + { + "name": "phpunit/php-code-coverage", + "version": "9.2.29", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/php-code-coverage.git", + "reference": "6a3a87ac2bbe33b25042753df8195ba4aa534c76" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/6a3a87ac2bbe33b25042753df8195ba4aa534c76", + "reference": "6a3a87ac2bbe33b25042753df8195ba4aa534c76", + "shasum": "" + }, + "require": { + "ext-dom": "*", + "ext-libxml": "*", + "ext-xmlwriter": "*", + "nikic/php-parser": "^4.15", + "php": ">=7.3", + "phpunit/php-file-iterator": "^3.0.3", + "phpunit/php-text-template": "^2.0.2", + "sebastian/code-unit-reverse-lookup": "^2.0.2", + "sebastian/complexity": "^2.0", + "sebastian/environment": "^5.1.2", + "sebastian/lines-of-code": "^1.0.3", + "sebastian/version": "^3.0.1", + "theseer/tokenizer": "^1.2.0" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "suggest": { + "ext-pcov": "PHP extension that provides line coverage", + "ext-xdebug": "PHP extension that provides line coverage as well as branch and path coverage" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "9.2-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Library that provides collection, processing, and rendering functionality for PHP code coverage information.", + "homepage": "https://github.com/sebastianbergmann/php-code-coverage", + "keywords": [ + "coverage", + "testing", + "xunit" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/php-code-coverage/issues", + "security": "https://github.com/sebastianbergmann/php-code-coverage/security/policy", + "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.29" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2023-09-19T04:57:46+00:00" + }, + { + "name": "phpunit/php-file-iterator", + "version": "3.0.6", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/php-file-iterator.git", + "reference": "cf1c2e7c203ac650e352f4cc675a7021e7d1b3cf" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/php-file-iterator/zipball/cf1c2e7c203ac650e352f4cc675a7021e7d1b3cf", + "reference": "cf1c2e7c203ac650e352f4cc675a7021e7d1b3cf", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "FilterIterator implementation that filters files based on a list of suffixes.", + "homepage": "https://github.com/sebastianbergmann/php-file-iterator/", + "keywords": [ + "filesystem", + "iterator" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/php-file-iterator/issues", + "source": "https://github.com/sebastianbergmann/php-file-iterator/tree/3.0.6" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2021-12-02T12:48:52+00:00" + }, + { + "name": "phpunit/php-invoker", + "version": "3.1.1", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/php-invoker.git", + "reference": "5a10147d0aaf65b58940a0b72f71c9ac0423cc67" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/php-invoker/zipball/5a10147d0aaf65b58940a0b72f71c9ac0423cc67", + "reference": "5a10147d0aaf65b58940a0b72f71c9ac0423cc67", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "ext-pcntl": "*", + "phpunit/phpunit": "^9.3" + }, + "suggest": { + "ext-pcntl": "*" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.1-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Invoke callables with a timeout", + "homepage": "https://github.com/sebastianbergmann/php-invoker/", + "keywords": [ + "process" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/php-invoker/issues", + "source": "https://github.com/sebastianbergmann/php-invoker/tree/3.1.1" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-09-28T05:58:55+00:00" + }, + { + "name": "phpunit/php-text-template", + "version": "2.0.4", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/php-text-template.git", + "reference": "5da5f67fc95621df9ff4c4e5a84d6a8a2acf7c28" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/php-text-template/zipball/5da5f67fc95621df9ff4c4e5a84d6a8a2acf7c28", + "reference": "5da5f67fc95621df9ff4c4e5a84d6a8a2acf7c28", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Simple template engine.", + "homepage": "https://github.com/sebastianbergmann/php-text-template/", + "keywords": [ + "template" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/php-text-template/issues", + "source": "https://github.com/sebastianbergmann/php-text-template/tree/2.0.4" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-10-26T05:33:50+00:00" + }, + { + "name": "phpunit/php-timer", + "version": "5.0.3", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/php-timer.git", + "reference": "5a63ce20ed1b5bf577850e2c4e87f4aa902afbd2" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/php-timer/zipball/5a63ce20ed1b5bf577850e2c4e87f4aa902afbd2", + "reference": "5a63ce20ed1b5bf577850e2c4e87f4aa902afbd2", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "5.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Utility class for timing", + "homepage": "https://github.com/sebastianbergmann/php-timer/", + "keywords": [ + "timer" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/php-timer/issues", + "source": "https://github.com/sebastianbergmann/php-timer/tree/5.0.3" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-10-26T13:16:10+00:00" + }, + { + "name": "phpunit/phpunit", + "version": "9.6.13", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/phpunit.git", + "reference": "f3d767f7f9e191eab4189abe41ab37797e30b1be" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/f3d767f7f9e191eab4189abe41ab37797e30b1be", + "reference": "f3d767f7f9e191eab4189abe41ab37797e30b1be", + "shasum": "" + }, + "require": { + "doctrine/instantiator": "^1.3.1 || ^2", + "ext-dom": "*", + "ext-json": "*", + "ext-libxml": "*", + "ext-mbstring": "*", + "ext-xml": "*", + "ext-xmlwriter": "*", + "myclabs/deep-copy": "^1.10.1", + "phar-io/manifest": "^2.0.3", + "phar-io/version": "^3.0.2", + "php": ">=7.3", + "phpunit/php-code-coverage": "^9.2.28", + "phpunit/php-file-iterator": "^3.0.5", + "phpunit/php-invoker": "^3.1.1", + "phpunit/php-text-template": "^2.0.3", + "phpunit/php-timer": "^5.0.2", + "sebastian/cli-parser": "^1.0.1", + "sebastian/code-unit": "^1.0.6", + "sebastian/comparator": "^4.0.8", + "sebastian/diff": "^4.0.3", + "sebastian/environment": "^5.1.3", + "sebastian/exporter": "^4.0.5", + "sebastian/global-state": "^5.0.1", + "sebastian/object-enumerator": "^4.0.3", + "sebastian/resource-operations": "^3.0.3", + "sebastian/type": "^3.2", + "sebastian/version": "^3.0.2" + }, + "suggest": { + "ext-soap": "To be able to generate mocks based on WSDL files", + "ext-xdebug": "PHP extension that provides line coverage as well as branch and path coverage" + }, + "bin": [ + "phpunit" + ], + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "9.6-dev" + } + }, + "autoload": { + "files": [ + "src/Framework/Assert/Functions.php" + ], + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "The PHP Unit Testing framework.", + "homepage": "https://phpunit.de/", + "keywords": [ + "phpunit", + "testing", + "xunit" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/phpunit/issues", + "security": "https://github.com/sebastianbergmann/phpunit/security/policy", + "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.13" + }, + "funding": [ + { + "url": "https://phpunit.de/sponsors.html", + "type": "custom" + }, + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/phpunit/phpunit", + "type": "tidelift" + } + ], + "time": "2023-09-19T05:39:22+00:00" + }, + { + "name": "psr/event-dispatcher", + "version": "1.0.0", + "source": { + "type": "git", + "url": "https://github.com/php-fig/event-dispatcher.git", + "reference": "dbefd12671e8a14ec7f180cab83036ed26714bb0" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/event-dispatcher/zipball/dbefd12671e8a14ec7f180cab83036ed26714bb0", + "reference": "dbefd12671e8a14ec7f180cab83036ed26714bb0", + "shasum": "" + }, + "require": { + "php": ">=7.2.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\EventDispatcher\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "http://www.php-fig.org/" + } + ], + "description": "Standard interfaces for event handling.", + "keywords": [ + "events", + "psr", + "psr-14" + ], + "support": { + "issues": "https://github.com/php-fig/event-dispatcher/issues", + "source": "https://github.com/php-fig/event-dispatcher/tree/1.0.0" + }, + "time": "2019-01-08T18:20:26+00:00" + }, + { + "name": "redaxo/php-cs-fixer-config", + "version": "2.2.0", + "source": { + "type": "git", + "url": "https://github.com/redaxo/php-cs-fixer-config.git", + "reference": "3734ba2e456e4a3267894fafc514702c06c6715d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/redaxo/php-cs-fixer-config/zipball/3734ba2e456e4a3267894fafc514702c06c6715d", + "reference": "3734ba2e456e4a3267894fafc514702c06c6715d", + "shasum": "" + }, + "require": { + "friendsofphp/php-cs-fixer": "^3.17.0", + "kubawerlos/php-cs-fixer-custom-fixers": "^3.14.0", + "php": "^8.1" + }, + "type": "library", + "autoload": { + "psr-4": { + "Redaxo\\PhpCsFixerConfig\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "REDAXO Team", + "email": "info@redaxo.org" + } + ], + "description": "php-cs-fixer config for REDAXO", + "keywords": [ + "Static code analysis", + "fixer", + "standards", + "static analysis" + ], + "support": { + "issues": "https://github.com/redaxo/php-cs-fixer-config/issues", + "source": "https://github.com/redaxo/php-cs-fixer-config/tree/2.2.0" + }, + "time": "2023-07-02T15:24:30+00:00" + }, + { + "name": "sebastian/cli-parser", + "version": "1.0.1", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/cli-parser.git", + "reference": "442e7c7e687e42adc03470c7b668bc4b2402c0b2" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/cli-parser/zipball/442e7c7e687e42adc03470c7b668bc4b2402c0b2", + "reference": "442e7c7e687e42adc03470c7b668bc4b2402c0b2", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Library for parsing CLI options", + "homepage": "https://github.com/sebastianbergmann/cli-parser", + "support": { + "issues": "https://github.com/sebastianbergmann/cli-parser/issues", + "source": "https://github.com/sebastianbergmann/cli-parser/tree/1.0.1" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-09-28T06:08:49+00:00" + }, + { + "name": "sebastian/code-unit", + "version": "1.0.8", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/code-unit.git", + "reference": "1fc9f64c0927627ef78ba436c9b17d967e68e120" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/code-unit/zipball/1fc9f64c0927627ef78ba436c9b17d967e68e120", + "reference": "1fc9f64c0927627ef78ba436c9b17d967e68e120", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Collection of value objects that represent the PHP code units", + "homepage": "https://github.com/sebastianbergmann/code-unit", + "support": { + "issues": "https://github.com/sebastianbergmann/code-unit/issues", + "source": "https://github.com/sebastianbergmann/code-unit/tree/1.0.8" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-10-26T13:08:54+00:00" + }, + { + "name": "sebastian/code-unit-reverse-lookup", + "version": "2.0.3", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/code-unit-reverse-lookup.git", + "reference": "ac91f01ccec49fb77bdc6fd1e548bc70f7faa3e5" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/code-unit-reverse-lookup/zipball/ac91f01ccec49fb77bdc6fd1e548bc70f7faa3e5", + "reference": "ac91f01ccec49fb77bdc6fd1e548bc70f7faa3e5", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + } + ], + "description": "Looks up which function or method a line of code belongs to", + "homepage": "https://github.com/sebastianbergmann/code-unit-reverse-lookup/", + "support": { + "issues": "https://github.com/sebastianbergmann/code-unit-reverse-lookup/issues", + "source": "https://github.com/sebastianbergmann/code-unit-reverse-lookup/tree/2.0.3" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-09-28T05:30:19+00:00" + }, + { + "name": "sebastian/comparator", + "version": "4.0.8", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/comparator.git", + "reference": "fa0f136dd2334583309d32b62544682ee972b51a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/fa0f136dd2334583309d32b62544682ee972b51a", + "reference": "fa0f136dd2334583309d32b62544682ee972b51a", + "shasum": "" + }, + "require": { + "php": ">=7.3", + "sebastian/diff": "^4.0", + "sebastian/exporter": "^4.0" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "4.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + }, + { + "name": "Jeff Welch", + "email": "whatthejeff@gmail.com" + }, + { + "name": "Volker Dusch", + "email": "github@wallbash.com" + }, + { + "name": "Bernhard Schussek", + "email": "bschussek@2bepublished.at" + } + ], + "description": "Provides the functionality to compare PHP values for equality", + "homepage": "https://github.com/sebastianbergmann/comparator", + "keywords": [ + "comparator", + "compare", + "equality" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/comparator/issues", + "source": "https://github.com/sebastianbergmann/comparator/tree/4.0.8" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2022-09-14T12:41:17+00:00" + }, + { + "name": "sebastian/complexity", + "version": "2.0.2", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/complexity.git", + "reference": "739b35e53379900cc9ac327b2147867b8b6efd88" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/complexity/zipball/739b35e53379900cc9ac327b2147867b8b6efd88", + "reference": "739b35e53379900cc9ac327b2147867b8b6efd88", + "shasum": "" + }, + "require": { + "nikic/php-parser": "^4.7", + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Library for calculating the complexity of PHP code units", + "homepage": "https://github.com/sebastianbergmann/complexity", + "support": { + "issues": "https://github.com/sebastianbergmann/complexity/issues", + "source": "https://github.com/sebastianbergmann/complexity/tree/2.0.2" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-10-26T15:52:27+00:00" + }, + { + "name": "sebastian/diff", + "version": "4.0.5", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/diff.git", + "reference": "74be17022044ebaaecfdf0c5cd504fc9cd5a7131" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/74be17022044ebaaecfdf0c5cd504fc9cd5a7131", + "reference": "74be17022044ebaaecfdf0c5cd504fc9cd5a7131", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3", + "symfony/process": "^4.2 || ^5" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "4.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + }, + { + "name": "Kore Nordmann", + "email": "mail@kore-nordmann.de" + } + ], + "description": "Diff implementation", + "homepage": "https://github.com/sebastianbergmann/diff", + "keywords": [ + "diff", + "udiff", + "unidiff", + "unified diff" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/diff/issues", + "source": "https://github.com/sebastianbergmann/diff/tree/4.0.5" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2023-05-07T05:35:17+00:00" + }, + { + "name": "sebastian/environment", + "version": "5.1.5", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/environment.git", + "reference": "830c43a844f1f8d5b7a1f6d6076b784454d8b7ed" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/830c43a844f1f8d5b7a1f6d6076b784454d8b7ed", + "reference": "830c43a844f1f8d5b7a1f6d6076b784454d8b7ed", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "suggest": { + "ext-posix": "*" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "5.1-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + } + ], + "description": "Provides functionality to handle HHVM/PHP environments", + "homepage": "http://www.github.com/sebastianbergmann/environment", + "keywords": [ + "Xdebug", + "environment", + "hhvm" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/environment/issues", + "source": "https://github.com/sebastianbergmann/environment/tree/5.1.5" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2023-02-03T06:03:51+00:00" + }, + { + "name": "sebastian/exporter", + "version": "4.0.5", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/exporter.git", + "reference": "ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d", + "reference": "ac230ed27f0f98f597c8a2b6eb7ac563af5e5b9d", + "shasum": "" + }, + "require": { + "php": ">=7.3", + "sebastian/recursion-context": "^4.0" + }, + "require-dev": { + "ext-mbstring": "*", + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "4.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + }, + { + "name": "Jeff Welch", + "email": "whatthejeff@gmail.com" + }, + { + "name": "Volker Dusch", + "email": "github@wallbash.com" + }, + { + "name": "Adam Harvey", + "email": "aharvey@php.net" + }, + { + "name": "Bernhard Schussek", + "email": "bschussek@gmail.com" + } + ], + "description": "Provides the functionality to export PHP variables for visualization", + "homepage": "https://www.github.com/sebastianbergmann/exporter", + "keywords": [ + "export", + "exporter" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/exporter/issues", + "source": "https://github.com/sebastianbergmann/exporter/tree/4.0.5" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2022-09-14T06:03:37+00:00" + }, + { + "name": "sebastian/global-state", + "version": "5.0.6", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/global-state.git", + "reference": "bde739e7565280bda77be70044ac1047bc007e34" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/bde739e7565280bda77be70044ac1047bc007e34", + "reference": "bde739e7565280bda77be70044ac1047bc007e34", + "shasum": "" + }, + "require": { + "php": ">=7.3", + "sebastian/object-reflector": "^2.0", + "sebastian/recursion-context": "^4.0" + }, + "require-dev": { + "ext-dom": "*", + "phpunit/phpunit": "^9.3" + }, + "suggest": { + "ext-uopz": "*" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "5.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + } + ], + "description": "Snapshotting of global state", + "homepage": "http://www.github.com/sebastianbergmann/global-state", + "keywords": [ + "global state" + ], + "support": { + "issues": "https://github.com/sebastianbergmann/global-state/issues", + "source": "https://github.com/sebastianbergmann/global-state/tree/5.0.6" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2023-08-02T09:26:13+00:00" + }, + { + "name": "sebastian/lines-of-code", + "version": "1.0.3", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/lines-of-code.git", + "reference": "c1c2e997aa3146983ed888ad08b15470a2e22ecc" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/lines-of-code/zipball/c1c2e997aa3146983ed888ad08b15470a2e22ecc", + "reference": "c1c2e997aa3146983ed888ad08b15470a2e22ecc", + "shasum": "" + }, + "require": { + "nikic/php-parser": "^4.6", + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Library for counting the lines of code in PHP source code", + "homepage": "https://github.com/sebastianbergmann/lines-of-code", + "support": { + "issues": "https://github.com/sebastianbergmann/lines-of-code/issues", + "source": "https://github.com/sebastianbergmann/lines-of-code/tree/1.0.3" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-11-28T06:42:11+00:00" + }, + { + "name": "sebastian/object-enumerator", + "version": "4.0.4", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/object-enumerator.git", + "reference": "5c9eeac41b290a3712d88851518825ad78f45c71" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/object-enumerator/zipball/5c9eeac41b290a3712d88851518825ad78f45c71", + "reference": "5c9eeac41b290a3712d88851518825ad78f45c71", + "shasum": "" + }, + "require": { + "php": ">=7.3", + "sebastian/object-reflector": "^2.0", + "sebastian/recursion-context": "^4.0" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "4.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + } + ], + "description": "Traverses array structures and object graphs to enumerate all referenced objects", + "homepage": "https://github.com/sebastianbergmann/object-enumerator/", + "support": { + "issues": "https://github.com/sebastianbergmann/object-enumerator/issues", + "source": "https://github.com/sebastianbergmann/object-enumerator/tree/4.0.4" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-10-26T13:12:34+00:00" + }, + { + "name": "sebastian/object-reflector", + "version": "2.0.4", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/object-reflector.git", + "reference": "b4f479ebdbf63ac605d183ece17d8d7fe49c15c7" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/object-reflector/zipball/b4f479ebdbf63ac605d183ece17d8d7fe49c15c7", + "reference": "b4f479ebdbf63ac605d183ece17d8d7fe49c15c7", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + } + ], + "description": "Allows reflection of object attributes, including inherited and non-public ones", + "homepage": "https://github.com/sebastianbergmann/object-reflector/", + "support": { + "issues": "https://github.com/sebastianbergmann/object-reflector/issues", + "source": "https://github.com/sebastianbergmann/object-reflector/tree/2.0.4" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-10-26T13:14:26+00:00" + }, + { + "name": "sebastian/recursion-context", + "version": "4.0.5", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/recursion-context.git", + "reference": "e75bd0f07204fec2a0af9b0f3cfe97d05f92efc1" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/recursion-context/zipball/e75bd0f07204fec2a0af9b0f3cfe97d05f92efc1", + "reference": "e75bd0f07204fec2a0af9b0f3cfe97d05f92efc1", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "4.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + }, + { + "name": "Jeff Welch", + "email": "whatthejeff@gmail.com" + }, + { + "name": "Adam Harvey", + "email": "aharvey@php.net" + } + ], + "description": "Provides functionality to recursively process PHP variables", + "homepage": "https://github.com/sebastianbergmann/recursion-context", + "support": { + "issues": "https://github.com/sebastianbergmann/recursion-context/issues", + "source": "https://github.com/sebastianbergmann/recursion-context/tree/4.0.5" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2023-02-03T06:07:39+00:00" + }, + { + "name": "sebastian/resource-operations", + "version": "3.0.3", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/resource-operations.git", + "reference": "0f4443cb3a1d92ce809899753bc0d5d5a8dd19a8" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/resource-operations/zipball/0f4443cb3a1d92ce809899753bc0d5d5a8dd19a8", + "reference": "0f4443cb3a1d92ce809899753bc0d5d5a8dd19a8", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de" + } + ], + "description": "Provides a list of PHP built-in functions that operate on resources", + "homepage": "https://www.github.com/sebastianbergmann/resource-operations", + "support": { + "issues": "https://github.com/sebastianbergmann/resource-operations/issues", + "source": "https://github.com/sebastianbergmann/resource-operations/tree/3.0.3" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-09-28T06:45:17+00:00" + }, + { + "name": "sebastian/type", + "version": "3.2.1", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/type.git", + "reference": "75e2c2a32f5e0b3aef905b9ed0b179b953b3d7c7" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/type/zipball/75e2c2a32f5e0b3aef905b9ed0b179b953b3d7c7", + "reference": "75e2c2a32f5e0b3aef905b9ed0b179b953b3d7c7", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "require-dev": { + "phpunit/phpunit": "^9.5" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.2-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Collection of value objects that represent the types of the PHP type system", + "homepage": "https://github.com/sebastianbergmann/type", + "support": { + "issues": "https://github.com/sebastianbergmann/type/issues", + "source": "https://github.com/sebastianbergmann/type/tree/3.2.1" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2023-02-03T06:13:03+00:00" + }, + { + "name": "sebastian/version", + "version": "3.0.2", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/version.git", + "reference": "c6c1022351a901512170118436c764e473f6de8c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/version/zipball/c6c1022351a901512170118436c764e473f6de8c", + "reference": "c6c1022351a901512170118436c764e473f6de8c", + "shasum": "" + }, + "require": { + "php": ">=7.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.0-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Library that helps with managing the version number of Git-hosted PHP projects", + "homepage": "https://github.com/sebastianbergmann/version", + "support": { + "issues": "https://github.com/sebastianbergmann/version/issues", + "source": "https://github.com/sebastianbergmann/version/tree/3.0.2" + }, + "funding": [ + { + "url": "https://github.com/sebastianbergmann", + "type": "github" + } + ], + "time": "2020-09-28T06:39:44+00:00" + }, + { + "name": "symfony/console", + "version": "v6.3.4", + "source": { + "type": "git", + "url": "https://github.com/symfony/console.git", + "reference": "eca495f2ee845130855ddf1cf18460c38966c8b6" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/console/zipball/eca495f2ee845130855ddf1cf18460c38966c8b6", + "reference": "eca495f2ee845130855ddf1cf18460c38966c8b6", + "shasum": "" + }, + "require": { + "php": ">=8.1", + "symfony/deprecation-contracts": "^2.5|^3", + "symfony/polyfill-mbstring": "~1.0", + "symfony/service-contracts": "^2.5|^3", + "symfony/string": "^5.4|^6.0" + }, + "conflict": { + "symfony/dependency-injection": "<5.4", + "symfony/dotenv": "<5.4", + "symfony/event-dispatcher": "<5.4", + "symfony/lock": "<5.4", + "symfony/process": "<5.4" + }, + "provide": { + "psr/log-implementation": "1.0|2.0|3.0" + }, + "require-dev": { + "psr/log": "^1|^2|^3", + "symfony/config": "^5.4|^6.0", + "symfony/dependency-injection": "^5.4|^6.0", + "symfony/event-dispatcher": "^5.4|^6.0", + "symfony/lock": "^5.4|^6.0", + "symfony/process": "^5.4|^6.0", + "symfony/var-dumper": "^5.4|^6.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Console\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Eases the creation of beautiful and testable command line interfaces", + "homepage": "https://symfony.com", + "keywords": [ + "cli", + "command-line", + "console", + "terminal" + ], + "support": { + "source": "https://github.com/symfony/console/tree/v6.3.4" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-08-16T10:10:12+00:00" + }, + { + "name": "symfony/event-dispatcher", + "version": "v6.3.2", + "source": { + "type": "git", + "url": "https://github.com/symfony/event-dispatcher.git", + "reference": "adb01fe097a4ee930db9258a3cc906b5beb5cf2e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/adb01fe097a4ee930db9258a3cc906b5beb5cf2e", + "reference": "adb01fe097a4ee930db9258a3cc906b5beb5cf2e", + "shasum": "" + }, + "require": { + "php": ">=8.1", + "symfony/event-dispatcher-contracts": "^2.5|^3" + }, + "conflict": { + "symfony/dependency-injection": "<5.4", + "symfony/service-contracts": "<2.5" + }, + "provide": { + "psr/event-dispatcher-implementation": "1.0", + "symfony/event-dispatcher-implementation": "2.0|3.0" + }, + "require-dev": { + "psr/log": "^1|^2|^3", + "symfony/config": "^5.4|^6.0", + "symfony/dependency-injection": "^5.4|^6.0", + "symfony/error-handler": "^5.4|^6.0", + "symfony/expression-language": "^5.4|^6.0", + "symfony/http-foundation": "^5.4|^6.0", + "symfony/service-contracts": "^2.5|^3", + "symfony/stopwatch": "^5.4|^6.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\EventDispatcher\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Provides tools that allow your application components to communicate with each other by dispatching events and listening to them", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/event-dispatcher/tree/v6.3.2" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-07-06T06:56:43+00:00" + }, + { + "name": "symfony/event-dispatcher-contracts", + "version": "v3.3.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/event-dispatcher-contracts.git", + "reference": "a76aed96a42d2b521153fb382d418e30d18b59df" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/event-dispatcher-contracts/zipball/a76aed96a42d2b521153fb382d418e30d18b59df", + "reference": "a76aed96a42d2b521153fb382d418e30d18b59df", + "shasum": "" + }, + "require": { + "php": ">=8.1", + "psr/event-dispatcher": "^1" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "3.4-dev" + }, + "thanks": { + "name": "symfony/contracts", + "url": "https://github.com/symfony/contracts" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Contracts\\EventDispatcher\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Generic abstractions related to dispatching event", + "homepage": "https://symfony.com", + "keywords": [ + "abstractions", + "contracts", + "decoupling", + "interfaces", + "interoperability", + "standards" + ], + "support": { + "source": "https://github.com/symfony/event-dispatcher-contracts/tree/v3.3.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-05-23T14:45:45+00:00" + }, + { + "name": "symfony/filesystem", + "version": "v6.3.1", + "source": { + "type": "git", + "url": "https://github.com/symfony/filesystem.git", + "reference": "edd36776956f2a6fcf577edb5b05eb0e3bdc52ae" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/filesystem/zipball/edd36776956f2a6fcf577edb5b05eb0e3bdc52ae", + "reference": "edd36776956f2a6fcf577edb5b05eb0e3bdc52ae", + "shasum": "" + }, + "require": { + "php": ">=8.1", + "symfony/polyfill-ctype": "~1.8", + "symfony/polyfill-mbstring": "~1.8" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Filesystem\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Provides basic utilities for the filesystem", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/filesystem/tree/v6.3.1" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-06-01T08:30:39+00:00" + }, + { + "name": "symfony/finder", + "version": "v6.3.3", + "source": { + "type": "git", + "url": "https://github.com/symfony/finder.git", + "reference": "9915db259f67d21eefee768c1abcf1cc61b1fc9e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/finder/zipball/9915db259f67d21eefee768c1abcf1cc61b1fc9e", + "reference": "9915db259f67d21eefee768c1abcf1cc61b1fc9e", + "shasum": "" + }, + "require": { + "php": ">=8.1" + }, + "require-dev": { + "symfony/filesystem": "^6.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Finder\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Finds files and directories via an intuitive fluent interface", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/finder/tree/v6.3.3" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-07-31T08:31:44+00:00" + }, + { + "name": "symfony/options-resolver", + "version": "v6.3.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/options-resolver.git", + "reference": "a10f19f5198d589d5c33333cffe98dc9820332dd" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/options-resolver/zipball/a10f19f5198d589d5c33333cffe98dc9820332dd", + "reference": "a10f19f5198d589d5c33333cffe98dc9820332dd", + "shasum": "" + }, + "require": { + "php": ">=8.1", + "symfony/deprecation-contracts": "^2.5|^3" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\OptionsResolver\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Provides an improved replacement for the array_replace PHP function", + "homepage": "https://symfony.com", + "keywords": [ + "config", + "configuration", + "options" + ], + "support": { + "source": "https://github.com/symfony/options-resolver/tree/v6.3.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-05-12T14:21:09+00:00" + }, + { + "name": "symfony/polyfill-ctype", + "version": "v1.28.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-ctype.git", + "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", + "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "provide": { + "ext-ctype": "*" + }, + "suggest": { + "ext-ctype": "For best performance" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Ctype\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Gert de Pagter", + "email": "BackEndTea@gmail.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill for ctype functions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "ctype", + "polyfill", + "portable" + ], + "support": { + "source": "https://github.com/symfony/polyfill-ctype/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-01-26T09:26:14+00:00" + }, + { + "name": "symfony/polyfill-intl-grapheme", + "version": "v1.28.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-intl-grapheme.git", + "reference": "875e90aeea2777b6f135677f618529449334a612" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-intl-grapheme/zipball/875e90aeea2777b6f135677f618529449334a612", + "reference": "875e90aeea2777b6f135677f618529449334a612", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "suggest": { + "ext-intl": "For best performance" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Intl\\Grapheme\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill for intl's grapheme_* functions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "grapheme", + "intl", + "polyfill", + "portable", + "shim" + ], + "support": { + "source": "https://github.com/symfony/polyfill-intl-grapheme/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-01-26T09:26:14+00:00" + }, + { + "name": "symfony/polyfill-intl-normalizer", + "version": "v1.28.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-intl-normalizer.git", + "reference": "8c4ad05dd0120b6a53c1ca374dca2ad0a1c4ed92" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-intl-normalizer/zipball/8c4ad05dd0120b6a53c1ca374dca2ad0a1c4ed92", + "reference": "8c4ad05dd0120b6a53c1ca374dca2ad0a1c4ed92", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "suggest": { + "ext-intl": "For best performance" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Intl\\Normalizer\\": "" + }, + "classmap": [ + "Resources/stubs" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill for intl's Normalizer class and related functions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "intl", + "normalizer", + "polyfill", + "portable", + "shim" + ], + "support": { + "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-01-26T09:26:14+00:00" + }, + { + "name": "symfony/polyfill-mbstring", + "version": "v1.28.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-mbstring.git", + "reference": "42292d99c55abe617799667f454222c54c60e229" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/42292d99c55abe617799667f454222c54c60e229", + "reference": "42292d99c55abe617799667f454222c54c60e229", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "provide": { + "ext-mbstring": "*" + }, + "suggest": { + "ext-mbstring": "For best performance" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Mbstring\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill for the Mbstring extension", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "mbstring", + "polyfill", + "portable", + "shim" + ], + "support": { + "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-07-28T09:04:16+00:00" + }, + { + "name": "symfony/polyfill-php80", + "version": "v1.28.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-php80.git", + "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/6caa57379c4aec19c0a12a38b59b26487dcfe4b5", + "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Php80\\": "" + }, + "classmap": [ + "Resources/stubs" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Ion Bazan", + "email": "ion.bazan@gmail.com" + }, + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill backporting some PHP 8.0+ features to lower PHP versions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "polyfill", + "portable", + "shim" + ], + "support": { + "source": "https://github.com/symfony/polyfill-php80/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-01-26T09:26:14+00:00" + }, + { + "name": "symfony/polyfill-php81", + "version": "v1.28.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-php81.git", + "reference": "7581cd600fa9fd681b797d00b02f068e2f13263b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-php81/zipball/7581cd600fa9fd681b797d00b02f068e2f13263b", + "reference": "7581cd600fa9fd681b797d00b02f068e2f13263b", + "shasum": "" + }, + "require": { + "php": ">=7.1" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "1.28-dev" + }, + "thanks": { + "name": "symfony/polyfill", + "url": "https://github.com/symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Php81\\": "" + }, + "classmap": [ + "Resources/stubs" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill backporting some PHP 8.1+ features to lower PHP versions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "polyfill", + "portable", + "shim" + ], + "support": { + "source": "https://github.com/symfony/polyfill-php81/tree/v1.28.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-01-26T09:26:14+00:00" + }, + { + "name": "symfony/process", + "version": "v6.3.4", + "source": { + "type": "git", + "url": "https://github.com/symfony/process.git", + "reference": "0b5c29118f2e980d455d2e34a5659f4579847c54" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/process/zipball/0b5c29118f2e980d455d2e34a5659f4579847c54", + "reference": "0b5c29118f2e980d455d2e34a5659f4579847c54", + "shasum": "" + }, + "require": { + "php": ">=8.1" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Process\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Executes commands in sub-processes", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/process/tree/v6.3.4" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-08-07T10:39:22+00:00" + }, + { + "name": "symfony/service-contracts", + "version": "v3.3.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/service-contracts.git", + "reference": "40da9cc13ec349d9e4966ce18b5fbcd724ab10a4" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/service-contracts/zipball/40da9cc13ec349d9e4966ce18b5fbcd724ab10a4", + "reference": "40da9cc13ec349d9e4966ce18b5fbcd724ab10a4", + "shasum": "" + }, + "require": { + "php": ">=8.1", + "psr/container": "^2.0" + }, + "conflict": { + "ext-psr": "<1.1|>=2" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "3.4-dev" + }, + "thanks": { + "name": "symfony/contracts", + "url": "https://github.com/symfony/contracts" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Contracts\\Service\\": "" + }, + "exclude-from-classmap": [ + "/Test/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Generic abstractions related to writing services", + "homepage": "https://symfony.com", + "keywords": [ + "abstractions", + "contracts", + "decoupling", + "interfaces", + "interoperability", + "standards" + ], + "support": { + "source": "https://github.com/symfony/service-contracts/tree/v3.3.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-05-23T14:45:45+00:00" + }, + { + "name": "symfony/stopwatch", + "version": "v6.3.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/stopwatch.git", + "reference": "fc47f1015ec80927ff64ba9094dfe8b9d48fe9f2" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/stopwatch/zipball/fc47f1015ec80927ff64ba9094dfe8b9d48fe9f2", + "reference": "fc47f1015ec80927ff64ba9094dfe8b9d48fe9f2", + "shasum": "" + }, + "require": { + "php": ">=8.1", + "symfony/service-contracts": "^2.5|^3" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Stopwatch\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Provides a way to profile code", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/stopwatch/tree/v6.3.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-02-16T10:14:28+00:00" + }, + { + "name": "symfony/string", + "version": "v6.3.2", + "source": { + "type": "git", + "url": "https://github.com/symfony/string.git", + "reference": "53d1a83225002635bca3482fcbf963001313fb68" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/string/zipball/53d1a83225002635bca3482fcbf963001313fb68", + "reference": "53d1a83225002635bca3482fcbf963001313fb68", + "shasum": "" + }, + "require": { + "php": ">=8.1", + "symfony/polyfill-ctype": "~1.8", + "symfony/polyfill-intl-grapheme": "~1.0", + "symfony/polyfill-intl-normalizer": "~1.0", + "symfony/polyfill-mbstring": "~1.0" + }, + "conflict": { + "symfony/translation-contracts": "<2.5" + }, + "require-dev": { + "symfony/error-handler": "^5.4|^6.0", + "symfony/http-client": "^5.4|^6.0", + "symfony/intl": "^6.2", + "symfony/translation-contracts": "^2.5|^3.0", + "symfony/var-exporter": "^5.4|^6.0" + }, + "type": "library", + "autoload": { + "files": [ + "Resources/functions.php" + ], + "psr-4": { + "Symfony\\Component\\String\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Provides an object-oriented API to strings and deals with bytes, UTF-8 code points and grapheme clusters in a unified way", + "homepage": "https://symfony.com", + "keywords": [ + "grapheme", + "i18n", + "string", + "unicode", + "utf-8", + "utf8" + ], + "support": { + "source": "https://github.com/symfony/string/tree/v6.3.2" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2023-07-05T08:41:27+00:00" + }, + { + "name": "theseer/tokenizer", + "version": "1.2.1", + "source": { + "type": "git", + "url": "https://github.com/theseer/tokenizer.git", + "reference": "34a41e998c2183e22995f158c581e7b5e755ab9e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/theseer/tokenizer/zipball/34a41e998c2183e22995f158c581e7b5e755ab9e", + "reference": "34a41e998c2183e22995f158c581e7b5e755ab9e", + "shasum": "" + }, + "require": { + "ext-dom": "*", + "ext-tokenizer": "*", + "ext-xmlwriter": "*", + "php": "^7.2 || ^8.0" + }, + "type": "library", + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Arne Blankerts", + "email": "arne@blankerts.de", + "role": "Developer" + } + ], + "description": "A small library for converting tokenized PHP source code into XML and potentially other formats", + "support": { + "issues": "https://github.com/theseer/tokenizer/issues", + "source": "https://github.com/theseer/tokenizer/tree/1.2.1" + }, + "funding": [ + { + "url": "https://github.com/theseer", + "type": "github" + } + ], + "time": "2021-07-28T10:34:58+00:00" + } + ], "aliases": [], "minimum-stability": "stable", "stability-flags": [], diff --git a/install.php b/install.php index 54d554f7..9b88bc0b 100644 --- a/install.php +++ b/install.php @@ -13,7 +13,7 @@ } // old plugin docs still exists ? -> delete -$pluginDocs = __DIR__.'/plugins/docs'; +$pluginDocs = __DIR__ . '/plugins/docs'; if (file_exists($pluginDocs)) { rex_dir::delete($pluginDocs); } diff --git a/lib/ycom.php b/lib/ycom.php index 8340a65a..785dec20 100644 --- a/lib/ycom.php +++ b/lib/ycom.php @@ -2,9 +2,7 @@ class rex_ycom { - /** - * @var array - */ + /** @var array */ public static array $tables = []; public static function addTable(string $table_name): void diff --git a/lib/ycom_log.php b/lib/ycom_log.php index 54bacf65..8957b4ba 100644 --- a/lib/ycom_log.php +++ b/lib/ycom_log.php @@ -16,9 +16,7 @@ class rex_ycom_log public const TYPE_IMPERSONATE = 'session_impersonate'; public const TYPES = [self::TYPE_COOKIE_FAILED, self::TYPE_SESSION_FAILED, self::TYPE_ACCESS, self::TYPE_LOGIN_SUCCESS, self::TYPE_LOGOUT, self::TYPE_LOGIN_UPDATED, self::TYPE_CLICK, self::TYPE_LOGIN_FAILED, self::TYPE_REGISTERD, self::TYPE_LOGIN_DELETED, self::TYPE_LOGIN_NOT_FOUND]; - /** - * @var null|bool - */ + /** @var null|bool */ private static $active; private static int $maxFileSize = 20000000; // 20 Mb Default @@ -69,7 +67,7 @@ public static function delete(): bool } /** - * @param rex_ycom_user|string $user + * @param rex_ycom_user|string|rex_yform_manager_dataset $user * @param array> $params */ public static function log($user, string $type = '', array $params = []): void @@ -91,7 +89,7 @@ public static function log($user, string $type = '', array $params = []): void /** @var string $user */ $id = ''; $login = $user; - } elseif ('rex_ycom_user' == get_class($user)) { + } elseif ('rex_ycom_user' == $user::class) { /** @var rex_ycom_user $user */ $id = $user->getId(); $login = $user->getValue('login'); diff --git a/lib/yform/value/ycom_user.php b/lib/yform/value/ycom_user.php index f32424d3..802397a5 100644 --- a/lib/yform/value/ycom_user.php +++ b/lib/yform/value/ycom_user.php @@ -22,7 +22,7 @@ public function enterObject(): void $this->params['form_output'][$this->getId()] = '

- +

'; } diff --git a/pages/docs.php b/pages/docs.php index 103225ea..54f0c2f5 100644 --- a/pages/docs.php +++ b/pages/docs.php @@ -6,7 +6,7 @@ */ $mdFiles = []; -foreach (glob(rex_addon::get('ycom')->getPath('docs').'/*.md') ?: [] as $file) { +foreach (glob(rex_addon::get('ycom')->getPath('docs') . '/*.md') ?: [] as $file) { $mdFiles[mb_substr(basename($file), 0, -3)] = $file; } @@ -22,10 +22,10 @@ $keyWithoudPrio = mb_substr($key, 3); $currenMDFileWithoudPrio = mb_substr($currenMDFile, 3); $page->addSubpage( - (new rex_be_page($key, rex_i18n::msg('ycom_docs_'.$keyWithoudPrio))) + (new rex_be_page($key, rex_i18n::msg('ycom_docs_' . $keyWithoudPrio))) ->setSubPath($mdFile) - ->setHref('index.php?page=ycom/docs&mdfile='.$key) - ->setIsActive($key == $currenMDFile) + ->setHref('index.php?page=ycom/docs&mdfile=' . $key) + ->setIsActive($key == $currenMDFile), ); } } diff --git a/pages/index.php b/pages/index.php index c879cbaa..f75e4b34 100644 --- a/pages/index.php +++ b/pages/index.php @@ -1,4 +1,3 @@ + + + + + + + + tests/unit + + + diff --git a/plugins/auth/boot.php b/plugins/auth/boot.php index 2f5425dc..ff755f47 100644 --- a/plugins/auth/boot.php +++ b/plugins/auth/boot.php @@ -5,8 +5,8 @@ * @psalm-scope-this rex_addon */ -include __DIR__.'/vendor/guzzlehttp/promises/src/functions_include.php'; -include __DIR__.'/vendor/guzzlehttp/guzzle/src/functions_include.php'; +// include __DIR__.'/vendor/guzzlehttp/promises/src/functions_include.php'; +// include __DIR__.'/vendor/guzzlehttp/guzzle/src/functions_include.php'; rex_perm::register('ycomArticlePermissions[]', null, rex_perm::OPTIONS); @@ -79,7 +79,7 @@ $fragment->setVar('collapsed', false); $content = $fragment->parse('core/page/section.php'); - return $subject.$content; + return $subject . $content; }); }, rex_extension::EARLY); diff --git a/plugins/auth/composer.json b/plugins/auth/composer.json deleted file mode 100644 index e45f8ea2..00000000 --- a/plugins/auth/composer.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "require": { - "onelogin/php-saml": "^3", - "apereo/phpcas": "^1", - "league/oauth2-client": "^2", - "psr/log": "^1" - } -} diff --git a/plugins/auth/composer.lock b/plugins/auth/composer.lock deleted file mode 100644 index 22058e50..00000000 --- a/plugins/auth/composer.lock +++ /dev/null @@ -1,956 +0,0 @@ -{ - "_readme": [ - "This file locks the dependencies of your project to a known state", - "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", - "This file is @generated automatically" - ], - "content-hash": "3c8b82fc520fdb33dbeebd66fd5cac44", - "packages": [ - { - "name": "apereo/phpcas", - "version": "1.6.0", - "source": { - "type": "git", - "url": "https://github.com/apereo/phpCAS.git", - "reference": "f817c72a961484afef95ac64a9257c8e31f063b9" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/apereo/phpCAS/zipball/f817c72a961484afef95ac64a9257c8e31f063b9", - "reference": "f817c72a961484afef95ac64a9257c8e31f063b9", - "shasum": "" - }, - "require": { - "ext-curl": "*", - "ext-dom": "*", - "php": ">=7.1.0", - "psr/log": "^1.0 || ^2.0 || ^3.0" - }, - "require-dev": { - "monolog/monolog": "^1.0.0 || ^2.0.0", - "phpstan/phpstan": "^1.5", - "phpunit/phpunit": ">=7.5" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "autoload": { - "classmap": [ - "source/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "Apache-2.0" - ], - "authors": [ - { - "name": "Joachim Fritschi", - "email": "jfritschi@freenet.de", - "homepage": "https://github.com/jfritschi" - }, - { - "name": "Adam Franco", - "homepage": "https://github.com/adamfranco" - }, - { - "name": "Henry Pan", - "homepage": "https://github.com/phy25" - } - ], - "description": "Provides a simple API for authenticating users against a CAS server", - "homepage": "https://wiki.jasig.org/display/CASC/phpCAS", - "keywords": [ - "apereo", - "cas", - "jasig" - ], - "support": { - "issues": "https://github.com/apereo/phpCAS/issues", - "source": "https://github.com/apereo/phpCAS/tree/1.6.0" - }, - "time": "2022-10-31T20:39:27+00:00" - }, - { - "name": "guzzlehttp/guzzle", - "version": "7.5.0", - "source": { - "type": "git", - "url": "https://github.com/guzzle/guzzle.git", - "reference": "b50a2a1251152e43f6a37f0fa053e730a67d25ba" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/guzzle/guzzle/zipball/b50a2a1251152e43f6a37f0fa053e730a67d25ba", - "reference": "b50a2a1251152e43f6a37f0fa053e730a67d25ba", - "shasum": "" - }, - "require": { - "ext-json": "*", - "guzzlehttp/promises": "^1.5", - "guzzlehttp/psr7": "^1.9 || ^2.4", - "php": "^7.2.5 || ^8.0", - "psr/http-client": "^1.0", - "symfony/deprecation-contracts": "^2.2 || ^3.0" - }, - "provide": { - "psr/http-client-implementation": "1.0" - }, - "require-dev": { - "bamarni/composer-bin-plugin": "^1.8.1", - "ext-curl": "*", - "php-http/client-integration-tests": "^3.0", - "phpunit/phpunit": "^8.5.29 || ^9.5.23", - "psr/log": "^1.1 || ^2.0 || ^3.0" - }, - "suggest": { - "ext-curl": "Required for CURL handler support", - "ext-intl": "Required for Internationalized Domain Name (IDN) support", - "psr/log": "Required for using the Log middleware" - }, - "type": "library", - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": false - }, - "branch-alias": { - "dev-master": "7.5-dev" - } - }, - "autoload": { - "files": [ - "src/functions_include.php" - ], - "psr-4": { - "GuzzleHttp\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Michael Dowling", - "email": "mtdowling@gmail.com", - "homepage": "https://github.com/mtdowling" - }, - { - "name": "Jeremy Lindblom", - "email": "jeremeamia@gmail.com", - "homepage": "https://github.com/jeremeamia" - }, - { - "name": "George Mponos", - "email": "gmponos@gmail.com", - "homepage": "https://github.com/gmponos" - }, - { - "name": "Tobias Nyholm", - "email": "tobias.nyholm@gmail.com", - "homepage": "https://github.com/Nyholm" - }, - { - "name": "Márk Sági-Kazár", - "email": "mark.sagikazar@gmail.com", - "homepage": "https://github.com/sagikazarmark" - }, - { - "name": "Tobias Schultze", - "email": "webmaster@tubo-world.de", - "homepage": "https://github.com/Tobion" - } - ], - "description": "Guzzle is a PHP HTTP client library", - "keywords": [ - "client", - "curl", - "framework", - "http", - "http client", - "psr-18", - "psr-7", - "rest", - "web service" - ], - "support": { - "issues": "https://github.com/guzzle/guzzle/issues", - "source": "https://github.com/guzzle/guzzle/tree/7.5.0" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://github.com/Nyholm", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/guzzle", - "type": "tidelift" - } - ], - "time": "2022-08-28T15:39:27+00:00" - }, - { - "name": "guzzlehttp/promises", - "version": "1.5.2", - "source": { - "type": "git", - "url": "https://github.com/guzzle/promises.git", - "reference": "b94b2807d85443f9719887892882d0329d1e2598" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/guzzle/promises/zipball/b94b2807d85443f9719887892882d0329d1e2598", - "reference": "b94b2807d85443f9719887892882d0329d1e2598", - "shasum": "" - }, - "require": { - "php": ">=5.5" - }, - "require-dev": { - "symfony/phpunit-bridge": "^4.4 || ^5.1" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.5-dev" - } - }, - "autoload": { - "files": [ - "src/functions_include.php" - ], - "psr-4": { - "GuzzleHttp\\Promise\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Michael Dowling", - "email": "mtdowling@gmail.com", - "homepage": "https://github.com/mtdowling" - }, - { - "name": "Tobias Nyholm", - "email": "tobias.nyholm@gmail.com", - "homepage": "https://github.com/Nyholm" - }, - { - "name": "Tobias Schultze", - "email": "webmaster@tubo-world.de", - "homepage": "https://github.com/Tobion" - } - ], - "description": "Guzzle promises library", - "keywords": [ - "promise" - ], - "support": { - "issues": "https://github.com/guzzle/promises/issues", - "source": "https://github.com/guzzle/promises/tree/1.5.2" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://github.com/Nyholm", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/promises", - "type": "tidelift" - } - ], - "time": "2022-08-28T14:55:35+00:00" - }, - { - "name": "guzzlehttp/psr7", - "version": "2.4.3", - "source": { - "type": "git", - "url": "https://github.com/guzzle/psr7.git", - "reference": "67c26b443f348a51926030c83481b85718457d3d" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/guzzle/psr7/zipball/67c26b443f348a51926030c83481b85718457d3d", - "reference": "67c26b443f348a51926030c83481b85718457d3d", - "shasum": "" - }, - "require": { - "php": "^7.2.5 || ^8.0", - "psr/http-factory": "^1.0", - "psr/http-message": "^1.0", - "ralouphie/getallheaders": "^3.0" - }, - "provide": { - "psr/http-factory-implementation": "1.0", - "psr/http-message-implementation": "1.0" - }, - "require-dev": { - "bamarni/composer-bin-plugin": "^1.8.1", - "http-interop/http-factory-tests": "^0.9", - "phpunit/phpunit": "^8.5.29 || ^9.5.23" - }, - "suggest": { - "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses" - }, - "type": "library", - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": false - }, - "branch-alias": { - "dev-master": "2.4-dev" - } - }, - "autoload": { - "psr-4": { - "GuzzleHttp\\Psr7\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Michael Dowling", - "email": "mtdowling@gmail.com", - "homepage": "https://github.com/mtdowling" - }, - { - "name": "George Mponos", - "email": "gmponos@gmail.com", - "homepage": "https://github.com/gmponos" - }, - { - "name": "Tobias Nyholm", - "email": "tobias.nyholm@gmail.com", - "homepage": "https://github.com/Nyholm" - }, - { - "name": "Márk Sági-Kazár", - "email": "mark.sagikazar@gmail.com", - "homepage": "https://github.com/sagikazarmark" - }, - { - "name": "Tobias Schultze", - "email": "webmaster@tubo-world.de", - "homepage": "https://github.com/Tobion" - }, - { - "name": "Márk Sági-Kazár", - "email": "mark.sagikazar@gmail.com", - "homepage": "https://sagikazarmark.hu" - } - ], - "description": "PSR-7 message implementation that also provides common utility methods", - "keywords": [ - "http", - "message", - "psr-7", - "request", - "response", - "stream", - "uri", - "url" - ], - "support": { - "issues": "https://github.com/guzzle/psr7/issues", - "source": "https://github.com/guzzle/psr7/tree/2.4.3" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://github.com/Nyholm", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/psr7", - "type": "tidelift" - } - ], - "time": "2022-10-26T14:07:24+00:00" - }, - { - "name": "league/oauth2-client", - "version": "2.6.1", - "source": { - "type": "git", - "url": "https://github.com/thephpleague/oauth2-client.git", - "reference": "2334c249907190c132364f5dae0287ab8666aa19" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/thephpleague/oauth2-client/zipball/2334c249907190c132364f5dae0287ab8666aa19", - "reference": "2334c249907190c132364f5dae0287ab8666aa19", - "shasum": "" - }, - "require": { - "guzzlehttp/guzzle": "^6.0 || ^7.0", - "paragonie/random_compat": "^1 || ^2 || ^9.99", - "php": "^5.6 || ^7.0 || ^8.0" - }, - "require-dev": { - "mockery/mockery": "^1.3.5", - "php-parallel-lint/php-parallel-lint": "^1.3.1", - "phpunit/phpunit": "^5.7 || ^6.0 || ^9.5", - "squizlabs/php_codesniffer": "^2.3 || ^3.0" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-2.x": "2.0.x-dev" - } - }, - "autoload": { - "psr-4": { - "League\\OAuth2\\Client\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Alex Bilbie", - "email": "hello@alexbilbie.com", - "homepage": "http://www.alexbilbie.com", - "role": "Developer" - }, - { - "name": "Woody Gilk", - "homepage": "https://github.com/shadowhand", - "role": "Contributor" - } - ], - "description": "OAuth 2.0 Client Library", - "keywords": [ - "Authentication", - "SSO", - "authorization", - "identity", - "idp", - "oauth", - "oauth2", - "single sign on" - ], - "support": { - "issues": "https://github.com/thephpleague/oauth2-client/issues", - "source": "https://github.com/thephpleague/oauth2-client/tree/2.6.1" - }, - "time": "2021-12-22T16:42:49+00:00" - }, - { - "name": "onelogin/php-saml", - "version": "3.6.1", - "source": { - "type": "git", - "url": "https://github.com/onelogin/php-saml.git", - "reference": "a7328b11887660ad248ea10952dd67a5aa73ba3b" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/onelogin/php-saml/zipball/a7328b11887660ad248ea10952dd67a5aa73ba3b", - "reference": "a7328b11887660ad248ea10952dd67a5aa73ba3b", - "shasum": "" - }, - "require": { - "php": ">=5.4", - "robrichards/xmlseclibs": ">=3.1.1" - }, - "require-dev": { - "pdepend/pdepend": "^2.5.0", - "php-coveralls/php-coveralls": "^1.0.2 || ^2.0", - "phploc/phploc": "^2.1 || ^3.0 || ^4.0", - "phpunit/phpunit": "<7.5.18", - "sebastian/phpcpd": "^2.0 || ^3.0 || ^4.0", - "squizlabs/php_codesniffer": "^3.1.1" - }, - "suggest": { - "ext-curl": "Install curl lib to be able to use the IdPMetadataParser for parsing remote XMLs", - "ext-gettext": "Install gettext and php5-gettext libs to handle translations", - "ext-openssl": "Install openssl lib in order to handle with x509 certs (require to support sign and encryption)" - }, - "type": "library", - "autoload": { - "psr-4": { - "OneLogin\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "description": "OneLogin PHP SAML Toolkit", - "homepage": "https://developers.onelogin.com/saml/php", - "keywords": [ - "SAML2", - "onelogin", - "saml" - ], - "support": { - "email": "sixto.garcia@onelogin.com", - "issues": "https://github.com/onelogin/php-saml/issues", - "source": "https://github.com/onelogin/php-saml/" - }, - "time": "2021-03-02T10:13:07+00:00" - }, - { - "name": "paragonie/random_compat", - "version": "v9.99.100", - "source": { - "type": "git", - "url": "https://github.com/paragonie/random_compat.git", - "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a", - "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a", - "shasum": "" - }, - "require": { - "php": ">= 7" - }, - "require-dev": { - "phpunit/phpunit": "4.*|5.*", - "vimeo/psalm": "^1" - }, - "suggest": { - "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." - }, - "type": "library", - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com" - } - ], - "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", - "keywords": [ - "csprng", - "polyfill", - "pseudorandom", - "random" - ], - "support": { - "email": "info@paragonie.com", - "issues": "https://github.com/paragonie/random_compat/issues", - "source": "https://github.com/paragonie/random_compat" - }, - "time": "2020-10-15T08:29:30+00:00" - }, - { - "name": "psr/http-client", - "version": "1.0.1", - "source": { - "type": "git", - "url": "https://github.com/php-fig/http-client.git", - "reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/php-fig/http-client/zipball/2dfb5f6c5eff0e91e20e913f8c5452ed95b86621", - "reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621", - "shasum": "" - }, - "require": { - "php": "^7.0 || ^8.0", - "psr/http-message": "^1.0" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "autoload": { - "psr-4": { - "Psr\\Http\\Client\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" - } - ], - "description": "Common interface for HTTP clients", - "homepage": "https://github.com/php-fig/http-client", - "keywords": [ - "http", - "http-client", - "psr", - "psr-18" - ], - "support": { - "source": "https://github.com/php-fig/http-client/tree/master" - }, - "time": "2020-06-29T06:28:15+00:00" - }, - { - "name": "psr/http-factory", - "version": "1.0.1", - "source": { - "type": "git", - "url": "https://github.com/php-fig/http-factory.git", - "reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/php-fig/http-factory/zipball/12ac7fcd07e5b077433f5f2bee95b3a771bf61be", - "reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be", - "shasum": "" - }, - "require": { - "php": ">=7.0.0", - "psr/http-message": "^1.0" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "autoload": { - "psr-4": { - "Psr\\Http\\Message\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" - } - ], - "description": "Common interfaces for PSR-7 HTTP message factories", - "keywords": [ - "factory", - "http", - "message", - "psr", - "psr-17", - "psr-7", - "request", - "response" - ], - "support": { - "source": "https://github.com/php-fig/http-factory/tree/master" - }, - "time": "2019-04-30T12:38:16+00:00" - }, - { - "name": "psr/http-message", - "version": "1.0.1", - "source": { - "type": "git", - "url": "https://github.com/php-fig/http-message.git", - "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/php-fig/http-message/zipball/f6561bf28d520154e4b0ec72be95418abe6d9363", - "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363", - "shasum": "" - }, - "require": { - "php": ">=5.3.0" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "autoload": { - "psr-4": { - "Psr\\Http\\Message\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" - } - ], - "description": "Common interface for HTTP messages", - "homepage": "https://github.com/php-fig/http-message", - "keywords": [ - "http", - "http-message", - "psr", - "psr-7", - "request", - "response" - ], - "support": { - "source": "https://github.com/php-fig/http-message/tree/master" - }, - "time": "2016-08-06T14:39:51+00:00" - }, - { - "name": "psr/log", - "version": "1.1.4", - "source": { - "type": "git", - "url": "https://github.com/php-fig/log.git", - "reference": "d49695b909c3b7628b6289db5479a1c204601f11" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11", - "reference": "d49695b909c3b7628b6289db5479a1c204601f11", - "shasum": "" - }, - "require": { - "php": ">=5.3.0" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.1.x-dev" - } - }, - "autoload": { - "psr-4": { - "Psr\\Log\\": "Psr/Log/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "PHP-FIG", - "homepage": "https://www.php-fig.org/" - } - ], - "description": "Common interface for logging libraries", - "homepage": "https://github.com/php-fig/log", - "keywords": [ - "log", - "psr", - "psr-3" - ], - "support": { - "source": "https://github.com/php-fig/log/tree/1.1.4" - }, - "time": "2021-05-03T11:20:27+00:00" - }, - { - "name": "ralouphie/getallheaders", - "version": "3.0.3", - "source": { - "type": "git", - "url": "https://github.com/ralouphie/getallheaders.git", - "reference": "120b605dfeb996808c31b6477290a714d356e822" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/ralouphie/getallheaders/zipball/120b605dfeb996808c31b6477290a714d356e822", - "reference": "120b605dfeb996808c31b6477290a714d356e822", - "shasum": "" - }, - "require": { - "php": ">=5.6" - }, - "require-dev": { - "php-coveralls/php-coveralls": "^2.1", - "phpunit/phpunit": "^5 || ^6.5" - }, - "type": "library", - "autoload": { - "files": [ - "src/getallheaders.php" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Ralph Khattar", - "email": "ralph.khattar@gmail.com" - } - ], - "description": "A polyfill for getallheaders.", - "support": { - "issues": "https://github.com/ralouphie/getallheaders/issues", - "source": "https://github.com/ralouphie/getallheaders/tree/develop" - }, - "time": "2019-03-08T08:55:37+00:00" - }, - { - "name": "robrichards/xmlseclibs", - "version": "3.1.1", - "source": { - "type": "git", - "url": "https://github.com/robrichards/xmlseclibs.git", - "reference": "f8f19e58f26cdb42c54b214ff8a820760292f8df" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/robrichards/xmlseclibs/zipball/f8f19e58f26cdb42c54b214ff8a820760292f8df", - "reference": "f8f19e58f26cdb42c54b214ff8a820760292f8df", - "shasum": "" - }, - "require": { - "ext-openssl": "*", - "php": ">= 5.4" - }, - "type": "library", - "autoload": { - "psr-4": { - "RobRichards\\XMLSecLibs\\": "src" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "description": "A PHP library for XML Security", - "homepage": "https://github.com/robrichards/xmlseclibs", - "keywords": [ - "security", - "signature", - "xml", - "xmldsig" - ], - "support": { - "issues": "https://github.com/robrichards/xmlseclibs/issues", - "source": "https://github.com/robrichards/xmlseclibs/tree/3.1.1" - }, - "time": "2020-09-05T13:00:25+00:00" - }, - { - "name": "symfony/deprecation-contracts", - "version": "v3.2.0", - "source": { - "type": "git", - "url": "https://github.com/symfony/deprecation-contracts.git", - "reference": "1ee04c65529dea5d8744774d474e7cbd2f1206d3" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/1ee04c65529dea5d8744774d474e7cbd2f1206d3", - "reference": "1ee04c65529dea5d8744774d474e7cbd2f1206d3", - "shasum": "" - }, - "require": { - "php": ">=8.1" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-main": "3.3-dev" - }, - "thanks": { - "name": "symfony/contracts", - "url": "https://github.com/symfony/contracts" - } - }, - "autoload": { - "files": [ - "function.php" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Nicolas Grekas", - "email": "p@tchwork.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "A generic function and convention to trigger deprecation notices", - "homepage": "https://symfony.com", - "support": { - "source": "https://github.com/symfony/deprecation-contracts/tree/v3.2.0" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "time": "2022-11-25T10:21:52+00:00" - } - ], - "packages-dev": [], - "aliases": [], - "minimum-stability": "stable", - "stability-flags": [], - "prefer-stable": false, - "prefer-lowest": false, - "platform": [], - "platform-dev": [], - "plugin-api-version": "2.3.0" -} diff --git a/plugins/auth/install.php b/plugins/auth/install.php index 4c03a889..0d7d19c0 100644 --- a/plugins/auth/install.php +++ b/plugins/auth/install.php @@ -36,8 +36,8 @@ rex::getTable('ycom_user'), ['user_id' => 'id'], rex_sql_foreign_key::CASCADE, - rex_sql_foreign_key::CASCADE - ) + rex_sql_foreign_key::CASCADE, + ), ) ->ensure(); @@ -56,7 +56,7 @@ // termofuse -> termsofuse. Version < 3.0 try { - rex_sql_table::get(rex::getTablePrefix().'ycom_user') + rex_sql_table::get(rex::getTablePrefix() . 'ycom_user') ->ensureColumn(new rex_sql_column('termsofuse_accepted', 'tinyint(1)', false, '0')) ->removeColumn('session_key') ->alter(); @@ -66,7 +66,7 @@ ->setQuery('delete from `' . rex_yform_manager_field::table() . '` where `table_name`="rex_ycom_user" and `type_id`="value" and `type_name`="checkbox" and `name`="termofuse_accepted"', []) ->setQuery('update `rex_config` set `key`="article_id_jump_termsofuse" where `key`="article_id_jump_termofuse" and `namespace`="ycom/auth"', []) ->setQuery('delete from `' . rex_yform_manager_field::table() . '` where `table_name`="rex_ycom_user" and `type_id`="value" and `type_name`="generate_key" and `name`="session_key"'); - ; + } catch (rex_sql_exception $e) { dump($e); exit; diff --git a/plugins/auth/lib/ycom_auth.php b/plugins/auth/lib/ycom_auth.php index 9f4dbdba..88673f88 100644 --- a/plugins/auth/lib/ycom_auth.php +++ b/plugins/auth/lib/ycom_auth.php @@ -9,14 +9,10 @@ class rex_ycom_auth public const STATUS_LOGIN_FAILED = 4; public static bool $debug = false; - /** - * @var rex_ycom_user|null - */ + /** @var rex_ycom_user|null */ public static $me; - /** - * @var array - */ + /** @var array */ public static $perms = [ '0' => 'translate:ycom_perm_extends', '1' => 'translate:ycom_perm_only_logged_in', @@ -24,9 +20,7 @@ class rex_ycom_auth '3' => 'translate:ycom_perm_all', ]; - /** - * @var array - */ + /** @var array */ public static $DefaultRequestKeys = [ 'auth_request_stay' => 'rex_ycom_auth_stay', // 'auth_request_id' => 'rex_ycom_auth_id', @@ -46,7 +40,10 @@ public static function init(): string // $params['referer'] = self::cleanReferer($params['returnTo']); $params['redirect'] = ''; - + $params['loginStay'] = false; + $params['loginName'] = ''; + $params['loginPassword'] = ''; + $params['ignorePassword'] = true; // # Check for Login / Logout /* login_status @@ -154,30 +151,27 @@ public static function logout(rex_ycom_user $me): void * filter: array|string, * loginName: string, * loginPassword: string, - * ignorePassword: bool|string, - * loginStay: bool|string, + * ignorePassword: bool, + * loginStay: bool, * } $params * * @throws rex_exception */ public static function login(array $params): int { - $filter = null; - if (isset($params['filter']) && '' != $params['filter']) { - /** - * @param rex_yform_manager_query $query - * @return void - */ - $filter = static function (rex_yform_manager_query $query) use ($params): void { - if (is_array($params['filter'])) { - foreach ($params['filter'] as $filter) { - $query->whereRaw($filter); - } - } else { - $query->whereRaw($params['filter']); + /** + * @param rex_yform_manager_query $query + * @return void + */ + $filter = static function (rex_yform_manager_query $query) use ($params): void { + if (is_array($params['filter'])) { + foreach ($params['filter'] as $filter) { + $query->whereRaw($filter); } - }; - } + } elseif ('' != $params['filter']) { + $query->whereRaw($params['filter']); + } + }; rex_login::startSession(); @@ -199,16 +193,14 @@ public static function login(array $params): int // ----- Login OVER CookieKey and SessionKey // Sobald ein Login durchgeführt wird, werden sessionkey und cookiekey // ignoriert und überschrieben - if (isset($params['loginName']) && '' != $params['loginName']) { + if ('' != $params['loginName']) { try { $loginStatus = self::STATUS_HAS_LOGGED_IN; // has just logged in $userQuery = rex_ycom_user::query() ->where($loginFieldName, $params['loginName']); - if ($filter) { - $filter($userQuery); - } + $filter($userQuery); $loginUsers = $userQuery->find(); @@ -227,8 +219,8 @@ public static function login(array $params): int } if ( - (isset($params['ignorePassword']) && $params['ignorePassword']) - || (isset($params['loginPassword']) && '' != $params['loginPassword'] && self::checkPassword($params['loginPassword'], $loginUser->getId())) + $params['ignorePassword'] + || ('' != $params['loginPassword'] && self::checkPassword($params['loginPassword'], $loginUser->getId())) ) { $me = $loginUser; $me->setValue('last_login_time', rex_sql::datetime(time())); @@ -239,14 +231,14 @@ public static function login(array $params): int // stay logged in if selected $cookieKey = null; - if (isset($params['loginStay']) && $params['loginStay']) { + if ($params['loginStay']) { $cookieKey = base64_encode(random_bytes(64)); self::setStayLoggedInCookie($cookieKey); } rex_ycom_user_session::getInstance()->storeCurrentSession($me, $cookieKey); rex_ycom_log::log($me, rex_ycom_log::TYPE_LOGIN_SUCCESS, [ - 'stayloggedin' => $params['loginStay'] ?? '-', + 'stayloggedin' => ($params['loginStay']) ? 'yes' : '-', ]); } else { $loginUser->increaseLoginTries()->save(); @@ -279,18 +271,16 @@ public static function login(array $params): int rex_ycom_user::query() ->where('id', $sessionUserID); - if ($filter) { - $filter($userQuery); - } + $filter($userQuery); $loginUsers = $userQuery->find(); if (1 != count($loginUsers)) { - throw new rex_exception('session `'.$sessionUserID.'` - user not found'); + throw new rex_exception('session `' . $sessionUserID . '` - user not found'); } rex_ycom_user_session::clearExpiredSessions(); - if (0 === count(rex_sql::factory()->getArray('SELECT 1 FROM '.rex::getTable('ycom_user_session').' where session_id = ?', [session_id()]))) { + if (0 === count(rex_sql::factory()->getArray('SELECT 1 FROM ' . rex::getTable('ycom_user_session') . ' where session_id = ?', [session_id()]))) { throw new rex_exception('session expired or missing'); } @@ -318,20 +308,18 @@ public static function login(array $params): int try { $cookieUser = rex_sql::factory()->setQuery('select user_id from ' . rex::getTable('ycom_user_session') . ' where cookie_key = ?', [$cookieKey]); if (1 !== $cookieUser->getRows()) { - throw new rex_exception('cookiekey `'.$cookieKey.'` not found'); + throw new rex_exception('cookiekey `' . $cookieKey . '` not found'); } $userQuery = rex_ycom_user::query() ->where('id', $cookieUser->getValue('user_id')); - if ($filter) { - $filter($userQuery); - } + $filter($userQuery); $loginUsers = $userQuery->find(); if (1 !== count($loginUsers)) { - throw new rex_exception('cookiekey `'.$cookieKey.'` - user width id=`'. $cookieUser->getValue('user_id').'` not found'); + throw new rex_exception('cookiekey `' . $cookieKey . '` - user width id=`' . $cookieUser->getValue('user_id') . '` not found'); } /** @var rex_ycom_user $me */ @@ -344,7 +332,7 @@ public static function login(array $params): int rex_ycom_log::TYPE_LOGIN_SUCCESS, [ 'Login via CookieKey', - ] + ], ); } catch (throwable $e) { $loginStatus = self::STATUS_LOGIN_FAILED; // login failed @@ -383,7 +371,7 @@ public static function login(array $params): int * @param array $params * @return null|false|rex_ycom_user */ - public static function loginWithParams($params, callable $filter = null) + public static function loginWithParams($params, ?callable $filter = null) { $userQuery = rex_ycom_user::query(); foreach ($params as $l => $v) { @@ -406,8 +394,10 @@ public static function loginWithParams($params, callable $filter = null) $params = []; $params['loginName'] = $user->$loginField; - $params['loginPassword'] = $user->password; + $params['loginPassword'] = $user->getValue('password'); $params['ignorePassword'] = true; + $params['filter'] = []; + $params['loginStay'] = false; self::login($params); @@ -423,8 +413,9 @@ public static function checkPassword(string $password, $user_id): bool return false; } + /** @var rex_ycom_user $user */ $user = rex_ycom_user::get((int) $user_id); - if ($user) { + if (null !== $user) { if (rex_login::passwordVerify($password, $user->getPassword())) { return true; } @@ -590,7 +581,7 @@ public static function cleanReferer(string $refererURL): string } if (isset($url['query']) && '' != $url['query']) { - $returnUrl .= '?'. $url['query']; + $returnUrl .= '?' . $url['query']; } $referer_to_logout = strpos($returnUrl, rex_getUrl(rex_config::get('ycom/auth', 'article_id_logout', ''))); diff --git a/plugins/auth/lib/ycom_auth_rules.php b/plugins/auth/lib/ycom_auth_rules.php index dd8870dc..83bb9efc 100644 --- a/plugins/auth/lib/ycom_auth_rules.php +++ b/plugins/auth/lib/ycom_auth_rules.php @@ -2,9 +2,7 @@ class rex_ycom_auth_rules { - /** - * @var array - */ + /** @var array */ private array $rules; public function __construct() @@ -88,7 +86,7 @@ public function check(rex_ycom_user $user, string $rule_name = 'login_try_5_paus return false; case 'pause': $lastLoginDate = new DateTime($user->getValue('last_login_time')); - $lastLoginDate->modify('+'.$rule['action']['time'].' seconds'); + $lastLoginDate->modify('+' . $rule['action']['time'] . ' seconds'); if (date('YmdHis') < $lastLoginDate->format('YmdHis')) { return false; } diff --git a/plugins/auth/lib/ycom_user_session.php b/plugins/auth/lib/ycom_user_session.php index b106073e..c30a1f59 100644 --- a/plugins/auth/lib/ycom_user_session.php +++ b/plugins/auth/lib/ycom_user_session.php @@ -4,7 +4,12 @@ class rex_ycom_user_session { use rex_singleton_trait; - public function storeCurrentSession(rex_ycom_user $user, ?string $cookieKey = null): void + /** + * @param rex_ycom_user|rex_yform_manager_dataset $user + * @throws rex_exception + * @throws rex_sql_exception + */ + public function storeCurrentSession($user, ?string $cookieKey = null): void { $sessionId = session_id(); if (false === $sessionId || '' === $sessionId) { diff --git a/plugins/auth/lib/yform/action/ycom_auth_db.php b/plugins/auth/lib/yform/action/ycom_auth_db.php index 0c9d45ba..6805df7d 100644 --- a/plugins/auth/lib/yform/action/ycom_auth_db.php +++ b/plugins/auth/lib/yform/action/ycom_auth_db.php @@ -32,7 +32,7 @@ public function executeAction(): void ]); $this->params['main_table'] = rex_ycom_user::table()->getTableName(); - $this->params['main_where'] = 'id='.(int) (rex_ycom_user::getMe() ? rex_ycom_user::getMe()->getId() : 0); + $this->params['main_where'] = 'id=' . (int) (rex_ycom_user::getMe() ? rex_ycom_user::getMe()->getId() : 0); $this->setElement(2, ''); $this->setElement(3, 'main_where'); diff --git a/plugins/auth/lib/yform/trait_value_auth_extern.php b/plugins/auth/lib/yform/trait_value_auth_extern.php index 0cab8f83..50889c56 100644 --- a/plugins/auth/lib/yform/trait_value_auth_extern.php +++ b/plugins/auth/lib/yform/trait_value_auth_extern.php @@ -8,10 +8,10 @@ trait rex_yform_trait_value_auth_extern */ private function auth_loadSettings(): array { - $SettingFile = $this->auth_ClassKey.'.php'; + $SettingFile = $this->auth_ClassKey . '.php'; $SettingsPath = rex_addon::get('ycom')->getDataPath($SettingFile); if (!file_exists($SettingsPath)) { - throw new rex_exception($this->auth_ClassKey . '-Settings file not found ['.$SettingsPath.']'); + throw new rex_exception($this->auth_ClassKey . '-Settings file not found [' . $SettingsPath . ']'); } $settings = []; @@ -30,9 +30,9 @@ private function auth_getReturnTo(): string private function auth_FormOutput(string $url): void { if ($this->needsOutput()) { - $this->params['form_output'][$this->getId()] = $this->parse(['value.ycom_auth_' . $this->auth_ClassKey. '.tpl.php', 'value.ycom_auth_extern.tpl.php'], [ + $this->params['form_output'][$this->getId()] = $this->parse(['value.ycom_auth_' . $this->auth_ClassKey . '.tpl.php', 'value.ycom_auth_extern.tpl.php'], [ 'url' => $url, - 'name' => '{{ ' . $this->auth_ClassKey. '_auth }}', + 'name' => '{{ ' . $this->auth_ClassKey . '_auth }}', ]); } } @@ -52,16 +52,14 @@ private function auth_redirectToFailed(string $message = ''): string /** * @param array $Userdata - * @param string $returnTo * @throws rex_exception - * @return void */ private function auth_createOrUpdateYComUser(array $Userdata, string $returnTo): void { $defaultUserAttributes = []; if ('' != $this->getElement(4)) { if (null == $defaultUserAttributes = json_decode($this->getElement(4), true)) { - throw new rex_exception($this->auth_ClassKey . '-DefaultUserAttributes is not a json'.$this->getElement(4)); + throw new rex_exception($this->auth_ClassKey . '-DefaultUserAttributes is not a json' . $this->getElement(4)); } } @@ -101,6 +99,7 @@ private function auth_createOrUpdateYComUser(array $Userdata, string $returnTo): 'loginStay' => true, 'filter' => 'status > 0', 'ignorePassword' => true, + 'loginPassword' => '', ]; $loginStatus = rex_ycom_auth::login($params); @@ -132,6 +131,9 @@ private function auth_createOrUpdateYComUser(array $Userdata, string $returnTo): $params = []; $params['loginName'] = $user->getValue('email'); $params['ignorePassword'] = true; + $params['loginStay'] = false; + $params['filter'] = []; + $params['loginPassword'] = ''; $loginStatus = rex_ycom_auth::login($params); if (rex_ycom_auth::STATUS_HAS_LOGGED_IN != $loginStatus) { diff --git a/plugins/auth/lib/yform/validate/ycom_auth.php b/plugins/auth/lib/yform/validate/ycom_auth.php index 35e8fa32..b9d2df2f 100644 --- a/plugins/auth/lib/yform/validate/ycom_auth.php +++ b/plugins/auth/lib/yform/validate/ycom_auth.php @@ -44,9 +44,10 @@ public function enterObject(): void */ $params = []; - $params['loginName'] = $loginObject->getValue(); - $params['loginPassword'] = $passwordObject->getValue(); - $params['loginStay'] = ($stayObject) ? $stayObject->getValue() : false; + $params['loginName'] = (string) $loginObject->getValue(); + $params['loginPassword'] = (string) $passwordObject->getValue(); + $params['loginStay'] = ($stayObject) ? (bool) $stayObject->getValue() : false; + $params['ignorePassword'] = false; $params['filter'] = [ 'status > 0', ]; diff --git a/plugins/auth/lib/yform/value/ycom_auth_cas.php b/plugins/auth/lib/yform/value/ycom_auth_cas.php index 6d64b1e1..2b95b7b6 100644 --- a/plugins/auth/lib/yform/value/ycom_auth_cas.php +++ b/plugins/auth/lib/yform/value/ycom_auth_cas.php @@ -11,9 +11,7 @@ class rex_yform_value_ycom_auth_cas extends rex_yform_value_abstract { - /** - * @var array|string[] - */ + /** @var array|string[] */ private static array $requestAuthFunctions = ['auth', 'logout']; private string $casFile = 'cas.php'; @@ -23,7 +21,7 @@ public function enterObject(): void $casConfigPath = \rex_addon::get('ycom')->getDataPath($this->casFile); if (!file_exists($casConfigPath)) { - throw new rex_exception('CAS Settings file not found ['.$casConfigPath.']'); + throw new rex_exception('CAS Settings file not found [' . $casConfigPath . ']'); } $settings = []; @@ -108,10 +106,11 @@ public function enterObject(): void // not logged in - check if available $params = []; - $params['loginName'] = $data['email']; + $params['loginName'] = (string) $data['email']; $params['loginStay'] = true; $params['filter'] = 'status > 0'; $params['ignorePassword'] = true; + $params['loginPassword'] = ''; $loginStatus = \rex_ycom_auth::login($params); if (rex_ycom_auth::STATUS_HAS_LOGGED_IN == $loginStatus) { @@ -140,6 +139,9 @@ public function enterObject(): void $params = []; $params['loginName'] = $user->getValue('email'); $params['ignorePassword'] = true; + $params['loginStay'] = false; + $params['filter'] = []; + $params['loginPassword'] = ''; $loginStatus = \rex_ycom_auth::login($params); if (rex_ycom_auth::STATUS_HAS_LOGGED_IN != $loginStatus) { @@ -159,5 +161,4 @@ public function getDescription(): string { return 'ycom_auth_cas|label|error_msg|[allowed returnTo domains: DomainA,DomainB]|[default Userdata as Json{"ycom_groups": 3, "termsofuse_accepted": 1}]'; } - } diff --git a/plugins/auth/lib/yform/value/ycom_auth_oauth2.php b/plugins/auth/lib/yform/value/ycom_auth_oauth2.php index 37ebc329..a1c70abd 100644 --- a/plugins/auth/lib/yform/value/ycom_auth_oauth2.php +++ b/plugins/auth/lib/yform/value/ycom_auth_oauth2.php @@ -19,14 +19,10 @@ class rex_yform_value_ycom_auth_oauth2 extends rex_yform_value_abstract { use rex_yform_trait_value_auth_extern; - /** - * @var array|string[] - */ + /** @var array|string[] */ private array $auth_requestFunctions = ['init', 'code', 'state']; private bool $auth_directLink = false; - /** - * @var array|string[] - */ + /** @var array|string[] */ private array $auth_SessionVars = ['OAUTH2_oauth2state']; private string $auth_ClassKey = 'oauth2'; diff --git a/plugins/auth/lib/yform/value/ycom_auth_returnto.php b/plugins/auth/lib/yform/value/ycom_auth_returnto.php index dbfb058d..14628262 100644 --- a/plugins/auth/lib/yform/value/ycom_auth_returnto.php +++ b/plugins/auth/lib/yform/value/ycom_auth_returnto.php @@ -42,5 +42,4 @@ public function getDescription(): string { return 'ycom_auth_returnto|label|[allowed domains: DomainA,DomainB]|[URL]'; } - } diff --git a/plugins/auth/lib/yform/value/ycom_auth_saml.php b/plugins/auth/lib/yform/value/ycom_auth_saml.php index cb0d398a..8c4f5498 100644 --- a/plugins/auth/lib/yform/value/ycom_auth_saml.php +++ b/plugins/auth/lib/yform/value/ycom_auth_saml.php @@ -20,14 +20,10 @@ class rex_yform_value_ycom_auth_saml extends rex_yform_value_abstract { use rex_yform_trait_value_auth_extern; - /** - * @var array|string[] - */ + /** @var array|string[] */ private array $auth_requestFunctions = ['auth', 'sso', 'acs', 'slo', 'sls']; private bool $auth_directLink = false; - /** - * @var array|string[] - */ + /** @var array|string[] */ private array $auth_SessionVars = ['SAML_Userdata', 'SAML_NameId', 'SAML_SessionIndex', 'SAML_AuthNRequestID', 'SAML_LogoutRequestID', 'SAML_NameIdFormat', 'SAML_ssoDate']; private string $auth_ClassKey = 'saml'; diff --git a/plugins/auth/pages/content.ycom_auth.php b/plugins/auth/pages/content.ycom_auth.php index 0015c7cf..f9846ac6 100644 --- a/plugins/auth/pages/content.ycom_auth.php +++ b/plugins/auth/pages/content.ycom_auth.php @@ -2,7 +2,7 @@ $content = ''; $addon = rex_addon::get('ycom'); -$params = $params ?? []; +$params ??= []; $article_id = $params['article_id']; $clang = $params['clang']; @@ -44,7 +44,7 @@ } $permission_info .= '$( document ).ready(function() { $("#rex-page-sidebar-ycom_auth-perm :input").attr("disabled", true); }); '; - $permission_info .= '

'.$addon->i18n('no_permission_to_edit').'

'; + $permission_info .= '

' . $addon->i18n('no_permission_to_edit') . '

'; } else { $yform->setActionField('db', [rex::getTable('article'), 'id = ' . $article_id]); $yform->setObjectparams('submit_btn_label', $addon->i18n('ycom_auth_update_perm')); @@ -58,7 +58,7 @@ rex_article_cache::delete($article_id, $clang); } - $form = '
'.$permission_info.$form.'
'; + $form = '
' . $permission_info . $form . '
'; } return $form; diff --git a/plugins/auth/pages/log.php b/plugins/auth/pages/log.php index eb9f3d48..d6ed351e 100644 --- a/plugins/auth/pages/log.php +++ b/plugins/auth/pages/log.php @@ -9,4 +9,4 @@ // this file integrates the already existing log-viewer as a syslog page. // the required registration wiring can be found in the package.yml -require __DIR__. '/system.log.ycom_user.php'; +require __DIR__ . '/system.log.ycom_user.php'; diff --git a/plugins/auth/pages/sessions.php b/plugins/auth/pages/sessions.php index b4482291..75ce97f5 100644 --- a/plugins/auth/pages/sessions.php +++ b/plugins/auth/pages/sessions.php @@ -38,7 +38,7 @@ 'be_user_login' => $be_user->getValue('login'), 'be_user_name' => $be_user->getValue('name'), 'be_user_email' => $be_user->getValue('email'), - ] + ], ); } } @@ -46,7 +46,7 @@ break; } -$list = rex_list::factory('SELECT session_id, cookie_key, ip, user_id, useragent, starttime, last_activity from '.rex::getTablePrefix().'ycom_user_session ORDER BY last_activity DESC'); +$list = rex_list::factory('SELECT session_id, cookie_key, ip, user_id, useragent, starttime, last_activity from ' . rex::getTablePrefix() . 'ycom_user_session ORDER BY last_activity DESC'); $list->addColumn('remove_session', '', 0, ['', '###VALUE###']); $list->setColumnParams('remove_session', ['func' => 'remove_session', 'session_id' => '###session_id###', 'user_id' => '###user_id###']); @@ -60,7 +60,7 @@ $list->setColumnFormat('session_id', 'custom', static function () use ($list) { return rex_escape((string) $list->getValue('session_id')) - . ($list->getValue('cookie_key') ? ' '.rex_i18n::msg('stay_logged_in').'' : ''); + . ($list->getValue('cookie_key') ? ' ' . rex_i18n::msg('stay_logged_in') . '' : ''); }); $list->setColumnFormat('last_activity', 'custom', static function () use ($list) { diff --git a/plugins/auth/pages/settings.php b/plugins/auth/pages/settings.php index 6127a291..c846e6a6 100644 --- a/plugins/auth/pages/settings.php +++ b/plugins/auth/pages/settings.php @@ -77,63 +77,63 @@
- '.$this->i18n('ycom_auth_config_forwarder').' + ' . $this->i18n('ycom_auth_config_forwarder') . '
- +
- +
- '. rex_var_link::getWidget(5, 'article_id_jump_ok', intval($this->getConfig('article_id_jump_ok'))) .' + ' . rex_var_link::getWidget(5, 'article_id_jump_ok', (int) $this->getConfig('article_id_jump_ok')) . ' [article_id_jump_ok]
- +
- '. rex_var_link::getWidget(7, 'article_id_jump_logout', intval($this->getConfig('article_id_jump_logout'))) .' + ' . rex_var_link::getWidget(7, 'article_id_jump_logout', (int) $this->getConfig('article_id_jump_logout')) . ' [article_id_jump_logout]
-
- '. rex_var_link::getWidget(8, 'article_id_jump_denied', intval($this->getConfig('article_id_jump_denied'))) .' - '.$this->i18n('ycom_auth_config_id_jump_denied_notice').' + ' . rex_var_link::getWidget(8, 'article_id_jump_denied', (int) $this->getConfig('article_id_jump_denied')) . ' + ' . $this->i18n('ycom_auth_config_id_jump_denied_notice') . '
- +
- '. rex_var_link::getWidget(9, 'article_id_jump_password', intval($this->getConfig('article_id_jump_password'))) .' + ' . rex_var_link::getWidget(9, 'article_id_jump_password', (int) $this->getConfig('article_id_jump_password')) . ' [article_id_jump_password]
- +
- '. rex_var_link::getWidget(10, 'article_id_jump_termsofuse', intval($this->getConfig('article_id_jump_termsofuse'))) .' + ' . rex_var_link::getWidget(10, 'article_id_jump_termsofuse', (int) $this->getConfig('article_id_jump_termsofuse')) . ' [article_id_jump_termsofuse]
@@ -141,24 +141,24 @@
- '.$this->i18n('ycom_auth_config_pages').' + ' . $this->i18n('ycom_auth_config_pages') . '
- +
- '. rex_var_link::getWidget(11, 'article_id_login', intval($this->getConfig('article_id_login'))) .' + ' . rex_var_link::getWidget(11, 'article_id_login', (int) $this->getConfig('article_id_login')) . ' [article_id_login]
- +
- '. rex_var_link::getWidget(12, 'article_id_logout', intval($this->getConfig('article_id_logout'))) .' + ' . rex_var_link::getWidget(12, 'article_id_logout', (int) $this->getConfig('article_id_logout')) . ' [article_id_logout]
@@ -166,20 +166,20 @@
- +
- '. rex_var_link::getWidget(13, 'article_id_register', intval($this->getConfig('article_id_register'))) .' + ' . rex_var_link::getWidget(13, 'article_id_register', (int) $this->getConfig('article_id_register')) . ' [article_id_register]
- +
- '. rex_var_link::getWidget(14, 'article_id_password', $this->getConfig('article_id_password')) .' + ' . rex_var_link::getWidget(14, 'article_id_password', $this->getConfig('article_id_password')) . ' [article_id_password]
@@ -187,28 +187,28 @@
- '.$this->i18n('ycom_auth_config_login_field').' + ' . $this->i18n('ycom_auth_config_login_field') . '
- '.$this->i18n('ycom_auth_config_login_field').' + ' . $this->i18n('ycom_auth_config_login_field') . '
- '.$sel_userfields->get().' + ' . $sel_userfields->get() . '
- '.$this->i18n('ycom_auth_config_security').' + ' . $this->i18n('ycom_auth_config_security') . '
- '.$sel_authrules->get().' + ' . $sel_authrules->get() . '
@@ -217,7 +217,7 @@
- '.$sel_authcookiettl->get().' + ' . $sel_authcookiettl->get() . '
@@ -244,14 +244,14 @@
- '.$this->i18n('ycom_auth_config_extern').' + ' . $this->i18n('ycom_auth_config_extern') . '
- +
- '. rex_var_link::getWidget(6, 'article_id_jump_not_ok', $this->getConfig('article_id_jump_not_ok', '')) .' + ' . rex_var_link::getWidget(6, 'article_id_jump_not_ok', $this->getConfig('article_id_jump_not_ok', '')) . ' [article_id_jump_not_ok]
@@ -261,7 +261,7 @@
- +
diff --git a/plugins/auth/pages/system.log.ycom_user.php b/plugins/auth/pages/system.log.ycom_user.php index 8bcd1b12..b0fee597 100644 --- a/plugins/auth/pages/system.log.ycom_user.php +++ b/plugins/auth/pages/system.log.ycom_user.php @@ -2,8 +2,8 @@ $addon = rex_addon::get('ycom'); $func = rex_request('func', 'string'); -$activationLink = rex_url::currentBackendPage().'&func=ycom_user_activate_log'; -$deactivationLink = rex_url::currentBackendPage().'&func=ycom_user_deactivate_log'; +$activationLink = rex_url::currentBackendPage() . '&func=ycom_user_activate_log'; +$deactivationLink = rex_url::currentBackendPage() . '&func=ycom_user_deactivate_log'; $logFile = rex_ycom_log::logFile(); switch ($func) { @@ -48,13 +48,13 @@ $data = $entry->getData(); $class = 'ERROR' == trim($data[0]) ? 'rex-state-error' : 'rex-mailer-log-ok'; $content .= ' - + ' . rex_formatter::intlDateTime($entry->getTimestamp(), [IntlDateFormatter::SHORT, IntlDateFormatter::MEDIUM]) . ' ' . rex_escape($data[0]) . ' ' . rex_escape($data[1]) . ' ' . rex_escape($data[2]) . ' ' . rex_escape($data[3]) . ' - ' . rex_escape(($data[4] ?? '')) . ' + ' . rex_escape($data[4] ?? '') . ' '; } diff --git a/plugins/auth/update.php b/plugins/auth/update.php index 1174823a..e596c0f0 100644 --- a/plugins/auth/update.php +++ b/plugins/auth/update.php @@ -5,4 +5,4 @@ * @psalm-scope-this rex_addon */ -$this->includeFile(__DIR__.'/install.php'); +$this->includeFile(__DIR__ . '/install.php'); diff --git a/plugins/auth/vendor/apereo/phpcas/.gitattributes b/plugins/auth/vendor/apereo/phpcas/.gitattributes deleted file mode 100644 index 3e28f4e4..00000000 --- a/plugins/auth/vendor/apereo/phpcas/.gitattributes +++ /dev/null @@ -1,7 +0,0 @@ -/docs/ export-ignore -/test/ export-ignore -/utils/ export-ignore -/.buildpath export-ignore -/.gitignore export-ignore -/.project export-ignore -/.travis.yml export-ignore diff --git a/plugins/auth/vendor/apereo/phpcas/CAS.php b/plugins/auth/vendor/apereo/phpcas/CAS.php deleted file mode 100644 index 6ddcf07b..00000000 --- a/plugins/auth/vendor/apereo/phpcas/CAS.php +++ /dev/null @@ -1,32 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -require_once __DIR__.'/source/CAS.php'; - -trigger_error('Including CAS.php is deprecated. Install phpCAS using composer instead.', E_USER_DEPRECATED); diff --git a/plugins/auth/vendor/apereo/phpcas/LICENSE b/plugins/auth/vendor/apereo/phpcas/LICENSE deleted file mode 100644 index 261eeb9e..00000000 --- a/plugins/auth/vendor/apereo/phpcas/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/plugins/auth/vendor/apereo/phpcas/NOTICE b/plugins/auth/vendor/apereo/phpcas/NOTICE deleted file mode 100644 index 70d9ffcd..00000000 --- a/plugins/auth/vendor/apereo/phpcas/NOTICE +++ /dev/null @@ -1,81 +0,0 @@ -Copyright 2007-2011, JA-SIG, Inc. -This project includes software developed by Jasig. -http://www.jasig.org/ - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this software except in compliance with the License. -You may obtain a copy of the License at: - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - -=========================================================================== - -Copyright © 2003-2007, The ESUP-Portail consortium - -Requirements for sources originally licensed under the New BSD License: - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -- Redistributions of source code must retain the above copyright notice, -this list of conditions and the following disclaimer. - -- Redistributions in binary form must reproduce the above copyright notice, -this list of conditions and the following disclaimer in the documentation -and/or other materials provided with the distribution. - -- Neither the name of JA-SIG, Inc. nor the names of its contributors may be -used to endorse or promote products derived from this software without -specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE -LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -POSSIBILITY OF SUCH DAMAGE. - -=========================================================================== - -Copyright (c) 2009, Regents of the University of Nebraska -All rights reserved. - -Requirements for CAS_Autloader originally licensed under the New BSD License: - -Redistribution and use in source and binary forms, with or without modification, -are permitted provided that the following conditions are met: - -Redistributions of source code must retain the above copyright notice, this list -of conditions and the following disclaimer. - -Redistributions in binary form must reproduce the above copyright notice, this -list of conditions and the following disclaimer in the documentation and/or -other materials provided with the distribution. - -Neither the name of the University of Nebraska nor the names of its contributors -may be used to endorse or promote products derived from this software without -specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" -AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE -LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -POSSIBILITY OF SUCH DAMAGE. diff --git a/plugins/auth/vendor/apereo/phpcas/README.md b/plugins/auth/vendor/apereo/phpcas/README.md deleted file mode 100644 index d4812891..00000000 --- a/plugins/auth/vendor/apereo/phpcas/README.md +++ /dev/null @@ -1,35 +0,0 @@ -phpCAS -======= - -phpCAS is an authentication library that allows PHP applications to easily authenticate -users via a Central Authentication Service (CAS) server. - -Please see the wiki website for more information: - -https://apereo.github.io/phpCAS/ - -Api documentation can be found here: - -https://apereo.github.io/phpCAS/api/ - - -[![Test](https://github.com/apereo/phpCAS/actions/workflows/test.yml/badge.svg)](https://github.com/apereo/phpCAS/actions/workflows/test.yml) - -LICENSE -------- - -Copyright 2007-2020, Apereo Foundation. -This project includes software developed by Apereo Foundation. -http://www.apereo.org/ - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this software except in compliance with the License. -You may obtain a copy of the License at: - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/plugins/auth/vendor/apereo/phpcas/composer.json b/plugins/auth/vendor/apereo/phpcas/composer.json deleted file mode 100644 index 89ab7b9f..00000000 --- a/plugins/auth/vendor/apereo/phpcas/composer.json +++ /dev/null @@ -1,55 +0,0 @@ -{ - "name" : "apereo/phpcas", - "description" : "Provides a simple API for authenticating users against a CAS server", - "keywords" : [ - "cas", - "jasig", - "apereo" - ], - "homepage" : "https://wiki.jasig.org/display/CASC/phpCAS", - "type" : "library", - "license" : "Apache-2.0", - "authors" : [{ - "name" : "Joachim Fritschi", - "homepage" : "https://github.com/jfritschi", - "email" : "jfritschi@freenet.de" - }, { - "name" : "Adam Franco", - "homepage" : "https://github.com/adamfranco" - }, { - "name" : "Henry Pan", - "homepage" : "https://github.com/phy25" - } - ], - "require" : { - "php" : ">=7.1.0", - "ext-curl" : "*", - "ext-dom" : "*", - "psr/log" : "^1.0 || ^2.0 || ^3.0" - }, - "require-dev" : { - "monolog/monolog" : "^1.0.0 || ^2.0.0", - "phpunit/phpunit" : ">=7.5", - "phpstan/phpstan" : "^1.5" - }, - "autoload" : { - "classmap" : [ - "source/" - ] - }, - "autoload-dev" : { - "files": ["source/CAS.php"], - "psr-4" : { - "PhpCas\\" : "test/CAS/" - } - }, - "scripts" : { - "test" : "phpunit", - "phpstan" : "phpstan" - }, - "extra" : { - "branch-alias" : { - "dev-master" : "1.3.x-dev" - } - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS.php b/plugins/auth/vendor/apereo/phpcas/source/CAS.php deleted file mode 100644 index 8243a83e..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS.php +++ /dev/null @@ -1,2083 +0,0 @@ - - * @author Olivier Berger - * @author Brett Bieber - * @author Joachim Fritschi - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * @ingroup public - */ - -use Psr\Log\LoggerInterface; - -// -// hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI'] -// in IIS -// -if (!isset($_SERVER['REQUEST_URI']) && isset($_SERVER['SCRIPT_NAME']) && isset($_SERVER['QUERY_STRING'])) { - $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING']; -} - - -// ######################################################################## -// CONSTANTS -// ######################################################################## - -// ------------------------------------------------------------------------ -// CAS VERSIONS -// ------------------------------------------------------------------------ - -/** - * phpCAS version. accessible for the user by phpCAS::getVersion(). - */ -define('PHPCAS_VERSION', '1.6.0'); - -/** - * @addtogroup public - * @{ - */ - -/** - * phpCAS supported protocols. accessible for the user by phpCAS::getSupportedProtocols(). - */ - -/** - * CAS version 1.0 - */ -define("CAS_VERSION_1_0", '1.0'); -/*! - * CAS version 2.0 -*/ -define("CAS_VERSION_2_0", '2.0'); -/** - * CAS version 3.0 - */ -define("CAS_VERSION_3_0", '3.0'); - -// ------------------------------------------------------------------------ -// SAML defines -// ------------------------------------------------------------------------ - -/** - * SAML protocol - */ -define("SAML_VERSION_1_1", 'S1'); - -/** - * XML header for SAML POST - */ -define("SAML_XML_HEADER", ''); - -/** - * SOAP envelope for SAML POST - */ -define("SAML_SOAP_ENV", ''); - -/** - * SOAP body for SAML POST - */ -define("SAML_SOAP_BODY", ''); - -/** - * SAMLP request - */ -define("SAMLP_REQUEST", ''); -define("SAMLP_REQUEST_CLOSE", ''); - -/** - * SAMLP artifact tag (for the ticket) - */ -define("SAML_ASSERTION_ARTIFACT", ''); - -/** - * SAMLP close - */ -define("SAML_ASSERTION_ARTIFACT_CLOSE", ''); - -/** - * SOAP body close - */ -define("SAML_SOAP_BODY_CLOSE", ''); - -/** - * SOAP envelope close - */ -define("SAML_SOAP_ENV_CLOSE", ''); - -/** - * SAML Attributes - */ -define("SAML_ATTRIBUTES", 'SAMLATTRIBS'); - -/** @} */ -/** - * @addtogroup publicPGTStorage - * @{ - */ -// ------------------------------------------------------------------------ -// FILE PGT STORAGE -// ------------------------------------------------------------------------ -/** - * Default path used when storing PGT's to file - */ -define("CAS_PGT_STORAGE_FILE_DEFAULT_PATH", session_save_path()); -/** @} */ -// ------------------------------------------------------------------------ -// SERVICE ACCESS ERRORS -// ------------------------------------------------------------------------ -/** - * @addtogroup publicServices - * @{ - */ - -/** - * phpCAS::service() error code on success - */ -define("PHPCAS_SERVICE_OK", 0); -/** - * phpCAS::service() error code when the PT could not retrieve because - * the CAS server did not respond. - */ -define("PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE", 1); -/** - * phpCAS::service() error code when the PT could not retrieve because - * the response of the CAS server was ill-formed. - */ -define("PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE", 2); -/** - * phpCAS::service() error code when the PT could not retrieve because - * the CAS server did not want to. - */ -define("PHPCAS_SERVICE_PT_FAILURE", 3); -/** - * phpCAS::service() error code when the service was not available. - */ -define("PHPCAS_SERVICE_NOT_AVAILABLE", 4); - -// ------------------------------------------------------------------------ -// SERVICE TYPES -// ------------------------------------------------------------------------ -/** - * phpCAS::getProxiedService() type for HTTP GET - */ -define("PHPCAS_PROXIED_SERVICE_HTTP_GET", 'CAS_ProxiedService_Http_Get'); -/** - * phpCAS::getProxiedService() type for HTTP POST - */ -define("PHPCAS_PROXIED_SERVICE_HTTP_POST", 'CAS_ProxiedService_Http_Post'); -/** - * phpCAS::getProxiedService() type for IMAP - */ -define("PHPCAS_PROXIED_SERVICE_IMAP", 'CAS_ProxiedService_Imap'); - - -/** @} */ -// ------------------------------------------------------------------------ -// LANGUAGES -// ------------------------------------------------------------------------ -/** - * @addtogroup publicLang - * @{ - */ - -define("PHPCAS_LANG_ENGLISH", 'CAS_Languages_English'); -define("PHPCAS_LANG_FRENCH", 'CAS_Languages_French'); -define("PHPCAS_LANG_GREEK", 'CAS_Languages_Greek'); -define("PHPCAS_LANG_GERMAN", 'CAS_Languages_German'); -define("PHPCAS_LANG_JAPANESE", 'CAS_Languages_Japanese'); -define("PHPCAS_LANG_SPANISH", 'CAS_Languages_Spanish'); -define("PHPCAS_LANG_CATALAN", 'CAS_Languages_Catalan'); -define("PHPCAS_LANG_CHINESE_SIMPLIFIED", 'CAS_Languages_ChineseSimplified'); -define("PHPCAS_LANG_GALEGO", 'CAS_Languages_Galego'); -define("PHPCAS_LANG_PORTUGUESE", 'CAS_Languages_Portuguese'); - -/** @} */ - -/** - * @addtogroup internalLang - * @{ - */ - -/** - * phpCAS default language (when phpCAS::setLang() is not used) - */ -define("PHPCAS_LANG_DEFAULT", PHPCAS_LANG_ENGLISH); - -/** @} */ -// ------------------------------------------------------------------------ -// DEBUG -// ------------------------------------------------------------------------ -/** - * @addtogroup publicDebug - * @{ - */ - -/** - * The default directory for the debug file under Unix. - * @return string directory for the debug file - */ -function gettmpdir() { -if (!empty($_ENV['TMP'])) { return realpath($_ENV['TMP']); } -if (!empty($_ENV['TMPDIR'])) { return realpath( $_ENV['TMPDIR']); } -if (!empty($_ENV['TEMP'])) { return realpath( $_ENV['TEMP']); } -return "/tmp"; -} -define('DEFAULT_DEBUG_DIR', gettmpdir()."/"); - -/** @} */ - -// include the class autoloader -require_once __DIR__ . '/CAS/Autoload.php'; - -/** - * The phpCAS class is a simple container for the phpCAS library. It provides CAS - * authentication for web applications written in PHP. - * - * @ingroup public - * @class phpCAS - * @category Authentication - * @package PhpCAS - * @author Pascal Aubry - * @author Olivier Berger - * @author Brett Bieber - * @author Joachim Fritschi - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -class phpCAS -{ - - /** - * This variable is used by the interface class phpCAS. - * - * @var CAS_Client - * @hideinitializer - */ - private static $_PHPCAS_CLIENT; - - /** - * @var array - * This variable is used to store where the initializer is called from - * (to print a comprehensive error in case of multiple calls). - * - * @hideinitializer - */ - private static $_PHPCAS_INIT_CALL; - - /** - * @var array - * This variable is used to store phpCAS debug mode. - * - * @hideinitializer - */ - private static $_PHPCAS_DEBUG; - - /** - * This variable is used to enable verbose mode - * This pevents debug info to be show to the user. Since it's a security - * feature the default is false - * - * @hideinitializer - */ - private static $_PHPCAS_VERBOSE = false; - - - // ######################################################################## - // INITIALIZATION - // ######################################################################## - - /** - * @addtogroup publicInit - * @{ - */ - - /** - * phpCAS client initializer. - * - * @param string $server_version the version of the CAS server - * @param string $server_hostname the hostname of the CAS server - * @param int $server_port the port the CAS server is running on - * @param string $server_uri the URI the CAS server is responding on - * @param string|string[]|CAS_ServiceBaseUrl_Interface - * $service_base_url the base URL (protocol, host and the - * optional port) of the CAS client; pass - * in an array to use auto discovery with - * an allowlist; pass in - * CAS_ServiceBaseUrl_Interface for custom - * behavior. Added in 1.6.0. Similar to - * serverName config in other CAS clients. - * @param bool $changeSessionID Allow phpCAS to change the session_id - * (Single Sign Out/handleLogoutRequests - * is based on that change) - * @param \SessionHandlerInterface $sessionHandler the session handler - * - * @return void a newly created CAS_Client object - * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be - * called, only once, and before all other methods (except phpCAS::getVersion() - * and phpCAS::setDebug()). - */ - public static function client($server_version, $server_hostname, - $server_port, $server_uri, $service_base_url, - $changeSessionID = true, \SessionHandlerInterface $sessionHandler = null - ) { - phpCAS :: traceBegin(); - if (is_object(self::$_PHPCAS_CLIENT)) { - phpCAS :: error(self::$_PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . self::$_PHPCAS_INIT_CALL['file'] . ':' . self::$_PHPCAS_INIT_CALL['line'] . ')'); - } - - // store where the initializer is called from - $dbg = debug_backtrace(); - self::$_PHPCAS_INIT_CALL = array ( - 'done' => true, - 'file' => $dbg[0]['file'], - 'line' => $dbg[0]['line'], - 'method' => __CLASS__ . '::' . __FUNCTION__ - ); - - // initialize the object $_PHPCAS_CLIENT - try { - self::$_PHPCAS_CLIENT = new CAS_Client( - $server_version, false, $server_hostname, $server_port, $server_uri, $service_base_url, - $changeSessionID, $sessionHandler - ); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - phpCAS :: traceEnd(); - } - - /** - * phpCAS proxy initializer. - * - * @param string $server_version the version of the CAS server - * @param string $server_hostname the hostname of the CAS server - * @param string $server_port the port the CAS server is running on - * @param string $server_uri the URI the CAS server is responding on - * @param string|string[]|CAS_ServiceBaseUrl_Interface - * $service_base_url the base URL (protocol, host and the - * optional port) of the CAS client; pass - * in an array to use auto discovery with - * an allowlist; pass in - * CAS_ServiceBaseUrl_Interface for custom - * behavior. Added in 1.6.0. Similar to - * serverName config in other CAS clients. - * @param bool $changeSessionID Allow phpCAS to change the session_id - * (Single Sign Out/handleLogoutRequests - * is based on that change) - * @param \SessionHandlerInterface $sessionHandler the session handler - * - * @return void a newly created CAS_Client object - * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be - * called, only once, and before all other methods (except phpCAS::getVersion() - * and phpCAS::setDebug()). - */ - public static function proxy($server_version, $server_hostname, - $server_port, $server_uri, $service_base_url, - $changeSessionID = true, \SessionHandlerInterface $sessionHandler = null - ) { - phpCAS :: traceBegin(); - if (is_object(self::$_PHPCAS_CLIENT)) { - phpCAS :: error(self::$_PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . self::$_PHPCAS_INIT_CALL['file'] . ':' . self::$_PHPCAS_INIT_CALL['line'] . ')'); - } - - // store where the initialzer is called from - $dbg = debug_backtrace(); - self::$_PHPCAS_INIT_CALL = array ( - 'done' => true, - 'file' => $dbg[0]['file'], - 'line' => $dbg[0]['line'], - 'method' => __CLASS__ . '::' . __FUNCTION__ - ); - - // initialize the object $_PHPCAS_CLIENT - try { - self::$_PHPCAS_CLIENT = new CAS_Client( - $server_version, true, $server_hostname, $server_port, $server_uri, $service_base_url, - $changeSessionID, $sessionHandler - ); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - phpCAS :: traceEnd(); - } - - /** - * Answer whether or not the client or proxy has been initialized - * - * @return bool - */ - public static function isInitialized () - { - return (is_object(self::$_PHPCAS_CLIENT)); - } - - /** @} */ - // ######################################################################## - // DEBUGGING - // ######################################################################## - - /** - * @addtogroup publicDebug - * @{ - */ - - /** - * Set/unset PSR-3 logger - * - * @param LoggerInterface $logger the PSR-3 logger used for logging, or - * null to stop logging. - * - * @return void - */ - public static function setLogger($logger = null) - { - if (empty(self::$_PHPCAS_DEBUG['unique_id'])) { - self::$_PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))), 0, 4); - } - self::$_PHPCAS_DEBUG['logger'] = $logger; - self::$_PHPCAS_DEBUG['indent'] = 0; - phpCAS :: trace('START ('.date("Y-m-d H:i:s").') phpCAS-' . PHPCAS_VERSION . ' ******************'); - } - - /** - * Set/unset debug mode - * - * @param string $filename the name of the file used for logging, or false - * to stop debugging. - * - * @return void - * - * @deprecated - */ - public static function setDebug($filename = '') - { - trigger_error('phpCAS::setDebug() is deprecated in favor of phpCAS::setLogger().', E_USER_DEPRECATED); - - if ($filename != false && gettype($filename) != 'string') { - phpCAS :: error('type mismatched for parameter $dbg (should be false or the name of the log file)'); - } - if ($filename === false) { - self::$_PHPCAS_DEBUG['filename'] = false; - - } else { - if (empty ($filename)) { - if (preg_match('/^Win.*/', getenv('OS'))) { - if (isset ($_ENV['TMP'])) { - $debugDir = $_ENV['TMP'] . '/'; - } else { - $debugDir = ''; - } - } else { - $debugDir = DEFAULT_DEBUG_DIR; - } - $filename = $debugDir . 'phpCAS.log'; - } - - if (empty (self::$_PHPCAS_DEBUG['unique_id'])) { - self::$_PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))), 0, 4); - } - - self::$_PHPCAS_DEBUG['filename'] = $filename; - self::$_PHPCAS_DEBUG['indent'] = 0; - - phpCAS :: trace('START ('.date("Y-m-d H:i:s").') phpCAS-' . PHPCAS_VERSION . ' ******************'); - } - } - - /** - * Enable verbose errors messages in the website output - * This is a security relevant since internal status info may leak an may - * help an attacker. Default is therefore false - * - * @param bool $verbose enable verbose output - * - * @return void - */ - public static function setVerbose($verbose) - { - if ($verbose === true) { - self::$_PHPCAS_VERBOSE = true; - } else { - self::$_PHPCAS_VERBOSE = false; - } - } - - - /** - * Show is verbose mode is on - * - * @return bool verbose - */ - public static function getVerbose() - { - return self::$_PHPCAS_VERBOSE; - } - - /** - * Logs a string in debug mode. - * - * @param string $str the string to write - * - * @return void - * @private - */ - public static function log($str) - { - $indent_str = "."; - - - if (isset(self::$_PHPCAS_DEBUG['logger']) || !empty(self::$_PHPCAS_DEBUG['filename'])) { - for ($i = 0; $i < self::$_PHPCAS_DEBUG['indent']; $i++) { - - $indent_str .= '| '; - } - // allow for multiline output with proper identing. Usefull for - // dumping cas answers etc. - $str2 = str_replace("\n", "\n" . self::$_PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str, $str); - $str3 = self::$_PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str2; - if (isset(self::$_PHPCAS_DEBUG['logger'])) { - self::$_PHPCAS_DEBUG['logger']->info($str3); - } - if (!empty(self::$_PHPCAS_DEBUG['filename'])) { - // Check if file exists and modifiy file permissions to be only - // readable by the webserver - if (!file_exists(self::$_PHPCAS_DEBUG['filename'])) { - touch(self::$_PHPCAS_DEBUG['filename']); - // Chmod will fail on windows - @chmod(self::$_PHPCAS_DEBUG['filename'], 0600); - } - error_log($str3 . "\n", 3, self::$_PHPCAS_DEBUG['filename']); - } - } - - } - - /** - * This method is used by interface methods to print an error and where the - * function was originally called from. - * - * @param string $msg the message to print - * - * @return void - * @private - */ - public static function error($msg) - { - phpCAS :: traceBegin(); - $dbg = debug_backtrace(); - $function = '?'; - $file = '?'; - $line = '?'; - if (is_array($dbg)) { - for ($i = 1; $i < sizeof($dbg); $i++) { - if (is_array($dbg[$i]) && isset($dbg[$i]['class']) ) { - if ($dbg[$i]['class'] == __CLASS__) { - $function = $dbg[$i]['function']; - $file = $dbg[$i]['file']; - $line = $dbg[$i]['line']; - } - } - } - } - if (self::$_PHPCAS_VERBOSE) { - echo "
\nphpCAS error: " . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . " in " . $file . " on line " . $line . "
\n"; - } - phpCAS :: trace($msg . ' in ' . $file . 'on line ' . $line ); - phpCAS :: traceEnd(); - - throw new CAS_GracefullTerminationException(__CLASS__ . "::" . $function . '(): ' . $msg); - } - - /** - * This method is used to log something in debug mode. - * - * @param string $str string to log - * - * @return void - */ - public static function trace($str) - { - $dbg = debug_backtrace(); - phpCAS :: log($str . ' [' . basename($dbg[0]['file']) . ':' . $dbg[0]['line'] . ']'); - } - - /** - * This method is used to indicate the start of the execution of a function - * in debug mode. - * - * @return void - */ - public static function traceBegin() - { - $dbg = debug_backtrace(); - $str = '=> '; - if (!empty ($dbg[1]['class'])) { - $str .= $dbg[1]['class'] . '::'; - } - $str .= $dbg[1]['function'] . '('; - if (is_array($dbg[1]['args'])) { - foreach ($dbg[1]['args'] as $index => $arg) { - if ($index != 0) { - $str .= ', '; - } - if (is_object($arg)) { - $str .= get_class($arg); - } else { - $str .= str_replace(array("\r\n", "\n", "\r"), "", var_export($arg, true)); - } - } - } - if (isset($dbg[1]['file'])) { - $file = basename($dbg[1]['file']); - } else { - $file = 'unknown_file'; - } - if (isset($dbg[1]['line'])) { - $line = $dbg[1]['line']; - } else { - $line = 'unknown_line'; - } - $str .= ') [' . $file . ':' . $line . ']'; - phpCAS :: log($str); - if (!isset(self::$_PHPCAS_DEBUG['indent'])) { - self::$_PHPCAS_DEBUG['indent'] = 0; - } else { - self::$_PHPCAS_DEBUG['indent']++; - } - } - - /** - * This method is used to indicate the end of the execution of a function in - * debug mode. - * - * @param mixed $res the result of the function - * - * @return void - */ - public static function traceEnd($res = '') - { - if (empty(self::$_PHPCAS_DEBUG['indent'])) { - self::$_PHPCAS_DEBUG['indent'] = 0; - } else { - self::$_PHPCAS_DEBUG['indent']--; - } - $str = ''; - if (is_object($res)) { - $str .= '<= ' . get_class($res); - } else { - $str .= '<= ' . str_replace(array("\r\n", "\n", "\r"), "", var_export($res, true)); - } - - phpCAS :: log($str); - } - - /** - * This method is used to indicate the end of the execution of the program - * - * @return void - */ - public static function traceExit() - { - phpCAS :: log('exit()'); - while (self::$_PHPCAS_DEBUG['indent'] > 0) { - phpCAS :: log('-'); - self::$_PHPCAS_DEBUG['indent']--; - } - } - - /** @} */ - // ######################################################################## - // INTERNATIONALIZATION - // ######################################################################## - /** - * @addtogroup publicLang - * @{ - */ - - /** - * This method is used to set the language used by phpCAS. - * - * @param string $lang string representing the language. - * - * @return void - * - * @sa PHPCAS_LANG_FRENCH, PHPCAS_LANG_ENGLISH - * @note Can be called only once. - */ - public static function setLang($lang) - { - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->setLang($lang); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - /** @} */ - // ######################################################################## - // VERSION - // ######################################################################## - /** - * @addtogroup public - * @{ - */ - - /** - * This method returns the phpCAS version. - * - * @return string the phpCAS version. - */ - public static function getVersion() - { - return PHPCAS_VERSION; - } - - /** - * This method returns supported protocols. - * - * @return array an array of all supported protocols. Use internal protocol name as array key. - */ - public static function getSupportedProtocols() - { - $supportedProtocols = array(); - $supportedProtocols[CAS_VERSION_1_0] = 'CAS 1.0'; - $supportedProtocols[CAS_VERSION_2_0] = 'CAS 2.0'; - $supportedProtocols[CAS_VERSION_3_0] = 'CAS 3.0'; - $supportedProtocols[SAML_VERSION_1_1] = 'SAML 1.1'; - - return $supportedProtocols; - } - - /** @} */ - // ######################################################################## - // HTML OUTPUT - // ######################################################################## - /** - * @addtogroup publicOutput - * @{ - */ - - /** - * This method sets the HTML header used for all outputs. - * - * @param string $header the HTML header. - * - * @return void - */ - public static function setHTMLHeader($header) - { - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->setHTMLHeader($header); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - /** - * This method sets the HTML footer used for all outputs. - * - * @param string $footer the HTML footer. - * - * @return void - */ - public static function setHTMLFooter($footer) - { - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->setHTMLFooter($footer); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - /** @} */ - // ######################################################################## - // PGT STORAGE - // ######################################################################## - /** - * @addtogroup publicPGTStorage - * @{ - */ - - /** - * This method can be used to set a custom PGT storage object. - * - * @param CAS_PGTStorage_AbstractStorage $storage a PGT storage object that inherits from the - * CAS_PGTStorage_AbstractStorage class - * - * @return void - */ - public static function setPGTStorage($storage) - { - phpCAS :: traceBegin(); - phpCAS::_validateProxyExists(); - - try { - self::$_PHPCAS_CLIENT->setPGTStorage($storage); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - phpCAS :: traceEnd(); - } - - /** - * This method is used to tell phpCAS to store the response of the - * CAS server to PGT requests in a database. - * - * @param string $dsn_or_pdo a dsn string to use for creating a PDO - * object or a PDO object - * @param string $username the username to use when connecting to the - * database - * @param string $password the password to use when connecting to the - * database - * @param string $table the table to use for storing and retrieving - * PGT's - * @param string $driver_options any driver options to use when connecting - * to the database - * - * @return void - */ - public static function setPGTStorageDb($dsn_or_pdo, $username='', - $password='', $table='', $driver_options=null - ) { - phpCAS :: traceBegin(); - phpCAS::_validateProxyExists(); - - try { - self::$_PHPCAS_CLIENT->setPGTStorageDb($dsn_or_pdo, $username, $password, $table, $driver_options); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - phpCAS :: traceEnd(); - } - - /** - * This method is used to tell phpCAS to store the response of the - * CAS server to PGT requests onto the filesystem. - * - * @param string $path the path where the PGT's should be stored - * - * @return void - */ - public static function setPGTStorageFile($path = '') - { - phpCAS :: traceBegin(); - phpCAS::_validateProxyExists(); - - try { - self::$_PHPCAS_CLIENT->setPGTStorageFile($path); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - phpCAS :: traceEnd(); - } - /** @} */ - // ######################################################################## - // ACCESS TO EXTERNAL SERVICES - // ######################################################################## - /** - * @addtogroup publicServices - * @{ - */ - - /** - * Answer a proxy-authenticated service handler. - * - * @param string $type The service type. One of - * PHPCAS_PROXIED_SERVICE_HTTP_GET; PHPCAS_PROXIED_SERVICE_HTTP_POST; - * PHPCAS_PROXIED_SERVICE_IMAP - * - * @return CAS_ProxiedService - * @throws InvalidArgumentException If the service type is unknown. - */ - public static function getProxiedService ($type) - { - phpCAS :: traceBegin(); - phpCAS::_validateProxyExists(); - - try { - $res = self::$_PHPCAS_CLIENT->getProxiedService($type); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd(); - return $res; - } - - /** - * Initialize a proxied-service handler with the proxy-ticket it should use. - * - * @param CAS_ProxiedService $proxiedService Proxied Service Handler - * - * @return void - * @throws CAS_ProxyTicketException If there is a proxy-ticket failure. - * The code of the Exception will be one of: - * PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE - * PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE - * PHPCAS_SERVICE_PT_FAILURE - */ - public static function initializeProxiedService (CAS_ProxiedService $proxiedService) - { - phpCAS::_validateProxyExists(); - - try { - self::$_PHPCAS_CLIENT->initializeProxiedService($proxiedService); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - /** - * This method is used to access an HTTP[S] service. - * - * @param string $url the service to access. - * @param int &$err_code an error code Possible values are - * PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, - * PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, - * PHPCAS_SERVICE_NOT_AVAILABLE. - * @param string &$output the output of the service (also used to give an - * error message on failure). - * - * @return bool true on success, false otherwise (in this later case, - * $err_code gives the reason why it failed and $output contains an error - * message). - */ - public static function serviceWeb($url, & $err_code, & $output) - { - phpCAS :: traceBegin(); - phpCAS::_validateProxyExists(); - - try { - $res = self::$_PHPCAS_CLIENT->serviceWeb($url, $err_code, $output); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd($res); - return $res; - } - - /** - * This method is used to access an IMAP/POP3/NNTP service. - * - * @param string $url a string giving the URL of the service, - * including the mailing box for IMAP URLs, as accepted by imap_open(). - * @param string $service a string giving for CAS retrieve Proxy ticket - * @param string $flags options given to imap_open(). - * @param int &$err_code an error code Possible values are - * PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, - * PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, - * PHPCAS_SERVICE_NOT_AVAILABLE. - * @param string &$err_msg an error message on failure - * @param string &$pt the Proxy Ticket (PT) retrieved from the CAS - * server to access the URL on success, false on error). - * - * @return object|false IMAP stream on success, false otherwise (in this later - * case, $err_code gives the reason why it failed and $err_msg contains an - * error message). - */ - public static function serviceMail($url, $service, $flags, & $err_code, & $err_msg, & $pt) - { - phpCAS :: traceBegin(); - phpCAS::_validateProxyExists(); - - try { - $res = self::$_PHPCAS_CLIENT->serviceMail($url, $service, $flags, $err_code, $err_msg, $pt); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd($res); - return $res; - } - - /** @} */ - // ######################################################################## - // AUTHENTICATION - // ######################################################################## - /** - * @addtogroup publicAuth - * @{ - */ - - /** - * Set the times authentication will be cached before really accessing the - * CAS server in gateway mode: - * - -1: check only once, and then never again (until you pree login) - * - 0: always check - * - n: check every "n" time - * - * @param int $n an integer. - * - * @return void - */ - public static function setCacheTimesForAuthRecheck($n) - { - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->setCacheTimesForAuthRecheck($n); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - - /** - * Set a callback function to be run when receiving CAS attributes - * - * The callback function will be passed an $success_elements - * payload of the response (\DOMElement) as its first parameter. - * - * @param string $function Callback function - * @param array $additionalArgs optional array of arguments - * - * @return void - */ - public static function setCasAttributeParserCallback($function, array $additionalArgs = array()) - { - phpCAS::_validateClientExists(); - - self::$_PHPCAS_CLIENT->setCasAttributeParserCallback($function, $additionalArgs); - } - - /** - * Set a callback function to be run when a user authenticates. - * - * The callback function will be passed a $logoutTicket as its first - * parameter, followed by any $additionalArgs you pass. The $logoutTicket - * parameter is an opaque string that can be used to map the session-id to - * logout request in order to support single-signout in applications that - * manage their own sessions (rather than letting phpCAS start the session). - * - * phpCAS::forceAuthentication() will always exit and forward client unless - * they are already authenticated. To perform an action at the moment the user - * logs in (such as registering an account, performing logging, etc), register - * a callback function here. - * - * @param callable $function Callback function - * @param array $additionalArgs optional array of arguments - * - * @return void - */ - public static function setPostAuthenticateCallback ($function, array $additionalArgs = array()) - { - phpCAS::_validateClientExists(); - - self::$_PHPCAS_CLIENT->setPostAuthenticateCallback($function, $additionalArgs); - } - - /** - * Set a callback function to be run when a single-signout request is - * received. The callback function will be passed a $logoutTicket as its - * first parameter, followed by any $additionalArgs you pass. The - * $logoutTicket parameter is an opaque string that can be used to map a - * session-id to the logout request in order to support single-signout in - * applications that manage their own sessions (rather than letting phpCAS - * start and destroy the session). - * - * @param callable $function Callback function - * @param array $additionalArgs optional array of arguments - * - * @return void - */ - public static function setSingleSignoutCallback ($function, array $additionalArgs = array()) - { - phpCAS::_validateClientExists(); - - self::$_PHPCAS_CLIENT->setSingleSignoutCallback($function, $additionalArgs); - } - - /** - * This method is called to check if the user is already authenticated - * locally or has a global cas session. A already existing cas session is - * determined by a cas gateway call.(cas login call without any interactive - * prompt) - * - * @return bool true when the user is authenticated, false when a previous - * gateway login failed or the function will not return if the user is - * redirected to the cas server for a gateway login attempt - */ - public static function checkAuthentication() - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - $auth = self::$_PHPCAS_CLIENT->checkAuthentication(); - - // store where the authentication has been checked and the result - self::$_PHPCAS_CLIENT->markAuthenticationCall($auth); - - phpCAS :: traceEnd($auth); - return $auth; - } - - /** - * This method is called to force authentication if the user was not already - * authenticated. If the user is not authenticated, halt by redirecting to - * the CAS server. - * - * @return bool Authentication - */ - public static function forceAuthentication() - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - $auth = self::$_PHPCAS_CLIENT->forceAuthentication(); - - // store where the authentication has been checked and the result - self::$_PHPCAS_CLIENT->markAuthenticationCall($auth); - - /* if (!$auth) { - phpCAS :: trace('user is not authenticated, redirecting to the CAS server'); - self::$_PHPCAS_CLIENT->forceAuthentication(); - } else { - phpCAS :: trace('no need to authenticate (user `' . phpCAS :: getUser() . '\' is already authenticated)'); - }*/ - - phpCAS :: traceEnd(); - return $auth; - } - - /** - * This method is called to renew the authentication. - * - * @return void - **/ - public static function renewAuthentication() - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - $auth = self::$_PHPCAS_CLIENT->renewAuthentication(); - - // store where the authentication has been checked and the result - self::$_PHPCAS_CLIENT->markAuthenticationCall($auth); - - //self::$_PHPCAS_CLIENT->renewAuthentication(); - phpCAS :: traceEnd(); - } - - /** - * This method is called to check if the user is authenticated (previously or by - * tickets given in the URL). - * - * @return bool true when the user is authenticated. - */ - public static function isAuthenticated() - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - // call the isAuthenticated method of the $_PHPCAS_CLIENT object - $auth = self::$_PHPCAS_CLIENT->isAuthenticated(); - - // store where the authentication has been checked and the result - self::$_PHPCAS_CLIENT->markAuthenticationCall($auth); - - phpCAS :: traceEnd($auth); - return $auth; - } - - /** - * Checks whether authenticated based on $_SESSION. Useful to avoid - * server calls. - * - * @return bool true if authenticated, false otherwise. - * @since 0.4.22 by Brendan Arnold - */ - public static function isSessionAuthenticated() - { - phpCAS::_validateClientExists(); - - return (self::$_PHPCAS_CLIENT->isSessionAuthenticated()); - } - - /** - * This method returns the CAS user's login name. - * - * @return string the login name of the authenticated user - * @warning should only be called after phpCAS::forceAuthentication() - * or phpCAS::checkAuthentication(). - * */ - public static function getUser() - { - phpCAS::_validateClientExists(); - - try { - return self::$_PHPCAS_CLIENT->getUser(); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - /** - * Answer attributes about the authenticated user. - * - * @warning should only be called after phpCAS::forceAuthentication() - * or phpCAS::checkAuthentication(). - * - * @return array - */ - public static function getAttributes() - { - phpCAS::_validateClientExists(); - - try { - return self::$_PHPCAS_CLIENT->getAttributes(); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - /** - * Answer true if there are attributes for the authenticated user. - * - * @warning should only be called after phpCAS::forceAuthentication() - * or phpCAS::checkAuthentication(). - * - * @return bool - */ - public static function hasAttributes() - { - phpCAS::_validateClientExists(); - - try { - return self::$_PHPCAS_CLIENT->hasAttributes(); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - /** - * Answer true if an attribute exists for the authenticated user. - * - * @param string $key attribute name - * - * @return bool - * @warning should only be called after phpCAS::forceAuthentication() - * or phpCAS::checkAuthentication(). - */ - public static function hasAttribute($key) - { - phpCAS::_validateClientExists(); - - try { - return self::$_PHPCAS_CLIENT->hasAttribute($key); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - /** - * Answer an attribute for the authenticated user. - * - * @param string $key attribute name - * - * @return mixed string for a single value or an array if multiple values exist. - * @warning should only be called after phpCAS::forceAuthentication() - * or phpCAS::checkAuthentication(). - */ - public static function getAttribute($key) - { - phpCAS::_validateClientExists(); - - try { - return self::$_PHPCAS_CLIENT->getAttribute($key); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - /** - * Handle logout requests. - * - * @param bool $check_client additional safety check - * @param array $allowed_clients array of allowed clients - * - * @return void - */ - public static function handleLogoutRequests($check_client = true, $allowed_clients = array()) - { - phpCAS::_validateClientExists(); - - return (self::$_PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients)); - } - - /** - * This method returns the URL to be used to login. - * - * @return string the login URL - */ - public static function getServerLoginURL() - { - phpCAS::_validateClientExists(); - - return self::$_PHPCAS_CLIENT->getServerLoginURL(); - } - - /** - * Set the login URL of the CAS server. - * - * @param string $url the login URL - * - * @return void - * @since 0.4.21 by Wyman Chan - */ - public static function setServerLoginURL($url = '') - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->setServerLoginURL($url); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd(); - } - - /** - * Set the serviceValidate URL of the CAS server. - * Used for all CAS versions of URL validations. - * Examples: - * CAS 1.0 http://www.exemple.com/validate - * CAS 2.0 http://www.exemple.com/validateURL - * CAS 3.0 http://www.exemple.com/p3/serviceValidate - * - * @param string $url the serviceValidate URL - * - * @return void - */ - public static function setServerServiceValidateURL($url = '') - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->setServerServiceValidateURL($url); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd(); - } - - /** - * Set the proxyValidate URL of the CAS server. - * Used for all CAS versions of proxy URL validations - * Examples: - * CAS 1.0 http://www.exemple.com/ - * CAS 2.0 http://www.exemple.com/proxyValidate - * CAS 3.0 http://www.exemple.com/p3/proxyValidate - * - * @param string $url the proxyValidate URL - * - * @return void - */ - public static function setServerProxyValidateURL($url = '') - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->setServerProxyValidateURL($url); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd(); - } - - /** - * Set the samlValidate URL of the CAS server. - * - * @param string $url the samlValidate URL - * - * @return void - */ - public static function setServerSamlValidateURL($url = '') - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->setServerSamlValidateURL($url); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd(); - } - - /** - * This method returns the URL to be used to logout. - * - * @return string the URL to use to log out - */ - public static function getServerLogoutURL() - { - phpCAS::_validateClientExists(); - - return self::$_PHPCAS_CLIENT->getServerLogoutURL(); - } - - /** - * Set the logout URL of the CAS server. - * - * @param string $url the logout URL - * - * @return void - * @since 0.4.21 by Wyman Chan - */ - public static function setServerLogoutURL($url = '') - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->setServerLogoutURL($url); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd(); - } - - /** - * This method is used to logout from CAS. - * - * @param string $params an array that contains the optional url and - * service parameters that will be passed to the CAS server - * - * @return void - */ - public static function logout($params = "") - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - $parsedParams = array (); - if ($params != "") { - if (is_string($params)) { - phpCAS :: error('method `phpCAS::logout($url)\' is now deprecated, use `phpCAS::logoutWithUrl($url)\' instead'); - } - if (!is_array($params)) { - phpCAS :: error('type mismatched for parameter $params (should be `array\')'); - } - foreach ($params as $key => $value) { - if ($key != "service" && $key != "url") { - phpCAS :: error('only `url\' and `service\' parameters are allowed for method `phpCAS::logout($params)\''); - } - $parsedParams[$key] = $value; - } - } - self::$_PHPCAS_CLIENT->logout($parsedParams); - // never reached - phpCAS :: traceEnd(); - } - - /** - * This method is used to logout from CAS. Halts by redirecting to the CAS - * server. - * - * @param string $service a URL that will be transmitted to the CAS server - * - * @return void - */ - public static function logoutWithRedirectService($service) - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - if (!is_string($service)) { - phpCAS :: error('type mismatched for parameter $service (should be `string\')'); - } - self::$_PHPCAS_CLIENT->logout(array ( "service" => $service )); - // never reached - phpCAS :: traceEnd(); - } - - /** - * This method is used to logout from CAS. Halts by redirecting to the CAS - * server. - * - * @param string $url a URL that will be transmitted to the CAS server - * - * @return void - * @deprecated The url parameter has been removed from the CAS server as of - * version 3.3.5.1 - */ - public static function logoutWithUrl($url) - { - trigger_error('Function deprecated for cas servers >= 3.3.5.1', E_USER_DEPRECATED); - phpCAS :: traceBegin(); - if (!is_object(self::$_PHPCAS_CLIENT)) { - phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()'); - } - if (!is_string($url)) { - phpCAS :: error('type mismatched for parameter $url (should be `string\')'); - } - self::$_PHPCAS_CLIENT->logout(array ( "url" => $url )); - // never reached - phpCAS :: traceEnd(); - } - - /** - * This method is used to logout from CAS. Halts by redirecting to the CAS - * server. - * - * @param string $service a URL that will be transmitted to the CAS server - * @param string $url a URL that will be transmitted to the CAS server - * - * @return void - * - * @deprecated The url parameter has been removed from the CAS server as of - * version 3.3.5.1 - */ - public static function logoutWithRedirectServiceAndUrl($service, $url) - { - trigger_error('Function deprecated for cas servers >= 3.3.5.1', E_USER_DEPRECATED); - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - if (!is_string($service)) { - phpCAS :: error('type mismatched for parameter $service (should be `string\')'); - } - if (!is_string($url)) { - phpCAS :: error('type mismatched for parameter $url (should be `string\')'); - } - self::$_PHPCAS_CLIENT->logout( - array ( - "service" => $service, - "url" => $url - ) - ); - // never reached - phpCAS :: traceEnd(); - } - - /** - * Set the fixed URL that will be used by the CAS server to transmit the - * PGT. When this method is not called, a phpCAS script uses its own URL - * for the callback. - * - * @param string $url the URL - * - * @return void - */ - public static function setFixedCallbackURL($url = '') - { - phpCAS :: traceBegin(); - phpCAS::_validateProxyExists(); - - try { - self::$_PHPCAS_CLIENT->setCallbackURL($url); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd(); - } - - /** - * Set the fixed URL that will be set as the CAS service parameter. When this - * method is not called, a phpCAS script uses its own URL. - * - * @param string $url the URL - * - * @return void - */ - public static function setFixedServiceURL($url) - { - phpCAS :: traceBegin(); - phpCAS::_validateProxyExists(); - - try { - self::$_PHPCAS_CLIENT->setURL($url); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd(); - } - - /** - * Get the URL that is set as the CAS service parameter. - * - * @return string Service Url - */ - public static function getServiceURL() - { - phpCAS::_validateProxyExists(); - return (self::$_PHPCAS_CLIENT->getURL()); - } - - /** - * Retrieve a Proxy Ticket from the CAS server. - * - * @param string $target_service Url string of service to proxy - * @param int &$err_code error code - * @param string &$err_msg error message - * - * @return string Proxy Ticket - */ - public static function retrievePT($target_service, & $err_code, & $err_msg) - { - phpCAS::_validateProxyExists(); - - try { - return (self::$_PHPCAS_CLIENT->retrievePT($target_service, $err_code, $err_msg)); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - } - - /** - * Set the certificate of the CAS server CA and if the CN should be properly - * verified. - * - * @param string $cert CA certificate file name - * @param bool $validate_cn Validate CN in certificate (default true) - * - * @return void - */ - public static function setCasServerCACert($cert, $validate_cn = true) - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->setCasServerCACert($cert, $validate_cn); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd(); - } - - /** - * Set no SSL validation for the CAS server. - * - * @return void - */ - public static function setNoCasServerValidation() - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - phpCAS :: trace('You have configured no validation of the legitimacy of the cas server. This is not recommended for production use.'); - self::$_PHPCAS_CLIENT->setNoCasServerValidation(); - phpCAS :: traceEnd(); - } - - - /** - * Disable the removal of a CAS-Ticket from the URL when authenticating - * DISABLING POSES A SECURITY RISK: - * We normally remove the ticket by an additional redirect as a security - * precaution to prevent a ticket in the HTTP_REFERRER or be carried over in - * the URL parameter - * - * @return void - */ - public static function setNoClearTicketsFromUrl() - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - self::$_PHPCAS_CLIENT->setNoClearTicketsFromUrl(); - phpCAS :: traceEnd(); - } - - /** @} */ - - /** - * Change CURL options. - * CURL is used to connect through HTTPS to CAS server - * - * @param string $key the option key - * @param string $value the value to set - * - * @return void - */ - public static function setExtraCurlOption($key, $value) - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - self::$_PHPCAS_CLIENT->setExtraCurlOption($key, $value); - phpCAS :: traceEnd(); - } - - /** - * Set a salt/seed for the session-id hash to make it harder to guess. - * - * When $changeSessionID = true phpCAS will create a session-id that is derived - * from the service ticket. Doing so allows phpCAS to look-up and destroy the - * proper session on single-log-out requests. While the service tickets - * provided by the CAS server may include enough data to generate a strong - * hash, clients may provide an additional salt to ensure that session ids - * are not guessable if the session tickets do not have enough entropy. - * - * @param string $salt The salt to combine with the session ticket. - * - * @return void - */ - public static function setSessionIdSalt($salt) { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - self::$_PHPCAS_CLIENT->setSessionIdSalt($salt); - phpCAS :: traceEnd(); - } - - /** - * If you want your service to be proxied you have to enable it (default - * disabled) and define an accepable list of proxies that are allowed to - * proxy your service. - * - * Add each allowed proxy definition object. For the normal CAS_ProxyChain - * class, the constructor takes an array of proxies to match. The list is in - * reverse just as seen from the service. Proxies have to be defined in reverse - * from the service to the user. If a user hits service A and gets proxied via - * B to service C the list of acceptable on C would be array(B,A). The definition - * of an individual proxy can be either a string or a regexp (preg_match is used) - * that will be matched against the proxy list supplied by the cas server - * when validating the proxy tickets. The strings are compared starting from - * the beginning and must fully match with the proxies in the list. - * Example: - * phpCAS::allowProxyChain(new CAS_ProxyChain(array( - * 'https://app.example.com/' - * ))); - * phpCAS::allowProxyChain(new CAS_ProxyChain(array( - * '/^https:\/\/app[0-9]\.example\.com\/rest\//', - * 'http://client.example.com/' - * ))); - * - * For quick testing or in certain production screnarios you might want to - * allow allow any other valid service to proxy your service. To do so, add - * the "Any" chain: - * phpCAS::allowProxyChain(new CAS_ProxyChain_Any); - * THIS SETTING IS HOWEVER NOT RECOMMENDED FOR PRODUCTION AND HAS SECURITY - * IMPLICATIONS: YOU ARE ALLOWING ANY SERVICE TO ACT ON BEHALF OF A USER - * ON THIS SERVICE. - * - * @param CAS_ProxyChain_Interface $proxy_chain A proxy-chain that will be - * matched against the proxies requesting access - * - * @return void - */ - public static function allowProxyChain(CAS_ProxyChain_Interface $proxy_chain) - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - if (self::$_PHPCAS_CLIENT->getServerVersion() !== CAS_VERSION_2_0 - && self::$_PHPCAS_CLIENT->getServerVersion() !== CAS_VERSION_3_0 - ) { - phpCAS :: error('this method can only be used with the cas 2.0/3.0 protocols'); - } - self::$_PHPCAS_CLIENT->getAllowedProxyChains()->allowProxyChain($proxy_chain); - phpCAS :: traceEnd(); - } - - /** - * Answer an array of proxies that are sitting in front of this application. - * This method will only return a non-empty array if we have received and - * validated a Proxy Ticket. - * - * @return array - * @access public - * @since 6/25/09 - */ - public static function getProxies () - { - phpCAS::_validateProxyExists(); - - return(self::$_PHPCAS_CLIENT->getProxies()); - } - - // ######################################################################## - // PGTIOU/PGTID and logoutRequest rebroadcasting - // ######################################################################## - - /** - * Add a pgtIou/pgtId and logoutRequest rebroadcast node. - * - * @param string $rebroadcastNodeUrl The rebroadcast node URL. Can be - * hostname or IP. - * - * @return void - */ - public static function addRebroadcastNode($rebroadcastNodeUrl) - { - phpCAS::traceBegin(); - phpCAS::log('rebroadcastNodeUrl:'.$rebroadcastNodeUrl); - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->addRebroadcastNode($rebroadcastNodeUrl); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS::traceEnd(); - } - - /** - * This method is used to add header parameters when rebroadcasting - * pgtIou/pgtId or logoutRequest. - * - * @param String $header Header to send when rebroadcasting. - * - * @return void - */ - public static function addRebroadcastHeader($header) - { - phpCAS :: traceBegin(); - phpCAS::_validateClientExists(); - - try { - self::$_PHPCAS_CLIENT->addRebroadcastHeader($header); - } catch (Exception $e) { - phpCAS :: error(get_class($e) . ': ' . $e->getMessage()); - } - - phpCAS :: traceEnd(); - } - - /** - * Checks if a client already exists - * - * @throws CAS_OutOfSequenceBeforeClientException - * - * @return void - */ - private static function _validateClientExists() - { - if (!is_object(self::$_PHPCAS_CLIENT)) { - throw new CAS_OutOfSequenceBeforeClientException(); - } - } - - /** - * Checks of a proxy client aready exists - * - * @throws CAS_OutOfSequenceBeforeProxyException - * - * @return void - */ - private static function _validateProxyExists() - { - if (!is_object(self::$_PHPCAS_CLIENT)) { - throw new CAS_OutOfSequenceBeforeProxyException(); - } - } - - /** - * @return CAS_Client - */ - public static function getCasClient() - { - return self::$_PHPCAS_CLIENT; - } - - /** - * For testing purposes, use this method to set the client to a test double - * - * @return void - */ - public static function setCasClient(\CAS_Client $client) - { - self::$_PHPCAS_CLIENT = $client; - } -} -// ######################################################################## -// DOCUMENTATION -// ######################################################################## - -// ######################################################################## -// MAIN PAGE - -/** - * @mainpage - * - * The following pages only show the source documentation. - * - */ - -// ######################################################################## -// MODULES DEFINITION - -/** @defgroup public User interface */ - -/** @defgroup publicInit Initialization - * @ingroup public */ - -/** @defgroup publicAuth Authentication - * @ingroup public */ - -/** @defgroup publicServices Access to external services - * @ingroup public */ - -/** @defgroup publicConfig Configuration - * @ingroup public */ - -/** @defgroup publicLang Internationalization - * @ingroup publicConfig */ - -/** @defgroup publicOutput HTML output - * @ingroup publicConfig */ - -/** @defgroup publicPGTStorage PGT storage - * @ingroup publicConfig */ - -/** @defgroup publicDebug Debugging - * @ingroup public */ - -/** @defgroup internal Implementation */ - -/** @defgroup internalAuthentication Authentication - * @ingroup internal */ - -/** @defgroup internalBasic CAS Basic client features (CAS 1.0, Service Tickets) - * @ingroup internal */ - -/** @defgroup internalProxy CAS Proxy features (CAS 2.0, Proxy Granting Tickets) - * @ingroup internal */ - -/** @defgroup internalSAML CAS SAML features (SAML 1.1) - * @ingroup internal */ - -/** @defgroup internalPGTStorage PGT storage - * @ingroup internalProxy */ - -/** @defgroup internalPGTStorageDb PGT storage in a database - * @ingroup internalPGTStorage */ - -/** @defgroup internalPGTStorageFile PGT storage on the filesystem - * @ingroup internalPGTStorage */ - -/** @defgroup internalCallback Callback from the CAS server - * @ingroup internalProxy */ - -/** @defgroup internalProxyServices Proxy other services - * @ingroup internalProxy */ - -/** @defgroup internalService CAS client features (CAS 2.0, Proxied service) - * @ingroup internal */ - -/** @defgroup internalConfig Configuration - * @ingroup internal */ - -/** @defgroup internalBehave Internal behaviour of phpCAS - * @ingroup internalConfig */ - -/** @defgroup internalOutput HTML output - * @ingroup internalConfig */ - -/** @defgroup internalLang Internationalization - * @ingroup internalConfig - * - * To add a new language: - * - 1. define a new constant PHPCAS_LANG_XXXXXX in CAS/CAS.php - * - 2. copy any file from CAS/languages to CAS/languages/XXXXXX.php - * - 3. Make the translations - */ - -/** @defgroup internalDebug Debugging - * @ingroup internal */ - -/** @defgroup internalMisc Miscellaneous - * @ingroup internal */ - -// ######################################################################## -// EXAMPLES - -/** - * @example example_simple.php - */ -/** - * @example example_service.php - */ -/** - * @example example_service_that_proxies.php - */ -/** - * @example example_service_POST.php - */ -/** - * @example example_proxy_serviceWeb.php - */ -/** - * @example example_proxy_serviceWeb_chaining.php - */ -/** - * @example example_proxy_POST.php - */ -/** - * @example example_proxy_GET.php - */ -/** - * @example example_lang.php - */ -/** - * @example example_html.php - */ -/** - * @example example_pgt_storage_file.php - */ -/** - * @example example_pgt_storage_db.php - */ -/** - * @example example_gateway.php - */ -/** - * @example example_logout.php - */ -/** - * @example example_rebroadcast.php - */ -/** - * @example example_custom_urls.php - */ -/** - * @example example_advanced_saml11.php - */ diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/AuthenticationException.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/AuthenticationException.php deleted file mode 100644 index 803c8890..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/AuthenticationException.php +++ /dev/null @@ -1,115 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This interface defines methods that allow proxy-authenticated service handlers - * to interact with phpCAS. - * - * Proxy service handlers must implement this interface as well as call - * phpCAS::initializeProxiedService($this) at some point in their implementation. - * - * While not required, proxy-authenticated service handlers are encouraged to - * implement the CAS_ProxiedService_Testable interface to facilitate unit testing. - * - * @class CAS_AuthenticationException - * @category Authentication - * @package PhpCAS - * @author Joachim Fritschi - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -class CAS_AuthenticationException -extends RuntimeException -implements CAS_Exception -{ - - /** - * This method is used to print the HTML output when the user was not - * authenticated. - * - * @param CAS_Client $client phpcas client - * @param string $failure the failure that occured - * @param string $cas_url the URL the CAS server was asked for - * @param bool $no_response the response from the CAS server (other - * parameters are ignored if TRUE) - * @param bool $bad_response bad response from the CAS server ($err_code - * and $err_msg ignored if TRUE) - * @param string $cas_response the response of the CAS server - * @param int $err_code the error code given by the CAS server - * @param string $err_msg the error message given by the CAS server - */ - public function __construct($client,$failure,$cas_url,$no_response, - $bad_response=false,$cas_response='',$err_code=-1,$err_msg='' - ) { - $messages = array(); - phpCAS::traceBegin(); - $lang = $client->getLangObj(); - $client->printHTMLHeader($lang->getAuthenticationFailed()); - - if (phpCAS::getVerbose()) { - printf( - $lang->getYouWereNotAuthenticated(), - htmlentities($client->getURL()), - $_SERVER['SERVER_ADMIN'] ?? '' - ); - } - - phpCAS::trace($messages[] = 'CAS URL: '.$cas_url); - phpCAS::trace($messages[] = 'Authentication failure: '.$failure); - if ( $no_response ) { - phpCAS::trace($messages[] = 'Reason: no response from the CAS server'); - } else { - if ( $bad_response ) { - phpCAS::trace($messages[] = 'Reason: bad response from the CAS server'); - } else { - switch ($client->getServerVersion()) { - case CAS_VERSION_1_0: - phpCAS::trace($messages[] = 'Reason: CAS error'); - break; - case CAS_VERSION_2_0: - case CAS_VERSION_3_0: - if ( $err_code === -1 ) { - phpCAS::trace($messages[] = 'Reason: no CAS error'); - } else { - phpCAS::trace($messages[] = 'Reason: ['.$err_code.'] CAS error: '.$err_msg); - } - break; - } - } - phpCAS::trace($messages[] = 'CAS response: '.$cas_response); - } - $client->printHTMLFooter(); - phpCAS::traceExit(); - - parent::__construct(implode("\n", $messages)); - } - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Autoload.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Autoload.php deleted file mode 100644 index 29395d59..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Autoload.php +++ /dev/null @@ -1,95 +0,0 @@ - - * @copyright 2008 Regents of the University of Nebraska - * @license http://www1.unl.edu/wdn/wiki/Software_License BSD License - * @link http://code.google.com/p/simplecas/ - **/ - -/** - * Autoload a class - * - * @param string $class Classname to load - * - * @return bool - */ -function CAS_autoload($class) -{ - // Static to hold the Include Path to CAS - static $include_path; - // Check only for CAS classes - if (substr($class, 0, 4) !== 'CAS_' && substr($class, 0, 7) !== 'PhpCas\\') { - return false; - } - - // Setup the include path if it's not already set from a previous call - if (empty($include_path)) { - $include_path = array(dirname(__DIR__)); - } - - // Declare local variable to store the expected full path to the file - foreach ($include_path as $path) { - $class_path = str_replace('_', DIRECTORY_SEPARATOR, $class); - // PhpCas namespace mapping - if (substr($class_path, 0, 7) === 'PhpCas\\') { - $class_path = 'CAS' . DIRECTORY_SEPARATOR . substr($class_path, 7); - } - - $file_path = $path . DIRECTORY_SEPARATOR . $class_path . '.php'; - $fp = @fopen($file_path, 'r', true); - if ($fp) { - fclose($fp); - include $file_path; - if (!class_exists($class, false) && !interface_exists($class, false)) { - die( - new Exception( - 'Class ' . $class . ' was not present in ' . - $file_path . - ' [CAS_autoload]' - ) - ); - } - return true; - } - } - - $e = new Exception( - 'Class ' . $class . ' could not be loaded from ' . - $file_path . ', file does not exist (Path="' - . implode(':', $include_path) .'") [CAS_autoload]' - ); - $trace = $e->getTrace(); - if (isset($trace[2]) && isset($trace[2]['function']) - && in_array($trace[2]['function'], array('class_exists', 'interface_exists', 'trait_exists')) - ) { - return false; - } - if (isset($trace[1]) && isset($trace[1]['function']) - && in_array($trace[1]['function'], array('class_exists', 'interface_exists', 'trait_exists')) - ) { - return false; - } - die ((string) $e); -} - -// Set up autoload if not already configured by composer. -if (!class_exists('CAS_Client')) -{ - trigger_error('phpCAS autoloader is deprecated. Install phpCAS using composer instead.', E_USER_DEPRECATED); - spl_autoload_register('CAS_autoload'); - if (function_exists('__autoload') - && !in_array('__autoload', spl_autoload_functions()) - ) { - // __autoload() was being used, but now would be ignored, add - // it to the autoload stack - spl_autoload_register('__autoload'); - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Client.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Client.php deleted file mode 100644 index 91642ee5..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Client.php +++ /dev/null @@ -1,4380 +0,0 @@ - - * @author Olivier Berger - * @author Brett Bieber - * @author Joachim Fritschi - * @author Adam Franco - * @author Tobias Schiebeck - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * The CAS_Client class is a client interface that provides CAS authentication - * to PHP applications. - * - * @class CAS_Client - * @category Authentication - * @package PhpCAS - * @author Pascal Aubry - * @author Olivier Berger - * @author Brett Bieber - * @author Joachim Fritschi - * @author Adam Franco - * @author Tobias Schiebeck - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - */ - -class CAS_Client -{ - - // ######################################################################## - // HTML OUTPUT - // ######################################################################## - /** - * @addtogroup internalOutput - * @{ - */ - - /** - * This method filters a string by replacing special tokens by appropriate values - * and prints it. The corresponding tokens are taken into account: - * - __CAS_VERSION__ - * - __PHPCAS_VERSION__ - * - __SERVER_BASE_URL__ - * - * Used by CAS_Client::PrintHTMLHeader() and CAS_Client::printHTMLFooter(). - * - * @param string $str the string to filter and output - * - * @return void - */ - private function _htmlFilterOutput($str) - { - $str = str_replace('__CAS_VERSION__', $this->getServerVersion(), $str); - $str = str_replace('__PHPCAS_VERSION__', phpCAS::getVersion(), $str); - $str = str_replace('__SERVER_BASE_URL__', $this->_getServerBaseURL(), $str); - echo $str; - } - - /** - * A string used to print the header of HTML pages. Written by - * CAS_Client::setHTMLHeader(), read by CAS_Client::printHTMLHeader(). - * - * @hideinitializer - * @see CAS_Client::setHTMLHeader, CAS_Client::printHTMLHeader() - */ - private $_output_header = ''; - - /** - * This method prints the header of the HTML output (after filtering). If - * CAS_Client::setHTMLHeader() was not used, a default header is output. - * - * @param string $title the title of the page - * - * @return void - * @see _htmlFilterOutput() - */ - public function printHTMLHeader($title) - { - if (!phpCAS::getVerbose()) { - return; - } - - $this->_htmlFilterOutput( - str_replace( - '__TITLE__', $title, - (empty($this->_output_header) - ? '__TITLE__

__TITLE__

' - : $this->_output_header) - ) - ); - } - - /** - * A string used to print the footer of HTML pages. Written by - * CAS_Client::setHTMLFooter(), read by printHTMLFooter(). - * - * @hideinitializer - * @see CAS_Client::setHTMLFooter, CAS_Client::printHTMLFooter() - */ - private $_output_footer = ''; - - /** - * This method prints the footer of the HTML output (after filtering). If - * CAS_Client::setHTMLFooter() was not used, a default footer is output. - * - * @return void - * @see _htmlFilterOutput() - */ - public function printHTMLFooter() - { - if (!phpCAS::getVerbose()) { - return; - } - - $lang = $this->getLangObj(); - $message = empty($this->_output_footer) - ? '
phpCAS __PHPCAS_VERSION__ ' . $lang->getUsingServer() . - ' __SERVER_BASE_URL__ (CAS __CAS_VERSION__)
' - : $this->_output_footer; - - $this->_htmlFilterOutput($message); - } - - /** - * This method set the HTML header used for all outputs. - * - * @param string $header the HTML header. - * - * @return void - */ - public function setHTMLHeader($header) - { - // Argument Validation - if (gettype($header) != 'string') - throw new CAS_TypeMismatchException($header, '$header', 'string'); - - $this->_output_header = $header; - } - - /** - * This method set the HTML footer used for all outputs. - * - * @param string $footer the HTML footer. - * - * @return void - */ - public function setHTMLFooter($footer) - { - // Argument Validation - if (gettype($footer) != 'string') - throw new CAS_TypeMismatchException($footer, '$footer', 'string'); - - $this->_output_footer = $footer; - } - - /** - * Simple wrapper for printf function, that respects - * phpCAS verbosity setting. - * - * @param string $format - * @param string|int|float ...$values - * - * @see printf() - */ - private function printf(string $format, ...$values): void - { - if (phpCAS::getVerbose()) { - printf($format, ...$values); - } - } - - /** @} */ - - - // ######################################################################## - // INTERNATIONALIZATION - // ######################################################################## - /** - * @addtogroup internalLang - * @{ - */ - /** - * A string corresponding to the language used by phpCAS. Written by - * CAS_Client::setLang(), read by CAS_Client::getLang(). - - * @note debugging information is always in english (debug purposes only). - */ - private $_lang = PHPCAS_LANG_DEFAULT; - - /** - * This method is used to set the language used by phpCAS. - * - * @param string $lang representing the language. - * - * @return void - */ - public function setLang($lang) - { - // Argument Validation - if (gettype($lang) != 'string') - throw new CAS_TypeMismatchException($lang, '$lang', 'string'); - - phpCAS::traceBegin(); - $obj = new $lang(); - if (!($obj instanceof CAS_Languages_LanguageInterface)) { - throw new CAS_InvalidArgumentException( - '$className must implement the CAS_Languages_LanguageInterface' - ); - } - $this->_lang = $lang; - phpCAS::traceEnd(); - } - /** - * Create the language - * - * @return CAS_Languages_LanguageInterface object implementing the class - */ - public function getLangObj() - { - $classname = $this->_lang; - return new $classname(); - } - - /** @} */ - // ######################################################################## - // CAS SERVER CONFIG - // ######################################################################## - /** - * @addtogroup internalConfig - * @{ - */ - - /** - * a record to store information about the CAS server. - * - $_server['version']: the version of the CAS server - * - $_server['hostname']: the hostname of the CAS server - * - $_server['port']: the port the CAS server is running on - * - $_server['uri']: the base URI the CAS server is responding on - * - $_server['base_url']: the base URL of the CAS server - * - $_server['login_url']: the login URL of the CAS server - * - $_server['service_validate_url']: the service validating URL of the - * CAS server - * - $_server['proxy_url']: the proxy URL of the CAS server - * - $_server['proxy_validate_url']: the proxy validating URL of the CAS server - * - $_server['logout_url']: the logout URL of the CAS server - * - * $_server['version'], $_server['hostname'], $_server['port'] and - * $_server['uri'] are written by CAS_Client::CAS_Client(), read by - * CAS_Client::getServerVersion(), CAS_Client::_getServerHostname(), - * CAS_Client::_getServerPort() and CAS_Client::_getServerURI(). - * - * The other fields are written and read by CAS_Client::_getServerBaseURL(), - * CAS_Client::getServerLoginURL(), CAS_Client::getServerServiceValidateURL(), - * CAS_Client::getServerProxyValidateURL() and CAS_Client::getServerLogoutURL(). - * - * @hideinitializer - */ - private $_server = array( - 'version' => '', - 'hostname' => 'none', - 'port' => -1, - 'uri' => 'none'); - - /** - * This method is used to retrieve the version of the CAS server. - * - * @return string the version of the CAS server. - */ - public function getServerVersion() - { - return $this->_server['version']; - } - - /** - * This method is used to retrieve the hostname of the CAS server. - * - * @return string the hostname of the CAS server. - */ - private function _getServerHostname() - { - return $this->_server['hostname']; - } - - /** - * This method is used to retrieve the port of the CAS server. - * - * @return int the port of the CAS server. - */ - private function _getServerPort() - { - return $this->_server['port']; - } - - /** - * This method is used to retrieve the URI of the CAS server. - * - * @return string a URI. - */ - private function _getServerURI() - { - return $this->_server['uri']; - } - - /** - * This method is used to retrieve the base URL of the CAS server. - * - * @return string a URL. - */ - private function _getServerBaseURL() - { - // the URL is build only when needed - if ( empty($this->_server['base_url']) ) { - $this->_server['base_url'] = 'https://' . $this->_getServerHostname(); - if ($this->_getServerPort()!=443) { - $this->_server['base_url'] .= ':' - .$this->_getServerPort(); - } - $this->_server['base_url'] .= $this->_getServerURI(); - } - return $this->_server['base_url']; - } - - /** - * This method is used to retrieve the login URL of the CAS server. - * - * @param bool $gateway true to check authentication, false to force it - * @param bool $renew true to force the authentication with the CAS server - * - * @return string a URL. - * @note It is recommended that CAS implementations ignore the "gateway" - * parameter if "renew" is set - */ - public function getServerLoginURL($gateway=false,$renew=false) - { - phpCAS::traceBegin(); - // the URL is build only when needed - if ( empty($this->_server['login_url']) ) { - $this->_server['login_url'] = $this->_buildQueryUrl($this->_getServerBaseURL().'login','service='.urlencode($this->getURL())); - } - $url = $this->_server['login_url']; - if ($renew) { - // It is recommended that when the "renew" parameter is set, its - // value be "true" - $url = $this->_buildQueryUrl($url, 'renew=true'); - } elseif ($gateway) { - // It is recommended that when the "gateway" parameter is set, its - // value be "true" - $url = $this->_buildQueryUrl($url, 'gateway=true'); - } - phpCAS::traceEnd($url); - return $url; - } - - /** - * This method sets the login URL of the CAS server. - * - * @param string $url the login URL - * - * @return string login url - */ - public function setServerLoginURL($url) - { - // Argument Validation - if (gettype($url) != 'string') - throw new CAS_TypeMismatchException($url, '$url', 'string'); - - return $this->_server['login_url'] = $url; - } - - - /** - * This method sets the serviceValidate URL of the CAS server. - * - * @param string $url the serviceValidate URL - * - * @return string serviceValidate URL - */ - public function setServerServiceValidateURL($url) - { - // Argument Validation - if (gettype($url) != 'string') - throw new CAS_TypeMismatchException($url, '$url', 'string'); - - return $this->_server['service_validate_url'] = $url; - } - - - /** - * This method sets the proxyValidate URL of the CAS server. - * - * @param string $url the proxyValidate URL - * - * @return string proxyValidate URL - */ - public function setServerProxyValidateURL($url) - { - // Argument Validation - if (gettype($url) != 'string') - throw new CAS_TypeMismatchException($url, '$url', 'string'); - - return $this->_server['proxy_validate_url'] = $url; - } - - - /** - * This method sets the samlValidate URL of the CAS server. - * - * @param string $url the samlValidate URL - * - * @return string samlValidate URL - */ - public function setServerSamlValidateURL($url) - { - // Argument Validation - if (gettype($url) != 'string') - throw new CAS_TypeMismatchException($url, '$url', 'string'); - - return $this->_server['saml_validate_url'] = $url; - } - - - /** - * This method is used to retrieve the service validating URL of the CAS server. - * - * @return string serviceValidate URL. - */ - public function getServerServiceValidateURL() - { - phpCAS::traceBegin(); - // the URL is build only when needed - if ( empty($this->_server['service_validate_url']) ) { - switch ($this->getServerVersion()) { - case CAS_VERSION_1_0: - $this->_server['service_validate_url'] = $this->_getServerBaseURL() - .'validate'; - break; - case CAS_VERSION_2_0: - $this->_server['service_validate_url'] = $this->_getServerBaseURL() - .'serviceValidate'; - break; - case CAS_VERSION_3_0: - $this->_server['service_validate_url'] = $this->_getServerBaseURL() - .'p3/serviceValidate'; - break; - } - } - $url = $this->_buildQueryUrl( - $this->_server['service_validate_url'], - 'service='.urlencode($this->getURL()) - ); - phpCAS::traceEnd($url); - return $url; - } - /** - * This method is used to retrieve the SAML validating URL of the CAS server. - * - * @return string samlValidate URL. - */ - public function getServerSamlValidateURL() - { - phpCAS::traceBegin(); - // the URL is build only when needed - if ( empty($this->_server['saml_validate_url']) ) { - switch ($this->getServerVersion()) { - case SAML_VERSION_1_1: - $this->_server['saml_validate_url'] = $this->_getServerBaseURL().'samlValidate'; - break; - } - } - - $url = $this->_buildQueryUrl( - $this->_server['saml_validate_url'], - 'TARGET='.urlencode($this->getURL()) - ); - phpCAS::traceEnd($url); - return $url; - } - - /** - * This method is used to retrieve the proxy validating URL of the CAS server. - * - * @return string proxyValidate URL. - */ - public function getServerProxyValidateURL() - { - phpCAS::traceBegin(); - // the URL is build only when needed - if ( empty($this->_server['proxy_validate_url']) ) { - switch ($this->getServerVersion()) { - case CAS_VERSION_1_0: - $this->_server['proxy_validate_url'] = ''; - break; - case CAS_VERSION_2_0: - $this->_server['proxy_validate_url'] = $this->_getServerBaseURL().'proxyValidate'; - break; - case CAS_VERSION_3_0: - $this->_server['proxy_validate_url'] = $this->_getServerBaseURL().'p3/proxyValidate'; - break; - } - } - $url = $this->_buildQueryUrl( - $this->_server['proxy_validate_url'], - 'service='.urlencode($this->getURL()) - ); - phpCAS::traceEnd($url); - return $url; - } - - - /** - * This method is used to retrieve the proxy URL of the CAS server. - * - * @return string proxy URL. - */ - public function getServerProxyURL() - { - // the URL is build only when needed - if ( empty($this->_server['proxy_url']) ) { - switch ($this->getServerVersion()) { - case CAS_VERSION_1_0: - $this->_server['proxy_url'] = ''; - break; - case CAS_VERSION_2_0: - case CAS_VERSION_3_0: - $this->_server['proxy_url'] = $this->_getServerBaseURL().'proxy'; - break; - } - } - return $this->_server['proxy_url']; - } - - /** - * This method is used to retrieve the logout URL of the CAS server. - * - * @return string logout URL. - */ - public function getServerLogoutURL() - { - // the URL is build only when needed - if ( empty($this->_server['logout_url']) ) { - $this->_server['logout_url'] = $this->_getServerBaseURL().'logout'; - } - return $this->_server['logout_url']; - } - - /** - * This method sets the logout URL of the CAS server. - * - * @param string $url the logout URL - * - * @return string logout url - */ - public function setServerLogoutURL($url) - { - // Argument Validation - if (gettype($url) != 'string') - throw new CAS_TypeMismatchException($url, '$url', 'string'); - - return $this->_server['logout_url'] = $url; - } - - /** - * An array to store extra curl options. - */ - private $_curl_options = array(); - - /** - * This method is used to set additional user curl options. - * - * @param string $key name of the curl option - * @param string $value value of the curl option - * - * @return void - */ - public function setExtraCurlOption($key, $value) - { - $this->_curl_options[$key] = $value; - } - - /** @} */ - - // ######################################################################## - // Change the internal behaviour of phpcas - // ######################################################################## - - /** - * @addtogroup internalBehave - * @{ - */ - - /** - * The class to instantiate for making web requests in readUrl(). - * The class specified must implement the CAS_Request_RequestInterface. - * By default CAS_Request_CurlRequest is used, but this may be overridden to - * supply alternate request mechanisms for testing. - */ - private $_requestImplementation = 'CAS_Request_CurlRequest'; - - /** - * Override the default implementation used to make web requests in readUrl(). - * This class must implement the CAS_Request_RequestInterface. - * - * @param string $className name of the RequestImplementation class - * - * @return void - */ - public function setRequestImplementation ($className) - { - $obj = new $className; - if (!($obj instanceof CAS_Request_RequestInterface)) { - throw new CAS_InvalidArgumentException( - '$className must implement the CAS_Request_RequestInterface' - ); - } - $this->_requestImplementation = $className; - } - - /** - * @var boolean $_clearTicketsFromUrl; If true, phpCAS will clear session - * tickets from the URL after a successful authentication. - */ - private $_clearTicketsFromUrl = true; - - /** - * Configure the client to not send redirect headers and call exit() on - * authentication success. The normal redirect is used to remove the service - * ticket from the client's URL, but for running unit tests we need to - * continue without exiting. - * - * Needed for testing authentication - * - * @return void - */ - public function setNoClearTicketsFromUrl () - { - $this->_clearTicketsFromUrl = false; - } - - /** - * @var callback $_attributeParserCallbackFunction; - */ - private $_casAttributeParserCallbackFunction = null; - - /** - * @var array $_attributeParserCallbackArgs; - */ - private $_casAttributeParserCallbackArgs = array(); - - /** - * Set a callback function to be run when parsing CAS attributes - * - * The callback function will be passed a XMLNode as its first parameter, - * followed by any $additionalArgs you pass. - * - * @param string $function callback function to call - * @param array $additionalArgs optional array of arguments - * - * @return void - */ - public function setCasAttributeParserCallback($function, array $additionalArgs = array()) - { - $this->_casAttributeParserCallbackFunction = $function; - $this->_casAttributeParserCallbackArgs = $additionalArgs; - } - - /** @var callable $_postAuthenticateCallbackFunction; - */ - private $_postAuthenticateCallbackFunction = null; - - /** - * @var array $_postAuthenticateCallbackArgs; - */ - private $_postAuthenticateCallbackArgs = array(); - - /** - * Set a callback function to be run when a user authenticates. - * - * The callback function will be passed a $logoutTicket as its first parameter, - * followed by any $additionalArgs you pass. The $logoutTicket parameter is an - * opaque string that can be used to map a session-id to the logout request - * in order to support single-signout in applications that manage their own - * sessions (rather than letting phpCAS start the session). - * - * phpCAS::forceAuthentication() will always exit and forward client unless - * they are already authenticated. To perform an action at the moment the user - * logs in (such as registering an account, performing logging, etc), register - * a callback function here. - * - * @param callable $function callback function to call - * @param array $additionalArgs optional array of arguments - * - * @return void - */ - public function setPostAuthenticateCallback ($function, array $additionalArgs = array()) - { - $this->_postAuthenticateCallbackFunction = $function; - $this->_postAuthenticateCallbackArgs = $additionalArgs; - } - - /** - * @var callable $_signoutCallbackFunction; - */ - private $_signoutCallbackFunction = null; - - /** - * @var array $_signoutCallbackArgs; - */ - private $_signoutCallbackArgs = array(); - - /** - * Set a callback function to be run when a single-signout request is received. - * - * The callback function will be passed a $logoutTicket as its first parameter, - * followed by any $additionalArgs you pass. The $logoutTicket parameter is an - * opaque string that can be used to map a session-id to the logout request in - * order to support single-signout in applications that manage their own sessions - * (rather than letting phpCAS start and destroy the session). - * - * @param callable $function callback function to call - * @param array $additionalArgs optional array of arguments - * - * @return void - */ - public function setSingleSignoutCallback ($function, array $additionalArgs = array()) - { - $this->_signoutCallbackFunction = $function; - $this->_signoutCallbackArgs = $additionalArgs; - } - - // ######################################################################## - // Methods for supplying code-flow feedback to integrators. - // ######################################################################## - - /** - * Ensure that this is actually a proxy object or fail with an exception - * - * @throws CAS_OutOfSequenceBeforeProxyException - * - * @return void - */ - public function ensureIsProxy() - { - if (!$this->isProxy()) { - throw new CAS_OutOfSequenceBeforeProxyException(); - } - } - - /** - * Mark the caller of authentication. This will help client integraters determine - * problems with their code flow if they call a function such as getUser() before - * authentication has occurred. - * - * @param bool $auth True if authentication was successful, false otherwise. - * - * @return null - */ - public function markAuthenticationCall ($auth) - { - // store where the authentication has been checked and the result - $dbg = debug_backtrace(); - $this->_authentication_caller = array ( - 'file' => $dbg[1]['file'], - 'line' => $dbg[1]['line'], - 'method' => $dbg[1]['class'] . '::' . $dbg[1]['function'], - 'result' => (boolean)$auth - ); - } - private $_authentication_caller; - - /** - * Answer true if authentication has been checked. - * - * @return bool - */ - public function wasAuthenticationCalled () - { - return !empty($this->_authentication_caller); - } - - /** - * Ensure that authentication was checked. Terminate with exception if no - * authentication was performed - * - * @throws CAS_OutOfSequenceBeforeAuthenticationCallException - * - * @return void - */ - private function _ensureAuthenticationCalled() - { - if (!$this->wasAuthenticationCalled()) { - throw new CAS_OutOfSequenceBeforeAuthenticationCallException(); - } - } - - /** - * Answer the result of the authentication call. - * - * Throws a CAS_OutOfSequenceException if wasAuthenticationCalled() is false - * and markAuthenticationCall() didn't happen. - * - * @return bool - */ - public function wasAuthenticationCallSuccessful () - { - $this->_ensureAuthenticationCalled(); - return $this->_authentication_caller['result']; - } - - - /** - * Ensure that authentication was checked. Terminate with exception if no - * authentication was performed - * - * @throws CAS_OutOfSequenceException - * - * @return void - */ - public function ensureAuthenticationCallSuccessful() - { - $this->_ensureAuthenticationCalled(); - if (!$this->_authentication_caller['result']) { - throw new CAS_OutOfSequenceException( - 'authentication was checked (by ' - . $this->getAuthenticationCallerMethod() - . '() at ' . $this->getAuthenticationCallerFile() - . ':' . $this->getAuthenticationCallerLine() - . ') but the method returned false' - ); - } - } - - /** - * Answer information about the authentication caller. - * - * Throws a CAS_OutOfSequenceException if wasAuthenticationCalled() is false - * and markAuthenticationCall() didn't happen. - * - * @return string the file that called authentication - */ - public function getAuthenticationCallerFile () - { - $this->_ensureAuthenticationCalled(); - return $this->_authentication_caller['file']; - } - - /** - * Answer information about the authentication caller. - * - * Throws a CAS_OutOfSequenceException if wasAuthenticationCalled() is false - * and markAuthenticationCall() didn't happen. - * - * @return int the line that called authentication - */ - public function getAuthenticationCallerLine () - { - $this->_ensureAuthenticationCalled(); - return $this->_authentication_caller['line']; - } - - /** - * Answer information about the authentication caller. - * - * Throws a CAS_OutOfSequenceException if wasAuthenticationCalled() is false - * and markAuthenticationCall() didn't happen. - * - * @return string the method that called authentication - */ - public function getAuthenticationCallerMethod () - { - $this->_ensureAuthenticationCalled(); - return $this->_authentication_caller['method']; - } - - /** @} */ - - // ######################################################################## - // CONSTRUCTOR - // ######################################################################## - /** - * @addtogroup internalConfig - * @{ - */ - - /** - * CAS_Client constructor. - * - * @param string $server_version the version of the CAS server - * @param bool $proxy true if the CAS client is a CAS proxy - * @param string $server_hostname the hostname of the CAS server - * @param int $server_port the port the CAS server is running on - * @param string $server_uri the URI the CAS server is responding on - * @param bool $changeSessionID Allow phpCAS to change the session_id - * (Single Sign Out/handleLogoutRequests - * is based on that change) - * @param string|string[]|CAS_ServiceBaseUrl_Interface - * $service_base_url the base URL (protocol, host and the - * optional port) of the CAS client; pass - * in an array to use auto discovery with - * an allowlist; pass in - * CAS_ServiceBaseUrl_Interface for custom - * behavior. Added in 1.6.0. Similar to - * serverName config in other CAS clients. - * @param \SessionHandlerInterface $sessionHandler the session handler - * - * @return self a newly created CAS_Client object - */ - public function __construct( - $server_version, - $proxy, - $server_hostname, - $server_port, - $server_uri, - $service_base_url, - $changeSessionID = true, - \SessionHandlerInterface $sessionHandler = null - ) { - // Argument validation - if (gettype($server_version) != 'string') - throw new CAS_TypeMismatchException($server_version, '$server_version', 'string'); - if (gettype($proxy) != 'boolean') - throw new CAS_TypeMismatchException($proxy, '$proxy', 'boolean'); - if (gettype($server_hostname) != 'string') - throw new CAS_TypeMismatchException($server_hostname, '$server_hostname', 'string'); - if (gettype($server_port) != 'integer') - throw new CAS_TypeMismatchException($server_port, '$server_port', 'integer'); - if (gettype($server_uri) != 'string') - throw new CAS_TypeMismatchException($server_uri, '$server_uri', 'string'); - if (gettype($changeSessionID) != 'boolean') - throw new CAS_TypeMismatchException($changeSessionID, '$changeSessionID', 'boolean'); - - $this->_setServiceBaseUrl($service_base_url); - - if (empty($sessionHandler)) { - $sessionHandler = new CAS_Session_PhpSession; - } - - phpCAS::traceBegin(); - // true : allow to change the session_id(), false session_id won't be - // changed and logout won't be handled because of that - $this->_setChangeSessionID($changeSessionID); - - $this->setSessionHandler($sessionHandler); - - if (!$this->_isLogoutRequest()) { - if (session_id() === "") { - // skip Session Handling for logout requests and if don't want it - session_start(); - phpCAS :: trace("Starting a new session " . session_id()); - } - // init phpCAS session array - if (!isset($_SESSION[static::PHPCAS_SESSION_PREFIX]) - || !is_array($_SESSION[static::PHPCAS_SESSION_PREFIX])) { - $_SESSION[static::PHPCAS_SESSION_PREFIX] = array(); - } - } - - // Only for debug purposes - if ($this->isSessionAuthenticated()){ - phpCAS :: trace("Session is authenticated as: " . $this->getSessionValue('user')); - } else { - phpCAS :: trace("Session is not authenticated"); - } - // are we in proxy mode ? - $this->_proxy = $proxy; - - // Make cookie handling available. - if ($this->isProxy()) { - if (!$this->hasSessionValue('service_cookies')) { - $this->setSessionValue('service_cookies', array()); - } - // TODO remove explicit call to $_SESSION - $this->_serviceCookieJar = new CAS_CookieJar( - $_SESSION[static::PHPCAS_SESSION_PREFIX]['service_cookies'] - ); - } - - // check version - $supportedProtocols = phpCAS::getSupportedProtocols(); - if (isset($supportedProtocols[$server_version]) === false) { - phpCAS::error( - 'this version of CAS (`'.$server_version - .'\') is not supported by phpCAS '.phpCAS::getVersion() - ); - } - - if ($server_version === CAS_VERSION_1_0 && $this->isProxy()) { - phpCAS::error( - 'CAS proxies are not supported in CAS '.$server_version - ); - } - - $this->_server['version'] = $server_version; - - // check hostname - if ( empty($server_hostname) - || !preg_match('/[\.\d\-a-z]*/', $server_hostname) - ) { - phpCAS::error('bad CAS server hostname (`'.$server_hostname.'\')'); - } - $this->_server['hostname'] = $server_hostname; - - // check port - if ( $server_port == 0 - || !is_int($server_port) - ) { - phpCAS::error('bad CAS server port (`'.$server_hostname.'\')'); - } - $this->_server['port'] = $server_port; - - // check URI - if ( !preg_match('/[\.\d\-_a-z\/]*/', $server_uri) ) { - phpCAS::error('bad CAS server URI (`'.$server_uri.'\')'); - } - // add leading and trailing `/' and remove doubles - if(strstr($server_uri, '?') === false) $server_uri .= '/'; - $server_uri = preg_replace('/\/\//', '/', '/'.$server_uri); - $this->_server['uri'] = $server_uri; - - // set to callback mode if PgtIou and PgtId CGI GET parameters are provided - if ( $this->isProxy() ) { - if(!empty($_GET['pgtIou'])&&!empty($_GET['pgtId'])) { - $this->_setCallbackMode(true); - $this->_setCallbackModeUsingPost(false); - } elseif (!empty($_POST['pgtIou'])&&!empty($_POST['pgtId'])) { - $this->_setCallbackMode(true); - $this->_setCallbackModeUsingPost(true); - } else { - $this->_setCallbackMode(false); - $this->_setCallbackModeUsingPost(false); - } - - - } - - if ( $this->_isCallbackMode() ) { - //callback mode: check that phpCAS is secured - if ( !$this->getServiceBaseUrl()->isHttps() ) { - phpCAS::error( - 'CAS proxies must be secured to use phpCAS; PGT\'s will not be received from the CAS server' - ); - } - } else { - //normal mode: get ticket and remove it from CGI parameters for - // developers - $ticket = (isset($_GET['ticket']) ? $_GET['ticket'] : ''); - if (preg_match('/^[SP]T-/', $ticket) ) { - phpCAS::trace('Ticket \''.$ticket.'\' found'); - $this->setTicket($ticket); - unset($_GET['ticket']); - } else if ( !empty($ticket) ) { - //ill-formed ticket, halt - phpCAS::error( - 'ill-formed ticket found in the URL (ticket=`' - .htmlentities($ticket).'\')' - ); - } - - } - phpCAS::traceEnd(); - } - - /** @} */ - - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - // XX XX - // XX Session Handling XX - // XX XX - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - - /** - * @addtogroup internalConfig - * @{ - */ - - /** The session prefix for phpCAS values */ - const PHPCAS_SESSION_PREFIX = 'phpCAS'; - - /** - * @var bool A variable to whether phpcas will use its own session handling. Default = true - * @hideinitializer - */ - private $_change_session_id = true; - - /** - * @var SessionHandlerInterface - */ - private $_sessionHandler; - - /** - * Set a parameter whether to allow phpCAS to change session_id - * - * @param bool $allowed allow phpCAS to change session_id - * - * @return void - */ - private function _setChangeSessionID($allowed) - { - $this->_change_session_id = $allowed; - } - - /** - * Get whether phpCAS is allowed to change session_id - * - * @return bool - */ - public function getChangeSessionID() - { - return $this->_change_session_id; - } - - /** - * Set the session handler. - * - * @param \SessionHandlerInterface $sessionHandler - * - * @return bool - */ - public function setSessionHandler(\SessionHandlerInterface $sessionHandler) - { - $this->_sessionHandler = $sessionHandler; - if (session_status() !== PHP_SESSION_ACTIVE) { - return session_set_save_handler($this->_sessionHandler, true); - } - return true; - } - - /** - * Get a session value using the given key. - * - * @param string $key - * @param mixed $default default value if the key is not set - * - * @return mixed - */ - protected function getSessionValue($key, $default = null) - { - $this->validateSession($key); - - if (isset($_SESSION[static::PHPCAS_SESSION_PREFIX][$key])) { - return $_SESSION[static::PHPCAS_SESSION_PREFIX][$key]; - } - - return $default; - } - - /** - * Determine whether a session value is set or not. - * - * To check if a session value is empty or not please use - * !!(getSessionValue($key)). - * - * @param string $key - * - * @return bool - */ - protected function hasSessionValue($key) - { - $this->validateSession($key); - - return isset($_SESSION[static::PHPCAS_SESSION_PREFIX][$key]); - } - - /** - * Set a session value using the given key and value. - * - * @param string $key - * @param mixed $value - * - * @return string - */ - protected function setSessionValue($key, $value) - { - $this->validateSession($key); - - $_SESSION[static::PHPCAS_SESSION_PREFIX][$key] = $value; - } - - /** - * Remove a session value with the given key. - * - * @param string $key - */ - protected function removeSessionValue($key) - { - $this->validateSession($key); - - if (isset($_SESSION[static::PHPCAS_SESSION_PREFIX][$key])) { - unset($_SESSION[static::PHPCAS_SESSION_PREFIX][$key]); - return true; - } - - return false; - } - - /** - * Remove all phpCAS session values. - */ - protected function clearSessionValues() - { - unset($_SESSION[static::PHPCAS_SESSION_PREFIX]); - } - - /** - * Ensure $key is a string for session utils input - * - * @param string $key - * - * @return bool - */ - protected function validateSession($key) - { - if (!is_string($key)) { - throw new InvalidArgumentException('Session key must be a string.'); - } - - return true; - } - - /** - * Renaming the session - * - * @param string $ticket name of the ticket - * - * @return void - */ - protected function _renameSession($ticket) - { - phpCAS::traceBegin(); - if ($this->getChangeSessionID()) { - if (!empty($this->_user)) { - $old_session = $_SESSION; - phpCAS :: trace("Killing session: ". session_id()); - session_destroy(); - // set up a new session, of name based on the ticket - $session_id = $this->_sessionIdForTicket($ticket); - phpCAS :: trace("Starting session: ". $session_id); - session_id($session_id); - session_start(); - phpCAS :: trace("Restoring old session vars"); - $_SESSION = $old_session; - } else { - phpCAS :: trace ( - 'Session should only be renamed after successfull authentication' - ); - } - } else { - phpCAS :: trace( - "Skipping session rename since phpCAS is not handling the session." - ); - } - phpCAS::traceEnd(); - } - - /** @} */ - - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - // XX XX - // XX AUTHENTICATION XX - // XX XX - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - - /** - * @addtogroup internalAuthentication - * @{ - */ - - /** - * The Authenticated user. Written by CAS_Client::_setUser(), read by - * CAS_Client::getUser(). - * - * @hideinitializer - */ - private $_user = ''; - - /** - * This method sets the CAS user's login name. - * - * @param string $user the login name of the authenticated user. - * - * @return void - */ - private function _setUser($user) - { - $this->_user = $user; - } - - /** - * This method returns the CAS user's login name. - * - * @return string the login name of the authenticated user - * - * @warning should be called only after CAS_Client::forceAuthentication() or - * CAS_Client::isAuthenticated(), otherwise halt with an error. - */ - public function getUser() - { - // Sequence validation - $this->ensureAuthenticationCallSuccessful(); - - return $this->_getUser(); - } - - /** - * This method returns the CAS user's login name. - * - * @return string the login name of the authenticated user - * - * @warning should be called only after CAS_Client::forceAuthentication() or - * CAS_Client::isAuthenticated(), otherwise halt with an error. - */ - private function _getUser() - { - // This is likely a duplicate check that could be removed.... - if ( empty($this->_user) ) { - phpCAS::error( - 'this method should be used only after '.__CLASS__ - .'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()' - ); - } - return $this->_user; - } - - /** - * The Authenticated users attributes. Written by - * CAS_Client::setAttributes(), read by CAS_Client::getAttributes(). - * @attention client applications should use phpCAS::getAttributes(). - * - * @hideinitializer - */ - private $_attributes = array(); - - /** - * Set an array of attributes - * - * @param array $attributes a key value array of attributes - * - * @return void - */ - public function setAttributes($attributes) - { - $this->_attributes = $attributes; - } - - /** - * Get an key values arry of attributes - * - * @return array of attributes - */ - public function getAttributes() - { - // Sequence validation - $this->ensureAuthenticationCallSuccessful(); - // This is likely a duplicate check that could be removed.... - if ( empty($this->_user) ) { - // if no user is set, there shouldn't be any attributes also... - phpCAS::error( - 'this method should be used only after '.__CLASS__ - .'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()' - ); - } - return $this->_attributes; - } - - /** - * Check whether attributes are available - * - * @return bool attributes available - */ - public function hasAttributes() - { - // Sequence validation - $this->ensureAuthenticationCallSuccessful(); - - return !empty($this->_attributes); - } - /** - * Check whether a specific attribute with a name is available - * - * @param string $key name of attribute - * - * @return bool is attribute available - */ - public function hasAttribute($key) - { - // Sequence validation - $this->ensureAuthenticationCallSuccessful(); - - return $this->_hasAttribute($key); - } - - /** - * Check whether a specific attribute with a name is available - * - * @param string $key name of attribute - * - * @return bool is attribute available - */ - private function _hasAttribute($key) - { - return (is_array($this->_attributes) - && array_key_exists($key, $this->_attributes)); - } - - /** - * Get a specific attribute by name - * - * @param string $key name of attribute - * - * @return string attribute values - */ - public function getAttribute($key) - { - // Sequence validation - $this->ensureAuthenticationCallSuccessful(); - - if ($this->_hasAttribute($key)) { - return $this->_attributes[$key]; - } - } - - /** - * This method is called to renew the authentication of the user - * If the user is authenticated, renew the connection - * If not, redirect to CAS - * - * @return bool true when the user is authenticated; otherwise halt. - */ - public function renewAuthentication() - { - phpCAS::traceBegin(); - // Either way, the user is authenticated by CAS - $this->removeSessionValue('auth_checked'); - if ( $this->isAuthenticated(true) ) { - phpCAS::trace('user already authenticated'); - $res = true; - } else { - $this->redirectToCas(false, true); - // never reached - $res = false; - } - phpCAS::traceEnd(); - return $res; - } - - /** - * This method is called to be sure that the user is authenticated. When not - * authenticated, halt by redirecting to the CAS server; otherwise return true. - * - * @return bool true when the user is authenticated; otherwise halt. - */ - public function forceAuthentication() - { - phpCAS::traceBegin(); - - if ( $this->isAuthenticated() ) { - // the user is authenticated, nothing to be done. - phpCAS::trace('no need to authenticate'); - $res = true; - } else { - // the user is not authenticated, redirect to the CAS server - $this->removeSessionValue('auth_checked'); - $this->redirectToCas(false/* no gateway */); - // never reached - $res = false; - } - phpCAS::traceEnd($res); - return $res; - } - - /** - * An integer that gives the number of times authentication will be cached - * before rechecked. - * - * @hideinitializer - */ - private $_cache_times_for_auth_recheck = 0; - - /** - * Set the number of times authentication will be cached before rechecked. - * - * @param int $n number of times to wait for a recheck - * - * @return void - */ - public function setCacheTimesForAuthRecheck($n) - { - if (gettype($n) != 'integer') - throw new CAS_TypeMismatchException($n, '$n', 'string'); - - $this->_cache_times_for_auth_recheck = $n; - } - - /** - * This method is called to check whether the user is authenticated or not. - * - * @return bool true when the user is authenticated, false when a previous - * gateway login failed or the function will not return if the user is - * redirected to the cas server for a gateway login attempt - */ - public function checkAuthentication() - { - phpCAS::traceBegin(); - $res = false; // default - if ( $this->isAuthenticated() ) { - phpCAS::trace('user is authenticated'); - /* The 'auth_checked' variable is removed just in case it's set. */ - $this->removeSessionValue('auth_checked'); - $res = true; - } else if ($this->getSessionValue('auth_checked')) { - // the previous request has redirected the client to the CAS server - // with gateway=true - $this->removeSessionValue('auth_checked'); - } else { - // avoid a check against CAS on every request - // we need to write this back to session later - $unauth_count = $this->getSessionValue('unauth_count', -2); - - if (($unauth_count != -2 - && $this->_cache_times_for_auth_recheck == -1) - || ($unauth_count >= 0 - && $unauth_count < $this->_cache_times_for_auth_recheck) - ) { - if ($this->_cache_times_for_auth_recheck != -1) { - $unauth_count++; - phpCAS::trace( - 'user is not authenticated (cached for ' - .$unauth_count.' times of ' - .$this->_cache_times_for_auth_recheck.')' - ); - } else { - phpCAS::trace( - 'user is not authenticated (cached for until login pressed)' - ); - } - $this->setSessionValue('unauth_count', $unauth_count); - } else { - $this->setSessionValue('unauth_count', 0); - $this->setSessionValue('auth_checked', true); - phpCAS::trace('user is not authenticated (cache reset)'); - $this->redirectToCas(true/* gateway */); - // never reached - } - } - phpCAS::traceEnd($res); - return $res; - } - - /** - * This method is called to check if the user is authenticated (previously or by - * tickets given in the URL). - * - * @param bool $renew true to force the authentication with the CAS server - * - * @return bool true when the user is authenticated. Also may redirect to the - * same URL without the ticket. - */ - public function isAuthenticated($renew=false) - { - phpCAS::traceBegin(); - $res = false; - - if ( $this->_wasPreviouslyAuthenticated() ) { - if ($this->hasTicket()) { - // User has a additional ticket but was already authenticated - phpCAS::trace( - 'ticket was present and will be discarded, use renewAuthenticate()' - ); - if ($this->_clearTicketsFromUrl) { - phpCAS::trace("Prepare redirect to : ".$this->getURL()); - session_write_close(); - header('Location: '.$this->getURL()); - flush(); - phpCAS::traceExit(); - throw new CAS_GracefullTerminationException(); - } else { - phpCAS::trace( - 'Already authenticated, but skipping ticket clearing since setNoClearTicketsFromUrl() was used.' - ); - $res = true; - } - } else { - // the user has already (previously during the session) been - // authenticated, nothing to be done. - phpCAS::trace( - 'user was already authenticated, no need to look for tickets' - ); - $res = true; - } - - // Mark the auth-check as complete to allow post-authentication - // callbacks to make use of phpCAS::getUser() and similar methods - $this->markAuthenticationCall($res); - } else { - if ($this->hasTicket()) { - $validate_url = ''; - $text_response = ''; - $tree_response = ''; - - switch ($this->getServerVersion()) { - case CAS_VERSION_1_0: - // if a Service Ticket was given, validate it - phpCAS::trace( - 'CAS 1.0 ticket `'.$this->getTicket().'\' is present' - ); - $this->validateCAS10( - $validate_url, $text_response, $tree_response, $renew - ); // if it fails, it halts - phpCAS::trace( - 'CAS 1.0 ticket `'.$this->getTicket().'\' was validated' - ); - $this->setSessionValue('user', $this->_getUser()); - $res = true; - $logoutTicket = $this->getTicket(); - break; - case CAS_VERSION_2_0: - case CAS_VERSION_3_0: - // if a Proxy Ticket was given, validate it - phpCAS::trace( - 'CAS '.$this->getServerVersion().' ticket `'.$this->getTicket().'\' is present' - ); - $this->validateCAS20( - $validate_url, $text_response, $tree_response, $renew - ); // note: if it fails, it halts - phpCAS::trace( - 'CAS '.$this->getServerVersion().' ticket `'.$this->getTicket().'\' was validated' - ); - if ( $this->isProxy() ) { - $this->_validatePGT( - $validate_url, $text_response, $tree_response - ); // idem - phpCAS::trace('PGT `'.$this->_getPGT().'\' was validated'); - $this->setSessionValue('pgt', $this->_getPGT()); - } - $this->setSessionValue('user', $this->_getUser()); - if (!empty($this->_attributes)) { - $this->setSessionValue('attributes', $this->_attributes); - } - $proxies = $this->getProxies(); - if (!empty($proxies)) { - $this->setSessionValue('proxies', $this->getProxies()); - } - $res = true; - $logoutTicket = $this->getTicket(); - break; - case SAML_VERSION_1_1: - // if we have a SAML ticket, validate it. - phpCAS::trace( - 'SAML 1.1 ticket `'.$this->getTicket().'\' is present' - ); - $this->validateSA( - $validate_url, $text_response, $tree_response, $renew - ); // if it fails, it halts - phpCAS::trace( - 'SAML 1.1 ticket `'.$this->getTicket().'\' was validated' - ); - $this->setSessionValue('user', $this->_getUser()); - $this->setSessionValue('attributes', $this->_attributes); - $res = true; - $logoutTicket = $this->getTicket(); - break; - default: - phpCAS::trace('Protocol error'); - break; - } - } else { - // no ticket given, not authenticated - phpCAS::trace('no ticket found'); - } - - // Mark the auth-check as complete to allow post-authentication - // callbacks to make use of phpCAS::getUser() and similar methods - $this->markAuthenticationCall($res); - - if ($res) { - // call the post-authenticate callback if registered. - if ($this->_postAuthenticateCallbackFunction) { - $args = $this->_postAuthenticateCallbackArgs; - array_unshift($args, $logoutTicket); - call_user_func_array( - $this->_postAuthenticateCallbackFunction, $args - ); - } - - // if called with a ticket parameter, we need to redirect to the - // app without the ticket so that CAS-ification is transparent - // to the browser (for later POSTS) most of the checks and - // errors should have been made now, so we're safe for redirect - // without masking error messages. remove the ticket as a - // security precaution to prevent a ticket in the HTTP_REFERRER - if ($this->_clearTicketsFromUrl) { - phpCAS::trace("Prepare redirect to : ".$this->getURL()); - session_write_close(); - header('Location: '.$this->getURL()); - flush(); - phpCAS::traceExit(); - throw new CAS_GracefullTerminationException(); - } - } - } - phpCAS::traceEnd($res); - return $res; - } - - /** - * This method tells if the current session is authenticated. - * - * @return bool true if authenticated based soley on $_SESSION variable - */ - public function isSessionAuthenticated () - { - return !!$this->getSessionValue('user'); - } - - /** - * This method tells if the user has already been (previously) authenticated - * by looking into the session variables. - * - * @note This function switches to callback mode when needed. - * - * @return bool true when the user has already been authenticated; false otherwise. - */ - private function _wasPreviouslyAuthenticated() - { - phpCAS::traceBegin(); - - if ( $this->_isCallbackMode() ) { - // Rebroadcast the pgtIou and pgtId to all nodes - if ($this->_rebroadcast&&!isset($_POST['rebroadcast'])) { - $this->_rebroadcast(self::PGTIOU); - } - $this->_callback(); - } - - $auth = false; - - if ( $this->isProxy() ) { - // CAS proxy: username and PGT must be present - if ( $this->isSessionAuthenticated() - && $this->getSessionValue('pgt') - ) { - // authentication already done - $this->_setUser($this->getSessionValue('user')); - if ($this->hasSessionValue('attributes')) { - $this->setAttributes($this->getSessionValue('attributes')); - } - $this->_setPGT($this->getSessionValue('pgt')); - phpCAS::trace( - 'user = `'.$this->getSessionValue('user').'\', PGT = `' - .$this->getSessionValue('pgt').'\'' - ); - - // Include the list of proxies - if ($this->hasSessionValue('proxies')) { - $this->_setProxies($this->getSessionValue('proxies')); - phpCAS::trace( - 'proxies = "' - .implode('", "', $this->getSessionValue('proxies')).'"' - ); - } - - $auth = true; - } elseif ( $this->isSessionAuthenticated() - && !$this->getSessionValue('pgt') - ) { - // these two variables should be empty or not empty at the same time - phpCAS::trace( - 'username found (`'.$this->getSessionValue('user') - .'\') but PGT is empty' - ); - // unset all tickets to enforce authentication - $this->clearSessionValues(); - $this->setTicket(''); - } elseif ( !$this->isSessionAuthenticated() - && $this->getSessionValue('pgt') - ) { - // these two variables should be empty or not empty at the same time - phpCAS::trace( - 'PGT found (`'.$this->getSessionValue('pgt') - .'\') but username is empty' - ); - // unset all tickets to enforce authentication - $this->clearSessionValues(); - $this->setTicket(''); - } else { - phpCAS::trace('neither user nor PGT found'); - } - } else { - // `simple' CAS client (not a proxy): username must be present - if ( $this->isSessionAuthenticated() ) { - // authentication already done - $this->_setUser($this->getSessionValue('user')); - if ($this->hasSessionValue('attributes')) { - $this->setAttributes($this->getSessionValue('attributes')); - } - phpCAS::trace('user = `'.$this->getSessionValue('user').'\''); - - // Include the list of proxies - if ($this->hasSessionValue('proxies')) { - $this->_setProxies($this->getSessionValue('proxies')); - phpCAS::trace( - 'proxies = "' - .implode('", "', $this->getSessionValue('proxies')).'"' - ); - } - - $auth = true; - } else { - phpCAS::trace('no user found'); - } - } - - phpCAS::traceEnd($auth); - return $auth; - } - - /** - * This method is used to redirect the client to the CAS server. - * It is used by CAS_Client::forceAuthentication() and - * CAS_Client::checkAuthentication(). - * - * @param bool $gateway true to check authentication, false to force it - * @param bool $renew true to force the authentication with the CAS server - * - * @return void - */ - public function redirectToCas($gateway=false,$renew=false) - { - phpCAS::traceBegin(); - $cas_url = $this->getServerLoginURL($gateway, $renew); - session_write_close(); - if (php_sapi_name() === 'cli') { - @header('Location: '.$cas_url); - } else { - header('Location: '.$cas_url); - } - phpCAS::trace("Redirect to : ".$cas_url); - $lang = $this->getLangObj(); - $this->printHTMLHeader($lang->getAuthenticationWanted()); - $this->printf('

'. $lang->getShouldHaveBeenRedirected(). '

', $cas_url); - $this->printHTMLFooter(); - phpCAS::traceExit(); - throw new CAS_GracefullTerminationException(); - } - - - /** - * This method is used to logout from CAS. - * - * @param array $params an array that contains the optional url and service - * parameters that will be passed to the CAS server - * - * @return void - */ - public function logout($params) - { - phpCAS::traceBegin(); - $cas_url = $this->getServerLogoutURL(); - $paramSeparator = '?'; - if (isset($params['url'])) { - $cas_url = $cas_url . $paramSeparator . "url=" - . urlencode($params['url']); - $paramSeparator = '&'; - } - if (isset($params['service'])) { - $cas_url = $cas_url . $paramSeparator . "service=" - . urlencode($params['service']); - } - header('Location: '.$cas_url); - phpCAS::trace("Prepare redirect to : ".$cas_url); - - phpCAS::trace("Destroying session : ".session_id()); - session_unset(); - session_destroy(); - if (session_status() === PHP_SESSION_NONE) { - phpCAS::trace("Session terminated"); - } else { - phpCAS::error("Session was not terminated"); - phpCAS::trace("Session was not terminated"); - } - $lang = $this->getLangObj(); - $this->printHTMLHeader($lang->getLogout()); - $this->printf('

'.$lang->getShouldHaveBeenRedirected(). '

', $cas_url); - $this->printHTMLFooter(); - phpCAS::traceExit(); - throw new CAS_GracefullTerminationException(); - } - - /** - * Check of the current request is a logout request - * - * @return bool is logout request. - */ - private function _isLogoutRequest() - { - return !empty($_POST['logoutRequest']); - } - - /** - * This method handles logout requests. - * - * @param bool $check_client true to check the client bofore handling - * the request, false not to perform any access control. True by default. - * @param array $allowed_clients an array of host names allowed to send - * logout requests. - * - * @return void - */ - public function handleLogoutRequests($check_client=true, $allowed_clients=array()) - { - phpCAS::traceBegin(); - if (!$this->_isLogoutRequest()) { - phpCAS::trace("Not a logout request"); - phpCAS::traceEnd(); - return; - } - if (!$this->getChangeSessionID() - && is_null($this->_signoutCallbackFunction) - ) { - phpCAS::trace( - "phpCAS can't handle logout requests if it is not allowed to change session_id." - ); - } - phpCAS::trace("Logout requested"); - $decoded_logout_rq = urldecode($_POST['logoutRequest']); - phpCAS::trace("SAML REQUEST: ".$decoded_logout_rq); - $allowed = false; - if ($check_client) { - if ($allowed_clients === array()) { - $allowed_clients = array( $this->_getServerHostname() ); - } - $client_ip = $_SERVER['REMOTE_ADDR']; - $client = gethostbyaddr($client_ip); - phpCAS::trace("Client: ".$client."/".$client_ip); - foreach ($allowed_clients as $allowed_client) { - if (($client == $allowed_client) - || ($client_ip == $allowed_client) - ) { - phpCAS::trace( - "Allowed client '".$allowed_client - ."' matches, logout request is allowed" - ); - $allowed = true; - break; - } else { - phpCAS::trace( - "Allowed client '".$allowed_client."' does not match" - ); - } - } - } else { - phpCAS::trace("No access control set"); - $allowed = true; - } - // If Logout command is permitted proceed with the logout - if ($allowed) { - phpCAS::trace("Logout command allowed"); - // Rebroadcast the logout request - if ($this->_rebroadcast && !isset($_POST['rebroadcast'])) { - $this->_rebroadcast(self::LOGOUT); - } - // Extract the ticket from the SAML Request - preg_match( - "|(.*)|", - $decoded_logout_rq, $tick, PREG_OFFSET_CAPTURE, 3 - ); - $wrappedSamlSessionIndex = preg_replace( - '||', '', $tick[0][0] - ); - $ticket2logout = preg_replace( - '||', '', $wrappedSamlSessionIndex - ); - phpCAS::trace("Ticket to logout: ".$ticket2logout); - - // call the post-authenticate callback if registered. - if ($this->_signoutCallbackFunction) { - $args = $this->_signoutCallbackArgs; - array_unshift($args, $ticket2logout); - call_user_func_array($this->_signoutCallbackFunction, $args); - } - - // If phpCAS is managing the session_id, destroy session thanks to - // session_id. - if ($this->getChangeSessionID()) { - $session_id = $this->_sessionIdForTicket($ticket2logout); - phpCAS::trace("Session id: ".$session_id); - - // destroy a possible application session created before phpcas - if (session_id() !== "") { - session_unset(); - session_destroy(); - } - // fix session ID - session_id($session_id); - $_COOKIE[session_name()]=$session_id; - $_GET[session_name()]=$session_id; - - // Overwrite session - session_start(); - session_unset(); - session_destroy(); - phpCAS::trace("Session ". $session_id . " destroyed"); - } - } else { - phpCAS::error("Unauthorized logout request from client '".$client."'"); - phpCAS::trace("Unauthorized logout request from client '".$client."'"); - } - flush(); - phpCAS::traceExit(); - throw new CAS_GracefullTerminationException(); - - } - - /** @} */ - - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - // XX XX - // XX BASIC CLIENT FEATURES (CAS 1.0) XX - // XX XX - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - - // ######################################################################## - // ST - // ######################################################################## - /** - * @addtogroup internalBasic - * @{ - */ - - /** - * The Ticket provided in the URL of the request if present - * (empty otherwise). Written by CAS_Client::CAS_Client(), read by - * CAS_Client::getTicket() and CAS_Client::_hasPGT(). - * - * @hideinitializer - */ - private $_ticket = ''; - - /** - * This method returns the Service Ticket provided in the URL of the request. - * - * @return string service ticket. - */ - public function getTicket() - { - return $this->_ticket; - } - - /** - * This method stores the Service Ticket. - * - * @param string $st The Service Ticket. - * - * @return void - */ - public function setTicket($st) - { - $this->_ticket = $st; - } - - /** - * This method tells if a Service Ticket was stored. - * - * @return bool if a Service Ticket has been stored. - */ - public function hasTicket() - { - return !empty($this->_ticket); - } - - /** @} */ - - // ######################################################################## - // ST VALIDATION - // ######################################################################## - /** - * @addtogroup internalBasic - * @{ - */ - - /** - * @var string the certificate of the CAS server CA. - * - * @hideinitializer - */ - private $_cas_server_ca_cert = null; - - - /** - - * validate CN of the CAS server certificate - - * - - * @hideinitializer - - */ - - private $_cas_server_cn_validate = true; - - /** - * Set to true not to validate the CAS server. - * - * @hideinitializer - */ - private $_no_cas_server_validation = false; - - - /** - * Set the CA certificate of the CAS server. - * - * @param string $cert the PEM certificate file name of the CA that emited - * the cert of the server - * @param bool $validate_cn valiate CN of the CAS server certificate - * - * @return void - */ - public function setCasServerCACert($cert, $validate_cn) - { - // Argument validation - if (gettype($cert) != 'string') { - throw new CAS_TypeMismatchException($cert, '$cert', 'string'); - } - if (gettype($validate_cn) != 'boolean') { - throw new CAS_TypeMismatchException($validate_cn, '$validate_cn', 'boolean'); - } - if (!file_exists($cert)) { - throw new CAS_InvalidArgumentException("Certificate file does not exist " . $this->_requestImplementation); - } - $this->_cas_server_ca_cert = $cert; - $this->_cas_server_cn_validate = $validate_cn; - } - - /** - * Set no SSL validation for the CAS server. - * - * @return void - */ - public function setNoCasServerValidation() - { - $this->_no_cas_server_validation = true; - } - - /** - * This method is used to validate a CAS 1,0 ticket; halt on failure, and - * sets $validate_url, $text_reponse and $tree_response on success. - * - * @param string &$validate_url reference to the the URL of the request to - * the CAS server. - * @param string &$text_response reference to the response of the CAS - * server, as is (XML text). - * @param string &$tree_response reference to the response of the CAS - * server, as a DOM XML tree. - * @param bool $renew true to force the authentication with the CAS server - * - * @return bool true when successfull and issue a CAS_AuthenticationException - * and false on an error - * @throws CAS_AuthenticationException - */ - public function validateCAS10(&$validate_url,&$text_response,&$tree_response,$renew=false) - { - phpCAS::traceBegin(); - // build the URL to validate the ticket - $validate_url = $this->getServerServiceValidateURL() - .'&ticket='.urlencode($this->getTicket()); - - if ( $renew ) { - // pass the renew - $validate_url .= '&renew=true'; - } - - $headers = ''; - $err_msg = ''; - // open and read the URL - if ( !$this->_readURL($validate_url, $headers, $text_response, $err_msg) ) { - phpCAS::trace( - 'could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')' - ); - throw new CAS_AuthenticationException( - $this, 'CAS 1.0 ticket not validated', $validate_url, - true/*$no_response*/ - ); - } - - if (preg_match('/^no\n/', $text_response)) { - phpCAS::trace('Ticket has not been validated'); - throw new CAS_AuthenticationException( - $this, 'ST not validated', $validate_url, false/*$no_response*/, - false/*$bad_response*/, $text_response - ); - } else if (!preg_match('/^yes\n/', $text_response)) { - phpCAS::trace('ill-formed response'); - throw new CAS_AuthenticationException( - $this, 'Ticket not validated', $validate_url, - false/*$no_response*/, true/*$bad_response*/, $text_response - ); - } - // ticket has been validated, extract the user name - $arr = preg_split('/\n/', $text_response); - $this->_setUser(trim($arr[1])); - - $this->_renameSession($this->getTicket()); - - // at this step, ticket has been validated and $this->_user has been set, - phpCAS::traceEnd(true); - return true; - } - - /** @} */ - - - // ######################################################################## - // SAML VALIDATION - // ######################################################################## - /** - * @addtogroup internalSAML - * @{ - */ - - /** - * This method is used to validate a SAML TICKET; halt on failure, and sets - * $validate_url, $text_reponse and $tree_response on success. These - * parameters are used later by CAS_Client::_validatePGT() for CAS proxies. - * - * @param string &$validate_url reference to the the URL of the request to - * the CAS server. - * @param string &$text_response reference to the response of the CAS - * server, as is (XML text). - * @param string &$tree_response reference to the response of the CAS - * server, as a DOM XML tree. - * @param bool $renew true to force the authentication with the CAS server - * - * @return bool true when successfull and issue a CAS_AuthenticationException - * and false on an error - * - * @throws CAS_AuthenticationException - */ - public function validateSA(&$validate_url,&$text_response,&$tree_response,$renew=false) - { - phpCAS::traceBegin(); - $result = false; - // build the URL to validate the ticket - $validate_url = $this->getServerSamlValidateURL(); - - if ( $renew ) { - // pass the renew - $validate_url .= '&renew=true'; - } - - $headers = ''; - $err_msg = ''; - // open and read the URL - if ( !$this->_readURL($validate_url, $headers, $text_response, $err_msg) ) { - phpCAS::trace( - 'could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')' - ); - throw new CAS_AuthenticationException( - $this, 'SA not validated', $validate_url, true/*$no_response*/ - ); - } - - phpCAS::trace('server version: '.$this->getServerVersion()); - - // analyze the result depending on the version - switch ($this->getServerVersion()) { - case SAML_VERSION_1_1: - // create new DOMDocument Object - $dom = new DOMDocument(); - // Fix possible whitspace problems - $dom->preserveWhiteSpace = false; - // read the response of the CAS server into a DOM object - if (!($dom->loadXML($text_response))) { - phpCAS::trace('dom->loadXML() failed'); - throw new CAS_AuthenticationException( - $this, 'SA not validated', $validate_url, - false/*$no_response*/, true/*$bad_response*/, - $text_response - ); - } - // read the root node of the XML tree - if (!($tree_response = $dom->documentElement)) { - phpCAS::trace('documentElement() failed'); - throw new CAS_AuthenticationException( - $this, 'SA not validated', $validate_url, - false/*$no_response*/, true/*$bad_response*/, - $text_response - ); - } else if ( $tree_response->localName != 'Envelope' ) { - // insure that tag name is 'Envelope' - phpCAS::trace( - 'bad XML root node (should be `Envelope\' instead of `' - .$tree_response->localName.'\'' - ); - throw new CAS_AuthenticationException( - $this, 'SA not validated', $validate_url, - false/*$no_response*/, true/*$bad_response*/, - $text_response - ); - } else if ($tree_response->getElementsByTagName("NameIdentifier")->length != 0) { - // check for the NameIdentifier tag in the SAML response - $success_elements = $tree_response->getElementsByTagName("NameIdentifier"); - phpCAS::trace('NameIdentifier found'); - $user = trim($success_elements->item(0)->nodeValue); - phpCAS::trace('user = `'.$user.'`'); - $this->_setUser($user); - $this->_setSessionAttributes($text_response); - $result = true; - } else { - phpCAS::trace('no tag found in SAML payload'); - throw new CAS_AuthenticationException( - $this, 'SA not validated', $validate_url, - false/*$no_response*/, true/*$bad_response*/, - $text_response - ); - } - } - if ($result) { - $this->_renameSession($this->getTicket()); - } - // at this step, ST has been validated and $this->_user has been set, - phpCAS::traceEnd($result); - return $result; - } - - /** - * This method will parse the DOM and pull out the attributes from the SAML - * payload and put them into an array, then put the array into the session. - * - * @param string $text_response the SAML payload. - * - * @return bool true when successfull and false if no attributes a found - */ - private function _setSessionAttributes($text_response) - { - phpCAS::traceBegin(); - - $result = false; - - $attr_array = array(); - - // create new DOMDocument Object - $dom = new DOMDocument(); - // Fix possible whitspace problems - $dom->preserveWhiteSpace = false; - if (($dom->loadXML($text_response))) { - $xPath = new DOMXPath($dom); - $xPath->registerNamespace('samlp', 'urn:oasis:names:tc:SAML:1.0:protocol'); - $xPath->registerNamespace('saml', 'urn:oasis:names:tc:SAML:1.0:assertion'); - $nodelist = $xPath->query("//saml:Attribute"); - - if ($nodelist) { - foreach ($nodelist as $node) { - $xres = $xPath->query("saml:AttributeValue", $node); - $name = $node->getAttribute("AttributeName"); - $value_array = array(); - foreach ($xres as $node2) { - $value_array[] = $node2->nodeValue; - } - $attr_array[$name] = $value_array; - } - // UGent addition... - foreach ($attr_array as $attr_key => $attr_value) { - if (count($attr_value) > 1) { - $this->_attributes[$attr_key] = $attr_value; - phpCAS::trace("* " . $attr_key . "=" . print_r($attr_value, true)); - } else { - $this->_attributes[$attr_key] = $attr_value[0]; - phpCAS::trace("* " . $attr_key . "=" . $attr_value[0]); - } - } - $result = true; - } else { - phpCAS::trace("SAML Attributes are empty"); - $result = false; - } - } - phpCAS::traceEnd($result); - return $result; - } - - /** @} */ - - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - // XX XX - // XX PROXY FEATURES (CAS 2.0) XX - // XX XX - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - - // ######################################################################## - // PROXYING - // ######################################################################## - /** - * @addtogroup internalProxy - * @{ - */ - - /** - * @var bool is the client a proxy - * A boolean telling if the client is a CAS proxy or not. Written by - * CAS_Client::CAS_Client(), read by CAS_Client::isProxy(). - */ - private $_proxy; - - /** - * @var CAS_CookieJar Handler for managing service cookies. - */ - private $_serviceCookieJar; - - /** - * Tells if a CAS client is a CAS proxy or not - * - * @return bool true when the CAS client is a CAS proxy, false otherwise - */ - public function isProxy() - { - return $this->_proxy; - } - - - /** @} */ - // ######################################################################## - // PGT - // ######################################################################## - /** - * @addtogroup internalProxy - * @{ - */ - - /** - * the Proxy Grnting Ticket given by the CAS server (empty otherwise). - * Written by CAS_Client::_setPGT(), read by CAS_Client::_getPGT() and - * CAS_Client::_hasPGT(). - * - * @hideinitializer - */ - private $_pgt = ''; - - /** - * This method returns the Proxy Granting Ticket given by the CAS server. - * - * @return string the Proxy Granting Ticket. - */ - private function _getPGT() - { - return $this->_pgt; - } - - /** - * This method stores the Proxy Granting Ticket. - * - * @param string $pgt The Proxy Granting Ticket. - * - * @return void - */ - private function _setPGT($pgt) - { - $this->_pgt = $pgt; - } - - /** - * This method tells if a Proxy Granting Ticket was stored. - * - * @return bool true if a Proxy Granting Ticket has been stored. - */ - private function _hasPGT() - { - return !empty($this->_pgt); - } - - /** @} */ - - // ######################################################################## - // CALLBACK MODE - // ######################################################################## - /** - * @addtogroup internalCallback - * @{ - */ - /** - * each PHP script using phpCAS in proxy mode is its own callback to get the - * PGT back from the CAS server. callback_mode is detected by the constructor - * thanks to the GET parameters. - */ - - /** - * @var bool a boolean to know if the CAS client is running in callback mode. Written by - * CAS_Client::setCallBackMode(), read by CAS_Client::_isCallbackMode(). - * - * @hideinitializer - */ - private $_callback_mode = false; - - /** - * This method sets/unsets callback mode. - * - * @param bool $callback_mode true to set callback mode, false otherwise. - * - * @return void - */ - private function _setCallbackMode($callback_mode) - { - $this->_callback_mode = $callback_mode; - } - - /** - * This method returns true when the CAS client is running in callback mode, - * false otherwise. - * - * @return bool A boolean. - */ - private function _isCallbackMode() - { - return $this->_callback_mode; - } - - /** - * @var bool a boolean to know if the CAS client is using POST parameters when in callback mode. - * Written by CAS_Client::_setCallbackModeUsingPost(), read by CAS_Client::_isCallbackModeUsingPost(). - * - * @hideinitializer - */ - private $_callback_mode_using_post = false; - - /** - * This method sets/unsets usage of POST parameters in callback mode (default/false is GET parameters) - * - * @param bool $callback_mode_using_post true to use POST, false to use GET (default). - * - * @return void - */ - private function _setCallbackModeUsingPost($callback_mode_using_post) - { - $this->_callback_mode_using_post = $callback_mode_using_post; - } - - /** - * This method returns true when the callback mode is using POST, false otherwise. - * - * @return bool A boolean. - */ - private function _isCallbackModeUsingPost() - { - return $this->_callback_mode_using_post; - } - - /** - * the URL that should be used for the PGT callback (in fact the URL of the - * current request without any CGI parameter). Written and read by - * CAS_Client::_getCallbackURL(). - * - * @hideinitializer - */ - private $_callback_url = ''; - - /** - * This method returns the URL that should be used for the PGT callback (in - * fact the URL of the current request without any CGI parameter, except if - * phpCAS::setFixedCallbackURL() was used). - * - * @return string The callback URL - */ - private function _getCallbackURL() - { - // the URL is built when needed only - if ( empty($this->_callback_url) ) { - // remove the ticket if present in the URL - $final_uri = $this->getServiceBaseUrl()->get(); - $request_uri = $_SERVER['REQUEST_URI']; - $request_uri = preg_replace('/\?.*$/', '', $request_uri); - $final_uri .= $request_uri; - $this->_callback_url = $final_uri; - } - return $this->_callback_url; - } - - /** - * This method sets the callback url. - * - * @param string $url url to set callback - * - * @return string the callback url - */ - public function setCallbackURL($url) - { - // Sequence validation - $this->ensureIsProxy(); - // Argument Validation - if (gettype($url) != 'string') - throw new CAS_TypeMismatchException($url, '$url', 'string'); - - return $this->_callback_url = $url; - } - - /** - * This method is called by CAS_Client::CAS_Client() when running in callback - * mode. It stores the PGT and its PGT Iou, prints its output and halts. - * - * @return void - */ - private function _callback() - { - phpCAS::traceBegin(); - if ($this->_isCallbackModeUsingPost()) { - $pgtId = $_POST['pgtId']; - $pgtIou = $_POST['pgtIou']; - } else { - $pgtId = $_GET['pgtId']; - $pgtIou = $_GET['pgtIou']; - } - if (preg_match('/^PGTIOU-[\.\-\w]+$/', $pgtIou)) { - if (preg_match('/^[PT]GT-[\.\-\w]+$/', $pgtId)) { - phpCAS::trace('Storing PGT `'.$pgtId.'\' (id=`'.$pgtIou.'\')'); - $this->_storePGT($pgtId, $pgtIou); - if ($this->isXmlResponse()) { - echo '' . "\r\n"; - echo ''; - phpCAS::traceExit("XML response sent"); - } else { - $this->printHTMLHeader('phpCAS callback'); - echo '

Storing PGT `'.$pgtId.'\' (id=`'.$pgtIou.'\').

'; - $this->printHTMLFooter(); - phpCAS::traceExit("HTML response sent"); - } - phpCAS::traceExit("Successfull Callback"); - } else { - phpCAS::error('PGT format invalid' . $pgtId); - phpCAS::traceExit('PGT format invalid' . $pgtId); - } - } else { - phpCAS::error('PGTiou format invalid' . $pgtIou); - phpCAS::traceExit('PGTiou format invalid' . $pgtIou); - } - - // Flush the buffer to prevent from sending anything other then a 200 - // Success Status back to the CAS Server. The Exception would normally - // report as a 500 error. - flush(); - throw new CAS_GracefullTerminationException(); - } - - /** - * Check if application/xml or text/xml is pressent in HTTP_ACCEPT header values - * when return value is complex and contains attached q parameters. - * Example: HTTP_ACCEPT = text/html,application/xhtml+xml,application/xml;q=0.9 - * @return bool - */ - private function isXmlResponse() - { - if (!array_key_exists('HTTP_ACCEPT', $_SERVER)) { - return false; - } - if (strpos($_SERVER['HTTP_ACCEPT'], 'application/xml') === false && strpos($_SERVER['HTTP_ACCEPT'], 'text/xml') === false) { - return false; - } - - return true; - } - - /** @} */ - - // ######################################################################## - // PGT STORAGE - // ######################################################################## - /** - * @addtogroup internalPGTStorage - * @{ - */ - - /** - * @var CAS_PGTStorage_AbstractStorage - * an instance of a class inheriting of PGTStorage, used to deal with PGT - * storage. Created by CAS_Client::setPGTStorageFile(), used - * by CAS_Client::setPGTStorageFile() and CAS_Client::_initPGTStorage(). - * - * @hideinitializer - */ - private $_pgt_storage = null; - - /** - * This method is used to initialize the storage of PGT's. - * Halts on error. - * - * @return void - */ - private function _initPGTStorage() - { - // if no SetPGTStorageXxx() has been used, default to file - if ( !is_object($this->_pgt_storage) ) { - $this->setPGTStorageFile(); - } - - // initializes the storage - $this->_pgt_storage->init(); - } - - /** - * This method stores a PGT. Halts on error. - * - * @param string $pgt the PGT to store - * @param string $pgt_iou its corresponding Iou - * - * @return void - */ - private function _storePGT($pgt,$pgt_iou) - { - // ensure that storage is initialized - $this->_initPGTStorage(); - // writes the PGT - $this->_pgt_storage->write($pgt, $pgt_iou); - } - - /** - * This method reads a PGT from its Iou and deletes the corresponding - * storage entry. - * - * @param string $pgt_iou the PGT Iou - * - * @return string mul The PGT corresponding to the Iou, false when not found. - */ - private function _loadPGT($pgt_iou) - { - // ensure that storage is initialized - $this->_initPGTStorage(); - // read the PGT - return $this->_pgt_storage->read($pgt_iou); - } - - /** - * This method can be used to set a custom PGT storage object. - * - * @param CAS_PGTStorage_AbstractStorage $storage a PGT storage object that - * inherits from the CAS_PGTStorage_AbstractStorage class - * - * @return void - */ - public function setPGTStorage($storage) - { - // Sequence validation - $this->ensureIsProxy(); - - // check that the storage has not already been set - if ( is_object($this->_pgt_storage) ) { - phpCAS::error('PGT storage already defined'); - } - - // check to make sure a valid storage object was specified - if ( !($storage instanceof CAS_PGTStorage_AbstractStorage) ) - throw new CAS_TypeMismatchException($storage, '$storage', 'CAS_PGTStorage_AbstractStorage object'); - - // store the PGTStorage object - $this->_pgt_storage = $storage; - } - - /** - * This method is used to tell phpCAS to store the response of the - * CAS server to PGT requests in a database. - * - * @param string|PDO $dsn_or_pdo a dsn string to use for creating a PDO - * object or a PDO object - * @param string $username the username to use when connecting to the - * database - * @param string $password the password to use when connecting to the - * database - * @param string $table the table to use for storing and retrieving - * PGTs - * @param string $driver_options any driver options to use when connecting - * to the database - * - * @return void - */ - public function setPGTStorageDb( - $dsn_or_pdo, $username='', $password='', $table='', $driver_options=null - ) { - // Sequence validation - $this->ensureIsProxy(); - - // Argument validation - if (!(is_object($dsn_or_pdo) && $dsn_or_pdo instanceof PDO) && !is_string($dsn_or_pdo)) - throw new CAS_TypeMismatchException($dsn_or_pdo, '$dsn_or_pdo', 'string or PDO object'); - if (gettype($username) != 'string') - throw new CAS_TypeMismatchException($username, '$username', 'string'); - if (gettype($password) != 'string') - throw new CAS_TypeMismatchException($password, '$password', 'string'); - if (gettype($table) != 'string') - throw new CAS_TypeMismatchException($table, '$password', 'string'); - - // create the storage object - $this->setPGTStorage( - new CAS_PGTStorage_Db( - $this, $dsn_or_pdo, $username, $password, $table, $driver_options - ) - ); - } - - /** - * This method is used to tell phpCAS to store the response of the - * CAS server to PGT requests onto the filesystem. - * - * @param string $path the path where the PGT's should be stored - * - * @return void - */ - public function setPGTStorageFile($path='') - { - // Sequence validation - $this->ensureIsProxy(); - - // Argument validation - if (gettype($path) != 'string') - throw new CAS_TypeMismatchException($path, '$path', 'string'); - - // create the storage object - $this->setPGTStorage(new CAS_PGTStorage_File($this, $path)); - } - - - // ######################################################################## - // PGT VALIDATION - // ######################################################################## - /** - * This method is used to validate a PGT; halt on failure. - * - * @param string &$validate_url the URL of the request to the CAS server. - * @param string $text_response the response of the CAS server, as is - * (XML text); result of - * CAS_Client::validateCAS10() or - * CAS_Client::validateCAS20(). - * @param DOMElement $tree_response the response of the CAS server, as a DOM XML - * tree; result of CAS_Client::validateCAS10() or CAS_Client::validateCAS20(). - * - * @return bool true when successfull and issue a CAS_AuthenticationException - * and false on an error - * - * @throws CAS_AuthenticationException - */ - private function _validatePGT(&$validate_url,$text_response,$tree_response) - { - phpCAS::traceBegin(); - if ( $tree_response->getElementsByTagName("proxyGrantingTicket")->length == 0) { - phpCAS::trace(' not found'); - // authentication succeded, but no PGT Iou was transmitted - throw new CAS_AuthenticationException( - $this, 'Ticket validated but no PGT Iou transmitted', - $validate_url, false/*$no_response*/, false/*$bad_response*/, - $text_response - ); - } else { - // PGT Iou transmitted, extract it - $pgt_iou = trim( - $tree_response->getElementsByTagName("proxyGrantingTicket")->item(0)->nodeValue - ); - if (preg_match('/^PGTIOU-[\.\-\w]+$/', $pgt_iou)) { - $pgt = $this->_loadPGT($pgt_iou); - if ( $pgt == false ) { - phpCAS::trace('could not load PGT'); - throw new CAS_AuthenticationException( - $this, - 'PGT Iou was transmitted but PGT could not be retrieved', - $validate_url, false/*$no_response*/, - false/*$bad_response*/, $text_response - ); - } - $this->_setPGT($pgt); - } else { - phpCAS::trace('PGTiou format error'); - throw new CAS_AuthenticationException( - $this, 'PGT Iou was transmitted but has wrong format', - $validate_url, false/*$no_response*/, false/*$bad_response*/, - $text_response - ); - } - } - phpCAS::traceEnd(true); - return true; - } - - // ######################################################################## - // PGT VALIDATION - // ######################################################################## - - /** - * This method is used to retrieve PT's from the CAS server thanks to a PGT. - * - * @param string $target_service the service to ask for with the PT. - * @param int &$err_code an error code (PHPCAS_SERVICE_OK on success). - * @param string &$err_msg an error message (empty on success). - * - * @return string|false a Proxy Ticket, or false on error. - */ - public function retrievePT($target_service,&$err_code,&$err_msg) - { - // Argument validation - if (gettype($target_service) != 'string') - throw new CAS_TypeMismatchException($target_service, '$target_service', 'string'); - - phpCAS::traceBegin(); - - // by default, $err_msg is set empty and $pt to true. On error, $pt is - // set to false and $err_msg to an error message. At the end, if $pt is false - // and $error_msg is still empty, it is set to 'invalid response' (the most - // commonly encountered error). - $err_msg = ''; - - // build the URL to retrieve the PT - $cas_url = $this->getServerProxyURL().'?targetService=' - .urlencode($target_service).'&pgt='.$this->_getPGT(); - - $headers = ''; - $cas_response = ''; - // open and read the URL - if ( !$this->_readURL($cas_url, $headers, $cas_response, $err_msg) ) { - phpCAS::trace( - 'could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')' - ); - $err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE; - $err_msg = 'could not retrieve PT (no response from the CAS server)'; - phpCAS::traceEnd(false); - return false; - } - - $bad_response = false; - - // create new DOMDocument object - $dom = new DOMDocument(); - // Fix possible whitspace problems - $dom->preserveWhiteSpace = false; - // read the response of the CAS server into a DOM object - if ( !($dom->loadXML($cas_response))) { - phpCAS::trace('dom->loadXML() failed'); - // read failed - $bad_response = true; - } - - if ( !$bad_response ) { - // read the root node of the XML tree - if ( !($root = $dom->documentElement) ) { - phpCAS::trace('documentElement failed'); - // read failed - $bad_response = true; - } - } - - if ( !$bad_response ) { - // insure that tag name is 'serviceResponse' - if ( $root->localName != 'serviceResponse' ) { - phpCAS::trace('localName failed'); - // bad root node - $bad_response = true; - } - } - - if ( !$bad_response ) { - // look for a proxySuccess tag - if ( $root->getElementsByTagName("proxySuccess")->length != 0) { - $proxy_success_list = $root->getElementsByTagName("proxySuccess"); - - // authentication succeded, look for a proxyTicket tag - if ( $proxy_success_list->item(0)->getElementsByTagName("proxyTicket")->length != 0) { - $err_code = PHPCAS_SERVICE_OK; - $err_msg = ''; - $pt = trim( - $proxy_success_list->item(0)->getElementsByTagName("proxyTicket")->item(0)->nodeValue - ); - phpCAS::trace('original PT: '.trim($pt)); - phpCAS::traceEnd($pt); - return $pt; - } else { - phpCAS::trace(' was found, but not '); - } - } else if ($root->getElementsByTagName("proxyFailure")->length != 0) { - // look for a proxyFailure tag - $proxy_failure_list = $root->getElementsByTagName("proxyFailure"); - - // authentication failed, extract the error - $err_code = PHPCAS_SERVICE_PT_FAILURE; - $err_msg = 'PT retrieving failed (code=`' - .$proxy_failure_list->item(0)->getAttribute('code') - .'\', message=`' - .trim($proxy_failure_list->item(0)->nodeValue) - .'\')'; - phpCAS::traceEnd(false); - return false; - } else { - phpCAS::trace('neither nor found'); - } - } - - // at this step, we are sure that the response of the CAS server was - // illformed - $err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE; - $err_msg = 'Invalid response from the CAS server (response=`' - .$cas_response.'\')'; - - phpCAS::traceEnd(false); - return false; - } - - /** @} */ - - // ######################################################################## - // READ CAS SERVER ANSWERS - // ######################################################################## - - /** - * @addtogroup internalMisc - * @{ - */ - - /** - * This method is used to acces a remote URL. - * - * @param string $url the URL to access. - * @param string &$headers an array containing the HTTP header lines of the - * response (an empty array on failure). - * @param string &$body the body of the response, as a string (empty on - * failure). - * @param string &$err_msg an error message, filled on failure. - * - * @return bool true on success, false otherwise (in this later case, $err_msg - * contains an error message). - */ - private function _readURL($url, &$headers, &$body, &$err_msg) - { - phpCAS::traceBegin(); - $className = $this->_requestImplementation; - $request = new $className(); - - if (count($this->_curl_options)) { - $request->setCurlOptions($this->_curl_options); - } - - $request->setUrl($url); - - if (empty($this->_cas_server_ca_cert) && !$this->_no_cas_server_validation) { - phpCAS::error( - 'one of the methods phpCAS::setCasServerCACert() or phpCAS::setNoCasServerValidation() must be called.' - ); - } - if ($this->_cas_server_ca_cert != '') { - $request->setSslCaCert( - $this->_cas_server_ca_cert, $this->_cas_server_cn_validate - ); - } - - // add extra stuff if SAML - if ($this->getServerVersion() == SAML_VERSION_1_1) { - $request->addHeader("soapaction: http://www.oasis-open.org/committees/security"); - $request->addHeader("cache-control: no-cache"); - $request->addHeader("pragma: no-cache"); - $request->addHeader("accept: text/xml"); - $request->addHeader("connection: keep-alive"); - $request->addHeader("content-type: text/xml"); - $request->makePost(); - $request->setPostBody($this->_buildSAMLPayload()); - } - - if ($request->send()) { - $headers = $request->getResponseHeaders(); - $body = $request->getResponseBody(); - $err_msg = ''; - phpCAS::traceEnd(true); - return true; - } else { - $headers = ''; - $body = ''; - $err_msg = $request->getErrorMessage(); - phpCAS::traceEnd(false); - return false; - } - } - - /** - * This method is used to build the SAML POST body sent to /samlValidate URL. - * - * @return string the SOAP-encased SAMLP artifact (the ticket). - */ - private function _buildSAMLPayload() - { - phpCAS::traceBegin(); - - //get the ticket - $sa = urlencode($this->getTicket()); - - $body = SAML_SOAP_ENV.SAML_SOAP_BODY.SAMLP_REQUEST - .SAML_ASSERTION_ARTIFACT.$sa.SAML_ASSERTION_ARTIFACT_CLOSE - .SAMLP_REQUEST_CLOSE.SAML_SOAP_BODY_CLOSE.SAML_SOAP_ENV_CLOSE; - - phpCAS::traceEnd($body); - return ($body); - } - - /** @} **/ - - // ######################################################################## - // ACCESS TO EXTERNAL SERVICES - // ######################################################################## - - /** - * @addtogroup internalProxyServices - * @{ - */ - - - /** - * Answer a proxy-authenticated service handler. - * - * @param string $type The service type. One of: - * PHPCAS_PROXIED_SERVICE_HTTP_GET, PHPCAS_PROXIED_SERVICE_HTTP_POST, - * PHPCAS_PROXIED_SERVICE_IMAP - * - * @return CAS_ProxiedService - * @throws InvalidArgumentException If the service type is unknown. - */ - public function getProxiedService ($type) - { - // Sequence validation - $this->ensureIsProxy(); - $this->ensureAuthenticationCallSuccessful(); - - // Argument validation - if (gettype($type) != 'string') - throw new CAS_TypeMismatchException($type, '$type', 'string'); - - switch ($type) { - case PHPCAS_PROXIED_SERVICE_HTTP_GET: - case PHPCAS_PROXIED_SERVICE_HTTP_POST: - $requestClass = $this->_requestImplementation; - $request = new $requestClass(); - if (count($this->_curl_options)) { - $request->setCurlOptions($this->_curl_options); - } - $proxiedService = new $type($request, $this->_serviceCookieJar); - if ($proxiedService instanceof CAS_ProxiedService_Testable) { - $proxiedService->setCasClient($this); - } - return $proxiedService; - case PHPCAS_PROXIED_SERVICE_IMAP; - $proxiedService = new CAS_ProxiedService_Imap($this->_getUser()); - if ($proxiedService instanceof CAS_ProxiedService_Testable) { - $proxiedService->setCasClient($this); - } - return $proxiedService; - default: - throw new CAS_InvalidArgumentException( - "Unknown proxied-service type, $type." - ); - } - } - - /** - * Initialize a proxied-service handler with the proxy-ticket it should use. - * - * @param CAS_ProxiedService $proxiedService service handler - * - * @return void - * - * @throws CAS_ProxyTicketException If there is a proxy-ticket failure. - * The code of the Exception will be one of: - * PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE - * PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE - * PHPCAS_SERVICE_PT_FAILURE - * @throws CAS_ProxiedService_Exception If there is a failure getting the - * url from the proxied service. - */ - public function initializeProxiedService (CAS_ProxiedService $proxiedService) - { - // Sequence validation - $this->ensureIsProxy(); - $this->ensureAuthenticationCallSuccessful(); - - $url = $proxiedService->getServiceUrl(); - if (!is_string($url)) { - throw new CAS_ProxiedService_Exception( - "Proxied Service ".get_class($proxiedService) - ."->getServiceUrl() should have returned a string, returned a " - .gettype($url)." instead." - ); - } - $pt = $this->retrievePT($url, $err_code, $err_msg); - if (!$pt) { - throw new CAS_ProxyTicketException($err_msg, $err_code); - } - $proxiedService->setProxyTicket($pt); - } - - /** - * This method is used to access an HTTP[S] service. - * - * @param string $url the service to access. - * @param int &$err_code an error code Possible values are - * PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, - * PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, - * PHPCAS_SERVICE_NOT_AVAILABLE. - * @param string &$output the output of the service (also used to give an error - * message on failure). - * - * @return bool true on success, false otherwise (in this later case, $err_code - * gives the reason why it failed and $output contains an error message). - */ - public function serviceWeb($url,&$err_code,&$output) - { - // Sequence validation - $this->ensureIsProxy(); - $this->ensureAuthenticationCallSuccessful(); - - // Argument validation - if (gettype($url) != 'string') - throw new CAS_TypeMismatchException($url, '$url', 'string'); - - try { - $service = $this->getProxiedService(PHPCAS_PROXIED_SERVICE_HTTP_GET); - $service->setUrl($url); - $service->send(); - $output = $service->getResponseBody(); - $err_code = PHPCAS_SERVICE_OK; - return true; - } catch (CAS_ProxyTicketException $e) { - $err_code = $e->getCode(); - $output = $e->getMessage(); - return false; - } catch (CAS_ProxiedService_Exception $e) { - $lang = $this->getLangObj(); - $output = sprintf( - $lang->getServiceUnavailable(), $url, $e->getMessage() - ); - $err_code = PHPCAS_SERVICE_NOT_AVAILABLE; - return false; - } - } - - /** - * This method is used to access an IMAP/POP3/NNTP service. - * - * @param string $url a string giving the URL of the service, including - * the mailing box for IMAP URLs, as accepted by imap_open(). - * @param string $serviceUrl a string giving for CAS retrieve Proxy ticket - * @param string $flags options given to imap_open(). - * @param int &$err_code an error code Possible values are - * PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, - * PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, - * PHPCAS_SERVICE_NOT_AVAILABLE. - * @param string &$err_msg an error message on failure - * @param string &$pt the Proxy Ticket (PT) retrieved from the CAS - * server to access the URL on success, false on error). - * - * @return object|false an IMAP stream on success, false otherwise (in this later - * case, $err_code gives the reason why it failed and $err_msg contains an - * error message). - */ - public function serviceMail($url,$serviceUrl,$flags,&$err_code,&$err_msg,&$pt) - { - // Sequence validation - $this->ensureIsProxy(); - $this->ensureAuthenticationCallSuccessful(); - - // Argument validation - if (gettype($url) != 'string') - throw new CAS_TypeMismatchException($url, '$url', 'string'); - if (gettype($serviceUrl) != 'string') - throw new CAS_TypeMismatchException($serviceUrl, '$serviceUrl', 'string'); - if (gettype($flags) != 'integer') - throw new CAS_TypeMismatchException($flags, '$flags', 'string'); - - try { - $service = $this->getProxiedService(PHPCAS_PROXIED_SERVICE_IMAP); - $service->setServiceUrl($serviceUrl); - $service->setMailbox($url); - $service->setOptions($flags); - - $stream = $service->open(); - $err_code = PHPCAS_SERVICE_OK; - $pt = $service->getImapProxyTicket(); - return $stream; - } catch (CAS_ProxyTicketException $e) { - $err_msg = $e->getMessage(); - $err_code = $e->getCode(); - $pt = false; - return false; - } catch (CAS_ProxiedService_Exception $e) { - $lang = $this->getLangObj(); - $err_msg = sprintf( - $lang->getServiceUnavailable(), - $url, - $e->getMessage() - ); - $err_code = PHPCAS_SERVICE_NOT_AVAILABLE; - $pt = false; - return false; - } - } - - /** @} **/ - - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - // XX XX - // XX PROXIED CLIENT FEATURES (CAS 2.0) XX - // XX XX - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - - // ######################################################################## - // PT - // ######################################################################## - /** - * @addtogroup internalService - * @{ - */ - - /** - * This array will store a list of proxies in front of this application. This - * property will only be populated if this script is being proxied rather than - * accessed directly. - * - * It is set in CAS_Client::validateCAS20() and can be read by - * CAS_Client::getProxies() - * - * @access private - */ - private $_proxies = array(); - - /** - * Answer an array of proxies that are sitting in front of this application. - * - * This method will only return a non-empty array if we have received and - * validated a Proxy Ticket. - * - * @return array - * @access public - */ - public function getProxies() - { - return $this->_proxies; - } - - /** - * Set the Proxy array, probably from persistant storage. - * - * @param array $proxies An array of proxies - * - * @return void - * @access private - */ - private function _setProxies($proxies) - { - $this->_proxies = $proxies; - if (!empty($proxies)) { - // For proxy-authenticated requests people are not viewing the URL - // directly since the client is another application making a - // web-service call. - // Because of this, stripping the ticket from the URL is unnecessary - // and causes another web-service request to be performed. Additionally, - // if session handling on either the client or the server malfunctions - // then the subsequent request will not complete successfully. - $this->setNoClearTicketsFromUrl(); - } - } - - /** - * A container of patterns to be allowed as proxies in front of the cas client. - * - * @var CAS_ProxyChain_AllowedList - */ - private $_allowed_proxy_chains; - - /** - * Answer the CAS_ProxyChain_AllowedList object for this client. - * - * @return CAS_ProxyChain_AllowedList - */ - public function getAllowedProxyChains () - { - if (empty($this->_allowed_proxy_chains)) { - $this->_allowed_proxy_chains = new CAS_ProxyChain_AllowedList(); - } - return $this->_allowed_proxy_chains; - } - - /** @} */ - // ######################################################################## - // PT VALIDATION - // ######################################################################## - /** - * @addtogroup internalProxied - * @{ - */ - - /** - * This method is used to validate a cas 2.0 ST or PT; halt on failure - * Used for all CAS 2.0 validations - * - * @param string &$validate_url the url of the reponse - * @param string &$text_response the text of the repsones - * @param DOMElement &$tree_response the domxml tree of the respones - * @param bool $renew true to force the authentication with the CAS server - * - * @return bool true when successfull and issue a CAS_AuthenticationException - * and false on an error - * - * @throws CAS_AuthenticationException - */ - public function validateCAS20(&$validate_url,&$text_response,&$tree_response, $renew=false) - { - phpCAS::traceBegin(); - phpCAS::trace($text_response); - // build the URL to validate the ticket - if ($this->getAllowedProxyChains()->isProxyingAllowed()) { - $validate_url = $this->getServerProxyValidateURL().'&ticket=' - .urlencode($this->getTicket()); - } else { - $validate_url = $this->getServerServiceValidateURL().'&ticket=' - .urlencode($this->getTicket()); - } - - if ( $this->isProxy() ) { - // pass the callback url for CAS proxies - $validate_url .= '&pgtUrl='.urlencode($this->_getCallbackURL()); - } - - if ( $renew ) { - // pass the renew - $validate_url .= '&renew=true'; - } - - // open and read the URL - if ( !$this->_readURL($validate_url, $headers, $text_response, $err_msg) ) { - phpCAS::trace( - 'could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')' - ); - throw new CAS_AuthenticationException( - $this, 'Ticket not validated', $validate_url, - true/*$no_response*/ - ); - } - - // create new DOMDocument object - $dom = new DOMDocument(); - // Fix possible whitspace problems - $dom->preserveWhiteSpace = false; - // CAS servers should only return data in utf-8 - $dom->encoding = "utf-8"; - // read the response of the CAS server into a DOMDocument object - if ( !($dom->loadXML($text_response))) { - // read failed - throw new CAS_AuthenticationException( - $this, 'Ticket not validated', $validate_url, - false/*$no_response*/, true/*$bad_response*/, $text_response - ); - } else if ( !($tree_response = $dom->documentElement) ) { - // read the root node of the XML tree - // read failed - throw new CAS_AuthenticationException( - $this, 'Ticket not validated', $validate_url, - false/*$no_response*/, true/*$bad_response*/, $text_response - ); - } else if ($tree_response->localName != 'serviceResponse') { - // insure that tag name is 'serviceResponse' - // bad root node - throw new CAS_AuthenticationException( - $this, 'Ticket not validated', $validate_url, - false/*$no_response*/, true/*$bad_response*/, $text_response - ); - } else if ( $tree_response->getElementsByTagName("authenticationFailure")->length != 0) { - // authentication failed, extract the error code and message and throw exception - $auth_fail_list = $tree_response - ->getElementsByTagName("authenticationFailure"); - throw new CAS_AuthenticationException( - $this, 'Ticket not validated', $validate_url, - false/*$no_response*/, false/*$bad_response*/, - $text_response, - $auth_fail_list->item(0)->getAttribute('code')/*$err_code*/, - trim($auth_fail_list->item(0)->nodeValue)/*$err_msg*/ - ); - } else if ($tree_response->getElementsByTagName("authenticationSuccess")->length != 0) { - // authentication succeded, extract the user name - $success_elements = $tree_response - ->getElementsByTagName("authenticationSuccess"); - if ( $success_elements->item(0)->getElementsByTagName("user")->length == 0) { - // no user specified => error - throw new CAS_AuthenticationException( - $this, 'Ticket not validated', $validate_url, - false/*$no_response*/, true/*$bad_response*/, $text_response - ); - } else { - $this->_setUser( - trim( - $success_elements->item(0)->getElementsByTagName("user")->item(0)->nodeValue - ) - ); - $this->_readExtraAttributesCas20($success_elements); - // Store the proxies we are sitting behind for authorization checking - $proxyList = array(); - if ( sizeof($arr = $success_elements->item(0)->getElementsByTagName("proxy")) > 0) { - foreach ($arr as $proxyElem) { - phpCAS::trace("Found Proxy: ".$proxyElem->nodeValue); - $proxyList[] = trim($proxyElem->nodeValue); - } - $this->_setProxies($proxyList); - phpCAS::trace("Storing Proxy List"); - } - // Check if the proxies in front of us are allowed - if (!$this->getAllowedProxyChains()->isProxyListAllowed($proxyList)) { - throw new CAS_AuthenticationException( - $this, 'Proxy not allowed', $validate_url, - false/*$no_response*/, true/*$bad_response*/, - $text_response - ); - } else { - $result = true; - } - } - } else { - throw new CAS_AuthenticationException( - $this, 'Ticket not validated', $validate_url, - false/*$no_response*/, true/*$bad_response*/, - $text_response - ); - } - - $this->_renameSession($this->getTicket()); - - // at this step, Ticket has been validated and $this->_user has been set, - - phpCAS::traceEnd($result); - return $result; - } - - /** - * This method recursively parses the attribute XML. - * It also collapses name-value pairs into a single - * array entry. It parses all common formats of - * attributes and well formed XML files. - * - * @param string $root the DOM root element to be parsed - * @param string $namespace namespace of the elements - * - * @return an array of the parsed XML elements - * - * Formats tested: - * - * "Jasig Style" Attributes: - * - * - * - * jsmith - * - * RubyCAS - * Smith - * John - * CN=Staff,OU=Groups,DC=example,DC=edu - * CN=Spanish Department,OU=Departments,OU=Groups,DC=example,DC=edu - * - * PGTIOU-84678-8a9d2sfa23casd - * - * - * - * "Jasig Style" Attributes (longer version): - * - * - * - * jsmith - * - * - * surname - * Smith - * - * - * givenName - * John - * - * - * memberOf - * ['CN=Staff,OU=Groups,DC=example,DC=edu', 'CN=Spanish Department,OU=Departments,OU=Groups,DC=example,DC=edu'] - * - * - * PGTIOU-84678-8a9d2sfa23casd - * - * - * - * "RubyCAS Style" attributes - * - * - * - * jsmith - * - * RubyCAS - * Smith - * John - * CN=Staff,OU=Groups,DC=example,DC=edu - * CN=Spanish Department,OU=Departments,OU=Groups,DC=example,DC=edu - * - * PGTIOU-84678-8a9d2sfa23casd - * - * - * - * "Name-Value" attributes. - * - * Attribute format from these mailing list thread: - * http://jasig.275507.n4.nabble.com/CAS-attributes-and-how-they-appear-in-the-CAS-response-td264272.html - * Note: This is a less widely used format, but in use by at least two institutions. - * - * - * - * jsmith - * - * - * - * - * - * - * - * PGTIOU-84678-8a9d2sfa23casd - * - * - * - * result: - * - * Array ( - * [surname] => Smith - * [givenName] => John - * [memberOf] => Array ( - * [0] => CN=Staff, OU=Groups, DC=example, DC=edu - * [1] => CN=Spanish Department, OU=Departments, OU=Groups, DC=example, DC=edu - * ) - * ) - */ - private function _xml_to_array($root, $namespace = "cas") - { - $result = array(); - if ($root->hasAttributes()) { - $attrs = $root->attributes; - $pair = array(); - foreach ($attrs as $attr) { - if ($attr->name === "name") { - $pair['name'] = $attr->value; - } elseif ($attr->name === "value") { - $pair['value'] = $attr->value; - } else { - $result[$attr->name] = $attr->value; - } - if (array_key_exists('name', $pair) && array_key_exists('value', $pair)) { - $result[$pair['name']] = $pair['value']; - } - } - } - if ($root->hasChildNodes()) { - $children = $root->childNodes; - if ($children->length == 1) { - $child = $children->item(0); - if ($child->nodeType == XML_TEXT_NODE) { - $result['_value'] = $child->nodeValue; - return (count($result) == 1) ? $result['_value'] : $result; - } - } - $groups = array(); - foreach ($children as $child) { - $child_nodeName = str_ireplace($namespace . ":", "", $child->nodeName); - if (in_array($child_nodeName, array("user", "proxies", "proxyGrantingTicket"))) { - continue; - } - if (!isset($result[$child_nodeName])) { - $res = $this->_xml_to_array($child, $namespace); - if (!empty($res)) { - $result[$child_nodeName] = $this->_xml_to_array($child, $namespace); - } - } else { - if (!isset($groups[$child_nodeName])) { - $result[$child_nodeName] = array($result[$child_nodeName]); - $groups[$child_nodeName] = 1; - } - $result[$child_nodeName][] = $this->_xml_to_array($child, $namespace); - } - } - } - return $result; - } - - /** - * This method parses a "JSON-like array" of strings - * into an array of strings - * - * @param string $json_value the json-like string: - * e.g.: - * ['CN=Staff,OU=Groups,DC=example,DC=edu', 'CN=Spanish Department,OU=Departments,OU=Groups,DC=example,DC=edu'] - * - * @return array of strings Description - * e.g.: - * Array ( - * [0] => CN=Staff,OU=Groups,DC=example,DC=edu - * [1] => CN=Spanish Department,OU=Departments,OU=Groups,DC=example,DC=edu - * ) - */ - private function _parse_json_like_array_value($json_value) - { - $parts = explode(",", trim($json_value, "[]")); - $out = array(); - $quote = ''; - foreach ($parts as $part) { - $part = trim($part); - if ($quote === '') { - $value = ""; - if ($this->_startsWith($part, '\'')) { - $quote = '\''; - } elseif ($this->_startsWith($part, '"')) { - $quote = '"'; - } else { - $out[] = $part; - } - $part = ltrim($part, $quote); - } - if ($quote !== '') { - $value .= $part; - if ($this->_endsWith($part, $quote)) { - $out[] = rtrim($value, $quote); - $quote = ''; - } else { - $value .= ", "; - }; - } - } - return $out; - } - - /** - * This method recursively removes unneccessary hirarchy levels in array-trees. - * into an array of strings - * - * @param array $arr the array to flatten - * e.g.: - * Array ( - * [attributes] => Array ( - * [attribute] => Array ( - * [0] => Array ( - * [name] => surname - * [value] => Smith - * ) - * [1] => Array ( - * [name] => givenName - * [value] => John - * ) - * [2] => Array ( - * [name] => memberOf - * [value] => ['CN=Staff,OU=Groups,DC=example,DC=edu', 'CN=Spanish Department,OU=Departments,OU=Groups,DC=example,DC=edu'] - * ) - * ) - * ) - * ) - * - * @return array the flattened array - * e.g.: - * Array ( - * [attribute] => Array ( - * [surname] => Smith - * [givenName] => John - * [memberOf] => Array ( - * [0] => CN=Staff, OU=Groups, DC=example, DC=edu - * [1] => CN=Spanish Department, OU=Departments, OU=Groups, DC=example, DC=edu - * ) - * ) - * ) - */ - private function _flatten_array($arr) - { - if (!is_array($arr)) { - if ($this->_startsWith($arr, '[') && $this->_endsWith($arr, ']')) { - return $this->_parse_json_like_array_value($arr); - } else { - return $arr; - } - } - $out = array(); - foreach ($arr as $key => $val) { - if (!is_array($val)) { - $out[$key] = $val; - } else { - switch (count($val)) { - case 1 : { - $key = key($val); - if (array_key_exists($key, $out)) { - $value = $out[$key]; - if (!is_array($value)) { - $out[$key] = array(); - $out[$key][] = $value; - } - $out[$key][] = $this->_flatten_array($val[$key]); - } else { - $out[$key] = $this->_flatten_array($val[$key]); - }; - break; - }; - case 2 : { - if (array_key_exists("name", $val) && array_key_exists("value", $val)) { - $key = $val['name']; - if (array_key_exists($key, $out)) { - $value = $out[$key]; - if (!is_array($value)) { - $out[$key] = array(); - $out[$key][] = $value; - } - $out[$key][] = $this->_flatten_array($val['value']); - } else { - $out[$key] = $this->_flatten_array($val['value']); - }; - } else { - $out[$key] = $this->_flatten_array($val); - } - break; - }; - default: { - $out[$key] = $this->_flatten_array($val); - } - } - } - } - return $out; - } - - /** - * This method will parse the DOM and pull out the attributes from the XML - * payload and put them into an array, then put the array into the session. - * - * @param DOMNodeList $success_elements payload of the response - * - * @return bool true when successfull, halt otherwise by calling - * CAS_Client::_authError(). - */ - private function _readExtraAttributesCas20($success_elements) - { - phpCAS::traceBegin(); - - $extra_attributes = array(); - if ($this->_casAttributeParserCallbackFunction !== null - && is_callable($this->_casAttributeParserCallbackFunction) - ) { - array_unshift($this->_casAttributeParserCallbackArgs, $success_elements->item(0)); - phpCAS :: trace("Calling attritubeParser callback"); - $extra_attributes = call_user_func_array( - $this->_casAttributeParserCallbackFunction, - $this->_casAttributeParserCallbackArgs - ); - } else { - phpCAS :: trace("Parse extra attributes: "); - $attributes = $this->_xml_to_array($success_elements->item(0)); - phpCAS :: trace(print_r($attributes,true). "\nFLATTEN Array: "); - $extra_attributes = $this->_flatten_array($attributes); - phpCAS :: trace(print_r($extra_attributes, true)."\nFILTER : "); - if (array_key_exists("attribute", $extra_attributes)) { - $extra_attributes = $extra_attributes["attribute"]; - } elseif (array_key_exists("attributes", $extra_attributes)) { - $extra_attributes = $extra_attributes["attributes"]; - }; - phpCAS :: trace(print_r($extra_attributes, true)."return"); - } - $this->setAttributes($extra_attributes); - phpCAS::traceEnd(); - return true; - } - - /** - * Add an attribute value to an array of attributes. - * - * @param array &$attributeArray reference to array - * @param string $name name of attribute - * @param string $value value of attribute - * - * @return void - */ - private function _addAttributeToArray(array &$attributeArray, $name, $value) - { - // If multiple attributes exist, add as an array value - if (isset($attributeArray[$name])) { - // Initialize the array with the existing value - if (!is_array($attributeArray[$name])) { - $existingValue = $attributeArray[$name]; - $attributeArray[$name] = array($existingValue); - } - - $attributeArray[$name][] = trim($value); - } else { - $attributeArray[$name] = trim($value); - } - } - - /** @} */ - - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - // XX XX - // XX MISC XX - // XX XX - // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - - /** - * @addtogroup internalMisc - * @{ - */ - - // ######################################################################## - // URL - // ######################################################################## - /** - * the URL of the current request (without any ticket CGI parameter). Written - * and read by CAS_Client::getURL(). - * - * @hideinitializer - */ - private $_url = ''; - - - /** - * This method sets the URL of the current request - * - * @param string $url url to set for service - * - * @return void - */ - public function setURL($url) - { - // Argument Validation - if (gettype($url) != 'string') - throw new CAS_TypeMismatchException($url, '$url', 'string'); - - $this->_url = $url; - } - - /** - * This method returns the URL of the current request (without any ticket - * CGI parameter). - * - * @return string The URL - */ - public function getURL() - { - phpCAS::traceBegin(); - // the URL is built when needed only - if ( empty($this->_url) ) { - // remove the ticket if present in the URL - $final_uri = $this->getServiceBaseUrl()->get(); - $request_uri = explode('?', $_SERVER['REQUEST_URI'], 2); - $final_uri .= $request_uri[0]; - - if (isset($request_uri[1]) && $request_uri[1]) { - $query_string= $this->_removeParameterFromQueryString('ticket', $request_uri[1]); - - // If the query string still has anything left, - // append it to the final URI - if ($query_string !== '') { - $final_uri .= "?$query_string"; - } - } - - phpCAS::trace("Final URI: $final_uri"); - $this->setURL($final_uri); - } - phpCAS::traceEnd($this->_url); - return $this->_url; - } - - /** - * This method sets the base URL of the CAS server. - * - * @param string $url the base URL - * - * @return string base url - */ - public function setBaseURL($url) - { - // Argument Validation - if (gettype($url) != 'string') - throw new CAS_TypeMismatchException($url, '$url', 'string'); - - return $this->_server['base_url'] = $url; - } - - /** - * The ServiceBaseUrl object that provides base URL during service URL - * discovery process. - * - * @var CAS_ServiceBaseUrl_Interface - * - * @hideinitializer - */ - private $_serviceBaseUrl = null; - - /** - * Answer the CAS_ServiceBaseUrl_Interface object for this client. - * - * @return CAS_ServiceBaseUrl_Interface - */ - public function getServiceBaseUrl() - { - if (empty($this->_serviceBaseUrl)) { - phpCAS::error("ServiceBaseUrl object is not initialized"); - } - return $this->_serviceBaseUrl; - } - - /** - * This method sets the service base URL used during service URL discovery process. - * - * This is required since phpCAS 1.6.0 to protect the integrity of the authentication. - * - * @since phpCAS 1.6.0 - * - * @param $name can be any of the following: - * - A base URL string. The service URL discovery will always use this (protocol, - * hostname and optional port number) without using any external host names. - * - An array of base URL strings. The service URL discovery will check against - * this list before using the auto discovered base URL. If there is no match, - * the first base URL in the array will be used as the default. This option is - * helpful if your PHP website is accessible through multiple domains without a - * canonical name, or through both HTTP and HTTPS. - * - A class that implements CAS_ServiceBaseUrl_Interface. If you need to customize - * the base URL discovery behavior, you can pass in a class that implements the - * interface. - * - * @return void - */ - private function _setServiceBaseUrl($name) - { - if (is_array($name)) { - $this->_serviceBaseUrl = new CAS_ServiceBaseUrl_AllowedListDiscovery($name); - } else if (is_string($name)) { - $this->_serviceBaseUrl = new CAS_ServiceBaseUrl_Static($name); - } else if ($name instanceof CAS_ServiceBaseUrl_Interface) { - $this->_serviceBaseUrl = $name; - } else { - throw new CAS_TypeMismatchException($name, '$name', 'array, string, or CAS_ServiceBaseUrl_Interface object'); - } - } - - /** - * Removes a parameter from a query string - * - * @param string $parameterName name of parameter - * @param string $queryString query string - * - * @return string new query string - * - * @link http://stackoverflow.com/questions/1842681/regular-expression-to-remove-one-parameter-from-query-string - */ - private function _removeParameterFromQueryString($parameterName, $queryString) - { - $parameterName = preg_quote($parameterName); - return preg_replace( - "/&$parameterName(=[^&]*)?|^$parameterName(=[^&]*)?&?/", - '', $queryString - ); - } - - /** - * This method is used to append query parameters to an url. Since the url - * might already contain parameter it has to be detected and to build a proper - * URL - * - * @param string $url base url to add the query params to - * @param string $query params in query form with & separated - * - * @return string url with query params - */ - private function _buildQueryUrl($url, $query) - { - $url .= (strstr($url, '?') === false) ? '?' : '&'; - $url .= $query; - return $url; - } - - /** - * This method tests if a string starts with a given character. - * - * @param string $text text to test - * @param string $char character to test for - * - * @return bool true if the $text starts with $char - */ - private function _startsWith($text, $char) - { - return (strpos($text, $char) === 0); - } - - /** - * This method tests if a string ends with a given character - * - * @param string $text text to test - * @param string $char character to test for - * - * @return bool true if the $text ends with $char - */ - private function _endsWith($text, $char) - { - return (strpos(strrev($text), $char) === 0); - } - - /** - * Answer a valid session-id given a CAS ticket. - * - * The output must be deterministic to allow single-log-out when presented with - * the ticket to log-out. - * - * - * @param string $ticket name of the ticket - * - * @return string - */ - private function _sessionIdForTicket($ticket) - { - // Hash the ticket to ensure that the value meets the PHP 7.1 requirement - // that session-ids have a length between 22 and 256 characters. - return hash('sha256', $this->_sessionIdSalt . $ticket); - } - - /** - * Set a salt/seed for the session-id hash to make it harder to guess. - * - * @var string $_sessionIdSalt - */ - private $_sessionIdSalt = ''; - - /** - * Set a salt/seed for the session-id hash to make it harder to guess. - * - * @param string $salt - * - * @return void - */ - public function setSessionIdSalt($salt) { - $this->_sessionIdSalt = (string)$salt; - } - - // ######################################################################## - // AUTHENTICATION ERROR HANDLING - // ######################################################################## - /** - * This method is used to print the HTML output when the user was not - * authenticated. - * - * @param string $failure the failure that occured - * @param string $cas_url the URL the CAS server was asked for - * @param bool $no_response the response from the CAS server (other - * parameters are ignored if true) - * @param bool $bad_response bad response from the CAS server ($err_code - * and $err_msg ignored if true) - * @param string $cas_response the response of the CAS server - * @param int $err_code the error code given by the CAS server - * @param string $err_msg the error message given by the CAS server - * - * @return void - */ - private function _authError( - $failure, - $cas_url, - $no_response=false, - $bad_response=false, - $cas_response='', - $err_code=-1, - $err_msg='' - ) { - phpCAS::traceBegin(); - $lang = $this->getLangObj(); - $this->printHTMLHeader($lang->getAuthenticationFailed()); - $this->printf( - $lang->getYouWereNotAuthenticated(), htmlentities($this->getURL()), - isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN']:'' - ); - phpCAS::trace('CAS URL: '.$cas_url); - phpCAS::trace('Authentication failure: '.$failure); - if ( $no_response ) { - phpCAS::trace('Reason: no response from the CAS server'); - } else { - if ( $bad_response ) { - phpCAS::trace('Reason: bad response from the CAS server'); - } else { - switch ($this->getServerVersion()) { - case CAS_VERSION_1_0: - phpCAS::trace('Reason: CAS error'); - break; - case CAS_VERSION_2_0: - case CAS_VERSION_3_0: - if ( $err_code === -1 ) { - phpCAS::trace('Reason: no CAS error'); - } else { - phpCAS::trace( - 'Reason: ['.$err_code.'] CAS error: '.$err_msg - ); - } - break; - } - } - phpCAS::trace('CAS response: '.$cas_response); - } - $this->printHTMLFooter(); - phpCAS::traceExit(); - throw new CAS_GracefullTerminationException(); - } - - // ######################################################################## - // PGTIOU/PGTID and logoutRequest rebroadcasting - // ######################################################################## - - /** - * Boolean of whether to rebroadcast pgtIou/pgtId and logoutRequest, and - * array of the nodes. - */ - private $_rebroadcast = false; - private $_rebroadcast_nodes = array(); - - /** - * Constants used for determining rebroadcast node type. - */ - const HOSTNAME = 0; - const IP = 1; - - /** - * Determine the node type from the URL. - * - * @param String $nodeURL The node URL. - * - * @return int hostname - * - */ - private function _getNodeType($nodeURL) - { - phpCAS::traceBegin(); - if (preg_match("/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/", $nodeURL)) { - phpCAS::traceEnd(self::IP); - return self::IP; - } else { - phpCAS::traceEnd(self::HOSTNAME); - return self::HOSTNAME; - } - } - - /** - * Store the rebroadcast node for pgtIou/pgtId and logout requests. - * - * @param string $rebroadcastNodeUrl The rebroadcast node URL. - * - * @return void - */ - public function addRebroadcastNode($rebroadcastNodeUrl) - { - // Argument validation - if ( !(bool)preg_match("/^(http|https):\/\/([A-Z0-9][A-Z0-9_-]*(?:\.[A-Z0-9][A-Z0-9_-]*)+):?(\d+)?\/?/i", $rebroadcastNodeUrl)) - throw new CAS_TypeMismatchException($rebroadcastNodeUrl, '$rebroadcastNodeUrl', 'url'); - - // Store the rebroadcast node and set flag - $this->_rebroadcast = true; - $this->_rebroadcast_nodes[] = $rebroadcastNodeUrl; - } - - /** - * An array to store extra rebroadcast curl options. - */ - private $_rebroadcast_headers = array(); - - /** - * This method is used to add header parameters when rebroadcasting - * pgtIou/pgtId or logoutRequest. - * - * @param string $header Header to send when rebroadcasting. - * - * @return void - */ - public function addRebroadcastHeader($header) - { - if (gettype($header) != 'string') - throw new CAS_TypeMismatchException($header, '$header', 'string'); - - $this->_rebroadcast_headers[] = $header; - } - - /** - * Constants used for determining rebroadcast type (logout or pgtIou/pgtId). - */ - const LOGOUT = 0; - const PGTIOU = 1; - - /** - * This method rebroadcasts logout/pgtIou requests. Can be LOGOUT,PGTIOU - * - * @param int $type type of rebroadcasting. - * - * @return void - */ - private function _rebroadcast($type) - { - phpCAS::traceBegin(); - - $rebroadcast_curl_options = array( - CURLOPT_FAILONERROR => 1, - CURLOPT_FOLLOWLOCATION => 1, - CURLOPT_RETURNTRANSFER => 1, - CURLOPT_CONNECTTIMEOUT => 1, - CURLOPT_TIMEOUT => 4); - - // Try to determine the IP address of the server - if (!empty($_SERVER['SERVER_ADDR'])) { - $ip = $_SERVER['SERVER_ADDR']; - } else if (!empty($_SERVER['LOCAL_ADDR'])) { - // IIS 7 - $ip = $_SERVER['LOCAL_ADDR']; - } - // Try to determine the DNS name of the server - if (!empty($ip)) { - $dns = gethostbyaddr($ip); - } - $multiClassName = 'CAS_Request_CurlMultiRequest'; - $multiRequest = new $multiClassName(); - - for ($i = 0; $i < sizeof($this->_rebroadcast_nodes); $i++) { - if ((($this->_getNodeType($this->_rebroadcast_nodes[$i]) == self::HOSTNAME) && !empty($dns) && (stripos($this->_rebroadcast_nodes[$i], $dns) === false)) - || (($this->_getNodeType($this->_rebroadcast_nodes[$i]) == self::IP) && !empty($ip) && (stripos($this->_rebroadcast_nodes[$i], $ip) === false)) - ) { - phpCAS::trace( - 'Rebroadcast target URL: '.$this->_rebroadcast_nodes[$i] - .$_SERVER['REQUEST_URI'] - ); - $className = $this->_requestImplementation; - $request = new $className(); - - $url = $this->_rebroadcast_nodes[$i].$_SERVER['REQUEST_URI']; - $request->setUrl($url); - - if (count($this->_rebroadcast_headers)) { - $request->addHeaders($this->_rebroadcast_headers); - } - - $request->makePost(); - if ($type == self::LOGOUT) { - // Logout request - $request->setPostBody( - 'rebroadcast=false&logoutRequest='.$_POST['logoutRequest'] - ); - } else if ($type == self::PGTIOU) { - // pgtIou/pgtId rebroadcast - $request->setPostBody('rebroadcast=false'); - } - - $request->setCurlOptions($rebroadcast_curl_options); - - $multiRequest->addRequest($request); - } else { - phpCAS::trace( - 'Rebroadcast not sent to self: ' - .$this->_rebroadcast_nodes[$i].' == '.(!empty($ip)?$ip:'') - .'/'.(!empty($dns)?$dns:'') - ); - } - } - // We need at least 1 request - if ($multiRequest->getNumRequests() > 0) { - $multiRequest->send(); - } - phpCAS::traceEnd(); - } - - /** @} */ -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/CookieJar.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/CookieJar.php deleted file mode 100644 index b2439373..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/CookieJar.php +++ /dev/null @@ -1,385 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This class provides access to service cookies and handles parsing of response - * headers to pull out cookie values. - * - * @class CAS_CookieJar - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_CookieJar -{ - - private $_cookies; - - /** - * Create a new cookie jar by passing it a reference to an array in which it - * should store cookies. - * - * @param array &$storageArray Array to store cookies - * - * @return void - */ - public function __construct (array &$storageArray) - { - $this->_cookies =& $storageArray; - } - - /** - * Store cookies for a web service request. - * Cookie storage is based on RFC 2965: http://www.ietf.org/rfc/rfc2965.txt - * - * @param string $request_url The URL that generated the response headers. - * @param array $response_headers An array of the HTTP response header strings. - * - * @return void - * - * @access private - */ - public function storeCookies ($request_url, $response_headers) - { - $urlParts = parse_url($request_url); - $defaultDomain = $urlParts['host']; - - $cookies = $this->parseCookieHeaders($response_headers, $defaultDomain); - - foreach ($cookies as $cookie) { - // Enforce the same-origin policy by verifying that the cookie - // would match the url that is setting it - if (!$this->cookieMatchesTarget($cookie, $urlParts)) { - continue; - } - - // store the cookie - $this->storeCookie($cookie); - - phpCAS::trace($cookie['name'].' -> '.$cookie['value']); - } - } - - /** - * Retrieve cookies applicable for a web service request. - * Cookie applicability is based on RFC 2965: http://www.ietf.org/rfc/rfc2965.txt - * - * @param string $request_url The url that the cookies will be for. - * - * @return array An array containing cookies. E.g. array('name' => 'val'); - * - * @access private - */ - public function getCookies ($request_url) - { - if (!count($this->_cookies)) { - return array(); - } - - // If our request URL can't be parsed, no cookies apply. - $target = parse_url($request_url); - if ($target === false) { - return array(); - } - - $this->expireCookies(); - - $matching_cookies = array(); - foreach ($this->_cookies as $key => $cookie) { - if ($this->cookieMatchesTarget($cookie, $target)) { - $matching_cookies[$cookie['name']] = $cookie['value']; - } - } - return $matching_cookies; - } - - - /** - * Parse Cookies without PECL - * From the comments in http://php.net/manual/en/function.http-parse-cookie.php - * - * @param array $header array of header lines. - * @param string $defaultDomain The domain to use if none is specified in - * the cookie. - * - * @return array of cookies - */ - protected function parseCookieHeaders( $header, $defaultDomain ) - { - phpCAS::traceBegin(); - $cookies = array(); - foreach ( $header as $line ) { - if ( preg_match('/^Set-Cookie2?: /i', $line)) { - $cookies[] = $this->parseCookieHeader($line, $defaultDomain); - } - } - - phpCAS::traceEnd($cookies); - return $cookies; - } - - /** - * Parse a single cookie header line. - * - * Based on RFC2965 http://www.ietf.org/rfc/rfc2965.txt - * - * @param string $line The header line. - * @param string $defaultDomain The domain to use if none is specified in - * the cookie. - * - * @return array - */ - protected function parseCookieHeader ($line, $defaultDomain) - { - if (!$defaultDomain) { - throw new CAS_InvalidArgumentException( - '$defaultDomain was not provided.' - ); - } - - // Set our default values - $cookie = array( - 'domain' => $defaultDomain, - 'path' => '/', - 'secure' => false, - ); - - $line = preg_replace('/^Set-Cookie2?: /i', '', trim($line)); - - // trim any trailing semicolons. - $line = trim($line, ';'); - - phpCAS::trace("Cookie Line: $line"); - - // This implementation makes the assumption that semicolons will not - // be present in quoted attribute values. While attribute values that - // contain semicolons are allowed by RFC2965, they are hopefully rare - // enough to ignore for our purposes. Most browsers make the same - // assumption. - $attributeStrings = explode(';', $line); - - foreach ( $attributeStrings as $attributeString ) { - // split on the first equals sign and use the rest as value - $attributeParts = explode('=', $attributeString, 2); - - $attributeName = trim($attributeParts[0]); - $attributeNameLC = strtolower($attributeName); - - if (isset($attributeParts[1])) { - $attributeValue = trim($attributeParts[1]); - // Values may be quoted strings. - if (strpos($attributeValue, '"') === 0) { - $attributeValue = trim($attributeValue, '"'); - // unescape any escaped quotes: - $attributeValue = str_replace('\"', '"', $attributeValue); - } - } else { - $attributeValue = null; - } - - switch ($attributeNameLC) { - case 'expires': - $cookie['expires'] = strtotime($attributeValue); - break; - case 'max-age': - $cookie['max-age'] = (int)$attributeValue; - // Set an expiry time based on the max-age - if ($cookie['max-age']) { - $cookie['expires'] = time() + $cookie['max-age']; - } else { - // If max-age is zero, then the cookie should be removed - // imediately so set an expiry before now. - $cookie['expires'] = time() - 1; - } - break; - case 'secure': - $cookie['secure'] = true; - break; - case 'domain': - case 'path': - case 'port': - case 'version': - case 'comment': - case 'commenturl': - case 'discard': - case 'httponly': - case 'samesite': - $cookie[$attributeNameLC] = $attributeValue; - break; - default: - $cookie['name'] = $attributeName; - $cookie['value'] = $attributeValue; - } - } - - return $cookie; - } - - /** - * Add, update, or remove a cookie. - * - * @param array $cookie A cookie array as created by parseCookieHeaders() - * - * @return void - * - * @access protected - */ - protected function storeCookie ($cookie) - { - // Discard any old versions of this cookie. - $this->discardCookie($cookie); - $this->_cookies[] = $cookie; - - } - - /** - * Discard an existing cookie - * - * @param array $cookie An cookie - * - * @return void - * - * @access protected - */ - protected function discardCookie ($cookie) - { - if (!isset($cookie['domain']) - || !isset($cookie['path']) - || !isset($cookie['path']) - ) { - throw new CAS_InvalidArgumentException('Invalid Cookie array passed.'); - } - - foreach ($this->_cookies as $key => $old_cookie) { - if ( $cookie['domain'] == $old_cookie['domain'] - && $cookie['path'] == $old_cookie['path'] - && $cookie['name'] == $old_cookie['name'] - ) { - unset($this->_cookies[$key]); - } - } - } - - /** - * Go through our stored cookies and remove any that are expired. - * - * @return void - * - * @access protected - */ - protected function expireCookies () - { - foreach ($this->_cookies as $key => $cookie) { - if (isset($cookie['expires']) && $cookie['expires'] < time()) { - unset($this->_cookies[$key]); - } - } - } - - /** - * Answer true if cookie is applicable to a target. - * - * @param array $cookie An array of cookie attributes. - * @param array|false $target An array of URL attributes as generated by parse_url(). - * - * @return bool - * - * @access private - */ - protected function cookieMatchesTarget ($cookie, $target) - { - if (!is_array($target)) { - throw new CAS_InvalidArgumentException( - '$target must be an array of URL attributes as generated by parse_url().' - ); - } - if (!isset($target['host'])) { - throw new CAS_InvalidArgumentException( - '$target must be an array of URL attributes as generated by parse_url().' - ); - } - - // Verify that the scheme matches - if ($cookie['secure'] && $target['scheme'] != 'https') { - return false; - } - - // Verify that the host matches - // Match domain and mulit-host cookies - if (strpos($cookie['domain'], '.') === 0) { - // .host.domain.edu cookies are valid for host.domain.edu - if (substr($cookie['domain'], 1) == $target['host']) { - // continue with other checks - } else { - // non-exact host-name matches. - // check that the target host a.b.c.edu is within .b.c.edu - $pos = strripos($target['host'], $cookie['domain']); - if (!$pos) { - return false; - } - // verify that the cookie domain is the last part of the host. - if ($pos + strlen($cookie['domain']) != strlen($target['host'])) { - return false; - } - // verify that the host name does not contain interior dots as per - // RFC 2965 section 3.3.2 Rejecting Cookies - // http://www.ietf.org/rfc/rfc2965.txt - $hostname = substr($target['host'], 0, $pos); - if (strpos($hostname, '.') !== false) { - return false; - } - } - } else { - // If the cookie host doesn't begin with '.', - // the host must case-insensitive match exactly - if (strcasecmp($target['host'], $cookie['domain']) !== 0) { - return false; - } - } - - // Verify that the port matches - if (isset($cookie['ports']) - && !in_array($target['port'], $cookie['ports']) - ) { - return false; - } - - // Verify that the path matches - if (strpos($target['path'], $cookie['path']) !== 0) { - return false; - } - - return true; - } - -} - -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Exception.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Exception.php deleted file mode 100644 index 2ff7cd65..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Exception.php +++ /dev/null @@ -1,59 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * A root exception interface for all exceptions in phpCAS. - * - * All exceptions thrown in phpCAS should implement this interface to allow them - * to be caught as a category by clients. Each phpCAS exception should extend - * an appropriate SPL exception class that best fits its type. - * - * For example, an InvalidArgumentException in phpCAS should be defined as - * - * class CAS_InvalidArgumentException - * extends InvalidArgumentException - * implements CAS_Exception - * { } - * - * This definition allows the CAS_InvalidArgumentException to be caught as either - * an InvalidArgumentException or as a CAS_Exception. - * - * @class CAS_Exception - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - */ -interface CAS_Exception -{ - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/GracefullTerminationException.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/GracefullTerminationException.php deleted file mode 100644 index 29aa638c..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/GracefullTerminationException.php +++ /dev/null @@ -1,86 +0,0 @@ - - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * An exception for terminatinating execution or to throw for unit testing - * - * @class CAS_GracefullTerminationException.php - * @category Authentication - * @package PhpCAS - * @author Joachim Fritschi - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -class CAS_GracefullTerminationException -extends RuntimeException -implements CAS_Exception -{ - - /** - * Test if exceptions should be thrown or if we should just exit. - * In production usage we want to just exit cleanly when prompting the user - * for a redirect without filling the error logs with uncaught exceptions. - * In unit testing scenarios we cannot exit or we won't be able to continue - * with our tests. - * - * @param string $message Message Text - * @param int $code Error code - * - * @return self - */ - public function __construct ($message = 'Terminate Gracefully', $code = 0) - { - // Exit cleanly to avoid filling up the logs with uncaught exceptions. - if (self::$_exitWhenThrown) { - exit; - } else { - // Throw exceptions to allow unit testing to continue; - parent::__construct($message, $code); - } - } - - private static $_exitWhenThrown = true; - /** - * Force phpcas to thow Exceptions instead of calling exit() - * Needed for unit testing. Generally shouldn't be used in production due to - * an increase in Apache error logging if CAS_GracefulTerminiationExceptions - * are not caught and handled. - * - * @return void - */ - public static function throwInsteadOfExiting() - { - self::$_exitWhenThrown = false; - } - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/InvalidArgumentException.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/InvalidArgumentException.php deleted file mode 100644 index 99be2ac3..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/InvalidArgumentException.php +++ /dev/null @@ -1,46 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Exception that denotes invalid arguments were passed. - * - * @class CAS_InvalidArgumentException - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_InvalidArgumentException -extends InvalidArgumentException -implements CAS_Exception -{ - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Catalan.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Catalan.php deleted file mode 100644 index 1ead905f..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Catalan.php +++ /dev/null @@ -1,114 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Catalan language class - * - * @class CAS_Languages_Catalan - * @category Authentication - * @package PhpCAS - * @author Iván-Benjamín García Torà - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - * @sa @link internalLang Internationalization @endlink - * @ingroup internalLang - */ -class CAS_Languages_Catalan implements CAS_Languages_LanguageInterface -{ - /** - * Get the using server string - * - * @return string using server - */ - public function getUsingServer() - { - return 'usant servidor'; - } - - /** - * Get authentication wanted string - * - * @return string authentication wanted - */ - public function getAuthenticationWanted() - { - return 'Autentificació CAS necessària!'; - } - - /** - * Get logout string - * - * @return string logout - */ - public function getLogout() - { - return 'Sortida de CAS necessària!'; - } - - /** - * Get the should have been redirected string - * - * @return string should habe been redirected - */ - public function getShouldHaveBeenRedirected() - { - return 'Ja hauria d\ haver estat redireccionat al servidor CAS. Feu click aquí per a continuar.'; - } - - /** - * Get authentication failed string - * - * @return string authentication failed - */ - public function getAuthenticationFailed() - { - return 'Autentificació CAS fallida!'; - } - - /** - * Get the your were not authenticated string - * - * @return string not authenticated - */ - public function getYouWereNotAuthenticated() - { - return '

No estàs autentificat.

Pots tornar a intentar-ho fent click aquí.

Si el problema persisteix hauría de contactar amb l\'administrador d\'aquest llocc.

'; - } - - /** - * Get the service unavailable string - * - * @return string service unavailable - */ - public function getServiceUnavailable() - { - return 'El servei `%s\' no està disponible (%s).'; - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/ChineseSimplified.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/ChineseSimplified.php deleted file mode 100644 index 5e33cb65..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/ChineseSimplified.php +++ /dev/null @@ -1,114 +0,0 @@ -, Phy25 - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Chinese Simplified language class - * - * @class CAS_Languages_ChineseSimplified - * @category Authentication - * @package PhpCAS - * @author Pascal Aubry , Phy25 - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - * @sa @link internalLang Internationalization @endlink - * @ingroup internalLang - */ -class CAS_Languages_ChineseSimplified implements CAS_Languages_LanguageInterface -{ - /** - * Get the using server string - * - * @return string using server - */ - public function getUsingServer() - { - return '连接的服务器'; - } - - /** - * Get authentication wanted string - * - * @return string authentication wanted - */ - public function getAuthenticationWanted() - { - return '请进行 CAS 认证!'; - } - - /** - * Get logout string - * - * @return string logout - */ - public function getLogout() - { - return '请进行 CAS 登出!'; - } - - /** - * Get the should have been redirected string - * - * @return string should habe been redirected - */ - public function getShouldHaveBeenRedirected() - { - return '你正被重定向到 CAS 服务器。点击这里继续。'; - } - - /** - * Get authentication failed string - * - * @return string authentication failed - */ - public function getAuthenticationFailed() - { - return 'CAS 认证失败!'; - } - - /** - * Get the your were not authenticated string - * - * @return string not authenticated - */ - public function getYouWereNotAuthenticated() - { - return '

你没有成功登录。

你可以点击这里重新登录

如果问题依然存在,请联系本站管理员

'; - } - - /** - * Get the service unavailable string - * - * @return string service unavailable - */ - public function getServiceUnavailable() - { - return '服务器 %s 不可用(%s)。'; - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/English.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/English.php deleted file mode 100644 index cb13bde9..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/English.php +++ /dev/null @@ -1,114 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * English language class - * - * @class CAS_Languages_English - * @category Authentication - * @package PhpCAS - * @author Pascal Aubry - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - * @sa @link internalLang Internationalization @endlink - * @ingroup internalLang - */ -class CAS_Languages_English implements CAS_Languages_LanguageInterface -{ - /** - * Get the using server string - * - * @return string using server - */ - public function getUsingServer() - { - return 'using server'; - } - - /** - * Get authentication wanted string - * - * @return string authentication wanted - */ - public function getAuthenticationWanted() - { - return 'CAS Authentication wanted!'; - } - - /** - * Get logout string - * - * @return string logout - */ - public function getLogout() - { - return 'CAS logout wanted!'; - } - - /** - * Get the should have been redirected string - * - * @return string should habe been redirected - */ - public function getShouldHaveBeenRedirected() - { - return 'You should already have been redirected to the CAS server. Click here to continue.'; - } - - /** - * Get authentication failed string - * - * @return string authentication failed - */ - public function getAuthenticationFailed() - { - return 'CAS Authentication failed!'; - } - - /** - * Get the your were not authenticated string - * - * @return string not authenticated - */ - public function getYouWereNotAuthenticated() - { - return '

You were not authenticated.

You may submit your request again by clicking here.

If the problem persists, you may contact the administrator of this site.

'; - } - - /** - * Get the service unavailable string - * - * @return string service unavailable - */ - public function getServiceUnavailable() - { - return 'The service `%s\' is not available (%s).'; - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/French.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/French.php deleted file mode 100644 index 14f65aba..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/French.php +++ /dev/null @@ -1,116 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * French language class - * - * @class CAS_Languages_French - * @category Authentication - * @package PhpCAS - * @author Pascal Aubry - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - * @sa @link internalLang Internationalization @endlink - * @ingroup internalLang - */ -class CAS_Languages_French implements CAS_Languages_LanguageInterface -{ - /** - * Get the using server string - * - * @return string using server - */ - public function getUsingServer() - { - return 'utilisant le serveur'; - } - - /** - * Get authentication wanted string - * - * @return string authentication wanted - */ - public function getAuthenticationWanted() - { - return 'Authentication CAS nécessaire !'; - } - - /** - * Get logout string - * - * @return string logout - */ - public function getLogout() - { - return 'Déconnexion demandée !'; - } - - /** - * Get the should have been redirected string - * - * @return string should habe been redirected - */ - public function getShouldHaveBeenRedirected() - { - return 'Vous auriez du etre redirigé(e) vers le serveur CAS. Cliquez ici pour continuer.'; - } - - /** - * Get authentication failed string - * - * @return string authentication failed - */ - public function getAuthenticationFailed() - { - return 'Authentification CAS infructueuse !'; - } - - /** - * Get the your were not authenticated string - * - * @return string not authenticated - */ - public function getYouWereNotAuthenticated() - { - return '

Vous n\'avez pas été authentifié(e).

Vous pouvez soumettre votre requete à nouveau en cliquant ici.

Si le problème persiste, vous pouvez contacter l\'administrateur de ce site.

'; - } - - /** - * Get the service unavailable string - * - * @return string service unavailable - */ - public function getServiceUnavailable() - { - return 'Le service `%s\' est indisponible (%s)'; - } -} - -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/German.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/German.php deleted file mode 100644 index b718b145..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/German.php +++ /dev/null @@ -1,116 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * German language class - * - * @class CAS_Languages_German - * @category Authentication - * @package PhpCAS - * @author Henrik Genssen - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - * @sa @link internalLang Internationalization @endlink - * @ingroup internalLang - */ -class CAS_Languages_German implements CAS_Languages_LanguageInterface -{ - /** - * Get the using server string - * - * @return string using server - */ - public function getUsingServer() - { - return 'via Server'; - } - - /** - * Get authentication wanted string - * - * @return string authentication wanted - */ - public function getAuthenticationWanted() - { - return 'CAS Authentifizierung erforderlich!'; - } - - /** - * Get logout string - * - * @return string logout - */ - public function getLogout() - { - return 'CAS Abmeldung!'; - } - - /** - * Get the should have been redirected string - * - * @return string should habe been redirected - */ - public function getShouldHaveBeenRedirected() - { - return 'eigentlich häten Sie zum CAS Server weitergeleitet werden sollen. Drücken Sie hier um fortzufahren.'; - } - - /** - * Get authentication failed string - * - * @return string authentication failed - */ - public function getAuthenticationFailed() - { - return 'CAS Anmeldung fehlgeschlagen!'; - } - - /** - * Get the your were not authenticated string - * - * @return string not authenticated - */ - public function getYouWereNotAuthenticated() - { - return '

Sie wurden nicht angemeldet.

Um es erneut zu versuchen klicken Sie hier.

Wenn das Problem bestehen bleibt, kontaktieren Sie den Administrator dieser Seite.

'; - } - - /** - * Get the service unavailable string - * - * @return string service unavailable - */ - public function getServiceUnavailable() - { - return 'Der Dienst `%s\' ist nicht verfügbar (%s).'; - } -} - -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Greek.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Greek.php deleted file mode 100644 index 1cfb107e..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Greek.php +++ /dev/null @@ -1,115 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Greek language class - * - * @class CAS_Languages_Greek - * @category Authentication - * @package PhpCAS - * @author Vangelis Haniotakis - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - * @sa @link internalLang Internationalization @endlink - * @ingroup internalLang - */ -class CAS_Languages_Greek implements CAS_Languages_LanguageInterface -{ - /** - * Get the using server string - * - * @return string using server - */ - public function getUsingServer() - { - return 'χρησιμοποιείται ο εξυπηρετητής'; - } - - /** - * Get authentication wanted string - * - * @return string authentication wanted - */ - public function getAuthenticationWanted() - { - return 'Απαιτείται η ταυτοποίηση CAS!'; - } - - /** - * Get logout string - * - * @return string logout - */ - public function getLogout() - { - return 'Απαιτείται η αποσύνδεση από CAS!'; - } - - /** - * Get the should have been redirected string - * - * @return string should habe been redirected - */ - public function getShouldHaveBeenRedirected() - { - return 'Θα έπρεπε να είχατε ανακατευθυνθεί στον εξυπηρετητή CAS. Κάντε κλίκ εδώ για να συνεχίσετε.'; - } - - /** - * Get authentication failed string - * - * @return string authentication failed - */ - public function getAuthenticationFailed() - { - return 'Η ταυτοποίηση CAS απέτυχε!'; - } - - /** - * Get the your were not authenticated string - * - * @return string not authenticated - */ - public function getYouWereNotAuthenticated() - { - return '

Δεν ταυτοποιηθήκατε.

Μπορείτε να ξαναπροσπαθήσετε, κάνοντας κλίκ εδώ.

Εαν το πρόβλημα επιμείνει, ελάτε σε επαφή με τον διαχειριστή.

'; - } - - /** - * Get the service unavailable string - * - * @return string service unavailable - */ - public function getServiceUnavailable() - { - return 'Η υπηρεσία `%s\' δεν είναι διαθέσιμη (%s).'; - } -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Japanese.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Japanese.php deleted file mode 100644 index 56814845..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Japanese.php +++ /dev/null @@ -1,113 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Japanese language class. Now Encoding is UTF-8. - * - * @class CAS_Languages_Japanese - * @category Authentication - * @package PhpCAS - * @author fnorif - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - **/ -class CAS_Languages_Japanese implements CAS_Languages_LanguageInterface -{ - /** - * Get the using server string - * - * @return string using server - */ - public function getUsingServer() - { - return 'サーバーを使っています。'; - } - - /** - * Get authentication wanted string - * - * @return string authentication wanted - */ - public function getAuthenticationWanted() - { - return 'CASによる認証を行います。'; - } - - /** - * Get logout string - * - * @return string logout - */ - public function getLogout() - { - return 'CASからログアウトします!'; - } - - /** - * Get the should have been redirected string - * - * @return string should habe been redirected - */ - public function getShouldHaveBeenRedirected() - { - return 'CASサーバに行く必要があります。自動的に転送されない場合は こちら をクリックして続行します。'; - } - - /** - * Get authentication failed string - * - * @return string authentication failed - */ - public function getAuthenticationFailed() - { - return 'CASによる認証に失敗しました。'; - } - - /** - * Get the your were not authenticated string - * - * @return string not authenticated - */ - public function getYouWereNotAuthenticated() - { - return '

認証できませんでした。

もう一度リクエストを送信する場合はこちらをクリック。

問題が解決しない場合は このサイトの管理者に問い合わせてください。

'; - } - - /** - * Get the service unavailable string - * - * @return string service unavailable - */ - public function getServiceUnavailable() - { - return 'サービス `%s\' は利用できません (%s)。'; - } -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/LanguageInterface.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/LanguageInterface.php deleted file mode 100644 index dfb0ac51..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/LanguageInterface.php +++ /dev/null @@ -1,96 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Language Interface class for all internationalization files - * - * @class CAS_Languages_LanguageInterface - * @category Authentication - * @package PhpCAS - * @author Joachim Fritschi - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - * @sa @link internalLang Internationalization @endlink - * @ingroup internalLang - */ - -interface CAS_Languages_LanguageInterface -{ - /** - * Get the using server string - * - * @return string using server - */ - public function getUsingServer(); - - /** - * Get authentication wanted string - * - * @return string authentication wanted - */ - public function getAuthenticationWanted(); - - /** - * Get logout string - * - * @return string logout - */ - public function getLogout(); - - /** - * Get the should have been redirected string - * - * @return string should habe been redirected - */ - public function getShouldHaveBeenRedirected(); - - /** - * Get authentication failed string - * - * @return string authentication failed - */ - public function getAuthenticationFailed(); - - /** - * Get the your were not authenticated string - * - * @return string not authenticated - */ - public function getYouWereNotAuthenticated(); - - /** - * Get the service unavailable string - * - * @return string service unavailable - */ - public function getServiceUnavailable(); - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Spanish.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Spanish.php deleted file mode 100644 index c6ea50e7..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Languages/Spanish.php +++ /dev/null @@ -1,117 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Spanish language class - * - * @class CAS_Languages_Spanish - * @category Authentication - * @package PhpCAS - * @author Iván-Benjamín García Torà - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - - * @sa @link internalLang Internationalization @endlink - * @ingroup internalLang - */ -class CAS_Languages_Spanish implements CAS_Languages_LanguageInterface -{ - - /** - * Get the using server string - * - * @return string using server - */ - public function getUsingServer() - { - return 'usando servidor'; - } - - /** - * Get authentication wanted string - * - * @return string authentication wanted - */ - public function getAuthenticationWanted() - { - return '¡Autentificación CAS necesaria!'; - } - - /** - * Get logout string - * - * @return string logout - */ - public function getLogout() - { - return '¡Salida CAS necesaria!'; - } - - /** - * Get the should have been redirected string - * - * @return string should habe been redirected - */ - public function getShouldHaveBeenRedirected() - { - return 'Ya debería haber sido redireccionado al servidor CAS. Haga click aquí para continuar.'; - } - - /** - * Get authentication failed string - * - * @return string authentication failed - */ - public function getAuthenticationFailed() - { - return '¡Autentificación CAS fallida!'; - } - - /** - * Get the your were not authenticated string - * - * @return string not authenticated - */ - public function getYouWereNotAuthenticated() - { - return '

No estás autentificado.

Puedes volver a intentarlo haciendo click aquí.

Si el problema persiste debería contactar con el administrador de este sitio.

'; - } - - /** - * Get the service unavailable string - * - * @return string service unavailable - */ - public function getServiceUnavailable() - { - return 'El servicio `%s\' no está disponible (%s).'; - } -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeAuthenticationCallException.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeAuthenticationCallException.php deleted file mode 100644 index d4d7680d..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeAuthenticationCallException.php +++ /dev/null @@ -1,56 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This class defines Exceptions that should be thrown when the sequence of - * operations is invalid. In this case it should be thrown when an - * authentication call has not yet happened. - * - * @class CAS_OutOfSequenceBeforeAuthenticationCallException - * @category Authentication - * @package PhpCAS - * @author Joachim Fritschi - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_OutOfSequenceBeforeAuthenticationCallException -extends CAS_OutOfSequenceException -implements CAS_Exception -{ - /** - * Return standard error meessage - * - * @return void - */ - public function __construct () - { - parent::__construct('An authentication call hasn\'t happened yet.'); - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeClientException.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeClientException.php deleted file mode 100644 index 6c2c39c5..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeClientException.php +++ /dev/null @@ -1,58 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This class defines Exceptions that should be thrown when the sequence of - * operations is invalid. In this case it should be thrown when the client() or - * proxy() call has not yet happened and no client or proxy object exists. - * - * @class CAS_OutOfSequenceBeforeClientException - * @category Authentication - * @package PhpCAS - * @author Joachim Fritschi - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_OutOfSequenceBeforeClientException -extends CAS_OutOfSequenceException -implements CAS_Exception -{ - /** - * Return standard error message - * - * @return void - */ - public function __construct () - { - parent::__construct( - 'this method cannot be called before phpCAS::client() or phpCAS::proxy()' - ); - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeProxyException.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeProxyException.php deleted file mode 100644 index 79915552..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeProxyException.php +++ /dev/null @@ -1,59 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This class defines Exceptions that should be thrown when the sequence of - * operations is invalid. In this case it should be thrown when the proxy() call - * has not yet happened and no proxy object exists. - * - * @class CAS_OutOfSequenceBeforeProxyException - * @category Authentication - * @package PhpCAS - * @author Joachim Fritschi - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_OutOfSequenceBeforeProxyException -extends CAS_OutOfSequenceException -implements CAS_Exception -{ - - /** - * Return standard error message - * - * @return void - */ - public function __construct () - { - parent::__construct( - 'this method cannot be called before phpCAS::proxy()' - ); - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceException.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceException.php deleted file mode 100644 index d6f7d88f..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/OutOfSequenceException.php +++ /dev/null @@ -1,49 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This class defines Exceptions that should be thrown when the sequence of - * operations is invalid. Examples are: - * - Requesting the response before executing a request. - * - Changing the URL of a request after executing the request. - * - * @class CAS_OutOfSequenceException - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_OutOfSequenceException -extends BadMethodCallException -implements CAS_Exception -{ - -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/AbstractStorage.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/AbstractStorage.php deleted file mode 100644 index a93568d6..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/AbstractStorage.php +++ /dev/null @@ -1,222 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Basic class for PGT storage - * The CAS_PGTStorage_AbstractStorage class is a generic class for PGT storage. - * This class should not be instanciated itself but inherited by specific PGT - * storage classes. - * - * @class CAS_PGTStorage_AbstractStorage - * @category Authentication - * @package PhpCAS - * @author Pascal Aubry - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - * @ingroup internalPGTStorage - */ - -abstract class CAS_PGTStorage_AbstractStorage -{ - /** - * @addtogroup internalPGTStorage - * @{ - */ - - // ######################################################################## - // CONSTRUCTOR - // ######################################################################## - - /** - * The constructor of the class, should be called only by inherited classes. - * - * @param CAS_Client $cas_parent the CAS _client instance that creates the - * current object. - * - * @return void - * - * @protected - */ - function __construct($cas_parent) - { - phpCAS::traceBegin(); - if ( !$cas_parent->isProxy() ) { - phpCAS::error( - 'defining PGT storage makes no sense when not using a CAS proxy' - ); - } - phpCAS::traceEnd(); - } - - // ######################################################################## - // DEBUGGING - // ######################################################################## - - /** - * This virtual method returns an informational string giving the type of storage - * used by the object (used for debugging purposes). - * - * @return string - * - * @public - */ - function getStorageType() - { - phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); - } - - /** - * This virtual method returns an informational string giving informations on the - * parameters of the storage.(used for debugging purposes). - * - * @return string - * - * @public - */ - function getStorageInfo() - { - phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); - } - - // ######################################################################## - // ERROR HANDLING - // ######################################################################## - - /** - * string used to store an error message. Written by - * PGTStorage::setErrorMessage(), read by PGTStorage::getErrorMessage(). - * - * @hideinitializer - * @deprecated not used. - */ - var $_error_message=false; - - /** - * This method sets en error message, which can be read later by - * PGTStorage::getErrorMessage(). - * - * @param string $error_message an error message - * - * @return void - * - * @deprecated not used. - */ - function setErrorMessage($error_message) - { - $this->_error_message = $error_message; - } - - /** - * This method returns an error message set by PGTStorage::setErrorMessage(). - * - * @return string an error message when set by PGTStorage::setErrorMessage(), FALSE - * otherwise. - * - * @deprecated not used. - */ - function getErrorMessage() - { - return $this->_error_message; - } - - // ######################################################################## - // INITIALIZATION - // ######################################################################## - - /** - * a boolean telling if the storage has already been initialized. Written by - * PGTStorage::init(), read by PGTStorage::isInitialized(). - * - * @hideinitializer - */ - var $_initialized = false; - - /** - * This method tells if the storage has already been intialized. - * - * @return bool - * - * @protected - */ - function isInitialized() - { - return $this->_initialized; - } - - /** - * This virtual method initializes the object. - * - * @return void - */ - function init() - { - $this->_initialized = true; - } - - // ######################################################################## - // PGT I/O - // ######################################################################## - - /** - * This virtual method stores a PGT and its corresponding PGT Iuo. - * - * @param string $pgt the PGT - * @param string $pgt_iou the PGT iou - * - * @return void - * - * @note Should never be called. - * - */ - function write($pgt,$pgt_iou) - { - phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); - } - - /** - * This virtual method reads a PGT corresponding to a PGT Iou and deletes - * the corresponding storage entry. - * - * @param string $pgt_iou the PGT iou - * - * @return string - * - * @note Should never be called. - */ - function read($pgt_iou) - { - phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); - } - - /** @} */ - -} - -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/Db.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/Db.php deleted file mode 100644 index 2efe5a3e..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/Db.php +++ /dev/null @@ -1,440 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -define('CAS_PGT_STORAGE_DB_DEFAULT_TABLE', 'cas_pgts'); - -/** - * Basic class for PGT database storage - * The CAS_PGTStorage_Db class is a class for PGT database storage. - * - * @class CAS_PGTStorage_Db - * @category Authentication - * @package PhpCAS - * @author Daniel Frett - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - * @ingroup internalPGTStorageDb - */ - -class CAS_PGTStorage_Db extends CAS_PGTStorage_AbstractStorage -{ - /** - * @addtogroup internalCAS_PGTStorageDb - * @{ - */ - - /** - * the PDO object to use for database interactions - */ - private $_pdo; - - /** - * This method returns the PDO object to use for database interactions. - * - * @return PDO object - */ - private function _getPdo() - { - return $this->_pdo; - } - - /** - * database connection options to use when creating a new PDO object - */ - private $_dsn; - private $_username; - private $_password; - private $_driver_options; - - /** - * @var string the table to use for storing/retrieving pgt's - */ - private $_table; - - /** - * This method returns the table to use when storing/retrieving PGT's - * - * @return string the name of the pgt storage table. - */ - private function _getTable() - { - return $this->_table; - } - - // ######################################################################## - // DEBUGGING - // ######################################################################## - - /** - * This method returns an informational string giving the type of storage - * used by the object (used for debugging purposes). - * - * @return string an informational string. - */ - public function getStorageType() - { - return "db"; - } - - /** - * This method returns an informational string giving informations on the - * parameters of the storage.(used for debugging purposes). - * - * @return string an informational string. - * @public - */ - public function getStorageInfo() - { - return 'table=`'.$this->_getTable().'\''; - } - - // ######################################################################## - // CONSTRUCTOR - // ######################################################################## - - /** - * The class constructor. - * - * @param CAS_Client $cas_parent the CAS_Client instance that creates - * the object. - * @param string $dsn_or_pdo a dsn string to use for creating a PDO - * object or a PDO object - * @param string $username the username to use when connecting to - * the database - * @param string $password the password to use when connecting to - * the database - * @param string $table the table to use for storing and - * retrieving PGT's - * @param string $driver_options any driver options to use when - * connecting to the database - */ - public function __construct( - $cas_parent, $dsn_or_pdo, $username='', $password='', $table='', - $driver_options=null - ) { - phpCAS::traceBegin(); - // call the ancestor's constructor - parent::__construct($cas_parent); - - // set default values - if ( empty($table) ) { - $table = CAS_PGT_STORAGE_DB_DEFAULT_TABLE; - } - if ( !is_array($driver_options) ) { - $driver_options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION); - } - - // store the specified parameters - if ($dsn_or_pdo instanceof PDO) { - $this->_pdo = $dsn_or_pdo; - } else { - $this->_dsn = $dsn_or_pdo; - $this->_username = $username; - $this->_password = $password; - $this->_driver_options = $driver_options; - } - - // store the table name - $this->_table = $table; - - phpCAS::traceEnd(); - } - - // ######################################################################## - // INITIALIZATION - // ######################################################################## - - /** - * This method is used to initialize the storage. Halts on error. - * - * @return void - */ - public function init() - { - phpCAS::traceBegin(); - // if the storage has already been initialized, return immediatly - if ($this->isInitialized()) { - return; - } - - // initialize the base object - parent::init(); - - // create the PDO object if it doesn't exist already - if (!($this->_pdo instanceof PDO)) { - try { - $this->_pdo = new PDO( - $this->_dsn, $this->_username, $this->_password, - $this->_driver_options - ); - } - catch(PDOException $e) { - phpCAS::error('Database connection error: ' . $e->getMessage()); - } - } - - phpCAS::traceEnd(); - } - - // ######################################################################## - // PDO database interaction - // ######################################################################## - - /** - * attribute that stores the previous error mode for the PDO handle while - * processing a transaction - */ - private $_errMode; - - /** - * This method will enable the Exception error mode on the PDO object - * - * @return void - */ - private function _setErrorMode() - { - // get PDO object and enable exception error mode - $pdo = $this->_getPdo(); - $this->_errMode = $pdo->getAttribute(PDO::ATTR_ERRMODE); - $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - } - - /** - * this method will reset the error mode on the PDO object - * - * @return void - */ - private function _resetErrorMode() - { - // get PDO object and reset the error mode to what it was originally - $pdo = $this->_getPdo(); - $pdo->setAttribute(PDO::ATTR_ERRMODE, $this->_errMode); - } - - // ######################################################################## - // database queries - // ######################################################################## - // these queries are potentially unsafe because the person using this library - // can set the table to use, but there is no reliable way to escape SQL - // fieldnames in PDO yet - - /** - * This method returns the query used to create a pgt storage table - * - * @return string the create table SQL, no bind params in query - */ - protected function createTableSql() - { - return 'CREATE TABLE ' . $this->_getTable() - . ' (pgt_iou VARCHAR(255) NOT NULL PRIMARY KEY, pgt VARCHAR(255) NOT NULL)'; - } - - /** - * This method returns the query used to store a pgt - * - * @return string the store PGT SQL, :pgt and :pgt_iou are the bind params contained - * in the query - */ - protected function storePgtSql() - { - return 'INSERT INTO ' . $this->_getTable() - . ' (pgt_iou, pgt) VALUES (:pgt_iou, :pgt)'; - } - - /** - * This method returns the query used to retrieve a pgt. the first column - * of the first row should contain the pgt - * - * @return string the retrieve PGT SQL, :pgt_iou is the only bind param contained - * in the query - */ - protected function retrievePgtSql() - { - return 'SELECT pgt FROM ' . $this->_getTable() . ' WHERE pgt_iou = :pgt_iou'; - } - - /** - * This method returns the query used to delete a pgt. - * - * @return string the delete PGT SQL, :pgt_iou is the only bind param contained in - * the query - */ - protected function deletePgtSql() - { - return 'DELETE FROM ' . $this->_getTable() . ' WHERE pgt_iou = :pgt_iou'; - } - - // ######################################################################## - // PGT I/O - // ######################################################################## - - /** - * This method creates the database table used to store pgt's and pgtiou's - * - * @return void - */ - public function createTable() - { - phpCAS::traceBegin(); - - // initialize this PGTStorage object if it hasn't been initialized yet - if ( !$this->isInitialized() ) { - $this->init(); - } - - // initialize the PDO object for this method - $pdo = $this->_getPdo(); - $this->_setErrorMode(); - - try { - $pdo->beginTransaction(); - - $query = $pdo->query($this->createTableSQL()); - $query->closeCursor(); - - $pdo->commit(); - } - catch(PDOException $e) { - // attempt rolling back the transaction before throwing a phpCAS error - try { - $pdo->rollBack(); - } - catch(PDOException $e) { - } - phpCAS::error('error creating PGT storage table: ' . $e->getMessage()); - } - - // reset the PDO object - $this->_resetErrorMode(); - - phpCAS::traceEnd(); - } - - /** - * This method stores a PGT and its corresponding PGT Iou in the database. - * Echoes a warning on error. - * - * @param string $pgt the PGT - * @param string $pgt_iou the PGT iou - * - * @return void - */ - public function write($pgt, $pgt_iou) - { - phpCAS::traceBegin(); - - // initialize the PDO object for this method - $pdo = $this->_getPdo(); - $this->_setErrorMode(); - - try { - $pdo->beginTransaction(); - - $query = $pdo->prepare($this->storePgtSql()); - $query->bindValue(':pgt', $pgt, PDO::PARAM_STR); - $query->bindValue(':pgt_iou', $pgt_iou, PDO::PARAM_STR); - $query->execute(); - $query->closeCursor(); - - $pdo->commit(); - } - catch(PDOException $e) { - // attempt rolling back the transaction before throwing a phpCAS error - try { - $pdo->rollBack(); - } - catch(PDOException $e) { - } - phpCAS::error('error writing PGT to database: ' . $e->getMessage()); - } - - // reset the PDO object - $this->_resetErrorMode(); - - phpCAS::traceEnd(); - } - - /** - * This method reads a PGT corresponding to a PGT Iou and deletes the - * corresponding db entry. - * - * @param string $pgt_iou the PGT iou - * - * @return string|false the corresponding PGT, or FALSE on error - */ - public function read($pgt_iou) - { - phpCAS::traceBegin(); - $pgt = false; - - // initialize the PDO object for this method - $pdo = $this->_getPdo(); - $this->_setErrorMode(); - - try { - $pdo->beginTransaction(); - - // fetch the pgt for the specified pgt_iou - $query = $pdo->prepare($this->retrievePgtSql()); - $query->bindValue(':pgt_iou', $pgt_iou, PDO::PARAM_STR); - $query->execute(); - $pgt = $query->fetchColumn(0); - $query->closeCursor(); - - // delete the specified pgt_iou from the database - $query = $pdo->prepare($this->deletePgtSql()); - $query->bindValue(':pgt_iou', $pgt_iou, PDO::PARAM_STR); - $query->execute(); - $query->closeCursor(); - - $pdo->commit(); - } - catch(PDOException $e) { - // attempt rolling back the transaction before throwing a phpCAS error - try { - $pdo->rollBack(); - } - catch(PDOException $e) { - } - phpCAS::trace('error reading PGT from database: ' . $e->getMessage()); - } - - // reset the PDO object - $this->_resetErrorMode(); - - phpCAS::traceEnd(); - return $pgt; - } - - /** @} */ - -} - -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/File.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/File.php deleted file mode 100644 index fbacd3b7..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/PGTStorage/File.php +++ /dev/null @@ -1,261 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * The CAS_PGTStorage_File class is a class for PGT file storage. An instance of - * this class is returned by CAS_Client::SetPGTStorageFile(). - * - * @class CAS_PGTStorage_File - * @category Authentication - * @package PhpCAS - * @author Pascal Aubry - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - * - * @ingroup internalPGTStorageFile - */ - -class CAS_PGTStorage_File extends CAS_PGTStorage_AbstractStorage -{ - /** - * @addtogroup internalPGTStorageFile - * @{ - */ - - /** - * a string telling where PGT's should be stored on the filesystem. Written by - * PGTStorageFile::PGTStorageFile(), read by getPath(). - * - * @private - */ - var $_path; - - /** - * This method returns the name of the directory where PGT's should be stored - * on the filesystem. - * - * @return string the name of a directory (with leading and trailing '/') - * - * @private - */ - function getPath() - { - return $this->_path; - } - - // ######################################################################## - // DEBUGGING - // ######################################################################## - - /** - * This method returns an informational string giving the type of storage - * used by the object (used for debugging purposes). - * - * @return string an informational string. - * @public - */ - function getStorageType() - { - return "file"; - } - - /** - * This method returns an informational string giving informations on the - * parameters of the storage.(used for debugging purposes). - * - * @return string an informational string. - * @public - */ - function getStorageInfo() - { - return 'path=`'.$this->getPath().'\''; - } - - // ######################################################################## - // CONSTRUCTOR - // ######################################################################## - - /** - * The class constructor, called by CAS_Client::SetPGTStorageFile(). - * - * @param CAS_Client $cas_parent the CAS_Client instance that creates the object. - * @param string $path the path where the PGT's should be stored - * - * @return void - * - * @public - */ - function __construct($cas_parent,$path) - { - phpCAS::traceBegin(); - // call the ancestor's constructor - parent::__construct($cas_parent); - - if (empty($path)) { - $path = CAS_PGT_STORAGE_FILE_DEFAULT_PATH; - } - // check that the path is an absolute path - if (getenv("OS")=="Windows_NT" || strtoupper(substr(PHP_OS,0,3)) == 'WIN') { - - if (!preg_match('`^[a-zA-Z]:`', $path)) { - phpCAS::error('an absolute path is needed for PGT storage to file'); - } - - } else { - - if ( $path[0] != '/' ) { - phpCAS::error('an absolute path is needed for PGT storage to file'); - } - - // store the path (with a leading and trailing '/') - $path = preg_replace('|[/]*$|', '/', $path); - $path = preg_replace('|^[/]*|', '/', $path); - } - - $this->_path = $path; - phpCAS::traceEnd(); - } - - // ######################################################################## - // INITIALIZATION - // ######################################################################## - - /** - * This method is used to initialize the storage. Halts on error. - * - * @return void - * @public - */ - function init() - { - phpCAS::traceBegin(); - // if the storage has already been initialized, return immediatly - if ($this->isInitialized()) { - return; - } - // call the ancestor's method (mark as initialized) - parent::init(); - phpCAS::traceEnd(); - } - - // ######################################################################## - // PGT I/O - // ######################################################################## - - /** - * This method returns the filename corresponding to a PGT Iou. - * - * @param string $pgt_iou the PGT iou. - * - * @return string a filename - * @private - */ - function getPGTIouFilename($pgt_iou) - { - phpCAS::traceBegin(); - $filename = $this->getPath()."phpcas-".hash("sha256", $pgt_iou); -// $filename = $this->getPath().$pgt_iou.'.plain'; - phpCAS::trace("Sha256 filename:" . $filename); - phpCAS::traceEnd(); - return $filename; - } - - /** - * This method stores a PGT and its corresponding PGT Iou into a file. Echoes a - * warning on error. - * - * @param string $pgt the PGT - * @param string $pgt_iou the PGT iou - * - * @return void - * - * @public - */ - function write($pgt,$pgt_iou) - { - phpCAS::traceBegin(); - $fname = $this->getPGTIouFilename($pgt_iou); - if (!file_exists($fname)) { - touch($fname); - // Chmod will fail on windows - @chmod($fname, 0600); - if ($f=fopen($fname, "w")) { - if (fputs($f, $pgt) === false) { - phpCAS::error('could not write PGT to `'.$fname.'\''); - } - phpCAS::trace('Successful write of PGT to `'.$fname.'\''); - fclose($f); - } else { - phpCAS::error('could not open `'.$fname.'\''); - } - } else { - phpCAS::error('File exists: `'.$fname.'\''); - } - phpCAS::traceEnd(); - } - - /** - * This method reads a PGT corresponding to a PGT Iou and deletes the - * corresponding file. - * - * @param string $pgt_iou the PGT iou - * - * @return string|false the corresponding PGT, or FALSE on error - * - * @public - */ - function read($pgt_iou) - { - phpCAS::traceBegin(); - $pgt = false; - $fname = $this->getPGTIouFilename($pgt_iou); - if (file_exists($fname)) { - if (!($f=fopen($fname, "r"))) { - phpCAS::error('could not open `'.$fname.'\''); - } else { - if (($pgt=fgets($f)) === false) { - phpCAS::error('could not read PGT from `'.$fname.'\''); - } - phpCAS::trace('Successful read of PGT to `'.$fname.'\''); - fclose($f); - } - // delete the PGT file - @unlink($fname); - } else { - phpCAS::error('No such file `'.$fname.'\''); - } - phpCAS::traceEnd($pgt); - return $pgt; - } - - /** @} */ - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService.php deleted file mode 100644 index 2673ee95..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService.php +++ /dev/null @@ -1,72 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This interface defines methods that allow proxy-authenticated service handlers - * to interact with phpCAS. - * - * Proxy service handlers must implement this interface as well as call - * phpCAS::initializeProxiedService($this) at some point in their implementation. - * - * While not required, proxy-authenticated service handlers are encouraged to - * implement the CAS_ProxiedService_Testable interface to facilitate unit testing. - * - * @class CAS_ProxiedService - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -interface CAS_ProxiedService -{ - - /** - * Answer a service identifier (URL) for whom we should fetch a proxy ticket. - * - * @return string - * @throws Exception If no service url is available. - */ - public function getServiceUrl (); - - /** - * Register a proxy ticket with the ProxiedService that it can use when - * making requests. - * - * @param string $proxyTicket Proxy ticket string - * - * @return void - * @throws InvalidArgumentException If the $proxyTicket is invalid. - * @throws CAS_OutOfSequenceException If called after a proxy ticket has - * already been initialized/set. - */ - public function setProxyTicket ($proxyTicket); - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Abstract.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Abstract.php deleted file mode 100644 index 0801c723..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Abstract.php +++ /dev/null @@ -1,149 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This class implements common methods for ProxiedService implementations included - * with phpCAS. - * - * @class CAS_ProxiedService_Abstract - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -abstract class CAS_ProxiedService_Abstract -implements CAS_ProxiedService, CAS_ProxiedService_Testable -{ - - /** - * The proxy ticket that can be used when making service requests. - * @var string $_proxyTicket; - */ - private $_proxyTicket; - - /** - * Register a proxy ticket with the Proxy that it can use when making requests. - * - * @param string $proxyTicket proxy ticket - * - * @return void - * @throws InvalidArgumentException If the $proxyTicket is invalid. - * @throws CAS_OutOfSequenceException If called after a proxy ticket has - * already been initialized/set. - */ - public function setProxyTicket ($proxyTicket) - { - if (empty($proxyTicket)) { - throw new CAS_InvalidArgumentException( - 'Trying to initialize with an empty proxy ticket.' - ); - } - if (!empty($this->_proxyTicket)) { - throw new CAS_OutOfSequenceException( - 'Already initialized, cannot change the proxy ticket.' - ); - } - $this->_proxyTicket = $proxyTicket; - } - - /** - * Answer the proxy ticket to be used when making requests. - * - * @return string - * @throws CAS_OutOfSequenceException If called before a proxy ticket has - * already been initialized/set. - */ - protected function getProxyTicket () - { - if (empty($this->_proxyTicket)) { - throw new CAS_OutOfSequenceException( - 'No proxy ticket yet. Call $this->initializeProxyTicket() to aquire the proxy ticket.' - ); - } - - return $this->_proxyTicket; - } - - /** - * @var CAS_Client $_casClient; - */ - private $_casClient; - - /** - * Use a particular CAS_Client->initializeProxiedService() rather than the - * static phpCAS::initializeProxiedService(). - * - * This method should not be called in standard operation, but is needed for unit - * testing. - * - * @param CAS_Client $casClient cas client - * - * @return void - * @throws CAS_OutOfSequenceException If called after a proxy ticket has - * already been initialized/set. - */ - public function setCasClient (CAS_Client $casClient) - { - if (!empty($this->_proxyTicket)) { - throw new CAS_OutOfSequenceException( - 'Already initialized, cannot change the CAS_Client.' - ); - } - - $this->_casClient = $casClient; - } - - /** - * Fetch our proxy ticket. - * - * Descendent classes should call this method once their service URL is available - * to initialize their proxy ticket. - * - * @return void - * @throws CAS_OutOfSequenceException If called after a proxy ticket has - * already been initialized. - */ - protected function initializeProxyTicket() - { - if (!empty($this->_proxyTicket)) { - throw new CAS_OutOfSequenceException( - 'Already initialized, cannot initialize again.' - ); - } - // Allow usage of a particular CAS_Client for unit testing. - if (empty($this->_casClient)) { - phpCAS::initializeProxiedService($this); - } else { - $this->_casClient->initializeProxiedService($this); - } - } - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Exception.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Exception.php deleted file mode 100644 index 0f87413d..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Exception.php +++ /dev/null @@ -1,46 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * An Exception for problems communicating with a proxied service. - * - * @class CAS_ProxiedService_Exception - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_ProxiedService_Exception -extends Exception -implements CAS_Exception -{ - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http.php deleted file mode 100644 index 4240b061..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http.php +++ /dev/null @@ -1,91 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This interface defines methods that clients should use for configuring, sending, - * and receiving proxied HTTP requests. - * - * @class CAS_ProxiedService_Http - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -interface CAS_ProxiedService_Http -{ - - /********************************************************* - * Configure the Request - *********************************************************/ - - /** - * Set the URL of the Request - * - * @param string $url Url to set - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function setUrl ($url); - - /********************************************************* - * 2. Send the Request - *********************************************************/ - - /** - * Perform the request. - * - * @return bool TRUE on success, FALSE on failure. - * @throws CAS_OutOfSequenceException If called multiple times. - */ - public function send (); - - /********************************************************* - * 3. Access the response - *********************************************************/ - - /** - * Answer the headers of the response. - * - * @return array An array of header strings. - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getResponseHeaders (); - - /** - * Answer the body of response. - * - * @return string - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getResponseBody (); - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Abstract.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Abstract.php deleted file mode 100644 index 8d55edd5..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Abstract.php +++ /dev/null @@ -1,360 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This class implements common methods for ProxiedService implementations included - * with phpCAS. - * - * @class CAS_ProxiedService_Http_Abstract - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -abstract class CAS_ProxiedService_Http_Abstract extends -CAS_ProxiedService_Abstract implements CAS_ProxiedService_Http -{ - /** - * The HTTP request mechanism talking to the target service. - * - * @var CAS_Request_RequestInterface $requestHandler - */ - protected $requestHandler; - - /** - * The storage mechanism for cookies set by the target service. - * - * @var CAS_CookieJar $_cookieJar - */ - private $_cookieJar; - - /** - * Constructor. - * - * @param CAS_Request_RequestInterface $requestHandler request handler object - * @param CAS_CookieJar $cookieJar cookieJar object - * - * @return void - */ - public function __construct(CAS_Request_RequestInterface $requestHandler, - CAS_CookieJar $cookieJar - ) { - $this->requestHandler = $requestHandler; - $this->_cookieJar = $cookieJar; - } - - /** - * The target service url. - * @var string $_url; - */ - private $_url; - - /** - * Answer a service identifier (URL) for whom we should fetch a proxy ticket. - * - * @return string - * @throws Exception If no service url is available. - */ - public function getServiceUrl() - { - if (empty($this->_url)) { - throw new CAS_ProxiedService_Exception( - 'No URL set via ' . get_class($this) . '->setUrl($url).' - ); - } - - return $this->_url; - } - - /********************************************************* - * Configure the Request - *********************************************************/ - - /** - * Set the URL of the Request - * - * @param string $url url to set - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function setUrl($url) - { - if ($this->hasBeenSent()) { - throw new CAS_OutOfSequenceException( - 'Cannot set the URL, request already sent.' - ); - } - if (!is_string($url)) { - throw new CAS_InvalidArgumentException('$url must be a string.'); - } - - $this->_url = $url; - } - - /********************************************************* - * 2. Send the Request - *********************************************************/ - - /** - * Perform the request. - * - * @return void - * @throws CAS_OutOfSequenceException If called multiple times. - * @throws CAS_ProxyTicketException If there is a proxy-ticket failure. - * The code of the Exception will be one of: - * PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE - * PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE - * PHPCAS_SERVICE_PT_FAILURE - * @throws CAS_ProxiedService_Exception If there is a failure sending the - * request to the target service. - */ - public function send() - { - if ($this->hasBeenSent()) { - throw new CAS_OutOfSequenceException( - 'Cannot send, request already sent.' - ); - } - - phpCAS::traceBegin(); - - // Get our proxy ticket and append it to our URL. - $this->initializeProxyTicket(); - $url = $this->getServiceUrl(); - if (strstr($url, '?') === false) { - $url = $url . '?ticket=' . $this->getProxyTicket(); - } else { - $url = $url . '&ticket=' . $this->getProxyTicket(); - } - - try { - $this->makeRequest($url); - } catch (Exception $e) { - phpCAS::traceEnd(); - throw $e; - } - } - - /** - * Indicator of the number of requests (including redirects performed. - * - * @var int $_numRequests; - */ - private $_numRequests = 0; - - /** - * The response headers. - * - * @var array $_responseHeaders; - */ - private $_responseHeaders = array(); - - /** - * The response status code. - * - * @var int $_responseStatusCode; - */ - private $_responseStatusCode = ''; - - /** - * The response headers. - * - * @var string $_responseBody; - */ - private $_responseBody = ''; - - /** - * Build and perform a request, following redirects - * - * @param string $url url for the request - * - * @return void - * @throws CAS_ProxyTicketException If there is a proxy-ticket failure. - * The code of the Exception will be one of: - * PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE - * PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE - * PHPCAS_SERVICE_PT_FAILURE - * @throws CAS_ProxiedService_Exception If there is a failure sending the - * request to the target service. - */ - protected function makeRequest($url) - { - // Verify that we are not in a redirect loop - $this->_numRequests++; - if ($this->_numRequests > 4) { - $message = 'Exceeded the maximum number of redirects (3) in proxied service request.'; - phpCAS::trace($message); - throw new CAS_ProxiedService_Exception($message); - } - - // Create a new request. - $request = clone $this->requestHandler; - $request->setUrl($url); - - // Add any cookies to the request. - $request->addCookies($this->_cookieJar->getCookies($url)); - - // Add any other parts of the request needed by concrete classes - $this->populateRequest($request); - - // Perform the request. - phpCAS::trace('Performing proxied service request to \'' . $url . '\''); - if (!$request->send()) { - $message = 'Could not perform proxied service request to URL`' - . $url . '\'. ' . $request->getErrorMessage(); - phpCAS::trace($message); - throw new CAS_ProxiedService_Exception($message); - } - - // Store any cookies from the response; - $this->_cookieJar->storeCookies($url, $request->getResponseHeaders()); - - // Follow any redirects - if ($redirectUrl = $this->getRedirectUrl($request->getResponseHeaders()) - ) { - phpCAS::trace('Found redirect:' . $redirectUrl); - $this->makeRequest($redirectUrl); - } else { - - $this->_responseHeaders = $request->getResponseHeaders(); - $this->_responseBody = $request->getResponseBody(); - $this->_responseStatusCode = $request->getResponseStatusCode(); - } - } - - /** - * Add any other parts of the request needed by concrete classes - * - * @param CAS_Request_RequestInterface $request request interface object - * - * @return void - */ - abstract protected function populateRequest( - CAS_Request_RequestInterface $request - ); - - /** - * Answer a redirect URL if a redirect header is found, otherwise null. - * - * @param array $responseHeaders response header to extract a redirect from - * - * @return string|null - */ - protected function getRedirectUrl(array $responseHeaders) - { - // Check for the redirect after authentication - foreach ($responseHeaders as $header) { - if ( preg_match('/^(Location:|URI:)\s*([^\s]+.*)$/', $header, $matches) - ) { - return trim(array_pop($matches)); - } - } - return null; - } - - /********************************************************* - * 3. Access the response - *********************************************************/ - - /** - * Answer true if our request has been sent yet. - * - * @return bool - */ - protected function hasBeenSent() - { - return ($this->_numRequests > 0); - } - - /** - * Answer the headers of the response. - * - * @return array An array of header strings. - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getResponseHeaders() - { - if (!$this->hasBeenSent()) { - throw new CAS_OutOfSequenceException( - 'Cannot access response, request not sent yet.' - ); - } - - return $this->_responseHeaders; - } - - /** - * Answer HTTP status code of the response - * - * @return int - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getResponseStatusCode() - { - if (!$this->hasBeenSent()) { - throw new CAS_OutOfSequenceException( - 'Cannot access response, request not sent yet.' - ); - } - - return $this->_responseStatusCode; - } - - /** - * Answer the body of response. - * - * @return string - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getResponseBody() - { - if (!$this->hasBeenSent()) { - throw new CAS_OutOfSequenceException( - 'Cannot access response, request not sent yet.' - ); - } - - return $this->_responseBody; - } - - /** - * Answer the cookies from the response. This may include cookies set during - * redirect responses. - * - * @return array An array containing cookies. E.g. array('name' => 'val'); - */ - public function getCookies() - { - return $this->_cookieJar->getCookies($this->getServiceUrl()); - } - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Get.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Get.php deleted file mode 100644 index a459d55a..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Get.php +++ /dev/null @@ -1,85 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This class is used to make proxied service requests via the HTTP GET method. - * - * Usage Example: - * - * try { - * $service = phpCAS::getProxiedService(PHPCAS_PROXIED_SERVICE_HTTP_GET); - * $service->setUrl('http://www.example.com/path/'); - * $service->send(); - * if ($service->getResponseStatusCode() == 200) - * return $service->getResponseBody(); - * else - * // The service responded with an error code 404, 500, etc. - * throw new Exception('The service responded with an error.'); - * - * } catch (CAS_ProxyTicketException $e) { - * if ($e->getCode() == PHPCAS_SERVICE_PT_FAILURE) - * return "Your login has timed out. You need to log in again."; - * else - * // Other proxy ticket errors are from bad request format - * // (shouldn't happen) or CAS server failure (unlikely) - * // so lets just stop if we hit those. - * throw $e; - * } catch (CAS_ProxiedService_Exception $e) { - * // Something prevented the service request from being sent or received. - * // We didn't even get a valid error response (404, 500, etc), so this - * // might be caused by a network error or a DNS resolution failure. - * // We could handle it in some way, but for now we will just stop. - * throw $e; - * } - * - * @class CAS_ProxiedService_Http_Get - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_ProxiedService_Http_Get -extends CAS_ProxiedService_Http_Abstract -{ - - /** - * Add any other parts of the request needed by concrete classes - * - * @param CAS_Request_RequestInterface $request request interface - * - * @return void - */ - protected function populateRequest (CAS_Request_RequestInterface $request) - { - // do nothing, since the URL has already been sent and that is our - // only data. - } -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Post.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Post.php deleted file mode 100644 index 344c4398..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Post.php +++ /dev/null @@ -1,152 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This class is used to make proxied service requests via the HTTP POST method. - * - * Usage Example: - * - * try { - * $service = phpCAS::getProxiedService(PHPCAS_PROXIED_SERVICE_HTTP_POST); - * $service->setUrl('http://www.example.com/path/'); - * $service->setContentType('text/xml'); - * $service->setBody('example.search'); - * $service->send(); - * if ($service->getResponseStatusCode() == 200) - * return $service->getResponseBody(); - * else - * // The service responded with an error code 404, 500, etc. - * throw new Exception('The service responded with an error.'); - * - * } catch (CAS_ProxyTicketException $e) { - * if ($e->getCode() == PHPCAS_SERVICE_PT_FAILURE) - * return "Your login has timed out. You need to log in again."; - * else - * // Other proxy ticket errors are from bad request format - * // (shouldn't happen) or CAS server failure (unlikely) so lets just - * // stop if we hit those. - * throw $e; - * } catch (CAS_ProxiedService_Exception $e) { - * // Something prevented the service request from being sent or received. - * // We didn't even get a valid error response (404, 500, etc), so this - * // might be caused by a network error or a DNS resolution failure. - * // We could handle it in some way, but for now we will just stop. - * throw $e; - * } - * - * @class CAS_ProxiedService_Http_Post - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_ProxiedService_Http_Post -extends CAS_ProxiedService_Http_Abstract -{ - - /** - * The content-type of this request - * - * @var string $_contentType - */ - private $_contentType; - - /** - * The body of the this request - * - * @var string $_body - */ - private $_body; - - /** - * Set the content type of this POST request. - * - * @param string $contentType content type - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function setContentType ($contentType) - { - if ($this->hasBeenSent()) { - throw new CAS_OutOfSequenceException( - 'Cannot set the content type, request already sent.' - ); - } - - $this->_contentType = $contentType; - } - - /** - * Set the body of this POST request. - * - * @param string $body body to set - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function setBody ($body) - { - if ($this->hasBeenSent()) { - throw new CAS_OutOfSequenceException( - 'Cannot set the body, request already sent.' - ); - } - - $this->_body = $body; - } - - /** - * Add any other parts of the request needed by concrete classes - * - * @param CAS_Request_RequestInterface $request request interface class - * - * @return void - */ - protected function populateRequest (CAS_Request_RequestInterface $request) - { - if (empty($this->_contentType) && !empty($this->_body)) { - throw new CAS_ProxiedService_Exception( - "If you pass a POST body, you must specify a content type via " - .get_class($this).'->setContentType($contentType).' - ); - } - - $request->makePost(); - if (!empty($this->_body)) { - $request->addHeader('Content-Type: '.$this->_contentType); - $request->addHeader('Content-Length: '.strlen($this->_body)); - $request->setPostBody($this->_body); - } - } - - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Imap.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Imap.php deleted file mode 100644 index c4b47401..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Imap.php +++ /dev/null @@ -1,281 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Provides access to a proxy-authenticated IMAP stream - * - * @class CAS_ProxiedService_Imap - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_ProxiedService_Imap -extends CAS_ProxiedService_Abstract -{ - - /** - * The username to send via imap_open. - * - * @var string $_username; - */ - private $_username; - - /** - * Constructor. - * - * @param string $username Username - * - * @return void - */ - public function __construct ($username) - { - if (!is_string($username) || !strlen($username)) { - throw new CAS_InvalidArgumentException('Invalid username.'); - } - - $this->_username = $username; - } - - /** - * The target service url. - * @var string $_url; - */ - private $_url; - - /** - * Answer a service identifier (URL) for whom we should fetch a proxy ticket. - * - * @return string - * @throws Exception If no service url is available. - */ - public function getServiceUrl () - { - if (empty($this->_url)) { - throw new CAS_ProxiedService_Exception( - 'No URL set via '.get_class($this).'->getServiceUrl($url).' - ); - } - - return $this->_url; - } - - /********************************************************* - * Configure the Stream - *********************************************************/ - - /** - * Set the URL of the service to pass to CAS for proxy-ticket retrieval. - * - * @param string $url Url to set - * - * @return void - * @throws CAS_OutOfSequenceException If called after the stream has been opened. - */ - public function setServiceUrl ($url) - { - if ($this->hasBeenOpened()) { - throw new CAS_OutOfSequenceException( - 'Cannot set the URL, stream already opened.' - ); - } - if (!is_string($url) || !strlen($url)) { - throw new CAS_InvalidArgumentException('Invalid url.'); - } - - $this->_url = $url; - } - - /** - * The mailbox to open. See the $mailbox parameter of imap_open(). - * - * @var string $_mailbox - */ - private $_mailbox; - - /** - * Set the mailbox to open. See the $mailbox parameter of imap_open(). - * - * @param string $mailbox Mailbox to set - * - * @return void - * @throws CAS_OutOfSequenceException If called after the stream has been opened. - */ - public function setMailbox ($mailbox) - { - if ($this->hasBeenOpened()) { - throw new CAS_OutOfSequenceException( - 'Cannot set the mailbox, stream already opened.' - ); - } - if (!is_string($mailbox) || !strlen($mailbox)) { - throw new CAS_InvalidArgumentException('Invalid mailbox.'); - } - - $this->_mailbox = $mailbox; - } - - /** - * A bit mask of options to pass to imap_open() as the $options parameter. - * - * @var int $_options - */ - private $_options = null; - - /** - * Set the options for opening the stream. See the $options parameter of - * imap_open(). - * - * @param int $options Options for the stream - * - * @return void - * @throws CAS_OutOfSequenceException If called after the stream has been opened. - */ - public function setOptions ($options) - { - if ($this->hasBeenOpened()) { - throw new CAS_OutOfSequenceException( - 'Cannot set options, stream already opened.' - ); - } - if (!is_int($options)) { - throw new CAS_InvalidArgumentException('Invalid options.'); - } - - $this->_options = $options; - } - - /********************************************************* - * 2. Open the stream - *********************************************************/ - - /** - * Open the IMAP stream (similar to imap_open()). - * - * @return resource Returns an IMAP stream on success - * @throws CAS_OutOfSequenceException If called multiple times. - * @throws CAS_ProxyTicketException If there is a proxy-ticket failure. - * The code of the Exception will be one of: - * PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE - * PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE - * PHPCAS_SERVICE_PT_FAILURE - * @throws CAS_ProxiedService_Exception If there is a failure sending the - * request to the target service. - */ - public function open () - { - if ($this->hasBeenOpened()) { - throw new CAS_OutOfSequenceException('Stream already opened.'); - } - if (empty($this->_mailbox)) { - throw new CAS_ProxiedService_Exception( - 'You must specify a mailbox via '.get_class($this) - .'->setMailbox($mailbox)' - ); - } - - phpCAS::traceBegin(); - - // Get our proxy ticket and append it to our URL. - $this->initializeProxyTicket(); - phpCAS::trace('opening IMAP mailbox `'.$this->_mailbox.'\'...'); - $this->_stream = @imap_open( - $this->_mailbox, $this->_username, $this->getProxyTicket(), - $this->_options - ); - if ($this->_stream) { - phpCAS::trace('ok'); - } else { - phpCAS::trace('could not open mailbox'); - // @todo add localization integration. - $message = 'IMAP Error: '.$this->_url.' '. var_export(imap_errors(), true); - phpCAS::trace($message); - throw new CAS_ProxiedService_Exception($message); - } - - phpCAS::traceEnd(); - return $this->_stream; - } - - /** - * Answer true if our request has been sent yet. - * - * @return bool - */ - protected function hasBeenOpened () - { - return !empty($this->_stream); - } - - /********************************************************* - * 3. Access the result - *********************************************************/ - /** - * The IMAP stream - * - * @var resource $_stream - */ - private $_stream; - - /** - * Answer the IMAP stream - * - * @return resource - * @throws CAS_OutOfSequenceException if stream is not opened yet - */ - public function getStream () - { - if (!$this->hasBeenOpened()) { - throw new CAS_OutOfSequenceException( - 'Cannot access stream, not opened yet.' - ); - } - return $this->_stream; - } - - /** - * CAS_Client::serviceMail() needs to return the proxy ticket for some reason, - * so this method provides access to it. - * - * @return string - * @throws CAS_OutOfSequenceException If called before the stream has been - * opened. - */ - public function getImapProxyTicket () - { - if (!$this->hasBeenOpened()) { - throw new CAS_OutOfSequenceException( - 'Cannot access errors, stream not opened yet.' - ); - } - return $this->getProxyTicket(); - } -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Testable.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Testable.php deleted file mode 100644 index 3ce44fd1..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxiedService/Testable.php +++ /dev/null @@ -1,75 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This interface defines methods that allow proxy-authenticated service handlers - * to be tested in unit tests. - * - * Classes implementing this interface SHOULD store the CAS_Client passed and - * initialize themselves with that client rather than via the static phpCAS - * method. For example: - * - * / ** - * * Fetch our proxy ticket. - * * / - * protected function initializeProxyTicket() { - * // Allow usage of a particular CAS_Client for unit testing. - * if (is_null($this->casClient)) - * phpCAS::initializeProxiedService($this); - * else - * $this->casClient->initializeProxiedService($this); - * } - * - * @class CAS_ProxiedService_Testabel - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -interface CAS_ProxiedService_Testable -{ - - /** - * Use a particular CAS_Client->initializeProxiedService() rather than the - * static phpCAS::initializeProxiedService(). - * - * This method should not be called in standard operation, but is needed for unit - * testing. - * - * @param CAS_Client $casClient Cas client object - * - * @return void - * @throws CAS_OutOfSequenceException If called after a proxy ticket has - * already been initialized/set. - */ - public function setCasClient (CAS_Client $casClient); - -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain.php deleted file mode 100644 index e200724c..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain.php +++ /dev/null @@ -1,127 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * A normal proxy-chain definition that lists each level of the chain as either - * a string or regular expression. - * - * @class CAS_ProxyChain - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -class CAS_ProxyChain -implements CAS_ProxyChain_Interface -{ - - protected $chain = array(); - - /** - * A chain is an array of strings or regexp strings that will be matched - * against. Regexp will be matched with preg_match and strings will be - * matched from the beginning. A string must fully match the beginning of - * an proxy url. So you can define a full domain as acceptable or go further - * down. - * Proxies have to be defined in reverse from the service to the user. If a - * user hits service A get proxied via B to service C the list of acceptable - * proxies on C would be array(B,A); - * - * @param array $chain A chain of proxies - */ - public function __construct(array $chain) - { - // Ensure that we have an indexed array - $this->chain = array_values($chain); - } - - /** - * Match a list of proxies. - * - * @param array $list The list of proxies in front of this service. - * - * @return bool - */ - public function matches(array $list) - { - $list = array_values($list); // Ensure that we have an indexed array - if ($this->isSizeValid($list)) { - $mismatch = false; - foreach ($this->chain as $i => $search) { - $proxy_url = $list[$i]; - if (preg_match('/^\/.*\/[ixASUXu]*$/s', $search)) { - if (preg_match($search, $proxy_url)) { - phpCAS::trace( - "Found regexp " . $search . " matching " . $proxy_url - ); - } else { - phpCAS::trace( - "No regexp match " . $search . " != " . $proxy_url - ); - $mismatch = true; - break; - } - } else { - if (strncasecmp($search, $proxy_url, strlen($search)) == 0) { - phpCAS::trace( - "Found string " . $search . " matching " . $proxy_url - ); - } else { - phpCAS::trace( - "No match " . $search . " != " . $proxy_url - ); - $mismatch = true; - break; - } - } - } - if (!$mismatch) { - phpCAS::trace("Proxy chain matches"); - return true; - } - } else { - phpCAS::trace("Proxy chain skipped: size mismatch"); - } - return false; - } - - /** - * Validate the size of the the list as compared to our chain. - * - * @param array $list List of proxies - * - * @return bool - */ - protected function isSizeValid (array $list) - { - return (sizeof($this->chain) == sizeof($list)); - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/AllowedList.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/AllowedList.php deleted file mode 100644 index 988ddbb3..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/AllowedList.php +++ /dev/null @@ -1,119 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - - -/** - * ProxyChain is a container for storing chains of valid proxies that can - * be used to validate proxied requests to a service - * - * @class CAS_ProxyChain_AllowedList - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -class CAS_ProxyChain_AllowedList -{ - - private $_chains = array(); - - /** - * Check whether proxies are allowed by configuration - * - * @return bool - */ - public function isProxyingAllowed() - { - return (count($this->_chains) > 0); - } - - /** - * Add a chain of proxies to the list of possible chains - * - * @param CAS_ProxyChain_Interface $chain A chain of proxies - * - * @return void - */ - public function allowProxyChain(CAS_ProxyChain_Interface $chain) - { - $this->_chains[] = $chain; - } - - /** - * Check if the proxies found in the response match the allowed proxies - * - * @param array $proxies list of proxies to check - * - * @return bool whether the proxies match the allowed proxies - */ - public function isProxyListAllowed(array $proxies) - { - phpCAS::traceBegin(); - if (empty($proxies)) { - phpCAS::trace("No proxies were found in the response"); - phpCAS::traceEnd(true); - return true; - } elseif (!$this->isProxyingAllowed()) { - phpCAS::trace("Proxies are not allowed"); - phpCAS::traceEnd(false); - return false; - } else { - $res = $this->contains($proxies); - phpCAS::traceEnd($res); - return $res; - } - } - - /** - * Validate the proxies from the proxy ticket validation against the - * chains that were definded. - * - * @param array $list List of proxies from the proxy ticket validation. - * - * @return bool if any chain fully matches the supplied list - */ - public function contains(array $list) - { - phpCAS::traceBegin(); - $count = 0; - foreach ($this->_chains as $chain) { - phpCAS::trace("Checking chain ". $count++); - if ($chain->matches($list)) { - phpCAS::traceEnd(true); - return true; - } - } - phpCAS::trace("No proxy chain matches."); - phpCAS::traceEnd(false); - return false; - } -} -?> diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Any.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Any.php deleted file mode 100644 index fe18c5fb..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Any.php +++ /dev/null @@ -1,64 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * A proxy-chain definition that will match any list of proxies. - * - * Use this class for quick testing or in certain production screnarios you - * might want to allow allow any other valid service to proxy your service. - * - * THIS CLASS IS HOWEVER NOT RECOMMENDED FOR PRODUCTION AND HAS SECURITY - * IMPLICATIONS: YOU ARE ALLOWING ANY SERVICE TO ACT ON BEHALF OF A USER - * ON THIS SERVICE. - * - * @class CAS_ProxyChain_Any - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_ProxyChain_Any -implements CAS_ProxyChain_Interface -{ - - /** - * Match a list of proxies. - * - * @param array $list The list of proxies in front of this service. - * - * @return bool - */ - public function matches(array $list) - { - phpCAS::trace("Using CAS_ProxyChain_Any. No proxy validation is performed."); - return true; - } - -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Interface.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Interface.php deleted file mode 100644 index b1d68817..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Interface.php +++ /dev/null @@ -1,53 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * An interface for classes that define a list of allowed proxies in front of - * the current application. - * - * @class CAS_ProxyChain_Interface - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -interface CAS_ProxyChain_Interface -{ - - /** - * Match a list of proxies. - * - * @param array $list The list of proxies in front of this service. - * - * @return bool - */ - public function matches(array $list); - -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Trusted.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Trusted.php deleted file mode 100644 index e67d7085..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyChain/Trusted.php +++ /dev/null @@ -1,59 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * A proxy-chain definition that defines a chain up to a trusted proxy and - * delegates the resposibility of validating the rest of the chain to that - * trusted proxy. - * - * @class CAS_ProxyChain_Trusted - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_ProxyChain_Trusted -extends CAS_ProxyChain -implements CAS_ProxyChain_Interface -{ - - /** - * Validate the size of the the list as compared to our chain. - * - * @param array $list list of proxies - * - * @return bool - */ - protected function isSizeValid (array $list) - { - return (sizeof($this->chain) <= sizeof($list)); - } - -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyTicketException.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyTicketException.php deleted file mode 100644 index 2f825b42..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/ProxyTicketException.php +++ /dev/null @@ -1,71 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - * - */ - -/** - * An Exception for errors related to fetching or validating proxy tickets. - * - * @class CAS_ProxyTicketException - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_ProxyTicketException -extends BadMethodCallException -implements CAS_Exception -{ - - /** - * Constructor - * - * @param string $message Message text - * @param int $code Error code - * - * @return void - */ - public function __construct ($message, $code = PHPCAS_SERVICE_PT_FAILURE) - { - // Warn if the code is not in our allowed list - $ptCodes = array( - PHPCAS_SERVICE_PT_FAILURE, - PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, - PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, - ); - if (!in_array($code, $ptCodes)) { - trigger_error( - 'Invalid code '.$code - .' passed. Must be one of PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, or PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE.' - ); - } - - parent::__construct($message, $code); - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/AbstractRequest.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/AbstractRequest.php deleted file mode 100644 index 4f9013ee..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/AbstractRequest.php +++ /dev/null @@ -1,380 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Provides support for performing web-requests via curl - * - * @class CAS_Request_AbstractRequest - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -abstract class CAS_Request_AbstractRequest -implements CAS_Request_RequestInterface -{ - - protected $url = null; - protected $cookies = array(); - protected $headers = array(); - protected $isPost = false; - protected $postBody = null; - protected $caCertPath = null; - protected $validateCN = true; - private $_sent = false; - private $_responseHeaders = array(); - private $_responseBody = null; - private $_errorMessage = ''; - - /********************************************************* - * Configure the Request - *********************************************************/ - - /** - * Set the URL of the Request - * - * @param string $url Url to set - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function setUrl ($url) - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot '.__METHOD__ - ); - } - - $this->url = $url; - } - - /** - * Add a cookie to the request. - * - * @param string $name Name of entry - * @param string $value value of entry - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function addCookie ($name, $value) - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot '.__METHOD__ - ); - } - - $this->cookies[$name] = $value; - } - - /** - * Add an array of cookies to the request. - * The cookie array is of the form - * array('cookie_name' => 'cookie_value', 'cookie_name2' => cookie_value2') - * - * @param array $cookies cookies to add - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function addCookies (array $cookies) - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot '.__METHOD__ - ); - } - - $this->cookies = array_merge($this->cookies, $cookies); - } - - /** - * Add a header string to the request. - * - * @param string $header Header to add - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function addHeader ($header) - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot '.__METHOD__ - ); - } - - $this->headers[] = $header; - } - - /** - * Add an array of header strings to the request. - * - * @param array $headers headers to add - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function addHeaders (array $headers) - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot '.__METHOD__ - ); - } - - $this->headers = array_merge($this->headers, $headers); - } - - /** - * Make the request a POST request rather than the default GET request. - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function makePost () - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot '.__METHOD__ - ); - } - - $this->isPost = true; - } - - /** - * Add a POST body to the request - * - * @param string $body body to add - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function setPostBody ($body) - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot '.__METHOD__ - ); - } - if (!$this->isPost) { - throw new CAS_OutOfSequenceException( - 'Cannot add a POST body to a GET request, use makePost() first.' - ); - } - - $this->postBody = $body; - } - - /** - * Specify the path to an SSL CA certificate to validate the server with. - * - * @param string $caCertPath path to cert - * @param bool $validate_cn valdiate CN of certificate - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function setSslCaCert ($caCertPath,$validate_cn=true) - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot '.__METHOD__ - ); - } - $this->caCertPath = $caCertPath; - $this->validateCN = $validate_cn; - } - - /********************************************************* - * 2. Send the Request - *********************************************************/ - - /** - * Perform the request. - * - * @return bool TRUE on success, FALSE on failure. - * @throws CAS_OutOfSequenceException If called multiple times. - */ - public function send () - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot send again.' - ); - } - if (is_null($this->url) || !$this->url) { - throw new CAS_OutOfSequenceException( - 'A url must be specified via setUrl() before the request can be sent.' - ); - } - $this->_sent = true; - return $this->sendRequest(); - } - - /** - * Send the request and store the results. - * - * @return bool TRUE on success, FALSE on failure. - */ - abstract protected function sendRequest (); - - /** - * Store the response headers. - * - * @param array $headers headers to store - * - * @return void - */ - protected function storeResponseHeaders (array $headers) - { - $this->_responseHeaders = array_merge($this->_responseHeaders, $headers); - } - - /** - * Store a single response header to our array. - * - * @param string $header header to store - * - * @return void - */ - protected function storeResponseHeader ($header) - { - $this->_responseHeaders[] = $header; - } - - /** - * Store the response body. - * - * @param string $body body to store - * - * @return void - */ - protected function storeResponseBody ($body) - { - $this->_responseBody = $body; - } - - /** - * Add a string to our error message. - * - * @param string $message message to add - * - * @return void - */ - protected function storeErrorMessage ($message) - { - $this->_errorMessage .= $message; - } - - /********************************************************* - * 3. Access the response - *********************************************************/ - - /** - * Answer the headers of the response. - * - * @return array An array of header strings. - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getResponseHeaders () - { - if (!$this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has not been sent yet. Cannot '.__METHOD__ - ); - } - return $this->_responseHeaders; - } - - /** - * Answer HTTP status code of the response - * - * @return int - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - * @throws CAS_Request_Exception if the response did not contain a status code - */ - public function getResponseStatusCode () - { - if (!$this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has not been sent yet. Cannot '.__METHOD__ - ); - } - - if (!preg_match( - '/HTTP\/[0-9.]+\s+([0-9]+)\s*(.*)/', - $this->_responseHeaders[0], $matches - ) - ) { - throw new CAS_Request_Exception( - 'Bad response, no status code was found in the first line.' - ); - } - - return intval($matches[1]); - } - - /** - * Answer the body of response. - * - * @return string - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getResponseBody () - { - if (!$this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has not been sent yet. Cannot '.__METHOD__ - ); - } - - return $this->_responseBody; - } - - /** - * Answer a message describing any errors if the request failed. - * - * @return string - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getErrorMessage () - { - if (!$this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has not been sent yet. Cannot '.__METHOD__ - ); - } - return $this->_errorMessage; - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/CurlMultiRequest.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/CurlMultiRequest.php deleted file mode 100644 index 850f6f0e..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/CurlMultiRequest.php +++ /dev/null @@ -1,147 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This interface defines a class library for performing multiple web requests - * in batches. Implementations of this interface may perform requests serially - * or in parallel. - * - * @class CAS_Request_CurlMultiRequest - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_Request_CurlMultiRequest -implements CAS_Request_MultiRequestInterface -{ - private $_requests = array(); - private $_sent = false; - - /********************************************************* - * Add Requests - *********************************************************/ - - /** - * Add a new Request to this batch. - * Note, implementations will likely restrict requests to their own concrete - * class hierarchy. - * - * @param CAS_Request_RequestInterface $request reqest to add - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - * @throws CAS_InvalidArgumentException If passed a Request of the wrong - * implmentation. - */ - public function addRequest (CAS_Request_RequestInterface $request) - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot '.__METHOD__ - ); - } - if (!$request instanceof CAS_Request_CurlRequest) { - throw new CAS_InvalidArgumentException( - 'As a CAS_Request_CurlMultiRequest, I can only work with CAS_Request_CurlRequest objects.' - ); - } - - $this->_requests[] = $request; - } - - /** - * Retrieve the number of requests added to this batch. - * - * @return int number of request elements - * @throws CAS_OutOfSequenceException if the request has already been sent - */ - public function getNumRequests() - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot '.__METHOD__ - ); - } - return count($this->_requests); - } - - /********************************************************* - * 2. Send the Request - *********************************************************/ - - /** - * Perform the request. After sending, all requests will have their - * responses poulated. - * - * @return bool TRUE on success, FALSE on failure. - * @throws CAS_OutOfSequenceException If called multiple times. - */ - public function send () - { - if ($this->_sent) { - throw new CAS_OutOfSequenceException( - 'Request has already been sent cannot send again.' - ); - } - if (!count($this->_requests)) { - throw new CAS_OutOfSequenceException( - 'At least one request must be added via addRequest() before the multi-request can be sent.' - ); - } - - $this->_sent = true; - - // Initialize our handles and configure all requests. - $handles = array(); - $multiHandle = curl_multi_init(); - foreach ($this->_requests as $i => $request) { - $handle = $request->initAndConfigure(); - curl_setopt($handle, CURLOPT_RETURNTRANSFER, true); - $handles[$i] = $handle; - curl_multi_add_handle($multiHandle, $handle); - } - - // Execute the requests in parallel. - do { - curl_multi_exec($multiHandle, $running); - } while ($running > 0); - - // Populate all of the responses or errors back into the request objects. - foreach ($this->_requests as $i => $request) { - $buf = curl_multi_getcontent($handles[$i]); - $request->_storeResponseBody($buf); - curl_multi_remove_handle($multiHandle, $handles[$i]); - curl_close($handles[$i]); - } - - curl_multi_close($multiHandle); - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/CurlRequest.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/CurlRequest.php deleted file mode 100644 index e30dd0d1..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/CurlRequest.php +++ /dev/null @@ -1,198 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Provides support for performing web-requests via curl - * - * @class CAS_Request_CurlRequest - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_Request_CurlRequest -extends CAS_Request_AbstractRequest -implements CAS_Request_RequestInterface -{ - - /** - * Set additional curl options - * - * @param array $options option to set - * - * @return void - */ - public function setCurlOptions (array $options) - { - $this->_curlOptions = $options; - } - private $_curlOptions = array(); - - /** - * Send the request and store the results. - * - * @return bool true on success, false on failure. - */ - protected function sendRequest () - { - phpCAS::traceBegin(); - - /********************************************************* - * initialize the CURL session - *********************************************************/ - $ch = $this->initAndConfigure(); - - /********************************************************* - * Perform the query - *********************************************************/ - $buf = curl_exec($ch); - if ( $buf === false ) { - phpCAS::trace('curl_exec() failed'); - $this->storeErrorMessage( - 'CURL error #'.curl_errno($ch).': '.curl_error($ch) - ); - $res = false; - } else { - $this->storeResponseBody($buf); - phpCAS::trace("Response Body: \n".$buf."\n"); - $res = true; - - } - // close the CURL session - curl_close($ch); - - phpCAS::traceEnd($res); - return $res; - } - - /** - * Internal method to initialize our cURL handle and configure the request. - * This method should NOT be used outside of the CurlRequest or the - * CurlMultiRequest. - * - * @return resource|false The cURL handle on success, false on failure - */ - public function initAndConfigure() - { - /********************************************************* - * initialize the CURL session - *********************************************************/ - $ch = curl_init($this->url); - - curl_setopt_array($ch, $this->_curlOptions); - - /********************************************************* - * Set SSL configuration - *********************************************************/ - if ($this->caCertPath) { - if ($this->validateCN) { - curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); - } else { - curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); - } - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); - curl_setopt($ch, CURLOPT_CAINFO, $this->caCertPath); - phpCAS::trace('CURL: Set CURLOPT_CAINFO ' . $this->caCertPath); - } else { - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); - curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); - } - - /********************************************************* - * Configure curl to capture our output. - *********************************************************/ - // return the CURL output into a variable - curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); - - // get the HTTP header with a callback - curl_setopt($ch, CURLOPT_HEADERFUNCTION, array($this, '_curlReadHeaders')); - - /********************************************************* - * Add cookie headers to our request. - *********************************************************/ - if (count($this->cookies)) { - $cookieStrings = array(); - foreach ($this->cookies as $name => $val) { - $cookieStrings[] = $name.'='.$val; - } - curl_setopt($ch, CURLOPT_COOKIE, implode(';', $cookieStrings)); - } - - /********************************************************* - * Add any additional headers - *********************************************************/ - if (count($this->headers)) { - curl_setopt($ch, CURLOPT_HTTPHEADER, $this->headers); - } - - /********************************************************* - * Flag and Body for POST requests - *********************************************************/ - if ($this->isPost) { - curl_setopt($ch, CURLOPT_POST, 1); - curl_setopt($ch, CURLOPT_POSTFIELDS, $this->postBody); - } - - /********************************************************* - * Set User Agent - *********************************************************/ - curl_setopt($ch, CURLOPT_USERAGENT, 'phpCAS/' . phpCAS::getVersion()); - - return $ch; - } - - /** - * Store the response body. - * This method should NOT be used outside of the CurlRequest or the - * CurlMultiRequest. - * - * @param string $body body to stor - * - * @return void - */ - public function _storeResponseBody ($body) - { - $this->storeResponseBody($body); - } - - /** - * Internal method for capturing the headers from a curl request. - * - * @param resource $ch handle of curl - * @param string $header header - * - * @return int - */ - public function _curlReadHeaders ($ch, $header) - { - $this->storeResponseHeader($header); - return strlen($header); - } -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/Exception.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/Exception.php deleted file mode 100644 index dd5a2a55..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/Exception.php +++ /dev/null @@ -1,45 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * An Exception for problems performing requests - * - * @class CAS_Request_Exception - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_Request_Exception -extends Exception -implements CAS_Exception -{ - -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/MultiRequestInterface.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/MultiRequestInterface.php deleted file mode 100644 index 41002c77..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/MultiRequestInterface.php +++ /dev/null @@ -1,83 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This interface defines a class library for performing multiple web requests - * in batches. Implementations of this interface may perform requests serially - * or in parallel. - * - * @class CAS_Request_MultiRequestInterface - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -interface CAS_Request_MultiRequestInterface -{ - - /********************************************************* - * Add Requests - *********************************************************/ - - /** - * Add a new Request to this batch. - * Note, implementations will likely restrict requests to their own concrete - * class hierarchy. - * - * @param CAS_Request_RequestInterface $request request interface - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been - * sent. - * @throws CAS_InvalidArgumentException If passed a Request of the wrong - * implmentation. - */ - public function addRequest (CAS_Request_RequestInterface $request); - - /** - * Retrieve the number of requests added to this batch. - * - * @return int number of request elements - */ - public function getNumRequests (); - - /********************************************************* - * 2. Send the Request - *********************************************************/ - - /** - * Perform the request. After sending, all requests will have their - * responses poulated. - * - * @return bool TRUE on success, FALSE on failure. - * @throws CAS_OutOfSequenceException If called multiple times. - */ - public function send (); -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/RequestInterface.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/RequestInterface.php deleted file mode 100644 index b8e8772e..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/Request/RequestInterface.php +++ /dev/null @@ -1,179 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * This interface defines a class library for performing web requests. - * - * @class CAS_Request_RequestInterface - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -interface CAS_Request_RequestInterface -{ - - /********************************************************* - * Configure the Request - *********************************************************/ - - /** - * Set the URL of the Request - * - * @param string $url url to set - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function setUrl ($url); - - /** - * Add a cookie to the request. - * - * @param string $name name of cookie - * @param string $value value of cookie - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function addCookie ($name, $value); - - /** - * Add an array of cookies to the request. - * The cookie array is of the form - * array('cookie_name' => 'cookie_value', 'cookie_name2' => cookie_value2') - * - * @param array $cookies cookies to add - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function addCookies (array $cookies); - - /** - * Add a header string to the request. - * - * @param string $header header to add - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function addHeader ($header); - - /** - * Add an array of header strings to the request. - * - * @param array $headers headers to add - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function addHeaders (array $headers); - - /** - * Make the request a POST request rather than the default GET request. - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function makePost (); - - /** - * Add a POST body to the request - * - * @param string $body body to add - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function setPostBody ($body); - - - /** - * Specify the path to an SSL CA certificate to validate the server with. - * - * @param string $caCertPath path to cert file - * @param boolean $validate_cn validate CN of SSL certificate - * - * @return void - * @throws CAS_OutOfSequenceException If called after the Request has been sent. - */ - public function setSslCaCert ($caCertPath, $validate_cn = true); - - - - /********************************************************* - * 2. Send the Request - *********************************************************/ - - /** - * Perform the request. - * - * @return bool TRUE on success, FALSE on failure. - * @throws CAS_OutOfSequenceException If called multiple times. - */ - public function send (); - - /********************************************************* - * 3. Access the response - *********************************************************/ - - /** - * Answer the headers of the response. - * - * @return array An array of header strings. - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getResponseHeaders (); - - /** - * Answer HTTP status code of the response - * - * @return int - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getResponseStatusCode (); - - /** - * Answer the body of response. - * - * @return string - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getResponseBody (); - - /** - * Answer a message describing any errors if the request failed. - * - * @return string - * @throws CAS_OutOfSequenceException If called before the Request has been sent. - */ - public function getErrorMessage (); -} diff --git a/plugins/auth/vendor/apereo/phpcas/source/CAS/TypeMismatchException.php b/plugins/auth/vendor/apereo/phpcas/source/CAS/TypeMismatchException.php deleted file mode 100644 index 72bdc87a..00000000 --- a/plugins/auth/vendor/apereo/phpcas/source/CAS/TypeMismatchException.php +++ /dev/null @@ -1,70 +0,0 @@ - - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ - -/** - * Exception that denotes invalid arguments were passed. - * - * @class CAS_InvalidArgumentException - * @category Authentication - * @package PhpCAS - * @author Adam Franco - * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 - * @link https://wiki.jasig.org/display/CASC/phpCAS - */ -class CAS_TypeMismatchException -extends CAS_InvalidArgumentException -{ - /** - * Constructor, provides a nice message. - * - * @param mixed $argument Argument - * @param string $argumentName Argument Name - * @param string $type Type - * @param string $message Error Message - * @param integer $code Code - * - * @return void - */ - public function __construct ( - $argument, $argumentName, $type, $message = '', $code = 0 - ) { - if (is_object($argument)) { - $foundType = get_class($argument).' object'; - } else { - $foundType = gettype($argument); - } - - parent::__construct( - 'type mismatched for parameter ' - . $argumentName . ' (should be \'' . $type .' \'), ' - . $foundType . ' given. ' . $message, $code - ); - } -} -?> diff --git a/plugins/auth/vendor/autoload.php b/plugins/auth/vendor/autoload.php deleted file mode 100644 index 8d00120f..00000000 --- a/plugins/auth/vendor/autoload.php +++ /dev/null @@ -1,25 +0,0 @@ - - * Jordi Boggiano - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Composer\Autoload; - -/** - * ClassLoader implements a PSR-0, PSR-4 and classmap class loader. - * - * $loader = new \Composer\Autoload\ClassLoader(); - * - * // register classes with namespaces - * $loader->add('Symfony\Component', __DIR__.'/component'); - * $loader->add('Symfony', __DIR__.'/framework'); - * - * // activate the autoloader - * $loader->register(); - * - * // to enable searching the include path (eg. for PEAR packages) - * $loader->setUseIncludePath(true); - * - * In this example, if you try to use a class in the Symfony\Component - * namespace or one of its children (Symfony\Component\Console for instance), - * the autoloader will first look for the class under the component/ - * directory, and it will then fallback to the framework/ directory if not - * found before giving up. - * - * This class is loosely based on the Symfony UniversalClassLoader. - * - * @author Fabien Potencier - * @author Jordi Boggiano - * @see https://www.php-fig.org/psr/psr-0/ - * @see https://www.php-fig.org/psr/psr-4/ - */ -class ClassLoader -{ - /** @var ?string */ - private $vendorDir; - - // PSR-4 - /** - * @var array[] - * @psalm-var array> - */ - private $prefixLengthsPsr4 = array(); - /** - * @var array[] - * @psalm-var array> - */ - private $prefixDirsPsr4 = array(); - /** - * @var array[] - * @psalm-var array - */ - private $fallbackDirsPsr4 = array(); - - // PSR-0 - /** - * @var array[] - * @psalm-var array> - */ - private $prefixesPsr0 = array(); - /** - * @var array[] - * @psalm-var array - */ - private $fallbackDirsPsr0 = array(); - - /** @var bool */ - private $useIncludePath = false; - - /** - * @var string[] - * @psalm-var array - */ - private $classMap = array(); - - /** @var bool */ - private $classMapAuthoritative = false; - - /** - * @var bool[] - * @psalm-var array - */ - private $missingClasses = array(); - - /** @var ?string */ - private $apcuPrefix; - - /** - * @var self[] - */ - private static $registeredLoaders = array(); - - /** - * @param ?string $vendorDir - */ - public function __construct($vendorDir = null) - { - $this->vendorDir = $vendorDir; - } - - /** - * @return string[] - */ - public function getPrefixes() - { - if (!empty($this->prefixesPsr0)) { - return call_user_func_array('array_merge', array_values($this->prefixesPsr0)); - } - - return array(); - } - - /** - * @return array[] - * @psalm-return array> - */ - public function getPrefixesPsr4() - { - return $this->prefixDirsPsr4; - } - - /** - * @return array[] - * @psalm-return array - */ - public function getFallbackDirs() - { - return $this->fallbackDirsPsr0; - } - - /** - * @return array[] - * @psalm-return array - */ - public function getFallbackDirsPsr4() - { - return $this->fallbackDirsPsr4; - } - - /** - * @return string[] Array of classname => path - * @psalm-return array - */ - public function getClassMap() - { - return $this->classMap; - } - - /** - * @param string[] $classMap Class to filename map - * @psalm-param array $classMap - * - * @return void - */ - public function addClassMap(array $classMap) - { - if ($this->classMap) { - $this->classMap = array_merge($this->classMap, $classMap); - } else { - $this->classMap = $classMap; - } - } - - /** - * Registers a set of PSR-0 directories for a given prefix, either - * appending or prepending to the ones previously set for this prefix. - * - * @param string $prefix The prefix - * @param string[]|string $paths The PSR-0 root directories - * @param bool $prepend Whether to prepend the directories - * - * @return void - */ - public function add($prefix, $paths, $prepend = false) - { - if (!$prefix) { - if ($prepend) { - $this->fallbackDirsPsr0 = array_merge( - (array) $paths, - $this->fallbackDirsPsr0 - ); - } else { - $this->fallbackDirsPsr0 = array_merge( - $this->fallbackDirsPsr0, - (array) $paths - ); - } - - return; - } - - $first = $prefix[0]; - if (!isset($this->prefixesPsr0[$first][$prefix])) { - $this->prefixesPsr0[$first][$prefix] = (array) $paths; - - return; - } - if ($prepend) { - $this->prefixesPsr0[$first][$prefix] = array_merge( - (array) $paths, - $this->prefixesPsr0[$first][$prefix] - ); - } else { - $this->prefixesPsr0[$first][$prefix] = array_merge( - $this->prefixesPsr0[$first][$prefix], - (array) $paths - ); - } - } - - /** - * Registers a set of PSR-4 directories for a given namespace, either - * appending or prepending to the ones previously set for this namespace. - * - * @param string $prefix The prefix/namespace, with trailing '\\' - * @param string[]|string $paths The PSR-4 base directories - * @param bool $prepend Whether to prepend the directories - * - * @throws \InvalidArgumentException - * - * @return void - */ - public function addPsr4($prefix, $paths, $prepend = false) - { - if (!$prefix) { - // Register directories for the root namespace. - if ($prepend) { - $this->fallbackDirsPsr4 = array_merge( - (array) $paths, - $this->fallbackDirsPsr4 - ); - } else { - $this->fallbackDirsPsr4 = array_merge( - $this->fallbackDirsPsr4, - (array) $paths - ); - } - } elseif (!isset($this->prefixDirsPsr4[$prefix])) { - // Register directories for a new namespace. - $length = strlen($prefix); - if ('\\' !== $prefix[$length - 1]) { - throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); - } - $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; - $this->prefixDirsPsr4[$prefix] = (array) $paths; - } elseif ($prepend) { - // Prepend directories for an already registered namespace. - $this->prefixDirsPsr4[$prefix] = array_merge( - (array) $paths, - $this->prefixDirsPsr4[$prefix] - ); - } else { - // Append directories for an already registered namespace. - $this->prefixDirsPsr4[$prefix] = array_merge( - $this->prefixDirsPsr4[$prefix], - (array) $paths - ); - } - } - - /** - * Registers a set of PSR-0 directories for a given prefix, - * replacing any others previously set for this prefix. - * - * @param string $prefix The prefix - * @param string[]|string $paths The PSR-0 base directories - * - * @return void - */ - public function set($prefix, $paths) - { - if (!$prefix) { - $this->fallbackDirsPsr0 = (array) $paths; - } else { - $this->prefixesPsr0[$prefix[0]][$prefix] = (array) $paths; - } - } - - /** - * Registers a set of PSR-4 directories for a given namespace, - * replacing any others previously set for this namespace. - * - * @param string $prefix The prefix/namespace, with trailing '\\' - * @param string[]|string $paths The PSR-4 base directories - * - * @throws \InvalidArgumentException - * - * @return void - */ - public function setPsr4($prefix, $paths) - { - if (!$prefix) { - $this->fallbackDirsPsr4 = (array) $paths; - } else { - $length = strlen($prefix); - if ('\\' !== $prefix[$length - 1]) { - throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); - } - $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; - $this->prefixDirsPsr4[$prefix] = (array) $paths; - } - } - - /** - * Turns on searching the include path for class files. - * - * @param bool $useIncludePath - * - * @return void - */ - public function setUseIncludePath($useIncludePath) - { - $this->useIncludePath = $useIncludePath; - } - - /** - * Can be used to check if the autoloader uses the include path to check - * for classes. - * - * @return bool - */ - public function getUseIncludePath() - { - return $this->useIncludePath; - } - - /** - * Turns off searching the prefix and fallback directories for classes - * that have not been registered with the class map. - * - * @param bool $classMapAuthoritative - * - * @return void - */ - public function setClassMapAuthoritative($classMapAuthoritative) - { - $this->classMapAuthoritative = $classMapAuthoritative; - } - - /** - * Should class lookup fail if not found in the current class map? - * - * @return bool - */ - public function isClassMapAuthoritative() - { - return $this->classMapAuthoritative; - } - - /** - * APCu prefix to use to cache found/not-found classes, if the extension is enabled. - * - * @param string|null $apcuPrefix - * - * @return void - */ - public function setApcuPrefix($apcuPrefix) - { - $this->apcuPrefix = function_exists('apcu_fetch') && filter_var(ini_get('apc.enabled'), FILTER_VALIDATE_BOOLEAN) ? $apcuPrefix : null; - } - - /** - * The APCu prefix in use, or null if APCu caching is not enabled. - * - * @return string|null - */ - public function getApcuPrefix() - { - return $this->apcuPrefix; - } - - /** - * Registers this instance as an autoloader. - * - * @param bool $prepend Whether to prepend the autoloader or not - * - * @return void - */ - public function register($prepend = false) - { - spl_autoload_register(array($this, 'loadClass'), true, $prepend); - - if (null === $this->vendorDir) { - return; - } - - if ($prepend) { - self::$registeredLoaders = array($this->vendorDir => $this) + self::$registeredLoaders; - } else { - unset(self::$registeredLoaders[$this->vendorDir]); - self::$registeredLoaders[$this->vendorDir] = $this; - } - } - - /** - * Unregisters this instance as an autoloader. - * - * @return void - */ - public function unregister() - { - spl_autoload_unregister(array($this, 'loadClass')); - - if (null !== $this->vendorDir) { - unset(self::$registeredLoaders[$this->vendorDir]); - } - } - - /** - * Loads the given class or interface. - * - * @param string $class The name of the class - * @return true|null True if loaded, null otherwise - */ - public function loadClass($class) - { - if ($file = $this->findFile($class)) { - includeFile($file); - - return true; - } - - return null; - } - - /** - * Finds the path to the file where the class is defined. - * - * @param string $class The name of the class - * - * @return string|false The path if found, false otherwise - */ - public function findFile($class) - { - // class map lookup - if (isset($this->classMap[$class])) { - return $this->classMap[$class]; - } - if ($this->classMapAuthoritative || isset($this->missingClasses[$class])) { - return false; - } - if (null !== $this->apcuPrefix) { - $file = apcu_fetch($this->apcuPrefix.$class, $hit); - if ($hit) { - return $file; - } - } - - $file = $this->findFileWithExtension($class, '.php'); - - // Search for Hack files if we are running on HHVM - if (false === $file && defined('HHVM_VERSION')) { - $file = $this->findFileWithExtension($class, '.hh'); - } - - if (null !== $this->apcuPrefix) { - apcu_add($this->apcuPrefix.$class, $file); - } - - if (false === $file) { - // Remember that this class does not exist. - $this->missingClasses[$class] = true; - } - - return $file; - } - - /** - * Returns the currently registered loaders indexed by their corresponding vendor directories. - * - * @return self[] - */ - public static function getRegisteredLoaders() - { - return self::$registeredLoaders; - } - - /** - * @param string $class - * @param string $ext - * @return string|false - */ - private function findFileWithExtension($class, $ext) - { - // PSR-4 lookup - $logicalPathPsr4 = strtr($class, '\\', DIRECTORY_SEPARATOR) . $ext; - - $first = $class[0]; - if (isset($this->prefixLengthsPsr4[$first])) { - $subPath = $class; - while (false !== $lastPos = strrpos($subPath, '\\')) { - $subPath = substr($subPath, 0, $lastPos); - $search = $subPath . '\\'; - if (isset($this->prefixDirsPsr4[$search])) { - $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1); - foreach ($this->prefixDirsPsr4[$search] as $dir) { - if (file_exists($file = $dir . $pathEnd)) { - return $file; - } - } - } - } - } - - // PSR-4 fallback dirs - foreach ($this->fallbackDirsPsr4 as $dir) { - if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr4)) { - return $file; - } - } - - // PSR-0 lookup - if (false !== $pos = strrpos($class, '\\')) { - // namespaced class name - $logicalPathPsr0 = substr($logicalPathPsr4, 0, $pos + 1) - . strtr(substr($logicalPathPsr4, $pos + 1), '_', DIRECTORY_SEPARATOR); - } else { - // PEAR-like class name - $logicalPathPsr0 = strtr($class, '_', DIRECTORY_SEPARATOR) . $ext; - } - - if (isset($this->prefixesPsr0[$first])) { - foreach ($this->prefixesPsr0[$first] as $prefix => $dirs) { - if (0 === strpos($class, $prefix)) { - foreach ($dirs as $dir) { - if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { - return $file; - } - } - } - } - } - - // PSR-0 fallback dirs - foreach ($this->fallbackDirsPsr0 as $dir) { - if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { - return $file; - } - } - - // PSR-0 include paths. - if ($this->useIncludePath && $file = stream_resolve_include_path($logicalPathPsr0)) { - return $file; - } - - return false; - } -} - -/** - * Scope isolated include. - * - * Prevents access to $this/self from included files. - * - * @param string $file - * @return void - * @private - */ -function includeFile($file) -{ - include $file; -} diff --git a/plugins/auth/vendor/composer/LICENSE b/plugins/auth/vendor/composer/LICENSE deleted file mode 100644 index f27399a0..00000000 --- a/plugins/auth/vendor/composer/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ - -Copyright (c) Nils Adermann, Jordi Boggiano - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is furnished -to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. - diff --git a/plugins/auth/vendor/composer/autoload_classmap.php b/plugins/auth/vendor/composer/autoload_classmap.php deleted file mode 100644 index 8f4c16d6..00000000 --- a/plugins/auth/vendor/composer/autoload_classmap.php +++ /dev/null @@ -1,55 +0,0 @@ - $vendorDir . '/apereo/phpcas/source/CAS/AuthenticationException.php', - 'CAS_Client' => $vendorDir . '/apereo/phpcas/source/CAS/Client.php', - 'CAS_CookieJar' => $vendorDir . '/apereo/phpcas/source/CAS/CookieJar.php', - 'CAS_Exception' => $vendorDir . '/apereo/phpcas/source/CAS/Exception.php', - 'CAS_GracefullTerminationException' => $vendorDir . '/apereo/phpcas/source/CAS/GracefullTerminationException.php', - 'CAS_InvalidArgumentException' => $vendorDir . '/apereo/phpcas/source/CAS/InvalidArgumentException.php', - 'CAS_Languages_Catalan' => $vendorDir . '/apereo/phpcas/source/CAS/Languages/Catalan.php', - 'CAS_Languages_ChineseSimplified' => $vendorDir . '/apereo/phpcas/source/CAS/Languages/ChineseSimplified.php', - 'CAS_Languages_English' => $vendorDir . '/apereo/phpcas/source/CAS/Languages/English.php', - 'CAS_Languages_French' => $vendorDir . '/apereo/phpcas/source/CAS/Languages/French.php', - 'CAS_Languages_German' => $vendorDir . '/apereo/phpcas/source/CAS/Languages/German.php', - 'CAS_Languages_Greek' => $vendorDir . '/apereo/phpcas/source/CAS/Languages/Greek.php', - 'CAS_Languages_Japanese' => $vendorDir . '/apereo/phpcas/source/CAS/Languages/Japanese.php', - 'CAS_Languages_LanguageInterface' => $vendorDir . '/apereo/phpcas/source/CAS/Languages/LanguageInterface.php', - 'CAS_Languages_Spanish' => $vendorDir . '/apereo/phpcas/source/CAS/Languages/Spanish.php', - 'CAS_OutOfSequenceBeforeAuthenticationCallException' => $vendorDir . '/apereo/phpcas/source/CAS/OutOfSequenceBeforeAuthenticationCallException.php', - 'CAS_OutOfSequenceBeforeClientException' => $vendorDir . '/apereo/phpcas/source/CAS/OutOfSequenceBeforeClientException.php', - 'CAS_OutOfSequenceBeforeProxyException' => $vendorDir . '/apereo/phpcas/source/CAS/OutOfSequenceBeforeProxyException.php', - 'CAS_OutOfSequenceException' => $vendorDir . '/apereo/phpcas/source/CAS/OutOfSequenceException.php', - 'CAS_PGTStorage_AbstractStorage' => $vendorDir . '/apereo/phpcas/source/CAS/PGTStorage/AbstractStorage.php', - 'CAS_PGTStorage_Db' => $vendorDir . '/apereo/phpcas/source/CAS/PGTStorage/Db.php', - 'CAS_PGTStorage_File' => $vendorDir . '/apereo/phpcas/source/CAS/PGTStorage/File.php', - 'CAS_ProxiedService' => $vendorDir . '/apereo/phpcas/source/CAS/ProxiedService.php', - 'CAS_ProxiedService_Abstract' => $vendorDir . '/apereo/phpcas/source/CAS/ProxiedService/Abstract.php', - 'CAS_ProxiedService_Exception' => $vendorDir . '/apereo/phpcas/source/CAS/ProxiedService/Exception.php', - 'CAS_ProxiedService_Http' => $vendorDir . '/apereo/phpcas/source/CAS/ProxiedService/Http.php', - 'CAS_ProxiedService_Http_Abstract' => $vendorDir . '/apereo/phpcas/source/CAS/ProxiedService/Http/Abstract.php', - 'CAS_ProxiedService_Http_Get' => $vendorDir . '/apereo/phpcas/source/CAS/ProxiedService/Http/Get.php', - 'CAS_ProxiedService_Http_Post' => $vendorDir . '/apereo/phpcas/source/CAS/ProxiedService/Http/Post.php', - 'CAS_ProxiedService_Imap' => $vendorDir . '/apereo/phpcas/source/CAS/ProxiedService/Imap.php', - 'CAS_ProxiedService_Testable' => $vendorDir . '/apereo/phpcas/source/CAS/ProxiedService/Testable.php', - 'CAS_ProxyChain' => $vendorDir . '/apereo/phpcas/source/CAS/ProxyChain.php', - 'CAS_ProxyChain_AllowedList' => $vendorDir . '/apereo/phpcas/source/CAS/ProxyChain/AllowedList.php', - 'CAS_ProxyChain_Any' => $vendorDir . '/apereo/phpcas/source/CAS/ProxyChain/Any.php', - 'CAS_ProxyChain_Interface' => $vendorDir . '/apereo/phpcas/source/CAS/ProxyChain/Interface.php', - 'CAS_ProxyChain_Trusted' => $vendorDir . '/apereo/phpcas/source/CAS/ProxyChain/Trusted.php', - 'CAS_ProxyTicketException' => $vendorDir . '/apereo/phpcas/source/CAS/ProxyTicketException.php', - 'CAS_Request_AbstractRequest' => $vendorDir . '/apereo/phpcas/source/CAS/Request/AbstractRequest.php', - 'CAS_Request_CurlMultiRequest' => $vendorDir . '/apereo/phpcas/source/CAS/Request/CurlMultiRequest.php', - 'CAS_Request_CurlRequest' => $vendorDir . '/apereo/phpcas/source/CAS/Request/CurlRequest.php', - 'CAS_Request_Exception' => $vendorDir . '/apereo/phpcas/source/CAS/Request/Exception.php', - 'CAS_Request_MultiRequestInterface' => $vendorDir . '/apereo/phpcas/source/CAS/Request/MultiRequestInterface.php', - 'CAS_Request_RequestInterface' => $vendorDir . '/apereo/phpcas/source/CAS/Request/RequestInterface.php', - 'CAS_TypeMismatchException' => $vendorDir . '/apereo/phpcas/source/CAS/TypeMismatchException.php', - 'Composer\\InstalledVersions' => $vendorDir . '/composer/InstalledVersions.php', - 'phpCAS' => $vendorDir . '/apereo/phpcas/source/CAS.php', -); diff --git a/plugins/auth/vendor/composer/autoload_files.php b/plugins/auth/vendor/composer/autoload_files.php deleted file mode 100644 index 44707364..00000000 --- a/plugins/auth/vendor/composer/autoload_files.php +++ /dev/null @@ -1,13 +0,0 @@ - $vendorDir . '/ralouphie/getallheaders/src/getallheaders.php', - 'c964ee0ededf28c96ebd9db5099ef910' => $vendorDir . '/guzzlehttp/promises/src/functions_include.php', - '6e3fae29631ef280660b3cdad06f25a8' => $vendorDir . '/symfony/deprecation-contracts/function.php', - '37a3dc5111fe8f707ab4c132ef1dbc62' => $vendorDir . '/guzzlehttp/guzzle/src/functions_include.php', -); diff --git a/plugins/auth/vendor/composer/autoload_namespaces.php b/plugins/auth/vendor/composer/autoload_namespaces.php deleted file mode 100644 index 15a2ff3a..00000000 --- a/plugins/auth/vendor/composer/autoload_namespaces.php +++ /dev/null @@ -1,9 +0,0 @@ - array($vendorDir . '/robrichards/xmlseclibs/src'), - 'Psr\\Log\\' => array($vendorDir . '/psr/log/Psr/Log'), - 'Psr\\Http\\Message\\' => array($vendorDir . '/psr/http-factory/src', $vendorDir . '/psr/http-message/src'), - 'Psr\\Http\\Client\\' => array($vendorDir . '/psr/http-client/src'), - 'OneLogin\\' => array($vendorDir . '/onelogin/php-saml/src'), - 'League\\OAuth2\\Client\\' => array($vendorDir . '/league/oauth2-client/src'), - 'GuzzleHttp\\Psr7\\' => array($vendorDir . '/guzzlehttp/psr7/src'), - 'GuzzleHttp\\Promise\\' => array($vendorDir . '/guzzlehttp/promises/src'), - 'GuzzleHttp\\' => array($vendorDir . '/guzzlehttp/guzzle/src'), -); diff --git a/plugins/auth/vendor/composer/autoload_real.php b/plugins/auth/vendor/composer/autoload_real.php deleted file mode 100644 index 8168c4ac..00000000 --- a/plugins/auth/vendor/composer/autoload_real.php +++ /dev/null @@ -1,57 +0,0 @@ -register(true); - - $includeFiles = \Composer\Autoload\ComposerStaticInit6893c41d1d4abf329bc60826da2d4d1a::$files; - foreach ($includeFiles as $fileIdentifier => $file) { - composerRequire6893c41d1d4abf329bc60826da2d4d1a($fileIdentifier, $file); - } - - return $loader; - } -} - -/** - * @param string $fileIdentifier - * @param string $file - * @return void - */ -function composerRequire6893c41d1d4abf329bc60826da2d4d1a($fileIdentifier, $file) -{ - if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { - $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; - - require $file; - } -} diff --git a/plugins/auth/vendor/composer/autoload_static.php b/plugins/auth/vendor/composer/autoload_static.php deleted file mode 100644 index 2c9e2d89..00000000 --- a/plugins/auth/vendor/composer/autoload_static.php +++ /dev/null @@ -1,141 +0,0 @@ - __DIR__ . '/..' . '/ralouphie/getallheaders/src/getallheaders.php', - 'c964ee0ededf28c96ebd9db5099ef910' => __DIR__ . '/..' . '/guzzlehttp/promises/src/functions_include.php', - '6e3fae29631ef280660b3cdad06f25a8' => __DIR__ . '/..' . '/symfony/deprecation-contracts/function.php', - '37a3dc5111fe8f707ab4c132ef1dbc62' => __DIR__ . '/..' . '/guzzlehttp/guzzle/src/functions_include.php', - ); - - public static $prefixLengthsPsr4 = array ( - 'R' => - array ( - 'RobRichards\\XMLSecLibs\\' => 23, - ), - 'P' => - array ( - 'Psr\\Log\\' => 8, - 'Psr\\Http\\Message\\' => 17, - 'Psr\\Http\\Client\\' => 16, - ), - 'O' => - array ( - 'OneLogin\\' => 9, - ), - 'L' => - array ( - 'League\\OAuth2\\Client\\' => 21, - ), - 'G' => - array ( - 'GuzzleHttp\\Psr7\\' => 16, - 'GuzzleHttp\\Promise\\' => 19, - 'GuzzleHttp\\' => 11, - ), - ); - - public static $prefixDirsPsr4 = array ( - 'RobRichards\\XMLSecLibs\\' => - array ( - 0 => __DIR__ . '/..' . '/robrichards/xmlseclibs/src', - ), - 'Psr\\Log\\' => - array ( - 0 => __DIR__ . '/..' . '/psr/log/Psr/Log', - ), - 'Psr\\Http\\Message\\' => - array ( - 0 => __DIR__ . '/..' . '/psr/http-factory/src', - 1 => __DIR__ . '/..' . '/psr/http-message/src', - ), - 'Psr\\Http\\Client\\' => - array ( - 0 => __DIR__ . '/..' . '/psr/http-client/src', - ), - 'OneLogin\\' => - array ( - 0 => __DIR__ . '/..' . '/onelogin/php-saml/src', - ), - 'League\\OAuth2\\Client\\' => - array ( - 0 => __DIR__ . '/..' . '/league/oauth2-client/src', - ), - 'GuzzleHttp\\Psr7\\' => - array ( - 0 => __DIR__ . '/..' . '/guzzlehttp/psr7/src', - ), - 'GuzzleHttp\\Promise\\' => - array ( - 0 => __DIR__ . '/..' . '/guzzlehttp/promises/src', - ), - 'GuzzleHttp\\' => - array ( - 0 => __DIR__ . '/..' . '/guzzlehttp/guzzle/src', - ), - ); - - public static $classMap = array ( - 'CAS_AuthenticationException' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/AuthenticationException.php', - 'CAS_Client' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Client.php', - 'CAS_CookieJar' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/CookieJar.php', - 'CAS_Exception' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Exception.php', - 'CAS_GracefullTerminationException' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/GracefullTerminationException.php', - 'CAS_InvalidArgumentException' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/InvalidArgumentException.php', - 'CAS_Languages_Catalan' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Languages/Catalan.php', - 'CAS_Languages_ChineseSimplified' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Languages/ChineseSimplified.php', - 'CAS_Languages_English' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Languages/English.php', - 'CAS_Languages_French' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Languages/French.php', - 'CAS_Languages_German' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Languages/German.php', - 'CAS_Languages_Greek' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Languages/Greek.php', - 'CAS_Languages_Japanese' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Languages/Japanese.php', - 'CAS_Languages_LanguageInterface' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Languages/LanguageInterface.php', - 'CAS_Languages_Spanish' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Languages/Spanish.php', - 'CAS_OutOfSequenceBeforeAuthenticationCallException' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/OutOfSequenceBeforeAuthenticationCallException.php', - 'CAS_OutOfSequenceBeforeClientException' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/OutOfSequenceBeforeClientException.php', - 'CAS_OutOfSequenceBeforeProxyException' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/OutOfSequenceBeforeProxyException.php', - 'CAS_OutOfSequenceException' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/OutOfSequenceException.php', - 'CAS_PGTStorage_AbstractStorage' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/PGTStorage/AbstractStorage.php', - 'CAS_PGTStorage_Db' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/PGTStorage/Db.php', - 'CAS_PGTStorage_File' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/PGTStorage/File.php', - 'CAS_ProxiedService' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxiedService.php', - 'CAS_ProxiedService_Abstract' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxiedService/Abstract.php', - 'CAS_ProxiedService_Exception' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxiedService/Exception.php', - 'CAS_ProxiedService_Http' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxiedService/Http.php', - 'CAS_ProxiedService_Http_Abstract' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxiedService/Http/Abstract.php', - 'CAS_ProxiedService_Http_Get' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxiedService/Http/Get.php', - 'CAS_ProxiedService_Http_Post' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxiedService/Http/Post.php', - 'CAS_ProxiedService_Imap' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxiedService/Imap.php', - 'CAS_ProxiedService_Testable' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxiedService/Testable.php', - 'CAS_ProxyChain' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxyChain.php', - 'CAS_ProxyChain_AllowedList' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxyChain/AllowedList.php', - 'CAS_ProxyChain_Any' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxyChain/Any.php', - 'CAS_ProxyChain_Interface' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxyChain/Interface.php', - 'CAS_ProxyChain_Trusted' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxyChain/Trusted.php', - 'CAS_ProxyTicketException' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/ProxyTicketException.php', - 'CAS_Request_AbstractRequest' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Request/AbstractRequest.php', - 'CAS_Request_CurlMultiRequest' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Request/CurlMultiRequest.php', - 'CAS_Request_CurlRequest' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Request/CurlRequest.php', - 'CAS_Request_Exception' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Request/Exception.php', - 'CAS_Request_MultiRequestInterface' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Request/MultiRequestInterface.php', - 'CAS_Request_RequestInterface' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/Request/RequestInterface.php', - 'CAS_TypeMismatchException' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS/TypeMismatchException.php', - 'Composer\\InstalledVersions' => __DIR__ . '/..' . '/composer/InstalledVersions.php', - 'phpCAS' => __DIR__ . '/..' . '/apereo/phpcas/source/CAS.php', - ); - - public static function getInitializer(ClassLoader $loader) - { - return \Closure::bind(function () use ($loader) { - $loader->prefixLengthsPsr4 = ComposerStaticInit6893c41d1d4abf329bc60826da2d4d1a::$prefixLengthsPsr4; - $loader->prefixDirsPsr4 = ComposerStaticInit6893c41d1d4abf329bc60826da2d4d1a::$prefixDirsPsr4; - $loader->classMap = ComposerStaticInit6893c41d1d4abf329bc60826da2d4d1a::$classMap; - - }, null, ClassLoader::class); - } -} diff --git a/plugins/auth/vendor/composer/installed.json b/plugins/auth/vendor/composer/installed.json deleted file mode 100644 index a9e3f22a..00000000 --- a/plugins/auth/vendor/composer/installed.json +++ /dev/null @@ -1,975 +0,0 @@ -{ - "packages": [ - { - "name": "apereo/phpcas", - "version": "1.6.0", - "version_normalized": "1.6.0.0", - "source": { - "type": "git", - "url": "https://github.com/apereo/phpCAS.git", - "reference": "f817c72a961484afef95ac64a9257c8e31f063b9" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/apereo/phpCAS/zipball/f817c72a961484afef95ac64a9257c8e31f063b9", - "reference": "f817c72a961484afef95ac64a9257c8e31f063b9", - "shasum": "" - }, - "require": { - "ext-curl": "*", - "ext-dom": "*", - "php": ">=7.1.0", - "psr/log": "^1.0 || ^2.0 || ^3.0" - }, - "require-dev": { - "monolog/monolog": "^1.0.0 || ^2.0.0", - "phpstan/phpstan": "^1.5", - "phpunit/phpunit": ">=7.5" - }, - "time": "2022-10-31T20:39:27+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.3.x-dev" - } - }, - "installation-source": "dist", - "autoload": { - "classmap": [ - "source/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "Apache-2.0" - ], - "authors": [ - { - "name": "Joachim Fritschi", - "email": "jfritschi@freenet.de", - "homepage": "https://github.com/jfritschi" - }, - { - "name": "Adam Franco", - "homepage": "https://github.com/adamfranco" - }, - { - "name": "Henry Pan", - "homepage": "https://github.com/phy25" - } - ], - "description": "Provides a simple API for authenticating users against a CAS server", - "homepage": "https://wiki.jasig.org/display/CASC/phpCAS", - "keywords": [ - "apereo", - "cas", - "jasig" - ], - "support": { - "issues": "https://github.com/apereo/phpCAS/issues", - "source": "https://github.com/apereo/phpCAS/tree/1.6.0" - }, - "install-path": "../apereo/phpcas" - }, - { - "name": "guzzlehttp/guzzle", - "version": "7.5.0", - "version_normalized": "7.5.0.0", - "source": { - "type": "git", - "url": "https://github.com/guzzle/guzzle.git", - "reference": "b50a2a1251152e43f6a37f0fa053e730a67d25ba" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/guzzle/guzzle/zipball/b50a2a1251152e43f6a37f0fa053e730a67d25ba", - "reference": "b50a2a1251152e43f6a37f0fa053e730a67d25ba", - "shasum": "" - }, - "require": { - "ext-json": "*", - "guzzlehttp/promises": "^1.5", - "guzzlehttp/psr7": "^1.9 || ^2.4", - "php": "^7.2.5 || ^8.0", - "psr/http-client": "^1.0", - "symfony/deprecation-contracts": "^2.2 || ^3.0" - }, - "provide": { - "psr/http-client-implementation": "1.0" - }, - "require-dev": { - "bamarni/composer-bin-plugin": "^1.8.1", - "ext-curl": "*", - "php-http/client-integration-tests": "^3.0", - "phpunit/phpunit": "^8.5.29 || ^9.5.23", - "psr/log": "^1.1 || ^2.0 || ^3.0" - }, - "suggest": { - "ext-curl": "Required for CURL handler support", - "ext-intl": "Required for Internationalized Domain Name (IDN) support", - "psr/log": "Required for using the Log middleware" - }, - "time": "2022-08-28T15:39:27+00:00", - "type": "library", - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": false - }, - "branch-alias": { - "dev-master": "7.5-dev" - } - }, - "installation-source": "dist", - "autoload": { - "files": [ - "src/functions_include.php" - ], - "psr-4": { - "GuzzleHttp\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Michael Dowling", - "email": "mtdowling@gmail.com", - "homepage": "https://github.com/mtdowling" - }, - { - "name": "Jeremy Lindblom", - "email": "jeremeamia@gmail.com", - "homepage": "https://github.com/jeremeamia" - }, - { - "name": "George Mponos", - "email": "gmponos@gmail.com", - "homepage": "https://github.com/gmponos" - }, - { - "name": "Tobias Nyholm", - "email": "tobias.nyholm@gmail.com", - "homepage": "https://github.com/Nyholm" - }, - { - "name": "Márk Sági-Kazár", - "email": "mark.sagikazar@gmail.com", - "homepage": "https://github.com/sagikazarmark" - }, - { - "name": "Tobias Schultze", - "email": "webmaster@tubo-world.de", - "homepage": "https://github.com/Tobion" - } - ], - "description": "Guzzle is a PHP HTTP client library", - "keywords": [ - "client", - "curl", - "framework", - "http", - "http client", - "psr-18", - "psr-7", - "rest", - "web service" - ], - "support": { - "issues": "https://github.com/guzzle/guzzle/issues", - "source": "https://github.com/guzzle/guzzle/tree/7.5.0" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://github.com/Nyholm", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/guzzle", - "type": "tidelift" - } - ], - "install-path": "../guzzlehttp/guzzle" - }, - { - "name": "guzzlehttp/promises", - "version": "1.5.2", - "version_normalized": "1.5.2.0", - "source": { - "type": "git", - "url": "https://github.com/guzzle/promises.git", - "reference": "b94b2807d85443f9719887892882d0329d1e2598" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/guzzle/promises/zipball/b94b2807d85443f9719887892882d0329d1e2598", - "reference": "b94b2807d85443f9719887892882d0329d1e2598", - "shasum": "" - }, - "require": { - "php": ">=5.5" - }, - "require-dev": { - "symfony/phpunit-bridge": "^4.4 || ^5.1" - }, - "time": "2022-08-28T14:55:35+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.5-dev" - } - }, - "installation-source": "dist", - "autoload": { - "files": [ - "src/functions_include.php" - ], - "psr-4": { - "GuzzleHttp\\Promise\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Michael Dowling", - "email": "mtdowling@gmail.com", - "homepage": "https://github.com/mtdowling" - }, - { - "name": "Tobias Nyholm", - "email": "tobias.nyholm@gmail.com", - "homepage": "https://github.com/Nyholm" - }, - { - "name": "Tobias Schultze", - "email": "webmaster@tubo-world.de", - "homepage": "https://github.com/Tobion" - } - ], - "description": "Guzzle promises library", - "keywords": [ - "promise" - ], - "support": { - "issues": "https://github.com/guzzle/promises/issues", - "source": "https://github.com/guzzle/promises/tree/1.5.2" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://github.com/Nyholm", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/promises", - "type": "tidelift" - } - ], - "install-path": "../guzzlehttp/promises" - }, - { - "name": "guzzlehttp/psr7", - "version": "2.4.3", - "version_normalized": "2.4.3.0", - "source": { - "type": "git", - "url": "https://github.com/guzzle/psr7.git", - "reference": "67c26b443f348a51926030c83481b85718457d3d" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/guzzle/psr7/zipball/67c26b443f348a51926030c83481b85718457d3d", - "reference": "67c26b443f348a51926030c83481b85718457d3d", - "shasum": "" - }, - "require": { - "php": "^7.2.5 || ^8.0", - "psr/http-factory": "^1.0", - "psr/http-message": "^1.0", - "ralouphie/getallheaders": "^3.0" - }, - "provide": { - "psr/http-factory-implementation": "1.0", - "psr/http-message-implementation": "1.0" - }, - "require-dev": { - "bamarni/composer-bin-plugin": "^1.8.1", - "http-interop/http-factory-tests": "^0.9", - "phpunit/phpunit": "^8.5.29 || ^9.5.23" - }, - "suggest": { - "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses" - }, - "time": "2022-10-26T14:07:24+00:00", - "type": "library", - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": false - }, - "branch-alias": { - "dev-master": "2.4-dev" - } - }, - "installation-source": "dist", - "autoload": { - "psr-4": { - "GuzzleHttp\\Psr7\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Michael Dowling", - "email": "mtdowling@gmail.com", - "homepage": "https://github.com/mtdowling" - }, - { - "name": "George Mponos", - "email": "gmponos@gmail.com", - "homepage": "https://github.com/gmponos" - }, - { - "name": "Tobias Nyholm", - "email": "tobias.nyholm@gmail.com", - "homepage": "https://github.com/Nyholm" - }, - { - "name": "Márk Sági-Kazár", - "email": "mark.sagikazar@gmail.com", - "homepage": "https://github.com/sagikazarmark" - }, - { - "name": "Tobias Schultze", - "email": "webmaster@tubo-world.de", - "homepage": "https://github.com/Tobion" - }, - { - "name": "Márk Sági-Kazár", - "email": "mark.sagikazar@gmail.com", - "homepage": "https://sagikazarmark.hu" - } - ], - "description": "PSR-7 message implementation that also provides common utility methods", - "keywords": [ - "http", - "message", - "psr-7", - "request", - "response", - "stream", - "uri", - "url" - ], - "support": { - "issues": "https://github.com/guzzle/psr7/issues", - "source": "https://github.com/guzzle/psr7/tree/2.4.3" - }, - "funding": [ - { - "url": "https://github.com/GrahamCampbell", - "type": "github" - }, - { - "url": "https://github.com/Nyholm", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/psr7", - "type": "tidelift" - } - ], - "install-path": "../guzzlehttp/psr7" - }, - { - "name": "league/oauth2-client", - "version": "2.6.1", - "version_normalized": "2.6.1.0", - "source": { - "type": "git", - "url": "https://github.com/thephpleague/oauth2-client.git", - "reference": "2334c249907190c132364f5dae0287ab8666aa19" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/thephpleague/oauth2-client/zipball/2334c249907190c132364f5dae0287ab8666aa19", - "reference": "2334c249907190c132364f5dae0287ab8666aa19", - "shasum": "" - }, - "require": { - "guzzlehttp/guzzle": "^6.0 || ^7.0", - "paragonie/random_compat": "^1 || ^2 || ^9.99", - "php": "^5.6 || ^7.0 || ^8.0" - }, - "require-dev": { - "mockery/mockery": "^1.3.5", - "php-parallel-lint/php-parallel-lint": "^1.3.1", - "phpunit/phpunit": "^5.7 || ^6.0 || ^9.5", - "squizlabs/php_codesniffer": "^2.3 || ^3.0" - }, - "time": "2021-12-22T16:42:49+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-2.x": "2.0.x-dev" - } - }, - "installation-source": "dist", - "autoload": { - "psr-4": { - "League\\OAuth2\\Client\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Alex Bilbie", - "email": "hello@alexbilbie.com", - "homepage": "http://www.alexbilbie.com", - "role": "Developer" - }, - { - "name": "Woody Gilk", - "homepage": "https://github.com/shadowhand", - "role": "Contributor" - } - ], - "description": "OAuth 2.0 Client Library", - "keywords": [ - "Authentication", - "SSO", - "authorization", - "identity", - "idp", - "oauth", - "oauth2", - "single sign on" - ], - "support": { - "issues": "https://github.com/thephpleague/oauth2-client/issues", - "source": "https://github.com/thephpleague/oauth2-client/tree/2.6.1" - }, - "install-path": "../league/oauth2-client" - }, - { - "name": "onelogin/php-saml", - "version": "3.6.1", - "version_normalized": "3.6.1.0", - "source": { - "type": "git", - "url": "https://github.com/onelogin/php-saml.git", - "reference": "a7328b11887660ad248ea10952dd67a5aa73ba3b" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/onelogin/php-saml/zipball/a7328b11887660ad248ea10952dd67a5aa73ba3b", - "reference": "a7328b11887660ad248ea10952dd67a5aa73ba3b", - "shasum": "" - }, - "require": { - "php": ">=5.4", - "robrichards/xmlseclibs": ">=3.1.1" - }, - "require-dev": { - "pdepend/pdepend": "^2.5.0", - "php-coveralls/php-coveralls": "^1.0.2 || ^2.0", - "phploc/phploc": "^2.1 || ^3.0 || ^4.0", - "phpunit/phpunit": "<7.5.18", - "sebastian/phpcpd": "^2.0 || ^3.0 || ^4.0", - "squizlabs/php_codesniffer": "^3.1.1" - }, - "suggest": { - "ext-curl": "Install curl lib to be able to use the IdPMetadataParser for parsing remote XMLs", - "ext-gettext": "Install gettext and php5-gettext libs to handle translations", - "ext-openssl": "Install openssl lib in order to handle with x509 certs (require to support sign and encryption)" - }, - "time": "2021-03-02T10:13:07+00:00", - "type": "library", - "installation-source": "dist", - "autoload": { - "psr-4": { - "OneLogin\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "description": "OneLogin PHP SAML Toolkit", - "homepage": "https://developers.onelogin.com/saml/php", - "keywords": [ - "SAML2", - "onelogin", - "saml" - ], - "support": { - "email": "sixto.garcia@onelogin.com", - "issues": "https://github.com/onelogin/php-saml/issues", - "source": "https://github.com/onelogin/php-saml/" - }, - "install-path": "../onelogin/php-saml" - }, - { - "name": "paragonie/random_compat", - "version": "v9.99.100", - "version_normalized": "9.99.100.0", - "source": { - "type": "git", - "url": "https://github.com/paragonie/random_compat.git", - "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a", - "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a", - "shasum": "" - }, - "require": { - "php": ">= 7" - }, - "require-dev": { - "phpunit/phpunit": "4.*|5.*", - "vimeo/psalm": "^1" - }, - "suggest": { - "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." - }, - "time": "2020-10-15T08:29:30+00:00", - "type": "library", - "installation-source": "dist", - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com" - } - ], - "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", - "keywords": [ - "csprng", - "polyfill", - "pseudorandom", - "random" - ], - "support": { - "email": "info@paragonie.com", - "issues": "https://github.com/paragonie/random_compat/issues", - "source": "https://github.com/paragonie/random_compat" - }, - "install-path": "../paragonie/random_compat" - }, - { - "name": "psr/http-client", - "version": "1.0.1", - "version_normalized": "1.0.1.0", - "source": { - "type": "git", - "url": "https://github.com/php-fig/http-client.git", - "reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/php-fig/http-client/zipball/2dfb5f6c5eff0e91e20e913f8c5452ed95b86621", - "reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621", - "shasum": "" - }, - "require": { - "php": "^7.0 || ^8.0", - "psr/http-message": "^1.0" - }, - "time": "2020-06-29T06:28:15+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "installation-source": "dist", - "autoload": { - "psr-4": { - "Psr\\Http\\Client\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" - } - ], - "description": "Common interface for HTTP clients", - "homepage": "https://github.com/php-fig/http-client", - "keywords": [ - "http", - "http-client", - "psr", - "psr-18" - ], - "install-path": "../psr/http-client" - }, - { - "name": "psr/http-factory", - "version": "1.0.1", - "version_normalized": "1.0.1.0", - "source": { - "type": "git", - "url": "https://github.com/php-fig/http-factory.git", - "reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/php-fig/http-factory/zipball/12ac7fcd07e5b077433f5f2bee95b3a771bf61be", - "reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be", - "shasum": "" - }, - "require": { - "php": ">=7.0.0", - "psr/http-message": "^1.0" - }, - "time": "2019-04-30T12:38:16+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "installation-source": "dist", - "autoload": { - "psr-4": { - "Psr\\Http\\Message\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" - } - ], - "description": "Common interfaces for PSR-7 HTTP message factories", - "keywords": [ - "factory", - "http", - "message", - "psr", - "psr-17", - "psr-7", - "request", - "response" - ], - "support": { - "source": "https://github.com/php-fig/http-factory/tree/master" - }, - "install-path": "../psr/http-factory" - }, - { - "name": "psr/http-message", - "version": "1.0.1", - "version_normalized": "1.0.1.0", - "source": { - "type": "git", - "url": "https://github.com/php-fig/http-message.git", - "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/php-fig/http-message/zipball/f6561bf28d520154e4b0ec72be95418abe6d9363", - "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363", - "shasum": "" - }, - "require": { - "php": ">=5.3.0" - }, - "time": "2016-08-06T14:39:51+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "installation-source": "dist", - "autoload": { - "psr-4": { - "Psr\\Http\\Message\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" - } - ], - "description": "Common interface for HTTP messages", - "homepage": "https://github.com/php-fig/http-message", - "keywords": [ - "http", - "http-message", - "psr", - "psr-7", - "request", - "response" - ], - "install-path": "../psr/http-message" - }, - { - "name": "psr/log", - "version": "1.1.4", - "version_normalized": "1.1.4.0", - "source": { - "type": "git", - "url": "https://github.com/php-fig/log.git", - "reference": "d49695b909c3b7628b6289db5479a1c204601f11" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11", - "reference": "d49695b909c3b7628b6289db5479a1c204601f11", - "shasum": "" - }, - "require": { - "php": ">=5.3.0" - }, - "time": "2021-05-03T11:20:27+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.1.x-dev" - } - }, - "installation-source": "dist", - "autoload": { - "psr-4": { - "Psr\\Log\\": "Psr/Log/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "PHP-FIG", - "homepage": "https://www.php-fig.org/" - } - ], - "description": "Common interface for logging libraries", - "homepage": "https://github.com/php-fig/log", - "keywords": [ - "log", - "psr", - "psr-3" - ], - "support": { - "source": "https://github.com/php-fig/log/tree/1.1.4" - }, - "install-path": "../psr/log" - }, - { - "name": "ralouphie/getallheaders", - "version": "3.0.3", - "version_normalized": "3.0.3.0", - "source": { - "type": "git", - "url": "https://github.com/ralouphie/getallheaders.git", - "reference": "120b605dfeb996808c31b6477290a714d356e822" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/ralouphie/getallheaders/zipball/120b605dfeb996808c31b6477290a714d356e822", - "reference": "120b605dfeb996808c31b6477290a714d356e822", - "shasum": "" - }, - "require": { - "php": ">=5.6" - }, - "require-dev": { - "php-coveralls/php-coveralls": "^2.1", - "phpunit/phpunit": "^5 || ^6.5" - }, - "time": "2019-03-08T08:55:37+00:00", - "type": "library", - "installation-source": "dist", - "autoload": { - "files": [ - "src/getallheaders.php" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Ralph Khattar", - "email": "ralph.khattar@gmail.com" - } - ], - "description": "A polyfill for getallheaders.", - "install-path": "../ralouphie/getallheaders" - }, - { - "name": "robrichards/xmlseclibs", - "version": "3.1.1", - "version_normalized": "3.1.1.0", - "source": { - "type": "git", - "url": "https://github.com/robrichards/xmlseclibs.git", - "reference": "f8f19e58f26cdb42c54b214ff8a820760292f8df" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/robrichards/xmlseclibs/zipball/f8f19e58f26cdb42c54b214ff8a820760292f8df", - "reference": "f8f19e58f26cdb42c54b214ff8a820760292f8df", - "shasum": "" - }, - "require": { - "ext-openssl": "*", - "php": ">= 5.4" - }, - "time": "2020-09-05T13:00:25+00:00", - "type": "library", - "installation-source": "dist", - "autoload": { - "psr-4": { - "RobRichards\\XMLSecLibs\\": "src" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "description": "A PHP library for XML Security", - "homepage": "https://github.com/robrichards/xmlseclibs", - "keywords": [ - "security", - "signature", - "xml", - "xmldsig" - ], - "support": { - "issues": "https://github.com/robrichards/xmlseclibs/issues", - "source": "https://github.com/robrichards/xmlseclibs/tree/3.1.1" - }, - "install-path": "../robrichards/xmlseclibs" - }, - { - "name": "symfony/deprecation-contracts", - "version": "v3.2.0", - "version_normalized": "3.2.0.0", - "source": { - "type": "git", - "url": "https://github.com/symfony/deprecation-contracts.git", - "reference": "1ee04c65529dea5d8744774d474e7cbd2f1206d3" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/1ee04c65529dea5d8744774d474e7cbd2f1206d3", - "reference": "1ee04c65529dea5d8744774d474e7cbd2f1206d3", - "shasum": "" - }, - "require": { - "php": ">=8.1" - }, - "time": "2022-11-25T10:21:52+00:00", - "type": "library", - "extra": { - "branch-alias": { - "dev-main": "3.3-dev" - }, - "thanks": { - "name": "symfony/contracts", - "url": "https://github.com/symfony/contracts" - } - }, - "installation-source": "dist", - "autoload": { - "files": [ - "function.php" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Nicolas Grekas", - "email": "p@tchwork.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "A generic function and convention to trigger deprecation notices", - "homepage": "https://symfony.com", - "support": { - "source": "https://github.com/symfony/deprecation-contracts/tree/v3.2.0" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "install-path": "../symfony/deprecation-contracts" - } - ], - "dev": true, - "dev-package-names": [] -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/CHANGELOG.md b/plugins/auth/vendor/guzzlehttp/guzzle/CHANGELOG.md deleted file mode 100644 index 12949ba6..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/CHANGELOG.md +++ /dev/null @@ -1,1519 +0,0 @@ -# Change Log - -Please refer to [UPGRADING](UPGRADING.md) guide for upgrading to a major version. - -## 7.5.0 - 2022-08-28 - -### Added - -- Support PHP 8.2 -- Add request to delay closure params - -## 7.4.5 - 2022-06-20 - -* Fix change in port should be considered a change in origin -* Fix `CURLOPT_HTTPAUTH` option not cleared on change of origin - -## 7.4.4 - 2022-06-09 - -* Fix failure to strip Authorization header on HTTP downgrade -* Fix failure to strip the Cookie header on change in host or HTTP downgrade - -## 7.4.3 - 2022-05-25 - -* Fix cross-domain cookie leakage - -## 7.4.2 - 2022-03-20 - -### Fixed - -- Remove curl auth on cross-domain redirects to align with the Authorization HTTP header -- Reject non-HTTP schemes in StreamHandler -- Set a default ssl.peer_name context in StreamHandler to allow `force_ip_resolve` - -## 7.4.1 - 2021-12-06 - -### Changed - -- Replaced implicit URI to string coercion [#2946](https://github.com/guzzle/guzzle/pull/2946) -- Allow `symfony/deprecation-contracts` version 3 [#2961](https://github.com/guzzle/guzzle/pull/2961) - -### Fixed - -- Only close curl handle if it's done [#2950](https://github.com/guzzle/guzzle/pull/2950) - -## 7.4.0 - 2021-10-18 - -### Added - -- Support PHP 8.1 [#2929](https://github.com/guzzle/guzzle/pull/2929), [#2939](https://github.com/guzzle/guzzle/pull/2939) -- Support `psr/log` version 2 and 3 [#2943](https://github.com/guzzle/guzzle/pull/2943) - -### Fixed - -- Make sure we always call `restore_error_handler()` [#2915](https://github.com/guzzle/guzzle/pull/2915) -- Fix progress parameter type compatibility between the cURL and stream handlers [#2936](https://github.com/guzzle/guzzle/pull/2936) -- Throw `InvalidArgumentException` when an incorrect `headers` array is provided [#2916](https://github.com/guzzle/guzzle/pull/2916), [#2942](https://github.com/guzzle/guzzle/pull/2942) - -### Changed - -- Be more strict with types [#2914](https://github.com/guzzle/guzzle/pull/2914), [#2917](https://github.com/guzzle/guzzle/pull/2917), [#2919](https://github.com/guzzle/guzzle/pull/2919), [#2945](https://github.com/guzzle/guzzle/pull/2945) - -## 7.3.0 - 2021-03-23 - -### Added - -- Support for DER and P12 certificates [#2413](https://github.com/guzzle/guzzle/pull/2413) -- Support the cURL (http://) scheme for StreamHandler proxies [#2850](https://github.com/guzzle/guzzle/pull/2850) -- Support for `guzzlehttp/psr7:^2.0` [#2878](https://github.com/guzzle/guzzle/pull/2878) - -### Fixed - -- Handle exceptions on invalid header consistently between PHP versions and handlers [#2872](https://github.com/guzzle/guzzle/pull/2872) - -## 7.2.0 - 2020-10-10 - -### Added - -- Support for PHP 8 [#2712](https://github.com/guzzle/guzzle/pull/2712), [#2715](https://github.com/guzzle/guzzle/pull/2715), [#2789](https://github.com/guzzle/guzzle/pull/2789) -- Support passing a body summarizer to the http errors middleware [#2795](https://github.com/guzzle/guzzle/pull/2795) - -### Fixed - -- Handle exceptions during response creation [#2591](https://github.com/guzzle/guzzle/pull/2591) -- Fix CURLOPT_ENCODING not to be overwritten [#2595](https://github.com/guzzle/guzzle/pull/2595) -- Make sure the Request always has a body object [#2804](https://github.com/guzzle/guzzle/pull/2804) - -### Changed - -- The `TooManyRedirectsException` has a response [#2660](https://github.com/guzzle/guzzle/pull/2660) -- Avoid "functions" from dependencies [#2712](https://github.com/guzzle/guzzle/pull/2712) - -### Deprecated - -- Using environment variable GUZZLE_CURL_SELECT_TIMEOUT [#2786](https://github.com/guzzle/guzzle/pull/2786) - -## 7.1.1 - 2020-09-30 - -### Fixed - -- Incorrect EOF detection for response body streams on Windows. - -### Changed - -- We dont connect curl `sink` on HEAD requests. -- Removed some PHP 5 workarounds - -## 7.1.0 - 2020-09-22 - -### Added - -- `GuzzleHttp\MessageFormatterInterface` - -### Fixed - -- Fixed issue that caused cookies with no value not to be stored. -- On redirects, we allow all safe methods like GET, HEAD and OPTIONS. -- Fixed logging on empty responses. -- Make sure MessageFormatter::format returns string - -### Deprecated - -- All functions in `GuzzleHttp` has been deprecated. Use static methods on `Utils` instead. -- `ClientInterface::getConfig()` -- `Client::getConfig()` -- `Client::__call()` -- `Utils::defaultCaBundle()` -- `CurlFactory::LOW_CURL_VERSION_NUMBER` - -## 7.0.1 - 2020-06-27 - -* Fix multiply defined functions fatal error [#2699](https://github.com/guzzle/guzzle/pull/2699) - -## 7.0.0 - 2020-06-27 - -No changes since 7.0.0-rc1. - -## 7.0.0-rc1 - 2020-06-15 - -### Changed - -* Use error level for logging errors in Middleware [#2629](https://github.com/guzzle/guzzle/pull/2629) -* Disabled IDN support by default and require ext-intl to use it [#2675](https://github.com/guzzle/guzzle/pull/2675) - -## 7.0.0-beta2 - 2020-05-25 - -### Added - -* Using `Utils` class instead of functions in the `GuzzleHttp` namespace. [#2546](https://github.com/guzzle/guzzle/pull/2546) -* `ClientInterface::MAJOR_VERSION` [#2583](https://github.com/guzzle/guzzle/pull/2583) - -### Changed - -* Avoid the `getenv` function when unsafe [#2531](https://github.com/guzzle/guzzle/pull/2531) -* Added real client methods [#2529](https://github.com/guzzle/guzzle/pull/2529) -* Avoid functions due to global install conflicts [#2546](https://github.com/guzzle/guzzle/pull/2546) -* Use Symfony intl-idn polyfill [#2550](https://github.com/guzzle/guzzle/pull/2550) -* Adding methods for HTTP verbs like `Client::get()`, `Client::head()`, `Client::patch()` etc [#2529](https://github.com/guzzle/guzzle/pull/2529) -* `ConnectException` extends `TransferException` [#2541](https://github.com/guzzle/guzzle/pull/2541) -* Updated the default User Agent to "GuzzleHttp/7" [#2654](https://github.com/guzzle/guzzle/pull/2654) - -### Fixed - -* Various intl icu issues [#2626](https://github.com/guzzle/guzzle/pull/2626) - -### Removed - -* Pool option `pool_size` [#2528](https://github.com/guzzle/guzzle/pull/2528) - -## 7.0.0-beta1 - 2019-12-30 - -The diff might look very big but 95% of Guzzle users will be able to upgrade without modification. -Please see [the upgrade document](UPGRADING.md) that describes all BC breaking changes. - -### Added - -* Implement PSR-18 and dropped PHP 5 support [#2421](https://github.com/guzzle/guzzle/pull/2421) [#2474](https://github.com/guzzle/guzzle/pull/2474) -* PHP 7 types [#2442](https://github.com/guzzle/guzzle/pull/2442) [#2449](https://github.com/guzzle/guzzle/pull/2449) [#2466](https://github.com/guzzle/guzzle/pull/2466) [#2497](https://github.com/guzzle/guzzle/pull/2497) [#2499](https://github.com/guzzle/guzzle/pull/2499) -* IDN support for redirects [2424](https://github.com/guzzle/guzzle/pull/2424) - -### Changed - -* Dont allow passing null as third argument to `BadResponseException::__construct()` [#2427](https://github.com/guzzle/guzzle/pull/2427) -* Use SAPI constant instead of method call [#2450](https://github.com/guzzle/guzzle/pull/2450) -* Use native function invocation [#2444](https://github.com/guzzle/guzzle/pull/2444) -* Better defaults for PHP installations with old ICU lib [2454](https://github.com/guzzle/guzzle/pull/2454) -* Added visibility to all constants [#2462](https://github.com/guzzle/guzzle/pull/2462) -* Dont allow passing `null` as URI to `Client::request()` and `Client::requestAsync()` [#2461](https://github.com/guzzle/guzzle/pull/2461) -* Widen the exception argument to throwable [#2495](https://github.com/guzzle/guzzle/pull/2495) - -### Fixed - -* Logging when Promise rejected with a string [#2311](https://github.com/guzzle/guzzle/pull/2311) - -### Removed - -* Class `SeekException` [#2162](https://github.com/guzzle/guzzle/pull/2162) -* `RequestException::getResponseBodySummary()` [#2425](https://github.com/guzzle/guzzle/pull/2425) -* `CookieJar::getCookieValue()` [#2433](https://github.com/guzzle/guzzle/pull/2433) -* `uri_template()` and `UriTemplate` [#2440](https://github.com/guzzle/guzzle/pull/2440) -* Request options `save_to` and `exceptions` [#2464](https://github.com/guzzle/guzzle/pull/2464) - -## 6.5.2 - 2019-12-23 - -* idn_to_ascii() fix for old PHP versions [#2489](https://github.com/guzzle/guzzle/pull/2489) - -## 6.5.1 - 2019-12-21 - -* Better defaults for PHP installations with old ICU lib [#2454](https://github.com/guzzle/guzzle/pull/2454) -* IDN support for redirects [#2424](https://github.com/guzzle/guzzle/pull/2424) - -## 6.5.0 - 2019-12-07 - -* Improvement: Added support for reset internal queue in MockHandler. [#2143](https://github.com/guzzle/guzzle/pull/2143) -* Improvement: Added support to pass arbitrary options to `curl_multi_init`. [#2287](https://github.com/guzzle/guzzle/pull/2287) -* Fix: Gracefully handle passing `null` to the `header` option. [#2132](https://github.com/guzzle/guzzle/pull/2132) -* Fix: `RetryMiddleware` did not do exponential delay between retires due unit mismatch. [#2132](https://github.com/guzzle/guzzle/pull/2132) -* Fix: Prevent undefined offset when using array for ssl_key options. [#2348](https://github.com/guzzle/guzzle/pull/2348) -* Deprecated `ClientInterface::VERSION` - -## 6.4.1 - 2019-10-23 - -* No `guzzle.phar` was created in 6.4.0 due expired API token. This release will fix that -* Added `parent::__construct()` to `FileCookieJar` and `SessionCookieJar` - -## 6.4.0 - 2019-10-23 - -* Improvement: Improved error messages when using curl < 7.21.2 [#2108](https://github.com/guzzle/guzzle/pull/2108) -* Fix: Test if response is readable before returning a summary in `RequestException::getResponseBodySummary()` [#2081](https://github.com/guzzle/guzzle/pull/2081) -* Fix: Add support for GUZZLE_CURL_SELECT_TIMEOUT environment variable [#2161](https://github.com/guzzle/guzzle/pull/2161) -* Improvement: Added `GuzzleHttp\Exception\InvalidArgumentException` [#2163](https://github.com/guzzle/guzzle/pull/2163) -* Improvement: Added `GuzzleHttp\_current_time()` to use `hrtime()` if that function exists. [#2242](https://github.com/guzzle/guzzle/pull/2242) -* Improvement: Added curl's `appconnect_time` in `TransferStats` [#2284](https://github.com/guzzle/guzzle/pull/2284) -* Improvement: Make GuzzleException extend Throwable wherever it's available [#2273](https://github.com/guzzle/guzzle/pull/2273) -* Fix: Prevent concurrent writes to file when saving `CookieJar` [#2335](https://github.com/guzzle/guzzle/pull/2335) -* Improvement: Update `MockHandler` so we can test transfer time [#2362](https://github.com/guzzle/guzzle/pull/2362) - -## 6.3.3 - 2018-04-22 - -* Fix: Default headers when decode_content is specified - - -## 6.3.2 - 2018-03-26 - -* Fix: Release process - - -## 6.3.1 - 2018-03-26 - -* Bug fix: Parsing 0 epoch expiry times in cookies [#2014](https://github.com/guzzle/guzzle/pull/2014) -* Improvement: Better ConnectException detection [#2012](https://github.com/guzzle/guzzle/pull/2012) -* Bug fix: Malformed domain that contains a "/" [#1999](https://github.com/guzzle/guzzle/pull/1999) -* Bug fix: Undefined offset when a cookie has no first key-value pair [#1998](https://github.com/guzzle/guzzle/pull/1998) -* Improvement: Support PHPUnit 6 [#1953](https://github.com/guzzle/guzzle/pull/1953) -* Bug fix: Support empty headers [#1915](https://github.com/guzzle/guzzle/pull/1915) -* Bug fix: Ignore case during header modifications [#1916](https://github.com/guzzle/guzzle/pull/1916) - -+ Minor code cleanups, documentation fixes and clarifications. - - -## 6.3.0 - 2017-06-22 - -* Feature: force IP resolution (ipv4 or ipv6) [#1608](https://github.com/guzzle/guzzle/pull/1608), [#1659](https://github.com/guzzle/guzzle/pull/1659) -* Improvement: Don't include summary in exception message when body is empty [#1621](https://github.com/guzzle/guzzle/pull/1621) -* Improvement: Handle `on_headers` option in MockHandler [#1580](https://github.com/guzzle/guzzle/pull/1580) -* Improvement: Added SUSE Linux CA path [#1609](https://github.com/guzzle/guzzle/issues/1609) -* Improvement: Use class reference for getting the name of the class instead of using hardcoded strings [#1641](https://github.com/guzzle/guzzle/pull/1641) -* Feature: Added `read_timeout` option [#1611](https://github.com/guzzle/guzzle/pull/1611) -* Bug fix: PHP 7.x fixes [#1685](https://github.com/guzzle/guzzle/pull/1685), [#1686](https://github.com/guzzle/guzzle/pull/1686), [#1811](https://github.com/guzzle/guzzle/pull/1811) -* Deprecation: BadResponseException instantiation without a response [#1642](https://github.com/guzzle/guzzle/pull/1642) -* Feature: Added NTLM auth [#1569](https://github.com/guzzle/guzzle/pull/1569) -* Feature: Track redirect HTTP status codes [#1711](https://github.com/guzzle/guzzle/pull/1711) -* Improvement: Check handler type during construction [#1745](https://github.com/guzzle/guzzle/pull/1745) -* Improvement: Always include the Content-Length if there's a body [#1721](https://github.com/guzzle/guzzle/pull/1721) -* Feature: Added convenience method to access a cookie by name [#1318](https://github.com/guzzle/guzzle/pull/1318) -* Bug fix: Fill `CURLOPT_CAPATH` and `CURLOPT_CAINFO` properly [#1684](https://github.com/guzzle/guzzle/pull/1684) -* Improvement: Use `\GuzzleHttp\Promise\rejection_for` function instead of object init [#1827](https://github.com/guzzle/guzzle/pull/1827) - - -+ Minor code cleanups, documentation fixes and clarifications. - -## 6.2.3 - 2017-02-28 - -* Fix deprecations with guzzle/psr7 version 1.4 - -## 6.2.2 - 2016-10-08 - -* Allow to pass nullable Response to delay callable -* Only add scheme when host is present -* Fix drain case where content-length is the literal string zero -* Obfuscate in-URL credentials in exceptions - -## 6.2.1 - 2016-07-18 - -* Address HTTP_PROXY security vulnerability, CVE-2016-5385: - https://httpoxy.org/ -* Fixing timeout bug with StreamHandler: - https://github.com/guzzle/guzzle/pull/1488 -* Only read up to `Content-Length` in PHP StreamHandler to avoid timeouts when - a server does not honor `Connection: close`. -* Ignore URI fragment when sending requests. - -## 6.2.0 - 2016-03-21 - -* Feature: added `GuzzleHttp\json_encode` and `GuzzleHttp\json_decode`. - https://github.com/guzzle/guzzle/pull/1389 -* Bug fix: Fix sleep calculation when waiting for delayed requests. - https://github.com/guzzle/guzzle/pull/1324 -* Feature: More flexible history containers. - https://github.com/guzzle/guzzle/pull/1373 -* Bug fix: defer sink stream opening in StreamHandler. - https://github.com/guzzle/guzzle/pull/1377 -* Bug fix: do not attempt to escape cookie values. - https://github.com/guzzle/guzzle/pull/1406 -* Feature: report original content encoding and length on decoded responses. - https://github.com/guzzle/guzzle/pull/1409 -* Bug fix: rewind seekable request bodies before dispatching to cURL. - https://github.com/guzzle/guzzle/pull/1422 -* Bug fix: provide an empty string to `http_build_query` for HHVM workaround. - https://github.com/guzzle/guzzle/pull/1367 - -## 6.1.1 - 2015-11-22 - -* Bug fix: Proxy::wrapSync() now correctly proxies to the appropriate handler - https://github.com/guzzle/guzzle/commit/911bcbc8b434adce64e223a6d1d14e9a8f63e4e4 -* Feature: HandlerStack is now more generic. - https://github.com/guzzle/guzzle/commit/f2102941331cda544745eedd97fc8fd46e1ee33e -* Bug fix: setting verify to false in the StreamHandler now disables peer - verification. https://github.com/guzzle/guzzle/issues/1256 -* Feature: Middleware now uses an exception factory, including more error - context. https://github.com/guzzle/guzzle/pull/1282 -* Feature: better support for disabled functions. - https://github.com/guzzle/guzzle/pull/1287 -* Bug fix: fixed regression where MockHandler was not using `sink`. - https://github.com/guzzle/guzzle/pull/1292 - -## 6.1.0 - 2015-09-08 - -* Feature: Added the `on_stats` request option to provide access to transfer - statistics for requests. https://github.com/guzzle/guzzle/pull/1202 -* Feature: Added the ability to persist session cookies in CookieJars. - https://github.com/guzzle/guzzle/pull/1195 -* Feature: Some compatibility updates for Google APP Engine - https://github.com/guzzle/guzzle/pull/1216 -* Feature: Added support for NO_PROXY to prevent the use of a proxy based on - a simple set of rules. https://github.com/guzzle/guzzle/pull/1197 -* Feature: Cookies can now contain square brackets. - https://github.com/guzzle/guzzle/pull/1237 -* Bug fix: Now correctly parsing `=` inside of quotes in Cookies. - https://github.com/guzzle/guzzle/pull/1232 -* Bug fix: Cusotm cURL options now correctly override curl options of the - same name. https://github.com/guzzle/guzzle/pull/1221 -* Bug fix: Content-Type header is now added when using an explicitly provided - multipart body. https://github.com/guzzle/guzzle/pull/1218 -* Bug fix: Now ignoring Set-Cookie headers that have no name. -* Bug fix: Reason phrase is no longer cast to an int in some cases in the - cURL handler. https://github.com/guzzle/guzzle/pull/1187 -* Bug fix: Remove the Authorization header when redirecting if the Host - header changes. https://github.com/guzzle/guzzle/pull/1207 -* Bug fix: Cookie path matching fixes - https://github.com/guzzle/guzzle/issues/1129 -* Bug fix: Fixing the cURL `body_as_string` setting - https://github.com/guzzle/guzzle/pull/1201 -* Bug fix: quotes are no longer stripped when parsing cookies. - https://github.com/guzzle/guzzle/issues/1172 -* Bug fix: `form_params` and `query` now always uses the `&` separator. - https://github.com/guzzle/guzzle/pull/1163 -* Bug fix: Adding a Content-Length to PHP stream wrapper requests if not set. - https://github.com/guzzle/guzzle/pull/1189 - -## 6.0.2 - 2015-07-04 - -* Fixed a memory leak in the curl handlers in which references to callbacks - were not being removed by `curl_reset`. -* Cookies are now extracted properly before redirects. -* Cookies now allow more character ranges. -* Decoded Content-Encoding responses are now modified to correctly reflect - their state if the encoding was automatically removed by a handler. This - means that the `Content-Encoding` header may be removed an the - `Content-Length` modified to reflect the message size after removing the - encoding. -* Added a more explicit error message when trying to use `form_params` and - `multipart` in the same request. -* Several fixes for HHVM support. -* Functions are now conditionally required using an additional level of - indirection to help with global Composer installations. - -## 6.0.1 - 2015-05-27 - -* Fixed a bug with serializing the `query` request option where the `&` - separator was missing. -* Added a better error message for when `body` is provided as an array. Please - use `form_params` or `multipart` instead. -* Various doc fixes. - -## 6.0.0 - 2015-05-26 - -* See the UPGRADING.md document for more information. -* Added `multipart` and `form_params` request options. -* Added `synchronous` request option. -* Added the `on_headers` request option. -* Fixed `expect` handling. -* No longer adding default middlewares in the client ctor. These need to be - present on the provided handler in order to work. -* Requests are no longer initiated when sending async requests with the - CurlMultiHandler. This prevents unexpected recursion from requests completing - while ticking the cURL loop. -* Removed the semantics of setting `default` to `true`. This is no longer - required now that the cURL loop is not ticked for async requests. -* Added request and response logging middleware. -* No longer allowing self signed certificates when using the StreamHandler. -* Ensuring that `sink` is valid if saving to a file. -* Request exceptions now include a "handler context" which provides handler - specific contextual information. -* Added `GuzzleHttp\RequestOptions` to allow request options to be applied - using constants. -* `$maxHandles` has been removed from CurlMultiHandler. -* `MultipartPostBody` is now part of the `guzzlehttp/psr7` package. - -## 5.3.0 - 2015-05-19 - -* Mock now supports `save_to` -* Marked `AbstractRequestEvent::getTransaction()` as public. -* Fixed a bug in which multiple headers using different casing would overwrite - previous headers in the associative array. -* Added `Utils::getDefaultHandler()` -* Marked `GuzzleHttp\Client::getDefaultUserAgent` as deprecated. -* URL scheme is now always lowercased. - -## 6.0.0-beta.1 - -* Requires PHP >= 5.5 -* Updated to use PSR-7 - * Requires immutable messages, which basically means an event based system - owned by a request instance is no longer possible. - * Utilizing the [Guzzle PSR-7 package](https://github.com/guzzle/psr7). - * Removed the dependency on `guzzlehttp/streams`. These stream abstractions - are available in the `guzzlehttp/psr7` package under the `GuzzleHttp\Psr7` - namespace. -* Added middleware and handler system - * Replaced the Guzzle event and subscriber system with a middleware system. - * No longer depends on RingPHP, but rather places the HTTP handlers directly - in Guzzle, operating on PSR-7 messages. - * Retry logic is now encapsulated in `GuzzleHttp\Middleware::retry`, which - means the `guzzlehttp/retry-subscriber` is now obsolete. - * Mocking responses is now handled using `GuzzleHttp\Handler\MockHandler`. -* Asynchronous responses - * No longer supports the `future` request option to send an async request. - Instead, use one of the `*Async` methods of a client (e.g., `requestAsync`, - `getAsync`, etc.). - * Utilizing `GuzzleHttp\Promise` instead of React's promise library to avoid - recursion required by chaining and forwarding react promises. See - https://github.com/guzzle/promises - * Added `requestAsync` and `sendAsync` to send request asynchronously. - * Added magic methods for `getAsync()`, `postAsync()`, etc. to send requests - asynchronously. -* Request options - * POST and form updates - * Added the `form_fields` and `form_files` request options. - * Removed the `GuzzleHttp\Post` namespace. - * The `body` request option no longer accepts an array for POST requests. - * The `exceptions` request option has been deprecated in favor of the - `http_errors` request options. - * The `save_to` request option has been deprecated in favor of `sink` request - option. -* Clients no longer accept an array of URI template string and variables for - URI variables. You will need to expand URI templates before passing them - into a client constructor or request method. -* Client methods `get()`, `post()`, `put()`, `patch()`, `options()`, etc. are - now magic methods that will send synchronous requests. -* Replaced `Utils.php` with plain functions in `functions.php`. -* Removed `GuzzleHttp\Collection`. -* Removed `GuzzleHttp\BatchResults`. Batched pool results are now returned as - an array. -* Removed `GuzzleHttp\Query`. Query string handling is now handled using an - associative array passed into the `query` request option. The query string - is serialized using PHP's `http_build_query`. If you need more control, you - can pass the query string in as a string. -* `GuzzleHttp\QueryParser` has been replaced with the - `GuzzleHttp\Psr7\parse_query`. - -## 5.2.0 - 2015-01-27 - -* Added `AppliesHeadersInterface` to make applying headers to a request based - on the body more generic and not specific to `PostBodyInterface`. -* Reduced the number of stack frames needed to send requests. -* Nested futures are now resolved in the client rather than the RequestFsm -* Finishing state transitions is now handled in the RequestFsm rather than the - RingBridge. -* Added a guard in the Pool class to not use recursion for request retries. - -## 5.1.0 - 2014-12-19 - -* Pool class no longer uses recursion when a request is intercepted. -* The size of a Pool can now be dynamically adjusted using a callback. - See https://github.com/guzzle/guzzle/pull/943. -* Setting a request option to `null` when creating a request with a client will - ensure that the option is not set. This allows you to overwrite default - request options on a per-request basis. - See https://github.com/guzzle/guzzle/pull/937. -* Added the ability to limit which protocols are allowed for redirects by - specifying a `protocols` array in the `allow_redirects` request option. -* Nested futures due to retries are now resolved when waiting for synchronous - responses. See https://github.com/guzzle/guzzle/pull/947. -* `"0"` is now an allowed URI path. See - https://github.com/guzzle/guzzle/pull/935. -* `Query` no longer typehints on the `$query` argument in the constructor, - allowing for strings and arrays. -* Exceptions thrown in the `end` event are now correctly wrapped with Guzzle - specific exceptions if necessary. - -## 5.0.3 - 2014-11-03 - -This change updates query strings so that they are treated as un-encoded values -by default where the value represents an un-encoded value to send over the -wire. A Query object then encodes the value before sending over the wire. This -means that even value query string values (e.g., ":") are url encoded. This -makes the Query class match PHP's http_build_query function. However, if you -want to send requests over the wire using valid query string characters that do -not need to be encoded, then you can provide a string to Url::setQuery() and -pass true as the second argument to specify that the query string is a raw -string that should not be parsed or encoded (unless a call to getQuery() is -subsequently made, forcing the query-string to be converted into a Query -object). - -## 5.0.2 - 2014-10-30 - -* Added a trailing `\r\n` to multipart/form-data payloads. See - https://github.com/guzzle/guzzle/pull/871 -* Added a `GuzzleHttp\Pool::send()` convenience method to match the docs. -* Status codes are now returned as integers. See - https://github.com/guzzle/guzzle/issues/881 -* No longer overwriting an existing `application/x-www-form-urlencoded` header - when sending POST requests, allowing for customized headers. See - https://github.com/guzzle/guzzle/issues/877 -* Improved path URL serialization. - - * No longer double percent-encoding characters in the path or query string if - they are already encoded. - * Now properly encoding the supplied path to a URL object, instead of only - encoding ' ' and '?'. - * Note: This has been changed in 5.0.3 to now encode query string values by - default unless the `rawString` argument is provided when setting the query - string on a URL: Now allowing many more characters to be present in the - query string without being percent encoded. See https://tools.ietf.org/html/rfc3986#appendix-A - -## 5.0.1 - 2014-10-16 - -Bugfix release. - -* Fixed an issue where connection errors still returned response object in - error and end events event though the response is unusable. This has been - corrected so that a response is not returned in the `getResponse` method of - these events if the response did not complete. https://github.com/guzzle/guzzle/issues/867 -* Fixed an issue where transfer statistics were not being populated in the - RingBridge. https://github.com/guzzle/guzzle/issues/866 - -## 5.0.0 - 2014-10-12 - -Adding support for non-blocking responses and some minor API cleanup. - -### New Features - -* Added support for non-blocking responses based on `guzzlehttp/guzzle-ring`. -* Added a public API for creating a default HTTP adapter. -* Updated the redirect plugin to be non-blocking so that redirects are sent - concurrently. Other plugins like this can now be updated to be non-blocking. -* Added a "progress" event so that you can get upload and download progress - events. -* Added `GuzzleHttp\Pool` which implements FutureInterface and transfers - requests concurrently using a capped pool size as efficiently as possible. -* Added `hasListeners()` to EmitterInterface. -* Removed `GuzzleHttp\ClientInterface::sendAll` and marked - `GuzzleHttp\Client::sendAll` as deprecated (it's still there, just not the - recommended way). - -### Breaking changes - -The breaking changes in this release are relatively minor. The biggest thing to -look out for is that request and response objects no longer implement fluent -interfaces. - -* Removed the fluent interfaces (i.e., `return $this`) from requests, - responses, `GuzzleHttp\Collection`, `GuzzleHttp\Url`, - `GuzzleHttp\Query`, `GuzzleHttp\Post\PostBody`, and - `GuzzleHttp\Cookie\SetCookie`. This blog post provides a good outline of - why I did this: https://ocramius.github.io/blog/fluent-interfaces-are-evil/. - This also makes the Guzzle message interfaces compatible with the current - PSR-7 message proposal. -* Removed "functions.php", so that Guzzle is truly PSR-4 compliant. Except - for the HTTP request functions from function.php, these functions are now - implemented in `GuzzleHttp\Utils` using camelCase. `GuzzleHttp\json_decode` - moved to `GuzzleHttp\Utils::jsonDecode`. `GuzzleHttp\get_path` moved to - `GuzzleHttp\Utils::getPath`. `GuzzleHttp\set_path` moved to - `GuzzleHttp\Utils::setPath`. `GuzzleHttp\batch` should now be - `GuzzleHttp\Pool::batch`, which returns an `objectStorage`. Using functions.php - caused problems for many users: they aren't PSR-4 compliant, require an - explicit include, and needed an if-guard to ensure that the functions are not - declared multiple times. -* Rewrote adapter layer. - * Removing all classes from `GuzzleHttp\Adapter`, these are now - implemented as callables that are stored in `GuzzleHttp\Ring\Client`. - * Removed the concept of "parallel adapters". Sending requests serially or - concurrently is now handled using a single adapter. - * Moved `GuzzleHttp\Adapter\Transaction` to `GuzzleHttp\Transaction`. The - Transaction object now exposes the request, response, and client as public - properties. The getters and setters have been removed. -* Removed the "headers" event. This event was only useful for changing the - body a response once the headers of the response were known. You can implement - a similar behavior in a number of ways. One example might be to use a - FnStream that has access to the transaction being sent. For example, when the - first byte is written, you could check if the response headers match your - expectations, and if so, change the actual stream body that is being - written to. -* Removed the `asArray` parameter from - `GuzzleHttp\Message\MessageInterface::getHeader`. If you want to get a header - value as an array, then use the newly added `getHeaderAsArray()` method of - `MessageInterface`. This change makes the Guzzle interfaces compatible with - the PSR-7 interfaces. -* `GuzzleHttp\Message\MessageFactory` no longer allows subclasses to add - custom request options using double-dispatch (this was an implementation - detail). Instead, you should now provide an associative array to the - constructor which is a mapping of the request option name mapping to a - function that applies the option value to a request. -* Removed the concept of "throwImmediately" from exceptions and error events. - This control mechanism was used to stop a transfer of concurrent requests - from completing. This can now be handled by throwing the exception or by - cancelling a pool of requests or each outstanding future request individually. -* Updated to "GuzzleHttp\Streams" 3.0. - * `GuzzleHttp\Stream\StreamInterface::getContents()` no longer accepts a - `maxLen` parameter. This update makes the Guzzle streams project - compatible with the current PSR-7 proposal. - * `GuzzleHttp\Stream\Stream::__construct`, - `GuzzleHttp\Stream\Stream::factory`, and - `GuzzleHttp\Stream\Utils::create` no longer accept a size in the second - argument. They now accept an associative array of options, including the - "size" key and "metadata" key which can be used to provide custom metadata. - -## 4.2.2 - 2014-09-08 - -* Fixed a memory leak in the CurlAdapter when reusing cURL handles. -* No longer using `request_fulluri` in stream adapter proxies. -* Relative redirects are now based on the last response, not the first response. - -## 4.2.1 - 2014-08-19 - -* Ensuring that the StreamAdapter does not always add a Content-Type header -* Adding automated github releases with a phar and zip - -## 4.2.0 - 2014-08-17 - -* Now merging in default options using a case-insensitive comparison. - Closes https://github.com/guzzle/guzzle/issues/767 -* Added the ability to automatically decode `Content-Encoding` response bodies - using the `decode_content` request option. This is set to `true` by default - to decode the response body if it comes over the wire with a - `Content-Encoding`. Set this value to `false` to disable decoding the - response content, and pass a string to provide a request `Accept-Encoding` - header and turn on automatic response decoding. This feature now allows you - to pass an `Accept-Encoding` header in the headers of a request but still - disable automatic response decoding. - Closes https://github.com/guzzle/guzzle/issues/764 -* Added the ability to throw an exception immediately when transferring - requests in parallel. Closes https://github.com/guzzle/guzzle/issues/760 -* Updating guzzlehttp/streams dependency to ~2.1 -* No longer utilizing the now deprecated namespaced methods from the stream - package. - -## 4.1.8 - 2014-08-14 - -* Fixed an issue in the CurlFactory that caused setting the `stream=false` - request option to throw an exception. - See: https://github.com/guzzle/guzzle/issues/769 -* TransactionIterator now calls rewind on the inner iterator. - See: https://github.com/guzzle/guzzle/pull/765 -* You can now set the `Content-Type` header to `multipart/form-data` - when creating POST requests to force multipart bodies. - See https://github.com/guzzle/guzzle/issues/768 - -## 4.1.7 - 2014-08-07 - -* Fixed an error in the HistoryPlugin that caused the same request and response - to be logged multiple times when an HTTP protocol error occurs. -* Ensuring that cURL does not add a default Content-Type when no Content-Type - has been supplied by the user. This prevents the adapter layer from modifying - the request that is sent over the wire after any listeners may have already - put the request in a desired state (e.g., signed the request). -* Throwing an exception when you attempt to send requests that have the - "stream" set to true in parallel using the MultiAdapter. -* Only calling curl_multi_select when there are active cURL handles. This was - previously changed and caused performance problems on some systems due to PHP - always selecting until the maximum select timeout. -* Fixed a bug where multipart/form-data POST fields were not correctly - aggregated (e.g., values with "&"). - -## 4.1.6 - 2014-08-03 - -* Added helper methods to make it easier to represent messages as strings, - including getting the start line and getting headers as a string. - -## 4.1.5 - 2014-08-02 - -* Automatically retrying cURL "Connection died, retrying a fresh connect" - errors when possible. -* cURL implementation cleanup -* Allowing multiple event subscriber listeners to be registered per event by - passing an array of arrays of listener configuration. - -## 4.1.4 - 2014-07-22 - -* Fixed a bug that caused multi-part POST requests with more than one field to - serialize incorrectly. -* Paths can now be set to "0" -* `ResponseInterface::xml` now accepts a `libxml_options` option and added a - missing default argument that was required when parsing XML response bodies. -* A `save_to` stream is now created lazily, which means that files are not - created on disk unless a request succeeds. - -## 4.1.3 - 2014-07-15 - -* Various fixes to multipart/form-data POST uploads -* Wrapping function.php in an if-statement to ensure Guzzle can be used - globally and in a Composer install -* Fixed an issue with generating and merging in events to an event array -* POST headers are only applied before sending a request to allow you to change - the query aggregator used before uploading -* Added much more robust query string parsing -* Fixed various parsing and normalization issues with URLs -* Fixing an issue where multi-valued headers were not being utilized correctly - in the StreamAdapter - -## 4.1.2 - 2014-06-18 - -* Added support for sending payloads with GET requests - -## 4.1.1 - 2014-06-08 - -* Fixed an issue related to using custom message factory options in subclasses -* Fixed an issue with nested form fields in a multi-part POST -* Fixed an issue with using the `json` request option for POST requests -* Added `ToArrayInterface` to `GuzzleHttp\Cookie\CookieJar` - -## 4.1.0 - 2014-05-27 - -* Added a `json` request option to easily serialize JSON payloads. -* Added a `GuzzleHttp\json_decode()` wrapper to safely parse JSON. -* Added `setPort()` and `getPort()` to `GuzzleHttp\Message\RequestInterface`. -* Added the ability to provide an emitter to a client in the client constructor. -* Added the ability to persist a cookie session using $_SESSION. -* Added a trait that can be used to add event listeners to an iterator. -* Removed request method constants from RequestInterface. -* Fixed warning when invalid request start-lines are received. -* Updated MessageFactory to work with custom request option methods. -* Updated cacert bundle to latest build. - -4.0.2 (2014-04-16) ------------------- - -* Proxy requests using the StreamAdapter now properly use request_fulluri (#632) -* Added the ability to set scalars as POST fields (#628) - -## 4.0.1 - 2014-04-04 - -* The HTTP status code of a response is now set as the exception code of - RequestException objects. -* 303 redirects will now correctly switch from POST to GET requests. -* The default parallel adapter of a client now correctly uses the MultiAdapter. -* HasDataTrait now initializes the internal data array as an empty array so - that the toArray() method always returns an array. - -## 4.0.0 - 2014-03-29 - -* For information on changes and upgrading, see: - https://github.com/guzzle/guzzle/blob/master/UPGRADING.md#3x-to-40 -* Added `GuzzleHttp\batch()` as a convenience function for sending requests in - parallel without needing to write asynchronous code. -* Restructured how events are added to `GuzzleHttp\ClientInterface::sendAll()`. - You can now pass a callable or an array of associative arrays where each - associative array contains the "fn", "priority", and "once" keys. - -## 4.0.0.rc-2 - 2014-03-25 - -* Removed `getConfig()` and `setConfig()` from clients to avoid confusion - around whether things like base_url, message_factory, etc. should be able to - be retrieved or modified. -* Added `getDefaultOption()` and `setDefaultOption()` to ClientInterface -* functions.php functions were renamed using snake_case to match PHP idioms -* Added support for `HTTP_PROXY`, `HTTPS_PROXY`, and - `GUZZLE_CURL_SELECT_TIMEOUT` environment variables -* Added the ability to specify custom `sendAll()` event priorities -* Added the ability to specify custom stream context options to the stream - adapter. -* Added a functions.php function for `get_path()` and `set_path()` -* CurlAdapter and MultiAdapter now use a callable to generate curl resources -* MockAdapter now properly reads a body and emits a `headers` event -* Updated Url class to check if a scheme and host are set before adding ":" - and "//". This allows empty Url (e.g., "") to be serialized as "". -* Parsing invalid XML no longer emits warnings -* Curl classes now properly throw AdapterExceptions -* Various performance optimizations -* Streams are created with the faster `Stream\create()` function -* Marked deprecation_proxy() as internal -* Test server is now a collection of static methods on a class - -## 4.0.0-rc.1 - 2014-03-15 - -* See https://github.com/guzzle/guzzle/blob/master/UPGRADING.md#3x-to-40 - -## 3.8.1 - 2014-01-28 - -* Bug: Always using GET requests when redirecting from a 303 response -* Bug: CURLOPT_SSL_VERIFYHOST is now correctly set to false when setting `$certificateAuthority` to false in - `Guzzle\Http\ClientInterface::setSslVerification()` -* Bug: RedirectPlugin now uses strict RFC 3986 compliance when combining a base URL with a relative URL -* Bug: The body of a request can now be set to `"0"` -* Sending PHP stream requests no longer forces `HTTP/1.0` -* Adding more information to ExceptionCollection exceptions so that users have more context, including a stack trace of - each sub-exception -* Updated the `$ref` attribute in service descriptions to merge over any existing parameters of a schema (rather than - clobbering everything). -* Merging URLs will now use the query string object from the relative URL (thus allowing custom query aggregators) -* Query strings are now parsed in a way that they do no convert empty keys with no value to have a dangling `=`. - For example `foo&bar=baz` is now correctly parsed and recognized as `foo&bar=baz` rather than `foo=&bar=baz`. -* Now properly escaping the regular expression delimiter when matching Cookie domains. -* Network access is now disabled when loading XML documents - -## 3.8.0 - 2013-12-05 - -* Added the ability to define a POST name for a file -* JSON response parsing now properly walks additionalProperties -* cURL error code 18 is now retried automatically in the BackoffPlugin -* Fixed a cURL error when URLs contain fragments -* Fixed an issue in the BackoffPlugin retry event where it was trying to access all exceptions as if they were - CurlExceptions -* CURLOPT_PROGRESS function fix for PHP 5.5 (69fcc1e) -* Added the ability for Guzzle to work with older versions of cURL that do not support `CURLOPT_TIMEOUT_MS` -* Fixed a bug that was encountered when parsing empty header parameters -* UriTemplate now has a `setRegex()` method to match the docs -* The `debug` request parameter now checks if it is truthy rather than if it exists -* Setting the `debug` request parameter to true shows verbose cURL output instead of using the LogPlugin -* Added the ability to combine URLs using strict RFC 3986 compliance -* Command objects can now return the validation errors encountered by the command -* Various fixes to cache revalidation (#437 and 29797e5) -* Various fixes to the AsyncPlugin -* Cleaned up build scripts - -## 3.7.4 - 2013-10-02 - -* Bug fix: 0 is now an allowed value in a description parameter that has a default value (#430) -* Bug fix: SchemaFormatter now returns an integer when formatting to a Unix timestamp - (see https://github.com/aws/aws-sdk-php/issues/147) -* Bug fix: Cleaned up and fixed URL dot segment removal to properly resolve internal dots -* Minimum PHP version is now properly specified as 5.3.3 (up from 5.3.2) (#420) -* Updated the bundled cacert.pem (#419) -* OauthPlugin now supports adding authentication to headers or query string (#425) - -## 3.7.3 - 2013-09-08 - -* Added the ability to get the exception associated with a request/command when using `MultiTransferException` and - `CommandTransferException`. -* Setting `additionalParameters` of a response to false is now honored when parsing responses with a service description -* Schemas are only injected into response models when explicitly configured. -* No longer guessing Content-Type based on the path of a request. Content-Type is now only guessed based on the path of - an EntityBody. -* Bug fix: ChunkedIterator can now properly chunk a \Traversable as well as an \Iterator. -* Bug fix: FilterIterator now relies on `\Iterator` instead of `\Traversable`. -* Bug fix: Gracefully handling malformed responses in RequestMediator::writeResponseBody() -* Bug fix: Replaced call to canCache with canCacheRequest in the CallbackCanCacheStrategy of the CachePlugin -* Bug fix: Visiting XML attributes first before visiting XML children when serializing requests -* Bug fix: Properly parsing headers that contain commas contained in quotes -* Bug fix: mimetype guessing based on a filename is now case-insensitive - -## 3.7.2 - 2013-08-02 - -* Bug fix: Properly URL encoding paths when using the PHP-only version of the UriTemplate expander - See https://github.com/guzzle/guzzle/issues/371 -* Bug fix: Cookie domains are now matched correctly according to RFC 6265 - See https://github.com/guzzle/guzzle/issues/377 -* Bug fix: GET parameters are now used when calculating an OAuth signature -* Bug fix: Fixed an issue with cache revalidation where the If-None-Match header was being double quoted -* `Guzzle\Common\AbstractHasDispatcher::dispatch()` now returns the event that was dispatched -* `Guzzle\Http\QueryString::factory()` now guesses the most appropriate query aggregator to used based on the input. - See https://github.com/guzzle/guzzle/issues/379 -* Added a way to add custom domain objects to service description parsing using the `operation.parse_class` event. See - https://github.com/guzzle/guzzle/pull/380 -* cURL multi cleanup and optimizations - -## 3.7.1 - 2013-07-05 - -* Bug fix: Setting default options on a client now works -* Bug fix: Setting options on HEAD requests now works. See #352 -* Bug fix: Moving stream factory before send event to before building the stream. See #353 -* Bug fix: Cookies no longer match on IP addresses per RFC 6265 -* Bug fix: Correctly parsing header parameters that are in `<>` and quotes -* Added `cert` and `ssl_key` as request options -* `Host` header can now diverge from the host part of a URL if the header is set manually -* `Guzzle\Service\Command\LocationVisitor\Request\XmlVisitor` was rewritten to change from using SimpleXML to XMLWriter -* OAuth parameters are only added via the plugin if they aren't already set -* Exceptions are now thrown when a URL cannot be parsed -* Returning `false` if `Guzzle\Http\EntityBody::getContentMd5()` fails -* Not setting a `Content-MD5` on a command if calculating the Content-MD5 fails via the CommandContentMd5Plugin - -## 3.7.0 - 2013-06-10 - -* See UPGRADING.md for more information on how to upgrade. -* Requests now support the ability to specify an array of $options when creating a request to more easily modify a - request. You can pass a 'request.options' configuration setting to a client to apply default request options to - every request created by a client (e.g. default query string variables, headers, curl options, etc.). -* Added a static facade class that allows you to use Guzzle with static methods and mount the class to `\Guzzle`. - See `Guzzle\Http\StaticClient::mount`. -* Added `command.request_options` to `Guzzle\Service\Command\AbstractCommand` to pass request options to requests - created by a command (e.g. custom headers, query string variables, timeout settings, etc.). -* Stream size in `Guzzle\Stream\PhpStreamRequestFactory` will now be set if Content-Length is returned in the - headers of a response -* Added `Guzzle\Common\Collection::setPath($path, $value)` to set a value into an array using a nested key - (e.g. `$collection->setPath('foo/baz/bar', 'test'); echo $collection['foo']['bar']['bar'];`) -* ServiceBuilders now support storing and retrieving arbitrary data -* CachePlugin can now purge all resources for a given URI -* CachePlugin can automatically purge matching cached items when a non-idempotent request is sent to a resource -* CachePlugin now uses the Vary header to determine if a resource is a cache hit -* `Guzzle\Http\Message\Response` now implements `\Serializable` -* Added `Guzzle\Cache\CacheAdapterFactory::fromCache()` to more easily create cache adapters -* `Guzzle\Service\ClientInterface::execute()` now accepts an array, single command, or Traversable -* Fixed a bug in `Guzzle\Http\Message\Header\Link::addLink()` -* Better handling of calculating the size of a stream in `Guzzle\Stream\Stream` using fstat() and caching the size -* `Guzzle\Common\Exception\ExceptionCollection` now creates a more readable exception message -* Fixing BC break: Added back the MonologLogAdapter implementation rather than extending from PsrLog so that older - Symfony users can still use the old version of Monolog. -* Fixing BC break: Added the implementation back in for `Guzzle\Http\Message\AbstractMessage::getTokenizedHeader()`. - Now triggering an E_USER_DEPRECATED warning when used. Use `$message->getHeader()->parseParams()`. -* Several performance improvements to `Guzzle\Common\Collection` -* Added an `$options` argument to the end of the following methods of `Guzzle\Http\ClientInterface`: - createRequest, head, delete, put, patch, post, options, prepareRequest -* Added an `$options` argument to the end of `Guzzle\Http\Message\Request\RequestFactoryInterface::createRequest()` -* Added an `applyOptions()` method to `Guzzle\Http\Message\Request\RequestFactoryInterface` -* Changed `Guzzle\Http\ClientInterface::get($uri = null, $headers = null, $body = null)` to - `Guzzle\Http\ClientInterface::get($uri = null, $headers = null, $options = array())`. You can still pass in a - resource, string, or EntityBody into the $options parameter to specify the download location of the response. -* Changed `Guzzle\Common\Collection::__construct($data)` to no longer accepts a null value for `$data` but a - default `array()` -* Added `Guzzle\Stream\StreamInterface::isRepeatable` -* Removed `Guzzle\Http\ClientInterface::setDefaultHeaders(). Use - $client->getConfig()->setPath('request.options/headers/{header_name}', 'value')`. or - $client->getConfig()->setPath('request.options/headers', array('header_name' => 'value'))`. -* Removed `Guzzle\Http\ClientInterface::getDefaultHeaders(). Use $client->getConfig()->getPath('request.options/headers')`. -* Removed `Guzzle\Http\ClientInterface::expandTemplate()` -* Removed `Guzzle\Http\ClientInterface::setRequestFactory()` -* Removed `Guzzle\Http\ClientInterface::getCurlMulti()` -* Removed `Guzzle\Http\Message\RequestInterface::canCache` -* Removed `Guzzle\Http\Message\RequestInterface::setIsRedirect` -* Removed `Guzzle\Http\Message\RequestInterface::isRedirect` -* Made `Guzzle\Http\Client::expandTemplate` and `getUriTemplate` protected methods. -* You can now enable E_USER_DEPRECATED warnings to see if you are using a deprecated method by setting - `Guzzle\Common\Version::$emitWarnings` to true. -* Marked `Guzzle\Http\Message\Request::isResponseBodyRepeatable()` as deprecated. Use - `$request->getResponseBody()->isRepeatable()` instead. -* Marked `Guzzle\Http\Message\Request::canCache()` as deprecated. Use - `Guzzle\Plugin\Cache\DefaultCanCacheStrategy->canCacheRequest()` instead. -* Marked `Guzzle\Http\Message\Request::canCache()` as deprecated. Use - `Guzzle\Plugin\Cache\DefaultCanCacheStrategy->canCacheRequest()` instead. -* Marked `Guzzle\Http\Message\Request::setIsRedirect()` as deprecated. Use the HistoryPlugin instead. -* Marked `Guzzle\Http\Message\Request::isRedirect()` as deprecated. Use the HistoryPlugin instead. -* Marked `Guzzle\Cache\CacheAdapterFactory::factory()` as deprecated -* Marked 'command.headers', 'command.response_body' and 'command.on_complete' as deprecated for AbstractCommand. - These will work through Guzzle 4.0 -* Marked 'request.params' for `Guzzle\Http\Client` as deprecated. Use [request.options][params]. -* Marked `Guzzle\Service\Client::enableMagicMethods()` as deprecated. Magic methods can no longer be disabled on a Guzzle\Service\Client. -* Marked `Guzzle\Service\Client::getDefaultHeaders()` as deprecated. Use $client->getConfig()->getPath('request.options/headers')`. -* Marked `Guzzle\Service\Client::setDefaultHeaders()` as deprecated. Use $client->getConfig()->setPath('request.options/headers/{header_name}', 'value')`. -* Marked `Guzzle\Parser\Url\UrlParser` as deprecated. Just use PHP's `parse_url()` and percent encode your UTF-8. -* Marked `Guzzle\Common\Collection::inject()` as deprecated. -* Marked `Guzzle\Plugin\CurlAuth\CurlAuthPlugin` as deprecated. Use `$client->getConfig()->setPath('request.options/auth', array('user', 'pass', 'Basic|Digest');` -* CacheKeyProviderInterface and DefaultCacheKeyProvider are no longer used. All of this logic is handled in a - CacheStorageInterface. These two objects and interface will be removed in a future version. -* Always setting X-cache headers on cached responses -* Default cache TTLs are now handled by the CacheStorageInterface of a CachePlugin -* `CacheStorageInterface::cache($key, Response $response, $ttl = null)` has changed to `cache(RequestInterface - $request, Response $response);` -* `CacheStorageInterface::fetch($key)` has changed to `fetch(RequestInterface $request);` -* `CacheStorageInterface::delete($key)` has changed to `delete(RequestInterface $request);` -* Added `CacheStorageInterface::purge($url)` -* `DefaultRevalidation::__construct(CacheKeyProviderInterface $cacheKey, CacheStorageInterface $cache, CachePlugin - $plugin)` has changed to `DefaultRevalidation::__construct(CacheStorageInterface $cache, - CanCacheStrategyInterface $canCache = null)` -* Added `RevalidationInterface::shouldRevalidate(RequestInterface $request, Response $response)` - -## 3.6.0 - 2013-05-29 - -* ServiceDescription now implements ToArrayInterface -* Added command.hidden_params to blacklist certain headers from being treated as additionalParameters -* Guzzle can now correctly parse incomplete URLs -* Mixed casing of headers are now forced to be a single consistent casing across all values for that header. -* Messages internally use a HeaderCollection object to delegate handling case-insensitive header resolution -* Removed the whole changedHeader() function system of messages because all header changes now go through addHeader(). -* Specific header implementations can be created for complex headers. When a message creates a header, it uses a - HeaderFactory which can map specific headers to specific header classes. There is now a Link header and - CacheControl header implementation. -* Removed from interface: Guzzle\Http\ClientInterface::setUriTemplate -* Removed from interface: Guzzle\Http\ClientInterface::setCurlMulti() -* Removed Guzzle\Http\Message\Request::receivedRequestHeader() and implemented this functionality in - Guzzle\Http\Curl\RequestMediator -* Removed the optional $asString parameter from MessageInterface::getHeader(). Just cast the header to a string. -* Removed the optional $tryChunkedTransfer option from Guzzle\Http\Message\EntityEnclosingRequestInterface -* Removed the $asObjects argument from Guzzle\Http\Message\MessageInterface::getHeaders() -* Removed Guzzle\Parser\ParserRegister::get(). Use getParser() -* Removed Guzzle\Parser\ParserRegister::set(). Use registerParser(). -* All response header helper functions return a string rather than mixing Header objects and strings inconsistently -* Removed cURL blacklist support. This is no longer necessary now that Expect, Accept, etc. are managed by Guzzle - directly via interfaces -* Removed the injecting of a request object onto a response object. The methods to get and set a request still exist - but are a no-op until removed. -* Most classes that used to require a `Guzzle\Service\Command\CommandInterface` typehint now request a - `Guzzle\Service\Command\ArrayCommandInterface`. -* Added `Guzzle\Http\Message\RequestInterface::startResponse()` to the RequestInterface to handle injecting a response - on a request while the request is still being transferred -* The ability to case-insensitively search for header values -* Guzzle\Http\Message\Header::hasExactHeader -* Guzzle\Http\Message\Header::raw. Use getAll() -* Deprecated cache control specific methods on Guzzle\Http\Message\AbstractMessage. Use the CacheControl header object - instead. -* `Guzzle\Service\Command\CommandInterface` now extends from ToArrayInterface and ArrayAccess -* Added the ability to cast Model objects to a string to view debug information. - -## 3.5.0 - 2013-05-13 - -* Bug: Fixed a regression so that request responses are parsed only once per oncomplete event rather than multiple times -* Bug: Better cleanup of one-time events across the board (when an event is meant to fire once, it will now remove - itself from the EventDispatcher) -* Bug: `Guzzle\Log\MessageFormatter` now properly writes "total_time" and "connect_time" values -* Bug: Cloning an EntityEnclosingRequest now clones the EntityBody too -* Bug: Fixed an undefined index error when parsing nested JSON responses with a sentAs parameter that reference a - non-existent key -* Bug: All __call() method arguments are now required (helps with mocking frameworks) -* Deprecating Response::getRequest() and now using a shallow clone of a request object to remove a circular reference - to help with refcount based garbage collection of resources created by sending a request -* Deprecating ZF1 cache and log adapters. These will be removed in the next major version. -* Deprecating `Response::getPreviousResponse()` (method signature still exists, but it's deprecated). Use the - HistoryPlugin for a history. -* Added a `responseBody` alias for the `response_body` location -* Refactored internals to no longer rely on Response::getRequest() -* HistoryPlugin can now be cast to a string -* HistoryPlugin now logs transactions rather than requests and responses to more accurately keep track of the requests - and responses that are sent over the wire -* Added `getEffectiveUrl()` and `getRedirectCount()` to Response objects - -## 3.4.3 - 2013-04-30 - -* Bug fix: Fixing bug introduced in 3.4.2 where redirect responses are duplicated on the final redirected response -* Added a check to re-extract the temp cacert bundle from the phar before sending each request - -## 3.4.2 - 2013-04-29 - -* Bug fix: Stream objects now work correctly with "a" and "a+" modes -* Bug fix: Removing `Transfer-Encoding: chunked` header when a Content-Length is present -* Bug fix: AsyncPlugin no longer forces HEAD requests -* Bug fix: DateTime timezones are now properly handled when using the service description schema formatter -* Bug fix: CachePlugin now properly handles stale-if-error directives when a request to the origin server fails -* Setting a response on a request will write to the custom request body from the response body if one is specified -* LogPlugin now writes to php://output when STDERR is undefined -* Added the ability to set multiple POST files for the same key in a single call -* application/x-www-form-urlencoded POSTs now use the utf-8 charset by default -* Added the ability to queue CurlExceptions to the MockPlugin -* Cleaned up how manual responses are queued on requests (removed "queued_response" and now using request.before_send) -* Configuration loading now allows remote files - -## 3.4.1 - 2013-04-16 - -* Large refactoring to how CurlMulti handles work. There is now a proxy that sits in front of a pool of CurlMulti - handles. This greatly simplifies the implementation, fixes a couple bugs, and provides a small performance boost. -* Exceptions are now properly grouped when sending requests in parallel -* Redirects are now properly aggregated when a multi transaction fails -* Redirects now set the response on the original object even in the event of a failure -* Bug fix: Model names are now properly set even when using $refs -* Added support for PHP 5.5's CurlFile to prevent warnings with the deprecated @ syntax -* Added support for oauth_callback in OAuth signatures -* Added support for oauth_verifier in OAuth signatures -* Added support to attempt to retrieve a command first literally, then ucfirst, the with inflection - -## 3.4.0 - 2013-04-11 - -* Bug fix: URLs are now resolved correctly based on https://tools.ietf.org/html/rfc3986#section-5.2. #289 -* Bug fix: Absolute URLs with a path in a service description will now properly override the base URL. #289 -* Bug fix: Parsing a query string with a single PHP array value will now result in an array. #263 -* Bug fix: Better normalization of the User-Agent header to prevent duplicate headers. #264. -* Bug fix: Added `number` type to service descriptions. -* Bug fix: empty parameters are removed from an OAuth signature -* Bug fix: Revalidating a cache entry prefers the Last-Modified over the Date header -* Bug fix: Fixed "array to string" error when validating a union of types in a service description -* Bug fix: Removed code that attempted to determine the size of a stream when data is written to the stream -* Bug fix: Not including an `oauth_token` if the value is null in the OauthPlugin. -* Bug fix: Now correctly aggregating successful requests and failed requests in CurlMulti when a redirect occurs. -* The new default CURLOPT_TIMEOUT setting has been increased to 150 seconds so that Guzzle works on poor connections. -* Added a feature to EntityEnclosingRequest::setBody() that will automatically set the Content-Type of the request if - the Content-Type can be determined based on the entity body or the path of the request. -* Added the ability to overwrite configuration settings in a client when grabbing a throwaway client from a builder. -* Added support for a PSR-3 LogAdapter. -* Added a `command.after_prepare` event -* Added `oauth_callback` parameter to the OauthPlugin -* Added the ability to create a custom stream class when using a stream factory -* Added a CachingEntityBody decorator -* Added support for `additionalParameters` in service descriptions to define how custom parameters are serialized. -* The bundled SSL certificate is now provided in the phar file and extracted when running Guzzle from a phar. -* You can now send any EntityEnclosingRequest with POST fields or POST files and cURL will handle creating bodies -* POST requests using a custom entity body are now treated exactly like PUT requests but with a custom cURL method. This - means that the redirect behavior of POST requests with custom bodies will not be the same as POST requests that use - POST fields or files (the latter is only used when emulating a form POST in the browser). -* Lots of cleanup to CurlHandle::factory and RequestFactory::createRequest - -## 3.3.1 - 2013-03-10 - -* Added the ability to create PHP streaming responses from HTTP requests -* Bug fix: Running any filters when parsing response headers with service descriptions -* Bug fix: OauthPlugin fixes to allow for multi-dimensional array signing, and sorting parameters before signing -* Bug fix: Removed the adding of default empty arrays and false Booleans to responses in order to be consistent across - response location visitors. -* Bug fix: Removed the possibility of creating configuration files with circular dependencies -* RequestFactory::create() now uses the key of a POST file when setting the POST file name -* Added xmlAllowEmpty to serialize an XML body even if no XML specific parameters are set - -## 3.3.0 - 2013-03-03 - -* A large number of performance optimizations have been made -* Bug fix: Added 'wb' as a valid write mode for streams -* Bug fix: `Guzzle\Http\Message\Response::json()` now allows scalar values to be returned -* Bug fix: Fixed bug in `Guzzle\Http\Message\Response` where wrapping quotes were stripped from `getEtag()` -* BC: Removed `Guzzle\Http\Utils` class -* BC: Setting a service description on a client will no longer modify the client's command factories. -* BC: Emitting IO events from a RequestMediator is now a parameter that must be set in a request's curl options using - the 'emit_io' key. This was previously set under a request's parameters using 'curl.emit_io' -* BC: `Guzzle\Stream\Stream::getWrapper()` and `Guzzle\Stream\Stream::getSteamType()` are no longer converted to - lowercase -* Operation parameter objects are now lazy loaded internally -* Added ErrorResponsePlugin that can throw errors for responses defined in service description operations' errorResponses -* Added support for instantiating responseType=class responseClass classes. Classes must implement - `Guzzle\Service\Command\ResponseClassInterface` -* Added support for additionalProperties for top-level parameters in responseType=model responseClasses. These - additional properties also support locations and can be used to parse JSON responses where the outermost part of the - JSON is an array -* Added support for nested renaming of JSON models (rename sentAs to name) -* CachePlugin - * Added support for stale-if-error so that the CachePlugin can now serve stale content from the cache on error - * Debug headers can now added to cached response in the CachePlugin - -## 3.2.0 - 2013-02-14 - -* CurlMulti is no longer reused globally. A new multi object is created per-client. This helps to isolate clients. -* URLs with no path no longer contain a "/" by default -* Guzzle\Http\QueryString does no longer manages the leading "?". This is now handled in Guzzle\Http\Url. -* BadResponseException no longer includes the full request and response message -* Adding setData() to Guzzle\Service\Description\ServiceDescriptionInterface -* Adding getResponseBody() to Guzzle\Http\Message\RequestInterface -* Various updates to classes to use ServiceDescriptionInterface type hints rather than ServiceDescription -* Header values can now be normalized into distinct values when multiple headers are combined with a comma separated list -* xmlEncoding can now be customized for the XML declaration of a XML service description operation -* Guzzle\Http\QueryString now uses Guzzle\Http\QueryAggregator\QueryAggregatorInterface objects to add custom value - aggregation and no longer uses callbacks -* The URL encoding implementation of Guzzle\Http\QueryString can now be customized -* Bug fix: Filters were not always invoked for array service description parameters -* Bug fix: Redirects now use a target response body rather than a temporary response body -* Bug fix: The default exponential backoff BackoffPlugin was not giving when the request threshold was exceeded -* Bug fix: Guzzle now takes the first found value when grabbing Cache-Control directives - -## 3.1.2 - 2013-01-27 - -* Refactored how operation responses are parsed. Visitors now include a before() method responsible for parsing the - response body. For example, the XmlVisitor now parses the XML response into an array in the before() method. -* Fixed an issue where cURL would not automatically decompress responses when the Accept-Encoding header was sent -* CURLOPT_SSL_VERIFYHOST is never set to 1 because it is deprecated (see 5e0ff2ef20f839e19d1eeb298f90ba3598784444) -* Fixed a bug where redirect responses were not chained correctly using getPreviousResponse() -* Setting default headers on a client after setting the user-agent will not erase the user-agent setting - -## 3.1.1 - 2013-01-20 - -* Adding wildcard support to Guzzle\Common\Collection::getPath() -* Adding alias support to ServiceBuilder configs -* Adding Guzzle\Service\Resource\CompositeResourceIteratorFactory and cleaning up factory interface - -## 3.1.0 - 2013-01-12 - -* BC: CurlException now extends from RequestException rather than BadResponseException -* BC: Renamed Guzzle\Plugin\Cache\CanCacheStrategyInterface::canCache() to canCacheRequest() and added CanCacheResponse() -* Added getData to ServiceDescriptionInterface -* Added context array to RequestInterface::setState() -* Bug: Removing hard dependency on the BackoffPlugin from Guzzle\Http -* Bug: Adding required content-type when JSON request visitor adds JSON to a command -* Bug: Fixing the serialization of a service description with custom data -* Made it easier to deal with exceptions thrown when transferring commands or requests in parallel by providing - an array of successful and failed responses -* Moved getPath from Guzzle\Service\Resource\Model to Guzzle\Common\Collection -* Added Guzzle\Http\IoEmittingEntityBody -* Moved command filtration from validators to location visitors -* Added `extends` attributes to service description parameters -* Added getModels to ServiceDescriptionInterface - -## 3.0.7 - 2012-12-19 - -* Fixing phar detection when forcing a cacert to system if null or true -* Allowing filename to be passed to `Guzzle\Http\Message\Request::setResponseBody()` -* Cleaning up `Guzzle\Common\Collection::inject` method -* Adding a response_body location to service descriptions - -## 3.0.6 - 2012-12-09 - -* CurlMulti performance improvements -* Adding setErrorResponses() to Operation -* composer.json tweaks - -## 3.0.5 - 2012-11-18 - -* Bug: Fixing an infinite recursion bug caused from revalidating with the CachePlugin -* Bug: Response body can now be a string containing "0" -* Bug: Using Guzzle inside of a phar uses system by default but now allows for a custom cacert -* Bug: QueryString::fromString now properly parses query string parameters that contain equal signs -* Added support for XML attributes in service description responses -* DefaultRequestSerializer now supports array URI parameter values for URI template expansion -* Added better mimetype guessing to requests and post files - -## 3.0.4 - 2012-11-11 - -* Bug: Fixed a bug when adding multiple cookies to a request to use the correct glue value -* Bug: Cookies can now be added that have a name, domain, or value set to "0" -* Bug: Using the system cacert bundle when using the Phar -* Added json and xml methods to Response to make it easier to parse JSON and XML response data into data structures -* Enhanced cookie jar de-duplication -* Added the ability to enable strict cookie jars that throw exceptions when invalid cookies are added -* Added setStream to StreamInterface to actually make it possible to implement custom rewind behavior for entity bodies -* Added the ability to create any sort of hash for a stream rather than just an MD5 hash - -## 3.0.3 - 2012-11-04 - -* Implementing redirects in PHP rather than cURL -* Added PECL URI template extension and using as default parser if available -* Bug: Fixed Content-Length parsing of Response factory -* Adding rewind() method to entity bodies and streams. Allows for custom rewinding of non-repeatable streams. -* Adding ToArrayInterface throughout library -* Fixing OauthPlugin to create unique nonce values per request - -## 3.0.2 - 2012-10-25 - -* Magic methods are enabled by default on clients -* Magic methods return the result of a command -* Service clients no longer require a base_url option in the factory -* Bug: Fixed an issue with URI templates where null template variables were being expanded - -## 3.0.1 - 2012-10-22 - -* Models can now be used like regular collection objects by calling filter, map, etc. -* Models no longer require a Parameter structure or initial data in the constructor -* Added a custom AppendIterator to get around a PHP bug with the `\AppendIterator` - -## 3.0.0 - 2012-10-15 - -* Rewrote service description format to be based on Swagger - * Now based on JSON schema - * Added nested input structures and nested response models - * Support for JSON and XML input and output models - * Renamed `commands` to `operations` - * Removed dot class notation - * Removed custom types -* Broke the project into smaller top-level namespaces to be more component friendly -* Removed support for XML configs and descriptions. Use arrays or JSON files. -* Removed the Validation component and Inspector -* Moved all cookie code to Guzzle\Plugin\Cookie -* Magic methods on a Guzzle\Service\Client now return the command un-executed. -* Calling getResult() or getResponse() on a command will lazily execute the command if needed. -* Now shipping with cURL's CA certs and using it by default -* Added previousResponse() method to response objects -* No longer sending Accept and Accept-Encoding headers on every request -* Only sending an Expect header by default when a payload is greater than 1MB -* Added/moved client options: - * curl.blacklist to curl.option.blacklist - * Added ssl.certificate_authority -* Added a Guzzle\Iterator component -* Moved plugins from Guzzle\Http\Plugin to Guzzle\Plugin -* Added a more robust backoff retry strategy (replaced the ExponentialBackoffPlugin) -* Added a more robust caching plugin -* Added setBody to response objects -* Updating LogPlugin to use a more flexible MessageFormatter -* Added a completely revamped build process -* Cleaning up Collection class and removing default values from the get method -* Fixed ZF2 cache adapters - -## 2.8.8 - 2012-10-15 - -* Bug: Fixed a cookie issue that caused dot prefixed domains to not match where popular browsers did - -## 2.8.7 - 2012-09-30 - -* Bug: Fixed config file aliases for JSON includes -* Bug: Fixed cookie bug on a request object by using CookieParser to parse cookies on requests -* Bug: Removing the path to a file when sending a Content-Disposition header on a POST upload -* Bug: Hardening request and response parsing to account for missing parts -* Bug: Fixed PEAR packaging -* Bug: Fixed Request::getInfo -* Bug: Fixed cases where CURLM_CALL_MULTI_PERFORM return codes were causing curl transactions to fail -* Adding the ability for the namespace Iterator factory to look in multiple directories -* Added more getters/setters/removers from service descriptions -* Added the ability to remove POST fields from OAuth signatures -* OAuth plugin now supports 2-legged OAuth - -## 2.8.6 - 2012-09-05 - -* Added the ability to modify and build service descriptions -* Added the use of visitors to apply parameters to locations in service descriptions using the dynamic command -* Added a `json` parameter location -* Now allowing dot notation for classes in the CacheAdapterFactory -* Using the union of two arrays rather than an array_merge when extending service builder services and service params -* Ensuring that a service is a string before doing strpos() checks on it when substituting services for references - in service builder config files. -* Services defined in two different config files that include one another will by default replace the previously - defined service, but you can now create services that extend themselves and merge their settings over the previous -* The JsonLoader now supports aliasing filenames with different filenames. This allows you to alias something like - '_default' with a default JSON configuration file. - -## 2.8.5 - 2012-08-29 - -* Bug: Suppressed empty arrays from URI templates -* Bug: Added the missing $options argument from ServiceDescription::factory to enable caching -* Added support for HTTP responses that do not contain a reason phrase in the start-line -* AbstractCommand commands are now invokable -* Added a way to get the data used when signing an Oauth request before a request is sent - -## 2.8.4 - 2012-08-15 - -* Bug: Custom delay time calculations are no longer ignored in the ExponentialBackoffPlugin -* Added the ability to transfer entity bodies as a string rather than streamed. This gets around curl error 65. Set `body_as_string` in a request's curl options to enable. -* Added a StreamInterface, EntityBodyInterface, and added ftell() to Guzzle\Common\Stream -* Added an AbstractEntityBodyDecorator and a ReadLimitEntityBody decorator to transfer only a subset of a decorated stream -* Stream and EntityBody objects will now return the file position to the previous position after a read required operation (e.g. getContentMd5()) -* Added additional response status codes -* Removed SSL information from the default User-Agent header -* DELETE requests can now send an entity body -* Added an EventDispatcher to the ExponentialBackoffPlugin and added an ExponentialBackoffLogger to log backoff retries -* Added the ability of the MockPlugin to consume mocked request bodies -* LogPlugin now exposes request and response objects in the extras array - -## 2.8.3 - 2012-07-30 - -* Bug: Fixed a case where empty POST requests were sent as GET requests -* Bug: Fixed a bug in ExponentialBackoffPlugin that caused fatal errors when retrying an EntityEnclosingRequest that does not have a body -* Bug: Setting the response body of a request to null after completing a request, not when setting the state of a request to new -* Added multiple inheritance to service description commands -* Added an ApiCommandInterface and added `getParamNames()` and `hasParam()` -* Removed the default 2mb size cutoff from the Md5ValidatorPlugin so that it now defaults to validating everything -* Changed CurlMulti::perform to pass a smaller timeout to CurlMulti::executeHandles - -## 2.8.2 - 2012-07-24 - -* Bug: Query string values set to 0 are no longer dropped from the query string -* Bug: A Collection object is no longer created each time a call is made to `Guzzle\Service\Command\AbstractCommand::getRequestHeaders()` -* Bug: `+` is now treated as an encoded space when parsing query strings -* QueryString and Collection performance improvements -* Allowing dot notation for class paths in filters attribute of a service descriptions - -## 2.8.1 - 2012-07-16 - -* Loosening Event Dispatcher dependency -* POST redirects can now be customized using CURLOPT_POSTREDIR - -## 2.8.0 - 2012-07-15 - -* BC: Guzzle\Http\Query - * Query strings with empty variables will always show an equal sign unless the variable is set to QueryString::BLANK (e.g. ?acl= vs ?acl) - * Changed isEncodingValues() and isEncodingFields() to isUrlEncoding() - * Changed setEncodeValues(bool) and setEncodeFields(bool) to useUrlEncoding(bool) - * Changed the aggregation functions of QueryString to be static methods - * Can now use fromString() with querystrings that have a leading ? -* cURL configuration values can be specified in service descriptions using `curl.` prefixed parameters -* Content-Length is set to 0 before emitting the request.before_send event when sending an empty request body -* Cookies are no longer URL decoded by default -* Bug: URI template variables set to null are no longer expanded - -## 2.7.2 - 2012-07-02 - -* BC: Moving things to get ready for subtree splits. Moving Inflection into Common. Moving Guzzle\Http\Parser to Guzzle\Parser. -* BC: Removing Guzzle\Common\Batch\Batch::count() and replacing it with isEmpty() -* CachePlugin now allows for a custom request parameter function to check if a request can be cached -* Bug fix: CachePlugin now only caches GET and HEAD requests by default -* Bug fix: Using header glue when transferring headers over the wire -* Allowing deeply nested arrays for composite variables in URI templates -* Batch divisors can now return iterators or arrays - -## 2.7.1 - 2012-06-26 - -* Minor patch to update version number in UA string -* Updating build process - -## 2.7.0 - 2012-06-25 - -* BC: Inflection classes moved to Guzzle\Inflection. No longer static methods. Can now inject custom inflectors into classes. -* BC: Removed magic setX methods from commands -* BC: Magic methods mapped to service description commands are now inflected in the command factory rather than the client __call() method -* Verbose cURL options are no longer enabled by default. Set curl.debug to true on a client to enable. -* Bug: Now allowing colons in a response start-line (e.g. HTTP/1.1 503 Service Unavailable: Back-end server is at capacity) -* Guzzle\Service\Resource\ResourceIteratorApplyBatched now internally uses the Guzzle\Common\Batch namespace -* Added Guzzle\Service\Plugin namespace and a PluginCollectionPlugin -* Added the ability to set POST fields and files in a service description -* Guzzle\Http\EntityBody::factory() now accepts objects with a __toString() method -* Adding a command.before_prepare event to clients -* Added BatchClosureTransfer and BatchClosureDivisor -* BatchTransferException now includes references to the batch divisor and transfer strategies -* Fixed some tests so that they pass more reliably -* Added Guzzle\Common\Log\ArrayLogAdapter - -## 2.6.6 - 2012-06-10 - -* BC: Removing Guzzle\Http\Plugin\BatchQueuePlugin -* BC: Removing Guzzle\Service\Command\CommandSet -* Adding generic batching system (replaces the batch queue plugin and command set) -* Updating ZF cache and log adapters and now using ZF's composer repository -* Bug: Setting the name of each ApiParam when creating through an ApiCommand -* Adding result_type, result_doc, deprecated, and doc_url to service descriptions -* Bug: Changed the default cookie header casing back to 'Cookie' - -## 2.6.5 - 2012-06-03 - -* BC: Renaming Guzzle\Http\Message\RequestInterface::getResourceUri() to getResource() -* BC: Removing unused AUTH_BASIC and AUTH_DIGEST constants from -* BC: Guzzle\Http\Cookie is now used to manage Set-Cookie data, not Cookie data -* BC: Renaming methods in the CookieJarInterface -* Moving almost all cookie logic out of the CookiePlugin and into the Cookie or CookieJar implementations -* Making the default glue for HTTP headers ';' instead of ',' -* Adding a removeValue to Guzzle\Http\Message\Header -* Adding getCookies() to request interface. -* Making it easier to add event subscribers to HasDispatcherInterface classes. Can now directly call addSubscriber() - -## 2.6.4 - 2012-05-30 - -* BC: Cleaning up how POST files are stored in EntityEnclosingRequest objects. Adding PostFile class. -* BC: Moving ApiCommand specific functionality from the Inspector and on to the ApiCommand -* Bug: Fixing magic method command calls on clients -* Bug: Email constraint only validates strings -* Bug: Aggregate POST fields when POST files are present in curl handle -* Bug: Fixing default User-Agent header -* Bug: Only appending or prepending parameters in commands if they are specified -* Bug: Not requiring response reason phrases or status codes to match a predefined list of codes -* Allowing the use of dot notation for class namespaces when using instance_of constraint -* Added any_match validation constraint -* Added an AsyncPlugin -* Passing request object to the calculateWait method of the ExponentialBackoffPlugin -* Allowing the result of a command object to be changed -* Parsing location and type sub values when instantiating a service description rather than over and over at runtime - -## 2.6.3 - 2012-05-23 - -* [BC] Guzzle\Common\FromConfigInterface no longer requires any config options. -* [BC] Refactoring how POST files are stored on an EntityEnclosingRequest. They are now separate from POST fields. -* You can now use an array of data when creating PUT request bodies in the request factory. -* Removing the requirement that HTTPS requests needed a Cache-Control: public directive to be cacheable. -* [Http] Adding support for Content-Type in multipart POST uploads per upload -* [Http] Added support for uploading multiple files using the same name (foo[0], foo[1]) -* Adding more POST data operations for easier manipulation of POST data. -* You can now set empty POST fields. -* The body of a request is only shown on EntityEnclosingRequest objects that do not use POST files. -* Split the Guzzle\Service\Inspector::validateConfig method into two methods. One to initialize when a command is created, and one to validate. -* CS updates - -## 2.6.2 - 2012-05-19 - -* [Http] Better handling of nested scope requests in CurlMulti. Requests are now always prepares in the send() method rather than the addRequest() method. - -## 2.6.1 - 2012-05-19 - -* [BC] Removing 'path' support in service descriptions. Use 'uri'. -* [BC] Guzzle\Service\Inspector::parseDocBlock is now protected. Adding getApiParamsForClass() with cache. -* [BC] Removing Guzzle\Common\NullObject. Use https://github.com/mtdowling/NullObject if you need it. -* [BC] Removing Guzzle\Common\XmlElement. -* All commands, both dynamic and concrete, have ApiCommand objects. -* Adding a fix for CurlMulti so that if all of the connections encounter some sort of curl error, then the loop exits. -* Adding checks to EntityEnclosingRequest so that empty POST files and fields are ignored. -* Making the method signature of Guzzle\Service\Builder\ServiceBuilder::factory more flexible. - -## 2.6.0 - 2012-05-15 - -* [BC] Moving Guzzle\Service\Builder to Guzzle\Service\Builder\ServiceBuilder -* [BC] Executing a Command returns the result of the command rather than the command -* [BC] Moving all HTTP parsing logic to Guzzle\Http\Parsers. Allows for faster C implementations if needed. -* [BC] Changing the Guzzle\Http\Message\Response::setProtocol() method to accept a protocol and version in separate args. -* [BC] Moving ResourceIterator* to Guzzle\Service\Resource -* [BC] Completely refactored ResourceIterators to iterate over a cloned command object -* [BC] Moved Guzzle\Http\UriTemplate to Guzzle\Http\Parser\UriTemplate\UriTemplate -* [BC] Guzzle\Guzzle is now deprecated -* Moving Guzzle\Common\Guzzle::inject to Guzzle\Common\Collection::inject -* Adding Guzzle\Version class to give version information about Guzzle -* Adding Guzzle\Http\Utils class to provide getDefaultUserAgent() and getHttpDate() -* Adding Guzzle\Curl\CurlVersion to manage caching curl_version() data -* ServiceDescription and ServiceBuilder are now cacheable using similar configs -* Changing the format of XML and JSON service builder configs. Backwards compatible. -* Cleaned up Cookie parsing -* Trimming the default Guzzle User-Agent header -* Adding a setOnComplete() method to Commands that is called when a command completes -* Keeping track of requests that were mocked in the MockPlugin -* Fixed a caching bug in the CacheAdapterFactory -* Inspector objects can be injected into a Command object -* Refactoring a lot of code and tests to be case insensitive when dealing with headers -* Adding Guzzle\Http\Message\HeaderComparison for easy comparison of HTTP headers using a DSL -* Adding the ability to set global option overrides to service builder configs -* Adding the ability to include other service builder config files from within XML and JSON files -* Moving the parseQuery method out of Url and on to QueryString::fromString() as a static factory method. - -## 2.5.0 - 2012-05-08 - -* Major performance improvements -* [BC] Simplifying Guzzle\Common\Collection. Please check to see if you are using features that are now deprecated. -* [BC] Using a custom validation system that allows a flyweight implementation for much faster validation. No longer using Symfony2 Validation component. -* [BC] No longer supporting "{{ }}" for injecting into command or UriTemplates. Use "{}" -* Added the ability to passed parameters to all requests created by a client -* Added callback functionality to the ExponentialBackoffPlugin -* Using microtime in ExponentialBackoffPlugin to allow more granular backoff strategies. -* Rewinding request stream bodies when retrying requests -* Exception is thrown when JSON response body cannot be decoded -* Added configurable magic method calls to clients and commands. This is off by default. -* Fixed a defect that added a hash to every parsed URL part -* Fixed duplicate none generation for OauthPlugin. -* Emitting an event each time a client is generated by a ServiceBuilder -* Using an ApiParams object instead of a Collection for parameters of an ApiCommand -* cache.* request parameters should be renamed to params.cache.* -* Added the ability to set arbitrary curl options on requests (disable_wire, progress, etc.). See CurlHandle. -* Added the ability to disable type validation of service descriptions -* ServiceDescriptions and ServiceBuilders are now Serializable diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/LICENSE b/plugins/auth/vendor/guzzlehttp/guzzle/LICENSE deleted file mode 100644 index fd2375d8..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2011 Michael Dowling -Copyright (c) 2012 Jeremy Lindblom -Copyright (c) 2014 Graham Campbell -Copyright (c) 2015 Márk Sági-Kazár -Copyright (c) 2015 Tobias Schultze -Copyright (c) 2016 Tobias Nyholm -Copyright (c) 2016 George Mponos - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/README.md b/plugins/auth/vendor/guzzlehttp/guzzle/README.md deleted file mode 100644 index f287fa98..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/README.md +++ /dev/null @@ -1,94 +0,0 @@ -![Guzzle](.github/logo.png?raw=true) - -# Guzzle, PHP HTTP client - -[![Latest Version](https://img.shields.io/github/release/guzzle/guzzle.svg?style=flat-square)](https://github.com/guzzle/guzzle/releases) -[![Build Status](https://img.shields.io/github/workflow/status/guzzle/guzzle/CI?label=ci%20build&style=flat-square)](https://github.com/guzzle/guzzle/actions?query=workflow%3ACI) -[![Total Downloads](https://img.shields.io/packagist/dt/guzzlehttp/guzzle.svg?style=flat-square)](https://packagist.org/packages/guzzlehttp/guzzle) - -Guzzle is a PHP HTTP client that makes it easy to send HTTP requests and -trivial to integrate with web services. - -- Simple interface for building query strings, POST requests, streaming large - uploads, streaming large downloads, using HTTP cookies, uploading JSON data, - etc... -- Can send both synchronous and asynchronous requests using the same interface. -- Uses PSR-7 interfaces for requests, responses, and streams. This allows you - to utilize other PSR-7 compatible libraries with Guzzle. -- Supports PSR-18 allowing interoperability between other PSR-18 HTTP Clients. -- Abstracts away the underlying HTTP transport, allowing you to write - environment and transport agnostic code; i.e., no hard dependency on cURL, - PHP streams, sockets, or non-blocking event loops. -- Middleware system allows you to augment and compose client behavior. - -```php -$client = new \GuzzleHttp\Client(); -$response = $client->request('GET', 'https://api.github.com/repos/guzzle/guzzle'); - -echo $response->getStatusCode(); // 200 -echo $response->getHeaderLine('content-type'); // 'application/json; charset=utf8' -echo $response->getBody(); // '{"id": 1420053, "name": "guzzle", ...}' - -// Send an asynchronous request. -$request = new \GuzzleHttp\Psr7\Request('GET', 'http://httpbin.org'); -$promise = $client->sendAsync($request)->then(function ($response) { - echo 'I completed! ' . $response->getBody(); -}); - -$promise->wait(); -``` - -## Help and docs - -We use GitHub issues only to discuss bugs and new features. For support please refer to: - -- [Documentation](https://docs.guzzlephp.org) -- [Stack Overflow](https://stackoverflow.com/questions/tagged/guzzle) -- [#guzzle](https://app.slack.com/client/T0D2S9JCT/CE6UAAKL4) channel on [PHP-HTTP Slack](https://slack.httplug.io/) -- [Gitter](https://gitter.im/guzzle/guzzle) - - -## Installing Guzzle - -The recommended way to install Guzzle is through -[Composer](https://getcomposer.org/). - -```bash -composer require guzzlehttp/guzzle -``` - - -## Version Guidance - -| Version | Status | Packagist | Namespace | Repo | Docs | PSR-7 | PHP Version | -|---------|----------------|---------------------|--------------|---------------------|---------------------|-------|--------------| -| 3.x | EOL | `guzzle/guzzle` | `Guzzle` | [v3][guzzle-3-repo] | [v3][guzzle-3-docs] | No | >=5.3.3,<7.0 | -| 4.x | EOL | `guzzlehttp/guzzle` | `GuzzleHttp` | [v4][guzzle-4-repo] | N/A | No | >=5.4,<7.0 | -| 5.x | EOL | `guzzlehttp/guzzle` | `GuzzleHttp` | [v5][guzzle-5-repo] | [v5][guzzle-5-docs] | No | >=5.4,<7.4 | -| 6.x | Security fixes | `guzzlehttp/guzzle` | `GuzzleHttp` | [v6][guzzle-6-repo] | [v6][guzzle-6-docs] | Yes | >=5.5,<8.0 | -| 7.x | Latest | `guzzlehttp/guzzle` | `GuzzleHttp` | [v7][guzzle-7-repo] | [v7][guzzle-7-docs] | Yes | >=7.2.5,<8.2 | - -[guzzle-3-repo]: https://github.com/guzzle/guzzle3 -[guzzle-4-repo]: https://github.com/guzzle/guzzle/tree/4.x -[guzzle-5-repo]: https://github.com/guzzle/guzzle/tree/5.3 -[guzzle-6-repo]: https://github.com/guzzle/guzzle/tree/6.5 -[guzzle-7-repo]: https://github.com/guzzle/guzzle -[guzzle-3-docs]: https://guzzle3.readthedocs.io/ -[guzzle-5-docs]: https://docs.guzzlephp.org/en/5.3/ -[guzzle-6-docs]: https://docs.guzzlephp.org/en/6.5/ -[guzzle-7-docs]: https://docs.guzzlephp.org/en/latest/ - - -## Security - -If you discover a security vulnerability within this package, please send an email to security@tidelift.com. All security vulnerabilities will be promptly addressed. Please do not disclose security-related issues publicly until a fix has been announced. Please see [Security Policy](https://github.com/guzzle/guzzle/security/policy) for more information. - -## License - -Guzzle is made available under the MIT License (MIT). Please see [License File](LICENSE) for more information. - -## For Enterprise - -Available as part of the Tidelift Subscription - -The maintainers of Guzzle and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. [Learn more.](https://tidelift.com/subscription/pkg/packagist-guzzlehttp-guzzle?utm_source=packagist-guzzlehttp-guzzle&utm_medium=referral&utm_campaign=enterprise&utm_term=repo) diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/UPGRADING.md b/plugins/auth/vendor/guzzlehttp/guzzle/UPGRADING.md deleted file mode 100644 index 45417a7e..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/UPGRADING.md +++ /dev/null @@ -1,1253 +0,0 @@ -Guzzle Upgrade Guide -==================== - -6.0 to 7.0 ----------- - -In order to take advantage of the new features of PHP, Guzzle dropped the support -of PHP 5. The minimum supported PHP version is now PHP 7.2. Type hints and return -types for functions and methods have been added wherever possible. - -Please make sure: -- You are calling a function or a method with the correct type. -- If you extend a class of Guzzle; update all signatures on methods you override. - -#### Other backwards compatibility breaking changes - -- Class `GuzzleHttp\UriTemplate` is removed. -- Class `GuzzleHttp\Exception\SeekException` is removed. -- Classes `GuzzleHttp\Exception\BadResponseException`, `GuzzleHttp\Exception\ClientException`, - `GuzzleHttp\Exception\ServerException` can no longer be initialized with an empty - Response as argument. -- Class `GuzzleHttp\Exception\ConnectException` now extends `GuzzleHttp\Exception\TransferException` - instead of `GuzzleHttp\Exception\RequestException`. -- Function `GuzzleHttp\Exception\ConnectException::getResponse()` is removed. -- Function `GuzzleHttp\Exception\ConnectException::hasResponse()` is removed. -- Constant `GuzzleHttp\ClientInterface::VERSION` is removed. Added `GuzzleHttp\ClientInterface::MAJOR_VERSION` instead. -- Function `GuzzleHttp\Exception\RequestException::getResponseBodySummary` is removed. - Use `\GuzzleHttp\Psr7\get_message_body_summary` as an alternative. -- Function `GuzzleHttp\Cookie\CookieJar::getCookieValue` is removed. -- Request option `exception` is removed. Please use `http_errors`. -- Request option `save_to` is removed. Please use `sink`. -- Pool option `pool_size` is removed. Please use `concurrency`. -- We now look for environment variables in the `$_SERVER` super global, due to thread safety issues with `getenv`. We continue to fallback to `getenv` in CLI environments, for maximum compatibility. -- The `get`, `head`, `put`, `post`, `patch`, `delete`, `getAsync`, `headAsync`, `putAsync`, `postAsync`, `patchAsync`, and `deleteAsync` methods are now implemented as genuine methods on `GuzzleHttp\Client`, with strong typing. The original `__call` implementation remains unchanged for now, for maximum backwards compatibility, but won't be invoked under normal operation. -- The `log` middleware will log the errors with level `error` instead of `notice` -- Support for international domain names (IDN) is now disabled by default, and enabling it requires installing ext-intl, linked against a modern version of the C library (ICU 4.6 or higher). - -#### Native functions calls - -All internal native functions calls of Guzzle are now prefixed with a slash. This -change makes it impossible for method overloading by other libraries or applications. -Example: - -```php -// Before: -curl_version(); - -// After: -\curl_version(); -``` - -For the full diff you can check [here](https://github.com/guzzle/guzzle/compare/6.5.4..master). - -5.0 to 6.0 ----------- - -Guzzle now uses [PSR-7](https://www.php-fig.org/psr/psr-7/) for HTTP messages. -Due to the fact that these messages are immutable, this prompted a refactoring -of Guzzle to use a middleware based system rather than an event system. Any -HTTP message interaction (e.g., `GuzzleHttp\Message\Request`) need to be -updated to work with the new immutable PSR-7 request and response objects. Any -event listeners or subscribers need to be updated to become middleware -functions that wrap handlers (or are injected into a -`GuzzleHttp\HandlerStack`). - -- Removed `GuzzleHttp\BatchResults` -- Removed `GuzzleHttp\Collection` -- Removed `GuzzleHttp\HasDataTrait` -- Removed `GuzzleHttp\ToArrayInterface` -- The `guzzlehttp/streams` dependency has been removed. Stream functionality - is now present in the `GuzzleHttp\Psr7` namespace provided by the - `guzzlehttp/psr7` package. -- Guzzle no longer uses ReactPHP promises and now uses the - `guzzlehttp/promises` library. We use a custom promise library for three - significant reasons: - 1. React promises (at the time of writing this) are recursive. Promise - chaining and promise resolution will eventually blow the stack. Guzzle - promises are not recursive as they use a sort of trampolining technique. - Note: there has been movement in the React project to modify promises to - no longer utilize recursion. - 2. Guzzle needs to have the ability to synchronously block on a promise to - wait for a result. Guzzle promises allows this functionality (and does - not require the use of recursion). - 3. Because we need to be able to wait on a result, doing so using React - promises requires wrapping react promises with RingPHP futures. This - overhead is no longer needed, reducing stack sizes, reducing complexity, - and improving performance. -- `GuzzleHttp\Mimetypes` has been moved to a function in - `GuzzleHttp\Psr7\mimetype_from_extension` and - `GuzzleHttp\Psr7\mimetype_from_filename`. -- `GuzzleHttp\Query` and `GuzzleHttp\QueryParser` have been removed. Query - strings must now be passed into request objects as strings, or provided to - the `query` request option when creating requests with clients. The `query` - option uses PHP's `http_build_query` to convert an array to a string. If you - need a different serialization technique, you will need to pass the query - string in as a string. There are a couple helper functions that will make - working with query strings easier: `GuzzleHttp\Psr7\parse_query` and - `GuzzleHttp\Psr7\build_query`. -- Guzzle no longer has a dependency on RingPHP. Due to the use of a middleware - system based on PSR-7, using RingPHP and it's middleware system as well adds - more complexity than the benefits it provides. All HTTP handlers that were - present in RingPHP have been modified to work directly with PSR-7 messages - and placed in the `GuzzleHttp\Handler` namespace. This significantly reduces - complexity in Guzzle, removes a dependency, and improves performance. RingPHP - will be maintained for Guzzle 5 support, but will no longer be a part of - Guzzle 6. -- As Guzzle now uses a middleware based systems the event system and RingPHP - integration has been removed. Note: while the event system has been removed, - it is possible to add your own type of event system that is powered by the - middleware system. - - Removed the `Event` namespace. - - Removed the `Subscriber` namespace. - - Removed `Transaction` class - - Removed `RequestFsm` - - Removed `RingBridge` - - `GuzzleHttp\Subscriber\Cookie` is now provided by - `GuzzleHttp\Middleware::cookies` - - `GuzzleHttp\Subscriber\HttpError` is now provided by - `GuzzleHttp\Middleware::httpError` - - `GuzzleHttp\Subscriber\History` is now provided by - `GuzzleHttp\Middleware::history` - - `GuzzleHttp\Subscriber\Mock` is now provided by - `GuzzleHttp\Handler\MockHandler` - - `GuzzleHttp\Subscriber\Prepare` is now provided by - `GuzzleHttp\PrepareBodyMiddleware` - - `GuzzleHttp\Subscriber\Redirect` is now provided by - `GuzzleHttp\RedirectMiddleware` -- Guzzle now uses `Psr\Http\Message\UriInterface` (implements in - `GuzzleHttp\Psr7\Uri`) for URI support. `GuzzleHttp\Url` is now gone. -- Static functions in `GuzzleHttp\Utils` have been moved to namespaced - functions under the `GuzzleHttp` namespace. This requires either a Composer - based autoloader or you to include functions.php. -- `GuzzleHttp\ClientInterface::getDefaultOption` has been renamed to - `GuzzleHttp\ClientInterface::getConfig`. -- `GuzzleHttp\ClientInterface::setDefaultOption` has been removed. -- The `json` and `xml` methods of response objects has been removed. With the - migration to strictly adhering to PSR-7 as the interface for Guzzle messages, - adding methods to message interfaces would actually require Guzzle messages - to extend from PSR-7 messages rather then work with them directly. - -## Migrating to middleware - -The change to PSR-7 unfortunately required significant refactoring to Guzzle -due to the fact that PSR-7 messages are immutable. Guzzle 5 relied on an event -system from plugins. The event system relied on mutability of HTTP messages and -side effects in order to work. With immutable messages, you have to change your -workflow to become more about either returning a value (e.g., functional -middlewares) or setting a value on an object. Guzzle v6 has chosen the -functional middleware approach. - -Instead of using the event system to listen for things like the `before` event, -you now create a stack based middleware function that intercepts a request on -the way in and the promise of the response on the way out. This is a much -simpler and more predictable approach than the event system and works nicely -with PSR-7 middleware. Due to the use of promises, the middleware system is -also asynchronous. - -v5: - -```php -use GuzzleHttp\Event\BeforeEvent; -$client = new GuzzleHttp\Client(); -// Get the emitter and listen to the before event. -$client->getEmitter()->on('before', function (BeforeEvent $e) { - // Guzzle v5 events relied on mutation - $e->getRequest()->setHeader('X-Foo', 'Bar'); -}); -``` - -v6: - -In v6, you can modify the request before it is sent using the `mapRequest` -middleware. The idiomatic way in v6 to modify the request/response lifecycle is -to setup a handler middleware stack up front and inject the handler into a -client. - -```php -use GuzzleHttp\Middleware; -// Create a handler stack that has all of the default middlewares attached -$handler = GuzzleHttp\HandlerStack::create(); -// Push the handler onto the handler stack -$handler->push(Middleware::mapRequest(function (RequestInterface $request) { - // Notice that we have to return a request object - return $request->withHeader('X-Foo', 'Bar'); -})); -// Inject the handler into the client -$client = new GuzzleHttp\Client(['handler' => $handler]); -``` - -## POST Requests - -This version added the [`form_params`](http://guzzle.readthedocs.org/en/latest/request-options.html#form_params) -and `multipart` request options. `form_params` is an associative array of -strings or array of strings and is used to serialize an -`application/x-www-form-urlencoded` POST request. The -[`multipart`](http://guzzle.readthedocs.org/en/latest/request-options.html#multipart) -option is now used to send a multipart/form-data POST request. - -`GuzzleHttp\Post\PostFile` has been removed. Use the `multipart` option to add -POST files to a multipart/form-data request. - -The `body` option no longer accepts an array to send POST requests. Please use -`multipart` or `form_params` instead. - -The `base_url` option has been renamed to `base_uri`. - -4.x to 5.0 ----------- - -## Rewritten Adapter Layer - -Guzzle now uses [RingPHP](http://ringphp.readthedocs.org/en/latest) to send -HTTP requests. The `adapter` option in a `GuzzleHttp\Client` constructor -is still supported, but it has now been renamed to `handler`. Instead of -passing a `GuzzleHttp\Adapter\AdapterInterface`, you must now pass a PHP -`callable` that follows the RingPHP specification. - -## Removed Fluent Interfaces - -[Fluent interfaces were removed](https://ocramius.github.io/blog/fluent-interfaces-are-evil/) -from the following classes: - -- `GuzzleHttp\Collection` -- `GuzzleHttp\Url` -- `GuzzleHttp\Query` -- `GuzzleHttp\Post\PostBody` -- `GuzzleHttp\Cookie\SetCookie` - -## Removed functions.php - -Removed "functions.php", so that Guzzle is truly PSR-4 compliant. The following -functions can be used as replacements. - -- `GuzzleHttp\json_decode` -> `GuzzleHttp\Utils::jsonDecode` -- `GuzzleHttp\get_path` -> `GuzzleHttp\Utils::getPath` -- `GuzzleHttp\Utils::setPath` -> `GuzzleHttp\set_path` -- `GuzzleHttp\Pool::batch` -> `GuzzleHttp\batch`. This function is, however, - deprecated in favor of using `GuzzleHttp\Pool::batch()`. - -The "procedural" global client has been removed with no replacement (e.g., -`GuzzleHttp\get()`, `GuzzleHttp\post()`, etc.). Use a `GuzzleHttp\Client` -object as a replacement. - -## `throwImmediately` has been removed - -The concept of "throwImmediately" has been removed from exceptions and error -events. This control mechanism was used to stop a transfer of concurrent -requests from completing. This can now be handled by throwing the exception or -by cancelling a pool of requests or each outstanding future request -individually. - -## headers event has been removed - -Removed the "headers" event. This event was only useful for changing the -body a response once the headers of the response were known. You can implement -a similar behavior in a number of ways. One example might be to use a -FnStream that has access to the transaction being sent. For example, when the -first byte is written, you could check if the response headers match your -expectations, and if so, change the actual stream body that is being -written to. - -## Updates to HTTP Messages - -Removed the `asArray` parameter from -`GuzzleHttp\Message\MessageInterface::getHeader`. If you want to get a header -value as an array, then use the newly added `getHeaderAsArray()` method of -`MessageInterface`. This change makes the Guzzle interfaces compatible with -the PSR-7 interfaces. - -3.x to 4.0 ----------- - -## Overarching changes: - -- Now requires PHP 5.4 or greater. -- No longer requires cURL to send requests. -- Guzzle no longer wraps every exception it throws. Only exceptions that are - recoverable are now wrapped by Guzzle. -- Various namespaces have been removed or renamed. -- No longer requiring the Symfony EventDispatcher. A custom event dispatcher - based on the Symfony EventDispatcher is - now utilized in `GuzzleHttp\Event\EmitterInterface` (resulting in significant - speed and functionality improvements). - -Changes per Guzzle 3.x namespace are described below. - -## Batch - -The `Guzzle\Batch` namespace has been removed. This is best left to -third-parties to implement on top of Guzzle's core HTTP library. - -## Cache - -The `Guzzle\Cache` namespace has been removed. (Todo: No suitable replacement -has been implemented yet, but hoping to utilize a PSR cache interface). - -## Common - -- Removed all of the wrapped exceptions. It's better to use the standard PHP - library for unrecoverable exceptions. -- `FromConfigInterface` has been removed. -- `Guzzle\Common\Version` has been removed. The VERSION constant can be found - at `GuzzleHttp\ClientInterface::VERSION`. - -### Collection - -- `getAll` has been removed. Use `toArray` to convert a collection to an array. -- `inject` has been removed. -- `keySearch` has been removed. -- `getPath` no longer supports wildcard expressions. Use something better like - JMESPath for this. -- `setPath` now supports appending to an existing array via the `[]` notation. - -### Events - -Guzzle no longer requires Symfony's EventDispatcher component. Guzzle now uses -`GuzzleHttp\Event\Emitter`. - -- `Symfony\Component\EventDispatcher\EventDispatcherInterface` is replaced by - `GuzzleHttp\Event\EmitterInterface`. -- `Symfony\Component\EventDispatcher\EventDispatcher` is replaced by - `GuzzleHttp\Event\Emitter`. -- `Symfony\Component\EventDispatcher\Event` is replaced by - `GuzzleHttp\Event\Event`, and Guzzle now has an EventInterface in - `GuzzleHttp\Event\EventInterface`. -- `AbstractHasDispatcher` has moved to a trait, `HasEmitterTrait`, and - `HasDispatcherInterface` has moved to `HasEmitterInterface`. Retrieving the - event emitter of a request, client, etc. now uses the `getEmitter` method - rather than the `getDispatcher` method. - -#### Emitter - -- Use the `once()` method to add a listener that automatically removes itself - the first time it is invoked. -- Use the `listeners()` method to retrieve a list of event listeners rather than - the `getListeners()` method. -- Use `emit()` instead of `dispatch()` to emit an event from an emitter. -- Use `attach()` instead of `addSubscriber()` and `detach()` instead of - `removeSubscriber()`. - -```php -$mock = new Mock(); -// 3.x -$request->getEventDispatcher()->addSubscriber($mock); -$request->getEventDispatcher()->removeSubscriber($mock); -// 4.x -$request->getEmitter()->attach($mock); -$request->getEmitter()->detach($mock); -``` - -Use the `on()` method to add a listener rather than the `addListener()` method. - -```php -// 3.x -$request->getEventDispatcher()->addListener('foo', function (Event $event) { /* ... */ } ); -// 4.x -$request->getEmitter()->on('foo', function (Event $event, $name) { /* ... */ } ); -``` - -## Http - -### General changes - -- The cacert.pem certificate has been moved to `src/cacert.pem`. -- Added the concept of adapters that are used to transfer requests over the - wire. -- Simplified the event system. -- Sending requests in parallel is still possible, but batching is no longer a - concept of the HTTP layer. Instead, you must use the `complete` and `error` - events to asynchronously manage parallel request transfers. -- `Guzzle\Http\Url` has moved to `GuzzleHttp\Url`. -- `Guzzle\Http\QueryString` has moved to `GuzzleHttp\Query`. -- QueryAggregators have been rewritten so that they are simply callable - functions. -- `GuzzleHttp\StaticClient` has been removed. Use the functions provided in - `functions.php` for an easy to use static client instance. -- Exceptions in `GuzzleHttp\Exception` have been updated to all extend from - `GuzzleHttp\Exception\TransferException`. - -### Client - -Calling methods like `get()`, `post()`, `head()`, etc. no longer create and -return a request, but rather creates a request, sends the request, and returns -the response. - -```php -// 3.0 -$request = $client->get('/'); -$response = $request->send(); - -// 4.0 -$response = $client->get('/'); - -// or, to mirror the previous behavior -$request = $client->createRequest('GET', '/'); -$response = $client->send($request); -``` - -`GuzzleHttp\ClientInterface` has changed. - -- The `send` method no longer accepts more than one request. Use `sendAll` to - send multiple requests in parallel. -- `setUserAgent()` has been removed. Use a default request option instead. You - could, for example, do something like: - `$client->setConfig('defaults/headers/User-Agent', 'Foo/Bar ' . $client::getDefaultUserAgent())`. -- `setSslVerification()` has been removed. Use default request options instead, - like `$client->setConfig('defaults/verify', true)`. - -`GuzzleHttp\Client` has changed. - -- The constructor now accepts only an associative array. You can include a - `base_url` string or array to use a URI template as the base URL of a client. - You can also specify a `defaults` key that is an associative array of default - request options. You can pass an `adapter` to use a custom adapter, - `batch_adapter` to use a custom adapter for sending requests in parallel, or - a `message_factory` to change the factory used to create HTTP requests and - responses. -- The client no longer emits a `client.create_request` event. -- Creating requests with a client no longer automatically utilize a URI - template. You must pass an array into a creational method (e.g., - `createRequest`, `get`, `put`, etc.) in order to expand a URI template. - -### Messages - -Messages no longer have references to their counterparts (i.e., a request no -longer has a reference to it's response, and a response no loger has a -reference to its request). This association is now managed through a -`GuzzleHttp\Adapter\TransactionInterface` object. You can get references to -these transaction objects using request events that are emitted over the -lifecycle of a request. - -#### Requests with a body - -- `GuzzleHttp\Message\EntityEnclosingRequest` and - `GuzzleHttp\Message\EntityEnclosingRequestInterface` have been removed. The - separation between requests that contain a body and requests that do not - contain a body has been removed, and now `GuzzleHttp\Message\RequestInterface` - handles both use cases. -- Any method that previously accepts a `GuzzleHttp\Response` object now accept a - `GuzzleHttp\Message\ResponseInterface`. -- `GuzzleHttp\Message\RequestFactoryInterface` has been renamed to - `GuzzleHttp\Message\MessageFactoryInterface`. This interface is used to create - both requests and responses and is implemented in - `GuzzleHttp\Message\MessageFactory`. -- POST field and file methods have been removed from the request object. You - must now use the methods made available to `GuzzleHttp\Post\PostBodyInterface` - to control the format of a POST body. Requests that are created using a - standard `GuzzleHttp\Message\MessageFactoryInterface` will automatically use - a `GuzzleHttp\Post\PostBody` body if the body was passed as an array or if - the method is POST and no body is provided. - -```php -$request = $client->createRequest('POST', '/'); -$request->getBody()->setField('foo', 'bar'); -$request->getBody()->addFile(new PostFile('file_key', fopen('/path/to/content', 'r'))); -``` - -#### Headers - -- `GuzzleHttp\Message\Header` has been removed. Header values are now simply - represented by an array of values or as a string. Header values are returned - as a string by default when retrieving a header value from a message. You can - pass an optional argument of `true` to retrieve a header value as an array - of strings instead of a single concatenated string. -- `GuzzleHttp\PostFile` and `GuzzleHttp\PostFileInterface` have been moved to - `GuzzleHttp\Post`. This interface has been simplified and now allows the - addition of arbitrary headers. -- Custom headers like `GuzzleHttp\Message\Header\Link` have been removed. Most - of the custom headers are now handled separately in specific - subscribers/plugins, and `GuzzleHttp\Message\HeaderValues::parseParams()` has - been updated to properly handle headers that contain parameters (like the - `Link` header). - -#### Responses - -- `GuzzleHttp\Message\Response::getInfo()` and - `GuzzleHttp\Message\Response::setInfo()` have been removed. Use the event - system to retrieve this type of information. -- `GuzzleHttp\Message\Response::getRawHeaders()` has been removed. -- `GuzzleHttp\Message\Response::getMessage()` has been removed. -- `GuzzleHttp\Message\Response::calculateAge()` and other cache specific - methods have moved to the CacheSubscriber. -- Header specific helper functions like `getContentMd5()` have been removed. - Just use `getHeader('Content-MD5')` instead. -- `GuzzleHttp\Message\Response::setRequest()` and - `GuzzleHttp\Message\Response::getRequest()` have been removed. Use the event - system to work with request and response objects as a transaction. -- `GuzzleHttp\Message\Response::getRedirectCount()` has been removed. Use the - Redirect subscriber instead. -- `GuzzleHttp\Message\Response::isSuccessful()` and other related methods have - been removed. Use `getStatusCode()` instead. - -#### Streaming responses - -Streaming requests can now be created by a client directly, returning a -`GuzzleHttp\Message\ResponseInterface` object that contains a body stream -referencing an open PHP HTTP stream. - -```php -// 3.0 -use Guzzle\Stream\PhpStreamRequestFactory; -$request = $client->get('/'); -$factory = new PhpStreamRequestFactory(); -$stream = $factory->fromRequest($request); -$data = $stream->read(1024); - -// 4.0 -$response = $client->get('/', ['stream' => true]); -// Read some data off of the stream in the response body -$data = $response->getBody()->read(1024); -``` - -#### Redirects - -The `configureRedirects()` method has been removed in favor of a -`allow_redirects` request option. - -```php -// Standard redirects with a default of a max of 5 redirects -$request = $client->createRequest('GET', '/', ['allow_redirects' => true]); - -// Strict redirects with a custom number of redirects -$request = $client->createRequest('GET', '/', [ - 'allow_redirects' => ['max' => 5, 'strict' => true] -]); -``` - -#### EntityBody - -EntityBody interfaces and classes have been removed or moved to -`GuzzleHttp\Stream`. All classes and interfaces that once required -`GuzzleHttp\EntityBodyInterface` now require -`GuzzleHttp\Stream\StreamInterface`. Creating a new body for a request no -longer uses `GuzzleHttp\EntityBody::factory` but now uses -`GuzzleHttp\Stream\Stream::factory` or even better: -`GuzzleHttp\Stream\create()`. - -- `Guzzle\Http\EntityBodyInterface` is now `GuzzleHttp\Stream\StreamInterface` -- `Guzzle\Http\EntityBody` is now `GuzzleHttp\Stream\Stream` -- `Guzzle\Http\CachingEntityBody` is now `GuzzleHttp\Stream\CachingStream` -- `Guzzle\Http\ReadLimitEntityBody` is now `GuzzleHttp\Stream\LimitStream` -- `Guzzle\Http\IoEmittyinEntityBody` has been removed. - -#### Request lifecycle events - -Requests previously submitted a large number of requests. The number of events -emitted over the lifecycle of a request has been significantly reduced to make -it easier to understand how to extend the behavior of a request. All events -emitted during the lifecycle of a request now emit a custom -`GuzzleHttp\Event\EventInterface` object that contains context providing -methods and a way in which to modify the transaction at that specific point in -time (e.g., intercept the request and set a response on the transaction). - -- `request.before_send` has been renamed to `before` and now emits a - `GuzzleHttp\Event\BeforeEvent` -- `request.complete` has been renamed to `complete` and now emits a - `GuzzleHttp\Event\CompleteEvent`. -- `request.sent` has been removed. Use `complete`. -- `request.success` has been removed. Use `complete`. -- `error` is now an event that emits a `GuzzleHttp\Event\ErrorEvent`. -- `request.exception` has been removed. Use `error`. -- `request.receive.status_line` has been removed. -- `curl.callback.progress` has been removed. Use a custom `StreamInterface` to - maintain a status update. -- `curl.callback.write` has been removed. Use a custom `StreamInterface` to - intercept writes. -- `curl.callback.read` has been removed. Use a custom `StreamInterface` to - intercept reads. - -`headers` is a new event that is emitted after the response headers of a -request have been received before the body of the response is downloaded. This -event emits a `GuzzleHttp\Event\HeadersEvent`. - -You can intercept a request and inject a response using the `intercept()` event -of a `GuzzleHttp\Event\BeforeEvent`, `GuzzleHttp\Event\CompleteEvent`, and -`GuzzleHttp\Event\ErrorEvent` event. - -See: http://docs.guzzlephp.org/en/latest/events.html - -## Inflection - -The `Guzzle\Inflection` namespace has been removed. This is not a core concern -of Guzzle. - -## Iterator - -The `Guzzle\Iterator` namespace has been removed. - -- `Guzzle\Iterator\AppendIterator`, `Guzzle\Iterator\ChunkedIterator`, and - `Guzzle\Iterator\MethodProxyIterator` are nice, but not a core requirement of - Guzzle itself. -- `Guzzle\Iterator\FilterIterator` is no longer needed because an equivalent - class is shipped with PHP 5.4. -- `Guzzle\Iterator\MapIterator` is not really needed when using PHP 5.5 because - it's easier to just wrap an iterator in a generator that maps values. - -For a replacement of these iterators, see https://github.com/nikic/iter - -## Log - -The LogPlugin has moved to https://github.com/guzzle/log-subscriber. The -`Guzzle\Log` namespace has been removed. Guzzle now relies on -`Psr\Log\LoggerInterface` for all logging. The MessageFormatter class has been -moved to `GuzzleHttp\Subscriber\Log\Formatter`. - -## Parser - -The `Guzzle\Parser` namespace has been removed. This was previously used to -make it possible to plug in custom parsers for cookies, messages, URI -templates, and URLs; however, this level of complexity is not needed in Guzzle -so it has been removed. - -- Cookie: Cookie parsing logic has been moved to - `GuzzleHttp\Cookie\SetCookie::fromString`. -- Message: Message parsing logic for both requests and responses has been moved - to `GuzzleHttp\Message\MessageFactory::fromMessage`. Message parsing is only - used in debugging or deserializing messages, so it doesn't make sense for - Guzzle as a library to add this level of complexity to parsing messages. -- UriTemplate: URI template parsing has been moved to - `GuzzleHttp\UriTemplate`. The Guzzle library will automatically use the PECL - URI template library if it is installed. -- Url: URL parsing is now performed in `GuzzleHttp\Url::fromString` (previously - it was `Guzzle\Http\Url::factory()`). If custom URL parsing is necessary, - then developers are free to subclass `GuzzleHttp\Url`. - -## Plugin - -The `Guzzle\Plugin` namespace has been renamed to `GuzzleHttp\Subscriber`. -Several plugins are shipping with the core Guzzle library under this namespace. - -- `GuzzleHttp\Subscriber\Cookie`: Replaces the old CookiePlugin. Cookie jar - code has moved to `GuzzleHttp\Cookie`. -- `GuzzleHttp\Subscriber\History`: Replaces the old HistoryPlugin. -- `GuzzleHttp\Subscriber\HttpError`: Throws errors when a bad HTTP response is - received. -- `GuzzleHttp\Subscriber\Mock`: Replaces the old MockPlugin. -- `GuzzleHttp\Subscriber\Prepare`: Prepares the body of a request just before - sending. This subscriber is attached to all requests by default. -- `GuzzleHttp\Subscriber\Redirect`: Replaces the RedirectPlugin. - -The following plugins have been removed (third-parties are free to re-implement -these if needed): - -- `GuzzleHttp\Plugin\Async` has been removed. -- `GuzzleHttp\Plugin\CurlAuth` has been removed. -- `GuzzleHttp\Plugin\ErrorResponse\ErrorResponsePlugin` has been removed. This - functionality should instead be implemented with event listeners that occur - after normal response parsing occurs in the guzzle/command package. - -The following plugins are not part of the core Guzzle package, but are provided -in separate repositories: - -- `Guzzle\Http\Plugin\BackoffPlugin` has been rewritten to be much simpler - to build custom retry policies using simple functions rather than various - chained classes. See: https://github.com/guzzle/retry-subscriber -- `Guzzle\Http\Plugin\Cache\CachePlugin` has moved to - https://github.com/guzzle/cache-subscriber -- `Guzzle\Http\Plugin\Log\LogPlugin` has moved to - https://github.com/guzzle/log-subscriber -- `Guzzle\Http\Plugin\Md5\Md5Plugin` has moved to - https://github.com/guzzle/message-integrity-subscriber -- `Guzzle\Http\Plugin\Mock\MockPlugin` has moved to - `GuzzleHttp\Subscriber\MockSubscriber`. -- `Guzzle\Http\Plugin\Oauth\OauthPlugin` has moved to - https://github.com/guzzle/oauth-subscriber - -## Service - -The service description layer of Guzzle has moved into two separate packages: - -- http://github.com/guzzle/command Provides a high level abstraction over web - services by representing web service operations using commands. -- http://github.com/guzzle/guzzle-services Provides an implementation of - guzzle/command that provides request serialization and response parsing using - Guzzle service descriptions. - -## Stream - -Stream have moved to a separate package available at -https://github.com/guzzle/streams. - -`Guzzle\Stream\StreamInterface` has been given a large update to cleanly take -on the responsibilities of `Guzzle\Http\EntityBody` and -`Guzzle\Http\EntityBodyInterface` now that they have been removed. The number -of methods implemented by the `StreamInterface` has been drastically reduced to -allow developers to more easily extend and decorate stream behavior. - -## Removed methods from StreamInterface - -- `getStream` and `setStream` have been removed to better encapsulate streams. -- `getMetadata` and `setMetadata` have been removed in favor of - `GuzzleHttp\Stream\MetadataStreamInterface`. -- `getWrapper`, `getWrapperData`, `getStreamType`, and `getUri` have all been - removed. This data is accessible when - using streams that implement `GuzzleHttp\Stream\MetadataStreamInterface`. -- `rewind` has been removed. Use `seek(0)` for a similar behavior. - -## Renamed methods - -- `detachStream` has been renamed to `detach`. -- `feof` has been renamed to `eof`. -- `ftell` has been renamed to `tell`. -- `readLine` has moved from an instance method to a static class method of - `GuzzleHttp\Stream\Stream`. - -## Metadata streams - -`GuzzleHttp\Stream\MetadataStreamInterface` has been added to denote streams -that contain additional metadata accessible via `getMetadata()`. -`GuzzleHttp\Stream\StreamInterface::getMetadata` and -`GuzzleHttp\Stream\StreamInterface::setMetadata` have been removed. - -## StreamRequestFactory - -The entire concept of the StreamRequestFactory has been removed. The way this -was used in Guzzle 3 broke the actual interface of sending streaming requests -(instead of getting back a Response, you got a StreamInterface). Streaming -PHP requests are now implemented through the `GuzzleHttp\Adapter\StreamAdapter`. - -3.6 to 3.7 ----------- - -### Deprecations - -- You can now enable E_USER_DEPRECATED warnings to see if you are using any deprecated methods.: - -```php -\Guzzle\Common\Version::$emitWarnings = true; -``` - -The following APIs and options have been marked as deprecated: - -- Marked `Guzzle\Http\Message\Request::isResponseBodyRepeatable()` as deprecated. Use `$request->getResponseBody()->isRepeatable()` instead. -- Marked `Guzzle\Http\Message\Request::canCache()` as deprecated. Use `Guzzle\Plugin\Cache\DefaultCanCacheStrategy->canCacheRequest()` instead. -- Marked `Guzzle\Http\Message\Request::canCache()` as deprecated. Use `Guzzle\Plugin\Cache\DefaultCanCacheStrategy->canCacheRequest()` instead. -- Marked `Guzzle\Http\Message\Request::setIsRedirect()` as deprecated. Use the HistoryPlugin instead. -- Marked `Guzzle\Http\Message\Request::isRedirect()` as deprecated. Use the HistoryPlugin instead. -- Marked `Guzzle\Cache\CacheAdapterFactory::factory()` as deprecated -- Marked `Guzzle\Service\Client::enableMagicMethods()` as deprecated. Magic methods can no longer be disabled on a Guzzle\Service\Client. -- Marked `Guzzle\Parser\Url\UrlParser` as deprecated. Just use PHP's `parse_url()` and percent encode your UTF-8. -- Marked `Guzzle\Common\Collection::inject()` as deprecated. -- Marked `Guzzle\Plugin\CurlAuth\CurlAuthPlugin` as deprecated. Use - `$client->getConfig()->setPath('request.options/auth', array('user', 'pass', 'Basic|Digest|NTLM|Any'));` or - `$client->setDefaultOption('auth', array('user', 'pass', 'Basic|Digest|NTLM|Any'));` - -3.7 introduces `request.options` as a parameter for a client configuration and as an optional argument to all creational -request methods. When paired with a client's configuration settings, these options allow you to specify default settings -for various aspects of a request. Because these options make other previous configuration options redundant, several -configuration options and methods of a client and AbstractCommand have been deprecated. - -- Marked `Guzzle\Service\Client::getDefaultHeaders()` as deprecated. Use `$client->getDefaultOption('headers')`. -- Marked `Guzzle\Service\Client::setDefaultHeaders()` as deprecated. Use `$client->setDefaultOption('headers/{header_name}', 'value')`. -- Marked 'request.params' for `Guzzle\Http\Client` as deprecated. Use `$client->setDefaultOption('params/{param_name}', 'value')` -- Marked 'command.headers', 'command.response_body' and 'command.on_complete' as deprecated for AbstractCommand. These will work through Guzzle 4.0 - - $command = $client->getCommand('foo', array( - 'command.headers' => array('Test' => '123'), - 'command.response_body' => '/path/to/file' - )); - - // Should be changed to: - - $command = $client->getCommand('foo', array( - 'command.request_options' => array( - 'headers' => array('Test' => '123'), - 'save_as' => '/path/to/file' - ) - )); - -### Interface changes - -Additions and changes (you will need to update any implementations or subclasses you may have created): - -- Added an `$options` argument to the end of the following methods of `Guzzle\Http\ClientInterface`: - createRequest, head, delete, put, patch, post, options, prepareRequest -- Added an `$options` argument to the end of `Guzzle\Http\Message\Request\RequestFactoryInterface::createRequest()` -- Added an `applyOptions()` method to `Guzzle\Http\Message\Request\RequestFactoryInterface` -- Changed `Guzzle\Http\ClientInterface::get($uri = null, $headers = null, $body = null)` to - `Guzzle\Http\ClientInterface::get($uri = null, $headers = null, $options = array())`. You can still pass in a - resource, string, or EntityBody into the $options parameter to specify the download location of the response. -- Changed `Guzzle\Common\Collection::__construct($data)` to no longer accepts a null value for `$data` but a - default `array()` -- Added `Guzzle\Stream\StreamInterface::isRepeatable` -- Made `Guzzle\Http\Client::expandTemplate` and `getUriTemplate` protected methods. - -The following methods were removed from interfaces. All of these methods are still available in the concrete classes -that implement them, but you should update your code to use alternative methods: - -- Removed `Guzzle\Http\ClientInterface::setDefaultHeaders(). Use - `$client->getConfig()->setPath('request.options/headers/{header_name}', 'value')`. or - `$client->getConfig()->setPath('request.options/headers', array('header_name' => 'value'))` or - `$client->setDefaultOption('headers/{header_name}', 'value')`. or - `$client->setDefaultOption('headers', array('header_name' => 'value'))`. -- Removed `Guzzle\Http\ClientInterface::getDefaultHeaders(). Use `$client->getConfig()->getPath('request.options/headers')`. -- Removed `Guzzle\Http\ClientInterface::expandTemplate()`. This is an implementation detail. -- Removed `Guzzle\Http\ClientInterface::setRequestFactory()`. This is an implementation detail. -- Removed `Guzzle\Http\ClientInterface::getCurlMulti()`. This is a very specific implementation detail. -- Removed `Guzzle\Http\Message\RequestInterface::canCache`. Use the CachePlugin. -- Removed `Guzzle\Http\Message\RequestInterface::setIsRedirect`. Use the HistoryPlugin. -- Removed `Guzzle\Http\Message\RequestInterface::isRedirect`. Use the HistoryPlugin. - -### Cache plugin breaking changes - -- CacheKeyProviderInterface and DefaultCacheKeyProvider are no longer used. All of this logic is handled in a - CacheStorageInterface. These two objects and interface will be removed in a future version. -- Always setting X-cache headers on cached responses -- Default cache TTLs are now handled by the CacheStorageInterface of a CachePlugin -- `CacheStorageInterface::cache($key, Response $response, $ttl = null)` has changed to `cache(RequestInterface - $request, Response $response);` -- `CacheStorageInterface::fetch($key)` has changed to `fetch(RequestInterface $request);` -- `CacheStorageInterface::delete($key)` has changed to `delete(RequestInterface $request);` -- Added `CacheStorageInterface::purge($url)` -- `DefaultRevalidation::__construct(CacheKeyProviderInterface $cacheKey, CacheStorageInterface $cache, CachePlugin - $plugin)` has changed to `DefaultRevalidation::__construct(CacheStorageInterface $cache, - CanCacheStrategyInterface $canCache = null)` -- Added `RevalidationInterface::shouldRevalidate(RequestInterface $request, Response $response)` - -3.5 to 3.6 ----------- - -* Mixed casing of headers are now forced to be a single consistent casing across all values for that header. -* Messages internally use a HeaderCollection object to delegate handling case-insensitive header resolution -* Removed the whole changedHeader() function system of messages because all header changes now go through addHeader(). - For example, setHeader() first removes the header using unset on a HeaderCollection and then calls addHeader(). - Keeping the Host header and URL host in sync is now handled by overriding the addHeader method in Request. -* Specific header implementations can be created for complex headers. When a message creates a header, it uses a - HeaderFactory which can map specific headers to specific header classes. There is now a Link header and - CacheControl header implementation. -* Moved getLinks() from Response to just be used on a Link header object. - -If you previously relied on Guzzle\Http\Message\Header::raw(), then you will need to update your code to use the -HeaderInterface (e.g. toArray(), getAll(), etc.). - -### Interface changes - -* Removed from interface: Guzzle\Http\ClientInterface::setUriTemplate -* Removed from interface: Guzzle\Http\ClientInterface::setCurlMulti() -* Removed Guzzle\Http\Message\Request::receivedRequestHeader() and implemented this functionality in - Guzzle\Http\Curl\RequestMediator -* Removed the optional $asString parameter from MessageInterface::getHeader(). Just cast the header to a string. -* Removed the optional $tryChunkedTransfer option from Guzzle\Http\Message\EntityEnclosingRequestInterface -* Removed the $asObjects argument from Guzzle\Http\Message\MessageInterface::getHeaders() - -### Removed deprecated functions - -* Removed Guzzle\Parser\ParserRegister::get(). Use getParser() -* Removed Guzzle\Parser\ParserRegister::set(). Use registerParser(). - -### Deprecations - -* The ability to case-insensitively search for header values -* Guzzle\Http\Message\Header::hasExactHeader -* Guzzle\Http\Message\Header::raw. Use getAll() -* Deprecated cache control specific methods on Guzzle\Http\Message\AbstractMessage. Use the CacheControl header object - instead. - -### Other changes - -* All response header helper functions return a string rather than mixing Header objects and strings inconsistently -* Removed cURL blacklist support. This is no longer necessary now that Expect, Accept, etc. are managed by Guzzle - directly via interfaces -* Removed the injecting of a request object onto a response object. The methods to get and set a request still exist - but are a no-op until removed. -* Most classes that used to require a `Guzzle\Service\Command\CommandInterface` typehint now request a - `Guzzle\Service\Command\ArrayCommandInterface`. -* Added `Guzzle\Http\Message\RequestInterface::startResponse()` to the RequestInterface to handle injecting a response - on a request while the request is still being transferred -* `Guzzle\Service\Command\CommandInterface` now extends from ToArrayInterface and ArrayAccess - -3.3 to 3.4 ----------- - -Base URLs of a client now follow the rules of https://tools.ietf.org/html/rfc3986#section-5.2.2 when merging URLs. - -3.2 to 3.3 ----------- - -### Response::getEtag() quote stripping removed - -`Guzzle\Http\Message\Response::getEtag()` no longer strips quotes around the ETag response header - -### Removed `Guzzle\Http\Utils` - -The `Guzzle\Http\Utils` class was removed. This class was only used for testing. - -### Stream wrapper and type - -`Guzzle\Stream\Stream::getWrapper()` and `Guzzle\Stream\Stream::getStreamType()` are no longer converted to lowercase. - -### curl.emit_io became emit_io - -Emitting IO events from a RequestMediator is now a parameter that must be set in a request's curl options using the -'emit_io' key. This was previously set under a request's parameters using 'curl.emit_io' - -3.1 to 3.2 ----------- - -### CurlMulti is no longer reused globally - -Before 3.2, the same CurlMulti object was reused globally for each client. This can cause issue where plugins added -to a single client can pollute requests dispatched from other clients. - -If you still wish to reuse the same CurlMulti object with each client, then you can add a listener to the -ServiceBuilder's `service_builder.create_client` event to inject a custom CurlMulti object into each client as it is -created. - -```php -$multi = new Guzzle\Http\Curl\CurlMulti(); -$builder = Guzzle\Service\Builder\ServiceBuilder::factory('/path/to/config.json'); -$builder->addListener('service_builder.create_client', function ($event) use ($multi) { - $event['client']->setCurlMulti($multi); -} -}); -``` - -### No default path - -URLs no longer have a default path value of '/' if no path was specified. - -Before: - -```php -$request = $client->get('http://www.foo.com'); -echo $request->getUrl(); -// >> http://www.foo.com/ -``` - -After: - -```php -$request = $client->get('http://www.foo.com'); -echo $request->getUrl(); -// >> http://www.foo.com -``` - -### Less verbose BadResponseException - -The exception message for `Guzzle\Http\Exception\BadResponseException` no longer contains the full HTTP request and -response information. You can, however, get access to the request and response object by calling `getRequest()` or -`getResponse()` on the exception object. - -### Query parameter aggregation - -Multi-valued query parameters are no longer aggregated using a callback function. `Guzzle\Http\Query` now has a -setAggregator() method that accepts a `Guzzle\Http\QueryAggregator\QueryAggregatorInterface` object. This object is -responsible for handling the aggregation of multi-valued query string variables into a flattened hash. - -2.8 to 3.x ----------- - -### Guzzle\Service\Inspector - -Change `\Guzzle\Service\Inspector::fromConfig` to `\Guzzle\Common\Collection::fromConfig` - -**Before** - -```php -use Guzzle\Service\Inspector; - -class YourClient extends \Guzzle\Service\Client -{ - public static function factory($config = array()) - { - $default = array(); - $required = array('base_url', 'username', 'api_key'); - $config = Inspector::fromConfig($config, $default, $required); - - $client = new self( - $config->get('base_url'), - $config->get('username'), - $config->get('api_key') - ); - $client->setConfig($config); - - $client->setDescription(ServiceDescription::factory(__DIR__ . DIRECTORY_SEPARATOR . 'client.json')); - - return $client; - } -``` - -**After** - -```php -use Guzzle\Common\Collection; - -class YourClient extends \Guzzle\Service\Client -{ - public static function factory($config = array()) - { - $default = array(); - $required = array('base_url', 'username', 'api_key'); - $config = Collection::fromConfig($config, $default, $required); - - $client = new self( - $config->get('base_url'), - $config->get('username'), - $config->get('api_key') - ); - $client->setConfig($config); - - $client->setDescription(ServiceDescription::factory(__DIR__ . DIRECTORY_SEPARATOR . 'client.json')); - - return $client; - } -``` - -### Convert XML Service Descriptions to JSON - -**Before** - -```xml - - - - - - Get a list of groups - - - Uses a search query to get a list of groups - - - - Create a group - - - - - Delete a group by ID - - - - - - - Update a group - - - - - - -``` - -**After** - -```json -{ - "name": "Zendesk REST API v2", - "apiVersion": "2012-12-31", - "description":"Provides access to Zendesk views, groups, tickets, ticket fields, and users", - "operations": { - "list_groups": { - "httpMethod":"GET", - "uri": "groups.json", - "summary": "Get a list of groups" - }, - "search_groups":{ - "httpMethod":"GET", - "uri": "search.json?query=\"{query} type:group\"", - "summary": "Uses a search query to get a list of groups", - "parameters":{ - "query":{ - "location": "uri", - "description":"Zendesk Search Query", - "type": "string", - "required": true - } - } - }, - "create_group": { - "httpMethod":"POST", - "uri": "groups.json", - "summary": "Create a group", - "parameters":{ - "data": { - "type": "array", - "location": "body", - "description":"Group JSON", - "filters": "json_encode", - "required": true - }, - "Content-Type":{ - "type": "string", - "location":"header", - "static": "application/json" - } - } - }, - "delete_group": { - "httpMethod":"DELETE", - "uri": "groups/{id}.json", - "summary": "Delete a group", - "parameters":{ - "id":{ - "location": "uri", - "description":"Group to delete by ID", - "type": "integer", - "required": true - } - } - }, - "get_group": { - "httpMethod":"GET", - "uri": "groups/{id}.json", - "summary": "Get a ticket", - "parameters":{ - "id":{ - "location": "uri", - "description":"Group to get by ID", - "type": "integer", - "required": true - } - } - }, - "update_group": { - "httpMethod":"PUT", - "uri": "groups/{id}.json", - "summary": "Update a group", - "parameters":{ - "id": { - "location": "uri", - "description":"Group to update by ID", - "type": "integer", - "required": true - }, - "data": { - "type": "array", - "location": "body", - "description":"Group JSON", - "filters": "json_encode", - "required": true - }, - "Content-Type":{ - "type": "string", - "location":"header", - "static": "application/json" - } - } - } -} -``` - -### Guzzle\Service\Description\ServiceDescription - -Commands are now called Operations - -**Before** - -```php -use Guzzle\Service\Description\ServiceDescription; - -$sd = new ServiceDescription(); -$sd->getCommands(); // @returns ApiCommandInterface[] -$sd->hasCommand($name); -$sd->getCommand($name); // @returns ApiCommandInterface|null -$sd->addCommand($command); // @param ApiCommandInterface $command -``` - -**After** - -```php -use Guzzle\Service\Description\ServiceDescription; - -$sd = new ServiceDescription(); -$sd->getOperations(); // @returns OperationInterface[] -$sd->hasOperation($name); -$sd->getOperation($name); // @returns OperationInterface|null -$sd->addOperation($operation); // @param OperationInterface $operation -``` - -### Guzzle\Common\Inflection\Inflector - -Namespace is now `Guzzle\Inflection\Inflector` - -### Guzzle\Http\Plugin - -Namespace is now `Guzzle\Plugin`. Many other changes occur within this namespace and are detailed in their own sections below. - -### Guzzle\Http\Plugin\LogPlugin and Guzzle\Common\Log - -Now `Guzzle\Plugin\Log\LogPlugin` and `Guzzle\Log` respectively. - -**Before** - -```php -use Guzzle\Common\Log\ClosureLogAdapter; -use Guzzle\Http\Plugin\LogPlugin; - -/** @var \Guzzle\Http\Client */ -$client; - -// $verbosity is an integer indicating desired message verbosity level -$client->addSubscriber(new LogPlugin(new ClosureLogAdapter(function($m) { echo $m; }, $verbosity = LogPlugin::LOG_VERBOSE); -``` - -**After** - -```php -use Guzzle\Log\ClosureLogAdapter; -use Guzzle\Log\MessageFormatter; -use Guzzle\Plugin\Log\LogPlugin; - -/** @var \Guzzle\Http\Client */ -$client; - -// $format is a string indicating desired message format -- @see MessageFormatter -$client->addSubscriber(new LogPlugin(new ClosureLogAdapter(function($m) { echo $m; }, $format = MessageFormatter::DEBUG_FORMAT); -``` - -### Guzzle\Http\Plugin\CurlAuthPlugin - -Now `Guzzle\Plugin\CurlAuth\CurlAuthPlugin`. - -### Guzzle\Http\Plugin\ExponentialBackoffPlugin - -Now `Guzzle\Plugin\Backoff\BackoffPlugin`, and other changes. - -**Before** - -```php -use Guzzle\Http\Plugin\ExponentialBackoffPlugin; - -$backoffPlugin = new ExponentialBackoffPlugin($maxRetries, array_merge( - ExponentialBackoffPlugin::getDefaultFailureCodes(), array(429) - )); - -$client->addSubscriber($backoffPlugin); -``` - -**After** - -```php -use Guzzle\Plugin\Backoff\BackoffPlugin; -use Guzzle\Plugin\Backoff\HttpBackoffStrategy; - -// Use convenient factory method instead -- see implementation for ideas of what -// you can do with chaining backoff strategies -$backoffPlugin = BackoffPlugin::getExponentialBackoff($maxRetries, array_merge( - HttpBackoffStrategy::getDefaultFailureCodes(), array(429) - )); -$client->addSubscriber($backoffPlugin); -``` - -### Known Issues - -#### [BUG] Accept-Encoding header behavior changed unintentionally. - -(See #217) (Fixed in 09daeb8c666fb44499a0646d655a8ae36456575e) - -In version 2.8 setting the `Accept-Encoding` header would set the CURLOPT_ENCODING option, which permitted cURL to -properly handle gzip/deflate compressed responses from the server. In versions affected by this bug this does not happen. -See issue #217 for a workaround, or use a version containing the fix. diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/composer.json b/plugins/auth/vendor/guzzlehttp/guzzle/composer.json deleted file mode 100644 index f369ce67..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/composer.json +++ /dev/null @@ -1,105 +0,0 @@ -{ - "name": "guzzlehttp/guzzle", - "description": "Guzzle is a PHP HTTP client library", - "keywords": [ - "framework", - "http", - "rest", - "web service", - "curl", - "client", - "HTTP client", - "PSR-7", - "PSR-18" - ], - "license": "MIT", - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Michael Dowling", - "email": "mtdowling@gmail.com", - "homepage": "https://github.com/mtdowling" - }, - { - "name": "Jeremy Lindblom", - "email": "jeremeamia@gmail.com", - "homepage": "https://github.com/jeremeamia" - }, - { - "name": "George Mponos", - "email": "gmponos@gmail.com", - "homepage": "https://github.com/gmponos" - }, - { - "name": "Tobias Nyholm", - "email": "tobias.nyholm@gmail.com", - "homepage": "https://github.com/Nyholm" - }, - { - "name": "Márk Sági-Kazár", - "email": "mark.sagikazar@gmail.com", - "homepage": "https://github.com/sagikazarmark" - }, - { - "name": "Tobias Schultze", - "email": "webmaster@tubo-world.de", - "homepage": "https://github.com/Tobion" - } - ], - "require": { - "php": "^7.2.5 || ^8.0", - "ext-json": "*", - "guzzlehttp/promises": "^1.5", - "guzzlehttp/psr7": "^1.9 || ^2.4", - "psr/http-client": "^1.0", - "symfony/deprecation-contracts": "^2.2 || ^3.0" - }, - "provide": { - "psr/http-client-implementation": "1.0" - }, - "require-dev": { - "ext-curl": "*", - "bamarni/composer-bin-plugin": "^1.8.1", - "php-http/client-integration-tests": "^3.0", - "phpunit/phpunit": "^8.5.29 || ^9.5.23", - "psr/log": "^1.1 || ^2.0 || ^3.0" - }, - "suggest": { - "ext-curl": "Required for CURL handler support", - "ext-intl": "Required for Internationalized Domain Name (IDN) support", - "psr/log": "Required for using the Log middleware" - }, - "config": { - "allow-plugins": { - "bamarni/composer-bin-plugin": true - }, - "preferred-install": "dist", - "sort-packages": true - }, - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": false - }, - "branch-alias": { - "dev-master": "7.5-dev" - } - }, - "autoload": { - "psr-4": { - "GuzzleHttp\\": "src/" - }, - "files": [ - "src/functions_include.php" - ] - }, - "autoload-dev": { - "psr-4": { - "GuzzleHttp\\Tests\\": "tests/" - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Client.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Client.php deleted file mode 100644 index 58f1d891..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Client.php +++ /dev/null @@ -1,477 +0,0 @@ - 'http://www.foo.com/1.0/', - * 'timeout' => 0, - * 'allow_redirects' => false, - * 'proxy' => '192.168.16.1:10' - * ]); - * - * Client configuration settings include the following options: - * - * - handler: (callable) Function that transfers HTTP requests over the - * wire. The function is called with a Psr7\Http\Message\RequestInterface - * and array of transfer options, and must return a - * GuzzleHttp\Promise\PromiseInterface that is fulfilled with a - * Psr7\Http\Message\ResponseInterface on success. - * If no handler is provided, a default handler will be created - * that enables all of the request options below by attaching all of the - * default middleware to the handler. - * - base_uri: (string|UriInterface) Base URI of the client that is merged - * into relative URIs. Can be a string or instance of UriInterface. - * - **: any request option - * - * @param array $config Client configuration settings. - * - * @see \GuzzleHttp\RequestOptions for a list of available request options. - */ - public function __construct(array $config = []) - { - if (!isset($config['handler'])) { - $config['handler'] = HandlerStack::create(); - } elseif (!\is_callable($config['handler'])) { - throw new InvalidArgumentException('handler must be a callable'); - } - - // Convert the base_uri to a UriInterface - if (isset($config['base_uri'])) { - $config['base_uri'] = Psr7\Utils::uriFor($config['base_uri']); - } - - $this->configureDefaults($config); - } - - /** - * @param string $method - * @param array $args - * - * @return PromiseInterface|ResponseInterface - * - * @deprecated Client::__call will be removed in guzzlehttp/guzzle:8.0. - */ - public function __call($method, $args) - { - if (\count($args) < 1) { - throw new InvalidArgumentException('Magic request methods require a URI and optional options array'); - } - - $uri = $args[0]; - $opts = $args[1] ?? []; - - return \substr($method, -5) === 'Async' - ? $this->requestAsync(\substr($method, 0, -5), $uri, $opts) - : $this->request($method, $uri, $opts); - } - - /** - * Asynchronously send an HTTP request. - * - * @param array $options Request options to apply to the given - * request and to the transfer. See \GuzzleHttp\RequestOptions. - */ - public function sendAsync(RequestInterface $request, array $options = []): PromiseInterface - { - // Merge the base URI into the request URI if needed. - $options = $this->prepareDefaults($options); - - return $this->transfer( - $request->withUri($this->buildUri($request->getUri(), $options), $request->hasHeader('Host')), - $options - ); - } - - /** - * Send an HTTP request. - * - * @param array $options Request options to apply to the given - * request and to the transfer. See \GuzzleHttp\RequestOptions. - * - * @throws GuzzleException - */ - public function send(RequestInterface $request, array $options = []): ResponseInterface - { - $options[RequestOptions::SYNCHRONOUS] = true; - return $this->sendAsync($request, $options)->wait(); - } - - /** - * The HttpClient PSR (PSR-18) specify this method. - * - * @inheritDoc - */ - public function sendRequest(RequestInterface $request): ResponseInterface - { - $options[RequestOptions::SYNCHRONOUS] = true; - $options[RequestOptions::ALLOW_REDIRECTS] = false; - $options[RequestOptions::HTTP_ERRORS] = false; - - return $this->sendAsync($request, $options)->wait(); - } - - /** - * Create and send an asynchronous HTTP request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. Use an array to provide a URL - * template and additional variables to use in the URL template expansion. - * - * @param string $method HTTP method - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. See \GuzzleHttp\RequestOptions. - */ - public function requestAsync(string $method, $uri = '', array $options = []): PromiseInterface - { - $options = $this->prepareDefaults($options); - // Remove request modifying parameter because it can be done up-front. - $headers = $options['headers'] ?? []; - $body = $options['body'] ?? null; - $version = $options['version'] ?? '1.1'; - // Merge the URI into the base URI. - $uri = $this->buildUri(Psr7\Utils::uriFor($uri), $options); - if (\is_array($body)) { - throw $this->invalidBody(); - } - $request = new Psr7\Request($method, $uri, $headers, $body, $version); - // Remove the option so that they are not doubly-applied. - unset($options['headers'], $options['body'], $options['version']); - - return $this->transfer($request, $options); - } - - /** - * Create and send an HTTP request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. - * - * @param string $method HTTP method. - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. See \GuzzleHttp\RequestOptions. - * - * @throws GuzzleException - */ - public function request(string $method, $uri = '', array $options = []): ResponseInterface - { - $options[RequestOptions::SYNCHRONOUS] = true; - return $this->requestAsync($method, $uri, $options)->wait(); - } - - /** - * Get a client configuration option. - * - * These options include default request options of the client, a "handler" - * (if utilized by the concrete client), and a "base_uri" if utilized by - * the concrete client. - * - * @param string|null $option The config option to retrieve. - * - * @return mixed - * - * @deprecated Client::getConfig will be removed in guzzlehttp/guzzle:8.0. - */ - public function getConfig(?string $option = null) - { - return $option === null - ? $this->config - : ($this->config[$option] ?? null); - } - - private function buildUri(UriInterface $uri, array $config): UriInterface - { - if (isset($config['base_uri'])) { - $uri = Psr7\UriResolver::resolve(Psr7\Utils::uriFor($config['base_uri']), $uri); - } - - if (isset($config['idn_conversion']) && ($config['idn_conversion'] !== false)) { - $idnOptions = ($config['idn_conversion'] === true) ? \IDNA_DEFAULT : $config['idn_conversion']; - $uri = Utils::idnUriConvert($uri, $idnOptions); - } - - return $uri->getScheme() === '' && $uri->getHost() !== '' ? $uri->withScheme('http') : $uri; - } - - /** - * Configures the default options for a client. - */ - private function configureDefaults(array $config): void - { - $defaults = [ - 'allow_redirects' => RedirectMiddleware::$defaultSettings, - 'http_errors' => true, - 'decode_content' => true, - 'verify' => true, - 'cookies' => false, - 'idn_conversion' => false, - ]; - - // Use the standard Linux HTTP_PROXY and HTTPS_PROXY if set. - - // We can only trust the HTTP_PROXY environment variable in a CLI - // process due to the fact that PHP has no reliable mechanism to - // get environment variables that start with "HTTP_". - if (\PHP_SAPI === 'cli' && ($proxy = Utils::getenv('HTTP_PROXY'))) { - $defaults['proxy']['http'] = $proxy; - } - - if ($proxy = Utils::getenv('HTTPS_PROXY')) { - $defaults['proxy']['https'] = $proxy; - } - - if ($noProxy = Utils::getenv('NO_PROXY')) { - $cleanedNoProxy = \str_replace(' ', '', $noProxy); - $defaults['proxy']['no'] = \explode(',', $cleanedNoProxy); - } - - $this->config = $config + $defaults; - - if (!empty($config['cookies']) && $config['cookies'] === true) { - $this->config['cookies'] = new CookieJar(); - } - - // Add the default user-agent header. - if (!isset($this->config['headers'])) { - $this->config['headers'] = ['User-Agent' => Utils::defaultUserAgent()]; - } else { - // Add the User-Agent header if one was not already set. - foreach (\array_keys($this->config['headers']) as $name) { - if (\strtolower($name) === 'user-agent') { - return; - } - } - $this->config['headers']['User-Agent'] = Utils::defaultUserAgent(); - } - } - - /** - * Merges default options into the array. - * - * @param array $options Options to modify by reference - */ - private function prepareDefaults(array $options): array - { - $defaults = $this->config; - - if (!empty($defaults['headers'])) { - // Default headers are only added if they are not present. - $defaults['_conditional'] = $defaults['headers']; - unset($defaults['headers']); - } - - // Special handling for headers is required as they are added as - // conditional headers and as headers passed to a request ctor. - if (\array_key_exists('headers', $options)) { - // Allows default headers to be unset. - if ($options['headers'] === null) { - $defaults['_conditional'] = []; - unset($options['headers']); - } elseif (!\is_array($options['headers'])) { - throw new InvalidArgumentException('headers must be an array'); - } - } - - // Shallow merge defaults underneath options. - $result = $options + $defaults; - - // Remove null values. - foreach ($result as $k => $v) { - if ($v === null) { - unset($result[$k]); - } - } - - return $result; - } - - /** - * Transfers the given request and applies request options. - * - * The URI of the request is not modified and the request options are used - * as-is without merging in default options. - * - * @param array $options See \GuzzleHttp\RequestOptions. - */ - private function transfer(RequestInterface $request, array $options): PromiseInterface - { - $request = $this->applyOptions($request, $options); - /** @var HandlerStack $handler */ - $handler = $options['handler']; - - try { - return P\Create::promiseFor($handler($request, $options)); - } catch (\Exception $e) { - return P\Create::rejectionFor($e); - } - } - - /** - * Applies the array of request options to a request. - */ - private function applyOptions(RequestInterface $request, array &$options): RequestInterface - { - $modify = [ - 'set_headers' => [], - ]; - - if (isset($options['headers'])) { - if (array_keys($options['headers']) === range(0, count($options['headers']) - 1)) { - throw new InvalidArgumentException('The headers array must have header name as keys.'); - } - $modify['set_headers'] = $options['headers']; - unset($options['headers']); - } - - if (isset($options['form_params'])) { - if (isset($options['multipart'])) { - throw new InvalidArgumentException('You cannot use ' - . 'form_params and multipart at the same time. Use the ' - . 'form_params option if you want to send application/' - . 'x-www-form-urlencoded requests, and the multipart ' - . 'option to send multipart/form-data requests.'); - } - $options['body'] = \http_build_query($options['form_params'], '', '&'); - unset($options['form_params']); - // Ensure that we don't have the header in different case and set the new value. - $options['_conditional'] = Psr7\Utils::caselessRemove(['Content-Type'], $options['_conditional']); - $options['_conditional']['Content-Type'] = 'application/x-www-form-urlencoded'; - } - - if (isset($options['multipart'])) { - $options['body'] = new Psr7\MultipartStream($options['multipart']); - unset($options['multipart']); - } - - if (isset($options['json'])) { - $options['body'] = Utils::jsonEncode($options['json']); - unset($options['json']); - // Ensure that we don't have the header in different case and set the new value. - $options['_conditional'] = Psr7\Utils::caselessRemove(['Content-Type'], $options['_conditional']); - $options['_conditional']['Content-Type'] = 'application/json'; - } - - if (!empty($options['decode_content']) - && $options['decode_content'] !== true - ) { - // Ensure that we don't have the header in different case and set the new value. - $options['_conditional'] = Psr7\Utils::caselessRemove(['Accept-Encoding'], $options['_conditional']); - $modify['set_headers']['Accept-Encoding'] = $options['decode_content']; - } - - if (isset($options['body'])) { - if (\is_array($options['body'])) { - throw $this->invalidBody(); - } - $modify['body'] = Psr7\Utils::streamFor($options['body']); - unset($options['body']); - } - - if (!empty($options['auth']) && \is_array($options['auth'])) { - $value = $options['auth']; - $type = isset($value[2]) ? \strtolower($value[2]) : 'basic'; - switch ($type) { - case 'basic': - // Ensure that we don't have the header in different case and set the new value. - $modify['set_headers'] = Psr7\Utils::caselessRemove(['Authorization'], $modify['set_headers']); - $modify['set_headers']['Authorization'] = 'Basic ' - . \base64_encode("$value[0]:$value[1]"); - break; - case 'digest': - // @todo: Do not rely on curl - $options['curl'][\CURLOPT_HTTPAUTH] = \CURLAUTH_DIGEST; - $options['curl'][\CURLOPT_USERPWD] = "$value[0]:$value[1]"; - break; - case 'ntlm': - $options['curl'][\CURLOPT_HTTPAUTH] = \CURLAUTH_NTLM; - $options['curl'][\CURLOPT_USERPWD] = "$value[0]:$value[1]"; - break; - } - } - - if (isset($options['query'])) { - $value = $options['query']; - if (\is_array($value)) { - $value = \http_build_query($value, '', '&', \PHP_QUERY_RFC3986); - } - if (!\is_string($value)) { - throw new InvalidArgumentException('query must be a string or array'); - } - $modify['query'] = $value; - unset($options['query']); - } - - // Ensure that sink is not an invalid value. - if (isset($options['sink'])) { - // TODO: Add more sink validation? - if (\is_bool($options['sink'])) { - throw new InvalidArgumentException('sink must not be a boolean'); - } - } - - $request = Psr7\Utils::modifyRequest($request, $modify); - if ($request->getBody() instanceof Psr7\MultipartStream) { - // Use a multipart/form-data POST if a Content-Type is not set. - // Ensure that we don't have the header in different case and set the new value. - $options['_conditional'] = Psr7\Utils::caselessRemove(['Content-Type'], $options['_conditional']); - $options['_conditional']['Content-Type'] = 'multipart/form-data; boundary=' - . $request->getBody()->getBoundary(); - } - - // Merge in conditional headers if they are not present. - if (isset($options['_conditional'])) { - // Build up the changes so it's in a single clone of the message. - $modify = []; - foreach ($options['_conditional'] as $k => $v) { - if (!$request->hasHeader($k)) { - $modify['set_headers'][$k] = $v; - } - } - $request = Psr7\Utils::modifyRequest($request, $modify); - // Don't pass this internal value along to middleware/handlers. - unset($options['_conditional']); - } - - return $request; - } - - /** - * Return an InvalidArgumentException with pre-set message. - */ - private function invalidBody(): InvalidArgumentException - { - return new InvalidArgumentException('Passing in the "body" request ' - . 'option as an array to send a request is not supported. ' - . 'Please use the "form_params" request option to send a ' - . 'application/x-www-form-urlencoded request, or the "multipart" ' - . 'request option to send a multipart/form-data request.'); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/ClientInterface.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/ClientInterface.php deleted file mode 100644 index 6aaee61a..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/ClientInterface.php +++ /dev/null @@ -1,84 +0,0 @@ -request('GET', $uri, $options); - } - - /** - * Create and send an HTTP HEAD request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - * - * @throws GuzzleException - */ - public function head($uri, array $options = []): ResponseInterface - { - return $this->request('HEAD', $uri, $options); - } - - /** - * Create and send an HTTP PUT request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - * - * @throws GuzzleException - */ - public function put($uri, array $options = []): ResponseInterface - { - return $this->request('PUT', $uri, $options); - } - - /** - * Create and send an HTTP POST request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - * - * @throws GuzzleException - */ - public function post($uri, array $options = []): ResponseInterface - { - return $this->request('POST', $uri, $options); - } - - /** - * Create and send an HTTP PATCH request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - * - * @throws GuzzleException - */ - public function patch($uri, array $options = []): ResponseInterface - { - return $this->request('PATCH', $uri, $options); - } - - /** - * Create and send an HTTP DELETE request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - * - * @throws GuzzleException - */ - public function delete($uri, array $options = []): ResponseInterface - { - return $this->request('DELETE', $uri, $options); - } - - /** - * Create and send an asynchronous HTTP request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. Use an array to provide a URL - * template and additional variables to use in the URL template expansion. - * - * @param string $method HTTP method - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - */ - abstract public function requestAsync(string $method, $uri, array $options = []): PromiseInterface; - - /** - * Create and send an asynchronous HTTP GET request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. Use an array to provide a URL - * template and additional variables to use in the URL template expansion. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - */ - public function getAsync($uri, array $options = []): PromiseInterface - { - return $this->requestAsync('GET', $uri, $options); - } - - /** - * Create and send an asynchronous HTTP HEAD request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. Use an array to provide a URL - * template and additional variables to use in the URL template expansion. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - */ - public function headAsync($uri, array $options = []): PromiseInterface - { - return $this->requestAsync('HEAD', $uri, $options); - } - - /** - * Create and send an asynchronous HTTP PUT request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. Use an array to provide a URL - * template and additional variables to use in the URL template expansion. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - */ - public function putAsync($uri, array $options = []): PromiseInterface - { - return $this->requestAsync('PUT', $uri, $options); - } - - /** - * Create and send an asynchronous HTTP POST request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. Use an array to provide a URL - * template and additional variables to use in the URL template expansion. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - */ - public function postAsync($uri, array $options = []): PromiseInterface - { - return $this->requestAsync('POST', $uri, $options); - } - - /** - * Create and send an asynchronous HTTP PATCH request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. Use an array to provide a URL - * template and additional variables to use in the URL template expansion. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - */ - public function patchAsync($uri, array $options = []): PromiseInterface - { - return $this->requestAsync('PATCH', $uri, $options); - } - - /** - * Create and send an asynchronous HTTP DELETE request. - * - * Use an absolute path to override the base path of the client, or a - * relative path to append to the base path of the client. The URL can - * contain the query string as well. Use an array to provide a URL - * template and additional variables to use in the URL template expansion. - * - * @param string|UriInterface $uri URI object or string. - * @param array $options Request options to apply. - */ - public function deleteAsync($uri, array $options = []): PromiseInterface - { - return $this->requestAsync('DELETE', $uri, $options); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/CookieJar.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/CookieJar.php deleted file mode 100644 index 9985a981..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/CookieJar.php +++ /dev/null @@ -1,317 +0,0 @@ -strictMode = $strictMode; - - foreach ($cookieArray as $cookie) { - if (!($cookie instanceof SetCookie)) { - $cookie = new SetCookie($cookie); - } - $this->setCookie($cookie); - } - } - - /** - * Create a new Cookie jar from an associative array and domain. - * - * @param array $cookies Cookies to create the jar from - * @param string $domain Domain to set the cookies to - */ - public static function fromArray(array $cookies, string $domain): self - { - $cookieJar = new self(); - foreach ($cookies as $name => $value) { - $cookieJar->setCookie(new SetCookie([ - 'Domain' => $domain, - 'Name' => $name, - 'Value' => $value, - 'Discard' => true - ])); - } - - return $cookieJar; - } - - /** - * Evaluate if this cookie should be persisted to storage - * that survives between requests. - * - * @param SetCookie $cookie Being evaluated. - * @param bool $allowSessionCookies If we should persist session cookies - */ - public static function shouldPersist(SetCookie $cookie, bool $allowSessionCookies = false): bool - { - if ($cookie->getExpires() || $allowSessionCookies) { - if (!$cookie->getDiscard()) { - return true; - } - } - - return false; - } - - /** - * Finds and returns the cookie based on the name - * - * @param string $name cookie name to search for - * - * @return SetCookie|null cookie that was found or null if not found - */ - public function getCookieByName(string $name): ?SetCookie - { - foreach ($this->cookies as $cookie) { - if ($cookie->getName() !== null && \strcasecmp($cookie->getName(), $name) === 0) { - return $cookie; - } - } - - return null; - } - - /** - * @inheritDoc - */ - public function toArray(): array - { - return \array_map(static function (SetCookie $cookie): array { - return $cookie->toArray(); - }, $this->getIterator()->getArrayCopy()); - } - - /** - * @inheritDoc - */ - public function clear(?string $domain = null, ?string $path = null, ?string $name = null): void - { - if (!$domain) { - $this->cookies = []; - return; - } elseif (!$path) { - $this->cookies = \array_filter( - $this->cookies, - static function (SetCookie $cookie) use ($domain): bool { - return !$cookie->matchesDomain($domain); - } - ); - } elseif (!$name) { - $this->cookies = \array_filter( - $this->cookies, - static function (SetCookie $cookie) use ($path, $domain): bool { - return !($cookie->matchesPath($path) && - $cookie->matchesDomain($domain)); - } - ); - } else { - $this->cookies = \array_filter( - $this->cookies, - static function (SetCookie $cookie) use ($path, $domain, $name) { - return !($cookie->getName() == $name && - $cookie->matchesPath($path) && - $cookie->matchesDomain($domain)); - } - ); - } - } - - /** - * @inheritDoc - */ - public function clearSessionCookies(): void - { - $this->cookies = \array_filter( - $this->cookies, - static function (SetCookie $cookie): bool { - return !$cookie->getDiscard() && $cookie->getExpires(); - } - ); - } - - /** - * @inheritDoc - */ - public function setCookie(SetCookie $cookie): bool - { - // If the name string is empty (but not 0), ignore the set-cookie - // string entirely. - $name = $cookie->getName(); - if (!$name && $name !== '0') { - return false; - } - - // Only allow cookies with set and valid domain, name, value - $result = $cookie->validate(); - if ($result !== true) { - if ($this->strictMode) { - throw new \RuntimeException('Invalid cookie: ' . $result); - } - $this->removeCookieIfEmpty($cookie); - return false; - } - - // Resolve conflicts with previously set cookies - foreach ($this->cookies as $i => $c) { - // Two cookies are identical, when their path, and domain are - // identical. - if ($c->getPath() != $cookie->getPath() || - $c->getDomain() != $cookie->getDomain() || - $c->getName() != $cookie->getName() - ) { - continue; - } - - // The previously set cookie is a discard cookie and this one is - // not so allow the new cookie to be set - if (!$cookie->getDiscard() && $c->getDiscard()) { - unset($this->cookies[$i]); - continue; - } - - // If the new cookie's expiration is further into the future, then - // replace the old cookie - if ($cookie->getExpires() > $c->getExpires()) { - unset($this->cookies[$i]); - continue; - } - - // If the value has changed, we better change it - if ($cookie->getValue() !== $c->getValue()) { - unset($this->cookies[$i]); - continue; - } - - // The cookie exists, so no need to continue - return false; - } - - $this->cookies[] = $cookie; - - return true; - } - - public function count(): int - { - return \count($this->cookies); - } - - /** - * @return \ArrayIterator - */ - public function getIterator(): \ArrayIterator - { - return new \ArrayIterator(\array_values($this->cookies)); - } - - public function extractCookies(RequestInterface $request, ResponseInterface $response): void - { - if ($cookieHeader = $response->getHeader('Set-Cookie')) { - foreach ($cookieHeader as $cookie) { - $sc = SetCookie::fromString($cookie); - if (!$sc->getDomain()) { - $sc->setDomain($request->getUri()->getHost()); - } - if (0 !== \strpos($sc->getPath(), '/')) { - $sc->setPath($this->getCookiePathFromRequest($request)); - } - if (!$sc->matchesDomain($request->getUri()->getHost())) { - continue; - } - // Note: At this point `$sc->getDomain()` being a public suffix should - // be rejected, but we don't want to pull in the full PSL dependency. - $this->setCookie($sc); - } - } - } - - /** - * Computes cookie path following RFC 6265 section 5.1.4 - * - * @link https://tools.ietf.org/html/rfc6265#section-5.1.4 - */ - private function getCookiePathFromRequest(RequestInterface $request): string - { - $uriPath = $request->getUri()->getPath(); - if ('' === $uriPath) { - return '/'; - } - if (0 !== \strpos($uriPath, '/')) { - return '/'; - } - if ('/' === $uriPath) { - return '/'; - } - $lastSlashPos = \strrpos($uriPath, '/'); - if (0 === $lastSlashPos || false === $lastSlashPos) { - return '/'; - } - - return \substr($uriPath, 0, $lastSlashPos); - } - - public function withCookieHeader(RequestInterface $request): RequestInterface - { - $values = []; - $uri = $request->getUri(); - $scheme = $uri->getScheme(); - $host = $uri->getHost(); - $path = $uri->getPath() ?: '/'; - - foreach ($this->cookies as $cookie) { - if ($cookie->matchesPath($path) && - $cookie->matchesDomain($host) && - !$cookie->isExpired() && - (!$cookie->getSecure() || $scheme === 'https') - ) { - $values[] = $cookie->getName() . '=' - . $cookie->getValue(); - } - } - - return $values - ? $request->withHeader('Cookie', \implode('; ', $values)) - : $request; - } - - /** - * If a cookie already exists and the server asks to set it again with a - * null value, the cookie must be deleted. - */ - private function removeCookieIfEmpty(SetCookie $cookie): void - { - $cookieValue = $cookie->getValue(); - if ($cookieValue === null || $cookieValue === '') { - $this->clear( - $cookie->getDomain(), - $cookie->getPath(), - $cookie->getName() - ); - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/CookieJarInterface.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/CookieJarInterface.php deleted file mode 100644 index 7df374b5..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/CookieJarInterface.php +++ /dev/null @@ -1,79 +0,0 @@ - - */ -interface CookieJarInterface extends \Countable, \IteratorAggregate -{ - /** - * Create a request with added cookie headers. - * - * If no matching cookies are found in the cookie jar, then no Cookie - * header is added to the request and the same request is returned. - * - * @param RequestInterface $request Request object to modify. - * - * @return RequestInterface returns the modified request. - */ - public function withCookieHeader(RequestInterface $request): RequestInterface; - - /** - * Extract cookies from an HTTP response and store them in the CookieJar. - * - * @param RequestInterface $request Request that was sent - * @param ResponseInterface $response Response that was received - */ - public function extractCookies(RequestInterface $request, ResponseInterface $response): void; - - /** - * Sets a cookie in the cookie jar. - * - * @param SetCookie $cookie Cookie to set. - * - * @return bool Returns true on success or false on failure - */ - public function setCookie(SetCookie $cookie): bool; - - /** - * Remove cookies currently held in the cookie jar. - * - * Invoking this method without arguments will empty the whole cookie jar. - * If given a $domain argument only cookies belonging to that domain will - * be removed. If given a $domain and $path argument, cookies belonging to - * the specified path within that domain are removed. If given all three - * arguments, then the cookie with the specified name, path and domain is - * removed. - * - * @param string|null $domain Clears cookies matching a domain - * @param string|null $path Clears cookies matching a domain and path - * @param string|null $name Clears cookies matching a domain, path, and name - */ - public function clear(?string $domain = null, ?string $path = null, ?string $name = null): void; - - /** - * Discard all sessions cookies. - * - * Removes cookies that don't have an expire field or a have a discard - * field set to true. To be called when the user agent shuts down according - * to RFC 2965. - */ - public function clearSessionCookies(): void; - - /** - * Converts the cookie jar to an array. - */ - public function toArray(): array; -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/FileCookieJar.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/FileCookieJar.php deleted file mode 100644 index 290236d5..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/FileCookieJar.php +++ /dev/null @@ -1,101 +0,0 @@ -filename = $cookieFile; - $this->storeSessionCookies = $storeSessionCookies; - - if (\file_exists($cookieFile)) { - $this->load($cookieFile); - } - } - - /** - * Saves the file when shutting down - */ - public function __destruct() - { - $this->save($this->filename); - } - - /** - * Saves the cookies to a file. - * - * @param string $filename File to save - * - * @throws \RuntimeException if the file cannot be found or created - */ - public function save(string $filename): void - { - $json = []; - /** @var SetCookie $cookie */ - foreach ($this as $cookie) { - if (CookieJar::shouldPersist($cookie, $this->storeSessionCookies)) { - $json[] = $cookie->toArray(); - } - } - - $jsonStr = Utils::jsonEncode($json); - if (false === \file_put_contents($filename, $jsonStr, \LOCK_EX)) { - throw new \RuntimeException("Unable to save file {$filename}"); - } - } - - /** - * Load cookies from a JSON formatted file. - * - * Old cookies are kept unless overwritten by newly loaded ones. - * - * @param string $filename Cookie file to load. - * - * @throws \RuntimeException if the file cannot be loaded. - */ - public function load(string $filename): void - { - $json = \file_get_contents($filename); - if (false === $json) { - throw new \RuntimeException("Unable to load file {$filename}"); - } - if ($json === '') { - return; - } - - $data = Utils::jsonDecode($json, true); - if (\is_array($data)) { - foreach ($data as $cookie) { - $this->setCookie(new SetCookie($cookie)); - } - } elseif (\is_scalar($data) && !empty($data)) { - throw new \RuntimeException("Invalid cookie file: {$filename}"); - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/SessionCookieJar.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/SessionCookieJar.php deleted file mode 100644 index 5d51ca98..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/SessionCookieJar.php +++ /dev/null @@ -1,77 +0,0 @@ -sessionKey = $sessionKey; - $this->storeSessionCookies = $storeSessionCookies; - $this->load(); - } - - /** - * Saves cookies to session when shutting down - */ - public function __destruct() - { - $this->save(); - } - - /** - * Save cookies to the client session - */ - public function save(): void - { - $json = []; - /** @var SetCookie $cookie */ - foreach ($this as $cookie) { - if (CookieJar::shouldPersist($cookie, $this->storeSessionCookies)) { - $json[] = $cookie->toArray(); - } - } - - $_SESSION[$this->sessionKey] = \json_encode($json); - } - - /** - * Load the contents of the client session into the data array - */ - protected function load(): void - { - if (!isset($_SESSION[$this->sessionKey])) { - return; - } - $data = \json_decode($_SESSION[$this->sessionKey], true); - if (\is_array($data)) { - foreach ($data as $cookie) { - $this->setCookie(new SetCookie($cookie)); - } - } elseif (\strlen($data)) { - throw new \RuntimeException("Invalid cookie data"); - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/SetCookie.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/SetCookie.php deleted file mode 100644 index a613c77b..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Cookie/SetCookie.php +++ /dev/null @@ -1,446 +0,0 @@ - null, - 'Value' => null, - 'Domain' => null, - 'Path' => '/', - 'Max-Age' => null, - 'Expires' => null, - 'Secure' => false, - 'Discard' => false, - 'HttpOnly' => false - ]; - - /** - * @var array Cookie data - */ - private $data; - - /** - * Create a new SetCookie object from a string. - * - * @param string $cookie Set-Cookie header string - */ - public static function fromString(string $cookie): self - { - // Create the default return array - $data = self::$defaults; - // Explode the cookie string using a series of semicolons - $pieces = \array_filter(\array_map('trim', \explode(';', $cookie))); - // The name of the cookie (first kvp) must exist and include an equal sign. - if (!isset($pieces[0]) || \strpos($pieces[0], '=') === false) { - return new self($data); - } - - // Add the cookie pieces into the parsed data array - foreach ($pieces as $part) { - $cookieParts = \explode('=', $part, 2); - $key = \trim($cookieParts[0]); - $value = isset($cookieParts[1]) - ? \trim($cookieParts[1], " \n\r\t\0\x0B") - : true; - - // Only check for non-cookies when cookies have been found - if (!isset($data['Name'])) { - $data['Name'] = $key; - $data['Value'] = $value; - } else { - foreach (\array_keys(self::$defaults) as $search) { - if (!\strcasecmp($search, $key)) { - $data[$search] = $value; - continue 2; - } - } - $data[$key] = $value; - } - } - - return new self($data); - } - - /** - * @param array $data Array of cookie data provided by a Cookie parser - */ - public function __construct(array $data = []) - { - /** @var array|null $replaced will be null in case of replace error */ - $replaced = \array_replace(self::$defaults, $data); - if ($replaced === null) { - throw new \InvalidArgumentException('Unable to replace the default values for the Cookie.'); - } - - $this->data = $replaced; - // Extract the Expires value and turn it into a UNIX timestamp if needed - if (!$this->getExpires() && $this->getMaxAge()) { - // Calculate the Expires date - $this->setExpires(\time() + $this->getMaxAge()); - } elseif (null !== ($expires = $this->getExpires()) && !\is_numeric($expires)) { - $this->setExpires($expires); - } - } - - public function __toString() - { - $str = $this->data['Name'] . '=' . ($this->data['Value'] ?? '') . '; '; - foreach ($this->data as $k => $v) { - if ($k !== 'Name' && $k !== 'Value' && $v !== null && $v !== false) { - if ($k === 'Expires') { - $str .= 'Expires=' . \gmdate('D, d M Y H:i:s \G\M\T', $v) . '; '; - } else { - $str .= ($v === true ? $k : "{$k}={$v}") . '; '; - } - } - } - - return \rtrim($str, '; '); - } - - public function toArray(): array - { - return $this->data; - } - - /** - * Get the cookie name. - * - * @return string - */ - public function getName() - { - return $this->data['Name']; - } - - /** - * Set the cookie name. - * - * @param string $name Cookie name - */ - public function setName($name): void - { - if (!is_string($name)) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing a string to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - $this->data['Name'] = (string) $name; - } - - /** - * Get the cookie value. - * - * @return string|null - */ - public function getValue() - { - return $this->data['Value']; - } - - /** - * Set the cookie value. - * - * @param string $value Cookie value - */ - public function setValue($value): void - { - if (!is_string($value)) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing a string to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - $this->data['Value'] = (string) $value; - } - - /** - * Get the domain. - * - * @return string|null - */ - public function getDomain() - { - return $this->data['Domain']; - } - - /** - * Set the domain of the cookie. - * - * @param string|null $domain - */ - public function setDomain($domain): void - { - if (!is_string($domain) && null !== $domain) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing a string or null to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - $this->data['Domain'] = null === $domain ? null : (string) $domain; - } - - /** - * Get the path. - * - * @return string - */ - public function getPath() - { - return $this->data['Path']; - } - - /** - * Set the path of the cookie. - * - * @param string $path Path of the cookie - */ - public function setPath($path): void - { - if (!is_string($path)) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing a string to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - $this->data['Path'] = (string) $path; - } - - /** - * Maximum lifetime of the cookie in seconds. - * - * @return int|null - */ - public function getMaxAge() - { - return null === $this->data['Max-Age'] ? null : (int) $this->data['Max-Age']; - } - - /** - * Set the max-age of the cookie. - * - * @param int|null $maxAge Max age of the cookie in seconds - */ - public function setMaxAge($maxAge): void - { - if (!is_int($maxAge) && null !== $maxAge) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing an int or null to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - $this->data['Max-Age'] = $maxAge === null ? null : (int) $maxAge; - } - - /** - * The UNIX timestamp when the cookie Expires. - * - * @return string|int|null - */ - public function getExpires() - { - return $this->data['Expires']; - } - - /** - * Set the unix timestamp for which the cookie will expire. - * - * @param int|string|null $timestamp Unix timestamp or any English textual datetime description. - */ - public function setExpires($timestamp): void - { - if (!is_int($timestamp) && !is_string($timestamp) && null !== $timestamp) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing an int, string or null to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - $this->data['Expires'] = null === $timestamp ? null : (\is_numeric($timestamp) ? (int) $timestamp : \strtotime((string) $timestamp)); - } - - /** - * Get whether or not this is a secure cookie. - * - * @return bool - */ - public function getSecure() - { - return $this->data['Secure']; - } - - /** - * Set whether or not the cookie is secure. - * - * @param bool $secure Set to true or false if secure - */ - public function setSecure($secure): void - { - if (!is_bool($secure)) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing a bool to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - $this->data['Secure'] = (bool) $secure; - } - - /** - * Get whether or not this is a session cookie. - * - * @return bool|null - */ - public function getDiscard() - { - return $this->data['Discard']; - } - - /** - * Set whether or not this is a session cookie. - * - * @param bool $discard Set to true or false if this is a session cookie - */ - public function setDiscard($discard): void - { - if (!is_bool($discard)) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing a bool to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - $this->data['Discard'] = (bool) $discard; - } - - /** - * Get whether or not this is an HTTP only cookie. - * - * @return bool - */ - public function getHttpOnly() - { - return $this->data['HttpOnly']; - } - - /** - * Set whether or not this is an HTTP only cookie. - * - * @param bool $httpOnly Set to true or false if this is HTTP only - */ - public function setHttpOnly($httpOnly): void - { - if (!is_bool($httpOnly)) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing a bool to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - $this->data['HttpOnly'] = (bool) $httpOnly; - } - - /** - * Check if the cookie matches a path value. - * - * A request-path path-matches a given cookie-path if at least one of - * the following conditions holds: - * - * - The cookie-path and the request-path are identical. - * - The cookie-path is a prefix of the request-path, and the last - * character of the cookie-path is %x2F ("/"). - * - The cookie-path is a prefix of the request-path, and the first - * character of the request-path that is not included in the cookie- - * path is a %x2F ("/") character. - * - * @param string $requestPath Path to check against - */ - public function matchesPath(string $requestPath): bool - { - $cookiePath = $this->getPath(); - - // Match on exact matches or when path is the default empty "/" - if ($cookiePath === '/' || $cookiePath == $requestPath) { - return true; - } - - // Ensure that the cookie-path is a prefix of the request path. - if (0 !== \strpos($requestPath, $cookiePath)) { - return false; - } - - // Match if the last character of the cookie-path is "/" - if (\substr($cookiePath, -1, 1) === '/') { - return true; - } - - // Match if the first character not included in cookie path is "/" - return \substr($requestPath, \strlen($cookiePath), 1) === '/'; - } - - /** - * Check if the cookie matches a domain value. - * - * @param string $domain Domain to check against - */ - public function matchesDomain(string $domain): bool - { - $cookieDomain = $this->getDomain(); - if (null === $cookieDomain) { - return true; - } - - // Remove the leading '.' as per spec in RFC 6265. - // https://tools.ietf.org/html/rfc6265#section-5.2.3 - $cookieDomain = \ltrim(\strtolower($cookieDomain), '.'); - - $domain = \strtolower($domain); - - // Domain not set or exact match. - if ('' === $cookieDomain || $domain === $cookieDomain) { - return true; - } - - // Matching the subdomain according to RFC 6265. - // https://tools.ietf.org/html/rfc6265#section-5.1.3 - if (\filter_var($domain, \FILTER_VALIDATE_IP)) { - return false; - } - - return (bool) \preg_match('/\.' . \preg_quote($cookieDomain, '/') . '$/', $domain); - } - - /** - * Check if the cookie is expired. - */ - public function isExpired(): bool - { - return $this->getExpires() !== null && \time() > $this->getExpires(); - } - - /** - * Check if the cookie is valid according to RFC 6265. - * - * @return bool|string Returns true if valid or an error message if invalid - */ - public function validate() - { - $name = $this->getName(); - if ($name === '') { - return 'The cookie name must not be empty'; - } - - // Check if any of the invalid characters are present in the cookie name - if (\preg_match( - '/[\x00-\x20\x22\x28-\x29\x2c\x2f\x3a-\x40\x5c\x7b\x7d\x7f]/', - $name - )) { - return 'Cookie name must not contain invalid characters: ASCII ' - . 'Control characters (0-31;127), space, tab and the ' - . 'following characters: ()<>@,;:\"/?={}'; - } - - // Value must not be null. 0 and empty string are valid. Empty strings - // are technically against RFC 6265, but known to happen in the wild. - $value = $this->getValue(); - if ($value === null) { - return 'The cookie value must not be empty'; - } - - // Domains must not be empty, but can be 0. "0" is not a valid internet - // domain, but may be used as server name in a private network. - $domain = $this->getDomain(); - if ($domain === null || $domain === '') { - return 'The cookie domain must not be empty'; - } - - return true; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/BadResponseException.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/BadResponseException.php deleted file mode 100644 index a80956c9..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/BadResponseException.php +++ /dev/null @@ -1,39 +0,0 @@ -request = $request; - $this->handlerContext = $handlerContext; - } - - /** - * Get the request that caused the exception - */ - public function getRequest(): RequestInterface - { - return $this->request; - } - - /** - * Get contextual information about the error from the underlying handler. - * - * The contents of this array will vary depending on which handler you are - * using. It may also be just an empty array. Relying on this data will - * couple you to a specific handler, but can give more debug information - * when needed. - */ - public function getHandlerContext(): array - { - return $this->handlerContext; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/GuzzleException.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/GuzzleException.php deleted file mode 100644 index fa3ed699..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/GuzzleException.php +++ /dev/null @@ -1,9 +0,0 @@ -getStatusCode() : 0; - parent::__construct($message, $code, $previous); - $this->request = $request; - $this->response = $response; - $this->handlerContext = $handlerContext; - } - - /** - * Wrap non-RequestExceptions with a RequestException - */ - public static function wrapException(RequestInterface $request, \Throwable $e): RequestException - { - return $e instanceof RequestException ? $e : new RequestException($e->getMessage(), $request, null, $e); - } - - /** - * Factory method to create a new exception with a normalized error message - * - * @param RequestInterface $request Request sent - * @param ResponseInterface $response Response received - * @param \Throwable|null $previous Previous exception - * @param array $handlerContext Optional handler context - * @param BodySummarizerInterface|null $bodySummarizer Optional body summarizer - */ - public static function create( - RequestInterface $request, - ResponseInterface $response = null, - \Throwable $previous = null, - array $handlerContext = [], - BodySummarizerInterface $bodySummarizer = null - ): self { - if (!$response) { - return new self( - 'Error completing request', - $request, - null, - $previous, - $handlerContext - ); - } - - $level = (int) \floor($response->getStatusCode() / 100); - if ($level === 4) { - $label = 'Client error'; - $className = ClientException::class; - } elseif ($level === 5) { - $label = 'Server error'; - $className = ServerException::class; - } else { - $label = 'Unsuccessful request'; - $className = __CLASS__; - } - - $uri = $request->getUri(); - $uri = static::obfuscateUri($uri); - - // Client Error: `GET /` resulted in a `404 Not Found` response: - // ... (truncated) - $message = \sprintf( - '%s: `%s %s` resulted in a `%s %s` response', - $label, - $request->getMethod(), - $uri->__toString(), - $response->getStatusCode(), - $response->getReasonPhrase() - ); - - $summary = ($bodySummarizer ?? new BodySummarizer())->summarize($response); - - if ($summary !== null) { - $message .= ":\n{$summary}\n"; - } - - return new $className($message, $request, $response, $previous, $handlerContext); - } - - /** - * Obfuscates URI if there is a username and a password present - */ - private static function obfuscateUri(UriInterface $uri): UriInterface - { - $userInfo = $uri->getUserInfo(); - - if (false !== ($pos = \strpos($userInfo, ':'))) { - return $uri->withUserInfo(\substr($userInfo, 0, $pos), '***'); - } - - return $uri; - } - - /** - * Get the request that caused the exception - */ - public function getRequest(): RequestInterface - { - return $this->request; - } - - /** - * Get the associated response - */ - public function getResponse(): ?ResponseInterface - { - return $this->response; - } - - /** - * Check if a response was received - */ - public function hasResponse(): bool - { - return $this->response !== null; - } - - /** - * Get contextual information about the error from the underlying handler. - * - * The contents of this array will vary depending on which handler you are - * using. It may also be just an empty array. Relying on this data will - * couple you to a specific handler, but can give more debug information - * when needed. - */ - public function getHandlerContext(): array - { - return $this->handlerContext; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/ServerException.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/ServerException.php deleted file mode 100644 index 8055e067..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Exception/ServerException.php +++ /dev/null @@ -1,10 +0,0 @@ -maxHandles = $maxHandles; - } - - public function create(RequestInterface $request, array $options): EasyHandle - { - if (isset($options['curl']['body_as_string'])) { - $options['_body_as_string'] = $options['curl']['body_as_string']; - unset($options['curl']['body_as_string']); - } - - $easy = new EasyHandle; - $easy->request = $request; - $easy->options = $options; - $conf = $this->getDefaultConf($easy); - $this->applyMethod($easy, $conf); - $this->applyHandlerOptions($easy, $conf); - $this->applyHeaders($easy, $conf); - unset($conf['_headers']); - - // Add handler options from the request configuration options - if (isset($options['curl'])) { - $conf = \array_replace($conf, $options['curl']); - } - - $conf[\CURLOPT_HEADERFUNCTION] = $this->createHeaderFn($easy); - $easy->handle = $this->handles ? \array_pop($this->handles) : \curl_init(); - curl_setopt_array($easy->handle, $conf); - - return $easy; - } - - public function release(EasyHandle $easy): void - { - $resource = $easy->handle; - unset($easy->handle); - - if (\count($this->handles) >= $this->maxHandles) { - \curl_close($resource); - } else { - // Remove all callback functions as they can hold onto references - // and are not cleaned up by curl_reset. Using curl_setopt_array - // does not work for some reason, so removing each one - // individually. - \curl_setopt($resource, \CURLOPT_HEADERFUNCTION, null); - \curl_setopt($resource, \CURLOPT_READFUNCTION, null); - \curl_setopt($resource, \CURLOPT_WRITEFUNCTION, null); - \curl_setopt($resource, \CURLOPT_PROGRESSFUNCTION, null); - \curl_reset($resource); - $this->handles[] = $resource; - } - } - - /** - * Completes a cURL transaction, either returning a response promise or a - * rejected promise. - * - * @param callable(RequestInterface, array): PromiseInterface $handler - * @param CurlFactoryInterface $factory Dictates how the handle is released - */ - public static function finish(callable $handler, EasyHandle $easy, CurlFactoryInterface $factory): PromiseInterface - { - if (isset($easy->options['on_stats'])) { - self::invokeStats($easy); - } - - if (!$easy->response || $easy->errno) { - return self::finishError($handler, $easy, $factory); - } - - // Return the response if it is present and there is no error. - $factory->release($easy); - - // Rewind the body of the response if possible. - $body = $easy->response->getBody(); - if ($body->isSeekable()) { - $body->rewind(); - } - - return new FulfilledPromise($easy->response); - } - - private static function invokeStats(EasyHandle $easy): void - { - $curlStats = \curl_getinfo($easy->handle); - $curlStats['appconnect_time'] = \curl_getinfo($easy->handle, \CURLINFO_APPCONNECT_TIME); - $stats = new TransferStats( - $easy->request, - $easy->response, - $curlStats['total_time'], - $easy->errno, - $curlStats - ); - ($easy->options['on_stats'])($stats); - } - - /** - * @param callable(RequestInterface, array): PromiseInterface $handler - */ - private static function finishError(callable $handler, EasyHandle $easy, CurlFactoryInterface $factory): PromiseInterface - { - // Get error information and release the handle to the factory. - $ctx = [ - 'errno' => $easy->errno, - 'error' => \curl_error($easy->handle), - 'appconnect_time' => \curl_getinfo($easy->handle, \CURLINFO_APPCONNECT_TIME), - ] + \curl_getinfo($easy->handle); - $ctx[self::CURL_VERSION_STR] = \curl_version()['version']; - $factory->release($easy); - - // Retry when nothing is present or when curl failed to rewind. - if (empty($easy->options['_err_message']) && (!$easy->errno || $easy->errno == 65)) { - return self::retryFailedRewind($handler, $easy, $ctx); - } - - return self::createRejection($easy, $ctx); - } - - private static function createRejection(EasyHandle $easy, array $ctx): PromiseInterface - { - static $connectionErrors = [ - \CURLE_OPERATION_TIMEOUTED => true, - \CURLE_COULDNT_RESOLVE_HOST => true, - \CURLE_COULDNT_CONNECT => true, - \CURLE_SSL_CONNECT_ERROR => true, - \CURLE_GOT_NOTHING => true, - ]; - - if ($easy->createResponseException) { - return P\Create::rejectionFor( - new RequestException( - 'An error was encountered while creating the response', - $easy->request, - $easy->response, - $easy->createResponseException, - $ctx - ) - ); - } - - // If an exception was encountered during the onHeaders event, then - // return a rejected promise that wraps that exception. - if ($easy->onHeadersException) { - return P\Create::rejectionFor( - new RequestException( - 'An error was encountered during the on_headers event', - $easy->request, - $easy->response, - $easy->onHeadersException, - $ctx - ) - ); - } - - $message = \sprintf( - 'cURL error %s: %s (%s)', - $ctx['errno'], - $ctx['error'], - 'see https://curl.haxx.se/libcurl/c/libcurl-errors.html' - ); - $uriString = (string) $easy->request->getUri(); - if ($uriString !== '' && false === \strpos($ctx['error'], $uriString)) { - $message .= \sprintf(' for %s', $uriString); - } - - // Create a connection exception if it was a specific error code. - $error = isset($connectionErrors[$easy->errno]) - ? new ConnectException($message, $easy->request, null, $ctx) - : new RequestException($message, $easy->request, $easy->response, null, $ctx); - - return P\Create::rejectionFor($error); - } - - /** - * @return array - */ - private function getDefaultConf(EasyHandle $easy): array - { - $conf = [ - '_headers' => $easy->request->getHeaders(), - \CURLOPT_CUSTOMREQUEST => $easy->request->getMethod(), - \CURLOPT_URL => (string) $easy->request->getUri()->withFragment(''), - \CURLOPT_RETURNTRANSFER => false, - \CURLOPT_HEADER => false, - \CURLOPT_CONNECTTIMEOUT => 150, - ]; - - if (\defined('CURLOPT_PROTOCOLS')) { - $conf[\CURLOPT_PROTOCOLS] = \CURLPROTO_HTTP | \CURLPROTO_HTTPS; - } - - $version = $easy->request->getProtocolVersion(); - if ($version == 1.1) { - $conf[\CURLOPT_HTTP_VERSION] = \CURL_HTTP_VERSION_1_1; - } elseif ($version == 2.0) { - $conf[\CURLOPT_HTTP_VERSION] = \CURL_HTTP_VERSION_2_0; - } else { - $conf[\CURLOPT_HTTP_VERSION] = \CURL_HTTP_VERSION_1_0; - } - - return $conf; - } - - private function applyMethod(EasyHandle $easy, array &$conf): void - { - $body = $easy->request->getBody(); - $size = $body->getSize(); - - if ($size === null || $size > 0) { - $this->applyBody($easy->request, $easy->options, $conf); - return; - } - - $method = $easy->request->getMethod(); - if ($method === 'PUT' || $method === 'POST') { - // See https://tools.ietf.org/html/rfc7230#section-3.3.2 - if (!$easy->request->hasHeader('Content-Length')) { - $conf[\CURLOPT_HTTPHEADER][] = 'Content-Length: 0'; - } - } elseif ($method === 'HEAD') { - $conf[\CURLOPT_NOBODY] = true; - unset( - $conf[\CURLOPT_WRITEFUNCTION], - $conf[\CURLOPT_READFUNCTION], - $conf[\CURLOPT_FILE], - $conf[\CURLOPT_INFILE] - ); - } - } - - private function applyBody(RequestInterface $request, array $options, array &$conf): void - { - $size = $request->hasHeader('Content-Length') - ? (int) $request->getHeaderLine('Content-Length') - : null; - - // Send the body as a string if the size is less than 1MB OR if the - // [curl][body_as_string] request value is set. - if (($size !== null && $size < 1000000) || !empty($options['_body_as_string'])) { - $conf[\CURLOPT_POSTFIELDS] = (string) $request->getBody(); - // Don't duplicate the Content-Length header - $this->removeHeader('Content-Length', $conf); - $this->removeHeader('Transfer-Encoding', $conf); - } else { - $conf[\CURLOPT_UPLOAD] = true; - if ($size !== null) { - $conf[\CURLOPT_INFILESIZE] = $size; - $this->removeHeader('Content-Length', $conf); - } - $body = $request->getBody(); - if ($body->isSeekable()) { - $body->rewind(); - } - $conf[\CURLOPT_READFUNCTION] = static function ($ch, $fd, $length) use ($body) { - return $body->read($length); - }; - } - - // If the Expect header is not present, prevent curl from adding it - if (!$request->hasHeader('Expect')) { - $conf[\CURLOPT_HTTPHEADER][] = 'Expect:'; - } - - // cURL sometimes adds a content-type by default. Prevent this. - if (!$request->hasHeader('Content-Type')) { - $conf[\CURLOPT_HTTPHEADER][] = 'Content-Type:'; - } - } - - private function applyHeaders(EasyHandle $easy, array &$conf): void - { - foreach ($conf['_headers'] as $name => $values) { - foreach ($values as $value) { - $value = (string) $value; - if ($value === '') { - // cURL requires a special format for empty headers. - // See https://github.com/guzzle/guzzle/issues/1882 for more details. - $conf[\CURLOPT_HTTPHEADER][] = "$name;"; - } else { - $conf[\CURLOPT_HTTPHEADER][] = "$name: $value"; - } - } - } - - // Remove the Accept header if one was not set - if (!$easy->request->hasHeader('Accept')) { - $conf[\CURLOPT_HTTPHEADER][] = 'Accept:'; - } - } - - /** - * Remove a header from the options array. - * - * @param string $name Case-insensitive header to remove - * @param array $options Array of options to modify - */ - private function removeHeader(string $name, array &$options): void - { - foreach (\array_keys($options['_headers']) as $key) { - if (!\strcasecmp($key, $name)) { - unset($options['_headers'][$key]); - return; - } - } - } - - private function applyHandlerOptions(EasyHandle $easy, array &$conf): void - { - $options = $easy->options; - if (isset($options['verify'])) { - if ($options['verify'] === false) { - unset($conf[\CURLOPT_CAINFO]); - $conf[\CURLOPT_SSL_VERIFYHOST] = 0; - $conf[\CURLOPT_SSL_VERIFYPEER] = false; - } else { - $conf[\CURLOPT_SSL_VERIFYHOST] = 2; - $conf[\CURLOPT_SSL_VERIFYPEER] = true; - if (\is_string($options['verify'])) { - // Throw an error if the file/folder/link path is not valid or doesn't exist. - if (!\file_exists($options['verify'])) { - throw new \InvalidArgumentException("SSL CA bundle not found: {$options['verify']}"); - } - // If it's a directory or a link to a directory use CURLOPT_CAPATH. - // If not, it's probably a file, or a link to a file, so use CURLOPT_CAINFO. - if ( - \is_dir($options['verify']) || - ( - \is_link($options['verify']) === true && - ($verifyLink = \readlink($options['verify'])) !== false && - \is_dir($verifyLink) - ) - ) { - $conf[\CURLOPT_CAPATH] = $options['verify']; - } else { - $conf[\CURLOPT_CAINFO] = $options['verify']; - } - } - } - } - - if (!isset($options['curl'][\CURLOPT_ENCODING]) && !empty($options['decode_content'])) { - $accept = $easy->request->getHeaderLine('Accept-Encoding'); - if ($accept) { - $conf[\CURLOPT_ENCODING] = $accept; - } else { - // The empty string enables all available decoders and implicitly - // sets a matching 'Accept-Encoding' header. - $conf[\CURLOPT_ENCODING] = ''; - // But as the user did not specify any acceptable encodings we need - // to overwrite this implicit header with an empty one. - $conf[\CURLOPT_HTTPHEADER][] = 'Accept-Encoding:'; - } - } - - if (!isset($options['sink'])) { - // Use a default temp stream if no sink was set. - $options['sink'] = \GuzzleHttp\Psr7\Utils::tryFopen('php://temp', 'w+'); - } - $sink = $options['sink']; - if (!\is_string($sink)) { - $sink = \GuzzleHttp\Psr7\Utils::streamFor($sink); - } elseif (!\is_dir(\dirname($sink))) { - // Ensure that the directory exists before failing in curl. - throw new \RuntimeException(\sprintf('Directory %s does not exist for sink value of %s', \dirname($sink), $sink)); - } else { - $sink = new LazyOpenStream($sink, 'w+'); - } - $easy->sink = $sink; - $conf[\CURLOPT_WRITEFUNCTION] = static function ($ch, $write) use ($sink): int { - return $sink->write($write); - }; - - $timeoutRequiresNoSignal = false; - if (isset($options['timeout'])) { - $timeoutRequiresNoSignal |= $options['timeout'] < 1; - $conf[\CURLOPT_TIMEOUT_MS] = $options['timeout'] * 1000; - } - - // CURL default value is CURL_IPRESOLVE_WHATEVER - if (isset($options['force_ip_resolve'])) { - if ('v4' === $options['force_ip_resolve']) { - $conf[\CURLOPT_IPRESOLVE] = \CURL_IPRESOLVE_V4; - } elseif ('v6' === $options['force_ip_resolve']) { - $conf[\CURLOPT_IPRESOLVE] = \CURL_IPRESOLVE_V6; - } - } - - if (isset($options['connect_timeout'])) { - $timeoutRequiresNoSignal |= $options['connect_timeout'] < 1; - $conf[\CURLOPT_CONNECTTIMEOUT_MS] = $options['connect_timeout'] * 1000; - } - - if ($timeoutRequiresNoSignal && \strtoupper(\substr(\PHP_OS, 0, 3)) !== 'WIN') { - $conf[\CURLOPT_NOSIGNAL] = true; - } - - if (isset($options['proxy'])) { - if (!\is_array($options['proxy'])) { - $conf[\CURLOPT_PROXY] = $options['proxy']; - } else { - $scheme = $easy->request->getUri()->getScheme(); - if (isset($options['proxy'][$scheme])) { - $host = $easy->request->getUri()->getHost(); - if (!isset($options['proxy']['no']) || !Utils::isHostInNoProxy($host, $options['proxy']['no'])) { - $conf[\CURLOPT_PROXY] = $options['proxy'][$scheme]; - } - } - } - } - - if (isset($options['cert'])) { - $cert = $options['cert']; - if (\is_array($cert)) { - $conf[\CURLOPT_SSLCERTPASSWD] = $cert[1]; - $cert = $cert[0]; - } - if (!\file_exists($cert)) { - throw new \InvalidArgumentException("SSL certificate not found: {$cert}"); - } - # OpenSSL (versions 0.9.3 and later) also support "P12" for PKCS#12-encoded files. - # see https://curl.se/libcurl/c/CURLOPT_SSLCERTTYPE.html - $ext = pathinfo($cert, \PATHINFO_EXTENSION); - if (preg_match('#^(der|p12)$#i', $ext)) { - $conf[\CURLOPT_SSLCERTTYPE] = strtoupper($ext); - } - $conf[\CURLOPT_SSLCERT] = $cert; - } - - if (isset($options['ssl_key'])) { - if (\is_array($options['ssl_key'])) { - if (\count($options['ssl_key']) === 2) { - [$sslKey, $conf[\CURLOPT_SSLKEYPASSWD]] = $options['ssl_key']; - } else { - [$sslKey] = $options['ssl_key']; - } - } - - $sslKey = $sslKey ?? $options['ssl_key']; - - if (!\file_exists($sslKey)) { - throw new \InvalidArgumentException("SSL private key not found: {$sslKey}"); - } - $conf[\CURLOPT_SSLKEY] = $sslKey; - } - - if (isset($options['progress'])) { - $progress = $options['progress']; - if (!\is_callable($progress)) { - throw new \InvalidArgumentException('progress client option must be callable'); - } - $conf[\CURLOPT_NOPROGRESS] = false; - $conf[\CURLOPT_PROGRESSFUNCTION] = static function ($resource, int $downloadSize, int $downloaded, int $uploadSize, int $uploaded) use ($progress) { - $progress($downloadSize, $downloaded, $uploadSize, $uploaded); - }; - } - - if (!empty($options['debug'])) { - $conf[\CURLOPT_STDERR] = Utils::debugResource($options['debug']); - $conf[\CURLOPT_VERBOSE] = true; - } - } - - /** - * This function ensures that a response was set on a transaction. If one - * was not set, then the request is retried if possible. This error - * typically means you are sending a payload, curl encountered a - * "Connection died, retrying a fresh connect" error, tried to rewind the - * stream, and then encountered a "necessary data rewind wasn't possible" - * error, causing the request to be sent through curl_multi_info_read() - * without an error status. - * - * @param callable(RequestInterface, array): PromiseInterface $handler - */ - private static function retryFailedRewind(callable $handler, EasyHandle $easy, array $ctx): PromiseInterface - { - try { - // Only rewind if the body has been read from. - $body = $easy->request->getBody(); - if ($body->tell() > 0) { - $body->rewind(); - } - } catch (\RuntimeException $e) { - $ctx['error'] = 'The connection unexpectedly failed without ' - . 'providing an error. The request would have been retried, ' - . 'but attempting to rewind the request body failed. ' - . 'Exception: ' . $e; - return self::createRejection($easy, $ctx); - } - - // Retry no more than 3 times before giving up. - if (!isset($easy->options['_curl_retries'])) { - $easy->options['_curl_retries'] = 1; - } elseif ($easy->options['_curl_retries'] == 2) { - $ctx['error'] = 'The cURL request was retried 3 times ' - . 'and did not succeed. The most likely reason for the failure ' - . 'is that cURL was unable to rewind the body of the request ' - . 'and subsequent retries resulted in the same error. Turn on ' - . 'the debug option to see what went wrong. See ' - . 'https://bugs.php.net/bug.php?id=47204 for more information.'; - return self::createRejection($easy, $ctx); - } else { - $easy->options['_curl_retries']++; - } - - return $handler($easy->request, $easy->options); - } - - private function createHeaderFn(EasyHandle $easy): callable - { - if (isset($easy->options['on_headers'])) { - $onHeaders = $easy->options['on_headers']; - - if (!\is_callable($onHeaders)) { - throw new \InvalidArgumentException('on_headers must be callable'); - } - } else { - $onHeaders = null; - } - - return static function ($ch, $h) use ( - $onHeaders, - $easy, - &$startingResponse - ) { - $value = \trim($h); - if ($value === '') { - $startingResponse = true; - try { - $easy->createResponse(); - } catch (\Exception $e) { - $easy->createResponseException = $e; - return -1; - } - if ($onHeaders !== null) { - try { - $onHeaders($easy->response); - } catch (\Exception $e) { - // Associate the exception with the handle and trigger - // a curl header write error by returning 0. - $easy->onHeadersException = $e; - return -1; - } - } - } elseif ($startingResponse) { - $startingResponse = false; - $easy->headers = [$value]; - } else { - $easy->headers[] = $value; - } - return \strlen($h); - }; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/CurlFactoryInterface.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/CurlFactoryInterface.php deleted file mode 100644 index fe57ed5d..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/CurlFactoryInterface.php +++ /dev/null @@ -1,25 +0,0 @@ -factory = $options['handle_factory'] - ?? new CurlFactory(3); - } - - public function __invoke(RequestInterface $request, array $options): PromiseInterface - { - if (isset($options['delay'])) { - \usleep($options['delay'] * 1000); - } - - $easy = $this->factory->create($request, $options); - \curl_exec($easy->handle); - $easy->errno = \curl_errno($easy->handle); - - return CurlFactory::finish($this, $easy, $this->factory); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/CurlMultiHandler.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/CurlMultiHandler.php deleted file mode 100644 index 4356d024..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/CurlMultiHandler.php +++ /dev/null @@ -1,262 +0,0 @@ - An array of delay times, indexed by handle id in `addRequest`. - * - * @see CurlMultiHandler::addRequest - */ - private $delays = []; - - /** - * @var array An associative array of CURLMOPT_* options and corresponding values for curl_multi_setopt() - */ - private $options = []; - - /** - * This handler accepts the following options: - * - * - handle_factory: An optional factory used to create curl handles - * - select_timeout: Optional timeout (in seconds) to block before timing - * out while selecting curl handles. Defaults to 1 second. - * - options: An associative array of CURLMOPT_* options and - * corresponding values for curl_multi_setopt() - */ - public function __construct(array $options = []) - { - $this->factory = $options['handle_factory'] ?? new CurlFactory(50); - - if (isset($options['select_timeout'])) { - $this->selectTimeout = $options['select_timeout']; - } elseif ($selectTimeout = Utils::getenv('GUZZLE_CURL_SELECT_TIMEOUT')) { - @trigger_error('Since guzzlehttp/guzzle 7.2.0: Using environment variable GUZZLE_CURL_SELECT_TIMEOUT is deprecated. Use option "select_timeout" instead.', \E_USER_DEPRECATED); - $this->selectTimeout = (int) $selectTimeout; - } else { - $this->selectTimeout = 1; - } - - $this->options = $options['options'] ?? []; - } - - /** - * @param string $name - * - * @return resource|\CurlMultiHandle - * - * @throws \BadMethodCallException when another field as `_mh` will be gotten - * @throws \RuntimeException when curl can not initialize a multi handle - */ - public function __get($name) - { - if ($name !== '_mh') { - throw new \BadMethodCallException("Can not get other property as '_mh'."); - } - - $multiHandle = \curl_multi_init(); - - if (false === $multiHandle) { - throw new \RuntimeException('Can not initialize curl multi handle.'); - } - - $this->_mh = $multiHandle; - - foreach ($this->options as $option => $value) { - // A warning is raised in case of a wrong option. - curl_multi_setopt($this->_mh, $option, $value); - } - - return $this->_mh; - } - - public function __destruct() - { - if (isset($this->_mh)) { - \curl_multi_close($this->_mh); - unset($this->_mh); - } - } - - public function __invoke(RequestInterface $request, array $options): PromiseInterface - { - $easy = $this->factory->create($request, $options); - $id = (int) $easy->handle; - - $promise = new Promise( - [$this, 'execute'], - function () use ($id) { - return $this->cancel($id); - } - ); - - $this->addRequest(['easy' => $easy, 'deferred' => $promise]); - - return $promise; - } - - /** - * Ticks the curl event loop. - */ - public function tick(): void - { - // Add any delayed handles if needed. - if ($this->delays) { - $currentTime = Utils::currentTime(); - foreach ($this->delays as $id => $delay) { - if ($currentTime >= $delay) { - unset($this->delays[$id]); - \curl_multi_add_handle( - $this->_mh, - $this->handles[$id]['easy']->handle - ); - } - } - } - - // Step through the task queue which may add additional requests. - P\Utils::queue()->run(); - - if ($this->active && \curl_multi_select($this->_mh, $this->selectTimeout) === -1) { - // Perform a usleep if a select returns -1. - // See: https://bugs.php.net/bug.php?id=61141 - \usleep(250); - } - - while (\curl_multi_exec($this->_mh, $this->active) === \CURLM_CALL_MULTI_PERFORM); - - $this->processMessages(); - } - - /** - * Runs until all outstanding connections have completed. - */ - public function execute(): void - { - $queue = P\Utils::queue(); - - while ($this->handles || !$queue->isEmpty()) { - // If there are no transfers, then sleep for the next delay - if (!$this->active && $this->delays) { - \usleep($this->timeToNext()); - } - $this->tick(); - } - } - - private function addRequest(array $entry): void - { - $easy = $entry['easy']; - $id = (int) $easy->handle; - $this->handles[$id] = $entry; - if (empty($easy->options['delay'])) { - \curl_multi_add_handle($this->_mh, $easy->handle); - } else { - $this->delays[$id] = Utils::currentTime() + ($easy->options['delay'] / 1000); - } - } - - /** - * Cancels a handle from sending and removes references to it. - * - * @param int $id Handle ID to cancel and remove. - * - * @return bool True on success, false on failure. - */ - private function cancel($id): bool - { - if (!is_int($id)) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing an integer to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - // Cannot cancel if it has been processed. - if (!isset($this->handles[$id])) { - return false; - } - - $handle = $this->handles[$id]['easy']->handle; - unset($this->delays[$id], $this->handles[$id]); - \curl_multi_remove_handle($this->_mh, $handle); - \curl_close($handle); - - return true; - } - - private function processMessages(): void - { - while ($done = \curl_multi_info_read($this->_mh)) { - if ($done['msg'] !== \CURLMSG_DONE) { - // if it's not done, then it would be premature to remove the handle. ref https://github.com/guzzle/guzzle/pull/2892#issuecomment-945150216 - continue; - } - $id = (int) $done['handle']; - \curl_multi_remove_handle($this->_mh, $done['handle']); - - if (!isset($this->handles[$id])) { - // Probably was cancelled. - continue; - } - - $entry = $this->handles[$id]; - unset($this->handles[$id], $this->delays[$id]); - $entry['easy']->errno = $done['result']; - $entry['deferred']->resolve( - CurlFactory::finish($this, $entry['easy'], $this->factory) - ); - } - } - - private function timeToNext(): int - { - $currentTime = Utils::currentTime(); - $nextTime = \PHP_INT_MAX; - foreach ($this->delays as $time) { - if ($time < $nextTime) { - $nextTime = $time; - } - } - - return ((int) \max(0, $nextTime - $currentTime)) * 1000000; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/EasyHandle.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/EasyHandle.php deleted file mode 100644 index 224344d7..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/EasyHandle.php +++ /dev/null @@ -1,112 +0,0 @@ -headers); - - $normalizedKeys = Utils::normalizeHeaderKeys($headers); - - if (!empty($this->options['decode_content']) && isset($normalizedKeys['content-encoding'])) { - $headers['x-encoded-content-encoding'] = $headers[$normalizedKeys['content-encoding']]; - unset($headers[$normalizedKeys['content-encoding']]); - if (isset($normalizedKeys['content-length'])) { - $headers['x-encoded-content-length'] = $headers[$normalizedKeys['content-length']]; - - $bodyLength = (int) $this->sink->getSize(); - if ($bodyLength) { - $headers[$normalizedKeys['content-length']] = $bodyLength; - } else { - unset($headers[$normalizedKeys['content-length']]); - } - } - } - - // Attach a response to the easy handle with the parsed headers. - $this->response = new Response( - $status, - $headers, - $this->sink, - $ver, - $reason - ); - } - - /** - * @param string $name - * - * @return void - * - * @throws \BadMethodCallException - */ - public function __get($name) - { - $msg = $name === 'handle' ? 'The EasyHandle has been released' : 'Invalid property: ' . $name; - throw new \BadMethodCallException($msg); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/MockHandler.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/MockHandler.php deleted file mode 100644 index 79664e27..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/MockHandler.php +++ /dev/null @@ -1,211 +0,0 @@ -|null $queue The parameters to be passed to the append function, as an indexed array. - * @param callable|null $onFulfilled Callback to invoke when the return value is fulfilled. - * @param callable|null $onRejected Callback to invoke when the return value is rejected. - */ - public function __construct(array $queue = null, callable $onFulfilled = null, callable $onRejected = null) - { - $this->onFulfilled = $onFulfilled; - $this->onRejected = $onRejected; - - if ($queue) { - // array_values included for BC - $this->append(...array_values($queue)); - } - } - - public function __invoke(RequestInterface $request, array $options): PromiseInterface - { - if (!$this->queue) { - throw new \OutOfBoundsException('Mock queue is empty'); - } - - if (isset($options['delay']) && \is_numeric($options['delay'])) { - \usleep((int) $options['delay'] * 1000); - } - - $this->lastRequest = $request; - $this->lastOptions = $options; - $response = \array_shift($this->queue); - - if (isset($options['on_headers'])) { - if (!\is_callable($options['on_headers'])) { - throw new \InvalidArgumentException('on_headers must be callable'); - } - try { - $options['on_headers']($response); - } catch (\Exception $e) { - $msg = 'An error was encountered during the on_headers event'; - $response = new RequestException($msg, $request, $response, $e); - } - } - - if (\is_callable($response)) { - $response = $response($request, $options); - } - - $response = $response instanceof \Throwable - ? P\Create::rejectionFor($response) - : P\Create::promiseFor($response); - - return $response->then( - function (?ResponseInterface $value) use ($request, $options) { - $this->invokeStats($request, $options, $value); - if ($this->onFulfilled) { - ($this->onFulfilled)($value); - } - - if ($value !== null && isset($options['sink'])) { - $contents = (string) $value->getBody(); - $sink = $options['sink']; - - if (\is_resource($sink)) { - \fwrite($sink, $contents); - } elseif (\is_string($sink)) { - \file_put_contents($sink, $contents); - } elseif ($sink instanceof StreamInterface) { - $sink->write($contents); - } - } - - return $value; - }, - function ($reason) use ($request, $options) { - $this->invokeStats($request, $options, null, $reason); - if ($this->onRejected) { - ($this->onRejected)($reason); - } - return P\Create::rejectionFor($reason); - } - ); - } - - /** - * Adds one or more variadic requests, exceptions, callables, or promises - * to the queue. - * - * @param mixed ...$values - */ - public function append(...$values): void - { - foreach ($values as $value) { - if ($value instanceof ResponseInterface - || $value instanceof \Throwable - || $value instanceof PromiseInterface - || \is_callable($value) - ) { - $this->queue[] = $value; - } else { - throw new \TypeError('Expected a Response, Promise, Throwable or callable. Found ' . Utils::describeType($value)); - } - } - } - - /** - * Get the last received request. - */ - public function getLastRequest(): ?RequestInterface - { - return $this->lastRequest; - } - - /** - * Get the last received request options. - */ - public function getLastOptions(): array - { - return $this->lastOptions; - } - - /** - * Returns the number of remaining items in the queue. - */ - public function count(): int - { - return \count($this->queue); - } - - public function reset(): void - { - $this->queue = []; - } - - /** - * @param mixed $reason Promise or reason. - */ - private function invokeStats( - RequestInterface $request, - array $options, - ResponseInterface $response = null, - $reason = null - ): void { - if (isset($options['on_stats'])) { - $transferTime = $options['transfer_time'] ?? 0; - $stats = new TransferStats($request, $response, $transferTime, $reason); - ($options['on_stats'])($stats); - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php deleted file mode 100644 index f045b526..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php +++ /dev/null @@ -1,51 +0,0 @@ -withoutHeader('Expect'); - - // Append a content-length header if body size is zero to match - // cURL's behavior. - if (0 === $request->getBody()->getSize()) { - $request = $request->withHeader('Content-Length', '0'); - } - - return $this->createResponse( - $request, - $options, - $this->createStream($request, $options), - $startTime - ); - } catch (\InvalidArgumentException $e) { - throw $e; - } catch (\Exception $e) { - // Determine if the error was a networking error. - $message = $e->getMessage(); - // This list can probably get more comprehensive. - if (false !== \strpos($message, 'getaddrinfo') // DNS lookup failed - || false !== \strpos($message, 'Connection refused') - || false !== \strpos($message, "couldn't connect to host") // error on HHVM - || false !== \strpos($message, "connection attempt failed") - ) { - $e = new ConnectException($e->getMessage(), $request, $e); - } else { - $e = RequestException::wrapException($request, $e); - } - $this->invokeStats($options, $request, $startTime, null, $e); - - return P\Create::rejectionFor($e); - } - } - - private function invokeStats( - array $options, - RequestInterface $request, - ?float $startTime, - ResponseInterface $response = null, - \Throwable $error = null - ): void { - if (isset($options['on_stats'])) { - $stats = new TransferStats($request, $response, Utils::currentTime() - $startTime, $error, []); - ($options['on_stats'])($stats); - } - } - - /** - * @param resource $stream - */ - private function createResponse(RequestInterface $request, array $options, $stream, ?float $startTime): PromiseInterface - { - $hdrs = $this->lastHeaders; - $this->lastHeaders = []; - - try { - [$ver, $status, $reason, $headers] = HeaderProcessor::parseHeaders($hdrs); - } catch (\Exception $e) { - return P\Create::rejectionFor( - new RequestException('An error was encountered while creating the response', $request, null, $e) - ); - } - - [$stream, $headers] = $this->checkDecode($options, $headers, $stream); - $stream = Psr7\Utils::streamFor($stream); - $sink = $stream; - - if (\strcasecmp('HEAD', $request->getMethod())) { - $sink = $this->createSink($stream, $options); - } - - try { - $response = new Psr7\Response($status, $headers, $sink, $ver, $reason); - } catch (\Exception $e) { - return P\Create::rejectionFor( - new RequestException('An error was encountered while creating the response', $request, null, $e) - ); - } - - if (isset($options['on_headers'])) { - try { - $options['on_headers']($response); - } catch (\Exception $e) { - return P\Create::rejectionFor( - new RequestException('An error was encountered during the on_headers event', $request, $response, $e) - ); - } - } - - // Do not drain when the request is a HEAD request because they have - // no body. - if ($sink !== $stream) { - $this->drain($stream, $sink, $response->getHeaderLine('Content-Length')); - } - - $this->invokeStats($options, $request, $startTime, $response, null); - - return new FulfilledPromise($response); - } - - private function createSink(StreamInterface $stream, array $options): StreamInterface - { - if (!empty($options['stream'])) { - return $stream; - } - - $sink = $options['sink'] ?? Psr7\Utils::tryFopen('php://temp', 'r+'); - - return \is_string($sink) ? new Psr7\LazyOpenStream($sink, 'w+') : Psr7\Utils::streamFor($sink); - } - - /** - * @param resource $stream - */ - private function checkDecode(array $options, array $headers, $stream): array - { - // Automatically decode responses when instructed. - if (!empty($options['decode_content'])) { - $normalizedKeys = Utils::normalizeHeaderKeys($headers); - if (isset($normalizedKeys['content-encoding'])) { - $encoding = $headers[$normalizedKeys['content-encoding']]; - if ($encoding[0] === 'gzip' || $encoding[0] === 'deflate') { - $stream = new Psr7\InflateStream(Psr7\Utils::streamFor($stream)); - $headers['x-encoded-content-encoding'] = $headers[$normalizedKeys['content-encoding']]; - - // Remove content-encoding header - unset($headers[$normalizedKeys['content-encoding']]); - - // Fix content-length header - if (isset($normalizedKeys['content-length'])) { - $headers['x-encoded-content-length'] = $headers[$normalizedKeys['content-length']]; - $length = (int) $stream->getSize(); - if ($length === 0) { - unset($headers[$normalizedKeys['content-length']]); - } else { - $headers[$normalizedKeys['content-length']] = [$length]; - } - } - } - } - } - - return [$stream, $headers]; - } - - /** - * Drains the source stream into the "sink" client option. - * - * @param string $contentLength Header specifying the amount of - * data to read. - * - * @throws \RuntimeException when the sink option is invalid. - */ - private function drain(StreamInterface $source, StreamInterface $sink, string $contentLength): StreamInterface - { - // If a content-length header is provided, then stop reading once - // that number of bytes has been read. This can prevent infinitely - // reading from a stream when dealing with servers that do not honor - // Connection: Close headers. - Psr7\Utils::copyToStream( - $source, - $sink, - (\strlen($contentLength) > 0 && (int) $contentLength > 0) ? (int) $contentLength : -1 - ); - - $sink->seek(0); - $source->close(); - - return $sink; - } - - /** - * Create a resource and check to ensure it was created successfully - * - * @param callable $callback Callable that returns stream resource - * - * @return resource - * - * @throws \RuntimeException on error - */ - private function createResource(callable $callback) - { - $errors = []; - \set_error_handler(static function ($_, $msg, $file, $line) use (&$errors): bool { - $errors[] = [ - 'message' => $msg, - 'file' => $file, - 'line' => $line - ]; - return true; - }); - - try { - $resource = $callback(); - } finally { - \restore_error_handler(); - } - - if (!$resource) { - $message = 'Error creating resource: '; - foreach ($errors as $err) { - foreach ($err as $key => $value) { - $message .= "[$key] $value" . \PHP_EOL; - } - } - throw new \RuntimeException(\trim($message)); - } - - return $resource; - } - - /** - * @return resource - */ - private function createStream(RequestInterface $request, array $options) - { - static $methods; - if (!$methods) { - $methods = \array_flip(\get_class_methods(__CLASS__)); - } - - if (!\in_array($request->getUri()->getScheme(), ['http', 'https'])) { - throw new RequestException(\sprintf("The scheme '%s' is not supported.", $request->getUri()->getScheme()), $request); - } - - // HTTP/1.1 streams using the PHP stream wrapper require a - // Connection: close header - if ($request->getProtocolVersion() == '1.1' - && !$request->hasHeader('Connection') - ) { - $request = $request->withHeader('Connection', 'close'); - } - - // Ensure SSL is verified by default - if (!isset($options['verify'])) { - $options['verify'] = true; - } - - $params = []; - $context = $this->getDefaultContext($request); - - if (isset($options['on_headers']) && !\is_callable($options['on_headers'])) { - throw new \InvalidArgumentException('on_headers must be callable'); - } - - if (!empty($options)) { - foreach ($options as $key => $value) { - $method = "add_{$key}"; - if (isset($methods[$method])) { - $this->{$method}($request, $context, $value, $params); - } - } - } - - if (isset($options['stream_context'])) { - if (!\is_array($options['stream_context'])) { - throw new \InvalidArgumentException('stream_context must be an array'); - } - $context = \array_replace_recursive($context, $options['stream_context']); - } - - // Microsoft NTLM authentication only supported with curl handler - if (isset($options['auth'][2]) && 'ntlm' === $options['auth'][2]) { - throw new \InvalidArgumentException('Microsoft NTLM authentication only supported with curl handler'); - } - - $uri = $this->resolveHost($request, $options); - - $contextResource = $this->createResource( - static function () use ($context, $params) { - return \stream_context_create($context, $params); - } - ); - - return $this->createResource( - function () use ($uri, &$http_response_header, $contextResource, $context, $options, $request) { - $resource = @\fopen((string) $uri, 'r', false, $contextResource); - $this->lastHeaders = $http_response_header ?? []; - - if (false === $resource) { - throw new ConnectException(sprintf('Connection refused for URI %s', $uri), $request, null, $context); - } - - if (isset($options['read_timeout'])) { - $readTimeout = $options['read_timeout']; - $sec = (int) $readTimeout; - $usec = ($readTimeout - $sec) * 100000; - \stream_set_timeout($resource, $sec, $usec); - } - - return $resource; - } - ); - } - - private function resolveHost(RequestInterface $request, array $options): UriInterface - { - $uri = $request->getUri(); - - if (isset($options['force_ip_resolve']) && !\filter_var($uri->getHost(), \FILTER_VALIDATE_IP)) { - if ('v4' === $options['force_ip_resolve']) { - $records = \dns_get_record($uri->getHost(), \DNS_A); - if (false === $records || !isset($records[0]['ip'])) { - throw new ConnectException(\sprintf("Could not resolve IPv4 address for host '%s'", $uri->getHost()), $request); - } - return $uri->withHost($records[0]['ip']); - } - if ('v6' === $options['force_ip_resolve']) { - $records = \dns_get_record($uri->getHost(), \DNS_AAAA); - if (false === $records || !isset($records[0]['ipv6'])) { - throw new ConnectException(\sprintf("Could not resolve IPv6 address for host '%s'", $uri->getHost()), $request); - } - return $uri->withHost('[' . $records[0]['ipv6'] . ']'); - } - } - - return $uri; - } - - private function getDefaultContext(RequestInterface $request): array - { - $headers = ''; - foreach ($request->getHeaders() as $name => $value) { - foreach ($value as $val) { - $headers .= "$name: $val\r\n"; - } - } - - $context = [ - 'http' => [ - 'method' => $request->getMethod(), - 'header' => $headers, - 'protocol_version' => $request->getProtocolVersion(), - 'ignore_errors' => true, - 'follow_location' => 0, - ], - 'ssl' => [ - 'peer_name' => $request->getUri()->getHost(), - ], - ]; - - $body = (string) $request->getBody(); - - if (!empty($body)) { - $context['http']['content'] = $body; - // Prevent the HTTP handler from adding a Content-Type header. - if (!$request->hasHeader('Content-Type')) { - $context['http']['header'] .= "Content-Type:\r\n"; - } - } - - $context['http']['header'] = \rtrim($context['http']['header']); - - return $context; - } - - /** - * @param mixed $value as passed via Request transfer options. - */ - private function add_proxy(RequestInterface $request, array &$options, $value, array &$params): void - { - $uri = null; - - if (!\is_array($value)) { - $uri = $value; - } else { - $scheme = $request->getUri()->getScheme(); - if (isset($value[$scheme])) { - if (!isset($value['no']) || !Utils::isHostInNoProxy($request->getUri()->getHost(), $value['no'])) { - $uri = $value[$scheme]; - } - } - } - - if (!$uri) { - return; - } - - $parsed = $this->parse_proxy($uri); - $options['http']['proxy'] = $parsed['proxy']; - - if ($parsed['auth']) { - if (!isset($options['http']['header'])) { - $options['http']['header'] = []; - } - $options['http']['header'] .= "\r\nProxy-Authorization: {$parsed['auth']}"; - } - } - - /** - * Parses the given proxy URL to make it compatible with the format PHP's stream context expects. - */ - private function parse_proxy(string $url): array - { - $parsed = \parse_url($url); - - if ($parsed !== false && isset($parsed['scheme']) && $parsed['scheme'] === 'http') { - if (isset($parsed['host']) && isset($parsed['port'])) { - $auth = null; - if (isset($parsed['user']) && isset($parsed['pass'])) { - $auth = \base64_encode("{$parsed['user']}:{$parsed['pass']}"); - } - - return [ - 'proxy' => "tcp://{$parsed['host']}:{$parsed['port']}", - 'auth' => $auth ? "Basic {$auth}" : null, - ]; - } - } - - // Return proxy as-is. - return [ - 'proxy' => $url, - 'auth' => null, - ]; - } - - /** - * @param mixed $value as passed via Request transfer options. - */ - private function add_timeout(RequestInterface $request, array &$options, $value, array &$params): void - { - if ($value > 0) { - $options['http']['timeout'] = $value; - } - } - - /** - * @param mixed $value as passed via Request transfer options. - */ - private function add_verify(RequestInterface $request, array &$options, $value, array &$params): void - { - if ($value === false) { - $options['ssl']['verify_peer'] = false; - $options['ssl']['verify_peer_name'] = false; - - return; - } - - if (\is_string($value)) { - $options['ssl']['cafile'] = $value; - if (!\file_exists($value)) { - throw new \RuntimeException("SSL CA bundle not found: $value"); - } - } elseif ($value !== true) { - throw new \InvalidArgumentException('Invalid verify request option'); - } - - $options['ssl']['verify_peer'] = true; - $options['ssl']['verify_peer_name'] = true; - $options['ssl']['allow_self_signed'] = false; - } - - /** - * @param mixed $value as passed via Request transfer options. - */ - private function add_cert(RequestInterface $request, array &$options, $value, array &$params): void - { - if (\is_array($value)) { - $options['ssl']['passphrase'] = $value[1]; - $value = $value[0]; - } - - if (!\file_exists($value)) { - throw new \RuntimeException("SSL certificate not found: {$value}"); - } - - $options['ssl']['local_cert'] = $value; - } - - /** - * @param mixed $value as passed via Request transfer options. - */ - private function add_progress(RequestInterface $request, array &$options, $value, array &$params): void - { - self::addNotification( - $params, - static function ($code, $a, $b, $c, $transferred, $total) use ($value) { - if ($code == \STREAM_NOTIFY_PROGRESS) { - // The upload progress cannot be determined. Use 0 for cURL compatibility: - // https://curl.se/libcurl/c/CURLOPT_PROGRESSFUNCTION.html - $value($total, $transferred, 0, 0); - } - } - ); - } - - /** - * @param mixed $value as passed via Request transfer options. - */ - private function add_debug(RequestInterface $request, array &$options, $value, array &$params): void - { - if ($value === false) { - return; - } - - static $map = [ - \STREAM_NOTIFY_CONNECT => 'CONNECT', - \STREAM_NOTIFY_AUTH_REQUIRED => 'AUTH_REQUIRED', - \STREAM_NOTIFY_AUTH_RESULT => 'AUTH_RESULT', - \STREAM_NOTIFY_MIME_TYPE_IS => 'MIME_TYPE_IS', - \STREAM_NOTIFY_FILE_SIZE_IS => 'FILE_SIZE_IS', - \STREAM_NOTIFY_REDIRECTED => 'REDIRECTED', - \STREAM_NOTIFY_PROGRESS => 'PROGRESS', - \STREAM_NOTIFY_FAILURE => 'FAILURE', - \STREAM_NOTIFY_COMPLETED => 'COMPLETED', - \STREAM_NOTIFY_RESOLVE => 'RESOLVE', - ]; - static $args = ['severity', 'message', 'message_code', 'bytes_transferred', 'bytes_max']; - - $value = Utils::debugResource($value); - $ident = $request->getMethod() . ' ' . $request->getUri()->withFragment(''); - self::addNotification( - $params, - static function (int $code, ...$passed) use ($ident, $value, $map, $args): void { - \fprintf($value, '<%s> [%s] ', $ident, $map[$code]); - foreach (\array_filter($passed) as $i => $v) { - \fwrite($value, $args[$i] . ': "' . $v . '" '); - } - \fwrite($value, "\n"); - } - ); - } - - private static function addNotification(array &$params, callable $notify): void - { - // Wrap the existing function if needed. - if (!isset($params['notification'])) { - $params['notification'] = $notify; - } else { - $params['notification'] = self::callArray([ - $params['notification'], - $notify - ]); - } - } - - private static function callArray(array $functions): callable - { - return static function (...$args) use ($functions) { - foreach ($functions as $fn) { - $fn(...$args); - } - }; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/HandlerStack.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/HandlerStack.php deleted file mode 100644 index e0a1d119..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/HandlerStack.php +++ /dev/null @@ -1,275 +0,0 @@ -push(Middleware::httpErrors(), 'http_errors'); - $stack->push(Middleware::redirect(), 'allow_redirects'); - $stack->push(Middleware::cookies(), 'cookies'); - $stack->push(Middleware::prepareBody(), 'prepare_body'); - - return $stack; - } - - /** - * @param (callable(RequestInterface, array): PromiseInterface)|null $handler Underlying HTTP handler. - */ - public function __construct(callable $handler = null) - { - $this->handler = $handler; - } - - /** - * Invokes the handler stack as a composed handler - * - * @return ResponseInterface|PromiseInterface - */ - public function __invoke(RequestInterface $request, array $options) - { - $handler = $this->resolve(); - - return $handler($request, $options); - } - - /** - * Dumps a string representation of the stack. - * - * @return string - */ - public function __toString() - { - $depth = 0; - $stack = []; - - if ($this->handler !== null) { - $stack[] = "0) Handler: " . $this->debugCallable($this->handler); - } - - $result = ''; - foreach (\array_reverse($this->stack) as $tuple) { - $depth++; - $str = "{$depth}) Name: '{$tuple[1]}', "; - $str .= "Function: " . $this->debugCallable($tuple[0]); - $result = "> {$str}\n{$result}"; - $stack[] = $str; - } - - foreach (\array_keys($stack) as $k) { - $result .= "< {$stack[$k]}\n"; - } - - return $result; - } - - /** - * Set the HTTP handler that actually returns a promise. - * - * @param callable(RequestInterface, array): PromiseInterface $handler Accepts a request and array of options and - * returns a Promise. - */ - public function setHandler(callable $handler): void - { - $this->handler = $handler; - $this->cached = null; - } - - /** - * Returns true if the builder has a handler. - */ - public function hasHandler(): bool - { - return $this->handler !== null ; - } - - /** - * Unshift a middleware to the bottom of the stack. - * - * @param callable(callable): callable $middleware Middleware function - * @param string $name Name to register for this middleware. - */ - public function unshift(callable $middleware, ?string $name = null): void - { - \array_unshift($this->stack, [$middleware, $name]); - $this->cached = null; - } - - /** - * Push a middleware to the top of the stack. - * - * @param callable(callable): callable $middleware Middleware function - * @param string $name Name to register for this middleware. - */ - public function push(callable $middleware, string $name = ''): void - { - $this->stack[] = [$middleware, $name]; - $this->cached = null; - } - - /** - * Add a middleware before another middleware by name. - * - * @param string $findName Middleware to find - * @param callable(callable): callable $middleware Middleware function - * @param string $withName Name to register for this middleware. - */ - public function before(string $findName, callable $middleware, string $withName = ''): void - { - $this->splice($findName, $withName, $middleware, true); - } - - /** - * Add a middleware after another middleware by name. - * - * @param string $findName Middleware to find - * @param callable(callable): callable $middleware Middleware function - * @param string $withName Name to register for this middleware. - */ - public function after(string $findName, callable $middleware, string $withName = ''): void - { - $this->splice($findName, $withName, $middleware, false); - } - - /** - * Remove a middleware by instance or name from the stack. - * - * @param callable|string $remove Middleware to remove by instance or name. - */ - public function remove($remove): void - { - if (!is_string($remove) && !is_callable($remove)) { - trigger_deprecation('guzzlehttp/guzzle', '7.4', 'Not passing a callable or string to %s::%s() is deprecated and will cause an error in 8.0.', __CLASS__, __FUNCTION__); - } - - $this->cached = null; - $idx = \is_callable($remove) ? 0 : 1; - $this->stack = \array_values(\array_filter( - $this->stack, - static function ($tuple) use ($idx, $remove) { - return $tuple[$idx] !== $remove; - } - )); - } - - /** - * Compose the middleware and handler into a single callable function. - * - * @return callable(RequestInterface, array): PromiseInterface - */ - public function resolve(): callable - { - if ($this->cached === null) { - if (($prev = $this->handler) === null) { - throw new \LogicException('No handler has been specified'); - } - - foreach (\array_reverse($this->stack) as $fn) { - /** @var callable(RequestInterface, array): PromiseInterface $prev */ - $prev = $fn[0]($prev); - } - - $this->cached = $prev; - } - - return $this->cached; - } - - private function findByName(string $name): int - { - foreach ($this->stack as $k => $v) { - if ($v[1] === $name) { - return $k; - } - } - - throw new \InvalidArgumentException("Middleware not found: $name"); - } - - /** - * Splices a function into the middleware list at a specific position. - */ - private function splice(string $findName, string $withName, callable $middleware, bool $before): void - { - $this->cached = null; - $idx = $this->findByName($findName); - $tuple = [$middleware, $withName]; - - if ($before) { - if ($idx === 0) { - \array_unshift($this->stack, $tuple); - } else { - $replacement = [$tuple, $this->stack[$idx]]; - \array_splice($this->stack, $idx, 1, $replacement); - } - } elseif ($idx === \count($this->stack) - 1) { - $this->stack[] = $tuple; - } else { - $replacement = [$this->stack[$idx], $tuple]; - \array_splice($this->stack, $idx, 1, $replacement); - } - } - - /** - * Provides a debug string for a given callable. - * - * @param callable|string $fn Function to write as a string. - */ - private function debugCallable($fn): string - { - if (\is_string($fn)) { - return "callable({$fn})"; - } - - if (\is_array($fn)) { - return \is_string($fn[0]) - ? "callable({$fn[0]}::{$fn[1]})" - : "callable(['" . \get_class($fn[0]) . "', '{$fn[1]}'])"; - } - - /** @var object $fn */ - return 'callable(' . \spl_object_hash($fn) . ')'; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/MessageFormatter.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/MessageFormatter.php deleted file mode 100644 index da499547..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/MessageFormatter.php +++ /dev/null @@ -1,198 +0,0 @@ ->>>>>>>\n{request}\n<<<<<<<<\n{response}\n--------\n{error}"; - public const SHORT = '[{ts}] "{method} {target} HTTP/{version}" {code}'; - - /** - * @var string Template used to format log messages - */ - private $template; - - /** - * @param string $template Log message template - */ - public function __construct(?string $template = self::CLF) - { - $this->template = $template ?: self::CLF; - } - - /** - * Returns a formatted message string. - * - * @param RequestInterface $request Request that was sent - * @param ResponseInterface|null $response Response that was received - * @param \Throwable|null $error Exception that was received - */ - public function format(RequestInterface $request, ?ResponseInterface $response = null, ?\Throwable $error = null): string - { - $cache = []; - - /** @var string */ - return \preg_replace_callback( - '/{\s*([A-Za-z_\-\.0-9]+)\s*}/', - function (array $matches) use ($request, $response, $error, &$cache) { - if (isset($cache[$matches[1]])) { - return $cache[$matches[1]]; - } - - $result = ''; - switch ($matches[1]) { - case 'request': - $result = Psr7\Message::toString($request); - break; - case 'response': - $result = $response ? Psr7\Message::toString($response) : ''; - break; - case 'req_headers': - $result = \trim($request->getMethod() - . ' ' . $request->getRequestTarget()) - . ' HTTP/' . $request->getProtocolVersion() . "\r\n" - . $this->headers($request); - break; - case 'res_headers': - $result = $response ? - \sprintf( - 'HTTP/%s %d %s', - $response->getProtocolVersion(), - $response->getStatusCode(), - $response->getReasonPhrase() - ) . "\r\n" . $this->headers($response) - : 'NULL'; - break; - case 'req_body': - $result = $request->getBody()->__toString(); - break; - case 'res_body': - if (!$response instanceof ResponseInterface) { - $result = 'NULL'; - break; - } - - $body = $response->getBody(); - - if (!$body->isSeekable()) { - $result = 'RESPONSE_NOT_LOGGEABLE'; - break; - } - - $result = $response->getBody()->__toString(); - break; - case 'ts': - case 'date_iso_8601': - $result = \gmdate('c'); - break; - case 'date_common_log': - $result = \date('d/M/Y:H:i:s O'); - break; - case 'method': - $result = $request->getMethod(); - break; - case 'version': - $result = $request->getProtocolVersion(); - break; - case 'uri': - case 'url': - $result = $request->getUri()->__toString(); - break; - case 'target': - $result = $request->getRequestTarget(); - break; - case 'req_version': - $result = $request->getProtocolVersion(); - break; - case 'res_version': - $result = $response - ? $response->getProtocolVersion() - : 'NULL'; - break; - case 'host': - $result = $request->getHeaderLine('Host'); - break; - case 'hostname': - $result = \gethostname(); - break; - case 'code': - $result = $response ? $response->getStatusCode() : 'NULL'; - break; - case 'phrase': - $result = $response ? $response->getReasonPhrase() : 'NULL'; - break; - case 'error': - $result = $error ? $error->getMessage() : 'NULL'; - break; - default: - // handle prefixed dynamic headers - if (\strpos($matches[1], 'req_header_') === 0) { - $result = $request->getHeaderLine(\substr($matches[1], 11)); - } elseif (\strpos($matches[1], 'res_header_') === 0) { - $result = $response - ? $response->getHeaderLine(\substr($matches[1], 11)) - : 'NULL'; - } - } - - $cache[$matches[1]] = $result; - return $result; - }, - $this->template - ); - } - - /** - * Get headers from message as string - */ - private function headers(MessageInterface $message): string - { - $result = ''; - foreach ($message->getHeaders() as $name => $values) { - $result .= $name . ': ' . \implode(', ', $values) . "\r\n"; - } - - return \trim($result); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Middleware.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Middleware.php deleted file mode 100644 index 7035c77f..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Middleware.php +++ /dev/null @@ -1,260 +0,0 @@ -withCookieHeader($request); - return $handler($request, $options) - ->then( - static function (ResponseInterface $response) use ($cookieJar, $request): ResponseInterface { - $cookieJar->extractCookies($request, $response); - return $response; - } - ); - }; - }; - } - - /** - * Middleware that throws exceptions for 4xx or 5xx responses when the - * "http_errors" request option is set to true. - * - * @param BodySummarizerInterface|null $bodySummarizer The body summarizer to use in exception messages. - * - * @return callable(callable): callable Returns a function that accepts the next handler. - */ - public static function httpErrors(BodySummarizerInterface $bodySummarizer = null): callable - { - return static function (callable $handler) use ($bodySummarizer): callable { - return static function ($request, array $options) use ($handler, $bodySummarizer) { - if (empty($options['http_errors'])) { - return $handler($request, $options); - } - return $handler($request, $options)->then( - static function (ResponseInterface $response) use ($request, $bodySummarizer) { - $code = $response->getStatusCode(); - if ($code < 400) { - return $response; - } - throw RequestException::create($request, $response, null, [], $bodySummarizer); - } - ); - }; - }; - } - - /** - * Middleware that pushes history data to an ArrayAccess container. - * - * @param array|\ArrayAccess $container Container to hold the history (by reference). - * - * @return callable(callable): callable Returns a function that accepts the next handler. - * - * @throws \InvalidArgumentException if container is not an array or ArrayAccess. - */ - public static function history(&$container): callable - { - if (!\is_array($container) && !$container instanceof \ArrayAccess) { - throw new \InvalidArgumentException('history container must be an array or object implementing ArrayAccess'); - } - - return static function (callable $handler) use (&$container): callable { - return static function (RequestInterface $request, array $options) use ($handler, &$container) { - return $handler($request, $options)->then( - static function ($value) use ($request, &$container, $options) { - $container[] = [ - 'request' => $request, - 'response' => $value, - 'error' => null, - 'options' => $options - ]; - return $value; - }, - static function ($reason) use ($request, &$container, $options) { - $container[] = [ - 'request' => $request, - 'response' => null, - 'error' => $reason, - 'options' => $options - ]; - return P\Create::rejectionFor($reason); - } - ); - }; - }; - } - - /** - * Middleware that invokes a callback before and after sending a request. - * - * The provided listener cannot modify or alter the response. It simply - * "taps" into the chain to be notified before returning the promise. The - * before listener accepts a request and options array, and the after - * listener accepts a request, options array, and response promise. - * - * @param callable $before Function to invoke before forwarding the request. - * @param callable $after Function invoked after forwarding. - * - * @return callable Returns a function that accepts the next handler. - */ - public static function tap(callable $before = null, callable $after = null): callable - { - return static function (callable $handler) use ($before, $after): callable { - return static function (RequestInterface $request, array $options) use ($handler, $before, $after) { - if ($before) { - $before($request, $options); - } - $response = $handler($request, $options); - if ($after) { - $after($request, $options, $response); - } - return $response; - }; - }; - } - - /** - * Middleware that handles request redirects. - * - * @return callable Returns a function that accepts the next handler. - */ - public static function redirect(): callable - { - return static function (callable $handler): RedirectMiddleware { - return new RedirectMiddleware($handler); - }; - } - - /** - * Middleware that retries requests based on the boolean result of - * invoking the provided "decider" function. - * - * If no delay function is provided, a simple implementation of exponential - * backoff will be utilized. - * - * @param callable $decider Function that accepts the number of retries, - * a request, [response], and [exception] and - * returns true if the request is to be retried. - * @param callable $delay Function that accepts the number of retries and - * returns the number of milliseconds to delay. - * - * @return callable Returns a function that accepts the next handler. - */ - public static function retry(callable $decider, callable $delay = null): callable - { - return static function (callable $handler) use ($decider, $delay): RetryMiddleware { - return new RetryMiddleware($decider, $handler, $delay); - }; - } - - /** - * Middleware that logs requests, responses, and errors using a message - * formatter. - * - * @phpstan-param \Psr\Log\LogLevel::* $logLevel Level at which to log requests. - * - * @param LoggerInterface $logger Logs messages. - * @param MessageFormatterInterface|MessageFormatter $formatter Formatter used to create message strings. - * @param string $logLevel Level at which to log requests. - * - * @return callable Returns a function that accepts the next handler. - */ - public static function log(LoggerInterface $logger, $formatter, string $logLevel = 'info'): callable - { - // To be compatible with Guzzle 7.1.x we need to allow users to pass a MessageFormatter - if (!$formatter instanceof MessageFormatter && !$formatter instanceof MessageFormatterInterface) { - throw new \LogicException(sprintf('Argument 2 to %s::log() must be of type %s', self::class, MessageFormatterInterface::class)); - } - - return static function (callable $handler) use ($logger, $formatter, $logLevel): callable { - return static function (RequestInterface $request, array $options = []) use ($handler, $logger, $formatter, $logLevel) { - return $handler($request, $options)->then( - static function ($response) use ($logger, $request, $formatter, $logLevel): ResponseInterface { - $message = $formatter->format($request, $response); - $logger->log($logLevel, $message); - return $response; - }, - static function ($reason) use ($logger, $request, $formatter): PromiseInterface { - $response = $reason instanceof RequestException ? $reason->getResponse() : null; - $message = $formatter->format($request, $response, P\Create::exceptionFor($reason)); - $logger->error($message); - return P\Create::rejectionFor($reason); - } - ); - }; - }; - } - - /** - * This middleware adds a default content-type if possible, a default - * content-length or transfer-encoding header, and the expect header. - */ - public static function prepareBody(): callable - { - return static function (callable $handler): PrepareBodyMiddleware { - return new PrepareBodyMiddleware($handler); - }; - } - - /** - * Middleware that applies a map function to the request before passing to - * the next handler. - * - * @param callable $fn Function that accepts a RequestInterface and returns - * a RequestInterface. - */ - public static function mapRequest(callable $fn): callable - { - return static function (callable $handler) use ($fn): callable { - return static function (RequestInterface $request, array $options) use ($handler, $fn) { - return $handler($fn($request), $options); - }; - }; - } - - /** - * Middleware that applies a map function to the resolved promise's - * response. - * - * @param callable $fn Function that accepts a ResponseInterface and - * returns a ResponseInterface. - */ - public static function mapResponse(callable $fn): callable - { - return static function (callable $handler) use ($fn): callable { - return static function (RequestInterface $request, array $options) use ($handler, $fn) { - return $handler($request, $options)->then($fn); - }; - }; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Pool.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Pool.php deleted file mode 100644 index 6277c61f..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Pool.php +++ /dev/null @@ -1,125 +0,0 @@ - $rfn) { - if ($rfn instanceof RequestInterface) { - yield $key => $client->sendAsync($rfn, $opts); - } elseif (\is_callable($rfn)) { - yield $key => $rfn($opts); - } else { - throw new \InvalidArgumentException('Each value yielded by the iterator must be a Psr7\Http\Message\RequestInterface or a callable that returns a promise that fulfills with a Psr7\Message\Http\ResponseInterface object.'); - } - } - }; - - $this->each = new EachPromise($requests(), $config); - } - - /** - * Get promise - */ - public function promise(): PromiseInterface - { - return $this->each->promise(); - } - - /** - * Sends multiple requests concurrently and returns an array of responses - * and exceptions that uses the same ordering as the provided requests. - * - * IMPORTANT: This method keeps every request and response in memory, and - * as such, is NOT recommended when sending a large number or an - * indeterminate number of requests concurrently. - * - * @param ClientInterface $client Client used to send the requests - * @param array|\Iterator $requests Requests to send concurrently. - * @param array $options Passes through the options available in - * {@see \GuzzleHttp\Pool::__construct} - * - * @return array Returns an array containing the response or an exception - * in the same order that the requests were sent. - * - * @throws \InvalidArgumentException if the event format is incorrect. - */ - public static function batch(ClientInterface $client, $requests, array $options = []): array - { - $res = []; - self::cmpCallback($options, 'fulfilled', $res); - self::cmpCallback($options, 'rejected', $res); - $pool = new static($client, $requests, $options); - $pool->promise()->wait(); - \ksort($res); - - return $res; - } - - /** - * Execute callback(s) - */ - private static function cmpCallback(array &$options, string $name, array &$results): void - { - if (!isset($options[$name])) { - $options[$name] = static function ($v, $k) use (&$results) { - $results[$k] = $v; - }; - } else { - $currentFn = $options[$name]; - $options[$name] = static function ($v, $k) use (&$results, $currentFn) { - $currentFn($v, $k); - $results[$k] = $v; - }; - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php deleted file mode 100644 index 7ca62833..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php +++ /dev/null @@ -1,104 +0,0 @@ -nextHandler = $nextHandler; - } - - public function __invoke(RequestInterface $request, array $options): PromiseInterface - { - $fn = $this->nextHandler; - - // Don't do anything if the request has no body. - if ($request->getBody()->getSize() === 0) { - return $fn($request, $options); - } - - $modify = []; - - // Add a default content-type if possible. - if (!$request->hasHeader('Content-Type')) { - if ($uri = $request->getBody()->getMetadata('uri')) { - if (is_string($uri) && $type = Psr7\MimeType::fromFilename($uri)) { - $modify['set_headers']['Content-Type'] = $type; - } - } - } - - // Add a default content-length or transfer-encoding header. - if (!$request->hasHeader('Content-Length') - && !$request->hasHeader('Transfer-Encoding') - ) { - $size = $request->getBody()->getSize(); - if ($size !== null) { - $modify['set_headers']['Content-Length'] = $size; - } else { - $modify['set_headers']['Transfer-Encoding'] = 'chunked'; - } - } - - // Add the expect header if needed. - $this->addExpectHeader($request, $options, $modify); - - return $fn(Psr7\Utils::modifyRequest($request, $modify), $options); - } - - /** - * Add expect header - */ - private function addExpectHeader(RequestInterface $request, array $options, array &$modify): void - { - // Determine if the Expect header should be used - if ($request->hasHeader('Expect')) { - return; - } - - $expect = $options['expect'] ?? null; - - // Return if disabled or if you're not using HTTP/1.1 or HTTP/2.0 - if ($expect === false || $request->getProtocolVersion() < 1.1) { - return; - } - - // The expect header is unconditionally enabled - if ($expect === true) { - $modify['set_headers']['Expect'] = '100-Continue'; - return; - } - - // By default, send the expect header when the payload is > 1mb - if ($expect === null) { - $expect = 1048576; - } - - // Always add if the body cannot be rewound, the size cannot be - // determined, or the size is greater than the cutoff threshold - $body = $request->getBody(); - $size = $body->getSize(); - - if ($size === null || $size >= (int) $expect || !$body->isSeekable()) { - $modify['set_headers']['Expect'] = '100-Continue'; - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/RedirectMiddleware.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/RedirectMiddleware.php deleted file mode 100644 index f67d448b..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/RedirectMiddleware.php +++ /dev/null @@ -1,228 +0,0 @@ - 5, - 'protocols' => ['http', 'https'], - 'strict' => false, - 'referer' => false, - 'track_redirects' => false, - ]; - - /** - * @var callable(RequestInterface, array): PromiseInterface - */ - private $nextHandler; - - /** - * @param callable(RequestInterface, array): PromiseInterface $nextHandler Next handler to invoke. - */ - public function __construct(callable $nextHandler) - { - $this->nextHandler = $nextHandler; - } - - public function __invoke(RequestInterface $request, array $options): PromiseInterface - { - $fn = $this->nextHandler; - - if (empty($options['allow_redirects'])) { - return $fn($request, $options); - } - - if ($options['allow_redirects'] === true) { - $options['allow_redirects'] = self::$defaultSettings; - } elseif (!\is_array($options['allow_redirects'])) { - throw new \InvalidArgumentException('allow_redirects must be true, false, or array'); - } else { - // Merge the default settings with the provided settings - $options['allow_redirects'] += self::$defaultSettings; - } - - if (empty($options['allow_redirects']['max'])) { - return $fn($request, $options); - } - - return $fn($request, $options) - ->then(function (ResponseInterface $response) use ($request, $options) { - return $this->checkRedirect($request, $options, $response); - }); - } - - /** - * @return ResponseInterface|PromiseInterface - */ - public function checkRedirect(RequestInterface $request, array $options, ResponseInterface $response) - { - if (\strpos((string) $response->getStatusCode(), '3') !== 0 - || !$response->hasHeader('Location') - ) { - return $response; - } - - $this->guardMax($request, $response, $options); - $nextRequest = $this->modifyRequest($request, $options, $response); - - // If authorization is handled by curl, unset it if URI is cross-origin. - if (Psr7\UriComparator::isCrossOrigin($request->getUri(), $nextRequest->getUri()) && defined('\CURLOPT_HTTPAUTH')) { - unset( - $options['curl'][\CURLOPT_HTTPAUTH], - $options['curl'][\CURLOPT_USERPWD] - ); - } - - if (isset($options['allow_redirects']['on_redirect'])) { - ($options['allow_redirects']['on_redirect'])( - $request, - $response, - $nextRequest->getUri() - ); - } - - $promise = $this($nextRequest, $options); - - // Add headers to be able to track history of redirects. - if (!empty($options['allow_redirects']['track_redirects'])) { - return $this->withTracking( - $promise, - (string) $nextRequest->getUri(), - $response->getStatusCode() - ); - } - - return $promise; - } - - /** - * Enable tracking on promise. - */ - private function withTracking(PromiseInterface $promise, string $uri, int $statusCode): PromiseInterface - { - return $promise->then( - static function (ResponseInterface $response) use ($uri, $statusCode) { - // Note that we are pushing to the front of the list as this - // would be an earlier response than what is currently present - // in the history header. - $historyHeader = $response->getHeader(self::HISTORY_HEADER); - $statusHeader = $response->getHeader(self::STATUS_HISTORY_HEADER); - \array_unshift($historyHeader, $uri); - \array_unshift($statusHeader, (string) $statusCode); - - return $response->withHeader(self::HISTORY_HEADER, $historyHeader) - ->withHeader(self::STATUS_HISTORY_HEADER, $statusHeader); - } - ); - } - - /** - * Check for too many redirects. - * - * @throws TooManyRedirectsException Too many redirects. - */ - private function guardMax(RequestInterface $request, ResponseInterface $response, array &$options): void - { - $current = $options['__redirect_count'] - ?? 0; - $options['__redirect_count'] = $current + 1; - $max = $options['allow_redirects']['max']; - - if ($options['__redirect_count'] > $max) { - throw new TooManyRedirectsException("Will not follow more than {$max} redirects", $request, $response); - } - } - - public function modifyRequest(RequestInterface $request, array $options, ResponseInterface $response): RequestInterface - { - // Request modifications to apply. - $modify = []; - $protocols = $options['allow_redirects']['protocols']; - - // Use a GET request if this is an entity enclosing request and we are - // not forcing RFC compliance, but rather emulating what all browsers - // would do. - $statusCode = $response->getStatusCode(); - if ($statusCode == 303 || - ($statusCode <= 302 && !$options['allow_redirects']['strict']) - ) { - $safeMethods = ['GET', 'HEAD', 'OPTIONS']; - $requestMethod = $request->getMethod(); - - $modify['method'] = in_array($requestMethod, $safeMethods) ? $requestMethod : 'GET'; - $modify['body'] = ''; - } - - $uri = self::redirectUri($request, $response, $protocols); - if (isset($options['idn_conversion']) && ($options['idn_conversion'] !== false)) { - $idnOptions = ($options['idn_conversion'] === true) ? \IDNA_DEFAULT : $options['idn_conversion']; - $uri = Utils::idnUriConvert($uri, $idnOptions); - } - - $modify['uri'] = $uri; - Psr7\Message::rewindBody($request); - - // Add the Referer header if it is told to do so and only - // add the header if we are not redirecting from https to http. - if ($options['allow_redirects']['referer'] - && $modify['uri']->getScheme() === $request->getUri()->getScheme() - ) { - $uri = $request->getUri()->withUserInfo(''); - $modify['set_headers']['Referer'] = (string) $uri; - } else { - $modify['remove_headers'][] = 'Referer'; - } - - // Remove Authorization and Cookie headers if URI is cross-origin. - if (Psr7\UriComparator::isCrossOrigin($request->getUri(), $modify['uri'])) { - $modify['remove_headers'][] = 'Authorization'; - $modify['remove_headers'][] = 'Cookie'; - } - - return Psr7\Utils::modifyRequest($request, $modify); - } - - /** - * Set the appropriate URL on the request based on the location header. - */ - private static function redirectUri( - RequestInterface $request, - ResponseInterface $response, - array $protocols - ): UriInterface { - $location = Psr7\UriResolver::resolve( - $request->getUri(), - new Psr7\Uri($response->getHeaderLine('Location')) - ); - - // Ensure that the redirect URI is allowed based on the protocols. - if (!\in_array($location->getScheme(), $protocols)) { - throw new BadResponseException(\sprintf('Redirect URI, %s, does not use one of the allowed redirect protocols: %s', $location, \implode(', ', $protocols)), $request, $response); - } - - return $location; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/RequestOptions.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/RequestOptions.php deleted file mode 100644 index 20b31bc2..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/RequestOptions.php +++ /dev/null @@ -1,264 +0,0 @@ -decider = $decider; - $this->nextHandler = $nextHandler; - $this->delay = $delay ?: __CLASS__ . '::exponentialDelay'; - } - - /** - * Default exponential backoff delay function. - * - * @return int milliseconds. - */ - public static function exponentialDelay(int $retries): int - { - return (int) \pow(2, $retries - 1) * 1000; - } - - public function __invoke(RequestInterface $request, array $options): PromiseInterface - { - if (!isset($options['retries'])) { - $options['retries'] = 0; - } - - $fn = $this->nextHandler; - return $fn($request, $options) - ->then( - $this->onFulfilled($request, $options), - $this->onRejected($request, $options) - ); - } - - /** - * Execute fulfilled closure - */ - private function onFulfilled(RequestInterface $request, array $options): callable - { - return function ($value) use ($request, $options) { - if (!($this->decider)( - $options['retries'], - $request, - $value, - null - )) { - return $value; - } - return $this->doRetry($request, $options, $value); - }; - } - - /** - * Execute rejected closure - */ - private function onRejected(RequestInterface $req, array $options): callable - { - return function ($reason) use ($req, $options) { - if (!($this->decider)( - $options['retries'], - $req, - null, - $reason - )) { - return P\Create::rejectionFor($reason); - } - return $this->doRetry($req, $options); - }; - } - - private function doRetry(RequestInterface $request, array $options, ResponseInterface $response = null): PromiseInterface - { - $options['delay'] = ($this->delay)(++$options['retries'], $response, $request); - - return $this($request, $options); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/TransferStats.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/TransferStats.php deleted file mode 100644 index 93fa334c..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/TransferStats.php +++ /dev/null @@ -1,133 +0,0 @@ -request = $request; - $this->response = $response; - $this->transferTime = $transferTime; - $this->handlerErrorData = $handlerErrorData; - $this->handlerStats = $handlerStats; - } - - public function getRequest(): RequestInterface - { - return $this->request; - } - - /** - * Returns the response that was received (if any). - */ - public function getResponse(): ?ResponseInterface - { - return $this->response; - } - - /** - * Returns true if a response was received. - */ - public function hasResponse(): bool - { - return $this->response !== null; - } - - /** - * Gets handler specific error data. - * - * This might be an exception, a integer representing an error code, or - * anything else. Relying on this value assumes that you know what handler - * you are using. - * - * @return mixed - */ - public function getHandlerErrorData() - { - return $this->handlerErrorData; - } - - /** - * Get the effective URI the request was sent to. - */ - public function getEffectiveUri(): UriInterface - { - return $this->request->getUri(); - } - - /** - * Get the estimated time the request was being transferred by the handler. - * - * @return float|null Time in seconds. - */ - public function getTransferTime(): ?float - { - return $this->transferTime; - } - - /** - * Gets an array of all of the handler specific transfer data. - */ - public function getHandlerStats(): array - { - return $this->handlerStats; - } - - /** - * Get a specific handler statistic from the handler by name. - * - * @param string $stat Handler specific transfer stat to retrieve. - * - * @return mixed|null - */ - public function getHandlerStat(string $stat) - { - return $this->handlerStats[$stat] ?? null; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/Utils.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/Utils.php deleted file mode 100644 index e355f321..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/Utils.php +++ /dev/null @@ -1,385 +0,0 @@ -getHost()) { - $asciiHost = self::idnToAsci($uri->getHost(), $options, $info); - if ($asciiHost === false) { - $errorBitSet = $info['errors'] ?? 0; - - $errorConstants = array_filter(array_keys(get_defined_constants()), static function (string $name): bool { - return substr($name, 0, 11) === 'IDNA_ERROR_'; - }); - - $errors = []; - foreach ($errorConstants as $errorConstant) { - if ($errorBitSet & constant($errorConstant)) { - $errors[] = $errorConstant; - } - } - - $errorMessage = 'IDN conversion failed'; - if ($errors) { - $errorMessage .= ' (errors: ' . implode(', ', $errors) . ')'; - } - - throw new InvalidArgumentException($errorMessage); - } - if ($uri->getHost() !== $asciiHost) { - // Replace URI only if the ASCII version is different - $uri = $uri->withHost($asciiHost); - } - } - - return $uri; - } - - /** - * @internal - */ - public static function getenv(string $name): ?string - { - if (isset($_SERVER[$name])) { - return (string) $_SERVER[$name]; - } - - if (\PHP_SAPI === 'cli' && ($value = \getenv($name)) !== false && $value !== null) { - return (string) $value; - } - - return null; - } - - /** - * @return string|false - */ - private static function idnToAsci(string $domain, int $options, ?array &$info = []) - { - if (\function_exists('idn_to_ascii') && \defined('INTL_IDNA_VARIANT_UTS46')) { - return \idn_to_ascii($domain, $options, \INTL_IDNA_VARIANT_UTS46, $info); - } - - throw new \Error('ext-idn or symfony/polyfill-intl-idn not loaded or too old'); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/guzzle/src/functions.php b/plugins/auth/vendor/guzzlehttp/guzzle/src/functions.php deleted file mode 100644 index a70d2cbf..00000000 --- a/plugins/auth/vendor/guzzlehttp/guzzle/src/functions.php +++ /dev/null @@ -1,167 +0,0 @@ - -Copyright (c) 2015 Graham Campbell -Copyright (c) 2017 Tobias Schultze -Copyright (c) 2020 Tobias Nyholm - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/plugins/auth/vendor/guzzlehttp/promises/README.md b/plugins/auth/vendor/guzzlehttp/promises/README.md deleted file mode 100644 index 1ea667ab..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/README.md +++ /dev/null @@ -1,546 +0,0 @@ -# Guzzle Promises - -[Promises/A+](https://promisesaplus.com/) implementation that handles promise -chaining and resolution iteratively, allowing for "infinite" promise chaining -while keeping the stack size constant. Read [this blog post](https://blog.domenic.me/youre-missing-the-point-of-promises/) -for a general introduction to promises. - -- [Features](#features) -- [Quick start](#quick-start) -- [Synchronous wait](#synchronous-wait) -- [Cancellation](#cancellation) -- [API](#api) - - [Promise](#promise) - - [FulfilledPromise](#fulfilledpromise) - - [RejectedPromise](#rejectedpromise) -- [Promise interop](#promise-interop) -- [Implementation notes](#implementation-notes) - - -## Features - -- [Promises/A+](https://promisesaplus.com/) implementation. -- Promise resolution and chaining is handled iteratively, allowing for - "infinite" promise chaining. -- Promises have a synchronous `wait` method. -- Promises can be cancelled. -- Works with any object that has a `then` function. -- C# style async/await coroutine promises using - `GuzzleHttp\Promise\Coroutine::of()`. - - -## Quick Start - -A *promise* represents the eventual result of an asynchronous operation. The -primary way of interacting with a promise is through its `then` method, which -registers callbacks to receive either a promise's eventual value or the reason -why the promise cannot be fulfilled. - -### Callbacks - -Callbacks are registered with the `then` method by providing an optional -`$onFulfilled` followed by an optional `$onRejected` function. - - -```php -use GuzzleHttp\Promise\Promise; - -$promise = new Promise(); -$promise->then( - // $onFulfilled - function ($value) { - echo 'The promise was fulfilled.'; - }, - // $onRejected - function ($reason) { - echo 'The promise was rejected.'; - } -); -``` - -*Resolving* a promise means that you either fulfill a promise with a *value* or -reject a promise with a *reason*. Resolving a promise triggers callbacks -registered with the promise's `then` method. These callbacks are triggered -only once and in the order in which they were added. - -### Resolving a Promise - -Promises are fulfilled using the `resolve($value)` method. Resolving a promise -with any value other than a `GuzzleHttp\Promise\RejectedPromise` will trigger -all of the onFulfilled callbacks (resolving a promise with a rejected promise -will reject the promise and trigger the `$onRejected` callbacks). - -```php -use GuzzleHttp\Promise\Promise; - -$promise = new Promise(); -$promise - ->then(function ($value) { - // Return a value and don't break the chain - return "Hello, " . $value; - }) - // This then is executed after the first then and receives the value - // returned from the first then. - ->then(function ($value) { - echo $value; - }); - -// Resolving the promise triggers the $onFulfilled callbacks and outputs -// "Hello, reader." -$promise->resolve('reader.'); -``` - -### Promise Forwarding - -Promises can be chained one after the other. Each then in the chain is a new -promise. The return value of a promise is what's forwarded to the next -promise in the chain. Returning a promise in a `then` callback will cause the -subsequent promises in the chain to only be fulfilled when the returned promise -has been fulfilled. The next promise in the chain will be invoked with the -resolved value of the promise. - -```php -use GuzzleHttp\Promise\Promise; - -$promise = new Promise(); -$nextPromise = new Promise(); - -$promise - ->then(function ($value) use ($nextPromise) { - echo $value; - return $nextPromise; - }) - ->then(function ($value) { - echo $value; - }); - -// Triggers the first callback and outputs "A" -$promise->resolve('A'); -// Triggers the second callback and outputs "B" -$nextPromise->resolve('B'); -``` - -### Promise Rejection - -When a promise is rejected, the `$onRejected` callbacks are invoked with the -rejection reason. - -```php -use GuzzleHttp\Promise\Promise; - -$promise = new Promise(); -$promise->then(null, function ($reason) { - echo $reason; -}); - -$promise->reject('Error!'); -// Outputs "Error!" -``` - -### Rejection Forwarding - -If an exception is thrown in an `$onRejected` callback, subsequent -`$onRejected` callbacks are invoked with the thrown exception as the reason. - -```php -use GuzzleHttp\Promise\Promise; - -$promise = new Promise(); -$promise->then(null, function ($reason) { - throw new Exception($reason); -})->then(null, function ($reason) { - assert($reason->getMessage() === 'Error!'); -}); - -$promise->reject('Error!'); -``` - -You can also forward a rejection down the promise chain by returning a -`GuzzleHttp\Promise\RejectedPromise` in either an `$onFulfilled` or -`$onRejected` callback. - -```php -use GuzzleHttp\Promise\Promise; -use GuzzleHttp\Promise\RejectedPromise; - -$promise = new Promise(); -$promise->then(null, function ($reason) { - return new RejectedPromise($reason); -})->then(null, function ($reason) { - assert($reason === 'Error!'); -}); - -$promise->reject('Error!'); -``` - -If an exception is not thrown in a `$onRejected` callback and the callback -does not return a rejected promise, downstream `$onFulfilled` callbacks are -invoked using the value returned from the `$onRejected` callback. - -```php -use GuzzleHttp\Promise\Promise; - -$promise = new Promise(); -$promise - ->then(null, function ($reason) { - return "It's ok"; - }) - ->then(function ($value) { - assert($value === "It's ok"); - }); - -$promise->reject('Error!'); -``` - - -## Synchronous Wait - -You can synchronously force promises to complete using a promise's `wait` -method. When creating a promise, you can provide a wait function that is used -to synchronously force a promise to complete. When a wait function is invoked -it is expected to deliver a value to the promise or reject the promise. If the -wait function does not deliver a value, then an exception is thrown. The wait -function provided to a promise constructor is invoked when the `wait` function -of the promise is called. - -```php -$promise = new Promise(function () use (&$promise) { - $promise->resolve('foo'); -}); - -// Calling wait will return the value of the promise. -echo $promise->wait(); // outputs "foo" -``` - -If an exception is encountered while invoking the wait function of a promise, -the promise is rejected with the exception and the exception is thrown. - -```php -$promise = new Promise(function () use (&$promise) { - throw new Exception('foo'); -}); - -$promise->wait(); // throws the exception. -``` - -Calling `wait` on a promise that has been fulfilled will not trigger the wait -function. It will simply return the previously resolved value. - -```php -$promise = new Promise(function () { die('this is not called!'); }); -$promise->resolve('foo'); -echo $promise->wait(); // outputs "foo" -``` - -Calling `wait` on a promise that has been rejected will throw an exception. If -the rejection reason is an instance of `\Exception` the reason is thrown. -Otherwise, a `GuzzleHttp\Promise\RejectionException` is thrown and the reason -can be obtained by calling the `getReason` method of the exception. - -```php -$promise = new Promise(); -$promise->reject('foo'); -$promise->wait(); -``` - -> PHP Fatal error: Uncaught exception 'GuzzleHttp\Promise\RejectionException' with message 'The promise was rejected with value: foo' - -### Unwrapping a Promise - -When synchronously waiting on a promise, you are joining the state of the -promise into the current state of execution (i.e., return the value of the -promise if it was fulfilled or throw an exception if it was rejected). This is -called "unwrapping" the promise. Waiting on a promise will by default unwrap -the promise state. - -You can force a promise to resolve and *not* unwrap the state of the promise -by passing `false` to the first argument of the `wait` function: - -```php -$promise = new Promise(); -$promise->reject('foo'); -// This will not throw an exception. It simply ensures the promise has -// been resolved. -$promise->wait(false); -``` - -When unwrapping a promise, the resolved value of the promise will be waited -upon until the unwrapped value is not a promise. This means that if you resolve -promise A with a promise B and unwrap promise A, the value returned by the -wait function will be the value delivered to promise B. - -**Note**: when you do not unwrap the promise, no value is returned. - - -## Cancellation - -You can cancel a promise that has not yet been fulfilled using the `cancel()` -method of a promise. When creating a promise you can provide an optional -cancel function that when invoked cancels the action of computing a resolution -of the promise. - - -## API - -### Promise - -When creating a promise object, you can provide an optional `$waitFn` and -`$cancelFn`. `$waitFn` is a function that is invoked with no arguments and is -expected to resolve the promise. `$cancelFn` is a function with no arguments -that is expected to cancel the computation of a promise. It is invoked when the -`cancel()` method of a promise is called. - -```php -use GuzzleHttp\Promise\Promise; - -$promise = new Promise( - function () use (&$promise) { - $promise->resolve('waited'); - }, - function () { - // do something that will cancel the promise computation (e.g., close - // a socket, cancel a database query, etc...) - } -); - -assert('waited' === $promise->wait()); -``` - -A promise has the following methods: - -- `then(callable $onFulfilled, callable $onRejected) : PromiseInterface` - - Appends fulfillment and rejection handlers to the promise, and returns a new promise resolving to the return value of the called handler. - -- `otherwise(callable $onRejected) : PromiseInterface` - - Appends a rejection handler callback to the promise, and returns a new promise resolving to the return value of the callback if it is called, or to its original fulfillment value if the promise is instead fulfilled. - -- `wait($unwrap = true) : mixed` - - Synchronously waits on the promise to complete. - - `$unwrap` controls whether or not the value of the promise is returned for a - fulfilled promise or if an exception is thrown if the promise is rejected. - This is set to `true` by default. - -- `cancel()` - - Attempts to cancel the promise if possible. The promise being cancelled and - the parent most ancestor that has not yet been resolved will also be - cancelled. Any promises waiting on the cancelled promise to resolve will also - be cancelled. - -- `getState() : string` - - Returns the state of the promise. One of `pending`, `fulfilled`, or - `rejected`. - -- `resolve($value)` - - Fulfills the promise with the given `$value`. - -- `reject($reason)` - - Rejects the promise with the given `$reason`. - - -### FulfilledPromise - -A fulfilled promise can be created to represent a promise that has been -fulfilled. - -```php -use GuzzleHttp\Promise\FulfilledPromise; - -$promise = new FulfilledPromise('value'); - -// Fulfilled callbacks are immediately invoked. -$promise->then(function ($value) { - echo $value; -}); -``` - - -### RejectedPromise - -A rejected promise can be created to represent a promise that has been -rejected. - -```php -use GuzzleHttp\Promise\RejectedPromise; - -$promise = new RejectedPromise('Error'); - -// Rejected callbacks are immediately invoked. -$promise->then(null, function ($reason) { - echo $reason; -}); -``` - - -## Promise Interoperability - -This library works with foreign promises that have a `then` method. This means -you can use Guzzle promises with [React promises](https://github.com/reactphp/promise) -for example. When a foreign promise is returned inside of a then method -callback, promise resolution will occur recursively. - -```php -// Create a React promise -$deferred = new React\Promise\Deferred(); -$reactPromise = $deferred->promise(); - -// Create a Guzzle promise that is fulfilled with a React promise. -$guzzlePromise = new GuzzleHttp\Promise\Promise(); -$guzzlePromise->then(function ($value) use ($reactPromise) { - // Do something something with the value... - // Return the React promise - return $reactPromise; -}); -``` - -Please note that wait and cancel chaining is no longer possible when forwarding -a foreign promise. You will need to wrap a third-party promise with a Guzzle -promise in order to utilize wait and cancel functions with foreign promises. - - -### Event Loop Integration - -In order to keep the stack size constant, Guzzle promises are resolved -asynchronously using a task queue. When waiting on promises synchronously, the -task queue will be automatically run to ensure that the blocking promise and -any forwarded promises are resolved. When using promises asynchronously in an -event loop, you will need to run the task queue on each tick of the loop. If -you do not run the task queue, then promises will not be resolved. - -You can run the task queue using the `run()` method of the global task queue -instance. - -```php -// Get the global task queue -$queue = GuzzleHttp\Promise\Utils::queue(); -$queue->run(); -``` - -For example, you could use Guzzle promises with React using a periodic timer: - -```php -$loop = React\EventLoop\Factory::create(); -$loop->addPeriodicTimer(0, [$queue, 'run']); -``` - -*TODO*: Perhaps adding a `futureTick()` on each tick would be faster? - - -## Implementation Notes - -### Promise Resolution and Chaining is Handled Iteratively - -By shuffling pending handlers from one owner to another, promises are -resolved iteratively, allowing for "infinite" then chaining. - -```php -then(function ($v) { - // The stack size remains constant (a good thing) - echo xdebug_get_stack_depth() . ', '; - return $v + 1; - }); -} - -$parent->resolve(0); -var_dump($p->wait()); // int(1000) - -``` - -When a promise is fulfilled or rejected with a non-promise value, the promise -then takes ownership of the handlers of each child promise and delivers values -down the chain without using recursion. - -When a promise is resolved with another promise, the original promise transfers -all of its pending handlers to the new promise. When the new promise is -eventually resolved, all of the pending handlers are delivered the forwarded -value. - -### A Promise is the Deferred - -Some promise libraries implement promises using a deferred object to represent -a computation and a promise object to represent the delivery of the result of -the computation. This is a nice separation of computation and delivery because -consumers of the promise cannot modify the value that will be eventually -delivered. - -One side effect of being able to implement promise resolution and chaining -iteratively is that you need to be able for one promise to reach into the state -of another promise to shuffle around ownership of handlers. In order to achieve -this without making the handlers of a promise publicly mutable, a promise is -also the deferred value, allowing promises of the same parent class to reach -into and modify the private properties of promises of the same type. While this -does allow consumers of the value to modify the resolution or rejection of the -deferred, it is a small price to pay for keeping the stack size constant. - -```php -$promise = new Promise(); -$promise->then(function ($value) { echo $value; }); -// The promise is the deferred value, so you can deliver a value to it. -$promise->resolve('foo'); -// prints "foo" -``` - - -## Upgrading from Function API - -A static API was first introduced in 1.4.0, in order to mitigate problems with -functions conflicting between global and local copies of the package. The -function API will be removed in 2.0.0. A migration table has been provided here -for your convenience: - -| Original Function | Replacement Method | -|----------------|----------------| -| `queue` | `Utils::queue` | -| `task` | `Utils::task` | -| `promise_for` | `Create::promiseFor` | -| `rejection_for` | `Create::rejectionFor` | -| `exception_for` | `Create::exceptionFor` | -| `iter_for` | `Create::iterFor` | -| `inspect` | `Utils::inspect` | -| `inspect_all` | `Utils::inspectAll` | -| `unwrap` | `Utils::unwrap` | -| `all` | `Utils::all` | -| `some` | `Utils::some` | -| `any` | `Utils::any` | -| `settle` | `Utils::settle` | -| `each` | `Each::of` | -| `each_limit` | `Each::ofLimit` | -| `each_limit_all` | `Each::ofLimitAll` | -| `!is_fulfilled` | `Is::pending` | -| `is_fulfilled` | `Is::fulfilled` | -| `is_rejected` | `Is::rejected` | -| `is_settled` | `Is::settled` | -| `coroutine` | `Coroutine::of` | - - -## Security - -If you discover a security vulnerability within this package, please send an email to security@tidelift.com. All security vulnerabilities will be promptly addressed. Please do not disclose security-related issues publicly until a fix has been announced. Please see [Security Policy](https://github.com/guzzle/promises/security/policy) for more information. - - -## License - -Guzzle is made available under the MIT License (MIT). Please see [License File](LICENSE) for more information. - - -## For Enterprise - -Available as part of the Tidelift Subscription - -The maintainers of Guzzle and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. [Learn more.](https://tidelift.com/subscription/pkg/packagist-guzzlehttp-promises?utm_source=packagist-guzzlehttp-promises&utm_medium=referral&utm_campaign=enterprise&utm_term=repo) diff --git a/plugins/auth/vendor/guzzlehttp/promises/composer.json b/plugins/auth/vendor/guzzlehttp/promises/composer.json deleted file mode 100644 index c959fb32..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/composer.json +++ /dev/null @@ -1,58 +0,0 @@ -{ - "name": "guzzlehttp/promises", - "description": "Guzzle promises library", - "keywords": ["promise"], - "license": "MIT", - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Michael Dowling", - "email": "mtdowling@gmail.com", - "homepage": "https://github.com/mtdowling" - }, - { - "name": "Tobias Nyholm", - "email": "tobias.nyholm@gmail.com", - "homepage": "https://github.com/Nyholm" - }, - { - "name": "Tobias Schultze", - "email": "webmaster@tubo-world.de", - "homepage": "https://github.com/Tobion" - } - ], - "require": { - "php": ">=5.5" - }, - "require-dev": { - "symfony/phpunit-bridge": "^4.4 || ^5.1" - }, - "autoload": { - "psr-4": { - "GuzzleHttp\\Promise\\": "src/" - }, - "files": ["src/functions_include.php"] - }, - "autoload-dev": { - "psr-4": { - "GuzzleHttp\\Promise\\Tests\\": "tests/" - } - }, - "scripts": { - "test": "vendor/bin/simple-phpunit", - "test-ci": "vendor/bin/simple-phpunit --coverage-text" - }, - "extra": { - "branch-alias": { - "dev-master": "1.5-dev" - } - }, - "config": { - "preferred-install": "dist", - "sort-packages": true - } -} diff --git a/plugins/auth/vendor/guzzlehttp/promises/src/AggregateException.php b/plugins/auth/vendor/guzzlehttp/promises/src/AggregateException.php deleted file mode 100644 index d2b5712b..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/src/AggregateException.php +++ /dev/null @@ -1,17 +0,0 @@ -then(function ($v) { echo $v; }); - * - * @param callable $generatorFn Generator function to wrap into a promise. - * - * @return Promise - * - * @link https://github.com/petkaantonov/bluebird/blob/master/API.md#generators inspiration - */ -final class Coroutine implements PromiseInterface -{ - /** - * @var PromiseInterface|null - */ - private $currentPromise; - - /** - * @var Generator - */ - private $generator; - - /** - * @var Promise - */ - private $result; - - public function __construct(callable $generatorFn) - { - $this->generator = $generatorFn(); - $this->result = new Promise(function () { - while (isset($this->currentPromise)) { - $this->currentPromise->wait(); - } - }); - try { - $this->nextCoroutine($this->generator->current()); - } catch (\Exception $exception) { - $this->result->reject($exception); - } catch (Throwable $throwable) { - $this->result->reject($throwable); - } - } - - /** - * Create a new coroutine. - * - * @return self - */ - public static function of(callable $generatorFn) - { - return new self($generatorFn); - } - - public function then( - callable $onFulfilled = null, - callable $onRejected = null - ) { - return $this->result->then($onFulfilled, $onRejected); - } - - public function otherwise(callable $onRejected) - { - return $this->result->otherwise($onRejected); - } - - public function wait($unwrap = true) - { - return $this->result->wait($unwrap); - } - - public function getState() - { - return $this->result->getState(); - } - - public function resolve($value) - { - $this->result->resolve($value); - } - - public function reject($reason) - { - $this->result->reject($reason); - } - - public function cancel() - { - $this->currentPromise->cancel(); - $this->result->cancel(); - } - - private function nextCoroutine($yielded) - { - $this->currentPromise = Create::promiseFor($yielded) - ->then([$this, '_handleSuccess'], [$this, '_handleFailure']); - } - - /** - * @internal - */ - public function _handleSuccess($value) - { - unset($this->currentPromise); - try { - $next = $this->generator->send($value); - if ($this->generator->valid()) { - $this->nextCoroutine($next); - } else { - $this->result->resolve($value); - } - } catch (Exception $exception) { - $this->result->reject($exception); - } catch (Throwable $throwable) { - $this->result->reject($throwable); - } - } - - /** - * @internal - */ - public function _handleFailure($reason) - { - unset($this->currentPromise); - try { - $nextYield = $this->generator->throw(Create::exceptionFor($reason)); - // The throw was caught, so keep iterating on the coroutine - $this->nextCoroutine($nextYield); - } catch (Exception $exception) { - $this->result->reject($exception); - } catch (Throwable $throwable) { - $this->result->reject($throwable); - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/promises/src/EachPromise.php b/plugins/auth/vendor/guzzlehttp/promises/src/EachPromise.php deleted file mode 100644 index 280d7995..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/src/EachPromise.php +++ /dev/null @@ -1,247 +0,0 @@ -iterable = Create::iterFor($iterable); - - if (isset($config['concurrency'])) { - $this->concurrency = $config['concurrency']; - } - - if (isset($config['fulfilled'])) { - $this->onFulfilled = $config['fulfilled']; - } - - if (isset($config['rejected'])) { - $this->onRejected = $config['rejected']; - } - } - - /** @psalm-suppress InvalidNullableReturnType */ - public function promise() - { - if ($this->aggregate) { - return $this->aggregate; - } - - try { - $this->createPromise(); - /** @psalm-assert Promise $this->aggregate */ - $this->iterable->rewind(); - $this->refillPending(); - } catch (\Throwable $e) { - $this->aggregate->reject($e); - } catch (\Exception $e) { - $this->aggregate->reject($e); - } - - /** - * @psalm-suppress NullableReturnStatement - * @phpstan-ignore-next-line - */ - return $this->aggregate; - } - - private function createPromise() - { - $this->mutex = false; - $this->aggregate = new Promise(function () { - if ($this->checkIfFinished()) { - return; - } - reset($this->pending); - // Consume a potentially fluctuating list of promises while - // ensuring that indexes are maintained (precluding array_shift). - while ($promise = current($this->pending)) { - next($this->pending); - $promise->wait(); - if (Is::settled($this->aggregate)) { - return; - } - } - }); - - // Clear the references when the promise is resolved. - $clearFn = function () { - $this->iterable = $this->concurrency = $this->pending = null; - $this->onFulfilled = $this->onRejected = null; - $this->nextPendingIndex = 0; - }; - - $this->aggregate->then($clearFn, $clearFn); - } - - private function refillPending() - { - if (!$this->concurrency) { - // Add all pending promises. - while ($this->addPending() && $this->advanceIterator()); - return; - } - - // Add only up to N pending promises. - $concurrency = is_callable($this->concurrency) - ? call_user_func($this->concurrency, count($this->pending)) - : $this->concurrency; - $concurrency = max($concurrency - count($this->pending), 0); - // Concurrency may be set to 0 to disallow new promises. - if (!$concurrency) { - return; - } - // Add the first pending promise. - $this->addPending(); - // Note this is special handling for concurrency=1 so that we do - // not advance the iterator after adding the first promise. This - // helps work around issues with generators that might not have the - // next value to yield until promise callbacks are called. - while (--$concurrency - && $this->advanceIterator() - && $this->addPending()); - } - - private function addPending() - { - if (!$this->iterable || !$this->iterable->valid()) { - return false; - } - - $promise = Create::promiseFor($this->iterable->current()); - $key = $this->iterable->key(); - - // Iterable keys may not be unique, so we use a counter to - // guarantee uniqueness - $idx = $this->nextPendingIndex++; - - $this->pending[$idx] = $promise->then( - function ($value) use ($idx, $key) { - if ($this->onFulfilled) { - call_user_func( - $this->onFulfilled, - $value, - $key, - $this->aggregate - ); - } - $this->step($idx); - }, - function ($reason) use ($idx, $key) { - if ($this->onRejected) { - call_user_func( - $this->onRejected, - $reason, - $key, - $this->aggregate - ); - } - $this->step($idx); - } - ); - - return true; - } - - private function advanceIterator() - { - // Place a lock on the iterator so that we ensure to not recurse, - // preventing fatal generator errors. - if ($this->mutex) { - return false; - } - - $this->mutex = true; - - try { - $this->iterable->next(); - $this->mutex = false; - return true; - } catch (\Throwable $e) { - $this->aggregate->reject($e); - $this->mutex = false; - return false; - } catch (\Exception $e) { - $this->aggregate->reject($e); - $this->mutex = false; - return false; - } - } - - private function step($idx) - { - // If the promise was already resolved, then ignore this step. - if (Is::settled($this->aggregate)) { - return; - } - - unset($this->pending[$idx]); - - // Only refill pending promises if we are not locked, preventing the - // EachPromise to recursively invoke the provided iterator, which - // cause a fatal error: "Cannot resume an already running generator" - if ($this->advanceIterator() && !$this->checkIfFinished()) { - // Add more pending promises if possible. - $this->refillPending(); - } - } - - private function checkIfFinished() - { - if (!$this->pending && !$this->iterable->valid()) { - // Resolve the promise if there's nothing left to do. - $this->aggregate->resolve(null); - return true; - } - - return false; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/promises/src/FulfilledPromise.php b/plugins/auth/vendor/guzzlehttp/promises/src/FulfilledPromise.php deleted file mode 100644 index 98f72a62..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/src/FulfilledPromise.php +++ /dev/null @@ -1,84 +0,0 @@ -value = $value; - } - - public function then( - callable $onFulfilled = null, - callable $onRejected = null - ) { - // Return itself if there is no onFulfilled function. - if (!$onFulfilled) { - return $this; - } - - $queue = Utils::queue(); - $p = new Promise([$queue, 'run']); - $value = $this->value; - $queue->add(static function () use ($p, $value, $onFulfilled) { - if (Is::pending($p)) { - try { - $p->resolve($onFulfilled($value)); - } catch (\Throwable $e) { - $p->reject($e); - } catch (\Exception $e) { - $p->reject($e); - } - } - }); - - return $p; - } - - public function otherwise(callable $onRejected) - { - return $this->then(null, $onRejected); - } - - public function wait($unwrap = true, $defaultDelivery = null) - { - return $unwrap ? $this->value : null; - } - - public function getState() - { - return self::FULFILLED; - } - - public function resolve($value) - { - if ($value !== $this->value) { - throw new \LogicException("Cannot resolve a fulfilled promise"); - } - } - - public function reject($reason) - { - throw new \LogicException("Cannot reject a fulfilled promise"); - } - - public function cancel() - { - // pass - } -} diff --git a/plugins/auth/vendor/guzzlehttp/promises/src/Promise.php b/plugins/auth/vendor/guzzlehttp/promises/src/Promise.php deleted file mode 100644 index 75939057..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/src/Promise.php +++ /dev/null @@ -1,278 +0,0 @@ -waitFn = $waitFn; - $this->cancelFn = $cancelFn; - } - - public function then( - callable $onFulfilled = null, - callable $onRejected = null - ) { - if ($this->state === self::PENDING) { - $p = new Promise(null, [$this, 'cancel']); - $this->handlers[] = [$p, $onFulfilled, $onRejected]; - $p->waitList = $this->waitList; - $p->waitList[] = $this; - return $p; - } - - // Return a fulfilled promise and immediately invoke any callbacks. - if ($this->state === self::FULFILLED) { - $promise = Create::promiseFor($this->result); - return $onFulfilled ? $promise->then($onFulfilled) : $promise; - } - - // It's either cancelled or rejected, so return a rejected promise - // and immediately invoke any callbacks. - $rejection = Create::rejectionFor($this->result); - return $onRejected ? $rejection->then(null, $onRejected) : $rejection; - } - - public function otherwise(callable $onRejected) - { - return $this->then(null, $onRejected); - } - - public function wait($unwrap = true) - { - $this->waitIfPending(); - - if ($this->result instanceof PromiseInterface) { - return $this->result->wait($unwrap); - } - if ($unwrap) { - if ($this->state === self::FULFILLED) { - return $this->result; - } - // It's rejected so "unwrap" and throw an exception. - throw Create::exceptionFor($this->result); - } - } - - public function getState() - { - return $this->state; - } - - public function cancel() - { - if ($this->state !== self::PENDING) { - return; - } - - $this->waitFn = $this->waitList = null; - - if ($this->cancelFn) { - $fn = $this->cancelFn; - $this->cancelFn = null; - try { - $fn(); - } catch (\Throwable $e) { - $this->reject($e); - } catch (\Exception $e) { - $this->reject($e); - } - } - - // Reject the promise only if it wasn't rejected in a then callback. - /** @psalm-suppress RedundantCondition */ - if ($this->state === self::PENDING) { - $this->reject(new CancellationException('Promise has been cancelled')); - } - } - - public function resolve($value) - { - $this->settle(self::FULFILLED, $value); - } - - public function reject($reason) - { - $this->settle(self::REJECTED, $reason); - } - - private function settle($state, $value) - { - if ($this->state !== self::PENDING) { - // Ignore calls with the same resolution. - if ($state === $this->state && $value === $this->result) { - return; - } - throw $this->state === $state - ? new \LogicException("The promise is already {$state}.") - : new \LogicException("Cannot change a {$this->state} promise to {$state}"); - } - - if ($value === $this) { - throw new \LogicException('Cannot fulfill or reject a promise with itself'); - } - - // Clear out the state of the promise but stash the handlers. - $this->state = $state; - $this->result = $value; - $handlers = $this->handlers; - $this->handlers = null; - $this->waitList = $this->waitFn = null; - $this->cancelFn = null; - - if (!$handlers) { - return; - } - - // If the value was not a settled promise or a thenable, then resolve - // it in the task queue using the correct ID. - if (!is_object($value) || !method_exists($value, 'then')) { - $id = $state === self::FULFILLED ? 1 : 2; - // It's a success, so resolve the handlers in the queue. - Utils::queue()->add(static function () use ($id, $value, $handlers) { - foreach ($handlers as $handler) { - self::callHandler($id, $value, $handler); - } - }); - } elseif ($value instanceof Promise && Is::pending($value)) { - // We can just merge our handlers onto the next promise. - $value->handlers = array_merge($value->handlers, $handlers); - } else { - // Resolve the handlers when the forwarded promise is resolved. - $value->then( - static function ($value) use ($handlers) { - foreach ($handlers as $handler) { - self::callHandler(1, $value, $handler); - } - }, - static function ($reason) use ($handlers) { - foreach ($handlers as $handler) { - self::callHandler(2, $reason, $handler); - } - } - ); - } - } - - /** - * Call a stack of handlers using a specific callback index and value. - * - * @param int $index 1 (resolve) or 2 (reject). - * @param mixed $value Value to pass to the callback. - * @param array $handler Array of handler data (promise and callbacks). - */ - private static function callHandler($index, $value, array $handler) - { - /** @var PromiseInterface $promise */ - $promise = $handler[0]; - - // The promise may have been cancelled or resolved before placing - // this thunk in the queue. - if (Is::settled($promise)) { - return; - } - - try { - if (isset($handler[$index])) { - /* - * If $f throws an exception, then $handler will be in the exception - * stack trace. Since $handler contains a reference to the callable - * itself we get a circular reference. We clear the $handler - * here to avoid that memory leak. - */ - $f = $handler[$index]; - unset($handler); - $promise->resolve($f($value)); - } elseif ($index === 1) { - // Forward resolution values as-is. - $promise->resolve($value); - } else { - // Forward rejections down the chain. - $promise->reject($value); - } - } catch (\Throwable $reason) { - $promise->reject($reason); - } catch (\Exception $reason) { - $promise->reject($reason); - } - } - - private function waitIfPending() - { - if ($this->state !== self::PENDING) { - return; - } elseif ($this->waitFn) { - $this->invokeWaitFn(); - } elseif ($this->waitList) { - $this->invokeWaitList(); - } else { - // If there's no wait function, then reject the promise. - $this->reject('Cannot wait on a promise that has ' - . 'no internal wait function. You must provide a wait ' - . 'function when constructing the promise to be able to ' - . 'wait on a promise.'); - } - - Utils::queue()->run(); - - /** @psalm-suppress RedundantCondition */ - if ($this->state === self::PENDING) { - $this->reject('Invoking the wait callback did not resolve the promise'); - } - } - - private function invokeWaitFn() - { - try { - $wfn = $this->waitFn; - $this->waitFn = null; - $wfn(true); - } catch (\Exception $reason) { - if ($this->state === self::PENDING) { - // The promise has not been resolved yet, so reject the promise - // with the exception. - $this->reject($reason); - } else { - // The promise was already resolved, so there's a problem in - // the application. - throw $reason; - } - } - } - - private function invokeWaitList() - { - $waitList = $this->waitList; - $this->waitList = null; - - foreach ($waitList as $result) { - do { - $result->waitIfPending(); - $result = $result->result; - } while ($result instanceof Promise); - - if ($result instanceof PromiseInterface) { - $result->wait(false); - } - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/promises/src/PromiseInterface.php b/plugins/auth/vendor/guzzlehttp/promises/src/PromiseInterface.php deleted file mode 100644 index e5983314..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/src/PromiseInterface.php +++ /dev/null @@ -1,97 +0,0 @@ -reason = $reason; - } - - public function then( - callable $onFulfilled = null, - callable $onRejected = null - ) { - // If there's no onRejected callback then just return self. - if (!$onRejected) { - return $this; - } - - $queue = Utils::queue(); - $reason = $this->reason; - $p = new Promise([$queue, 'run']); - $queue->add(static function () use ($p, $reason, $onRejected) { - if (Is::pending($p)) { - try { - // Return a resolved promise if onRejected does not throw. - $p->resolve($onRejected($reason)); - } catch (\Throwable $e) { - // onRejected threw, so return a rejected promise. - $p->reject($e); - } catch (\Exception $e) { - // onRejected threw, so return a rejected promise. - $p->reject($e); - } - } - }); - - return $p; - } - - public function otherwise(callable $onRejected) - { - return $this->then(null, $onRejected); - } - - public function wait($unwrap = true, $defaultDelivery = null) - { - if ($unwrap) { - throw Create::exceptionFor($this->reason); - } - - return null; - } - - public function getState() - { - return self::REJECTED; - } - - public function resolve($value) - { - throw new \LogicException("Cannot resolve a rejected promise"); - } - - public function reject($reason) - { - if ($reason !== $this->reason) { - throw new \LogicException("Cannot reject a rejected promise"); - } - } - - public function cancel() - { - // pass - } -} diff --git a/plugins/auth/vendor/guzzlehttp/promises/src/RejectionException.php b/plugins/auth/vendor/guzzlehttp/promises/src/RejectionException.php deleted file mode 100644 index e2f13770..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/src/RejectionException.php +++ /dev/null @@ -1,48 +0,0 @@ -reason = $reason; - - $message = 'The promise was rejected'; - - if ($description) { - $message .= ' with reason: ' . $description; - } elseif (is_string($reason) - || (is_object($reason) && method_exists($reason, '__toString')) - ) { - $message .= ' with reason: ' . $this->reason; - } elseif ($reason instanceof \JsonSerializable) { - $message .= ' with reason: ' - . json_encode($this->reason, JSON_PRETTY_PRINT); - } - - parent::__construct($message); - } - - /** - * Returns the rejection reason. - * - * @return mixed - */ - public function getReason() - { - return $this->reason; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/promises/src/TaskQueue.php b/plugins/auth/vendor/guzzlehttp/promises/src/TaskQueue.php deleted file mode 100644 index f0fba2c5..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/src/TaskQueue.php +++ /dev/null @@ -1,67 +0,0 @@ -run(); - */ -class TaskQueue implements TaskQueueInterface -{ - private $enableShutdown = true; - private $queue = []; - - public function __construct($withShutdown = true) - { - if ($withShutdown) { - register_shutdown_function(function () { - if ($this->enableShutdown) { - // Only run the tasks if an E_ERROR didn't occur. - $err = error_get_last(); - if (!$err || ($err['type'] ^ E_ERROR)) { - $this->run(); - } - } - }); - } - } - - public function isEmpty() - { - return !$this->queue; - } - - public function add(callable $task) - { - $this->queue[] = $task; - } - - public function run() - { - while ($task = array_shift($this->queue)) { - /** @var callable $task */ - $task(); - } - } - - /** - * The task queue will be run and exhausted by default when the process - * exits IFF the exit is not the result of a PHP E_ERROR error. - * - * You can disable running the automatic shutdown of the queue by calling - * this function. If you disable the task queue shutdown process, then you - * MUST either run the task queue (as a result of running your event loop - * or manually using the run() method) or wait on each outstanding promise. - * - * Note: This shutdown will occur before any destructors are triggered. - */ - public function disableShutdown() - { - $this->enableShutdown = false; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/promises/src/TaskQueueInterface.php b/plugins/auth/vendor/guzzlehttp/promises/src/TaskQueueInterface.php deleted file mode 100644 index 723d4d54..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/src/TaskQueueInterface.php +++ /dev/null @@ -1,24 +0,0 @@ - - * while ($eventLoop->isRunning()) { - * GuzzleHttp\Promise\queue()->run(); - * } - * - * - * @param TaskQueueInterface $assign Optionally specify a new queue instance. - * - * @return TaskQueueInterface - * - * @deprecated queue will be removed in guzzlehttp/promises:2.0. Use Utils::queue instead. - */ -function queue(TaskQueueInterface $assign = null) -{ - return Utils::queue($assign); -} - -/** - * Adds a function to run in the task queue when it is next `run()` and returns - * a promise that is fulfilled or rejected with the result. - * - * @param callable $task Task function to run. - * - * @return PromiseInterface - * - * @deprecated task will be removed in guzzlehttp/promises:2.0. Use Utils::task instead. - */ -function task(callable $task) -{ - return Utils::task($task); -} - -/** - * Creates a promise for a value if the value is not a promise. - * - * @param mixed $value Promise or value. - * - * @return PromiseInterface - * - * @deprecated promise_for will be removed in guzzlehttp/promises:2.0. Use Create::promiseFor instead. - */ -function promise_for($value) -{ - return Create::promiseFor($value); -} - -/** - * Creates a rejected promise for a reason if the reason is not a promise. If - * the provided reason is a promise, then it is returned as-is. - * - * @param mixed $reason Promise or reason. - * - * @return PromiseInterface - * - * @deprecated rejection_for will be removed in guzzlehttp/promises:2.0. Use Create::rejectionFor instead. - */ -function rejection_for($reason) -{ - return Create::rejectionFor($reason); -} - -/** - * Create an exception for a rejected promise value. - * - * @param mixed $reason - * - * @return \Exception|\Throwable - * - * @deprecated exception_for will be removed in guzzlehttp/promises:2.0. Use Create::exceptionFor instead. - */ -function exception_for($reason) -{ - return Create::exceptionFor($reason); -} - -/** - * Returns an iterator for the given value. - * - * @param mixed $value - * - * @return \Iterator - * - * @deprecated iter_for will be removed in guzzlehttp/promises:2.0. Use Create::iterFor instead. - */ -function iter_for($value) -{ - return Create::iterFor($value); -} - -/** - * Synchronously waits on a promise to resolve and returns an inspection state - * array. - * - * Returns a state associative array containing a "state" key mapping to a - * valid promise state. If the state of the promise is "fulfilled", the array - * will contain a "value" key mapping to the fulfilled value of the promise. If - * the promise is rejected, the array will contain a "reason" key mapping to - * the rejection reason of the promise. - * - * @param PromiseInterface $promise Promise or value. - * - * @return array - * - * @deprecated inspect will be removed in guzzlehttp/promises:2.0. Use Utils::inspect instead. - */ -function inspect(PromiseInterface $promise) -{ - return Utils::inspect($promise); -} - -/** - * Waits on all of the provided promises, but does not unwrap rejected promises - * as thrown exception. - * - * Returns an array of inspection state arrays. - * - * @see inspect for the inspection state array format. - * - * @param PromiseInterface[] $promises Traversable of promises to wait upon. - * - * @return array - * - * @deprecated inspect will be removed in guzzlehttp/promises:2.0. Use Utils::inspectAll instead. - */ -function inspect_all($promises) -{ - return Utils::inspectAll($promises); -} - -/** - * Waits on all of the provided promises and returns the fulfilled values. - * - * Returns an array that contains the value of each promise (in the same order - * the promises were provided). An exception is thrown if any of the promises - * are rejected. - * - * @param iterable $promises Iterable of PromiseInterface objects to wait on. - * - * @return array - * - * @throws \Exception on error - * @throws \Throwable on error in PHP >=7 - * - * @deprecated unwrap will be removed in guzzlehttp/promises:2.0. Use Utils::unwrap instead. - */ -function unwrap($promises) -{ - return Utils::unwrap($promises); -} - -/** - * Given an array of promises, return a promise that is fulfilled when all the - * items in the array are fulfilled. - * - * The promise's fulfillment value is an array with fulfillment values at - * respective positions to the original array. If any promise in the array - * rejects, the returned promise is rejected with the rejection reason. - * - * @param mixed $promises Promises or values. - * @param bool $recursive If true, resolves new promises that might have been added to the stack during its own resolution. - * - * @return PromiseInterface - * - * @deprecated all will be removed in guzzlehttp/promises:2.0. Use Utils::all instead. - */ -function all($promises, $recursive = false) -{ - return Utils::all($promises, $recursive); -} - -/** - * Initiate a competitive race between multiple promises or values (values will - * become immediately fulfilled promises). - * - * When count amount of promises have been fulfilled, the returned promise is - * fulfilled with an array that contains the fulfillment values of the winners - * in order of resolution. - * - * This promise is rejected with a {@see AggregateException} if the number of - * fulfilled promises is less than the desired $count. - * - * @param int $count Total number of promises. - * @param mixed $promises Promises or values. - * - * @return PromiseInterface - * - * @deprecated some will be removed in guzzlehttp/promises:2.0. Use Utils::some instead. - */ -function some($count, $promises) -{ - return Utils::some($count, $promises); -} - -/** - * Like some(), with 1 as count. However, if the promise fulfills, the - * fulfillment value is not an array of 1 but the value directly. - * - * @param mixed $promises Promises or values. - * - * @return PromiseInterface - * - * @deprecated any will be removed in guzzlehttp/promises:2.0. Use Utils::any instead. - */ -function any($promises) -{ - return Utils::any($promises); -} - -/** - * Returns a promise that is fulfilled when all of the provided promises have - * been fulfilled or rejected. - * - * The returned promise is fulfilled with an array of inspection state arrays. - * - * @see inspect for the inspection state array format. - * - * @param mixed $promises Promises or values. - * - * @return PromiseInterface - * - * @deprecated settle will be removed in guzzlehttp/promises:2.0. Use Utils::settle instead. - */ -function settle($promises) -{ - return Utils::settle($promises); -} - -/** - * Given an iterator that yields promises or values, returns a promise that is - * fulfilled with a null value when the iterator has been consumed or the - * aggregate promise has been fulfilled or rejected. - * - * $onFulfilled is a function that accepts the fulfilled value, iterator index, - * and the aggregate promise. The callback can invoke any necessary side - * effects and choose to resolve or reject the aggregate if needed. - * - * $onRejected is a function that accepts the rejection reason, iterator index, - * and the aggregate promise. The callback can invoke any necessary side - * effects and choose to resolve or reject the aggregate if needed. - * - * @param mixed $iterable Iterator or array to iterate over. - * @param callable $onFulfilled - * @param callable $onRejected - * - * @return PromiseInterface - * - * @deprecated each will be removed in guzzlehttp/promises:2.0. Use Each::of instead. - */ -function each( - $iterable, - callable $onFulfilled = null, - callable $onRejected = null -) { - return Each::of($iterable, $onFulfilled, $onRejected); -} - -/** - * Like each, but only allows a certain number of outstanding promises at any - * given time. - * - * $concurrency may be an integer or a function that accepts the number of - * pending promises and returns a numeric concurrency limit value to allow for - * dynamic a concurrency size. - * - * @param mixed $iterable - * @param int|callable $concurrency - * @param callable $onFulfilled - * @param callable $onRejected - * - * @return PromiseInterface - * - * @deprecated each_limit will be removed in guzzlehttp/promises:2.0. Use Each::ofLimit instead. - */ -function each_limit( - $iterable, - $concurrency, - callable $onFulfilled = null, - callable $onRejected = null -) { - return Each::ofLimit($iterable, $concurrency, $onFulfilled, $onRejected); -} - -/** - * Like each_limit, but ensures that no promise in the given $iterable argument - * is rejected. If any promise is rejected, then the aggregate promise is - * rejected with the encountered rejection. - * - * @param mixed $iterable - * @param int|callable $concurrency - * @param callable $onFulfilled - * - * @return PromiseInterface - * - * @deprecated each_limit_all will be removed in guzzlehttp/promises:2.0. Use Each::ofLimitAll instead. - */ -function each_limit_all( - $iterable, - $concurrency, - callable $onFulfilled = null -) { - return Each::ofLimitAll($iterable, $concurrency, $onFulfilled); -} - -/** - * Returns true if a promise is fulfilled. - * - * @return bool - * - * @deprecated is_fulfilled will be removed in guzzlehttp/promises:2.0. Use Is::fulfilled instead. - */ -function is_fulfilled(PromiseInterface $promise) -{ - return Is::fulfilled($promise); -} - -/** - * Returns true if a promise is rejected. - * - * @return bool - * - * @deprecated is_rejected will be removed in guzzlehttp/promises:2.0. Use Is::rejected instead. - */ -function is_rejected(PromiseInterface $promise) -{ - return Is::rejected($promise); -} - -/** - * Returns true if a promise is fulfilled or rejected. - * - * @return bool - * - * @deprecated is_settled will be removed in guzzlehttp/promises:2.0. Use Is::settled instead. - */ -function is_settled(PromiseInterface $promise) -{ - return Is::settled($promise); -} - -/** - * Create a new coroutine. - * - * @see Coroutine - * - * @return PromiseInterface - * - * @deprecated coroutine will be removed in guzzlehttp/promises:2.0. Use Coroutine::of instead. - */ -function coroutine(callable $generatorFn) -{ - return Coroutine::of($generatorFn); -} diff --git a/plugins/auth/vendor/guzzlehttp/promises/src/functions_include.php b/plugins/auth/vendor/guzzlehttp/promises/src/functions_include.php deleted file mode 100644 index 34cd1710..00000000 --- a/plugins/auth/vendor/guzzlehttp/promises/src/functions_include.php +++ /dev/null @@ -1,6 +0,0 @@ -withPath('foo')->withHost('example.com')` will throw an exception - because the path of a URI with an authority must start with a slash "/" or be empty - - `(new Uri())->withScheme('http')` will return `'http://localhost'` - -### Deprecated - -- `Uri::resolve` in favor of `UriResolver::resolve` -- `Uri::removeDotSegments` in favor of `UriResolver::removeDotSegments` - -### Fixed - -- `Stream::read` when length parameter <= 0. -- `copy_to_stream` reads bytes in chunks instead of `maxLen` into memory. -- `ServerRequest::getUriFromGlobals` when `Host` header contains port. -- Compatibility of URIs with `file` scheme and empty host. - - -## [1.3.1] - 2016-06-25 - -### Fixed - -- `Uri::__toString` for network path references, e.g. `//example.org`. -- Missing lowercase normalization for host. -- Handling of URI components in case they are `'0'` in a lot of places, - e.g. as a user info password. -- `Uri::withAddedHeader` to correctly merge headers with different case. -- Trimming of header values in `Uri::withAddedHeader`. Header values may - be surrounded by whitespace which should be ignored according to RFC 7230 - Section 3.2.4. This does not apply to header names. -- `Uri::withAddedHeader` with an array of header values. -- `Uri::resolve` when base path has no slash and handling of fragment. -- Handling of encoding in `Uri::with(out)QueryValue` so one can pass the - key/value both in encoded as well as decoded form to those methods. This is - consistent with withPath, withQuery etc. -- `ServerRequest::withoutAttribute` when attribute value is null. - - -## [1.3.0] - 2016-04-13 - -### Added - -- Remaining interfaces needed for full PSR7 compatibility - (ServerRequestInterface, UploadedFileInterface, etc.). -- Support for stream_for from scalars. - -### Changed - -- Can now extend Uri. - -### Fixed -- A bug in validating request methods by making it more permissive. - - -## [1.2.3] - 2016-02-18 - -### Fixed - -- Support in `GuzzleHttp\Psr7\CachingStream` for seeking forward on remote - streams, which can sometimes return fewer bytes than requested with `fread`. -- Handling of gzipped responses with FNAME headers. - - -## [1.2.2] - 2016-01-22 - -### Added - -- Support for URIs without any authority. -- Support for HTTP 451 'Unavailable For Legal Reasons.' -- Support for using '0' as a filename. -- Support for including non-standard ports in Host headers. - - -## [1.2.1] - 2015-11-02 - -### Changes - -- Now supporting negative offsets when seeking to SEEK_END. - - -## [1.2.0] - 2015-08-15 - -### Changed - -- Body as `"0"` is now properly added to a response. -- Now allowing forward seeking in CachingStream. -- Now properly parsing HTTP requests that contain proxy targets in - `parse_request`. -- functions.php is now conditionally required. -- user-info is no longer dropped when resolving URIs. - - -## [1.1.0] - 2015-06-24 - -### Changed - -- URIs can now be relative. -- `multipart/form-data` headers are now overridden case-insensitively. -- URI paths no longer encode the following characters because they are allowed - in URIs: "(", ")", "*", "!", "'" -- A port is no longer added to a URI when the scheme is missing and no port is - present. - - -## 1.0.0 - 2015-05-19 - -Initial release. - -Currently unsupported: - -- `Psr\Http\Message\ServerRequestInterface` -- `Psr\Http\Message\UploadedFileInterface` - - - -[1.6.0]: https://github.com/guzzle/psr7/compare/1.5.2...1.6.0 -[1.5.2]: https://github.com/guzzle/psr7/compare/1.5.1...1.5.2 -[1.5.1]: https://github.com/guzzle/psr7/compare/1.5.0...1.5.1 -[1.5.0]: https://github.com/guzzle/psr7/compare/1.4.2...1.5.0 -[1.4.2]: https://github.com/guzzle/psr7/compare/1.4.1...1.4.2 -[1.4.1]: https://github.com/guzzle/psr7/compare/1.4.0...1.4.1 -[1.4.0]: https://github.com/guzzle/psr7/compare/1.3.1...1.4.0 -[1.3.1]: https://github.com/guzzle/psr7/compare/1.3.0...1.3.1 -[1.3.0]: https://github.com/guzzle/psr7/compare/1.2.3...1.3.0 -[1.2.3]: https://github.com/guzzle/psr7/compare/1.2.2...1.2.3 -[1.2.2]: https://github.com/guzzle/psr7/compare/1.2.1...1.2.2 -[1.2.1]: https://github.com/guzzle/psr7/compare/1.2.0...1.2.1 -[1.2.0]: https://github.com/guzzle/psr7/compare/1.1.0...1.2.0 -[1.1.0]: https://github.com/guzzle/psr7/compare/1.0.0...1.1.0 diff --git a/plugins/auth/vendor/guzzlehttp/psr7/LICENSE b/plugins/auth/vendor/guzzlehttp/psr7/LICENSE deleted file mode 100644 index 51c7ec81..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/LICENSE +++ /dev/null @@ -1,26 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2015 Michael Dowling -Copyright (c) 2015 Márk Sági-Kazár -Copyright (c) 2015 Graham Campbell -Copyright (c) 2016 Tobias Schultze -Copyright (c) 2016 George Mponos -Copyright (c) 2018 Tobias Nyholm - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/plugins/auth/vendor/guzzlehttp/psr7/README.md b/plugins/auth/vendor/guzzlehttp/psr7/README.md deleted file mode 100644 index 8b9929a1..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/README.md +++ /dev/null @@ -1,872 +0,0 @@ -# PSR-7 Message Implementation - -This repository contains a full [PSR-7](https://www.php-fig.org/psr/psr-7/) -message implementation, several stream decorators, and some helpful -functionality like query string parsing. - -![CI](https://github.com/guzzle/psr7/workflows/CI/badge.svg) -![Static analysis](https://github.com/guzzle/psr7/workflows/Static%20analysis/badge.svg) - - -# Stream implementation - -This package comes with a number of stream implementations and stream -decorators. - - -## AppendStream - -`GuzzleHttp\Psr7\AppendStream` - -Reads from multiple streams, one after the other. - -```php -use GuzzleHttp\Psr7; - -$a = Psr7\Utils::streamFor('abc, '); -$b = Psr7\Utils::streamFor('123.'); -$composed = new Psr7\AppendStream([$a, $b]); - -$composed->addStream(Psr7\Utils::streamFor(' Above all listen to me')); - -echo $composed; // abc, 123. Above all listen to me. -``` - - -## BufferStream - -`GuzzleHttp\Psr7\BufferStream` - -Provides a buffer stream that can be written to fill a buffer, and read -from to remove bytes from the buffer. - -This stream returns a "hwm" metadata value that tells upstream consumers -what the configured high water mark of the stream is, or the maximum -preferred size of the buffer. - -```php -use GuzzleHttp\Psr7; - -// When more than 1024 bytes are in the buffer, it will begin returning -// false to writes. This is an indication that writers should slow down. -$buffer = new Psr7\BufferStream(1024); -``` - - -## CachingStream - -The CachingStream is used to allow seeking over previously read bytes on -non-seekable streams. This can be useful when transferring a non-seekable -entity body fails due to needing to rewind the stream (for example, resulting -from a redirect). Data that is read from the remote stream will be buffered in -a PHP temp stream so that previously read bytes are cached first in memory, -then on disk. - -```php -use GuzzleHttp\Psr7; - -$original = Psr7\Utils::streamFor(fopen('http://www.google.com', 'r')); -$stream = new Psr7\CachingStream($original); - -$stream->read(1024); -echo $stream->tell(); -// 1024 - -$stream->seek(0); -echo $stream->tell(); -// 0 -``` - - -## DroppingStream - -`GuzzleHttp\Psr7\DroppingStream` - -Stream decorator that begins dropping data once the size of the underlying -stream becomes too full. - -```php -use GuzzleHttp\Psr7; - -// Create an empty stream -$stream = Psr7\Utils::streamFor(); - -// Start dropping data when the stream has more than 10 bytes -$dropping = new Psr7\DroppingStream($stream, 10); - -$dropping->write('01234567890123456789'); -echo $stream; // 0123456789 -``` - - -## FnStream - -`GuzzleHttp\Psr7\FnStream` - -Compose stream implementations based on a hash of functions. - -Allows for easy testing and extension of a provided stream without needing -to create a concrete class for a simple extension point. - -```php - -use GuzzleHttp\Psr7; - -$stream = Psr7\Utils::streamFor('hi'); -$fnStream = Psr7\FnStream::decorate($stream, [ - 'rewind' => function () use ($stream) { - echo 'About to rewind - '; - $stream->rewind(); - echo 'rewound!'; - } -]); - -$fnStream->rewind(); -// Outputs: About to rewind - rewound! -``` - - -## InflateStream - -`GuzzleHttp\Psr7\InflateStream` - -Uses PHP's zlib.inflate filter to inflate zlib (HTTP deflate, RFC1950) or gzipped (RFC1952) content. - -This stream decorator converts the provided stream to a PHP stream resource, -then appends the zlib.inflate filter. The stream is then converted back -to a Guzzle stream resource to be used as a Guzzle stream. - - -## LazyOpenStream - -`GuzzleHttp\Psr7\LazyOpenStream` - -Lazily reads or writes to a file that is opened only after an IO operation -take place on the stream. - -```php -use GuzzleHttp\Psr7; - -$stream = new Psr7\LazyOpenStream('/path/to/file', 'r'); -// The file has not yet been opened... - -echo $stream->read(10); -// The file is opened and read from only when needed. -``` - - -## LimitStream - -`GuzzleHttp\Psr7\LimitStream` - -LimitStream can be used to read a subset or slice of an existing stream object. -This can be useful for breaking a large file into smaller pieces to be sent in -chunks (e.g. Amazon S3's multipart upload API). - -```php -use GuzzleHttp\Psr7; - -$original = Psr7\Utils::streamFor(fopen('/tmp/test.txt', 'r+')); -echo $original->getSize(); -// >>> 1048576 - -// Limit the size of the body to 1024 bytes and start reading from byte 2048 -$stream = new Psr7\LimitStream($original, 1024, 2048); -echo $stream->getSize(); -// >>> 1024 -echo $stream->tell(); -// >>> 0 -``` - - -## MultipartStream - -`GuzzleHttp\Psr7\MultipartStream` - -Stream that when read returns bytes for a streaming multipart or -multipart/form-data stream. - - -## NoSeekStream - -`GuzzleHttp\Psr7\NoSeekStream` - -NoSeekStream wraps a stream and does not allow seeking. - -```php -use GuzzleHttp\Psr7; - -$original = Psr7\Utils::streamFor('foo'); -$noSeek = new Psr7\NoSeekStream($original); - -echo $noSeek->read(3); -// foo -var_export($noSeek->isSeekable()); -// false -$noSeek->seek(0); -var_export($noSeek->read(3)); -// NULL -``` - - -## PumpStream - -`GuzzleHttp\Psr7\PumpStream` - -Provides a read only stream that pumps data from a PHP callable. - -When invoking the provided callable, the PumpStream will pass the amount of -data requested to read to the callable. The callable can choose to ignore -this value and return fewer or more bytes than requested. Any extra data -returned by the provided callable is buffered internally until drained using -the read() function of the PumpStream. The provided callable MUST return -false when there is no more data to read. - - -## Implementing stream decorators - -Creating a stream decorator is very easy thanks to the -`GuzzleHttp\Psr7\StreamDecoratorTrait`. This trait provides methods that -implement `Psr\Http\Message\StreamInterface` by proxying to an underlying -stream. Just `use` the `StreamDecoratorTrait` and implement your custom -methods. - -For example, let's say we wanted to call a specific function each time the last -byte is read from a stream. This could be implemented by overriding the -`read()` method. - -```php -use Psr\Http\Message\StreamInterface; -use GuzzleHttp\Psr7\StreamDecoratorTrait; - -class EofCallbackStream implements StreamInterface -{ - use StreamDecoratorTrait; - - private $callback; - - public function __construct(StreamInterface $stream, callable $cb) - { - $this->stream = $stream; - $this->callback = $cb; - } - - public function read($length) - { - $result = $this->stream->read($length); - - // Invoke the callback when EOF is hit. - if ($this->eof()) { - call_user_func($this->callback); - } - - return $result; - } -} -``` - -This decorator could be added to any existing stream and used like so: - -```php -use GuzzleHttp\Psr7; - -$original = Psr7\Utils::streamFor('foo'); - -$eofStream = new EofCallbackStream($original, function () { - echo 'EOF!'; -}); - -$eofStream->read(2); -$eofStream->read(1); -// echoes "EOF!" -$eofStream->seek(0); -$eofStream->read(3); -// echoes "EOF!" -``` - - -## PHP StreamWrapper - -You can use the `GuzzleHttp\Psr7\StreamWrapper` class if you need to use a -PSR-7 stream as a PHP stream resource. - -Use the `GuzzleHttp\Psr7\StreamWrapper::getResource()` method to create a PHP -stream from a PSR-7 stream. - -```php -use GuzzleHttp\Psr7\StreamWrapper; - -$stream = GuzzleHttp\Psr7\Utils::streamFor('hello!'); -$resource = StreamWrapper::getResource($stream); -echo fread($resource, 6); // outputs hello! -``` - - -# Static API - -There are various static methods available under the `GuzzleHttp\Psr7` namespace. - - -## `GuzzleHttp\Psr7\Message::toString` - -`public static function toString(MessageInterface $message): string` - -Returns the string representation of an HTTP message. - -```php -$request = new GuzzleHttp\Psr7\Request('GET', 'http://example.com'); -echo GuzzleHttp\Psr7\Message::toString($request); -``` - - -## `GuzzleHttp\Psr7\Message::bodySummary` - -`public static function bodySummary(MessageInterface $message, int $truncateAt = 120): string|null` - -Get a short summary of the message body. - -Will return `null` if the response is not printable. - - -## `GuzzleHttp\Psr7\Message::rewindBody` - -`public static function rewindBody(MessageInterface $message): void` - -Attempts to rewind a message body and throws an exception on failure. - -The body of the message will only be rewound if a call to `tell()` -returns a value other than `0`. - - -## `GuzzleHttp\Psr7\Message::parseMessage` - -`public static function parseMessage(string $message): array` - -Parses an HTTP message into an associative array. - -The array contains the "start-line" key containing the start line of -the message, "headers" key containing an associative array of header -array values, and a "body" key containing the body of the message. - - -## `GuzzleHttp\Psr7\Message::parseRequestUri` - -`public static function parseRequestUri(string $path, array $headers): string` - -Constructs a URI for an HTTP request message. - - -## `GuzzleHttp\Psr7\Message::parseRequest` - -`public static function parseRequest(string $message): Request` - -Parses a request message string into a request object. - - -## `GuzzleHttp\Psr7\Message::parseResponse` - -`public static function parseResponse(string $message): Response` - -Parses a response message string into a response object. - - -## `GuzzleHttp\Psr7\Header::parse` - -`public static function parse(string|array $header): array` - -Parse an array of header values containing ";" separated data into an -array of associative arrays representing the header key value pair data -of the header. When a parameter does not contain a value, but just -contains a key, this function will inject a key with a '' string value. - - -## `GuzzleHttp\Psr7\Header::splitList` - -`public static function splitList(string|string[] $header): string[]` - -Splits a HTTP header defined to contain a comma-separated list into -each individual value: - -``` -$knownEtags = Header::splitList($request->getHeader('if-none-match')); -``` - -Example headers include `accept`, `cache-control` and `if-none-match`. - - -## `GuzzleHttp\Psr7\Header::normalize` (deprecated) - -`public static function normalize(string|array $header): array` - -`Header::normalize()` is deprecated in favor of [`Header::splitList()`](README.md#guzzlehttppsr7headersplitlist) -which performs the same operation with a cleaned up API and improved -documentation. - -Converts an array of header values that may contain comma separated -headers into an array of headers with no comma separated values. - - -## `GuzzleHttp\Psr7\Query::parse` - -`public static function parse(string $str, int|bool $urlEncoding = true): array` - -Parse a query string into an associative array. - -If multiple values are found for the same key, the value of that key -value pair will become an array. This function does not parse nested -PHP style arrays into an associative array (e.g., `foo[a]=1&foo[b]=2` -will be parsed into `['foo[a]' => '1', 'foo[b]' => '2'])`. - - -## `GuzzleHttp\Psr7\Query::build` - -`public static function build(array $params, int|false $encoding = PHP_QUERY_RFC3986): string` - -Build a query string from an array of key value pairs. - -This function can use the return value of `parse()` to build a query -string. This function does not modify the provided keys when an array is -encountered (like `http_build_query()` would). - - -## `GuzzleHttp\Psr7\Utils::caselessRemove` - -`public static function caselessRemove(iterable $keys, $keys, array $data): array` - -Remove the items given by the keys, case insensitively from the data. - - -## `GuzzleHttp\Psr7\Utils::copyToStream` - -`public static function copyToStream(StreamInterface $source, StreamInterface $dest, int $maxLen = -1): void` - -Copy the contents of a stream into another stream until the given number -of bytes have been read. - - -## `GuzzleHttp\Psr7\Utils::copyToString` - -`public static function copyToString(StreamInterface $stream, int $maxLen = -1): string` - -Copy the contents of a stream into a string until the given number of -bytes have been read. - - -## `GuzzleHttp\Psr7\Utils::hash` - -`public static function hash(StreamInterface $stream, string $algo, bool $rawOutput = false): string` - -Calculate a hash of a stream. - -This method reads the entire stream to calculate a rolling hash, based on -PHP's `hash_init` functions. - - -## `GuzzleHttp\Psr7\Utils::modifyRequest` - -`public static function modifyRequest(RequestInterface $request, array $changes): RequestInterface` - -Clone and modify a request with the given changes. - -This method is useful for reducing the number of clones needed to mutate -a message. - -- method: (string) Changes the HTTP method. -- set_headers: (array) Sets the given headers. -- remove_headers: (array) Remove the given headers. -- body: (mixed) Sets the given body. -- uri: (UriInterface) Set the URI. -- query: (string) Set the query string value of the URI. -- version: (string) Set the protocol version. - - -## `GuzzleHttp\Psr7\Utils::readLine` - -`public static function readLine(StreamInterface $stream, int $maxLength = null): string` - -Read a line from the stream up to the maximum allowed buffer length. - - -## `GuzzleHttp\Psr7\Utils::streamFor` - -`public static function streamFor(resource|string|null|int|float|bool|StreamInterface|callable|\Iterator $resource = '', array $options = []): StreamInterface` - -Create a new stream based on the input type. - -Options is an associative array that can contain the following keys: - -- metadata: Array of custom metadata. -- size: Size of the stream. - -This method accepts the following `$resource` types: - -- `Psr\Http\Message\StreamInterface`: Returns the value as-is. -- `string`: Creates a stream object that uses the given string as the contents. -- `resource`: Creates a stream object that wraps the given PHP stream resource. -- `Iterator`: If the provided value implements `Iterator`, then a read-only - stream object will be created that wraps the given iterable. Each time the - stream is read from, data from the iterator will fill a buffer and will be - continuously called until the buffer is equal to the requested read size. - Subsequent read calls will first read from the buffer and then call `next` - on the underlying iterator until it is exhausted. -- `object` with `__toString()`: If the object has the `__toString()` method, - the object will be cast to a string and then a stream will be returned that - uses the string value. -- `NULL`: When `null` is passed, an empty stream object is returned. -- `callable` When a callable is passed, a read-only stream object will be - created that invokes the given callable. The callable is invoked with the - number of suggested bytes to read. The callable can return any number of - bytes, but MUST return `false` when there is no more data to return. The - stream object that wraps the callable will invoke the callable until the - number of requested bytes are available. Any additional bytes will be - buffered and used in subsequent reads. - -```php -$stream = GuzzleHttp\Psr7\Utils::streamFor('foo'); -$stream = GuzzleHttp\Psr7\Utils::streamFor(fopen('/path/to/file', 'r')); - -$generator = function ($bytes) { - for ($i = 0; $i < $bytes; $i++) { - yield ' '; - } -} - -$stream = GuzzleHttp\Psr7\Utils::streamFor($generator(100)); -``` - - -## `GuzzleHttp\Psr7\Utils::tryFopen` - -`public static function tryFopen(string $filename, string $mode): resource` - -Safely opens a PHP stream resource using a filename. - -When fopen fails, PHP normally raises a warning. This function adds an -error handler that checks for errors and throws an exception instead. - - -## `GuzzleHttp\Psr7\Utils::tryGetContents` - -`public static function tryGetContents(resource $stream): string` - -Safely gets the contents of a given stream. - -When stream_get_contents fails, PHP normally raises a warning. This -function adds an error handler that checks for errors and throws an -exception instead. - - -## `GuzzleHttp\Psr7\Utils::uriFor` - -`public static function uriFor(string|UriInterface $uri): UriInterface` - -Returns a UriInterface for the given value. - -This function accepts a string or UriInterface and returns a -UriInterface for the given value. If the value is already a -UriInterface, it is returned as-is. - - -## `GuzzleHttp\Psr7\MimeType::fromFilename` - -`public static function fromFilename(string $filename): string|null` - -Determines the mimetype of a file by looking at its extension. - - -## `GuzzleHttp\Psr7\MimeType::fromExtension` - -`public static function fromExtension(string $extension): string|null` - -Maps a file extensions to a mimetype. - - -## Upgrading from Function API - -The static API was first introduced in 1.7.0, in order to mitigate problems with functions conflicting between global and local copies of the package. The function API was removed in 2.0.0. A migration table has been provided here for your convenience: - -| Original Function | Replacement Method | -|----------------|----------------| -| `str` | `Message::toString` | -| `uri_for` | `Utils::uriFor` | -| `stream_for` | `Utils::streamFor` | -| `parse_header` | `Header::parse` | -| `normalize_header` | `Header::normalize` | -| `modify_request` | `Utils::modifyRequest` | -| `rewind_body` | `Message::rewindBody` | -| `try_fopen` | `Utils::tryFopen` | -| `copy_to_string` | `Utils::copyToString` | -| `copy_to_stream` | `Utils::copyToStream` | -| `hash` | `Utils::hash` | -| `readline` | `Utils::readLine` | -| `parse_request` | `Message::parseRequest` | -| `parse_response` | `Message::parseResponse` | -| `parse_query` | `Query::parse` | -| `build_query` | `Query::build` | -| `mimetype_from_filename` | `MimeType::fromFilename` | -| `mimetype_from_extension` | `MimeType::fromExtension` | -| `_parse_message` | `Message::parseMessage` | -| `_parse_request_uri` | `Message::parseRequestUri` | -| `get_message_body_summary` | `Message::bodySummary` | -| `_caseless_remove` | `Utils::caselessRemove` | - - -# Additional URI Methods - -Aside from the standard `Psr\Http\Message\UriInterface` implementation in form of the `GuzzleHttp\Psr7\Uri` class, -this library also provides additional functionality when working with URIs as static methods. - -## URI Types - -An instance of `Psr\Http\Message\UriInterface` can either be an absolute URI or a relative reference. -An absolute URI has a scheme. A relative reference is used to express a URI relative to another URI, -the base URI. Relative references can be divided into several forms according to -[RFC 3986 Section 4.2](https://tools.ietf.org/html/rfc3986#section-4.2): - -- network-path references, e.g. `//example.com/path` -- absolute-path references, e.g. `/path` -- relative-path references, e.g. `subpath` - -The following methods can be used to identify the type of the URI. - -### `GuzzleHttp\Psr7\Uri::isAbsolute` - -`public static function isAbsolute(UriInterface $uri): bool` - -Whether the URI is absolute, i.e. it has a scheme. - -### `GuzzleHttp\Psr7\Uri::isNetworkPathReference` - -`public static function isNetworkPathReference(UriInterface $uri): bool` - -Whether the URI is a network-path reference. A relative reference that begins with two slash characters is -termed an network-path reference. - -### `GuzzleHttp\Psr7\Uri::isAbsolutePathReference` - -`public static function isAbsolutePathReference(UriInterface $uri): bool` - -Whether the URI is a absolute-path reference. A relative reference that begins with a single slash character is -termed an absolute-path reference. - -### `GuzzleHttp\Psr7\Uri::isRelativePathReference` - -`public static function isRelativePathReference(UriInterface $uri): bool` - -Whether the URI is a relative-path reference. A relative reference that does not begin with a slash character is -termed a relative-path reference. - -### `GuzzleHttp\Psr7\Uri::isSameDocumentReference` - -`public static function isSameDocumentReference(UriInterface $uri, UriInterface $base = null): bool` - -Whether the URI is a same-document reference. A same-document reference refers to a URI that is, aside from its -fragment component, identical to the base URI. When no base URI is given, only an empty URI reference -(apart from its fragment) is considered a same-document reference. - -## URI Components - -Additional methods to work with URI components. - -### `GuzzleHttp\Psr7\Uri::isDefaultPort` - -`public static function isDefaultPort(UriInterface $uri): bool` - -Whether the URI has the default port of the current scheme. `Psr\Http\Message\UriInterface::getPort` may return null -or the standard port. This method can be used independently of the implementation. - -### `GuzzleHttp\Psr7\Uri::composeComponents` - -`public static function composeComponents($scheme, $authority, $path, $query, $fragment): string` - -Composes a URI reference string from its various components according to -[RFC 3986 Section 5.3](https://tools.ietf.org/html/rfc3986#section-5.3). Usually this method does not need to be called -manually but instead is used indirectly via `Psr\Http\Message\UriInterface::__toString`. - -### `GuzzleHttp\Psr7\Uri::fromParts` - -`public static function fromParts(array $parts): UriInterface` - -Creates a URI from a hash of [`parse_url`](https://www.php.net/manual/en/function.parse-url.php) components. - - -### `GuzzleHttp\Psr7\Uri::withQueryValue` - -`public static function withQueryValue(UriInterface $uri, $key, $value): UriInterface` - -Creates a new URI with a specific query string value. Any existing query string values that exactly match the -provided key are removed and replaced with the given key value pair. A value of null will set the query string -key without a value, e.g. "key" instead of "key=value". - -### `GuzzleHttp\Psr7\Uri::withQueryValues` - -`public static function withQueryValues(UriInterface $uri, array $keyValueArray): UriInterface` - -Creates a new URI with multiple query string values. It has the same behavior as `withQueryValue()` but for an -associative array of key => value. - -### `GuzzleHttp\Psr7\Uri::withoutQueryValue` - -`public static function withoutQueryValue(UriInterface $uri, $key): UriInterface` - -Creates a new URI with a specific query string value removed. Any existing query string values that exactly match the -provided key are removed. - -## Cross-Origin Detection - -`GuzzleHttp\Psr7\UriComparator` provides methods to determine if a modified URL should be considered cross-origin. - -### `GuzzleHttp\Psr7\UriComparator::isCrossOrigin` - -`public static function isCrossOrigin(UriInterface $original, UriInterface $modified): bool` - -Determines if a modified URL should be considered cross-origin with respect to an original URL. - -## Reference Resolution - -`GuzzleHttp\Psr7\UriResolver` provides methods to resolve a URI reference in the context of a base URI according -to [RFC 3986 Section 5](https://tools.ietf.org/html/rfc3986#section-5). This is for example also what web browsers -do when resolving a link in a website based on the current request URI. - -### `GuzzleHttp\Psr7\UriResolver::resolve` - -`public static function resolve(UriInterface $base, UriInterface $rel): UriInterface` - -Converts the relative URI into a new URI that is resolved against the base URI. - -### `GuzzleHttp\Psr7\UriResolver::removeDotSegments` - -`public static function removeDotSegments(string $path): string` - -Removes dot segments from a path and returns the new path according to -[RFC 3986 Section 5.2.4](https://tools.ietf.org/html/rfc3986#section-5.2.4). - -### `GuzzleHttp\Psr7\UriResolver::relativize` - -`public static function relativize(UriInterface $base, UriInterface $target): UriInterface` - -Returns the target URI as a relative reference from the base URI. This method is the counterpart to resolve(): - -```php -(string) $target === (string) UriResolver::resolve($base, UriResolver::relativize($base, $target)) -``` - -One use-case is to use the current request URI as base URI and then generate relative links in your documents -to reduce the document size or offer self-contained downloadable document archives. - -```php -$base = new Uri('http://example.com/a/b/'); -echo UriResolver::relativize($base, new Uri('http://example.com/a/b/c')); // prints 'c'. -echo UriResolver::relativize($base, new Uri('http://example.com/a/x/y')); // prints '../x/y'. -echo UriResolver::relativize($base, new Uri('http://example.com/a/b/?q')); // prints '?q'. -echo UriResolver::relativize($base, new Uri('http://example.org/a/b/')); // prints '//example.org/a/b/'. -``` - -## Normalization and Comparison - -`GuzzleHttp\Psr7\UriNormalizer` provides methods to normalize and compare URIs according to -[RFC 3986 Section 6](https://tools.ietf.org/html/rfc3986#section-6). - -### `GuzzleHttp\Psr7\UriNormalizer::normalize` - -`public static function normalize(UriInterface $uri, $flags = self::PRESERVING_NORMALIZATIONS): UriInterface` - -Returns a normalized URI. The scheme and host component are already normalized to lowercase per PSR-7 UriInterface. -This methods adds additional normalizations that can be configured with the `$flags` parameter which is a bitmask -of normalizations to apply. The following normalizations are available: - -- `UriNormalizer::PRESERVING_NORMALIZATIONS` - - Default normalizations which only include the ones that preserve semantics. - -- `UriNormalizer::CAPITALIZE_PERCENT_ENCODING` - - All letters within a percent-encoding triplet (e.g., "%3A") are case-insensitive, and should be capitalized. - - Example: `http://example.org/a%c2%b1b` → `http://example.org/a%C2%B1b` - -- `UriNormalizer::DECODE_UNRESERVED_CHARACTERS` - - Decodes percent-encoded octets of unreserved characters. For consistency, percent-encoded octets in the ranges of - ALPHA (%41–%5A and %61–%7A), DIGIT (%30–%39), hyphen (%2D), period (%2E), underscore (%5F), or tilde (%7E) should - not be created by URI producers and, when found in a URI, should be decoded to their corresponding unreserved - characters by URI normalizers. - - Example: `http://example.org/%7Eusern%61me/` → `http://example.org/~username/` - -- `UriNormalizer::CONVERT_EMPTY_PATH` - - Converts the empty path to "/" for http and https URIs. - - Example: `http://example.org` → `http://example.org/` - -- `UriNormalizer::REMOVE_DEFAULT_HOST` - - Removes the default host of the given URI scheme from the URI. Only the "file" scheme defines the default host - "localhost". All of `file:/myfile`, `file:///myfile`, and `file://localhost/myfile` are equivalent according to - RFC 3986. - - Example: `file://localhost/myfile` → `file:///myfile` - -- `UriNormalizer::REMOVE_DEFAULT_PORT` - - Removes the default port of the given URI scheme from the URI. - - Example: `http://example.org:80/` → `http://example.org/` - -- `UriNormalizer::REMOVE_DOT_SEGMENTS` - - Removes unnecessary dot-segments. Dot-segments in relative-path references are not removed as it would - change the semantics of the URI reference. - - Example: `http://example.org/../a/b/../c/./d.html` → `http://example.org/a/c/d.html` - -- `UriNormalizer::REMOVE_DUPLICATE_SLASHES` - - Paths which include two or more adjacent slashes are converted to one. Webservers usually ignore duplicate slashes - and treat those URIs equivalent. But in theory those URIs do not need to be equivalent. So this normalization - may change the semantics. Encoded slashes (%2F) are not removed. - - Example: `http://example.org//foo///bar.html` → `http://example.org/foo/bar.html` - -- `UriNormalizer::SORT_QUERY_PARAMETERS` - - Sort query parameters with their values in alphabetical order. However, the order of parameters in a URI may be - significant (this is not defined by the standard). So this normalization is not safe and may change the semantics - of the URI. - - Example: `?lang=en&article=fred` → `?article=fred&lang=en` - -### `GuzzleHttp\Psr7\UriNormalizer::isEquivalent` - -`public static function isEquivalent(UriInterface $uri1, UriInterface $uri2, $normalizations = self::PRESERVING_NORMALIZATIONS): bool` - -Whether two URIs can be considered equivalent. Both URIs are normalized automatically before comparison with the given -`$normalizations` bitmask. The method also accepts relative URI references and returns true when they are equivalent. -This of course assumes they will be resolved against the same base URI. If this is not the case, determination of -equivalence or difference of relative references does not mean anything. - - -## Version Guidance - -| Version | Status | PHP Version | -|---------|----------------|------------------| -| 1.x | Security fixes | >=5.4,<8.1 | -| 2.x | Latest | ^7.2.5 \|\| ^8.0 | - - -## Security - -If you discover a security vulnerability within this package, please send an email to security@tidelift.com. All security vulnerabilities will be promptly addressed. Please do not disclose security-related issues publicly until a fix has been announced. Please see [Security Policy](https://github.com/guzzle/psr7/security/policy) for more information. - - -## License - -Guzzle is made available under the MIT License (MIT). Please see [License File](LICENSE) for more information. - - -## For Enterprise - -Available as part of the Tidelift Subscription - -The maintainers of Guzzle and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. [Learn more.](https://tidelift.com/subscription/pkg/packagist-guzzlehttp-psr7?utm_source=packagist-guzzlehttp-psr7&utm_medium=referral&utm_campaign=enterprise&utm_term=repo) diff --git a/plugins/auth/vendor/guzzlehttp/psr7/composer.json b/plugins/auth/vendor/guzzlehttp/psr7/composer.json deleted file mode 100644 index cd91040c..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/composer.json +++ /dev/null @@ -1,96 +0,0 @@ -{ - "name": "guzzlehttp/psr7", - "description": "PSR-7 message implementation that also provides common utility methods", - "keywords": [ - "request", - "response", - "message", - "stream", - "http", - "uri", - "url", - "psr-7" - ], - "license": "MIT", - "authors": [ - { - "name": "Graham Campbell", - "email": "hello@gjcampbell.co.uk", - "homepage": "https://github.com/GrahamCampbell" - }, - { - "name": "Michael Dowling", - "email": "mtdowling@gmail.com", - "homepage": "https://github.com/mtdowling" - }, - { - "name": "George Mponos", - "email": "gmponos@gmail.com", - "homepage": "https://github.com/gmponos" - }, - { - "name": "Tobias Nyholm", - "email": "tobias.nyholm@gmail.com", - "homepage": "https://github.com/Nyholm" - }, - { - "name": "Márk Sági-Kazár", - "email": "mark.sagikazar@gmail.com", - "homepage": "https://github.com/sagikazarmark" - }, - { - "name": "Tobias Schultze", - "email": "webmaster@tubo-world.de", - "homepage": "https://github.com/Tobion" - }, - { - "name": "Márk Sági-Kazár", - "email": "mark.sagikazar@gmail.com", - "homepage": "https://sagikazarmark.hu" - } - ], - "require": { - "php": "^7.2.5 || ^8.0", - "psr/http-factory": "^1.0", - "psr/http-message": "^1.0", - "ralouphie/getallheaders": "^3.0" - }, - "provide": { - "psr/http-factory-implementation": "1.0", - "psr/http-message-implementation": "1.0" - }, - "require-dev": { - "bamarni/composer-bin-plugin": "^1.8.1", - "http-interop/http-factory-tests": "^0.9", - "phpunit/phpunit": "^8.5.29 || ^9.5.23" - }, - "suggest": { - "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses" - }, - "autoload": { - "psr-4": { - "GuzzleHttp\\Psr7\\": "src/" - } - }, - "autoload-dev": { - "psr-4": { - "GuzzleHttp\\Tests\\Psr7\\": "tests/" - } - }, - "extra": { - "bamarni-bin": { - "bin-links": true, - "forward-command": false - }, - "branch-alias": { - "dev-master": "2.4-dev" - } - }, - "config": { - "allow-plugins": { - "bamarni/composer-bin-plugin": true - }, - "preferred-install": "dist", - "sort-packages": true - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/AppendStream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/AppendStream.php deleted file mode 100644 index cbcfaee6..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/AppendStream.php +++ /dev/null @@ -1,248 +0,0 @@ -addStream($stream); - } - } - - public function __toString(): string - { - try { - $this->rewind(); - return $this->getContents(); - } catch (\Throwable $e) { - if (\PHP_VERSION_ID >= 70400) { - throw $e; - } - trigger_error(sprintf('%s::__toString exception: %s', self::class, (string) $e), E_USER_ERROR); - return ''; - } - } - - /** - * Add a stream to the AppendStream - * - * @param StreamInterface $stream Stream to append. Must be readable. - * - * @throws \InvalidArgumentException if the stream is not readable - */ - public function addStream(StreamInterface $stream): void - { - if (!$stream->isReadable()) { - throw new \InvalidArgumentException('Each stream must be readable'); - } - - // The stream is only seekable if all streams are seekable - if (!$stream->isSeekable()) { - $this->seekable = false; - } - - $this->streams[] = $stream; - } - - public function getContents(): string - { - return Utils::copyToString($this); - } - - /** - * Closes each attached stream. - */ - public function close(): void - { - $this->pos = $this->current = 0; - $this->seekable = true; - - foreach ($this->streams as $stream) { - $stream->close(); - } - - $this->streams = []; - } - - /** - * Detaches each attached stream. - * - * Returns null as it's not clear which underlying stream resource to return. - */ - public function detach() - { - $this->pos = $this->current = 0; - $this->seekable = true; - - foreach ($this->streams as $stream) { - $stream->detach(); - } - - $this->streams = []; - - return null; - } - - public function tell(): int - { - return $this->pos; - } - - /** - * Tries to calculate the size by adding the size of each stream. - * - * If any of the streams do not return a valid number, then the size of the - * append stream cannot be determined and null is returned. - */ - public function getSize(): ?int - { - $size = 0; - - foreach ($this->streams as $stream) { - $s = $stream->getSize(); - if ($s === null) { - return null; - } - $size += $s; - } - - return $size; - } - - public function eof(): bool - { - return !$this->streams || - ($this->current >= count($this->streams) - 1 && - $this->streams[$this->current]->eof()); - } - - public function rewind(): void - { - $this->seek(0); - } - - /** - * Attempts to seek to the given position. Only supports SEEK_SET. - */ - public function seek($offset, $whence = SEEK_SET): void - { - if (!$this->seekable) { - throw new \RuntimeException('This AppendStream is not seekable'); - } elseif ($whence !== SEEK_SET) { - throw new \RuntimeException('The AppendStream can only seek with SEEK_SET'); - } - - $this->pos = $this->current = 0; - - // Rewind each stream - foreach ($this->streams as $i => $stream) { - try { - $stream->rewind(); - } catch (\Exception $e) { - throw new \RuntimeException('Unable to seek stream ' - . $i . ' of the AppendStream', 0, $e); - } - } - - // Seek to the actual position by reading from each stream - while ($this->pos < $offset && !$this->eof()) { - $result = $this->read(min(8096, $offset - $this->pos)); - if ($result === '') { - break; - } - } - } - - /** - * Reads from all of the appended streams until the length is met or EOF. - */ - public function read($length): string - { - $buffer = ''; - $total = count($this->streams) - 1; - $remaining = $length; - $progressToNext = false; - - while ($remaining > 0) { - // Progress to the next stream if needed. - if ($progressToNext || $this->streams[$this->current]->eof()) { - $progressToNext = false; - if ($this->current === $total) { - break; - } - $this->current++; - } - - $result = $this->streams[$this->current]->read($remaining); - - if ($result === '') { - $progressToNext = true; - continue; - } - - $buffer .= $result; - $remaining = $length - strlen($buffer); - } - - $this->pos += strlen($buffer); - - return $buffer; - } - - public function isReadable(): bool - { - return true; - } - - public function isWritable(): bool - { - return false; - } - - public function isSeekable(): bool - { - return $this->seekable; - } - - public function write($string): int - { - throw new \RuntimeException('Cannot write to an AppendStream'); - } - - /** - * {@inheritdoc} - * - * @return mixed - */ - public function getMetadata($key = null) - { - return $key ? null : []; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/BufferStream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/BufferStream.php deleted file mode 100644 index 21be8c0a..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/BufferStream.php +++ /dev/null @@ -1,149 +0,0 @@ -hwm = $hwm; - } - - public function __toString(): string - { - return $this->getContents(); - } - - public function getContents(): string - { - $buffer = $this->buffer; - $this->buffer = ''; - - return $buffer; - } - - public function close(): void - { - $this->buffer = ''; - } - - public function detach() - { - $this->close(); - - return null; - } - - public function getSize(): ?int - { - return strlen($this->buffer); - } - - public function isReadable(): bool - { - return true; - } - - public function isWritable(): bool - { - return true; - } - - public function isSeekable(): bool - { - return false; - } - - public function rewind(): void - { - $this->seek(0); - } - - public function seek($offset, $whence = SEEK_SET): void - { - throw new \RuntimeException('Cannot seek a BufferStream'); - } - - public function eof(): bool - { - return strlen($this->buffer) === 0; - } - - public function tell(): int - { - throw new \RuntimeException('Cannot determine the position of a BufferStream'); - } - - /** - * Reads data from the buffer. - */ - public function read($length): string - { - $currentLength = strlen($this->buffer); - - if ($length >= $currentLength) { - // No need to slice the buffer because we don't have enough data. - $result = $this->buffer; - $this->buffer = ''; - } else { - // Slice up the result to provide a subset of the buffer. - $result = substr($this->buffer, 0, $length); - $this->buffer = substr($this->buffer, $length); - } - - return $result; - } - - /** - * Writes data to the buffer. - */ - public function write($string): int - { - $this->buffer .= $string; - - if (strlen($this->buffer) >= $this->hwm) { - return 0; - } - - return strlen($string); - } - - /** - * {@inheritdoc} - * - * @return mixed - */ - public function getMetadata($key = null) - { - if ($key === 'hwm') { - return $this->hwm; - } - - return $key ? null : []; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/CachingStream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/CachingStream.php deleted file mode 100644 index f34722cf..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/CachingStream.php +++ /dev/null @@ -1,153 +0,0 @@ -remoteStream = $stream; - $this->stream = $target ?: new Stream(Utils::tryFopen('php://temp', 'r+')); - } - - public function getSize(): ?int - { - $remoteSize = $this->remoteStream->getSize(); - - if (null === $remoteSize) { - return null; - } - - return max($this->stream->getSize(), $remoteSize); - } - - public function rewind(): void - { - $this->seek(0); - } - - public function seek($offset, $whence = SEEK_SET): void - { - if ($whence === SEEK_SET) { - $byte = $offset; - } elseif ($whence === SEEK_CUR) { - $byte = $offset + $this->tell(); - } elseif ($whence === SEEK_END) { - $size = $this->remoteStream->getSize(); - if ($size === null) { - $size = $this->cacheEntireStream(); - } - $byte = $size + $offset; - } else { - throw new \InvalidArgumentException('Invalid whence'); - } - - $diff = $byte - $this->stream->getSize(); - - if ($diff > 0) { - // Read the remoteStream until we have read in at least the amount - // of bytes requested, or we reach the end of the file. - while ($diff > 0 && !$this->remoteStream->eof()) { - $this->read($diff); - $diff = $byte - $this->stream->getSize(); - } - } else { - // We can just do a normal seek since we've already seen this byte. - $this->stream->seek($byte); - } - } - - public function read($length): string - { - // Perform a regular read on any previously read data from the buffer - $data = $this->stream->read($length); - $remaining = $length - strlen($data); - - // More data was requested so read from the remote stream - if ($remaining) { - // If data was written to the buffer in a position that would have - // been filled from the remote stream, then we must skip bytes on - // the remote stream to emulate overwriting bytes from that - // position. This mimics the behavior of other PHP stream wrappers. - $remoteData = $this->remoteStream->read( - $remaining + $this->skipReadBytes - ); - - if ($this->skipReadBytes) { - $len = strlen($remoteData); - $remoteData = substr($remoteData, $this->skipReadBytes); - $this->skipReadBytes = max(0, $this->skipReadBytes - $len); - } - - $data .= $remoteData; - $this->stream->write($remoteData); - } - - return $data; - } - - public function write($string): int - { - // When appending to the end of the currently read stream, you'll want - // to skip bytes from being read from the remote stream to emulate - // other stream wrappers. Basically replacing bytes of data of a fixed - // length. - $overflow = (strlen($string) + $this->tell()) - $this->remoteStream->tell(); - if ($overflow > 0) { - $this->skipReadBytes += $overflow; - } - - return $this->stream->write($string); - } - - public function eof(): bool - { - return $this->stream->eof() && $this->remoteStream->eof(); - } - - /** - * Close both the remote stream and buffer stream - */ - public function close(): void - { - $this->remoteStream->close(); - $this->stream->close(); - } - - private function cacheEntireStream(): int - { - $target = new FnStream(['write' => 'strlen']); - Utils::copyToStream($this, $target); - - return $this->tell(); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/DroppingStream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/DroppingStream.php deleted file mode 100644 index 6e3d209d..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/DroppingStream.php +++ /dev/null @@ -1,49 +0,0 @@ -stream = $stream; - $this->maxLength = $maxLength; - } - - public function write($string): int - { - $diff = $this->maxLength - $this->stream->getSize(); - - // Begin returning 0 when the underlying stream is too large. - if ($diff <= 0) { - return 0; - } - - // Write the stream or a subset of the stream if needed. - if (strlen($string) < $diff) { - return $this->stream->write($string); - } - - return $this->stream->write(substr($string, 0, $diff)); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/FnStream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/FnStream.php deleted file mode 100644 index 3a1a9512..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/FnStream.php +++ /dev/null @@ -1,180 +0,0 @@ - */ - private $methods; - - /** - * @param array $methods Hash of method name to a callable. - */ - public function __construct(array $methods) - { - $this->methods = $methods; - - // Create the functions on the class - foreach ($methods as $name => $fn) { - $this->{'_fn_' . $name} = $fn; - } - } - - /** - * Lazily determine which methods are not implemented. - * - * @throws \BadMethodCallException - */ - public function __get(string $name): void - { - throw new \BadMethodCallException(str_replace('_fn_', '', $name) - . '() is not implemented in the FnStream'); - } - - /** - * The close method is called on the underlying stream only if possible. - */ - public function __destruct() - { - if (isset($this->_fn_close)) { - call_user_func($this->_fn_close); - } - } - - /** - * An unserialize would allow the __destruct to run when the unserialized value goes out of scope. - * - * @throws \LogicException - */ - public function __wakeup(): void - { - throw new \LogicException('FnStream should never be unserialized'); - } - - /** - * Adds custom functionality to an underlying stream by intercepting - * specific method calls. - * - * @param StreamInterface $stream Stream to decorate - * @param array $methods Hash of method name to a closure - * - * @return FnStream - */ - public static function decorate(StreamInterface $stream, array $methods) - { - // If any of the required methods were not provided, then simply - // proxy to the decorated stream. - foreach (array_diff(self::SLOTS, array_keys($methods)) as $diff) { - /** @var callable $callable */ - $callable = [$stream, $diff]; - $methods[$diff] = $callable; - } - - return new self($methods); - } - - public function __toString(): string - { - try { - return call_user_func($this->_fn___toString); - } catch (\Throwable $e) { - if (\PHP_VERSION_ID >= 70400) { - throw $e; - } - trigger_error(sprintf('%s::__toString exception: %s', self::class, (string) $e), E_USER_ERROR); - return ''; - } - } - - public function close(): void - { - call_user_func($this->_fn_close); - } - - public function detach() - { - return call_user_func($this->_fn_detach); - } - - public function getSize(): ?int - { - return call_user_func($this->_fn_getSize); - } - - public function tell(): int - { - return call_user_func($this->_fn_tell); - } - - public function eof(): bool - { - return call_user_func($this->_fn_eof); - } - - public function isSeekable(): bool - { - return call_user_func($this->_fn_isSeekable); - } - - public function rewind(): void - { - call_user_func($this->_fn_rewind); - } - - public function seek($offset, $whence = SEEK_SET): void - { - call_user_func($this->_fn_seek, $offset, $whence); - } - - public function isWritable(): bool - { - return call_user_func($this->_fn_isWritable); - } - - public function write($string): int - { - return call_user_func($this->_fn_write, $string); - } - - public function isReadable(): bool - { - return call_user_func($this->_fn_isReadable); - } - - public function read($length): string - { - return call_user_func($this->_fn_read, $length); - } - - public function getContents(): string - { - return call_user_func($this->_fn_getContents); - } - - /** - * {@inheritdoc} - * - * @return mixed - */ - public function getMetadata($key = null) - { - return call_user_func($this->_fn_getMetadata, $key); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/InflateStream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/InflateStream.php deleted file mode 100644 index 8e00f1c3..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/InflateStream.php +++ /dev/null @@ -1,37 +0,0 @@ - 15 + 32]); - $this->stream = $stream->isSeekable() ? new Stream($resource) : new NoSeekStream(new Stream($resource)); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/LazyOpenStream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/LazyOpenStream.php deleted file mode 100644 index 5618331f..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/LazyOpenStream.php +++ /dev/null @@ -1,41 +0,0 @@ -filename = $filename; - $this->mode = $mode; - } - - /** - * Creates the underlying stream lazily when required. - */ - protected function createStream(): StreamInterface - { - return Utils::streamFor(Utils::tryFopen($this->filename, $this->mode)); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/LimitStream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/LimitStream.php deleted file mode 100644 index fb223255..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/LimitStream.php +++ /dev/null @@ -1,157 +0,0 @@ -stream = $stream; - $this->setLimit($limit); - $this->setOffset($offset); - } - - public function eof(): bool - { - // Always return true if the underlying stream is EOF - if ($this->stream->eof()) { - return true; - } - - // No limit and the underlying stream is not at EOF - if ($this->limit === -1) { - return false; - } - - return $this->stream->tell() >= $this->offset + $this->limit; - } - - /** - * Returns the size of the limited subset of data - */ - public function getSize(): ?int - { - if (null === ($length = $this->stream->getSize())) { - return null; - } elseif ($this->limit === -1) { - return $length - $this->offset; - } else { - return min($this->limit, $length - $this->offset); - } - } - - /** - * Allow for a bounded seek on the read limited stream - */ - public function seek($offset, $whence = SEEK_SET): void - { - if ($whence !== SEEK_SET || $offset < 0) { - throw new \RuntimeException(sprintf( - 'Cannot seek to offset %s with whence %s', - $offset, - $whence - )); - } - - $offset += $this->offset; - - if ($this->limit !== -1) { - if ($offset > $this->offset + $this->limit) { - $offset = $this->offset + $this->limit; - } - } - - $this->stream->seek($offset); - } - - /** - * Give a relative tell() - */ - public function tell(): int - { - return $this->stream->tell() - $this->offset; - } - - /** - * Set the offset to start limiting from - * - * @param int $offset Offset to seek to and begin byte limiting from - * - * @throws \RuntimeException if the stream cannot be seeked. - */ - public function setOffset(int $offset): void - { - $current = $this->stream->tell(); - - if ($current !== $offset) { - // If the stream cannot seek to the offset position, then read to it - if ($this->stream->isSeekable()) { - $this->stream->seek($offset); - } elseif ($current > $offset) { - throw new \RuntimeException("Could not seek to stream offset $offset"); - } else { - $this->stream->read($offset - $current); - } - } - - $this->offset = $offset; - } - - /** - * Set the limit of bytes that the decorator allows to be read from the - * stream. - * - * @param int $limit Number of bytes to allow to be read from the stream. - * Use -1 for no limit. - */ - public function setLimit(int $limit): void - { - $this->limit = $limit; - } - - public function read($length): string - { - if ($this->limit === -1) { - return $this->stream->read($length); - } - - // Check if the current position is less than the total allowed - // bytes + original offset - $remaining = ($this->offset + $this->limit) - $this->stream->tell(); - if ($remaining > 0) { - // Only return the amount of requested data, ensuring that the byte - // limit is not exceeded - return $this->stream->read(min($remaining, $length)); - } - - return ''; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/MessageTrait.php b/plugins/auth/vendor/guzzlehttp/psr7/src/MessageTrait.php deleted file mode 100644 index d2dc28b6..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/MessageTrait.php +++ /dev/null @@ -1,264 +0,0 @@ - Map of all registered headers, as original name => array of values */ - private $headers = []; - - /** @var array Map of lowercase header name => original name at registration */ - private $headerNames = []; - - /** @var string */ - private $protocol = '1.1'; - - /** @var StreamInterface|null */ - private $stream; - - public function getProtocolVersion(): string - { - return $this->protocol; - } - - public function withProtocolVersion($version): MessageInterface - { - if ($this->protocol === $version) { - return $this; - } - - $new = clone $this; - $new->protocol = $version; - return $new; - } - - public function getHeaders(): array - { - return $this->headers; - } - - public function hasHeader($header): bool - { - return isset($this->headerNames[strtolower($header)]); - } - - public function getHeader($header): array - { - $header = strtolower($header); - - if (!isset($this->headerNames[$header])) { - return []; - } - - $header = $this->headerNames[$header]; - - return $this->headers[$header]; - } - - public function getHeaderLine($header): string - { - return implode(', ', $this->getHeader($header)); - } - - public function withHeader($header, $value): MessageInterface - { - $this->assertHeader($header); - $value = $this->normalizeHeaderValue($value); - $normalized = strtolower($header); - - $new = clone $this; - if (isset($new->headerNames[$normalized])) { - unset($new->headers[$new->headerNames[$normalized]]); - } - $new->headerNames[$normalized] = $header; - $new->headers[$header] = $value; - - return $new; - } - - public function withAddedHeader($header, $value): MessageInterface - { - $this->assertHeader($header); - $value = $this->normalizeHeaderValue($value); - $normalized = strtolower($header); - - $new = clone $this; - if (isset($new->headerNames[$normalized])) { - $header = $this->headerNames[$normalized]; - $new->headers[$header] = array_merge($this->headers[$header], $value); - } else { - $new->headerNames[$normalized] = $header; - $new->headers[$header] = $value; - } - - return $new; - } - - public function withoutHeader($header): MessageInterface - { - $normalized = strtolower($header); - - if (!isset($this->headerNames[$normalized])) { - return $this; - } - - $header = $this->headerNames[$normalized]; - - $new = clone $this; - unset($new->headers[$header], $new->headerNames[$normalized]); - - return $new; - } - - public function getBody(): StreamInterface - { - if (!$this->stream) { - $this->stream = Utils::streamFor(''); - } - - return $this->stream; - } - - public function withBody(StreamInterface $body): MessageInterface - { - if ($body === $this->stream) { - return $this; - } - - $new = clone $this; - $new->stream = $body; - return $new; - } - - /** - * @param array $headers - */ - private function setHeaders(array $headers): void - { - $this->headerNames = $this->headers = []; - foreach ($headers as $header => $value) { - // Numeric array keys are converted to int by PHP. - $header = (string) $header; - - $this->assertHeader($header); - $value = $this->normalizeHeaderValue($value); - $normalized = strtolower($header); - if (isset($this->headerNames[$normalized])) { - $header = $this->headerNames[$normalized]; - $this->headers[$header] = array_merge($this->headers[$header], $value); - } else { - $this->headerNames[$normalized] = $header; - $this->headers[$header] = $value; - } - } - } - - /** - * @param mixed $value - * - * @return string[] - */ - private function normalizeHeaderValue($value): array - { - if (!is_array($value)) { - return $this->trimAndValidateHeaderValues([$value]); - } - - if (count($value) === 0) { - throw new \InvalidArgumentException('Header value can not be an empty array.'); - } - - return $this->trimAndValidateHeaderValues($value); - } - - /** - * Trims whitespace from the header values. - * - * Spaces and tabs ought to be excluded by parsers when extracting the field value from a header field. - * - * header-field = field-name ":" OWS field-value OWS - * OWS = *( SP / HTAB ) - * - * @param mixed[] $values Header values - * - * @return string[] Trimmed header values - * - * @see https://tools.ietf.org/html/rfc7230#section-3.2.4 - */ - private function trimAndValidateHeaderValues(array $values): array - { - return array_map(function ($value) { - if (!is_scalar($value) && null !== $value) { - throw new \InvalidArgumentException(sprintf( - 'Header value must be scalar or null but %s provided.', - is_object($value) ? get_class($value) : gettype($value) - )); - } - - $trimmed = trim((string) $value, " \t"); - $this->assertValue($trimmed); - - return $trimmed; - }, array_values($values)); - } - - /** - * @see https://tools.ietf.org/html/rfc7230#section-3.2 - * - * @param mixed $header - */ - private function assertHeader($header): void - { - if (!is_string($header)) { - throw new \InvalidArgumentException(sprintf( - 'Header name must be a string but %s provided.', - is_object($header) ? get_class($header) : gettype($header) - )); - } - - if (! preg_match('/^[a-zA-Z0-9\'`#$%&*+.^_|~!-]+$/', $header)) { - throw new \InvalidArgumentException( - sprintf( - '"%s" is not valid header name', - $header - ) - ); - } - } - - /** - * @see https://tools.ietf.org/html/rfc7230#section-3.2 - * - * field-value = *( field-content / obs-fold ) - * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ] - * field-vchar = VCHAR / obs-text - * VCHAR = %x21-7E - * obs-text = %x80-FF - * obs-fold = CRLF 1*( SP / HTAB ) - */ - private function assertValue(string $value): void - { - // The regular expression intentionally does not support the obs-fold production, because as - // per RFC 7230#3.2.4: - // - // A sender MUST NOT generate a message that includes - // line folding (i.e., that has any field-value that contains a match to - // the obs-fold rule) unless the message is intended for packaging - // within the message/http media type. - // - // Clients must not send a request with line folding and a server sending folded headers is - // likely very rare. Line folding is a fairly obscure feature of HTTP/1.1 and thus not accepting - // folding is not likely to break any legitimate use case. - if (! preg_match('/^[\x20\x09\x21-\x7E\x80-\xFF]*$/', $value)) { - throw new \InvalidArgumentException(sprintf('"%s" is not valid header value', $value)); - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/MultipartStream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/MultipartStream.php deleted file mode 100644 index 3e12b74d..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/MultipartStream.php +++ /dev/null @@ -1,159 +0,0 @@ -boundary = $boundary ?: bin2hex(random_bytes(20)); - $this->stream = $this->createStream($elements); - } - - public function getBoundary(): string - { - return $this->boundary; - } - - public function isWritable(): bool - { - return false; - } - - /** - * Get the headers needed before transferring the content of a POST file - * - * @param array $headers - */ - private function getHeaders(array $headers): string - { - $str = ''; - foreach ($headers as $key => $value) { - $str .= "{$key}: {$value}\r\n"; - } - - return "--{$this->boundary}\r\n" . trim($str) . "\r\n\r\n"; - } - - /** - * Create the aggregate stream that will be used to upload the POST data - */ - protected function createStream(array $elements = []): StreamInterface - { - $stream = new AppendStream(); - - foreach ($elements as $element) { - if (!is_array($element)) { - throw new \UnexpectedValueException("An array is expected"); - } - $this->addElement($stream, $element); - } - - // Add the trailing boundary with CRLF - $stream->addStream(Utils::streamFor("--{$this->boundary}--\r\n")); - - return $stream; - } - - private function addElement(AppendStream $stream, array $element): void - { - foreach (['contents', 'name'] as $key) { - if (!array_key_exists($key, $element)) { - throw new \InvalidArgumentException("A '{$key}' key is required"); - } - } - - $element['contents'] = Utils::streamFor($element['contents']); - - if (empty($element['filename'])) { - $uri = $element['contents']->getMetadata('uri'); - if ($uri && \is_string($uri) && \substr($uri, 0, 6) !== 'php://' && \substr($uri, 0, 7) !== 'data://') { - $element['filename'] = $uri; - } - } - - [$body, $headers] = $this->createElement( - $element['name'], - $element['contents'], - $element['filename'] ?? null, - $element['headers'] ?? [] - ); - - $stream->addStream(Utils::streamFor($this->getHeaders($headers))); - $stream->addStream($body); - $stream->addStream(Utils::streamFor("\r\n")); - } - - private function createElement(string $name, StreamInterface $stream, ?string $filename, array $headers): array - { - // Set a default content-disposition header if one was no provided - $disposition = $this->getHeader($headers, 'content-disposition'); - if (!$disposition) { - $headers['Content-Disposition'] = ($filename === '0' || $filename) - ? sprintf( - 'form-data; name="%s"; filename="%s"', - $name, - basename($filename) - ) - : "form-data; name=\"{$name}\""; - } - - // Set a default content-length header if one was no provided - $length = $this->getHeader($headers, 'content-length'); - if (!$length) { - if ($length = $stream->getSize()) { - $headers['Content-Length'] = (string) $length; - } - } - - // Set a default Content-Type if one was not supplied - $type = $this->getHeader($headers, 'content-type'); - if (!$type && ($filename === '0' || $filename)) { - if ($type = MimeType::fromFilename($filename)) { - $headers['Content-Type'] = $type; - } - } - - return [$stream, $headers]; - } - - private function getHeader(array $headers, string $key) - { - $lowercaseHeader = strtolower($key); - foreach ($headers as $k => $v) { - if (strtolower($k) === $lowercaseHeader) { - return $v; - } - } - - return null; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/NoSeekStream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/NoSeekStream.php deleted file mode 100644 index 161a224f..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/NoSeekStream.php +++ /dev/null @@ -1,28 +0,0 @@ -source = $source; - $this->size = $options['size'] ?? null; - $this->metadata = $options['metadata'] ?? []; - $this->buffer = new BufferStream(); - } - - public function __toString(): string - { - try { - return Utils::copyToString($this); - } catch (\Throwable $e) { - if (\PHP_VERSION_ID >= 70400) { - throw $e; - } - trigger_error(sprintf('%s::__toString exception: %s', self::class, (string) $e), E_USER_ERROR); - return ''; - } - } - - public function close(): void - { - $this->detach(); - } - - public function detach() - { - $this->tellPos = 0; - $this->source = null; - - return null; - } - - public function getSize(): ?int - { - return $this->size; - } - - public function tell(): int - { - return $this->tellPos; - } - - public function eof(): bool - { - return $this->source === null; - } - - public function isSeekable(): bool - { - return false; - } - - public function rewind(): void - { - $this->seek(0); - } - - public function seek($offset, $whence = SEEK_SET): void - { - throw new \RuntimeException('Cannot seek a PumpStream'); - } - - public function isWritable(): bool - { - return false; - } - - public function write($string): int - { - throw new \RuntimeException('Cannot write to a PumpStream'); - } - - public function isReadable(): bool - { - return true; - } - - public function read($length): string - { - $data = $this->buffer->read($length); - $readLen = strlen($data); - $this->tellPos += $readLen; - $remaining = $length - $readLen; - - if ($remaining) { - $this->pump($remaining); - $data .= $this->buffer->read($remaining); - $this->tellPos += strlen($data) - $readLen; - } - - return $data; - } - - public function getContents(): string - { - $result = ''; - while (!$this->eof()) { - $result .= $this->read(1000000); - } - - return $result; - } - - /** - * {@inheritdoc} - * - * @return mixed - */ - public function getMetadata($key = null) - { - if (!$key) { - return $this->metadata; - } - - return $this->metadata[$key] ?? null; - } - - private function pump(int $length): void - { - if ($this->source) { - do { - $data = call_user_func($this->source, $length); - if ($data === false || $data === null) { - $this->source = null; - return; - } - $this->buffer->write($data); - $length -= strlen($data); - } while ($length > 0); - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/Request.php b/plugins/auth/vendor/guzzlehttp/psr7/src/Request.php deleted file mode 100644 index b17af66a..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/Request.php +++ /dev/null @@ -1,157 +0,0 @@ - $headers Request headers - * @param string|resource|StreamInterface|null $body Request body - * @param string $version Protocol version - */ - public function __construct( - string $method, - $uri, - array $headers = [], - $body = null, - string $version = '1.1' - ) { - $this->assertMethod($method); - if (!($uri instanceof UriInterface)) { - $uri = new Uri($uri); - } - - $this->method = strtoupper($method); - $this->uri = $uri; - $this->setHeaders($headers); - $this->protocol = $version; - - if (!isset($this->headerNames['host'])) { - $this->updateHostFromUri(); - } - - if ($body !== '' && $body !== null) { - $this->stream = Utils::streamFor($body); - } - } - - public function getRequestTarget(): string - { - if ($this->requestTarget !== null) { - return $this->requestTarget; - } - - $target = $this->uri->getPath(); - if ($target === '') { - $target = '/'; - } - if ($this->uri->getQuery() != '') { - $target .= '?' . $this->uri->getQuery(); - } - - return $target; - } - - public function withRequestTarget($requestTarget): RequestInterface - { - if (preg_match('#\s#', $requestTarget)) { - throw new InvalidArgumentException( - 'Invalid request target provided; cannot contain whitespace' - ); - } - - $new = clone $this; - $new->requestTarget = $requestTarget; - return $new; - } - - public function getMethod(): string - { - return $this->method; - } - - public function withMethod($method): RequestInterface - { - $this->assertMethod($method); - $new = clone $this; - $new->method = strtoupper($method); - return $new; - } - - public function getUri(): UriInterface - { - return $this->uri; - } - - public function withUri(UriInterface $uri, $preserveHost = false): RequestInterface - { - if ($uri === $this->uri) { - return $this; - } - - $new = clone $this; - $new->uri = $uri; - - if (!$preserveHost || !isset($this->headerNames['host'])) { - $new->updateHostFromUri(); - } - - return $new; - } - - private function updateHostFromUri(): void - { - $host = $this->uri->getHost(); - - if ($host == '') { - return; - } - - if (($port = $this->uri->getPort()) !== null) { - $host .= ':' . $port; - } - - if (isset($this->headerNames['host'])) { - $header = $this->headerNames['host']; - } else { - $header = 'Host'; - $this->headerNames['host'] = 'Host'; - } - // Ensure Host is the first header. - // See: http://tools.ietf.org/html/rfc7230#section-5.4 - $this->headers = [$header => [$host]] + $this->headers; - } - - /** - * @param mixed $method - */ - private function assertMethod($method): void - { - if (!is_string($method) || $method === '') { - throw new InvalidArgumentException('Method must be a non-empty string.'); - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/Response.php b/plugins/auth/vendor/guzzlehttp/psr7/src/Response.php deleted file mode 100644 index 4c6ee6f0..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/Response.php +++ /dev/null @@ -1,160 +0,0 @@ - 'Continue', - 101 => 'Switching Protocols', - 102 => 'Processing', - 200 => 'OK', - 201 => 'Created', - 202 => 'Accepted', - 203 => 'Non-Authoritative Information', - 204 => 'No Content', - 205 => 'Reset Content', - 206 => 'Partial Content', - 207 => 'Multi-status', - 208 => 'Already Reported', - 300 => 'Multiple Choices', - 301 => 'Moved Permanently', - 302 => 'Found', - 303 => 'See Other', - 304 => 'Not Modified', - 305 => 'Use Proxy', - 306 => 'Switch Proxy', - 307 => 'Temporary Redirect', - 308 => 'Permanent Redirect', - 400 => 'Bad Request', - 401 => 'Unauthorized', - 402 => 'Payment Required', - 403 => 'Forbidden', - 404 => 'Not Found', - 405 => 'Method Not Allowed', - 406 => 'Not Acceptable', - 407 => 'Proxy Authentication Required', - 408 => 'Request Time-out', - 409 => 'Conflict', - 410 => 'Gone', - 411 => 'Length Required', - 412 => 'Precondition Failed', - 413 => 'Request Entity Too Large', - 414 => 'Request-URI Too Large', - 415 => 'Unsupported Media Type', - 416 => 'Requested range not satisfiable', - 417 => 'Expectation Failed', - 418 => 'I\'m a teapot', - 422 => 'Unprocessable Entity', - 423 => 'Locked', - 424 => 'Failed Dependency', - 425 => 'Unordered Collection', - 426 => 'Upgrade Required', - 428 => 'Precondition Required', - 429 => 'Too Many Requests', - 431 => 'Request Header Fields Too Large', - 451 => 'Unavailable For Legal Reasons', - 500 => 'Internal Server Error', - 501 => 'Not Implemented', - 502 => 'Bad Gateway', - 503 => 'Service Unavailable', - 504 => 'Gateway Time-out', - 505 => 'HTTP Version not supported', - 506 => 'Variant Also Negotiates', - 507 => 'Insufficient Storage', - 508 => 'Loop Detected', - 510 => 'Not Extended', - 511 => 'Network Authentication Required', - ]; - - /** @var string */ - private $reasonPhrase; - - /** @var int */ - private $statusCode; - - /** - * @param int $status Status code - * @param array $headers Response headers - * @param string|resource|StreamInterface|null $body Response body - * @param string $version Protocol version - * @param string|null $reason Reason phrase (when empty a default will be used based on the status code) - */ - public function __construct( - int $status = 200, - array $headers = [], - $body = null, - string $version = '1.1', - string $reason = null - ) { - $this->assertStatusCodeRange($status); - - $this->statusCode = $status; - - if ($body !== '' && $body !== null) { - $this->stream = Utils::streamFor($body); - } - - $this->setHeaders($headers); - if ($reason == '' && isset(self::PHRASES[$this->statusCode])) { - $this->reasonPhrase = self::PHRASES[$this->statusCode]; - } else { - $this->reasonPhrase = (string) $reason; - } - - $this->protocol = $version; - } - - public function getStatusCode(): int - { - return $this->statusCode; - } - - public function getReasonPhrase(): string - { - return $this->reasonPhrase; - } - - public function withStatus($code, $reasonPhrase = ''): ResponseInterface - { - $this->assertStatusCodeIsInteger($code); - $code = (int) $code; - $this->assertStatusCodeRange($code); - - $new = clone $this; - $new->statusCode = $code; - if ($reasonPhrase == '' && isset(self::PHRASES[$new->statusCode])) { - $reasonPhrase = self::PHRASES[$new->statusCode]; - } - $new->reasonPhrase = (string) $reasonPhrase; - return $new; - } - - /** - * @param mixed $statusCode - */ - private function assertStatusCodeIsInteger($statusCode): void - { - if (filter_var($statusCode, FILTER_VALIDATE_INT) === false) { - throw new \InvalidArgumentException('Status code must be an integer value.'); - } - } - - private function assertStatusCodeRange(int $statusCode): void - { - if ($statusCode < 100 || $statusCode >= 600) { - throw new \InvalidArgumentException('Status code must be an integer value between 1xx and 5xx.'); - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/Rfc7230.php b/plugins/auth/vendor/guzzlehttp/psr7/src/Rfc7230.php deleted file mode 100644 index 30224018..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/Rfc7230.php +++ /dev/null @@ -1,23 +0,0 @@ -@,;:\\\"/[\]?={}\x01-\x20\x7F]++):[ \t]*+((?:[ \t]*+[\x21-\x7E\x80-\xFF]++)*+)[ \t]*+\r?\n)m"; - public const HEADER_FOLD_REGEX = "(\r?\n[ \t]++)"; -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/ServerRequest.php b/plugins/auth/vendor/guzzlehttp/psr7/src/ServerRequest.php deleted file mode 100644 index 43cbb502..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/ServerRequest.php +++ /dev/null @@ -1,344 +0,0 @@ - $headers Request headers - * @param string|resource|StreamInterface|null $body Request body - * @param string $version Protocol version - * @param array $serverParams Typically the $_SERVER superglobal - */ - public function __construct( - string $method, - $uri, - array $headers = [], - $body = null, - string $version = '1.1', - array $serverParams = [] - ) { - $this->serverParams = $serverParams; - - parent::__construct($method, $uri, $headers, $body, $version); - } - - /** - * Return an UploadedFile instance array. - * - * @param array $files An array which respect $_FILES structure - * - * @throws InvalidArgumentException for unrecognized values - */ - public static function normalizeFiles(array $files): array - { - $normalized = []; - - foreach ($files as $key => $value) { - if ($value instanceof UploadedFileInterface) { - $normalized[$key] = $value; - } elseif (is_array($value) && isset($value['tmp_name'])) { - $normalized[$key] = self::createUploadedFileFromSpec($value); - } elseif (is_array($value)) { - $normalized[$key] = self::normalizeFiles($value); - continue; - } else { - throw new InvalidArgumentException('Invalid value in files specification'); - } - } - - return $normalized; - } - - /** - * Create and return an UploadedFile instance from a $_FILES specification. - * - * If the specification represents an array of values, this method will - * delegate to normalizeNestedFileSpec() and return that return value. - * - * @param array $value $_FILES struct - * - * @return UploadedFileInterface|UploadedFileInterface[] - */ - private static function createUploadedFileFromSpec(array $value) - { - if (is_array($value['tmp_name'])) { - return self::normalizeNestedFileSpec($value); - } - - return new UploadedFile( - $value['tmp_name'], - (int) $value['size'], - (int) $value['error'], - $value['name'], - $value['type'] - ); - } - - /** - * Normalize an array of file specifications. - * - * Loops through all nested files and returns a normalized array of - * UploadedFileInterface instances. - * - * @return UploadedFileInterface[] - */ - private static function normalizeNestedFileSpec(array $files = []): array - { - $normalizedFiles = []; - - foreach (array_keys($files['tmp_name']) as $key) { - $spec = [ - 'tmp_name' => $files['tmp_name'][$key], - 'size' => $files['size'][$key], - 'error' => $files['error'][$key], - 'name' => $files['name'][$key], - 'type' => $files['type'][$key], - ]; - $normalizedFiles[$key] = self::createUploadedFileFromSpec($spec); - } - - return $normalizedFiles; - } - - /** - * Return a ServerRequest populated with superglobals: - * $_GET - * $_POST - * $_COOKIE - * $_FILES - * $_SERVER - */ - public static function fromGlobals(): ServerRequestInterface - { - $method = $_SERVER['REQUEST_METHOD'] ?? 'GET'; - $headers = getallheaders(); - $uri = self::getUriFromGlobals(); - $body = new CachingStream(new LazyOpenStream('php://input', 'r+')); - $protocol = isset($_SERVER['SERVER_PROTOCOL']) ? str_replace('HTTP/', '', $_SERVER['SERVER_PROTOCOL']) : '1.1'; - - $serverRequest = new ServerRequest($method, $uri, $headers, $body, $protocol, $_SERVER); - - return $serverRequest - ->withCookieParams($_COOKIE) - ->withQueryParams($_GET) - ->withParsedBody($_POST) - ->withUploadedFiles(self::normalizeFiles($_FILES)); - } - - private static function extractHostAndPortFromAuthority(string $authority): array - { - $uri = 'http://' . $authority; - $parts = parse_url($uri); - if (false === $parts) { - return [null, null]; - } - - $host = $parts['host'] ?? null; - $port = $parts['port'] ?? null; - - return [$host, $port]; - } - - /** - * Get a Uri populated with values from $_SERVER. - */ - public static function getUriFromGlobals(): UriInterface - { - $uri = new Uri(''); - - $uri = $uri->withScheme(!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' ? 'https' : 'http'); - - $hasPort = false; - if (isset($_SERVER['HTTP_HOST'])) { - [$host, $port] = self::extractHostAndPortFromAuthority($_SERVER['HTTP_HOST']); - if ($host !== null) { - $uri = $uri->withHost($host); - } - - if ($port !== null) { - $hasPort = true; - $uri = $uri->withPort($port); - } - } elseif (isset($_SERVER['SERVER_NAME'])) { - $uri = $uri->withHost($_SERVER['SERVER_NAME']); - } elseif (isset($_SERVER['SERVER_ADDR'])) { - $uri = $uri->withHost($_SERVER['SERVER_ADDR']); - } - - if (!$hasPort && isset($_SERVER['SERVER_PORT'])) { - $uri = $uri->withPort($_SERVER['SERVER_PORT']); - } - - $hasQuery = false; - if (isset($_SERVER['REQUEST_URI'])) { - $requestUriParts = explode('?', $_SERVER['REQUEST_URI'], 2); - $uri = $uri->withPath($requestUriParts[0]); - if (isset($requestUriParts[1])) { - $hasQuery = true; - $uri = $uri->withQuery($requestUriParts[1]); - } - } - - if (!$hasQuery && isset($_SERVER['QUERY_STRING'])) { - $uri = $uri->withQuery($_SERVER['QUERY_STRING']); - } - - return $uri; - } - - public function getServerParams(): array - { - return $this->serverParams; - } - - public function getUploadedFiles(): array - { - return $this->uploadedFiles; - } - - public function withUploadedFiles(array $uploadedFiles): ServerRequestInterface - { - $new = clone $this; - $new->uploadedFiles = $uploadedFiles; - - return $new; - } - - public function getCookieParams(): array - { - return $this->cookieParams; - } - - public function withCookieParams(array $cookies): ServerRequestInterface - { - $new = clone $this; - $new->cookieParams = $cookies; - - return $new; - } - - public function getQueryParams(): array - { - return $this->queryParams; - } - - public function withQueryParams(array $query): ServerRequestInterface - { - $new = clone $this; - $new->queryParams = $query; - - return $new; - } - - /** - * {@inheritdoc} - * - * @return array|object|null - */ - public function getParsedBody() - { - return $this->parsedBody; - } - - public function withParsedBody($data): ServerRequestInterface - { - $new = clone $this; - $new->parsedBody = $data; - - return $new; - } - - public function getAttributes(): array - { - return $this->attributes; - } - - /** - * {@inheritdoc} - * - * @return mixed - */ - public function getAttribute($attribute, $default = null) - { - if (false === array_key_exists($attribute, $this->attributes)) { - return $default; - } - - return $this->attributes[$attribute]; - } - - public function withAttribute($attribute, $value): ServerRequestInterface - { - $new = clone $this; - $new->attributes[$attribute] = $value; - - return $new; - } - - public function withoutAttribute($attribute): ServerRequestInterface - { - if (false === array_key_exists($attribute, $this->attributes)) { - return $this; - } - - $new = clone $this; - unset($new->attributes[$attribute]); - - return $new; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/Stream.php b/plugins/auth/vendor/guzzlehttp/psr7/src/Stream.php deleted file mode 100644 index ecd31861..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/Stream.php +++ /dev/null @@ -1,282 +0,0 @@ -size = $options['size']; - } - - $this->customMetadata = $options['metadata'] ?? []; - $this->stream = $stream; - $meta = stream_get_meta_data($this->stream); - $this->seekable = $meta['seekable']; - $this->readable = (bool)preg_match(self::READABLE_MODES, $meta['mode']); - $this->writable = (bool)preg_match(self::WRITABLE_MODES, $meta['mode']); - $this->uri = $this->getMetadata('uri'); - } - - /** - * Closes the stream when the destructed - */ - public function __destruct() - { - $this->close(); - } - - public function __toString(): string - { - try { - if ($this->isSeekable()) { - $this->seek(0); - } - return $this->getContents(); - } catch (\Throwable $e) { - if (\PHP_VERSION_ID >= 70400) { - throw $e; - } - trigger_error(sprintf('%s::__toString exception: %s', self::class, (string) $e), E_USER_ERROR); - return ''; - } - } - - public function getContents(): string - { - if (!isset($this->stream)) { - throw new \RuntimeException('Stream is detached'); - } - - if (!$this->readable) { - throw new \RuntimeException('Cannot read from non-readable stream'); - } - - return Utils::tryGetContents($this->stream); - } - - public function close(): void - { - if (isset($this->stream)) { - if (is_resource($this->stream)) { - fclose($this->stream); - } - $this->detach(); - } - } - - public function detach() - { - if (!isset($this->stream)) { - return null; - } - - $result = $this->stream; - unset($this->stream); - $this->size = $this->uri = null; - $this->readable = $this->writable = $this->seekable = false; - - return $result; - } - - public function getSize(): ?int - { - if ($this->size !== null) { - return $this->size; - } - - if (!isset($this->stream)) { - return null; - } - - // Clear the stat cache if the stream has a URI - if ($this->uri) { - clearstatcache(true, $this->uri); - } - - $stats = fstat($this->stream); - if (is_array($stats) && isset($stats['size'])) { - $this->size = $stats['size']; - return $this->size; - } - - return null; - } - - public function isReadable(): bool - { - return $this->readable; - } - - public function isWritable(): bool - { - return $this->writable; - } - - public function isSeekable(): bool - { - return $this->seekable; - } - - public function eof(): bool - { - if (!isset($this->stream)) { - throw new \RuntimeException('Stream is detached'); - } - - return feof($this->stream); - } - - public function tell(): int - { - if (!isset($this->stream)) { - throw new \RuntimeException('Stream is detached'); - } - - $result = ftell($this->stream); - - if ($result === false) { - throw new \RuntimeException('Unable to determine stream position'); - } - - return $result; - } - - public function rewind(): void - { - $this->seek(0); - } - - public function seek($offset, $whence = SEEK_SET): void - { - $whence = (int) $whence; - - if (!isset($this->stream)) { - throw new \RuntimeException('Stream is detached'); - } - if (!$this->seekable) { - throw new \RuntimeException('Stream is not seekable'); - } - if (fseek($this->stream, $offset, $whence) === -1) { - throw new \RuntimeException('Unable to seek to stream position ' - . $offset . ' with whence ' . var_export($whence, true)); - } - } - - public function read($length): string - { - if (!isset($this->stream)) { - throw new \RuntimeException('Stream is detached'); - } - if (!$this->readable) { - throw new \RuntimeException('Cannot read from non-readable stream'); - } - if ($length < 0) { - throw new \RuntimeException('Length parameter cannot be negative'); - } - - if (0 === $length) { - return ''; - } - - try { - $string = fread($this->stream, $length); - } catch (\Exception $e) { - throw new \RuntimeException('Unable to read from stream', 0, $e); - } - - if (false === $string) { - throw new \RuntimeException('Unable to read from stream'); - } - - return $string; - } - - public function write($string): int - { - if (!isset($this->stream)) { - throw new \RuntimeException('Stream is detached'); - } - if (!$this->writable) { - throw new \RuntimeException('Cannot write to a non-writable stream'); - } - - // We can't know the size after writing anything - $this->size = null; - $result = fwrite($this->stream, $string); - - if ($result === false) { - throw new \RuntimeException('Unable to write to stream'); - } - - return $result; - } - - /** - * {@inheritdoc} - * - * @return mixed - */ - public function getMetadata($key = null) - { - if (!isset($this->stream)) { - return $key ? null : []; - } elseif (!$key) { - return $this->customMetadata + stream_get_meta_data($this->stream); - } elseif (isset($this->customMetadata[$key])) { - return $this->customMetadata[$key]; - } - - $meta = stream_get_meta_data($this->stream); - - return $meta[$key] ?? null; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/StreamDecoratorTrait.php b/plugins/auth/vendor/guzzlehttp/psr7/src/StreamDecoratorTrait.php deleted file mode 100644 index 56d4104d..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/StreamDecoratorTrait.php +++ /dev/null @@ -1,155 +0,0 @@ -stream = $stream; - } - - /** - * Magic method used to create a new stream if streams are not added in - * the constructor of a decorator (e.g., LazyOpenStream). - * - * @return StreamInterface - */ - public function __get(string $name) - { - if ($name === 'stream') { - $this->stream = $this->createStream(); - return $this->stream; - } - - throw new \UnexpectedValueException("$name not found on class"); - } - - public function __toString(): string - { - try { - if ($this->isSeekable()) { - $this->seek(0); - } - return $this->getContents(); - } catch (\Throwable $e) { - if (\PHP_VERSION_ID >= 70400) { - throw $e; - } - trigger_error(sprintf('%s::__toString exception: %s', self::class, (string) $e), E_USER_ERROR); - return ''; - } - } - - public function getContents(): string - { - return Utils::copyToString($this); - } - - /** - * Allow decorators to implement custom methods - * - * @return mixed - */ - public function __call(string $method, array $args) - { - /** @var callable $callable */ - $callable = [$this->stream, $method]; - $result = call_user_func_array($callable, $args); - - // Always return the wrapped object if the result is a return $this - return $result === $this->stream ? $this : $result; - } - - public function close(): void - { - $this->stream->close(); - } - - /** - * {@inheritdoc} - * - * @return mixed - */ - public function getMetadata($key = null) - { - return $this->stream->getMetadata($key); - } - - public function detach() - { - return $this->stream->detach(); - } - - public function getSize(): ?int - { - return $this->stream->getSize(); - } - - public function eof(): bool - { - return $this->stream->eof(); - } - - public function tell(): int - { - return $this->stream->tell(); - } - - public function isReadable(): bool - { - return $this->stream->isReadable(); - } - - public function isWritable(): bool - { - return $this->stream->isWritable(); - } - - public function isSeekable(): bool - { - return $this->stream->isSeekable(); - } - - public function rewind(): void - { - $this->seek(0); - } - - public function seek($offset, $whence = SEEK_SET): void - { - $this->stream->seek($offset, $whence); - } - - public function read($length): string - { - return $this->stream->read($length); - } - - public function write($string): int - { - return $this->stream->write($string); - } - - /** - * Implement in subclasses to dynamically create streams when requested. - * - * @throws \BadMethodCallException - */ - protected function createStream(): StreamInterface - { - throw new \BadMethodCallException('Not implemented'); - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/StreamWrapper.php b/plugins/auth/vendor/guzzlehttp/psr7/src/StreamWrapper.php deleted file mode 100644 index 2a934640..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/StreamWrapper.php +++ /dev/null @@ -1,175 +0,0 @@ -isReadable()) { - $mode = $stream->isWritable() ? 'r+' : 'r'; - } elseif ($stream->isWritable()) { - $mode = 'w'; - } else { - throw new \InvalidArgumentException('The stream must be readable, ' - . 'writable, or both.'); - } - - return fopen('guzzle://stream', $mode, false, self::createStreamContext($stream)); - } - - /** - * Creates a stream context that can be used to open a stream as a php stream resource. - * - * @return resource - */ - public static function createStreamContext(StreamInterface $stream) - { - return stream_context_create([ - 'guzzle' => ['stream' => $stream] - ]); - } - - /** - * Registers the stream wrapper if needed - */ - public static function register(): void - { - if (!in_array('guzzle', stream_get_wrappers())) { - stream_wrapper_register('guzzle', __CLASS__); - } - } - - public function stream_open(string $path, string $mode, int $options, string &$opened_path = null): bool - { - $options = stream_context_get_options($this->context); - - if (!isset($options['guzzle']['stream'])) { - return false; - } - - $this->mode = $mode; - $this->stream = $options['guzzle']['stream']; - - return true; - } - - public function stream_read(int $count): string - { - return $this->stream->read($count); - } - - public function stream_write(string $data): int - { - return $this->stream->write($data); - } - - public function stream_tell(): int - { - return $this->stream->tell(); - } - - public function stream_eof(): bool - { - return $this->stream->eof(); - } - - public function stream_seek(int $offset, int $whence): bool - { - $this->stream->seek($offset, $whence); - - return true; - } - - /** - * @return resource|false - */ - public function stream_cast(int $cast_as) - { - $stream = clone($this->stream); - $resource = $stream->detach(); - - return $resource ?? false; - } - - /** - * @return array - */ - public function stream_stat(): array - { - static $modeMap = [ - 'r' => 33060, - 'rb' => 33060, - 'r+' => 33206, - 'w' => 33188, - 'wb' => 33188 - ]; - - return [ - 'dev' => 0, - 'ino' => 0, - 'mode' => $modeMap[$this->mode], - 'nlink' => 0, - 'uid' => 0, - 'gid' => 0, - 'rdev' => 0, - 'size' => $this->stream->getSize() ?: 0, - 'atime' => 0, - 'mtime' => 0, - 'ctime' => 0, - 'blksize' => 0, - 'blocks' => 0 - ]; - } - - /** - * @return array - */ - public function url_stat(string $path, int $flags): array - { - return [ - 'dev' => 0, - 'ino' => 0, - 'mode' => 0, - 'nlink' => 0, - 'uid' => 0, - 'gid' => 0, - 'rdev' => 0, - 'size' => 0, - 'atime' => 0, - 'mtime' => 0, - 'ctime' => 0, - 'blksize' => 0, - 'blocks' => 0 - ]; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/UploadedFile.php b/plugins/auth/vendor/guzzlehttp/psr7/src/UploadedFile.php deleted file mode 100644 index b1521bcf..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/UploadedFile.php +++ /dev/null @@ -1,211 +0,0 @@ -setError($errorStatus); - $this->size = $size; - $this->clientFilename = $clientFilename; - $this->clientMediaType = $clientMediaType; - - if ($this->isOk()) { - $this->setStreamOrFile($streamOrFile); - } - } - - /** - * Depending on the value set file or stream variable - * - * @param StreamInterface|string|resource $streamOrFile - * - * @throws InvalidArgumentException - */ - private function setStreamOrFile($streamOrFile): void - { - if (is_string($streamOrFile)) { - $this->file = $streamOrFile; - } elseif (is_resource($streamOrFile)) { - $this->stream = new Stream($streamOrFile); - } elseif ($streamOrFile instanceof StreamInterface) { - $this->stream = $streamOrFile; - } else { - throw new InvalidArgumentException( - 'Invalid stream or file provided for UploadedFile' - ); - } - } - - /** - * @throws InvalidArgumentException - */ - private function setError(int $error): void - { - if (false === in_array($error, UploadedFile::ERRORS, true)) { - throw new InvalidArgumentException( - 'Invalid error status for UploadedFile' - ); - } - - $this->error = $error; - } - - private function isStringNotEmpty($param): bool - { - return is_string($param) && false === empty($param); - } - - /** - * Return true if there is no upload error - */ - private function isOk(): bool - { - return $this->error === UPLOAD_ERR_OK; - } - - public function isMoved(): bool - { - return $this->moved; - } - - /** - * @throws RuntimeException if is moved or not ok - */ - private function validateActive(): void - { - if (false === $this->isOk()) { - throw new RuntimeException('Cannot retrieve stream due to upload error'); - } - - if ($this->isMoved()) { - throw new RuntimeException('Cannot retrieve stream after it has already been moved'); - } - } - - public function getStream(): StreamInterface - { - $this->validateActive(); - - if ($this->stream instanceof StreamInterface) { - return $this->stream; - } - - /** @var string $file */ - $file = $this->file; - - return new LazyOpenStream($file, 'r+'); - } - - public function moveTo($targetPath): void - { - $this->validateActive(); - - if (false === $this->isStringNotEmpty($targetPath)) { - throw new InvalidArgumentException( - 'Invalid path provided for move operation; must be a non-empty string' - ); - } - - if ($this->file) { - $this->moved = PHP_SAPI === 'cli' - ? rename($this->file, $targetPath) - : move_uploaded_file($this->file, $targetPath); - } else { - Utils::copyToStream( - $this->getStream(), - new LazyOpenStream($targetPath, 'w') - ); - - $this->moved = true; - } - - if (false === $this->moved) { - throw new RuntimeException( - sprintf('Uploaded file could not be moved to %s', $targetPath) - ); - } - } - - public function getSize(): ?int - { - return $this->size; - } - - public function getError(): int - { - return $this->error; - } - - public function getClientFilename(): ?string - { - return $this->clientFilename; - } - - public function getClientMediaType(): ?string - { - return $this->clientMediaType; - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/Uri.php b/plugins/auth/vendor/guzzlehttp/psr7/src/Uri.php deleted file mode 100644 index 09e878d3..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/Uri.php +++ /dev/null @@ -1,740 +0,0 @@ - 80, - 'https' => 443, - 'ftp' => 21, - 'gopher' => 70, - 'nntp' => 119, - 'news' => 119, - 'telnet' => 23, - 'tn3270' => 23, - 'imap' => 143, - 'pop' => 110, - 'ldap' => 389, - ]; - - /** - * Unreserved characters for use in a regex. - * - * @link https://tools.ietf.org/html/rfc3986#section-2.3 - */ - private const CHAR_UNRESERVED = 'a-zA-Z0-9_\-\.~'; - - /** - * Sub-delims for use in a regex. - * - * @link https://tools.ietf.org/html/rfc3986#section-2.2 - */ - private const CHAR_SUB_DELIMS = '!\$&\'\(\)\*\+,;='; - private const QUERY_SEPARATORS_REPLACEMENT = ['=' => '%3D', '&' => '%26']; - - /** @var string Uri scheme. */ - private $scheme = ''; - - /** @var string Uri user info. */ - private $userInfo = ''; - - /** @var string Uri host. */ - private $host = ''; - - /** @var int|null Uri port. */ - private $port; - - /** @var string Uri path. */ - private $path = ''; - - /** @var string Uri query string. */ - private $query = ''; - - /** @var string Uri fragment. */ - private $fragment = ''; - - /** @var string|null String representation */ - private $composedComponents; - - public function __construct(string $uri = '') - { - if ($uri !== '') { - $parts = self::parse($uri); - if ($parts === false) { - throw new MalformedUriException("Unable to parse URI: $uri"); - } - $this->applyParts($parts); - } - } - /** - * UTF-8 aware \parse_url() replacement. - * - * The internal function produces broken output for non ASCII domain names - * (IDN) when used with locales other than "C". - * - * On the other hand, cURL understands IDN correctly only when UTF-8 locale - * is configured ("C.UTF-8", "en_US.UTF-8", etc.). - * - * @see https://bugs.php.net/bug.php?id=52923 - * @see https://www.php.net/manual/en/function.parse-url.php#114817 - * @see https://curl.haxx.se/libcurl/c/CURLOPT_URL.html#ENCODING - * - * @return array|false - */ - private static function parse(string $url) - { - // If IPv6 - $prefix = ''; - if (preg_match('%^(.*://\[[0-9:a-f]+\])(.*?)$%', $url, $matches)) { - /** @var array{0:string, 1:string, 2:string} $matches */ - $prefix = $matches[1]; - $url = $matches[2]; - } - - /** @var string */ - $encodedUrl = preg_replace_callback( - '%[^:/@?&=#]+%usD', - static function ($matches) { - return urlencode($matches[0]); - }, - $url - ); - - $result = parse_url($prefix . $encodedUrl); - - if ($result === false) { - return false; - } - - return array_map('urldecode', $result); - } - - public function __toString(): string - { - if ($this->composedComponents === null) { - $this->composedComponents = self::composeComponents( - $this->scheme, - $this->getAuthority(), - $this->path, - $this->query, - $this->fragment - ); - } - - return $this->composedComponents; - } - - /** - * Composes a URI reference string from its various components. - * - * Usually this method does not need to be called manually but instead is used indirectly via - * `Psr\Http\Message\UriInterface::__toString`. - * - * PSR-7 UriInterface treats an empty component the same as a missing component as - * getQuery(), getFragment() etc. always return a string. This explains the slight - * difference to RFC 3986 Section 5.3. - * - * Another adjustment is that the authority separator is added even when the authority is missing/empty - * for the "file" scheme. This is because PHP stream functions like `file_get_contents` only work with - * `file:///myfile` but not with `file:/myfile` although they are equivalent according to RFC 3986. But - * `file:///` is the more common syntax for the file scheme anyway (Chrome for example redirects to - * that format). - * - * @link https://tools.ietf.org/html/rfc3986#section-5.3 - */ - public static function composeComponents(?string $scheme, ?string $authority, string $path, ?string $query, ?string $fragment): string - { - $uri = ''; - - // weak type checks to also accept null until we can add scalar type hints - if ($scheme != '') { - $uri .= $scheme . ':'; - } - - if ($authority != '' || $scheme === 'file') { - $uri .= '//' . $authority; - } - - if ($authority != '' && $path != '' && $path[0] != '/') { - $path = '/' . $path; - } - - $uri .= $path; - - if ($query != '') { - $uri .= '?' . $query; - } - - if ($fragment != '') { - $uri .= '#' . $fragment; - } - - return $uri; - } - - /** - * Whether the URI has the default port of the current scheme. - * - * `Psr\Http\Message\UriInterface::getPort` may return null or the standard port. This method can be used - * independently of the implementation. - */ - public static function isDefaultPort(UriInterface $uri): bool - { - return $uri->getPort() === null - || (isset(self::DEFAULT_PORTS[$uri->getScheme()]) && $uri->getPort() === self::DEFAULT_PORTS[$uri->getScheme()]); - } - - /** - * Whether the URI is absolute, i.e. it has a scheme. - * - * An instance of UriInterface can either be an absolute URI or a relative reference. This method returns true - * if it is the former. An absolute URI has a scheme. A relative reference is used to express a URI relative - * to another URI, the base URI. Relative references can be divided into several forms: - * - network-path references, e.g. '//example.com/path' - * - absolute-path references, e.g. '/path' - * - relative-path references, e.g. 'subpath' - * - * @see Uri::isNetworkPathReference - * @see Uri::isAbsolutePathReference - * @see Uri::isRelativePathReference - * @link https://tools.ietf.org/html/rfc3986#section-4 - */ - public static function isAbsolute(UriInterface $uri): bool - { - return $uri->getScheme() !== ''; - } - - /** - * Whether the URI is a network-path reference. - * - * A relative reference that begins with two slash characters is termed an network-path reference. - * - * @link https://tools.ietf.org/html/rfc3986#section-4.2 - */ - public static function isNetworkPathReference(UriInterface $uri): bool - { - return $uri->getScheme() === '' && $uri->getAuthority() !== ''; - } - - /** - * Whether the URI is a absolute-path reference. - * - * A relative reference that begins with a single slash character is termed an absolute-path reference. - * - * @link https://tools.ietf.org/html/rfc3986#section-4.2 - */ - public static function isAbsolutePathReference(UriInterface $uri): bool - { - return $uri->getScheme() === '' - && $uri->getAuthority() === '' - && isset($uri->getPath()[0]) - && $uri->getPath()[0] === '/'; - } - - /** - * Whether the URI is a relative-path reference. - * - * A relative reference that does not begin with a slash character is termed a relative-path reference. - * - * @link https://tools.ietf.org/html/rfc3986#section-4.2 - */ - public static function isRelativePathReference(UriInterface $uri): bool - { - return $uri->getScheme() === '' - && $uri->getAuthority() === '' - && (!isset($uri->getPath()[0]) || $uri->getPath()[0] !== '/'); - } - - /** - * Whether the URI is a same-document reference. - * - * A same-document reference refers to a URI that is, aside from its fragment - * component, identical to the base URI. When no base URI is given, only an empty - * URI reference (apart from its fragment) is considered a same-document reference. - * - * @param UriInterface $uri The URI to check - * @param UriInterface|null $base An optional base URI to compare against - * - * @link https://tools.ietf.org/html/rfc3986#section-4.4 - */ - public static function isSameDocumentReference(UriInterface $uri, UriInterface $base = null): bool - { - if ($base !== null) { - $uri = UriResolver::resolve($base, $uri); - - return ($uri->getScheme() === $base->getScheme()) - && ($uri->getAuthority() === $base->getAuthority()) - && ($uri->getPath() === $base->getPath()) - && ($uri->getQuery() === $base->getQuery()); - } - - return $uri->getScheme() === '' && $uri->getAuthority() === '' && $uri->getPath() === '' && $uri->getQuery() === ''; - } - - /** - * Creates a new URI with a specific query string value removed. - * - * Any existing query string values that exactly match the provided key are - * removed. - * - * @param UriInterface $uri URI to use as a base. - * @param string $key Query string key to remove. - */ - public static function withoutQueryValue(UriInterface $uri, string $key): UriInterface - { - $result = self::getFilteredQueryString($uri, [$key]); - - return $uri->withQuery(implode('&', $result)); - } - - /** - * Creates a new URI with a specific query string value. - * - * Any existing query string values that exactly match the provided key are - * removed and replaced with the given key value pair. - * - * A value of null will set the query string key without a value, e.g. "key" - * instead of "key=value". - * - * @param UriInterface $uri URI to use as a base. - * @param string $key Key to set. - * @param string|null $value Value to set - */ - public static function withQueryValue(UriInterface $uri, string $key, ?string $value): UriInterface - { - $result = self::getFilteredQueryString($uri, [$key]); - - $result[] = self::generateQueryString($key, $value); - - return $uri->withQuery(implode('&', $result)); - } - - /** - * Creates a new URI with multiple specific query string values. - * - * It has the same behavior as withQueryValue() but for an associative array of key => value. - * - * @param UriInterface $uri URI to use as a base. - * @param array $keyValueArray Associative array of key and values - */ - public static function withQueryValues(UriInterface $uri, array $keyValueArray): UriInterface - { - $result = self::getFilteredQueryString($uri, array_keys($keyValueArray)); - - foreach ($keyValueArray as $key => $value) { - $result[] = self::generateQueryString((string) $key, $value !== null ? (string) $value : null); - } - - return $uri->withQuery(implode('&', $result)); - } - - /** - * Creates a URI from a hash of `parse_url` components. - * - * @link http://php.net/manual/en/function.parse-url.php - * - * @throws MalformedUriException If the components do not form a valid URI. - */ - public static function fromParts(array $parts): UriInterface - { - $uri = new self(); - $uri->applyParts($parts); - $uri->validateState(); - - return $uri; - } - - public function getScheme(): string - { - return $this->scheme; - } - - public function getAuthority(): string - { - $authority = $this->host; - if ($this->userInfo !== '') { - $authority = $this->userInfo . '@' . $authority; - } - - if ($this->port !== null) { - $authority .= ':' . $this->port; - } - - return $authority; - } - - public function getUserInfo(): string - { - return $this->userInfo; - } - - public function getHost(): string - { - return $this->host; - } - - public function getPort(): ?int - { - return $this->port; - } - - public function getPath(): string - { - return $this->path; - } - - public function getQuery(): string - { - return $this->query; - } - - public function getFragment(): string - { - return $this->fragment; - } - - public function withScheme($scheme): UriInterface - { - $scheme = $this->filterScheme($scheme); - - if ($this->scheme === $scheme) { - return $this; - } - - $new = clone $this; - $new->scheme = $scheme; - $new->composedComponents = null; - $new->removeDefaultPort(); - $new->validateState(); - - return $new; - } - - public function withUserInfo($user, $password = null): UriInterface - { - $info = $this->filterUserInfoComponent($user); - if ($password !== null) { - $info .= ':' . $this->filterUserInfoComponent($password); - } - - if ($this->userInfo === $info) { - return $this; - } - - $new = clone $this; - $new->userInfo = $info; - $new->composedComponents = null; - $new->validateState(); - - return $new; - } - - public function withHost($host): UriInterface - { - $host = $this->filterHost($host); - - if ($this->host === $host) { - return $this; - } - - $new = clone $this; - $new->host = $host; - $new->composedComponents = null; - $new->validateState(); - - return $new; - } - - public function withPort($port): UriInterface - { - $port = $this->filterPort($port); - - if ($this->port === $port) { - return $this; - } - - $new = clone $this; - $new->port = $port; - $new->composedComponents = null; - $new->removeDefaultPort(); - $new->validateState(); - - return $new; - } - - public function withPath($path): UriInterface - { - $path = $this->filterPath($path); - - if ($this->path === $path) { - return $this; - } - - $new = clone $this; - $new->path = $path; - $new->composedComponents = null; - $new->validateState(); - - return $new; - } - - public function withQuery($query): UriInterface - { - $query = $this->filterQueryAndFragment($query); - - if ($this->query === $query) { - return $this; - } - - $new = clone $this; - $new->query = $query; - $new->composedComponents = null; - - return $new; - } - - public function withFragment($fragment): UriInterface - { - $fragment = $this->filterQueryAndFragment($fragment); - - if ($this->fragment === $fragment) { - return $this; - } - - $new = clone $this; - $new->fragment = $fragment; - $new->composedComponents = null; - - return $new; - } - - public function jsonSerialize(): string - { - return $this->__toString(); - } - - /** - * Apply parse_url parts to a URI. - * - * @param array $parts Array of parse_url parts to apply. - */ - private function applyParts(array $parts): void - { - $this->scheme = isset($parts['scheme']) - ? $this->filterScheme($parts['scheme']) - : ''; - $this->userInfo = isset($parts['user']) - ? $this->filterUserInfoComponent($parts['user']) - : ''; - $this->host = isset($parts['host']) - ? $this->filterHost($parts['host']) - : ''; - $this->port = isset($parts['port']) - ? $this->filterPort($parts['port']) - : null; - $this->path = isset($parts['path']) - ? $this->filterPath($parts['path']) - : ''; - $this->query = isset($parts['query']) - ? $this->filterQueryAndFragment($parts['query']) - : ''; - $this->fragment = isset($parts['fragment']) - ? $this->filterQueryAndFragment($parts['fragment']) - : ''; - if (isset($parts['pass'])) { - $this->userInfo .= ':' . $this->filterUserInfoComponent($parts['pass']); - } - - $this->removeDefaultPort(); - } - - /** - * @param mixed $scheme - * - * @throws \InvalidArgumentException If the scheme is invalid. - */ - private function filterScheme($scheme): string - { - if (!is_string($scheme)) { - throw new \InvalidArgumentException('Scheme must be a string'); - } - - return \strtr($scheme, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'); - } - - /** - * @param mixed $component - * - * @throws \InvalidArgumentException If the user info is invalid. - */ - private function filterUserInfoComponent($component): string - { - if (!is_string($component)) { - throw new \InvalidArgumentException('User info must be a string'); - } - - return preg_replace_callback( - '/(?:[^%' . self::CHAR_UNRESERVED . self::CHAR_SUB_DELIMS . ']+|%(?![A-Fa-f0-9]{2}))/', - [$this, 'rawurlencodeMatchZero'], - $component - ); - } - - /** - * @param mixed $host - * - * @throws \InvalidArgumentException If the host is invalid. - */ - private function filterHost($host): string - { - if (!is_string($host)) { - throw new \InvalidArgumentException('Host must be a string'); - } - - return \strtr($host, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'); - } - - /** - * @param mixed $port - * - * @throws \InvalidArgumentException If the port is invalid. - */ - private function filterPort($port): ?int - { - if ($port === null) { - return null; - } - - $port = (int) $port; - if (0 > $port || 0xffff < $port) { - throw new \InvalidArgumentException( - sprintf('Invalid port: %d. Must be between 0 and 65535', $port) - ); - } - - return $port; - } - - /** - * @param string[] $keys - * - * @return string[] - */ - private static function getFilteredQueryString(UriInterface $uri, array $keys): array - { - $current = $uri->getQuery(); - - if ($current === '') { - return []; - } - - $decodedKeys = array_map('rawurldecode', $keys); - - return array_filter(explode('&', $current), function ($part) use ($decodedKeys) { - return !in_array(rawurldecode(explode('=', $part)[0]), $decodedKeys, true); - }); - } - - private static function generateQueryString(string $key, ?string $value): string - { - // Query string separators ("=", "&") within the key or value need to be encoded - // (while preventing double-encoding) before setting the query string. All other - // chars that need percent-encoding will be encoded by withQuery(). - $queryString = strtr($key, self::QUERY_SEPARATORS_REPLACEMENT); - - if ($value !== null) { - $queryString .= '=' . strtr($value, self::QUERY_SEPARATORS_REPLACEMENT); - } - - return $queryString; - } - - private function removeDefaultPort(): void - { - if ($this->port !== null && self::isDefaultPort($this)) { - $this->port = null; - } - } - - /** - * Filters the path of a URI - * - * @param mixed $path - * - * @throws \InvalidArgumentException If the path is invalid. - */ - private function filterPath($path): string - { - if (!is_string($path)) { - throw new \InvalidArgumentException('Path must be a string'); - } - - return preg_replace_callback( - '/(?:[^' . self::CHAR_UNRESERVED . self::CHAR_SUB_DELIMS . '%:@\/]++|%(?![A-Fa-f0-9]{2}))/', - [$this, 'rawurlencodeMatchZero'], - $path - ); - } - - /** - * Filters the query string or fragment of a URI. - * - * @param mixed $str - * - * @throws \InvalidArgumentException If the query or fragment is invalid. - */ - private function filterQueryAndFragment($str): string - { - if (!is_string($str)) { - throw new \InvalidArgumentException('Query and fragment must be a string'); - } - - return preg_replace_callback( - '/(?:[^' . self::CHAR_UNRESERVED . self::CHAR_SUB_DELIMS . '%:@\/\?]++|%(?![A-Fa-f0-9]{2}))/', - [$this, 'rawurlencodeMatchZero'], - $str - ); - } - - private function rawurlencodeMatchZero(array $match): string - { - return rawurlencode($match[0]); - } - - private function validateState(): void - { - if ($this->host === '' && ($this->scheme === 'http' || $this->scheme === 'https')) { - $this->host = self::HTTP_DEFAULT_HOST; - } - - if ($this->getAuthority() === '') { - if (0 === strpos($this->path, '//')) { - throw new MalformedUriException('The path of a URI without an authority must not start with two slashes "//"'); - } - if ($this->scheme === '' && false !== strpos(explode('/', $this->path, 2)[0], ':')) { - throw new MalformedUriException('A relative URI must not have a path beginning with a segment containing a colon'); - } - } - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/UriNormalizer.php b/plugins/auth/vendor/guzzlehttp/psr7/src/UriNormalizer.php deleted file mode 100644 index e12971ed..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/UriNormalizer.php +++ /dev/null @@ -1,220 +0,0 @@ -getPath() === '' && - ($uri->getScheme() === 'http' || $uri->getScheme() === 'https') - ) { - $uri = $uri->withPath('/'); - } - - if ($flags & self::REMOVE_DEFAULT_HOST && $uri->getScheme() === 'file' && $uri->getHost() === 'localhost') { - $uri = $uri->withHost(''); - } - - if ($flags & self::REMOVE_DEFAULT_PORT && $uri->getPort() !== null && Uri::isDefaultPort($uri)) { - $uri = $uri->withPort(null); - } - - if ($flags & self::REMOVE_DOT_SEGMENTS && !Uri::isRelativePathReference($uri)) { - $uri = $uri->withPath(UriResolver::removeDotSegments($uri->getPath())); - } - - if ($flags & self::REMOVE_DUPLICATE_SLASHES) { - $uri = $uri->withPath(preg_replace('#//++#', '/', $uri->getPath())); - } - - if ($flags & self::SORT_QUERY_PARAMETERS && $uri->getQuery() !== '') { - $queryKeyValues = explode('&', $uri->getQuery()); - sort($queryKeyValues); - $uri = $uri->withQuery(implode('&', $queryKeyValues)); - } - - return $uri; - } - - /** - * Whether two URIs can be considered equivalent. - * - * Both URIs are normalized automatically before comparison with the given $normalizations bitmask. The method also - * accepts relative URI references and returns true when they are equivalent. This of course assumes they will be - * resolved against the same base URI. If this is not the case, determination of equivalence or difference of - * relative references does not mean anything. - * - * @param UriInterface $uri1 An URI to compare - * @param UriInterface $uri2 An URI to compare - * @param int $normalizations A bitmask of normalizations to apply, see constants - * - * @link https://tools.ietf.org/html/rfc3986#section-6.1 - */ - public static function isEquivalent(UriInterface $uri1, UriInterface $uri2, int $normalizations = self::PRESERVING_NORMALIZATIONS): bool - { - return (string) self::normalize($uri1, $normalizations) === (string) self::normalize($uri2, $normalizations); - } - - private static function capitalizePercentEncoding(UriInterface $uri): UriInterface - { - $regex = '/(?:%[A-Fa-f0-9]{2})++/'; - - $callback = function (array $match) { - return strtoupper($match[0]); - }; - - return - $uri->withPath( - preg_replace_callback($regex, $callback, $uri->getPath()) - )->withQuery( - preg_replace_callback($regex, $callback, $uri->getQuery()) - ); - } - - private static function decodeUnreservedCharacters(UriInterface $uri): UriInterface - { - $regex = '/%(?:2D|2E|5F|7E|3[0-9]|[46][1-9A-F]|[57][0-9A])/i'; - - $callback = function (array $match) { - return rawurldecode($match[0]); - }; - - return - $uri->withPath( - preg_replace_callback($regex, $callback, $uri->getPath()) - )->withQuery( - preg_replace_callback($regex, $callback, $uri->getQuery()) - ); - } - - private function __construct() - { - // cannot be instantiated - } -} diff --git a/plugins/auth/vendor/guzzlehttp/psr7/src/UriResolver.php b/plugins/auth/vendor/guzzlehttp/psr7/src/UriResolver.php deleted file mode 100644 index 426e5c9a..00000000 --- a/plugins/auth/vendor/guzzlehttp/psr7/src/UriResolver.php +++ /dev/null @@ -1,211 +0,0 @@ -getScheme() != '') { - return $rel->withPath(self::removeDotSegments($rel->getPath())); - } - - if ($rel->getAuthority() != '') { - $targetAuthority = $rel->getAuthority(); - $targetPath = self::removeDotSegments($rel->getPath()); - $targetQuery = $rel->getQuery(); - } else { - $targetAuthority = $base->getAuthority(); - if ($rel->getPath() === '') { - $targetPath = $base->getPath(); - $targetQuery = $rel->getQuery() != '' ? $rel->getQuery() : $base->getQuery(); - } else { - if ($rel->getPath()[0] === '/') { - $targetPath = $rel->getPath(); - } else { - if ($targetAuthority != '' && $base->getPath() === '') { - $targetPath = '/' . $rel->getPath(); - } else { - $lastSlashPos = strrpos($base->getPath(), '/'); - if ($lastSlashPos === false) { - $targetPath = $rel->getPath(); - } else { - $targetPath = substr($base->getPath(), 0, $lastSlashPos + 1) . $rel->getPath(); - } - } - } - $targetPath = self::removeDotSegments($targetPath); - $targetQuery = $rel->getQuery(); - } - } - - return new Uri(Uri::composeComponents( - $base->getScheme(), - $targetAuthority, - $targetPath, - $targetQuery, - $rel->getFragment() - )); - } - - /** - * Returns the target URI as a relative reference from the base URI. - * - * This method is the counterpart to resolve(): - * - * (string) $target === (string) UriResolver::resolve($base, UriResolver::relativize($base, $target)) - * - * One use-case is to use the current request URI as base URI and then generate relative links in your documents - * to reduce the document size or offer self-contained downloadable document archives. - * - * $base = new Uri('http://example.com/a/b/'); - * echo UriResolver::relativize($base, new Uri('http://example.com/a/b/c')); // prints 'c'. - * echo UriResolver::relativize($base, new Uri('http://example.com/a/x/y')); // prints '../x/y'. - * echo UriResolver::relativize($base, new Uri('http://example.com/a/b/?q')); // prints '?q'. - * echo UriResolver::relativize($base, new Uri('http://example.org/a/b/')); // prints '//example.org/a/b/'. - * - * This method also accepts a target that is already relative and will try to relativize it further. Only a - * relative-path reference will be returned as-is. - * - * echo UriResolver::relativize($base, new Uri('/a/b/c')); // prints 'c' as well - */ - public static function relativize(UriInterface $base, UriInterface $target): UriInterface - { - if ($target->getScheme() !== '' && - ($base->getScheme() !== $target->getScheme() || $target->getAuthority() === '' && $base->getAuthority() !== '') - ) { - return $target; - } - - if (Uri::isRelativePathReference($target)) { - // As the target is already highly relative we return it as-is. It would be possible to resolve - // the target with `$target = self::resolve($base, $target);` and then try make it more relative - // by removing a duplicate query. But let's not do that automatically. - return $target; - } - - if ($target->getAuthority() !== '' && $base->getAuthority() !== $target->getAuthority()) { - return $target->withScheme(''); - } - - // We must remove the path before removing the authority because if the path starts with two slashes, the URI - // would turn invalid. And we also cannot set a relative path before removing the authority, as that is also - // invalid. - $emptyPathUri = $target->withScheme('')->withPath('')->withUserInfo('')->withPort(null)->withHost(''); - - if ($base->getPath() !== $target->getPath()) { - return $emptyPathUri->withPath(self::getRelativePath($base, $target)); - } - - if ($base->getQuery() === $target->getQuery()) { - // Only the target fragment is left. And it must be returned even if base and target fragment are the same. - return $emptyPathUri->withQuery(''); - } - - // If the base URI has a query but the target has none, we cannot return an empty path reference as it would - // inherit the base query component when resolving. - if ($target->getQuery() === '') { - $segments = explode('/', $target->getPath()); - /** @var string $lastSegment */ - $lastSegment = end($segments); - - return $emptyPathUri->withPath($lastSegment === '' ? './' : $lastSegment); - } - - return $emptyPathUri; - } - - private static function getRelativePath(UriInterface $base, UriInterface $target): string - { - $sourceSegments = explode('/', $base->getPath()); - $targetSegments = explode('/', $target->getPath()); - array_pop($sourceSegments); - $targetLastSegment = array_pop($targetSegments); - foreach ($sourceSegments as $i => $segment) { - if (isset($targetSegments[$i]) && $segment === $targetSegments[$i]) { - unset($sourceSegments[$i], $targetSegments[$i]); - } else { - break; - } - } - $targetSegments[] = $targetLastSegment; - $relativePath = str_repeat('../', count($sourceSegments)) . implode('/', $targetSegments); - - // A reference to am empty last segment or an empty first sub-segment must be prefixed with "./". - // This also applies to a segment with a colon character (e.g., "file:colon") that cannot be used - // as the first segment of a relative-path reference, as it would be mistaken for a scheme name. - if ('' === $relativePath || false !== strpos(explode('/', $relativePath, 2)[0], ':')) { - $relativePath = "./$relativePath"; - } elseif ('/' === $relativePath[0]) { - if ($base->getAuthority() != '' && $base->getPath() === '') { - // In this case an extra slash is added by resolve() automatically. So we must not add one here. - $relativePath = ".$relativePath"; - } else { - $relativePath = "./$relativePath"; - } - } - - return $relativePath; - } - - private function __construct() - { - // cannot be instantiated - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/LICENSE b/plugins/auth/vendor/league/oauth2-client/LICENSE deleted file mode 100644 index 7dfa39b7..00000000 --- a/plugins/auth/vendor/league/oauth2-client/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2013-2020 Alex Bilbie - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/plugins/auth/vendor/league/oauth2-client/README.md b/plugins/auth/vendor/league/oauth2-client/README.md deleted file mode 100644 index f35d53e8..00000000 --- a/plugins/auth/vendor/league/oauth2-client/README.md +++ /dev/null @@ -1,58 +0,0 @@ -# OAuth 2.0 Client - -This package provides a base for integrating with [OAuth 2.0](http://oauth.net/2/) service providers. - -[![Gitter Chat](https://img.shields.io/badge/gitter-join_chat-brightgreen.svg?style=flat-square)](https://gitter.im/thephpleague/oauth2-client) -[![Source Code](https://img.shields.io/badge/source-thephpleague/oauth2--client-blue.svg?style=flat-square)](https://github.com/thephpleague/oauth2-client) -[![Latest Version](https://img.shields.io/github/release/thephpleague/oauth2-client.svg?style=flat-square)](https://github.com/thephpleague/oauth2-client/releases) -[![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](https://github.com/thephpleague/oauth2-client/blob/master/LICENSE) -[![Build Status](https://img.shields.io/github/workflow/status/thephpleague/oauth2-client/CI?label=CI&logo=github&style=flat-square)](https://github.com/thephpleague/oauth2-client/actions?query=workflow%3ACI) -[![Codecov Code Coverage](https://img.shields.io/codecov/c/gh/thephpleague/oauth2-client?label=codecov&logo=codecov&style=flat-square)](https://codecov.io/gh/thephpleague/oauth2-client) -[![Total Downloads](https://img.shields.io/packagist/dt/league/oauth2-client.svg?style=flat-square)](https://packagist.org/packages/league/oauth2-client) - ---- - -The OAuth 2.0 login flow, seen commonly around the web in the form of "Connect with Facebook/Google/etc." buttons, is a common integration added to web applications, but it can be tricky and tedious to do right. To help, we've created the `league/oauth2-client` package, which provides a base for integrating with various OAuth 2.0 providers, without overburdening your application with the concerns of [RFC 6749](http://tools.ietf.org/html/rfc6749). - -This OAuth 2.0 client library will work with any OAuth 2.0 provider that conforms to the OAuth 2.0 Authorization Framework. Out-of-the-box, we provide a `GenericProvider` class to connect to any service provider that uses [Bearer tokens](http://tools.ietf.org/html/rfc6750). See our [basic usage guide](https://oauth2-client.thephpleague.com/usage/) for examples using `GenericProvider`. - -Many service providers provide additional functionality above and beyond the OAuth 2.0 specification. For this reason, you may extend and wrap this library to support additional behavior. There are already many [official](https://oauth2-client.thephpleague.com/providers/league/) and [third-party](https://oauth2-client.thephpleague.com/providers/thirdparty/) provider clients available (e.g., Facebook, GitHub, Google, Instagram, LinkedIn, etc.). If your provider isn't in the list, feel free to add it. - -This package is compliant with [PSR-1][], [PSR-2][], [PSR-4][], and [PSR-7][]. If you notice compliance oversights, please send a patch via pull request. If you're interested in contributing to this library, please take a look at our [contributing guidelines](https://github.com/thephpleague/oauth2-client/blob/master/CONTRIBUTING.md). - -## Requirements - -We support the following versions of PHP: - -* PHP 8.1 -* PHP 8.0 -* PHP 7.4 -* PHP 7.3 -* PHP 7.2 -* PHP 7.1 -* PHP 7.0 -* PHP 5.6 - -## Provider Clients - -We provide a list of [official PHP League provider clients](https://oauth2-client.thephpleague.com/providers/league/), as well as [third-party provider clients](https://oauth2-client.thephpleague.com/providers/thirdparty/). - -To build your own provider client, please refer to "[Implementing a Provider Client](https://oauth2-client.thephpleague.com/providers/implementing/)." - -## Usage - -For usage and code examples, check out our [basic usage guide](https://oauth2-client.thephpleague.com/usage/). - -## Contributing - -Please see [our contributing guidelines](https://github.com/thephpleague/oauth2-client/blob/master/CONTRIBUTING.md) for details. - -## License - -The MIT License (MIT). Please see [LICENSE](https://github.com/thephpleague/oauth2-client/blob/master/LICENSE) for more information. - - -[PSR-1]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-1-basic-coding-standard.md -[PSR-2]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md -[PSR-4]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-4-autoloader.md -[PSR-7]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-7-http-message.md diff --git a/plugins/auth/vendor/league/oauth2-client/composer.json b/plugins/auth/vendor/league/oauth2-client/composer.json deleted file mode 100644 index 59201f48..00000000 --- a/plugins/auth/vendor/league/oauth2-client/composer.json +++ /dev/null @@ -1,58 +0,0 @@ -{ - "name": "league/oauth2-client", - "description": "OAuth 2.0 Client Library", - "license": "MIT", - "config": { - "sort-packages": true - }, - "require": { - "php": "^5.6 || ^7.0 || ^8.0", - "guzzlehttp/guzzle": "^6.0 || ^7.0", - "paragonie/random_compat": "^1 || ^2 || ^9.99" - }, - "require-dev": { - "mockery/mockery": "^1.3.5", - "php-parallel-lint/php-parallel-lint": "^1.3.1", - "phpunit/phpunit": "^5.7 || ^6.0 || ^9.5", - "squizlabs/php_codesniffer": "^2.3 || ^3.0" - }, - "keywords": [ - "oauth", - "oauth2", - "authorization", - "authentication", - "idp", - "identity", - "sso", - "single sign on" - ], - "authors": [ - { - "name": "Alex Bilbie", - "email": "hello@alexbilbie.com", - "homepage": "http://www.alexbilbie.com", - "role": "Developer" - }, - { - "name": "Woody Gilk", - "homepage": "https://github.com/shadowhand", - "role": "Contributor" - } - - ], - "autoload": { - "psr-4": { - "League\\OAuth2\\Client\\": "src/" - } - }, - "autoload-dev": { - "psr-4": { - "League\\OAuth2\\Client\\Test\\": "test/src/" - } - }, - "extra": { - "branch-alias": { - "dev-2.x": "2.0.x-dev" - } - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Grant/AbstractGrant.php b/plugins/auth/vendor/league/oauth2-client/src/Grant/AbstractGrant.php deleted file mode 100644 index 2c0244ba..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Grant/AbstractGrant.php +++ /dev/null @@ -1,80 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Grant; - -use League\OAuth2\Client\Tool\RequiredParameterTrait; - -/** - * Represents a type of authorization grant. - * - * An authorization grant is a credential representing the resource - * owner's authorization (to access its protected resources) used by the - * client to obtain an access token. OAuth 2.0 defines four - * grant types -- authorization code, implicit, resource owner password - * credentials, and client credentials -- as well as an extensibility - * mechanism for defining additional types. - * - * @link http://tools.ietf.org/html/rfc6749#section-1.3 Authorization Grant (RFC 6749, §1.3) - */ -abstract class AbstractGrant -{ - use RequiredParameterTrait; - - /** - * Returns the name of this grant, eg. 'grant_name', which is used as the - * grant type when encoding URL query parameters. - * - * @return string - */ - abstract protected function getName(); - - /** - * Returns a list of all required request parameters. - * - * @return array - */ - abstract protected function getRequiredRequestParameters(); - - /** - * Returns this grant's name as its string representation. This allows for - * string interpolation when building URL query parameters. - * - * @return string - */ - public function __toString() - { - return $this->getName(); - } - - /** - * Prepares an access token request's parameters by checking that all - * required parameters are set, then merging with any given defaults. - * - * @param array $defaults - * @param array $options - * @return array - */ - public function prepareRequestParameters(array $defaults, array $options) - { - $defaults['grant_type'] = $this->getName(); - - $required = $this->getRequiredRequestParameters(); - $provided = array_merge($defaults, $options); - - $this->checkRequiredParameters($required, $provided); - - return $provided; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Grant/AuthorizationCode.php b/plugins/auth/vendor/league/oauth2-client/src/Grant/AuthorizationCode.php deleted file mode 100644 index c49460c0..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Grant/AuthorizationCode.php +++ /dev/null @@ -1,41 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Grant; - -/** - * Represents an authorization code grant. - * - * @link http://tools.ietf.org/html/rfc6749#section-1.3.1 Authorization Code (RFC 6749, §1.3.1) - */ -class AuthorizationCode extends AbstractGrant -{ - /** - * @inheritdoc - */ - protected function getName() - { - return 'authorization_code'; - } - - /** - * @inheritdoc - */ - protected function getRequiredRequestParameters() - { - return [ - 'code', - ]; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Grant/ClientCredentials.php b/plugins/auth/vendor/league/oauth2-client/src/Grant/ClientCredentials.php deleted file mode 100644 index dc78c4fd..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Grant/ClientCredentials.php +++ /dev/null @@ -1,39 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Grant; - -/** - * Represents a client credentials grant. - * - * @link http://tools.ietf.org/html/rfc6749#section-1.3.4 Client Credentials (RFC 6749, §1.3.4) - */ -class ClientCredentials extends AbstractGrant -{ - /** - * @inheritdoc - */ - protected function getName() - { - return 'client_credentials'; - } - - /** - * @inheritdoc - */ - protected function getRequiredRequestParameters() - { - return []; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Grant/Exception/InvalidGrantException.php b/plugins/auth/vendor/league/oauth2-client/src/Grant/Exception/InvalidGrantException.php deleted file mode 100644 index c3c4e677..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Grant/Exception/InvalidGrantException.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Grant\Exception; - -use InvalidArgumentException; - -/** - * Exception thrown if the grant does not extend from AbstractGrant. - * - * @see League\OAuth2\Client\Grant\AbstractGrant - */ -class InvalidGrantException extends InvalidArgumentException -{ -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Grant/GrantFactory.php b/plugins/auth/vendor/league/oauth2-client/src/Grant/GrantFactory.php deleted file mode 100644 index 71990e83..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Grant/GrantFactory.php +++ /dev/null @@ -1,104 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Grant; - -use League\OAuth2\Client\Grant\Exception\InvalidGrantException; - -/** - * Represents a factory used when retrieving an authorization grant type. - */ -class GrantFactory -{ - /** - * @var array - */ - protected $registry = []; - - /** - * Defines a grant singleton in the registry. - * - * @param string $name - * @param AbstractGrant $grant - * @return self - */ - public function setGrant($name, AbstractGrant $grant) - { - $this->registry[$name] = $grant; - - return $this; - } - - /** - * Returns a grant singleton by name. - * - * If the grant has not be registered, a default grant will be loaded. - * - * @param string $name - * @return AbstractGrant - */ - public function getGrant($name) - { - if (empty($this->registry[$name])) { - $this->registerDefaultGrant($name); - } - - return $this->registry[$name]; - } - - /** - * Registers a default grant singleton by name. - * - * @param string $name - * @return self - */ - protected function registerDefaultGrant($name) - { - // PascalCase the grant. E.g: 'authorization_code' becomes 'AuthorizationCode' - $class = str_replace(' ', '', ucwords(str_replace(['-', '_'], ' ', $name))); - $class = 'League\\OAuth2\\Client\\Grant\\' . $class; - - $this->checkGrant($class); - - return $this->setGrant($name, new $class); - } - - /** - * Determines if a variable is a valid grant. - * - * @param mixed $class - * @return boolean - */ - public function isGrant($class) - { - return is_subclass_of($class, AbstractGrant::class); - } - - /** - * Checks if a variable is a valid grant. - * - * @throws InvalidGrantException - * @param mixed $class - * @return void - */ - public function checkGrant($class) - { - if (!$this->isGrant($class)) { - throw new InvalidGrantException(sprintf( - 'Grant "%s" must extend AbstractGrant', - is_object($class) ? get_class($class) : $class - )); - } - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Grant/Password.php b/plugins/auth/vendor/league/oauth2-client/src/Grant/Password.php deleted file mode 100644 index 6543b2eb..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Grant/Password.php +++ /dev/null @@ -1,42 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Grant; - -/** - * Represents a resource owner password credentials grant. - * - * @link http://tools.ietf.org/html/rfc6749#section-1.3.3 Resource Owner Password Credentials (RFC 6749, §1.3.3) - */ -class Password extends AbstractGrant -{ - /** - * @inheritdoc - */ - protected function getName() - { - return 'password'; - } - - /** - * @inheritdoc - */ - protected function getRequiredRequestParameters() - { - return [ - 'username', - 'password', - ]; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Grant/RefreshToken.php b/plugins/auth/vendor/league/oauth2-client/src/Grant/RefreshToken.php deleted file mode 100644 index 81921823..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Grant/RefreshToken.php +++ /dev/null @@ -1,41 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Grant; - -/** - * Represents a refresh token grant. - * - * @link http://tools.ietf.org/html/rfc6749#section-6 Refreshing an Access Token (RFC 6749, §6) - */ -class RefreshToken extends AbstractGrant -{ - /** - * @inheritdoc - */ - protected function getName() - { - return 'refresh_token'; - } - - /** - * @inheritdoc - */ - protected function getRequiredRequestParameters() - { - return [ - 'refresh_token', - ]; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/OptionProvider/HttpBasicAuthOptionProvider.php b/plugins/auth/vendor/league/oauth2-client/src/OptionProvider/HttpBasicAuthOptionProvider.php deleted file mode 100644 index 3da40656..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/OptionProvider/HttpBasicAuthOptionProvider.php +++ /dev/null @@ -1,42 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\OptionProvider; - -use InvalidArgumentException; - -/** - * Add http basic auth into access token request options - * @link https://tools.ietf.org/html/rfc6749#section-2.3.1 - */ -class HttpBasicAuthOptionProvider extends PostAuthOptionProvider -{ - /** - * @inheritdoc - */ - public function getAccessTokenOptions($method, array $params) - { - if (empty($params['client_id']) || empty($params['client_secret'])) { - throw new InvalidArgumentException('clientId and clientSecret are required for http basic auth'); - } - - $encodedCredentials = base64_encode(sprintf('%s:%s', $params['client_id'], $params['client_secret'])); - unset($params['client_id'], $params['client_secret']); - - $options = parent::getAccessTokenOptions($method, $params); - $options['headers']['Authorization'] = 'Basic ' . $encodedCredentials; - - return $options; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/OptionProvider/OptionProviderInterface.php b/plugins/auth/vendor/league/oauth2-client/src/OptionProvider/OptionProviderInterface.php deleted file mode 100644 index 1126d25a..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/OptionProvider/OptionProviderInterface.php +++ /dev/null @@ -1,30 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\OptionProvider; - -/** - * Interface for access token options provider - */ -interface OptionProviderInterface -{ - /** - * Builds request options used for requesting an access token. - * - * @param string $method - * @param array $params - * @return array - */ - public function getAccessTokenOptions($method, array $params); -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/OptionProvider/PostAuthOptionProvider.php b/plugins/auth/vendor/league/oauth2-client/src/OptionProvider/PostAuthOptionProvider.php deleted file mode 100644 index 12d920ec..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/OptionProvider/PostAuthOptionProvider.php +++ /dev/null @@ -1,51 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\OptionProvider; - -use League\OAuth2\Client\Provider\AbstractProvider; -use League\OAuth2\Client\Tool\QueryBuilderTrait; - -/** - * Provide options for access token - */ -class PostAuthOptionProvider implements OptionProviderInterface -{ - use QueryBuilderTrait; - - /** - * @inheritdoc - */ - public function getAccessTokenOptions($method, array $params) - { - $options = ['headers' => ['content-type' => 'application/x-www-form-urlencoded']]; - - if ($method === AbstractProvider::METHOD_POST) { - $options['body'] = $this->getAccessTokenBody($params); - } - - return $options; - } - - /** - * Returns the request body for requesting an access token. - * - * @param array $params - * @return string - */ - protected function getAccessTokenBody(array $params) - { - return $this->buildQueryString($params); - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Provider/AbstractProvider.php b/plugins/auth/vendor/league/oauth2-client/src/Provider/AbstractProvider.php deleted file mode 100644 index d1679998..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Provider/AbstractProvider.php +++ /dev/null @@ -1,843 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Provider; - -use GuzzleHttp\Client as HttpClient; -use GuzzleHttp\ClientInterface as HttpClientInterface; -use GuzzleHttp\Exception\BadResponseException; -use League\OAuth2\Client\Grant\AbstractGrant; -use League\OAuth2\Client\Grant\GrantFactory; -use League\OAuth2\Client\OptionProvider\OptionProviderInterface; -use League\OAuth2\Client\OptionProvider\PostAuthOptionProvider; -use League\OAuth2\Client\Provider\Exception\IdentityProviderException; -use League\OAuth2\Client\Token\AccessToken; -use League\OAuth2\Client\Token\AccessTokenInterface; -use League\OAuth2\Client\Tool\ArrayAccessorTrait; -use League\OAuth2\Client\Tool\GuardedPropertyTrait; -use League\OAuth2\Client\Tool\QueryBuilderTrait; -use League\OAuth2\Client\Tool\RequestFactory; -use Psr\Http\Message\RequestInterface; -use Psr\Http\Message\ResponseInterface; -use UnexpectedValueException; - -/** - * Represents a service provider (authorization server). - * - * @link http://tools.ietf.org/html/rfc6749#section-1.1 Roles (RFC 6749, §1.1) - */ -abstract class AbstractProvider -{ - use ArrayAccessorTrait; - use GuardedPropertyTrait; - use QueryBuilderTrait; - - /** - * @var string Key used in a token response to identify the resource owner. - */ - const ACCESS_TOKEN_RESOURCE_OWNER_ID = null; - - /** - * @var string HTTP method used to fetch access tokens. - */ - const METHOD_GET = 'GET'; - - /** - * @var string HTTP method used to fetch access tokens. - */ - const METHOD_POST = 'POST'; - - /** - * @var string - */ - protected $clientId; - - /** - * @var string - */ - protected $clientSecret; - - /** - * @var string - */ - protected $redirectUri; - - /** - * @var string - */ - protected $state; - - /** - * @var GrantFactory - */ - protected $grantFactory; - - /** - * @var RequestFactory - */ - protected $requestFactory; - - /** - * @var HttpClientInterface - */ - protected $httpClient; - - /** - * @var OptionProviderInterface - */ - protected $optionProvider; - - /** - * Constructs an OAuth 2.0 service provider. - * - * @param array $options An array of options to set on this provider. - * Options include `clientId`, `clientSecret`, `redirectUri`, and `state`. - * Individual providers may introduce more options, as needed. - * @param array $collaborators An array of collaborators that may be used to - * override this provider's default behavior. Collaborators include - * `grantFactory`, `requestFactory`, and `httpClient`. - * Individual providers may introduce more collaborators, as needed. - */ - public function __construct(array $options = [], array $collaborators = []) - { - // We'll let the GuardedPropertyTrait handle mass assignment of incoming - // options, skipping any blacklisted properties defined in the provider - $this->fillProperties($options); - - if (empty($collaborators['grantFactory'])) { - $collaborators['grantFactory'] = new GrantFactory(); - } - $this->setGrantFactory($collaborators['grantFactory']); - - if (empty($collaborators['requestFactory'])) { - $collaborators['requestFactory'] = new RequestFactory(); - } - $this->setRequestFactory($collaborators['requestFactory']); - - if (empty($collaborators['httpClient'])) { - $client_options = $this->getAllowedClientOptions($options); - - $collaborators['httpClient'] = new HttpClient( - array_intersect_key($options, array_flip($client_options)) - ); - } - $this->setHttpClient($collaborators['httpClient']); - - if (empty($collaborators['optionProvider'])) { - $collaborators['optionProvider'] = new PostAuthOptionProvider(); - } - $this->setOptionProvider($collaborators['optionProvider']); - } - - /** - * Returns the list of options that can be passed to the HttpClient - * - * @param array $options An array of options to set on this provider. - * Options include `clientId`, `clientSecret`, `redirectUri`, and `state`. - * Individual providers may introduce more options, as needed. - * @return array The options to pass to the HttpClient constructor - */ - protected function getAllowedClientOptions(array $options) - { - $client_options = ['timeout', 'proxy']; - - // Only allow turning off ssl verification if it's for a proxy - if (!empty($options['proxy'])) { - $client_options[] = 'verify'; - } - - return $client_options; - } - - /** - * Sets the grant factory instance. - * - * @param GrantFactory $factory - * @return self - */ - public function setGrantFactory(GrantFactory $factory) - { - $this->grantFactory = $factory; - - return $this; - } - - /** - * Returns the current grant factory instance. - * - * @return GrantFactory - */ - public function getGrantFactory() - { - return $this->grantFactory; - } - - /** - * Sets the request factory instance. - * - * @param RequestFactory $factory - * @return self - */ - public function setRequestFactory(RequestFactory $factory) - { - $this->requestFactory = $factory; - - return $this; - } - - /** - * Returns the request factory instance. - * - * @return RequestFactory - */ - public function getRequestFactory() - { - return $this->requestFactory; - } - - /** - * Sets the HTTP client instance. - * - * @param HttpClientInterface $client - * @return self - */ - public function setHttpClient(HttpClientInterface $client) - { - $this->httpClient = $client; - - return $this; - } - - /** - * Returns the HTTP client instance. - * - * @return HttpClientInterface - */ - public function getHttpClient() - { - return $this->httpClient; - } - - /** - * Sets the option provider instance. - * - * @param OptionProviderInterface $provider - * @return self - */ - public function setOptionProvider(OptionProviderInterface $provider) - { - $this->optionProvider = $provider; - - return $this; - } - - /** - * Returns the option provider instance. - * - * @return OptionProviderInterface - */ - public function getOptionProvider() - { - return $this->optionProvider; - } - - /** - * Returns the current value of the state parameter. - * - * This can be accessed by the redirect handler during authorization. - * - * @return string - */ - public function getState() - { - return $this->state; - } - - /** - * Returns the base URL for authorizing a client. - * - * Eg. https://oauth.service.com/authorize - * - * @return string - */ - abstract public function getBaseAuthorizationUrl(); - - /** - * Returns the base URL for requesting an access token. - * - * Eg. https://oauth.service.com/token - * - * @param array $params - * @return string - */ - abstract public function getBaseAccessTokenUrl(array $params); - - /** - * Returns the URL for requesting the resource owner's details. - * - * @param AccessToken $token - * @return string - */ - abstract public function getResourceOwnerDetailsUrl(AccessToken $token); - - /** - * Returns a new random string to use as the state parameter in an - * authorization flow. - * - * @param int $length Length of the random string to be generated. - * @return string - */ - protected function getRandomState($length = 32) - { - // Converting bytes to hex will always double length. Hence, we can reduce - // the amount of bytes by half to produce the correct length. - return bin2hex(random_bytes($length / 2)); - } - - /** - * Returns the default scopes used by this provider. - * - * This should only be the scopes that are required to request the details - * of the resource owner, rather than all the available scopes. - * - * @return array - */ - abstract protected function getDefaultScopes(); - - /** - * Returns the string that should be used to separate scopes when building - * the URL for requesting an access token. - * - * @return string Scope separator, defaults to ',' - */ - protected function getScopeSeparator() - { - return ','; - } - - /** - * Returns authorization parameters based on provided options. - * - * @param array $options - * @return array Authorization parameters - */ - protected function getAuthorizationParameters(array $options) - { - if (empty($options['state'])) { - $options['state'] = $this->getRandomState(); - } - - if (empty($options['scope'])) { - $options['scope'] = $this->getDefaultScopes(); - } - - $options += [ - 'response_type' => 'code', - 'approval_prompt' => 'auto' - ]; - - if (is_array($options['scope'])) { - $separator = $this->getScopeSeparator(); - $options['scope'] = implode($separator, $options['scope']); - } - - // Store the state as it may need to be accessed later on. - $this->state = $options['state']; - - // Business code layer might set a different redirect_uri parameter - // depending on the context, leave it as-is - if (!isset($options['redirect_uri'])) { - $options['redirect_uri'] = $this->redirectUri; - } - - $options['client_id'] = $this->clientId; - - return $options; - } - - /** - * Builds the authorization URL's query string. - * - * @param array $params Query parameters - * @return string Query string - */ - protected function getAuthorizationQuery(array $params) - { - return $this->buildQueryString($params); - } - - /** - * Builds the authorization URL. - * - * @param array $options - * @return string Authorization URL - */ - public function getAuthorizationUrl(array $options = []) - { - $base = $this->getBaseAuthorizationUrl(); - $params = $this->getAuthorizationParameters($options); - $query = $this->getAuthorizationQuery($params); - - return $this->appendQuery($base, $query); - } - - /** - * Redirects the client for authorization. - * - * @param array $options - * @param callable|null $redirectHandler - * @return mixed - */ - public function authorize( - array $options = [], - callable $redirectHandler = null - ) { - $url = $this->getAuthorizationUrl($options); - if ($redirectHandler) { - return $redirectHandler($url, $this); - } - - // @codeCoverageIgnoreStart - header('Location: ' . $url); - exit; - // @codeCoverageIgnoreEnd - } - - /** - * Appends a query string to a URL. - * - * @param string $url The URL to append the query to - * @param string $query The HTTP query string - * @return string The resulting URL - */ - protected function appendQuery($url, $query) - { - $query = trim($query, '?&'); - - if ($query) { - $glue = strstr($url, '?') === false ? '?' : '&'; - return $url . $glue . $query; - } - - return $url; - } - - /** - * Returns the method to use when requesting an access token. - * - * @return string HTTP method - */ - protected function getAccessTokenMethod() - { - return self::METHOD_POST; - } - - /** - * Returns the key used in the access token response to identify the resource owner. - * - * @return string|null Resource owner identifier key - */ - protected function getAccessTokenResourceOwnerId() - { - return static::ACCESS_TOKEN_RESOURCE_OWNER_ID; - } - - /** - * Builds the access token URL's query string. - * - * @param array $params Query parameters - * @return string Query string - */ - protected function getAccessTokenQuery(array $params) - { - return $this->buildQueryString($params); - } - - /** - * Checks that a provided grant is valid, or attempts to produce one if the - * provided grant is a string. - * - * @param AbstractGrant|string $grant - * @return AbstractGrant - */ - protected function verifyGrant($grant) - { - if (is_string($grant)) { - return $this->grantFactory->getGrant($grant); - } - - $this->grantFactory->checkGrant($grant); - return $grant; - } - - /** - * Returns the full URL to use when requesting an access token. - * - * @param array $params Query parameters - * @return string - */ - protected function getAccessTokenUrl(array $params) - { - $url = $this->getBaseAccessTokenUrl($params); - - if ($this->getAccessTokenMethod() === self::METHOD_GET) { - $query = $this->getAccessTokenQuery($params); - return $this->appendQuery($url, $query); - } - - return $url; - } - - /** - * Returns a prepared request for requesting an access token. - * - * @param array $params Query string parameters - * @return RequestInterface - */ - protected function getAccessTokenRequest(array $params) - { - $method = $this->getAccessTokenMethod(); - $url = $this->getAccessTokenUrl($params); - $options = $this->optionProvider->getAccessTokenOptions($this->getAccessTokenMethod(), $params); - - return $this->getRequest($method, $url, $options); - } - - /** - * Requests an access token using a specified grant and option set. - * - * @param mixed $grant - * @param array $options - * @throws IdentityProviderException - * @return AccessTokenInterface - */ - public function getAccessToken($grant, array $options = []) - { - $grant = $this->verifyGrant($grant); - - $params = [ - 'client_id' => $this->clientId, - 'client_secret' => $this->clientSecret, - 'redirect_uri' => $this->redirectUri, - ]; - - $params = $grant->prepareRequestParameters($params, $options); - $request = $this->getAccessTokenRequest($params); - $response = $this->getParsedResponse($request); - if (false === is_array($response)) { - throw new UnexpectedValueException( - 'Invalid response received from Authorization Server. Expected JSON.' - ); - } - $prepared = $this->prepareAccessTokenResponse($response); - $token = $this->createAccessToken($prepared, $grant); - - return $token; - } - - /** - * Returns a PSR-7 request instance that is not authenticated. - * - * @param string $method - * @param string $url - * @param array $options - * @return RequestInterface - */ - public function getRequest($method, $url, array $options = []) - { - return $this->createRequest($method, $url, null, $options); - } - - /** - * Returns an authenticated PSR-7 request instance. - * - * @param string $method - * @param string $url - * @param AccessTokenInterface|string $token - * @param array $options Any of "headers", "body", and "protocolVersion". - * @return RequestInterface - */ - public function getAuthenticatedRequest($method, $url, $token, array $options = []) - { - return $this->createRequest($method, $url, $token, $options); - } - - /** - * Creates a PSR-7 request instance. - * - * @param string $method - * @param string $url - * @param AccessTokenInterface|string|null $token - * @param array $options - * @return RequestInterface - */ - protected function createRequest($method, $url, $token, array $options) - { - $defaults = [ - 'headers' => $this->getHeaders($token), - ]; - - $options = array_merge_recursive($defaults, $options); - $factory = $this->getRequestFactory(); - - return $factory->getRequestWithOptions($method, $url, $options); - } - - /** - * Sends a request instance and returns a response instance. - * - * WARNING: This method does not attempt to catch exceptions caused by HTTP - * errors! It is recommended to wrap this method in a try/catch block. - * - * @param RequestInterface $request - * @return ResponseInterface - */ - public function getResponse(RequestInterface $request) - { - return $this->getHttpClient()->send($request); - } - - /** - * Sends a request and returns the parsed response. - * - * @param RequestInterface $request - * @throws IdentityProviderException - * @return mixed - */ - public function getParsedResponse(RequestInterface $request) - { - try { - $response = $this->getResponse($request); - } catch (BadResponseException $e) { - $response = $e->getResponse(); - } - - $parsed = $this->parseResponse($response); - - $this->checkResponse($response, $parsed); - - return $parsed; - } - - /** - * Attempts to parse a JSON response. - * - * @param string $content JSON content from response body - * @return array Parsed JSON data - * @throws UnexpectedValueException if the content could not be parsed - */ - protected function parseJson($content) - { - $content = json_decode($content, true); - - if (json_last_error() !== JSON_ERROR_NONE) { - throw new UnexpectedValueException(sprintf( - "Failed to parse JSON response: %s", - json_last_error_msg() - )); - } - - return $content; - } - - /** - * Returns the content type header of a response. - * - * @param ResponseInterface $response - * @return string Semi-colon separated join of content-type headers. - */ - protected function getContentType(ResponseInterface $response) - { - return join(';', (array) $response->getHeader('content-type')); - } - - /** - * Parses the response according to its content-type header. - * - * @throws UnexpectedValueException - * @param ResponseInterface $response - * @return array - */ - protected function parseResponse(ResponseInterface $response) - { - $content = (string) $response->getBody(); - $type = $this->getContentType($response); - - if (strpos($type, 'urlencoded') !== false) { - parse_str($content, $parsed); - return $parsed; - } - - // Attempt to parse the string as JSON regardless of content type, - // since some providers use non-standard content types. Only throw an - // exception if the JSON could not be parsed when it was expected to. - try { - return $this->parseJson($content); - } catch (UnexpectedValueException $e) { - if (strpos($type, 'json') !== false) { - throw $e; - } - - if ($response->getStatusCode() == 500) { - throw new UnexpectedValueException( - 'An OAuth server error was encountered that did not contain a JSON body', - 0, - $e - ); - } - - return $content; - } - } - - /** - * Checks a provider response for errors. - * - * @throws IdentityProviderException - * @param ResponseInterface $response - * @param array|string $data Parsed response data - * @return void - */ - abstract protected function checkResponse(ResponseInterface $response, $data); - - /** - * Prepares an parsed access token response for a grant. - * - * Custom mapping of expiration, etc should be done here. Always call the - * parent method when overloading this method. - * - * @param mixed $result - * @return array - */ - protected function prepareAccessTokenResponse(array $result) - { - if ($this->getAccessTokenResourceOwnerId() !== null) { - $result['resource_owner_id'] = $this->getValueByKey( - $result, - $this->getAccessTokenResourceOwnerId() - ); - } - return $result; - } - - /** - * Creates an access token from a response. - * - * The grant that was used to fetch the response can be used to provide - * additional context. - * - * @param array $response - * @param AbstractGrant $grant - * @return AccessTokenInterface - */ - protected function createAccessToken(array $response, AbstractGrant $grant) - { - return new AccessToken($response); - } - - /** - * Generates a resource owner object from a successful resource owner - * details request. - * - * @param array $response - * @param AccessToken $token - * @return ResourceOwnerInterface - */ - abstract protected function createResourceOwner(array $response, AccessToken $token); - - /** - * Requests and returns the resource owner of given access token. - * - * @param AccessToken $token - * @return ResourceOwnerInterface - */ - public function getResourceOwner(AccessToken $token) - { - $response = $this->fetchResourceOwnerDetails($token); - - return $this->createResourceOwner($response, $token); - } - - /** - * Requests resource owner details. - * - * @param AccessToken $token - * @return mixed - */ - protected function fetchResourceOwnerDetails(AccessToken $token) - { - $url = $this->getResourceOwnerDetailsUrl($token); - - $request = $this->getAuthenticatedRequest(self::METHOD_GET, $url, $token); - - $response = $this->getParsedResponse($request); - - if (false === is_array($response)) { - throw new UnexpectedValueException( - 'Invalid response received from Authorization Server. Expected JSON.' - ); - } - - return $response; - } - - /** - * Returns the default headers used by this provider. - * - * Typically this is used to set 'Accept' or 'Content-Type' headers. - * - * @return array - */ - protected function getDefaultHeaders() - { - return []; - } - - /** - * Returns the authorization headers used by this provider. - * - * Typically this is "Bearer" or "MAC". For more information see: - * http://tools.ietf.org/html/rfc6749#section-7.1 - * - * No default is provided, providers must overload this method to activate - * authorization headers. - * - * @param mixed|null $token Either a string or an access token instance - * @return array - */ - protected function getAuthorizationHeaders($token = null) - { - return []; - } - - /** - * Returns all headers used by this provider for a request. - * - * The request will be authenticated if an access token is provided. - * - * @param mixed|null $token object or string - * @return array - */ - public function getHeaders($token = null) - { - if ($token) { - return array_merge( - $this->getDefaultHeaders(), - $this->getAuthorizationHeaders($token) - ); - } - - return $this->getDefaultHeaders(); - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Provider/Exception/IdentityProviderException.php b/plugins/auth/vendor/league/oauth2-client/src/Provider/Exception/IdentityProviderException.php deleted file mode 100644 index 52b7e035..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Provider/Exception/IdentityProviderException.php +++ /dev/null @@ -1,48 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Provider\Exception; - -/** - * Exception thrown if the provider response contains errors. - */ -class IdentityProviderException extends \Exception -{ - /** - * @var mixed - */ - protected $response; - - /** - * @param string $message - * @param int $code - * @param array|string $response The response body - */ - public function __construct($message, $code, $response) - { - $this->response = $response; - - parent::__construct($message, $code); - } - - /** - * Returns the exception's response body. - * - * @return array|string - */ - public function getResponseBody() - { - return $this->response; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Provider/GenericProvider.php b/plugins/auth/vendor/league/oauth2-client/src/Provider/GenericProvider.php deleted file mode 100644 index 74393ffd..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Provider/GenericProvider.php +++ /dev/null @@ -1,233 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Provider; - -use InvalidArgumentException; -use League\OAuth2\Client\Provider\Exception\IdentityProviderException; -use League\OAuth2\Client\Token\AccessToken; -use League\OAuth2\Client\Tool\BearerAuthorizationTrait; -use Psr\Http\Message\ResponseInterface; - -/** - * Represents a generic service provider that may be used to interact with any - * OAuth 2.0 service provider, using Bearer token authentication. - */ -class GenericProvider extends AbstractProvider -{ - use BearerAuthorizationTrait; - - /** - * @var string - */ - private $urlAuthorize; - - /** - * @var string - */ - private $urlAccessToken; - - /** - * @var string - */ - private $urlResourceOwnerDetails; - - /** - * @var string - */ - private $accessTokenMethod; - - /** - * @var string - */ - private $accessTokenResourceOwnerId; - - /** - * @var array|null - */ - private $scopes = null; - - /** - * @var string - */ - private $scopeSeparator; - - /** - * @var string - */ - private $responseError = 'error'; - - /** - * @var string - */ - private $responseCode; - - /** - * @var string - */ - private $responseResourceOwnerId = 'id'; - - /** - * @param array $options - * @param array $collaborators - */ - public function __construct(array $options = [], array $collaborators = []) - { - $this->assertRequiredOptions($options); - - $possible = $this->getConfigurableOptions(); - $configured = array_intersect_key($options, array_flip($possible)); - - foreach ($configured as $key => $value) { - $this->$key = $value; - } - - // Remove all options that are only used locally - $options = array_diff_key($options, $configured); - - parent::__construct($options, $collaborators); - } - - /** - * Returns all options that can be configured. - * - * @return array - */ - protected function getConfigurableOptions() - { - return array_merge($this->getRequiredOptions(), [ - 'accessTokenMethod', - 'accessTokenResourceOwnerId', - 'scopeSeparator', - 'responseError', - 'responseCode', - 'responseResourceOwnerId', - 'scopes', - ]); - } - - /** - * Returns all options that are required. - * - * @return array - */ - protected function getRequiredOptions() - { - return [ - 'urlAuthorize', - 'urlAccessToken', - 'urlResourceOwnerDetails', - ]; - } - - /** - * Verifies that all required options have been passed. - * - * @param array $options - * @return void - * @throws InvalidArgumentException - */ - private function assertRequiredOptions(array $options) - { - $missing = array_diff_key(array_flip($this->getRequiredOptions()), $options); - - if (!empty($missing)) { - throw new InvalidArgumentException( - 'Required options not defined: ' . implode(', ', array_keys($missing)) - ); - } - } - - /** - * @inheritdoc - */ - public function getBaseAuthorizationUrl() - { - return $this->urlAuthorize; - } - - /** - * @inheritdoc - */ - public function getBaseAccessTokenUrl(array $params) - { - return $this->urlAccessToken; - } - - /** - * @inheritdoc - */ - public function getResourceOwnerDetailsUrl(AccessToken $token) - { - return $this->urlResourceOwnerDetails; - } - - /** - * @inheritdoc - */ - public function getDefaultScopes() - { - return $this->scopes; - } - - /** - * @inheritdoc - */ - protected function getAccessTokenMethod() - { - return $this->accessTokenMethod ?: parent::getAccessTokenMethod(); - } - - /** - * @inheritdoc - */ - protected function getAccessTokenResourceOwnerId() - { - return $this->accessTokenResourceOwnerId ?: parent::getAccessTokenResourceOwnerId(); - } - - /** - * @inheritdoc - */ - protected function getScopeSeparator() - { - return $this->scopeSeparator ?: parent::getScopeSeparator(); - } - - /** - * @inheritdoc - */ - protected function checkResponse(ResponseInterface $response, $data) - { - if (!empty($data[$this->responseError])) { - $error = $data[$this->responseError]; - if (!is_string($error)) { - $error = var_export($error, true); - } - $code = $this->responseCode && !empty($data[$this->responseCode])? $data[$this->responseCode] : 0; - if (!is_int($code)) { - $code = intval($code); - } - throw new IdentityProviderException($error, $code, $data); - } - } - - /** - * @inheritdoc - */ - protected function createResourceOwner(array $response, AccessToken $token) - { - return new GenericResourceOwner($response, $this->responseResourceOwnerId); - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Provider/GenericResourceOwner.php b/plugins/auth/vendor/league/oauth2-client/src/Provider/GenericResourceOwner.php deleted file mode 100644 index f8766148..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Provider/GenericResourceOwner.php +++ /dev/null @@ -1,61 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Provider; - -/** - * Represents a generic resource owner for use with the GenericProvider. - */ -class GenericResourceOwner implements ResourceOwnerInterface -{ - /** - * @var array - */ - protected $response; - - /** - * @var string - */ - protected $resourceOwnerId; - - /** - * @param array $response - * @param string $resourceOwnerId - */ - public function __construct(array $response, $resourceOwnerId) - { - $this->response = $response; - $this->resourceOwnerId = $resourceOwnerId; - } - - /** - * Returns the identifier of the authorized resource owner. - * - * @return mixed - */ - public function getId() - { - return $this->response[$this->resourceOwnerId]; - } - - /** - * Returns the raw resource owner response. - * - * @return array - */ - public function toArray() - { - return $this->response; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Provider/ResourceOwnerInterface.php b/plugins/auth/vendor/league/oauth2-client/src/Provider/ResourceOwnerInterface.php deleted file mode 100644 index 82844242..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Provider/ResourceOwnerInterface.php +++ /dev/null @@ -1,36 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Provider; - -/** - * Classes implementing `ResourceOwnerInterface` may be used to represent - * the resource owner authenticated with a service provider. - */ -interface ResourceOwnerInterface -{ - /** - * Returns the identifier of the authorized resource owner. - * - * @return mixed - */ - public function getId(); - - /** - * Return all of the owner details available as an array. - * - * @return array - */ - public function toArray(); -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Token/AccessToken.php b/plugins/auth/vendor/league/oauth2-client/src/Token/AccessToken.php deleted file mode 100644 index 81533c30..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Token/AccessToken.php +++ /dev/null @@ -1,243 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Token; - -use InvalidArgumentException; -use RuntimeException; - -/** - * Represents an access token. - * - * @link http://tools.ietf.org/html/rfc6749#section-1.4 Access Token (RFC 6749, §1.4) - */ -class AccessToken implements AccessTokenInterface, ResourceOwnerAccessTokenInterface -{ - /** - * @var string - */ - protected $accessToken; - - /** - * @var int - */ - protected $expires; - - /** - * @var string - */ - protected $refreshToken; - - /** - * @var string - */ - protected $resourceOwnerId; - - /** - * @var array - */ - protected $values = []; - - /** - * @var int - */ - private static $timeNow; - - /** - * Set the time now. This should only be used for testing purposes. - * - * @param int $timeNow the time in seconds since epoch - * @return void - */ - public static function setTimeNow($timeNow) - { - self::$timeNow = $timeNow; - } - - /** - * Reset the time now if it was set for test purposes. - * - * @return void - */ - public static function resetTimeNow() - { - self::$timeNow = null; - } - - /** - * @return int - */ - public function getTimeNow() - { - return self::$timeNow ? self::$timeNow : time(); - } - - /** - * Constructs an access token. - * - * @param array $options An array of options returned by the service provider - * in the access token request. The `access_token` option is required. - * @throws InvalidArgumentException if `access_token` is not provided in `$options`. - */ - public function __construct(array $options = []) - { - if (empty($options['access_token'])) { - throw new InvalidArgumentException('Required option not passed: "access_token"'); - } - - $this->accessToken = $options['access_token']; - - if (!empty($options['resource_owner_id'])) { - $this->resourceOwnerId = $options['resource_owner_id']; - } - - if (!empty($options['refresh_token'])) { - $this->refreshToken = $options['refresh_token']; - } - - // We need to know when the token expires. Show preference to - // 'expires_in' since it is defined in RFC6749 Section 5.1. - // Defer to 'expires' if it is provided instead. - if (isset($options['expires_in'])) { - if (!is_numeric($options['expires_in'])) { - throw new \InvalidArgumentException('expires_in value must be an integer'); - } - - $this->expires = $options['expires_in'] != 0 ? $this->getTimeNow() + $options['expires_in'] : 0; - } elseif (!empty($options['expires'])) { - // Some providers supply the seconds until expiration rather than - // the exact timestamp. Take a best guess at which we received. - $expires = $options['expires']; - - if (!$this->isExpirationTimestamp($expires)) { - $expires += $this->getTimeNow(); - } - - $this->expires = $expires; - } - - // Capture any additional values that might exist in the token but are - // not part of the standard response. Vendors will sometimes pass - // additional user data this way. - $this->values = array_diff_key($options, array_flip([ - 'access_token', - 'resource_owner_id', - 'refresh_token', - 'expires_in', - 'expires', - ])); - } - - /** - * Check if a value is an expiration timestamp or second value. - * - * @param integer $value - * @return bool - */ - protected function isExpirationTimestamp($value) - { - // If the given value is larger than the original OAuth 2 draft date, - // assume that it is meant to be a (possible expired) timestamp. - $oauth2InceptionDate = 1349067600; // 2012-10-01 - return ($value > $oauth2InceptionDate); - } - - /** - * @inheritdoc - */ - public function getToken() - { - return $this->accessToken; - } - - /** - * @inheritdoc - */ - public function getRefreshToken() - { - return $this->refreshToken; - } - - /** - * @inheritdoc - */ - public function getExpires() - { - return $this->expires; - } - - /** - * @inheritdoc - */ - public function getResourceOwnerId() - { - return $this->resourceOwnerId; - } - - /** - * @inheritdoc - */ - public function hasExpired() - { - $expires = $this->getExpires(); - - if (empty($expires)) { - throw new RuntimeException('"expires" is not set on the token'); - } - - return $expires < time(); - } - - /** - * @inheritdoc - */ - public function getValues() - { - return $this->values; - } - - /** - * @inheritdoc - */ - public function __toString() - { - return (string) $this->getToken(); - } - - /** - * @inheritdoc - */ - public function jsonSerialize() - { - $parameters = $this->values; - - if ($this->accessToken) { - $parameters['access_token'] = $this->accessToken; - } - - if ($this->refreshToken) { - $parameters['refresh_token'] = $this->refreshToken; - } - - if ($this->expires) { - $parameters['expires'] = $this->expires; - } - - if ($this->resourceOwnerId) { - $parameters['resource_owner_id'] = $this->resourceOwnerId; - } - - return $parameters; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Token/AccessTokenInterface.php b/plugins/auth/vendor/league/oauth2-client/src/Token/AccessTokenInterface.php deleted file mode 100644 index 5fd219ff..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Token/AccessTokenInterface.php +++ /dev/null @@ -1,74 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Token; - -use JsonSerializable; -use ReturnTypeWillChange; -use RuntimeException; - -interface AccessTokenInterface extends JsonSerializable -{ - /** - * Returns the access token string of this instance. - * - * @return string - */ - public function getToken(); - - /** - * Returns the refresh token, if defined. - * - * @return string|null - */ - public function getRefreshToken(); - - /** - * Returns the expiration timestamp in seconds, if defined. - * - * @return integer|null - */ - public function getExpires(); - - /** - * Checks if this token has expired. - * - * @return boolean true if the token has expired, false otherwise. - * @throws RuntimeException if 'expires' is not set on the token. - */ - public function hasExpired(); - - /** - * Returns additional vendor values stored in the token. - * - * @return array - */ - public function getValues(); - - /** - * Returns a string representation of the access token - * - * @return string - */ - public function __toString(); - - /** - * Returns an array of parameters to serialize when this is serialized with - * json_encode(). - * - * @return array - */ - #[ReturnTypeWillChange] - public function jsonSerialize(); -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Token/ResourceOwnerAccessTokenInterface.php b/plugins/auth/vendor/league/oauth2-client/src/Token/ResourceOwnerAccessTokenInterface.php deleted file mode 100644 index 51e4ce41..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Token/ResourceOwnerAccessTokenInterface.php +++ /dev/null @@ -1,25 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Token; - -interface ResourceOwnerAccessTokenInterface extends AccessTokenInterface -{ - /** - * Returns the resource owner identifier, if defined. - * - * @return string|null - */ - public function getResourceOwnerId(); -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Tool/ArrayAccessorTrait.php b/plugins/auth/vendor/league/oauth2-client/src/Tool/ArrayAccessorTrait.php deleted file mode 100644 index a18198cf..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Tool/ArrayAccessorTrait.php +++ /dev/null @@ -1,52 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Tool; - -/** - * Provides generic array navigation tools. - */ -trait ArrayAccessorTrait -{ - /** - * Returns a value by key using dot notation. - * - * @param array $data - * @param string $key - * @param mixed|null $default - * @return mixed - */ - private function getValueByKey(array $data, $key, $default = null) - { - if (!is_string($key) || empty($key) || !count($data)) { - return $default; - } - - if (strpos($key, '.') !== false) { - $keys = explode('.', $key); - - foreach ($keys as $innerKey) { - if (!is_array($data) || !array_key_exists($innerKey, $data)) { - return $default; - } - - $data = $data[$innerKey]; - } - - return $data; - } - - return array_key_exists($key, $data) ? $data[$key] : $default; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Tool/BearerAuthorizationTrait.php b/plugins/auth/vendor/league/oauth2-client/src/Tool/BearerAuthorizationTrait.php deleted file mode 100644 index 081c7c86..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Tool/BearerAuthorizationTrait.php +++ /dev/null @@ -1,36 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Tool; - -use League\OAuth2\Client\Token\AccessTokenInterface; - -/** - * Enables `Bearer` header authorization for providers. - * - * @link http://tools.ietf.org/html/rfc6750 Bearer Token Usage (RFC 6750) - */ -trait BearerAuthorizationTrait -{ - /** - * Returns authorization headers for the 'bearer' grant. - * - * @param AccessTokenInterface|string|null $token Either a string or an access token instance - * @return array - */ - protected function getAuthorizationHeaders($token = null) - { - return ['Authorization' => 'Bearer ' . $token]; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Tool/GuardedPropertyTrait.php b/plugins/auth/vendor/league/oauth2-client/src/Tool/GuardedPropertyTrait.php deleted file mode 100644 index 02c9ba5f..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Tool/GuardedPropertyTrait.php +++ /dev/null @@ -1,70 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Tool; - -/** - * Provides support for blacklisting explicit properties from the - * mass assignment behavior. - */ -trait GuardedPropertyTrait -{ - /** - * The properties that aren't mass assignable. - * - * @var array - */ - protected $guarded = []; - - /** - * Attempts to mass assign the given options to explicitly defined properties, - * skipping over any properties that are defined in the guarded array. - * - * @param array $options - * @return mixed - */ - protected function fillProperties(array $options = []) - { - if (isset($options['guarded'])) { - unset($options['guarded']); - } - - foreach ($options as $option => $value) { - if (property_exists($this, $option) && !$this->isGuarded($option)) { - $this->{$option} = $value; - } - } - } - - /** - * Returns current guarded properties. - * - * @return array - */ - public function getGuarded() - { - return $this->guarded; - } - - /** - * Determines if the given property is guarded. - * - * @param string $property - * @return bool - */ - public function isGuarded($property) - { - return in_array($property, $this->getGuarded()); - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Tool/MacAuthorizationTrait.php b/plugins/auth/vendor/league/oauth2-client/src/Tool/MacAuthorizationTrait.php deleted file mode 100644 index f8dcd77c..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Tool/MacAuthorizationTrait.php +++ /dev/null @@ -1,83 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Tool; - -use League\OAuth2\Client\Token\AccessToken; -use League\OAuth2\Client\Token\AccessTokenInterface; - -/** - * Enables `MAC` header authorization for providers. - * - * @link http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-05 Message Authentication Code (MAC) Tokens - */ -trait MacAuthorizationTrait -{ - /** - * Returns the id of this token for MAC generation. - * - * @param AccessToken $token - * @return string - */ - abstract protected function getTokenId(AccessToken $token); - - /** - * Returns the MAC signature for the current request. - * - * @param string $id - * @param integer $ts - * @param string $nonce - * @return string - */ - abstract protected function getMacSignature($id, $ts, $nonce); - - /** - * Returns a new random string to use as the state parameter in an - * authorization flow. - * - * @param int $length Length of the random string to be generated. - * @return string - */ - abstract protected function getRandomState($length = 32); - - /** - * Returns the authorization headers for the 'mac' grant. - * - * @param AccessTokenInterface|string|null $token Either a string or an access token instance - * @return array - * @codeCoverageIgnore - * - * @todo This is currently untested and provided only as an example. If you - * complete the implementation, please create a pull request for - * https://github.com/thephpleague/oauth2-client - */ - protected function getAuthorizationHeaders($token = null) - { - if ($token === null) { - return []; - } - - $ts = time(); - $id = $this->getTokenId($token); - $nonce = $this->getRandomState(16); - $mac = $this->getMacSignature($id, $ts, $nonce); - - $parts = []; - foreach (compact('id', 'ts', 'nonce', 'mac') as $key => $value) { - $parts[] = sprintf('%s="%s"', $key, $value); - } - - return ['Authorization' => 'MAC ' . implode(', ', $parts)]; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Tool/ProviderRedirectTrait.php b/plugins/auth/vendor/league/oauth2-client/src/Tool/ProviderRedirectTrait.php deleted file mode 100644 index f81b511f..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Tool/ProviderRedirectTrait.php +++ /dev/null @@ -1,122 +0,0 @@ -redirectLimit) { - $attempts++; - $response = $this->getHttpClient()->send($request, [ - 'allow_redirects' => false - ]); - - if ($this->isRedirect($response)) { - $redirectUrl = new Uri($response->getHeader('Location')[0]); - $request = $request->withUri($redirectUrl); - } else { - break; - } - } - - return $response; - } - - /** - * Returns the HTTP client instance. - * - * @return GuzzleHttp\ClientInterface - */ - abstract public function getHttpClient(); - - /** - * Retrieves current redirect limit. - * - * @return integer - */ - public function getRedirectLimit() - { - return $this->redirectLimit; - } - - /** - * Determines if a given response is a redirect. - * - * @param ResponseInterface $response - * - * @return boolean - */ - protected function isRedirect(ResponseInterface $response) - { - $statusCode = $response->getStatusCode(); - - return $statusCode > 300 && $statusCode < 400 && $response->hasHeader('Location'); - } - - /** - * Sends a request instance and returns a response instance. - * - * WARNING: This method does not attempt to catch exceptions caused by HTTP - * errors! It is recommended to wrap this method in a try/catch block. - * - * @param RequestInterface $request - * @return ResponseInterface - */ - public function getResponse(RequestInterface $request) - { - try { - $response = $this->followRequestRedirects($request); - } catch (BadResponseException $e) { - $response = $e->getResponse(); - } - - return $response; - } - - /** - * Updates the redirect limit. - * - * @param integer $limit - * @return League\OAuth2\Client\Provider\AbstractProvider - * @throws InvalidArgumentException - */ - public function setRedirectLimit($limit) - { - if (!is_int($limit)) { - throw new InvalidArgumentException('redirectLimit must be an integer.'); - } - - if ($limit < 1) { - throw new InvalidArgumentException('redirectLimit must be greater than or equal to one.'); - } - - $this->redirectLimit = $limit; - - return $this; - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Tool/QueryBuilderTrait.php b/plugins/auth/vendor/league/oauth2-client/src/Tool/QueryBuilderTrait.php deleted file mode 100644 index bdda3e79..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Tool/QueryBuilderTrait.php +++ /dev/null @@ -1,33 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Tool; - -/** - * Provides a standard way to generate query strings. - */ -trait QueryBuilderTrait -{ - /** - * Build a query string from an array. - * - * @param array $params - * - * @return string - */ - protected function buildQueryString(array $params) - { - return http_build_query($params, '', '&', \PHP_QUERY_RFC3986); - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Tool/RequestFactory.php b/plugins/auth/vendor/league/oauth2-client/src/Tool/RequestFactory.php deleted file mode 100644 index 1af43429..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Tool/RequestFactory.php +++ /dev/null @@ -1,87 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Tool; - -use GuzzleHttp\Psr7\Request; - -/** - * Used to produce PSR-7 Request instances. - * - * @link https://github.com/guzzle/guzzle/pull/1101 - */ -class RequestFactory -{ - /** - * Creates a PSR-7 Request instance. - * - * @param null|string $method HTTP method for the request. - * @param null|string $uri URI for the request. - * @param array $headers Headers for the message. - * @param string|resource|StreamInterface $body Message body. - * @param string $version HTTP protocol version. - * - * @return Request - */ - public function getRequest( - $method, - $uri, - array $headers = [], - $body = null, - $version = '1.1' - ) { - return new Request($method, $uri, $headers, $body, $version); - } - - /** - * Parses simplified options. - * - * @param array $options Simplified options. - * - * @return array Extended options for use with getRequest. - */ - protected function parseOptions(array $options) - { - // Should match default values for getRequest - $defaults = [ - 'headers' => [], - 'body' => null, - 'version' => '1.1', - ]; - - return array_merge($defaults, $options); - } - - /** - * Creates a request using a simplified array of options. - * - * @param null|string $method - * @param null|string $uri - * @param array $options - * - * @return Request - */ - public function getRequestWithOptions($method, $uri, array $options = []) - { - $options = $this->parseOptions($options); - - return $this->getRequest( - $method, - $uri, - $options['headers'], - $options['body'], - $options['version'] - ); - } -} diff --git a/plugins/auth/vendor/league/oauth2-client/src/Tool/RequiredParameterTrait.php b/plugins/auth/vendor/league/oauth2-client/src/Tool/RequiredParameterTrait.php deleted file mode 100644 index 47da9771..00000000 --- a/plugins/auth/vendor/league/oauth2-client/src/Tool/RequiredParameterTrait.php +++ /dev/null @@ -1,56 +0,0 @@ - - * @license http://opensource.org/licenses/MIT MIT - * @link http://thephpleague.com/oauth2-client/ Documentation - * @link https://packagist.org/packages/league/oauth2-client Packagist - * @link https://github.com/thephpleague/oauth2-client GitHub - */ - -namespace League\OAuth2\Client\Tool; - -use BadMethodCallException; - -/** - * Provides functionality to check for required parameters. - */ -trait RequiredParameterTrait -{ - /** - * Checks for a required parameter in a hash. - * - * @throws BadMethodCallException - * @param string $name - * @param array $params - * @return void - */ - private function checkRequiredParameter($name, array $params) - { - if (!isset($params[$name])) { - throw new BadMethodCallException(sprintf( - 'Required parameter not passed: "%s"', - $name - )); - } - } - - /** - * Checks for multiple required parameters in a hash. - * - * @throws InvalidArgumentException - * @param array $names - * @param array $params - * @return void - */ - private function checkRequiredParameters(array $names, array $params) - { - foreach ($names as $name) { - $this->checkRequiredParameter($name, $params); - } - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/CHANGELOG b/plugins/auth/vendor/onelogin/php-saml/CHANGELOG deleted file mode 100644 index 4a51aa78..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/CHANGELOG +++ /dev/null @@ -1,315 +0,0 @@ -CHANGELOG -========= -v3.6.1 -* [#467](https://github.com/onelogin/php-saml/issues/467) Fix bug on getSelfRoutedURLNoQuery method - -v3.6.0 -* Add AES128_GCM encryption on generateNameId method. New setting parameter encryption_algorithm. If you set a encryption method different than AES128_CBC then the algorithm RSA_OAEP_MGF1P will be used as well instead RSA_1_5 -* PHP 8.0 support - -v3.5.1 -* 3.5.0 packagist/github release due a confusion were using the master (2.X branch). I'm releasing 3.5.1 to fix this issue and go back to 3.X branch - -v3.5.0 -* [#412](https://github.com/onelogin/php-saml/pull/412) Empty instead of unset the $_SESSION variable -* [#433](https://github.com/onelogin/php-saml/issues/443) Fix Incorrect Destination in LogoutResponse when using responseUrl #443 -* Update xmlseclibs to 3.1.1 -* Add support for SMARTCARD_PKI and RSA_TOKEN Auth Contexts -* Get lib path dinamically -* Check for x509Cert of the IdP when loading settings, even if the security index was not provided -* Support Statements with Attribute elements with the same name enabling the allowRepeatAttributeName setting - -v3.4.1 -* Add setSchemasPath to Auth class and fix backward compatibility - -v.3.4.0 -* Support rejecting unsolicited SAMLResponses. -* Support stric destination matching. -* Reject SAMLResponse if requestID was provided to the validotr but the InResponseTo attributeof the SAMLResponse is missing -* Check destination against the getSelfURLNoQuery as well on LogoutRequest and LogoutResponse as we do on Response -* Improve getSelfRoutedURLNoQuery method -* Only add responseUrl to the settings if ResponseLocation present in the IdPMetadataParser -* Remove use of $_GET on static method validateBinarySign -* Fix error message when Assertion and NameId are both encrypted (not supported) - -v.3.3.1 -* Update xmlseclibs to 3.0.4 -* Remove Comparison atribute from RequestedAuthnContext when setting has empty value - -v.3.3.0 -* Set true as the default value for strict setting -* Relax comparision of false on SignMetadata -* Fix CI - -v.3.2.1 -* Add missed nameIdValueReq parameter to buildAuthnRequest method - -v.3.2.0 -* Add support for Subjects on AuthNRequests by the new parameter nameIdValueReq -* Support SLO ResponseLocation -* [#344](https://github.com/onelogin/php-saml/issues/344) Raise errors on IdPMetadataParser::parseRemoteXML and IdPMetadataParser::parseFileXML -* [#356](https://github.com/onelogin/php-saml/issues/356) Support 'x509cert' and 'privateKey' on signMetadata security setting - -v.3.1.1 -* Force to use at least xmlseclibs 3.0.3 for security reasons -* [#367](https://github.com/onelogin/php-saml/pull/367) Move the creation of the AuthnRequest to separate function -* Set strict=true on config examples -* Move phpunit.xml - -v.3.1.0 -* Security improvement suggested by Nils Engelbertz to prevent DDOS by expansion of internally defined entities (XEE) -* Fix setting_example.php servicename parameter - -v.3.0.0 -* Remove mcrypt dependency. Compatible with PHP 7.2 -* xmlseclibs now is not part of the toolkit and need to be installed from original source - -v.2.18.0 -* Support rejecting unsolicited SAMLResponses. -* Support stric destination matching. -* Reject SAMLResponse if requestID was provided to the validotr but the InResponseTo attributeof the SAMLResponse is missing -* Check destination against the getSelfURLNoQuery as well on LogoutRequest and LogoutResponse as we do on Response -* Improve getSelfRoutedURLNoQuery method -* Only add responseUrl to the settings if ResponseLocation present in the IdPMetadataParser -* Remove use of $_GET on static method validateBinarySign -* Fix error message when Assertion and NameId are both encrypted (not supported) - -v.2.17.1 -* Update xmlseclibs to 3.0.4 -* Remove Comparison atribute from RequestedAuthnContext when setting has empty value - -v.2.17.0 -* Set true as the default value for strict setting -* Support 'x509cert' and 'privateKey' on signMetadata security settings -* Relax comparision of false on SignMetadata -* Fix CI - -v.2.16.0 -* Support SLO ResponseLocation -* [#344](https://github.com/onelogin/php-saml/issues/344) Raise errors on IdPMetadataParser::parseRemoteXML and IdPMetadataParser::parseFileXML -* Adjusted acs endpoint to extract NameQualifier and SPNameQualifier from SAMLResponse. Adjusted single logout service to provide NameQualifier and SPNameQualifier to logout method. Add getNameIdNameQualifier to Auth and SamlResponse. Extend logout method from Auth and LogoutRequest constructor to support SPNameQualifier parameter. Align LogoutRequest constructor with SAML specs -* Add support for Subjects on AuthNRequests by the new parameter -* Set strict=true on config examples - -v.2.15.0 -* Security improvement suggested by Nils Engelbertz to prevent DDOS by expansion of internally defined entities (XEE) -* Fix bug on settings_example.php - -v.2.14.0 -* Add parameter to the decryptElement method to make optional the formatting -* [#283](https://github.com/onelogin/php-saml/pull/283) New method of importing a decrypted assertion into the XML document to replace the EncryptedAssertion. Fix signature issues on Signed Encrypted Assertions with default namespace -* Allow the getSPMetadata() method to always include the encryption Key Descriptor -* Change some Fatal Error to Exceptions -* [#265](https://github.com/onelogin/php-saml/issues/265) Support parameters at getSPMetadata method -* Avoid calling static method using this - -v.2.13.0 -* Update xmlseclibs with some fixes. -* Add extra protection verifying the Signature algorithm used on SignedInfo element, not only rely on the xmlseclibs verify / verifySignature methods. -* Add getAttributesWithFriendlyName method which returns the set of SAML attributes indexed by FriendlyName -* Fix bug on parseRemoteXML and parseFileXML. Internal calls to parseXML missed the desiredNameIdFormat parameter - -v.2.12.0 -* Improve Time management. Use DateTime/DateTimeZone classes. -* Escape error messages in debug mode -* Improve phpdoc -* Add an extra filter to the url to be used on redirection - -* [#242](https://github.com/onelogin/php-saml/pull/242) Document that SHA-1 must not be used -* [#250](https://github.com/onelogin/php-saml/pull/250) Fixed issue with IdPMetadataParser only keeping 1 certificate when multiple certificates of a single type were provided. -* [#263](https://github.com/onelogin/php-saml/issues/263) Fix incompatibility with ADFS on SLO. When on php saml settings NameID Format is set as unspecified but the SAMLResponse has no NameID Format, no NameID Format should be specified on LogoutRequest. - -v.2.11.0 -* [#236](https://github.com/onelogin/php-saml/pull/236) Exclude unnecesary files from Composer production downloads -* [#226](https://github.com/onelogin/php-saml/pull/226) Add possibility to handle nameId NameQualifier attribute in SLO Request -* Improve logout documentation on Readme. -* Improve multi-certificate support - -v.2.10.7 -* Fix IdPMetadataParser. The SingleLogoutService retrieved method was wrong -* [#201](https://github.com/onelogin/php-saml/issues/201) Fix issues with SP entity_id, acs url and sls url that contains & - -v.2.10.6 -* [#206](https://github.com/onelogin/php-saml/pull/206)Be able to register future SP x509cert on the settings and publish it on SP metadata -* [#206](https://github.com/onelogin/php-saml/pull/206) Be able to register more than 1 Identity Provider x509cert, linked with an specific use (signing or encryption) -* [#206](https://github.com/onelogin/php-saml/pull/206) Support the ability to parse IdP XML metadata (remote url or file) and be able to inject the data obtained on the settings. - -v.2.10.5 -* Be able to get at the auth object the last processed ID -* Improve NameID Format support -* Reset errorReason attribute of the auth object after each Process method -* Validate serial number as string to work around libxml2 limitation -* Make the Issuer on the Response Optional - -v.2.10.4 -* [+](https://github.com/onelogin/php-saml/commit/949359f5cad5e1d085c4e5447d9aa8f49a6e82a1) Security update for signature validation on LogoutRequest/LogoutResponse -* [#192](https://github.com/onelogin/php-saml/pull/192) Added ability to configure DigestAlgorithm in settings -* [#183](https://github.com/onelogin/php-saml/pull/183) Fix strpos bug when decrypting assertions -* [#186](https://github.com/onelogin/php-saml/pull/186) Improve info on entityId validation Exception -* [#188](https://github.com/onelogin/php-saml/pull/188) Fixed issue with undefined constant of UNEXPECTED_SIGNED_ELEMENT -* Read ACS binding on AuthNRequest builder from settings -* Be able to relax Destination validation on SAMLResponses and let this - attribute to be empty with the 'relaxDestinationValidation' setting - -v.2.10.3 -* Implement a more specific exception class for handling some validation errors -* Minor changes on time validation/exceptions -* Add hooks to retrieve last-sent and last-received requests and responses -* Improve/Fix tests -* Add DigestAlgorithm support on addSign -* [#177](https://github.com/onelogin/php-saml/pull/177) Add error message for bad OneLogin_Saml2_Settings argument - -v.2.10.2 -* [#175](https://github.com/onelogin/php-saml/pull/175) Allow overriding of host, port, protocol and url path for URL building -* [#173](https://github.com/onelogin/php-saml/pull/173) Provide better support to NameIdFormat -* Fix another issue on Assertion Signature validation when the assertion contains no namespace, container has saml2 namespace and it was encrypted - -v.2.10.1 -* Fix error message on SignMetadata process -* Fix issue on Assertion Signature validation when the assertion contains no namespace and it was encrypted - -v.2.10.0 -* Several security improvements: - * Conditions element required and unique. - * AuthnStatement element required and unique. - * SPNameQualifier must math the SP EntityID - * Reject saml:Attribute element with same “Name” attribute - * Reject empty nameID - * Require Issuer element. (Must match IdP EntityID). - * Destination value can't be blank (if present must match ACS URL). - * Check that the EncryptedAssertion element only contains 1 Assertion element. -* Improve Signature validation process -* AttributeConsumingService support -* Support lowercase Urlencoding (ADFS compatibility). -* [#154](https://github.com/onelogin/php-saml/pull/154) getSelfHost no longer returns a port number -* [#156](https://github.com/onelogin/php-saml/pull/156) Use correct host on response destination fallback check -* [#158](https://github.com/onelogin/php-saml/pull/158) NEW Control usage of X-Forwarded-* headers -* Fix issue with buildRequestSignature. Added RelayState to the SignQuery only if is not null. -* Add Signature Wrapping prevention Test -* Improve _decryptAssertion in order to take care of Assertions with problems with namespaces -* Improve documentation - -v.2.9.1 -....... -* [134](https://github.com/onelogin/php-saml/pull/134) PHP7 production settings compiles out assert(), throw an exception explicitly -* [132](https://github.com/onelogin/php-saml/pull/132) Add note for "wantAssertionsEncrypted" -* Update copyright on LICENSE - -v.2.9.0 -------- -* Change the decrypt assertion process. -* Add 2 extra validations to prevent Signature wrapping attacks. -* Remove reference to wrong NameIDFormat: urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified should be urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified -* [128](https://github.com/onelogin/php-saml/pull/128) Test php7 and upgrade phpunit -* Update Readme with more descriptive requestedAuthnContext description and Security Guidelines - -v.2.8.0 -------- -* Make NameIDPolicy of AuthNRequest optional -* Make nameID requirement on SAMLResponse optional -* Fix empty URI support -* Symmetric encryption key support -* Add more Auth Context options to the constant class -* Fix DSA_SHA1 constant on xmlseclibs -* Set none requestedAuthnContext as default behaviour -* Update xmlseclibs lib -* Improve formatPrivateKey method -* Fix bug when signing metadata, the SignatureMethod was not provided -* Fix getter for lastRequestID parameter in OneLogin_Saml2_Auth class -* Add $wantEncrypted parameter on addX509KeyDescriptors method that will allow to set KeyDescriptor[use='encryption'] if wantNameIdEncrypted or wantAssertionsEncrypted enabled -* Add $stay parameter on redirectTo method. (login/logout supports $stay but I forgot add this on previous 2.7.0 version) -* Improve code style - -v.2.7.0 -------- -* Trim acs, slo and issuer urls. -* Fix PHP 7 error (used continue outside a loop/switch). -* Fix bug on organization element of the SP metadata builder. -* Fix typos on documentation. Fix ALOWED Misspell. -* Be able to extract RequestID. Add RequestID validation on demo1. -* Add $stay parameter to login, logout and processSLO method. - -v.2.6.1 -------- -* Fix bug on cacheDuration of the Metadata XML generated. -* Make SPNameQualifier optional on the generateNameId method. Avoid the use of SPNameQualifier when generating the NameID on the LogoutRequest builder. -* Allows the authn comparsion attribute to be set via config. -* Retrieve Session Timeout after processResponse with getSessionExpiration(). -* Improve readme readability. -* Allow single log out to work for applications not leveraging php session_start. Added a callback parameter in order to close the session at processSLO. - -v.2.6.0 -------- -* Set NAMEID_UNSPECIFIED as default NameIDFormat to prevent conflicts with IdPs that don't support NAMEID_PERSISTENT. -* Now the SP is able to select the algorithm to be used on signatures (DSA_SHA1, RSA_SHA1, RSA_SHA256, RSA_SHA384, RSA_SHA512). -* Change visibility of _decryptAssertion to protected. -* Update xmlseclibs library. -* Handle valid but uncommon dsig block with no URI in the reference. -* login, logout and processSLO now return ->redirectTo instead of just call it. -* Split the setting check methods. Now 1 method for IdP settings and other for SP settings. -* Let the setting object to avoid the IdP setting check. required if we want to publish SP SAML Metadata when the IdP data is still not provided. - -v.2.5.0 -------- -* Do accesible the ID of the object Logout Request (id attribute). -* Add note about the fact that PHP 5.3 is unssuported. -* Add fingerprint algorithm support. -* Add dependences to composer. - -v.2.4.0 -------- -* Fix wrong element order in generated metadata. -* Added SLO with nameID and SessionIndex in demo1. -* Improve isHTTPS method in order to support HTTP_X_FORWARDED_PORT. -* Set optional the XMLvalidation (enable/disable it with wantXMLValidation security setting). - -v.2.3.0 -------- -* Resolve namespace problem. Some IdPs uses saml2p:Response and saml2:Assertion instead of samlp:Response saml:Assertion. -* Improve test and documentation. -* Improve ADFS compatibility. -* Remove unnecessary XSDs files. -* Make available the reason for the saml message invalidation. -* Adding ability to set idp cert once the Setting object initialized. -* Fix status info issue. -* Reject SAML Response if not signed and strict = false. -* Support NameId and SessionIndex in LogoutRequest. -* Add ForceAuh and IsPassive support. - -v.2.2.0 -------- -* Fix bug with Encrypted nameID on LogoutRequest. -* Fixed usability bug. SP will inform about AuthFail status after process a Response. -* Added SessionIndex support on LogoutRequest, and know is accesible from the Auth class. -* LogoutRequest and LogoutResponse classes now accept non deflated xml. -* Improved the XML metadata/ Decrypted Assertion output. (prettyprint). -* Fix bug in formatPrivateKey method, the key could be not RSA. -* Explicit warning message for signed element problem. -* Decrypt method improved. -* Support more algorithm at the SigAlg in the Signed LogoutRequests and LogoutResponses -* AuthNRequest now stores ID (it can be retrieved later). -* Fixed a typo on the 'NameIdPolicy' attribute that appeared at the README and settings_example file. - - -v.2.1.0 -------- - -* The isValid method of the Logout Request is now non-static. (affects processSLO method of Auth.php). -* Logout Request constructor now accepts encoded logout requests. -* Now after validate a message, if fails a method getError of the object will return the cause. -* Fix typos. -* Added extra parameters option to login and logout methods. -* Improve Test (new test, use the new getError method for testing). -* Bugfix namespace problem when getting Attributes. - - -v.2.0.0 -------- - -* New PHP SAML Toolkit (SLO, Sign, Encryptation). - - -v.1.0.0 -------- - -* Old PHP SAML Toolkit. diff --git a/plugins/auth/vendor/onelogin/php-saml/LICENSE b/plugins/auth/vendor/onelogin/php-saml/LICENSE deleted file mode 100644 index dbbca9c6..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/LICENSE +++ /dev/null @@ -1,23 +0,0 @@ -Copyright (c) 2010-2016 OneLogin, Inc. - -Permission is hereby granted, free of charge, to any person -obtaining a copy of this software and associated documentation -files (the "Software"), to deal in the Software without -restriction, including without limitation the rights to use, -copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the -Software is furnished to do so, subject to the following -conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES -OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT -HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, -WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING -FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR -OTHER DEALINGS IN THE SOFTWARE. - diff --git a/plugins/auth/vendor/onelogin/php-saml/README.md b/plugins/auth/vendor/onelogin/php-saml/README.md deleted file mode 100644 index d552ecb9..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/README.md +++ /dev/null @@ -1,1554 +0,0 @@ -# OneLogin's SAML PHP Toolkit Compatible with PHP 5.X & 7.X - -[![Build Status](https://api.travis-ci.org/onelogin/php-saml.png?branch=master)](http://travis-ci.org/onelogin/php-saml) [![Coverage Status](https://coveralls.io/repos/onelogin/php-saml/badge.png)](https://coveralls.io/r/onelogin/php-saml) [![License](https://poser.pugx.org/onelogin/php-saml/license.png)](https://packagist.org/packages/onelogin/php-saml) - -Add SAML support to your PHP software using this library. -Forget those complicated libraries and use this open source library provided -and supported by OneLogin Inc. - - -Warning -------- - -Version 3.4.0 introduces the 'rejectUnsolicitedResponsesWithInResponseTo' setting parameter, by default disabled, that will allow invalidate unsolicited SAMLResponse. This version as well will reject SAMLResponse if requestId was provided to the validator but the SAMLResponse does not contain a InResponseTo attribute. And an additional setting parameter 'destinationStrictlyMatches', by default disabled, that will force that the Destination URL should strictly match to the address that process the SAMLResponse. - -Version 3.3.1 updates xmlseclibs to 3.0.4 (CVE-2019-3465), but php-saml was not directly affected since it implements additional checks that prevent to exploit that vulnerability. - -Version 3.3.0 sets strict mode active by default - -Update php-saml to 3.1.0, this version includes a security patch related to XEE attacks. - -This version is compatible with PHP 7.X and does not include xmlseclibs (you will need to install it via composer, dependency described in composer.json) - -Security Guidelines -------------------- - -If you believe you have discovered a security vulnerability in this toolkit, please report it at https://www.onelogin.com/security with a description. We follow responsible disclosure guidelines, and will work with you to quickly find a resolution. - - -Why add SAML support to my software? ------------------------------------- - -SAML is an XML-based standard for web browser single sign-on and is defined by -the OASIS Security Services Technical Committee. The standard has been around -since 2002, but lately it is becoming popular due its advantages: - - * **Usability** - One-click access from portals or intranets, deep linking, - password elimination and automatically renewing sessions make life - easier for the user. - * **Security** - Based on strong digital signatures for authentication and - integrity, SAML is a secure single sign-on protocol that the largest - and most security conscious enterprises in the world rely on. - * **Speed** - SAML is fast. One browser redirect is all it takes to securely - sign a user into an application. - * **Phishing Prevention** - If you don’t have a password for an app, you - can’t be tricked into entering it on a fake login page. - * **IT Friendly** - SAML simplifies life for IT because it centralizes - authentication, provides greater visibility and makes directory - integration easier. - * **Opportunity** - B2B cloud vendor should support SAML to facilitate the - integration of their product. - - -General description -------------------- - -OneLogin's SAML PHP toolkit let you build a SP (Service Provider) over -your PHP application and connect it to any IdP (Identity Provider). - -Supports: - - * SSO and SLO (SP-Initiated and IdP-Initiated). - * Assertion and nameId encryption. - * Assertion signature. - * Message signature: AuthNRequest, LogoutRequest, LogoutResponses. - * Enable an Assertion Consumer Service endpoint. - * Enable a Single Logout Service endpoint. - * Publish the SP metadata (which can be signed). - -Key features: - - * **saml2int** - Implements the SAML 2.0 Web Browser SSO Profile. - * **Session-less** - Forget those common conflicts between the SP and - the final app, the toolkit delegate session in the final app. - * **Easy to use** - Programmer will be allowed to code high-level and - low-level programming, 2 easy to use APIs are available. - * **Tested** - Thoroughly tested. - * **Popular** - OneLogin's customers use it. Many PHP SAML plugins uses it. - -Integrate your PHP toolkit at OneLogin using this guide: [https://developers.onelogin.com/page/saml-toolkit-for-php](https://developers.onelogin.com/page/saml-toolkit-for-php) - -Installation ------------- - -### Dependencies ### - - * `php >= 5.4` and some core extensions like `php-xml`, `php-date`, `php-zlib`. - * `openssl`. Install the openssl library. It handles x509 certificates. - * `gettext`. Install that library and its php driver. It handles translations. - * `curl`. Install that library and its php driver if you plan to use the IdP Metadata parser. - -### Code ### - -#### Option 1. clone the repository from github #### - -git clone git@github.com:onelogin/php-saml.git - -Then pull the 3.X.X branch/tag - -#### Option 2. Download from github #### - -The toolkit is hosted on github. You can download it from: - - * https://github.com/onelogin/php-saml/releases - -Search for 3.X.X releases - -Copy the core of the library inside the php application. (each application has its -structure so take your time to locate the PHP SAML toolkit in the best place). -See the "Guide to add SAML support to my app" to know how. - -Take in mind that the compressed file only contains the main files. -If you plan to play with the demos, use the Option 1. - -#### Option 3. Composer #### - -The toolkit supports [composer](https://getcomposer.org/). You can find the `onelogin/php-saml` package at https://packagist.org/packages/onelogin/php-saml - -In order to import the saml toolkit to your current php project, execute -``` -composer require onelogin/php-saml -``` - -Remember to select the 3.X.X branch - -After installation has completed you will find at the `vendor/` folder a new folder named `onelogin` and inside the `php-saml`. Make sure you are including the autoloader provided by composer. It can be found at `vendor/autoload.php`. - -**Important** In this option, the x509 certs must be stored at `vendor/onelogin/php-saml/certs` -and settings file stored at `vendor/onelogin/php-saml`. - -Your settings are at risk of being deleted when updating packages using `composer update` or similar commands. So it is **highly** recommended that instead of using settings files, you pass the settings as an array directly to the constructor (explained later in this document). If you do not use this approach your settings are at risk of being deleted when updating packages using `composer update` or similar commands. - -Compatibility -------------- - -This 3.X.X supports PHP 7.X. but can be used with PHP >=5.4 as well (5.6.24+ recommended for security reasons). - -Namespaces ----------- - -If you are using the library with a framework like Symfony that contains -namespaces, remember that calls to the class must be done by adding a backslash (`\`) to the -start, for example to use the static method getSelfURLNoQuery use: - - \OneLogin\Saml2\Utils::getSelfURLNoQuery() - - -Security warning ----------------- - -In production, the `strict` parameter **MUST** be set as `"true"` and the -`signatureAlgorithm` and `digestAlgorithm` under `security` must be set to -something other than SHA1 (see https://shattered.io/ ). Otherwise your -environment is not secure and will be exposed to attacks. - -In production also we highly recommended to register on the settings the IdP certificate instead of using the fingerprint method. The fingerprint, is a hash, so at the end is open to a collision attack that can end on a signature validation bypass. Other SAML toolkits deprecated that mechanism, we maintain it for compatibility and also to be used on test environment. - -Getting started ---------------- - -### Knowing the toolkit ### - -The new OneLogin SAML Toolkit contains different folders (`certs`, `endpoints`, -`lib`, `demo`, etc.) and some files. - -Let's start describing the folders: - -#### `certs/` #### - -SAML requires a x509 cert to sign and encrypt elements like `NameID`, `Message`, -`Assertion`, `Metadata`. - -If our environment requires sign or encrypt support, this folder may contain -the x509 cert and the private key that the SP will use: - - * `sp.crt` - The public cert of the SP - * `sp.key` - The private key of the SP - -Or also we can provide those data in the setting file at the `$settings['sp']['x509cert']` -and the `$settings['sp']['privateKey']`. - -Sometimes we could need a signature on the metadata published by the SP, in -this case we could use the x509 cert previously mentioned or use a new x.509 -cert: `metadata.crt` and `metadata.key`. - -Use `sp_new.crt` if you are in a key rollover process and you want to -publish that x509 certificate on Service Provider metadata. - -#### `src/` #### - -This folder contains the heart of the toolkit, the libraries: - - * `Saml2` folder contains the new version of the classes and methods that - are described in a later section. - - -#### `doc/` #### - -This folder contains the API documentation of the toolkit. - - -#### `endpoints/` #### - -The toolkit has three endpoints: - - * `metadata.php` - Where the metadata of the SP is published. - * `acs.php` - Assertion Consumer Service. Processes the SAML Responses. - * `sls.php` - Single Logout Service. Processes Logout Requests and Logout - Responses. - -You can use the files provided by the toolkit or create your own endpoints -files when adding SAML support to your applications. Take in mind that those -endpoints files uses the setting file of the toolkit's base folder. - - -#### `locale/` #### - -Locale folder contains some translations: `en_US` and `es_ES` as a proof of concept. -Currently there are no translations but we will eventually localize the messages -and support multiple languages. - - -#### Other important files #### - -* `settings_example.php` - A template to be used in order to create a - settings.php file which contains the basic configuration info of the toolkit. -* `advanced_settings_example.php` - A template to be used in order to create a - advanced_settings.php file which contains extra configuration info related to - the security, the contact person, and the organization associated to the SP. -* `_toolkit_loader.php` - This file load the toolkit libraries (The SAML2 lib). - - -#### Miscellaneous #### - -* `tests/` - Contains the unit test of the toolkit. -* `demo1/` - Contains an example of a simple PHP app with SAML support. - Read the `Readme.txt` inside for more info. -* `demo2/` - Contains another example. - - -### How it works ### - -#### Settings #### - -First of all we need to configure the toolkit. The SP's info, the IdP's info, -and in some cases, configure advanced security issues like signatures and -encryption. - -There are two ways to provide the settings information: - - * Use a `settings.php` file that we should locate at the base folder of the - toolkit. - * Use an array with the setting data and provide it directly to the - constructor of the class. - - -There is a template file, `settings_example.php`, so you can make a copy of this -file, rename and edit it. - -```php - true, - - // Enable debug mode (to print errors). - 'debug' => false, - - // Set a BaseURL to be used instead of try to guess - // the BaseURL of the view that process the SAML Message. - // Ex http://sp.example.com/ - // http://example.com/sp/ - 'baseurl' => null, - - // Service Provider Data that we are deploying. - 'sp' => array( - // Identifier of the SP entity (must be a URI) - 'entityId' => '', - // Specifies info about where and how the message MUST be - // returned to the requester, in this case our SP. - 'assertionConsumerService' => array( - // URL Location where the from the IdP will be returned - 'url' => '', - // SAML protocol binding to be used when returning the - // message. OneLogin Toolkit supports this endpoint for the - // HTTP-POST binding only. - 'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', - ), - // If you need to specify requested attributes, set a - // attributeConsumingService. nameFormat, attributeValue and - // friendlyName can be omitted - "attributeConsumingService"=> array( - "serviceName" => "SP test", - "serviceDescription" => "Test Service", - "requestedAttributes" => array( - array( - "name" => "", - "isRequired" => false, - "nameFormat" => "", - "friendlyName" => "", - "attributeValue" => array() - ) - ) - ), - // Specifies info about where and how the message MUST be - // returned to the requester, in this case our SP. - 'singleLogoutService' => array( - // URL Location where the from the IdP will be returned - 'url' => '', - // SAML protocol binding to be used when returning the - // message. OneLogin Toolkit supports the HTTP-Redirect binding - // only for this endpoint. - 'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', - ), - // Specifies the constraints on the name identifier to be used to - // represent the requested subject. - // Take a look on lib/Saml2/Constants.php to see the NameIdFormat supported. - 'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', - // Usually x509cert and privateKey of the SP are provided by files placed at - // the certs folder. But we can also provide them with the following parameters - 'x509cert' => '', - 'privateKey' => '', - - /* - * Key rollover - * If you plan to update the SP x509cert and privateKey - * you can define here the new x509cert and it will be - * published on the SP metadata so Identity Providers can - * read them and get ready for rollover. - */ - // 'x509certNew' => '', - ), - - // Identity Provider Data that we want connected with our SP. - 'idp' => array( - // Identifier of the IdP entity (must be a URI) - 'entityId' => '', - // SSO endpoint info of the IdP. (Authentication Request protocol) - 'singleSignOnService' => array( - // URL Target of the IdP where the Authentication Request Message - // will be sent. - 'url' => '', - // SAML protocol binding to be used when returning the - // message. OneLogin Toolkit supports the HTTP-Redirect binding - // only for this endpoint. - 'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', - ), - // SLO endpoint info of the IdP. - 'singleLogoutService' => array( - // URL Location of the IdP where SLO Request will be sent. - 'url' => '', - // URL location of the IdP where SLO Response will be sent (ResponseLocation) - // if not set, url for the SLO Request will be used - 'responseUrl' => '', - // SAML protocol binding to be used when returning the - // message. OneLogin Toolkit supports the HTTP-Redirect binding - // only for this endpoint. - 'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', - ), - // Public x509 certificate of the IdP - 'x509cert' => '', - /* - * Instead of use the whole x509cert you can use a fingerprint in order to - * validate a SAMLResponse, but we don't recommend to use that - * method on production since is exploitable by a collision attack. - * (openssl x509 -noout -fingerprint -in "idp.crt" to generate it, - * or add for example the -sha256 , -sha384 or -sha512 parameter) - * - * If a fingerprint is provided, then the certFingerprintAlgorithm is required in order to - * let the toolkit know which algorithm was used. Possible values: sha1, sha256, sha384 or sha512 - * 'sha1' is the default value. - * - * Notice that if you want to validate any SAML Message sent by the HTTP-Redirect binding, you - * will need to provide the whole x509cert. - */ - // 'certFingerprint' => '', - // 'certFingerprintAlgorithm' => 'sha1', - - /* In some scenarios the IdP uses different certificates for - * signing/encryption, or is under key rollover phase and - * more than one certificate is published on IdP metadata. - * In order to handle that the toolkit offers that parameter. - * (when used, 'x509cert' and 'certFingerprint' values are - * ignored). - */ - // 'x509certMulti' => array( - // 'signing' => array( - // 0 => '', - // ), - // 'encryption' => array( - // 0 => '', - // ) - // ), - ), -); -``` -In addition to the required settings data (IdP, SP), there is extra -information that could be defined. In the same way that a template exists -for the basic info, there is a template for that advanced info located -at the base folder of the toolkit and named `advanced_settings_example.php` -that you can copy and rename it as `advanced_settings.php` - -```php - array( - 'requests' => true, - 'responses' => true - ), - // Security settings - 'security' => array( - - /** signatures and encryptions offered */ - - // Indicates that the nameID of the sent by this SP - // will be encrypted. - 'nameIdEncrypted' => false, - - // Indicates whether the messages sent by this SP - // will be signed. [Metadata of the SP will offer this info] - 'authnRequestsSigned' => false, - - // Indicates whether the messages sent by this SP - // will be signed. - 'logoutRequestSigned' => false, - - // Indicates whether the messages sent by this SP - // will be signed. - 'logoutResponseSigned' => false, - - /* Sign the Metadata - False || True (use sp certs) || array ( - 'keyFileName' => 'metadata.key', - 'certFileName' => 'metadata.crt' - ) - || array ( - 'x509cert' => '', - 'privateKey' => '' - ) - */ - 'signMetadata' => false, - - /** signatures and encryptions required **/ - - // Indicates a requirement for the , - // and elements received by this SP to be signed. - 'wantMessagesSigned' => false, - - // Indicates a requirement for the elements received by - // this SP to be encrypted. - 'wantAssertionsEncrypted' => false, - - // Indicates a requirement for the elements received by - // this SP to be signed. [Metadata of the SP will offer this info] - 'wantAssertionsSigned' => false, - - // Indicates a requirement for the NameID element on the SAMLResponse - // received by this SP to be present. - 'wantNameId' => true, - - // Indicates a requirement for the NameID received by - // this SP to be encrypted. - 'wantNameIdEncrypted' => false, - - // Authentication context. - // Set to false and no AuthContext will be sent in the AuthNRequest. - // Set true or don't present this parameter and you will get an AuthContext 'exact' 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'. - // Set an array with the possible auth context values: array('urn:oasis:names:tc:SAML:2.0:ac:classes:Password', 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'). - 'requestedAuthnContext' => false, - - // Indicates if the SP will validate all received xmls. - // (In order to validate the xml, 'strict' and 'wantXMLValidation' must be true). - 'wantXMLValidation' => true, - - // If true, SAMLResponses with an empty value at its Destination - // attribute will not be rejected for this fact. - 'relaxDestinationValidation' => false, - - // If true, Destination URL should strictly match to the address to - // which the response has been sent. - // Notice that if 'relaxDestinationValidation' is true an empty Destintation - // will be accepted. - 'destinationStrictlyMatches' => false, - - // If true, the toolkit will not raised an error when the Statement Element - // contain atribute elements with name duplicated - 'allowRepeatAttributeName' => false, - - // If true, SAMLResponses with an InResponseTo value will be rejectd if not - // AuthNRequest ID provided to the validation method. - 'rejectUnsolicitedResponsesWithInResponseTo' => false, - - // Algorithm that the toolkit will use on signing process. Options: - // 'http://www.w3.org/2000/09/xmldsig#rsa-sha1' - // 'http://www.w3.org/2000/09/xmldsig#dsa-sha1' - // 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' - // 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384' - // 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512' - // Notice that rsa-sha1 is a deprecated algorithm and should not be used - 'signatureAlgorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', - - // Algorithm that the toolkit will use on digest process. Options: - // 'http://www.w3.org/2000/09/xmldsig#sha1' - // 'http://www.w3.org/2001/04/xmlenc#sha256' - // 'http://www.w3.org/2001/04/xmldsig-more#sha384' - // 'http://www.w3.org/2001/04/xmlenc#sha512' - // Notice that sha1 is a deprecated algorithm and should not be used - 'digestAlgorithm' => 'http://www.w3.org/2001/04/xmlenc#sha256', - - // Algorithm that the toolkit will use for encryption process. Options: - // 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc' - // 'http://www.w3.org/2001/04/xmlenc#aes128-cbc' - // 'http://www.w3.org/2001/04/xmlenc#aes192-cbc' - // 'http://www.w3.org/2001/04/xmlenc#aes256-cbc' - // 'http://www.w3.org/2009/xmlenc11#aes128-gcm' - // 'http://www.w3.org/2009/xmlenc11#aes192-gcm' - // 'http://www.w3.org/2009/xmlenc11#aes256-gcm'; - // Notice that aes-cbc are not consider secure anymore so should not be used - 'encryption_algorithm' => 'http://www.w3.org/2009/xmlenc11#aes128-gcm', - - // ADFS URL-Encodes SAML data as lowercase, and the toolkit by default uses - // uppercase. Turn it True for ADFS compatibility on signature verification - 'lowercaseUrlencoding' => false, - ), - - // Contact information template, it is recommended to supply a - // technical and support contacts. - 'contactPerson' => array( - 'technical' => array( - 'givenName' => '', - 'emailAddress' => '' - ), - 'support' => array( - 'givenName' => '', - 'emailAddress' => '' - ), - ), - - // Organization information template, the info in en_US lang is - // recomended, add more if required. - 'organization' => array( - 'en-US' => array( - 'name' => '', - 'displayname' => '', - 'url' => '' - ), - ), -); -``` - -The compression settings allow you to instruct whether or not the IdP can accept -data that has been compressed using [gzip](gzip) ('requests' and 'responses'). -But if we provide a `$deflate` boolean parameter to the `getRequest` or `getResponse` method it will have priority over the compression settings. - -In the security section, you can set the way that the SP will handle the messages -and assertions. Contact the admin of the IdP and ask him what the IdP expects, -and decide what validations will handle the SP and what requirements the SP will have -and communicate them to the IdP's admin too. - -Once we know what kind of data could be configured, let's talk about the way -settings are handled within the toolkit. - -The settings files described (`settings.php` and `advanced_settings.php`) are loaded -by the toolkit if no other array with settings info is provided in the constructor of the toolkit. Let's see some examples. - -```php -// Initializes toolkit with settings.php & advanced_settings files. -$auth = new OneLogin\Saml2\Auth(); -//or -$settings = new OneLogin\Saml2\Settings(); - -// Initializes toolkit with the array provided. -$auth = new OneLogin\Saml2\Auth($settingsInfo); -//or -$settings = new OneLogin\Saml2\Settings($settingsInfo); -``` - -You can declare the `$settingsInfo` in the file that contains the constructor -execution or locate them in any file and load the file in order to get the -array available as we see in the following example: - -```php -login(); // Method that sent the AuthNRequest -``` - -The `AuthNRequest` will be sent signed or unsigned based on the security info -of the `advanced_settings.php` (`'authnRequestsSigned'`). - - -The IdP will then return the SAML Response to the user's client. The client is then forwarded to the Attribute Consumer Service of the SP with this information. If we do not set a `'url'` param in the login method and we are using the default ACS provided by the toolkit (`endpoints/acs.php`), then the ACS endpoint will redirect the user to the file that launched the SSO request. - -We can set a `'returnTo'` url to change the workflow and redirect the user to the other PHP file. - -```php -$newTargetUrl = 'http://example.com/consume2.php'; -$auth = new OneLogin\Saml2\Auth(); -$auth->login($newTargetUrl); -``` - -The login method can receive other six optional parameters: - -* `$parameters` - An array of parameters that will be added to the `GET` in the HTTP-Redirect. -* `$forceAuthn` - When true the `AuthNRequest` will set the `ForceAuthn='true'` -* `$isPassive` - When true the `AuthNRequest` will set the `Ispassive='true'` -* `$strict` - True if we want to stay (returns the url string) False to redirect -* `$setNameIdPolicy` - When true the AuthNRequest will set a nameIdPolicy element. -* `$nameIdValueReq` - Indicates to the IdP the subject that should be authenticated. - -If a match on the future SAMLResponse ID and the AuthNRequest ID to be sent is required, that AuthNRequest ID must to be extracted and saved. - -```php -$ssoBuiltUrl = $auth->login(null, array(), false, false, true); -$_SESSION['AuthNRequestID'] = $auth->getLastRequestID(); -header('Pragma: no-cache'); -header('Cache-Control: no-cache, must-revalidate'); -header('Location: ' . $ssoBuiltUrl); -exit(); -``` - -#### The SP Endpoints #### - -Related to the SP there are three important views: The metadata view, the ACS view and the SLS view. The toolkit -provides examples of those views in the endpoints directory. - -##### SP Metadata `endpoints/metadata.php` ##### - -This code will provide the XML metadata file of our SP, based on the info that we provided in the settings files. - -```php -getSettings(); - $metadata = $settings->getSPMetadata(); - $errors = $settings->validateMetadata($metadata); - if (empty($errors)) { - header('Content-Type: text/xml'); - echo $metadata; - } else { - throw new OneLogin\Saml2\Error( - 'Invalid SP metadata: '.implode(', ', $errors), - OneLogin\Saml2\Error::METADATA_SP_INVALID - ); - } -} catch (Exception $e) { - echo $e->getMessage(); -} -``` -The `getSPMetadata` will return the metadata signed or not based -on the security info of the `advanced_settings.php` (`'signMetadata'`). - -Before the XML metadata is exposed, a check takes place to ensure -that the info to be provided is valid. - -Instead of use the Auth object, you can directly use - -```php -$settings = new OneLogin\Saml2\Settings($settingsInfo, true); -``` -to get the settings object and with the true parameter we will avoid the IdP Settings validation. - - -##### Attribute Consumer Service(ACS) `endpoints/acs.php` ##### - -This code handles the SAML response that the IdP forwards to the SP through the user's client. - -```php -processResponse($requestID); -unset($_SESSION['AuthNRequestID']); - -$errors = $auth->getErrors(); - -if (!empty($errors)) { - echo '

' . implode(', ', $errors) . '

'; - exit(); -} - -if (!$auth->isAuthenticated()) { - echo "

Not authenticated

"; - exit(); -} - -$_SESSION['samlUserdata'] = $auth->getAttributes(); -$_SESSION['samlNameId'] = $auth->getNameId(); -$_SESSION['samlNameIdFormat'] = $auth->getNameIdFormat(); -$_SESSION['samlNameidNameQualifier'] = $auth->getNameIdNameQualifier(); -$_SESSION['samlNameidSPNameQualifier'] = $auth->getNameIdSPNameQualifier(); -$_SESSION['samlSessionIndex'] = $auth->getSessionIndex(); - -if (isset($_POST['RelayState']) && OneLogin\Saml2\Utils::getSelfURL() != $_POST['RelayState']) { - $auth->redirectTo($_POST['RelayState']); -} - -$attributes = $_SESSION['samlUserdata']; -$nameId = $_SESSION['samlNameId']; - -echo '

Identified user: '. htmlentities($nameId) .'

'; - -if (!empty($attributes)) { - echo '

' . _('User attributes:') . '

'; - echo ''; - foreach ($attributes as $attributeName => $attributeValues) { - echo ''; - } - echo '
' . _('Name') . '' . _('Values') . '
' . htmlentities($attributeName) . '
    '; - foreach ($attributeValues as $attributeValue) { - echo '
  • ' . htmlentities($attributeValue) . '
  • '; - } - echo '
'; -} else { - echo _('No attributes found.'); -} -``` - -The SAML response is processed and then checked that there are no errors. -It also verifies that the user is authenticated and stored the userdata in session. - -At that point there are two possible alternatives: - - 1. If no `RelayState` is provided, we could show the user data in this view - or however we wanted. - - 2. If `RelayState` is provided, a redirection takes place. - -Notice that we saved the user data in the session before the redirection to -have the user data available at the `RelayState` view. - - -###### The `getAttributes` method ###### - -In order to retrieve attributes we can use: - -```php -$attributes = $auth->getAttributes(); -``` - -With this method we get all the user data provided by the IdP in the Assertion -of the SAML Response. - -If we execute ```print_r($attributes)``` we could get: - -```php -Array -( - [cn] => Array - ( - [0] => John - ) - [sn] => Array - ( - [0] => Doe - ) - [mail] => Array - ( - [0] => john.doe@example.com - ) - [groups] => Array - ( - [0] => users - [1] => members - ) -) -``` - -Each attribute name can be used as an index into `$attributes` to obtain the value. Every attribute value -is an array - a single-valued attribute is an array of a single element. - - -The following code is equivalent: - -```php -$attributes = $auth->getAttributes(); -print_r($attributes['cn']); -``` - -```php -print_r($auth->getAttribute('cn')); -``` - - -Before trying to get an attribute, check that the user is -authenticated. If the user isn't authenticated or if there were -no attributes in the SAML assertion, an empty array will be -returned. For example, if we call to `getAttributes` before a -`$auth->processResponse`, the `getAttributes()` will return an -empty array. - - -##### Single Logout Service (SLS) `endpoints/sls.php` ##### - -This code handles the Logout Request and the Logout Responses. - -```php -processSLO(false, $requestID); - -$errors = $auth->getErrors(); - -if (empty($errors)) { - echo 'Sucessfully logged out'; -} else { - echo implode(', ', $errors); -} -``` - -If the SLS endpoints receives a Logout Response, the response is -validated and the session could be closed - - - -```php -// part of the processSLO method - -$logoutResponse = new OneLogin\Saml2\LogoutResponse($this->_settings, $_GET['SAMLResponse']); -if (!$logoutResponse->isValid($requestId)) { - $this->_errors[] = 'invalid_logout_response'; -} else if ($logoutResponse->getStatus() !== OneLogin\Saml2\Constants::STATUS_SUCCESS) { - $this->_errors[] = 'logout_not_success'; -} else { - if (!$keepLocalSession) { - OneLogin\Saml2\Utils::deleteLocalSession(); - } -} -``` - -If the SLS endpoints receives an Logout Request, the request is validated, -the session is closed and a Logout Response is sent to the SLS endpoint of -the IdP. - -```php -// part of the processSLO method - -$decoded = base64_decode($_GET['SAMLRequest']); -$request = gzinflate($decoded); -if (!OneLogin\Saml2\LogoutRequest::isValid($this->_settings, $request)) { - $this->_errors[] = 'invalid_logout_request'; -} else { - if (!$keepLocalSession) { - OneLogin\Saml2\Utils::deleteLocalSession(); - } - - $inResponseTo = $request->id; - $responseBuilder = new OneLogin\Saml2\LogoutResponse($this->_settings); - $responseBuilder->build($inResponseTo); - $logoutResponse = $responseBuilder->getResponse(); - - $parameters = array('SAMLResponse' => $logoutResponse); - if (isset($_GET['RelayState'])) { - $parameters['RelayState'] = $_GET['RelayState']; - } - - $security = $this->_settings->getSecurityData(); - if (isset($security['logoutResponseSigned']) && $security['logoutResponseSigned']) { - $signature = $this->buildResponseSignature($logoutResponse, $parameters['RelayState'], $security['signatureAlgorithm']); - $parameters['SigAlg'] = $security['signatureAlgorithm']; - $parameters['Signature'] = $signature; - } - - $this->redirectTo($this->getSLOurl(), $parameters); -} -``` - -If you aren't using the default PHP session, or otherwise need a manual -way to destroy the session, you can pass a callback method to the -`processSLO` method as the fourth parameter - -```php -$keepLocalSession = False; -$callback = function () { - // Destroy user session -}; - -$auth->processSLO($keepLocalSession, null, false, $callback); -``` - - -If we don't want that `processSLO` to destroy the session, pass a true -parameter to the `processSLO` method - -```php -$keepLocalSession = True; -$auth->processSLO($keepLocalSession); -``` - -#### Initiate SLO #### - -In order to send a Logout Request to the IdP: - -```php -logout(); // Method that sent the Logout Request. -``` - -Also there are eight optional parameters that can be set: -* `$returnTo` - The target URL the user should be returned to after logout. -* `$parameters` - Extra parameters to be added to the GET. -* `$name_id` - That will be used to build the LogoutRequest. If `name_id` parameter is not set and the auth object processed a -SAML Response with a `NameId`, then this `NameId` will be used. -* `$session_index` - SessionIndex that identifies the session of the user. -* `$stay` - True if we want to stay (returns the url string) False to redirect. -* `$nameIdFormat` - The NameID Format will be set in the LogoutRequest. -* `$nameIdNameQualifier` - The NameID NameQualifier will be set in the LogoutRequest. -* `$nameIdSPNameQualifier` - The NameID SP NameQualifier will be set in the LogoutRequest. - -The Logout Request will be sent signed or unsigned based on the security -info of the `advanced_settings.php` (`'logoutRequestSigned'`). - -The IdP will return the Logout Response through the user's client to the -Single Logout Service of the SP. -If we do not set a `'url'` param in the logout method and are using the -default SLS provided by the toolkit (`endpoints/sls.php`), then the SLS -endpoint will redirect the user to the file that launched the SLO request. - -We can set an `'returnTo'` url to change the workflow and redirect the user -to other php file. - -```php -$newTargetUrl = 'http://example.com/loggedOut.php'; -$auth = new OneLogin\Saml2\Auth(); -$auth->logout($newTargetUrl); -``` -A more complex logout with all the parameters: -``` -$auth = new OneLogin\Saml2\Auth(); -$returnTo = null; -$parameters = array(); -$nameId = null; -$sessionIndex = null; -$nameIdFormat = null; -$nameIdNameQualifier = null; -$nameIdSPNameQualifier = null; - -if (isset($_SESSION['samlNameId'])) { - $nameId = $_SESSION['samlNameId']; -} -if (isset($_SESSION['samlSessionIndex'])) { - $sessionIndex = $_SESSION['samlSessionIndex']; -} -if (isset($_SESSION['samlNameIdFormat'])) { - $nameIdFormat = $_SESSION['samlNameIdFormat']; -} -if (isset($_SESSION['samlNameIdNameQualifier'])) { - $nameIdNameQualifier = $_SESSION['samlNameIdNameQualifier']; -} -if (isset($_SESSION['samlNameIdSPNameQualifier'])) { - $nameIdSPNameQualifier = $_SESSION['samlNameIdSPNameQualifier']; -} -$auth->logout($returnTo, $parameters, $nameId, $sessionIndex, false, $nameIdFormat, $nameIdNameQualifier, $nameIdSPNameQualifier); -``` - -If a match on the future LogoutResponse ID and the LogoutRequest ID to be sent is required, that LogoutRequest ID must to be extracted and stored. - -```php -$sloBuiltUrl = $auth->logout(null, $parameters, $nameId, $sessionIndex, true); -$_SESSION['LogoutRequestID'] = $auth->getLastRequestID(); -header('Pragma: no-cache'); -header('Cache-Control: no-cache, must-revalidate'); -header('Location: ' . $sloBuiltUrl); -exit(); -``` - -#### Example of a view that initiates the SSO request and handles the response (is the acs target) #### - -We can code a unique file that initiates the SSO process, handle the response, get the attributes, initiate -the SLO and processes the logout response. - -Note: Review the `demo1` folder that contains that use case; in a later section we -explain the demo1 use case further in detail. - -```php -login(); -} else if (isset($_GET['sso2'])) { // Another SSO action - $returnTo = $spBaseUrl.'/demo1/attrs.php'; // but set a custom RelayState URL - $auth->login($returnTo); -} else if (isset($_GET['slo'])) { // SLO action. Will sent a Logout Request to IdP - $auth->logout(); -} else if (isset($_GET['acs'])) { // Assertion Consumer Service - $auth->processResponse(); // Process the Response of the IdP, get the - // attributes and put then at - // $_SESSION['samlUserdata'] - - $errors = $auth->getErrors(); // This method receives an array with the errors - // that could took place during the process - - if (!empty($errors)) { - echo '

' . implode(', ', $errors) . '

'; - } - // This check if the response was - if (!$auth->isAuthenticated()) { // sucessfully validated and the user - echo '

Not authenticated

'; // data retrieved or not - exit(); - } - - $_SESSION['samlUserdata'] = $auth->getAttributes(); // Retrieves user data - if (isset($_POST['RelayState']) && OneLogin\Saml2\Utils::getSelfURL() != $_POST['RelayState']) { - $auth->redirectTo($_POST['RelayState']); // Redirect if there is a - } // relayState set -} else if (isset($_GET['sls'])) { // Single Logout Service - $auth->processSLO(); // Process the Logout Request & Logout Response - $errors = $auth->getErrors(); // Retrieves possible validation errors - if (empty($errors)) { - echo '

Sucessfully logged out

'; - } else { - echo '

' . implode(', ', $errors) . '

'; - } -} - -if (isset($_SESSION['samlUserdata'])) { // If there is user data we print it. - if (!empty($_SESSION['samlUserdata'])) { - $attributes = $_SESSION['samlUserdata']; - echo 'You have the following attributes:
'; - echo ''; - foreach ($attributes as $attributeName => $attributeValues) { - echo ''; - } - echo '
NameValues
' . htmlentities($attributeName) . '
    '; - foreach ($attributeValues as $attributeValue) { - echo '
  • ' . htmlentities($attributeValue) . '
  • '; - } - echo '
'; - } else { // If there is not user data, we notify - echo "

You don't have any attribute

"; - } - - echo '

Logout

'; // Print some links with possible -} else { // actions - echo '

Login

'; - echo '

Login and access to attrs.php page

'; -} -``` - -#### URL-guessing methods #### - -php-saml toolkit uses a bunch of methods in OneLogin\Saml2\Utils that try to guess the URL where the SAML messages are processed. - -* `getSelfHost` Returns the current host. -* `getSelfPort` Return the port number used for the request -* `isHTTPS` Checks if the protocol is https or http. -* `getSelfURLhost` Returns the protocol + the current host + the port (if different than common ports). -* `getSelfURL` Returns the URL of the current host + current view + query. -* `getSelfURLNoQuery` Returns the URL of the current host + current view. -* `getSelfRoutedURLNoQuery` Returns the routed URL of the current host + current view. - -getSelfURLNoQuery and getSelfRoutedURLNoQuery are used to calculate the currentURL in order to validate SAML elements like Destination or Recipient. - -When the PHP application is behind a proxy or a load balancer we can execute `setProxyVars(true)` and `setSelfPort` and `isHTTPS` will take care of the `$_SERVER["HTTP_X_FORWARDED_PORT"]` and `$_SERVER['HTTP_X_FORWARDED_PROTO']` vars (otherwise they are ignored). - -Also a developer can use `setSelfProtocol`, `setSelfHost`, `setSelfPort` and `getBaseURLPath` to define a specific value to be returned by `isHTTPS`, `getSelfHost`, `getSelfPort` and `getBaseURLPath`. And define a `setBasePath` to be used on the `getSelfURL` and `getSelfRoutedURLNoQuery` to replace the data extracted from `$_SERVER["REQUEST_URI"]`. - -At the settings the developer will be able to set a `'baseurl'` parameter that automatically will use `setBaseURL` to set values for `setSelfProtocol`, `setSelfHost`, `setSelfPort` and `setBaseURLPath`. - - -### Working behind load balancer ### - -Is possible that asserting request URL and Destination attribute of SAML response fails when working behind load balancer with SSL offload. - -You should be able to workaround this by configuring your server so that it is aware of the proxy and returns the original url when requested. - -Or by using the method described on the previous section. - - -### SP Key rollover ### - -If you plan to update the SP x509cert and privateKey you can define the new x509cert as `$settings['sp']['x509certNew']` and it will be -published on the SP metadata so Identity Providers can read them and get ready for rollover. - - -### IdP with multiple certificates ### - -In some scenarios the IdP uses different certificates for -signing/encryption, or is under key rollover phase and more than one certificate is published on IdP metadata. - -In order to handle that the toolkit offers the `$settings['idp']['x509certMulti']` parameter. - -When that parameter is used, `'x509cert'` and `'certFingerprint'` values will be ignored by the toolkit. - -The `x509certMulti` is an array with 2 keys: -- `signing`. An array of certs that will be used to validate IdP signature -- `encryption` An array with one unique cert that will be used to encrypt data to be sent to the IdP - - -### Replay attacks ### - -In order to avoid replay attacks, you can store the ID of the SAML messages already processed, to avoid processing them twice. Since the Messages expires and will be invalidated due that fact, you don't need to store those IDs longer than the time frame that you currently accepting. - -Get the ID of the last processed message/assertion with the `getLastMessageId`/`getLastAssertionId` methods of the Auth object. - - -### Main classes and methods ### - -Described below are the main classes and methods that can be invoked. - -#### Saml2 library #### - -Lets describe now the classes and methods of the SAML2 library. - -##### OneLogin\Saml2\Auth - Auth.php ##### - -Main class of OneLogin PHP Toolkit - - * `Auth` - Initializes the SP SAML instance - * `login` - Initiates the SSO process. - * `logout` - Initiates the SLO process. - * `processResponse` - Process the SAML Response sent by the IdP. - * `processSLO` - Process the SAML Logout Response / Logout Request sent by the - IdP. - * `redirectTo` - Redirects the user to the url past by parameter or to the url - that we defined in our SSO Request. - * `isAuthenticated` - Checks if the user is authenticated or not. - * `getAttributes` - Returns the set of SAML attributes. - * `getAttribute` - Returns the requested SAML attribute - * `getNameId` - Returns the nameID - * `getNameIdFormat` - Gets the NameID Format provided by the SAML response from the IdP. - * `getNameIdNameQualifier` - Gets the NameID NameQualifier provided from the SAML Response String. - * `getNameIdSPNameQualifier` - Gets the NameID SP NameQualifier provided from the SAML Response String. - * `getSessionIndex` - Gets the SessionIndex from the AuthnStatement. - * `getErrors` - Returns if there were any error - * `getSSOurl` - Gets the SSO url. - * `getSLOurl` - Gets the SLO url. - * `getLastRequestID` - The ID of the last Request SAML message generated. - * `buildRequestSignature` - Generates the Signature for a SAML Request - * `buildResponseSignature` - Generates the Signature for a SAML Response - * `getSettings` - Returns the settings info - * `setStrict` - Set the strict mode active/disable - * `getLastRequestID` - Gets the ID of the last AuthNRequest or LogoutRequest generated by the Service Provider. - * `getLastRequestXML` - Returns the most recently-constructed/processed XML SAML request (AuthNRequest, LogoutRequest) - * `getLastResponseXML` - Returns the most recently-constructed/processed XML SAML response (SAMLResponse, LogoutResponse). If the SAMLResponse had an encrypted assertion, decrypts it. - - -##### OneLogin\Saml2\AuthnRequest - `AuthnRequest.php` ##### - -SAML 2 Authentication Request class - - * `AuthnRequest` - Constructs the `AuthnRequest` object. - * `getRequest` - Returns deflated, base64 encoded, unsigned `AuthnRequest`. - * `getId` - Returns the `AuthNRequest` ID. - * `getXML` - Returns the XML that will be sent as part of the request. - -##### OneLogin\Saml2\Response - `Response.php` ##### - -SAML 2 Authentication Response class - - * `Response` - Constructs the SAML Response object. - * `isValid` - Determines if the SAML Response is valid using the certificate. - * `checkStatus` - Checks if the Status is success. - * `getAudiences` - Gets the audiences. - * `getIssuers` - Gets the Issuers (from Response and Assertion) - * `getNameIdData` - Gets the NameID Data provided by the SAML response from the - IdP. - * `getNameId` - Gets the NameID provided by the SAML response from the IdP. - * `getNameIdFormat` - Gets the NameID Format provided by the SAML response from the IdP. - * `getNameIdNameQualifier` - Gets the NameID NameQualifier provided from the SAML Response String. - * `getNameIdSPNameQualifier` - Gets the NameID SP NameQualifier provided from the SAML Response String. - * `getSessionNotOnOrAfter` - Gets the SessionNotOnOrAfter from the - AuthnStatement - * `getSessionIndex` - Gets the SessionIndex from the AuthnStatement. - * `getAttributes` - Gets the Attributes from the AttributeStatement element. - * `validateNumAssertions` - Verifies that the document only contains a single - Assertion (encrypted or not). - * `validateTimestamps` - Verifies that the document is still valid according - Conditions Element. - * `getError` - After executing a validation process, if it fails, this method returns the cause - * `getXMLDocument` - Returns the SAML Response document (If contains an encrypted assertion, decrypts it) - -##### OneLogin\Saml2\LogoutRequest - `LogoutRequest.php` ##### - -SAML 2 Logout Request class - - * `LogoutRequest` - Constructs the Logout Request object. - * `getRequest` - Returns the Logout Request defated, base64encoded, unsigned - * `getID` - Returns the ID of the Logout Request. (If you have the object you can access to the id attribute) - * `getNameIdData` - Gets the NameID Data of the the Logout Request. - * `getNameId` - Gets the NameID of the Logout Request. - * `getIssuer` - Gets the Issuer of the Logout Request. - * `getSessionIndexes` - Gets the SessionIndexes from the Logout Request. - * `isValid` - Checks if the Logout Request received is valid. - * `getError` - After executing a validation process, if it fails, this method returns the cause - * `getXML` - Returns the XML that will be sent as part of the request or that was received at the SP. - -##### OneLogin\Saml2\LogoutResponse - `LogoutResponse.php` ##### - -SAML 2 Logout Response class - - * `LogoutResponse` - Constructs a Logout Response object - (Initialize params from settings and if provided load the Logout Response) - * `getIssuer` - Gets the Issuer of the Logout Response. - * `getStatus` - Gets the Status of the Logout Response. - * `isValid` - Determines if the SAML LogoutResponse is valid - * `build` - Generates a Logout Response object. - * `getResponse` - Returns a Logout Response object. - * `getError` - After executing a validation process, if it fails, this method returns the cause. - * `getXML` - Returns the XML that will be sent as part of the response or that was received at the SP. - -##### OneLogin\Saml2\Settings - `Settings.php` ##### - -Configuration of the OneLogin PHP Toolkit - - * `Settings` - Initializes the settings: Sets the paths of - the different folders and Loads settings info from settings file or - array/object provided - * `checkSettings` - Checks the settings info. - * `getBasePath` - Returns base path. - * `getCertPath` - Returns cert path. - * `getLibPath` - Returns lib path. - * `getExtLibPath` - Returns external lib path. - * `getSchemasPath` - Returns schema path. - * `checkSPCerts` - Checks if the x509 certs of the SP exists and are valid. - * `getSPkey` - Returns the x509 private key of the SP. - * `getSPcert` - Returns the x509 public cert of the SP. - * `getSPcertNew` - Returns the future x509 public cert of the SP. - * `getIdPData` - Gets the IdP data. - * `getSPData`Gets the SP data. - * `getSecurityData` - Gets security data. - * `getContacts` - Gets contact data. - * `getOrganization` - Gets organization data. - * `getSPMetadata` - Gets the SP metadata. The XML representation. - * `validateMetadata` - Validates an XML SP Metadata. - * `formatIdPCert` - Formats the IdP cert. - * `formatSPCert` - Formats the SP cert. - * `formatSPCertNew` - Formats the SP cert new. - * `formatSPKey` - Formats the SP private key. - * `getErrors` - Returns an array with the errors, the array is empty when - the settings is ok. - * `getLastErrorReason` - Returns the reason of the last error - * `getBaseURL` - Returns the baseurl set on the settings if any. - * `setBaseURL` - Set a baseurl value - * `setStrict` - Activates or deactivates the strict mode. - * `isStrict` - Returns if the 'strict' mode is active. - * `isDebugActive` - Returns if the debug is active. - -##### OneLogin\Saml2\Metadata - `Metadata.php` ##### - -A class that contains functionality related to the metadata of the SP - -* `builder` - Generates the metadata of the SP based on the settings. -* `signmetadata` - Signs the metadata with the key/cert provided -* `addX509KeyDescriptors` - Adds the x509 descriptors (sign/encriptation) to - the metadata - -##### OneLogin\Saml2\Utils - `Utils.php` ##### - -Auxiliary class that contains several methods - - * `validateXML` - This function attempts to validate an XML string against - the specified schema. - * `formatCert` - Returns a x509 cert (adding header & footer if required). - * `formatPrivateKey` - returns a RSA private key (adding header & footer if required). - * `redirect` - Executes a redirection to the provided url (or return the - target url). - * `isHTTPS` - Checks if https or http. - * `getSelfHost` - Returns the current host. - * `getSelfURLhost` - Returns the protocol + the current host + the port - (if different than common ports). - * `getSelfURLNoQuery` - Returns the URL of the current host + current view. - * `getSelfURL` - Returns the URL of the current host + current view + query. - * `generateUniqueID` - Generates a unique string (used for example as ID - for assertions). - * `parseTime2SAML` - Converts a UNIX timestamp to SAML2 timestamp on the - form `yyyy-mm-ddThh:mm:ss(\.s+)?Z`. - * `parseSAML2Time` - Converts a SAML2 timestamp on the form - `yyyy-mm-ddThh:mm:ss(\.s+)?Z` to a UNIX timestamp. The sub-second part is - ignored. - * `parseDuration` - Interprets a ISO8601 duration value relative to a given - timestamp. - * `getExpireTime` - Compares two dates and returns the earliest. - * `query` - Extracts nodes from the DOMDocument. - * `isSessionStarted` - Checks if the session is started or not. - * `deleteLocalSession` - Deletes the local session. - * `calculateX509Fingerprint` - Calculates the fingerprint of a x509cert. - * `formatFingerPrint` - Formats a fingerprint. - * `generateNameId` - Generates a `nameID`. - * `getStatus` - Gets Status from a Response. - * `decryptElement` - Decrypts an encrypted element. - * `castKey` - Converts a `XMLSecurityKey` to the correct algorithm. - * `addSign` - Adds signature key and senders certificate to an element - (Message or Assertion). - * `validateSign` - Validates a signature (Message or Assertion). - -##### OneLogin\Saml2\IdPMetadataParser - `IdPMetadataParser.php` ##### - -Auxiliary class that contains several methods to retrieve and process IdP metadata - - * `parseRemoteXML` - Get IdP Metadata Info from URL. - * `parseFileXML` - Get IdP Metadata Info from File. - * `parseXML` - Get IdP Metadata Info from XML. - * `injectIntoSettings` - Inject metadata info into php-saml settings array. - - -For more info, look at the source code; each method is documented and details -about what it does and how to use it are provided. Make sure to also check the doc folder where -HTML documentation about the classes and methods is provided for SAML and -SAML2. - - -Demos included in the toolkit ------------------------------ - -The toolkit includes three demo apps to teach how use the toolkit, take a look on it. - -Demos require that SP and IdP are well configured before test it. - -## Demo1 ## - -### SP setup ### - -The Onelogin's PHP Toolkit allows you to provide the settings info in two ways: - - * Use a `settings.php` file that we should locate at the base folder of the - toolkit. - * Use an array with the setting data. - -In this demo we provide the data in the second way, using a setting array named -`$settingsInfo`. This array users the `settings_example.php` included as a template -to create the `settings.php` settings and store it in the `demo1/` folder. -Configure the SP part and later review the metadata of the IdP and complete the IdP info. - -If you check the code of the index.php file you will see that the `settings.php` -file is loaded in order to get the `$settingsInfo` var to be used in order to initialize -the `Setting` class. - -Notice that in this demo, the `setting.php` file that could be defined at the base -folder of the toolkit is ignored and the libs are loaded using the -`_toolkit_loader.php` located at the base folder of the toolkit. - - -### IdP setup ### - -Once the SP is configured, the metadata of the SP is published at the -`metadata.php` file. Configure the IdP based on that information. - - -### How it works ### - - 1. First time you access to `index.php` view, you can select to login and return - to the same view or login and be redirected to the `attrs.php` view. - - 2. When you click: - - 2.1 in the first link, we access to (`index.php?sso`) an `AuthNRequest` - is sent to the IdP, we authenticate at the IdP and then a Response is sent - through the user's client to the SP, specifically the Assertion Consumer Service view: `index.php?acs`. - Notice that a `RelayState` parameter is set to the url that initiated the - process, the `index.php` view. - - 2.2 in the second link we access to (`attrs.php`) have the same process - described at 2.1 with the difference that as `RelayState` is set the `attrs.php`. - - 3. The SAML Response is processed in the ACS (`index.php?acs`), if the Response - is not valid, the process stops here and a message is shown. Otherwise we - are redirected to the RelayState view. a) `index.php` or b) `attrs.php`. - - 4. We are logged in the app and the user attributes are showed. - At this point, we can test the single log out functionality. - - 5. The single log out functionality could be tested by two ways. - - 5.1 SLO Initiated by SP. Click on the "logout" link at the SP, after that a - Logout Request is sent to the IdP, the session at the IdP is closed and - replies through the client to the SP with a Logout Response (sent to the - Single Logout Service endpoint). The SLS endpoint (`index.php?sls`) of the SP - process the Logout Response and if is valid, close the user session of the - local app. Notice that the SLO Workflow starts and ends at the SP. - - 5.2 SLO Initiated by IdP. In this case, the action takes place on the IdP - side, the logout process is initiated at the idP, sends a Logout - Request to the SP (SLS endpoint, `index.php?sls`). The SLS endpoint of the SP - process the Logout Request and if is valid, close the session of the user - at the local app and send a Logout Response to the IdP (to the SLS endpoint - of the IdP). The IdP receives the Logout Response, process it and close the - session at of the IdP. Notice that the SLO Workflow starts and ends at the IdP. - -Notice that all the SAML Requests and Responses are handled by a unique file, -the `index.php` file and how `GET` parameters are used to know the action that -must be done. - - -## Demo2 ## - -### SP setup ### - -The Onelogin's PHP Toolkit allows you to provide the settings info in two ways: - - * Use a `settings.php` file that we should locate at the base folder of the - toolkit. - * Use an array with the setting data. - -The first is the case of the demo2 app. The `setting.php` file and the -`setting_extended.php` file should be defined at the base folder of the toolkit. -Review the `setting_example.php` and the `advanced_settings_example.php` to -learn how to build them. - -In this case as Attribute Consume Service and Single Logout Service we are going to -use the files located in the endpoint folder (`acs.php` and `sls.php`). - - -### IdP setup ### - -Once the SP is configured, the metadata of the SP is published at the -`metadata.php` file. Based on that info, configure the IdP. - - -### How it works ### - -At demo1, we saw how all the SAML Request and Responses were handler at an -unique file, the `index.php` file. This demo1 uses high-level programming. - -At demo2, we have several views: `index.php`, `sso.php`, `slo.php`, `consume.php` -and `metadata.php`. As we said, we will use the endpoints that are defined -in the toolkit (`acs.php`, `sls.php` of the endpoints folder). This demo2 uses -low-level programming. - -Notice that the SSO action can be initiated at `index.php` or `sso.php`. - -The SAML workflow that take place is similar that the workflow defined in the -demo1, only changes the targets. - - 1. When you access `index.php` or `sso.php` for the first time, an `AuthNRequest` is - sent to the IdP automatically, (as `RelayState` is sent the origin url). - We authenticate at the IdP and then a `Response` is sent to the SP, to the - ACS endpoint, in this case `acs.php` of the endpoints folder. - - 2. The SAML Response is processed in the ACS, if the `Response` is not valid, - the process stops here and a message is shown. Otherwise we are redirected - to the `RelayState` view (`sso.php` or `index.php`). The `sso.php` detects if the - user is logged and redirects to `index.php`, so we will be in the - `index.php` at the end. - - 3. We are logged into the app and the user attributes (if any) are shown. - At this point, we can test the single log out functionality. - - 4. The single log out functionality could be tested by two ways. - - 4.1 SLO Initiated by SP. Click on the "logout" link at the SP, after that - we are redirected to the `slo.php` view and there a Logout Request is sent - to the IdP, the session at the IdP is closed and replies to the SP a - Logout Response (sent to the Single Logout Service endpoint). In this case - The SLS endpoint of the SP process the Logout Response and if is - valid, close the user session of the local app. Notice that the SLO - Workflow starts and ends at the SP. - - 4.2 SLO Initiated by IdP. In this case, the action takes place on the IdP - side, the logout process is initiated at the idP, sends a Logout - Request to the SP (SLS endpoint `sls.php` of the endpoint folder). - The SLS endpoint of the SP process the Logout Request and if is valid, - close the session of the user at the local app and sends a Logout Response - to the IdP (to the SLS endpoint of the IdP).The IdP receives the Logout - Response, process it and close the session at of the IdP. Notice that the - SLO Workflow starts and ends at the IdP. - diff --git a/plugins/auth/vendor/onelogin/php-saml/_toolkit_loader.php b/plugins/auth/vendor/onelogin/php-saml/_toolkit_loader.php deleted file mode 100644 index c4649d76..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/_toolkit_loader.php +++ /dev/null @@ -1,34 +0,0 @@ - array( - 'requests' => true, - 'responses' => true - ), - - // Security settings - 'security' => array( - - /** signatures and encryptions offered */ - - // Indicates that the nameID of the sent by this SP - // will be encrypted. - 'nameIdEncrypted' => false, - - // Indicates whether the messages sent by this SP - // will be signed. [The Metadata of the SP will offer this info] - 'authnRequestsSigned' => false, - - // Indicates whether the messages sent by this SP - // will be signed. - 'logoutRequestSigned' => false, - - // Indicates whether the messages sent by this SP - // will be signed. - 'logoutResponseSigned' => false, - - /* Sign the Metadata - False || True (use sp certs) || array ( - 'keyFileName' => 'metadata.key', - 'certFileName' => 'metadata.crt' - ) - || array ( - 'x509cert' => '', - 'privateKey' => '' - ) - */ - 'signMetadata' => false, - - - /** signatures and encryptions required **/ - - // Indicates a requirement for the , and - // elements received by this SP to be signed. - 'wantMessagesSigned' => false, - - // Indicates a requirement for the elements received by - // this SP to be encrypted. - 'wantAssertionsEncrypted' => false, - - // Indicates a requirement for the elements received by - // this SP to be signed. [The Metadata of the SP will offer this info] - 'wantAssertionsSigned' => false, - - // Indicates a requirement for the NameID element on the SAMLResponse received - // by this SP to be present. - 'wantNameId' => true, - - // Indicates a requirement for the NameID received by - // this SP to be encrypted. - 'wantNameIdEncrypted' => false, - - // Authentication context. - // Set to false and no AuthContext will be sent in the AuthNRequest, - // Set true or don't present this parameter and you will get an AuthContext 'exact' 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport' - // Set an array with the possible auth context values: array('urn:oasis:names:tc:SAML:2.0:ac:classes:Password', 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'), - 'requestedAuthnContext' => false, - - // Allows the authn comparison parameter to be set, defaults to 'exact' if - // the setting is not present. - 'requestedAuthnContextComparison' => 'exact', - - // Indicates if the SP will validate all received xmls. - // (In order to validate the xml, 'strict' and 'wantXMLValidation' must be true). - 'wantXMLValidation' => true, - - // If true, SAMLResponses with an empty value at its Destination - // attribute will not be rejected for this fact. - 'relaxDestinationValidation' => false, - - // If true, Destination URL should strictly match to the address to - // which the response has been sent. - // Notice that if 'relaxDestinationValidation' is true an empty Destintation - // will be accepted. - 'destinationStrictlyMatches' => false, - - // If true, the toolkit will not raised an error when the Statement Element - // contain atribute elements with name duplicated - 'allowRepeatAttributeName' => false, - - // If true, SAMLResponses with an InResponseTo value will be rejectd if not - // AuthNRequest ID provided to the validation method. - 'rejectUnsolicitedResponsesWithInResponseTo' => false, - - // Algorithm that the toolkit will use on signing process. Options: - // 'http://www.w3.org/2000/09/xmldsig#rsa-sha1' - // 'http://www.w3.org/2000/09/xmldsig#dsa-sha1' - // 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' - // 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384' - // 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512' - // Notice that rsa-sha1 is a deprecated algorithm and should not be used - 'signatureAlgorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', - - // Algorithm that the toolkit will use on digest process. Options: - // 'http://www.w3.org/2000/09/xmldsig#sha1' - // 'http://www.w3.org/2001/04/xmlenc#sha256' - // 'http://www.w3.org/2001/04/xmldsig-more#sha384' - // 'http://www.w3.org/2001/04/xmlenc#sha512' - // Notice that sha1 is a deprecated algorithm and should not be used - 'digestAlgorithm' => 'http://www.w3.org/2001/04/xmlenc#sha256', - - // Algorithm that the toolkit will use for encryption process. Options: - // 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc' - // 'http://www.w3.org/2001/04/xmlenc#aes128-cbc' - // 'http://www.w3.org/2001/04/xmlenc#aes192-cbc' - // 'http://www.w3.org/2001/04/xmlenc#aes256-cbc' - // 'http://www.w3.org/2009/xmlenc11#aes128-gcm' - // 'http://www.w3.org/2009/xmlenc11#aes192-gcm' - // 'http://www.w3.org/2009/xmlenc11#aes256-gcm'; - // Notice that aes-cbc are not consider secure anymore so should not be used - 'encryption_algorithm' => 'http://www.w3.org/2009/xmlenc11#aes128-gcm', - - // ADFS URL-Encodes SAML data as lowercase, and the toolkit by default uses - // uppercase. Turn it True for ADFS compatibility on signature verification - 'lowercaseUrlencoding' => false, - ), - - // Contact information template, it is recommended to suply a technical and support contacts - 'contactPerson' => array( - 'technical' => array( - 'givenName' => '', - 'emailAddress' => '' - ), - 'support' => array( - 'givenName' => '', - 'emailAddress' => '' - ), - ), - - // Organization information template, the info in en_US lang is recomended, add more if required - 'organization' => array( - 'en-US' => array( - 'name' => '', - 'displayname' => '', - 'url' => '' - ), - ), -); - - -/* Interoperable SAML 2.0 Web Browser SSO Profile [saml2int] http://saml2int.org/profile/current - - 'authnRequestsSigned' => false, // SP SHOULD NOT sign the , - // MUST NOT assume that the IdP validates the sign - 'wantAssertionsSigned' => true, - 'wantAssertionsEncrypted' => true, // MUST be enabled if SSL/HTTPs is disabled - 'wantNameIdEncrypted' => false, -*/ diff --git a/plugins/auth/vendor/onelogin/php-saml/certs/README b/plugins/auth/vendor/onelogin/php-saml/certs/README deleted file mode 100644 index 1616ebda..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/certs/README +++ /dev/null @@ -1,14 +0,0 @@ -Take care of this folder that could contain private key. Be sure that this folder never is published. - -Onelogin PHP Toolkit expects certs for the SP stored at: - - * sp.key Private Key - * sp.crt Public cert - * sp_new.crt Future Public cert - -Also you can use other cert to sign the metadata of the SP using the: - - * metadata.key - * metadata.crt - -If you are using composer to install the php-saml toolkit, You should move the certs folder to vendor/onelogin/php-saml/certs diff --git a/plugins/auth/vendor/onelogin/php-saml/composer.json b/plugins/auth/vendor/onelogin/php-saml/composer.json deleted file mode 100644 index 3aa198da..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/composer.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "name": "onelogin/php-saml", - "description": "OneLogin PHP SAML Toolkit", - "license": "MIT", - "homepage": "https://developers.onelogin.com/saml/php", - "keywords": ["saml", "saml2", "onelogin"], - "autoload": { - "psr-4": { - "OneLogin\\": "src/" - } - }, - "support": { - "email": "sixto.garcia@onelogin.com", - "issues": "https://github.com/onelogin/php-saml/issues", - "source": "https://github.com/onelogin/php-saml/" - }, - "require": { - "php": ">=5.4", - "robrichards/xmlseclibs": ">=3.1.1" - }, - "require-dev": { - "phpunit/phpunit": "<7.5.18", - "php-coveralls/php-coveralls": "^1.0.2 || ^2.0", - "sebastian/phpcpd": "^2.0 || ^3.0 || ^4.0", - "phploc/phploc": "^2.1 || ^3.0 || ^4.0", - "pdepend/pdepend": "^2.5.0", - "squizlabs/php_codesniffer": "^3.1.1" - }, - "suggest": { - "ext-openssl": "Install openssl lib in order to handle with x509 certs (require to support sign and encryption)", - "ext-curl": "Install curl lib to be able to use the IdPMetadataParser for parsing remote XMLs", - "ext-gettext": "Install gettext and php5-gettext libs to handle translations" - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/phpunit.xml b/plugins/auth/vendor/onelogin/php-saml/phpunit.xml deleted file mode 100644 index 3629f274..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/phpunit.xml +++ /dev/null @@ -1,18 +0,0 @@ - - - - ./tests/src - - - - - ./src - - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/settings_example.php b/plugins/auth/vendor/onelogin/php-saml/settings_example.php deleted file mode 100644 index 981a21a3..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/settings_example.php +++ /dev/null @@ -1,137 +0,0 @@ - true, - - // Enable debug mode (to print errors) - 'debug' => false, - - // Set a BaseURL to be used instead of try to guess - // the BaseURL of the view that process the SAML Message. - // Ex. http://sp.example.com/ - // http://example.com/sp/ - 'baseurl' => null, - - // Service Provider Data that we are deploying - 'sp' => array( - // Identifier of the SP entity (must be a URI) - 'entityId' => '', - // Specifies info about where and how the message MUST be - // returned to the requester, in this case our SP. - 'assertionConsumerService' => array( - // URL Location where the from the IdP will be returned - 'url' => '', - // SAML protocol binding to be used when returning the - // message. Onelogin Toolkit supports for this endpoint the - // HTTP-POST binding only - 'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', - ), - // If you need to specify requested attributes, set a - // attributeConsumingService. nameFormat, attributeValue and - // friendlyName can be omitted. Otherwise remove this section. - "attributeConsumingService"=> array( - "serviceName" => "SP test", - "serviceDescription" => "Test Service", - "requestedAttributes" => array( - array( - "name" => "", - "isRequired" => false, - "nameFormat" => "", - "friendlyName" => "", - "attributeValue" => "" - ) - ) - ), - // Specifies info about where and how the message MUST be - // returned to the requester, in this case our SP. - 'singleLogoutService' => array( - // URL Location where the from the IdP will be returned - 'url' => '', - // SAML protocol binding to be used when returning the - // message. Onelogin Toolkit supports for this endpoint the - // HTTP-Redirect binding only - 'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', - ), - // Specifies constraints on the name identifier to be used to - // represent the requested subject. - // Take a look on lib/Saml2/Constants.php to see the NameIdFormat supported - 'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified', - - // Usually x509cert and privateKey of the SP are provided by files placed at - // the certs folder. But we can also provide them with the following parameters - 'x509cert' => '', - 'privateKey' => '', - - /* - * Key rollover - * If you plan to update the SP x509cert and privateKey - * you can define here the new x509cert and it will be - * published on the SP metadata so Identity Providers can - * read them and get ready for rollover. - */ - // 'x509certNew' => '', - ), - - // Identity Provider Data that we want connect with our SP - 'idp' => array( - // Identifier of the IdP entity (must be a URI) - 'entityId' => '', - // SSO endpoint info of the IdP. (Authentication Request protocol) - 'singleSignOnService' => array( - // URL Target of the IdP where the SP will send the Authentication Request Message - 'url' => '', - // SAML protocol binding to be used when returning the - // message. Onelogin Toolkit supports for this endpoint the - // HTTP-Redirect binding only - 'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', - ), - // SLO endpoint info of the IdP. - 'singleLogoutService' => array( - // URL Location of the IdP where the SP will send the SLO Request - 'url' => '', - // URL location of the IdP where the SP SLO Response will be sent (ResponseLocation) - // if not set, url for the SLO Request will be used - 'responseUrl' => '', - // SAML protocol binding to be used when returning the - // message. Onelogin Toolkit supports for this endpoint the - // HTTP-Redirect binding only - 'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', - ), - // Public x509 certificate of the IdP - 'x509cert' => '', - /* - * Instead of use the whole x509cert you can use a fingerprint in - * order to validate the SAMLResponse, but we don't recommend to use - * that method on production since is exploitable by a collision - * attack. - * (openssl x509 -noout -fingerprint -in "idp.crt" to generate it, - * or add for example the -sha256 , -sha384 or -sha512 parameter) - * - * If a fingerprint is provided, then the certFingerprintAlgorithm is required in order to - * let the toolkit know which Algorithm was used. Possible values: sha1, sha256, sha384 or sha512 - * 'sha1' is the default value. - */ - // 'certFingerprint' => '', - // 'certFingerprintAlgorithm' => 'sha1', - - /* In some scenarios the IdP uses different certificates for - * signing/encryption, or is under key rollover phase and more - * than one certificate is published on IdP metadata. - * In order to handle that the toolkit offers that parameter. - * (when used, 'x509cert' and 'certFingerprint' values are - * ignored). - */ - // 'x509certMulti' => array( - // 'signing' => array( - // 0 => '', - // ), - // 'encryption' => array( - // 0 => '', - // ) - // ), - ), -); diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Auth.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Auth.php deleted file mode 100644 index 70a87152..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Auth.php +++ /dev/null @@ -1,817 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -use RobRichards\XMLSecLibs\XMLSecurityKey; - -use Exception; - -/** - * Main class of OneLogin's PHP Toolkit - */ -class Auth -{ - /** - * Settings data. - * - * @var Settings - */ - private $_settings; - - /** - * User attributes data. - * - * @var array - */ - private $_attributes = array(); - - /** - * User attributes data with FriendlyName index. - * - * @var array - */ - private $_attributesWithFriendlyName = array(); - - /** - * NameID - * - * @var string - */ - private $_nameid; - - /** - * NameID Format - * - * @var string - */ - private $_nameidFormat; - - /** - * NameID NameQualifier - * - * @var string - */ - private $_nameidNameQualifier; - - /** - * NameID SP NameQualifier - * - * @var string - */ - private $_nameidSPNameQualifier; - - /** - * If user is authenticated. - * - * @var bool - */ - private $_authenticated = false; - - - /** - * SessionIndex. When the user is logged, this stored it - * from the AuthnStatement of the SAML Response - * - * @var string - */ - private $_sessionIndex; - - /** - * SessionNotOnOrAfter. When the user is logged, this stored it - * from the AuthnStatement of the SAML Response - * - * @var int|null - */ - private $_sessionExpiration; - - /** - * The ID of the last message processed - * - * @var string - */ - private $_lastMessageId; - - /** - * The ID of the last assertion processed - * - * @var string - */ - private $_lastAssertionId; - - /** - * The NotOnOrAfter value of the valid SubjectConfirmationData - * node (if any) of the last assertion processed - * - * @var int - */ - private $_lastAssertionNotOnOrAfter; - - /** - * If any error. - * - * @var array - */ - private $_errors = array(); - - /** - * Last error object. - * - * @var Error|null - */ - private $_lastErrorException; - - /** - * Last error. - * - * @var string|null - */ - private $_lastError; - - /** - * Last AuthNRequest ID or LogoutRequest ID generated by this Service Provider - * - * @var string - */ - private $_lastRequestID; - - /** - * The most recently-constructed/processed XML SAML request - * (AuthNRequest, LogoutRequest) - * - * @var string - */ - private $_lastRequest; - - /** - * The most recently-constructed/processed XML SAML response - * (SAMLResponse, LogoutResponse). If the SAMLResponse was - * encrypted, by default tries to return the decrypted XML - * - * @var string|\DomDocument|null - */ - private $_lastResponse; - - /** - * Initializes the SP SAML instance. - * - * @param array|null $settings Setting data - * - * @throws Exception - * @throws Error - */ - public function __construct(array $settings = null) - { - $this->_settings = new Settings($settings); - } - - /** - * Returns the settings info - * - * @return Settings The settings data. - */ - public function getSettings() - { - return $this->_settings; - } - - /** - * Set the strict mode active/disable - * - * @param bool $value Strict parameter - * - * @throws Error - */ - public function setStrict($value) - { - if (!is_bool($value)) { - throw new Error( - 'Invalid value passed to setStrict()', - Error::SETTINGS_INVALID_SYNTAX - ); - } - - $this->_settings->setStrict($value); - } - - /** - * Set schemas path - * - * @param string $path - * @return $this - */ - public function setSchemasPath($path) - { - $this->_paths['schemas'] = $path; - } - - /** - * Process the SAML Response sent by the IdP. - * - * @param string|null $requestId The ID of the AuthNRequest sent by this SP to the IdP - * - * @throws Error - * @throws ValidationError - */ - public function processResponse($requestId = null) - { - $this->_errors = array(); - $this->_lastError = $this->_lastErrorException = null; - if (isset($_POST['SAMLResponse'])) { - // AuthnResponse -- HTTP_POST Binding - $response = new Response($this->_settings, $_POST['SAMLResponse']); - $this->_lastResponse = $response->getXMLDocument(); - - if ($response->isValid($requestId)) { - $this->_attributes = $response->getAttributes(); - $this->_attributesWithFriendlyName = $response->getAttributesWithFriendlyName(); - $this->_nameid = $response->getNameId(); - $this->_nameidFormat = $response->getNameIdFormat(); - $this->_nameidNameQualifier = $response->getNameIdNameQualifier(); - $this->_nameidSPNameQualifier = $response->getNameIdSPNameQualifier(); - $this->_authenticated = true; - $this->_sessionIndex = $response->getSessionIndex(); - $this->_sessionExpiration = $response->getSessionNotOnOrAfter(); - $this->_lastMessageId = $response->getId(); - $this->_lastAssertionId = $response->getAssertionId(); - $this->_lastAssertionNotOnOrAfter = $response->getAssertionNotOnOrAfter(); - } else { - $this->_errors[] = 'invalid_response'; - $this->_lastErrorException = $response->getErrorException(); - $this->_lastError = $response->getError(); - } - } else { - $this->_errors[] = 'invalid_binding'; - throw new Error( - 'SAML Response not found, Only supported HTTP_POST Binding', - Error::SAML_RESPONSE_NOT_FOUND - ); - } - } - - /** - * Process the SAML Logout Response / Logout Request sent by the IdP. - * - * @param bool $keepLocalSession When false will destroy the local session, otherwise will keep it - * @param string|null $requestId The ID of the LogoutRequest sent by this SP to the IdP - * @param bool $retrieveParametersFromServer True if we want to use parameters from $_SERVER to validate the signature - * @param callable $cbDeleteSession Callback to be executed to delete session - * @param bool $stay True if we want to stay (returns the url string) False to redirect - * - * @return string|null - * - * @throws Error - */ - public function processSLO($keepLocalSession = false, $requestId = null, $retrieveParametersFromServer = false, $cbDeleteSession = null, $stay = false) - { - $this->_errors = array(); - $this->_lastError = $this->_lastErrorException = null; - if (isset($_GET['SAMLResponse'])) { - $logoutResponse = new LogoutResponse($this->_settings, $_GET['SAMLResponse']); - $this->_lastResponse = $logoutResponse->getXML(); - if (!$logoutResponse->isValid($requestId, $retrieveParametersFromServer)) { - $this->_errors[] = 'invalid_logout_response'; - $this->_lastErrorException = $logoutResponse->getErrorException(); - $this->_lastError = $logoutResponse->getError(); - - } else if ($logoutResponse->getStatus() !== Constants::STATUS_SUCCESS) { - $this->_errors[] = 'logout_not_success'; - } else { - $this->_lastMessageId = $logoutResponse->id; - if (!$keepLocalSession) { - if ($cbDeleteSession === null) { - Utils::deleteLocalSession(); - } else { - call_user_func($cbDeleteSession); - } - } - } - } else if (isset($_GET['SAMLRequest'])) { - $logoutRequest = new LogoutRequest($this->_settings, $_GET['SAMLRequest']); - $this->_lastRequest = $logoutRequest->getXML(); - if (!$logoutRequest->isValid($retrieveParametersFromServer)) { - $this->_errors[] = 'invalid_logout_request'; - $this->_lastErrorException = $logoutRequest->getErrorException(); - $this->_lastError = $logoutRequest->getError(); - } else { - if (!$keepLocalSession) { - if ($cbDeleteSession === null) { - Utils::deleteLocalSession(); - } else { - call_user_func($cbDeleteSession); - } - } - $inResponseTo = $logoutRequest->id; - $this->_lastMessageId = $logoutRequest->id; - $responseBuilder = new LogoutResponse($this->_settings); - $responseBuilder->build($inResponseTo); - $this->_lastResponse = $responseBuilder->getXML(); - - $logoutResponse = $responseBuilder->getResponse(); - - $parameters = array('SAMLResponse' => $logoutResponse); - if (isset($_GET['RelayState'])) { - $parameters['RelayState'] = $_GET['RelayState']; - } - - $security = $this->_settings->getSecurityData(); - if (isset($security['logoutResponseSigned']) && $security['logoutResponseSigned']) { - $signature = $this->buildResponseSignature($logoutResponse, isset($parameters['RelayState'])? $parameters['RelayState']: null, $security['signatureAlgorithm']); - $parameters['SigAlg'] = $security['signatureAlgorithm']; - $parameters['Signature'] = $signature; - } - - return $this->redirectTo($this->getSLOResponseUrl(), $parameters, $stay); - } - } else { - $this->_errors[] = 'invalid_binding'; - throw new Error( - 'SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding', - Error::SAML_LOGOUTMESSAGE_NOT_FOUND - ); - } - } - - /** - * Redirects the user to the url past by parameter - * or to the url that we defined in our SSO Request. - * - * @param string $url The target URL to redirect the user. - * @param array $parameters Extra parameters to be passed as part of the url - * @param bool $stay True if we want to stay (returns the url string) False to redirect - * - * @return string|null - */ - public function redirectTo($url = '', array $parameters = array(), $stay = false) - { - assert(is_string($url)); - - if (empty($url) && isset($_REQUEST['RelayState'])) { - $url = $_REQUEST['RelayState']; - } - - return Utils::redirect($url, $parameters, $stay); - } - - /** - * Checks if the user is authenticated or not. - * - * @return bool True if the user is authenticated - */ - public function isAuthenticated() - { - return $this->_authenticated; - } - - /** - * Returns the set of SAML attributes. - * - * @return array Attributes of the user. - */ - public function getAttributes() - { - return $this->_attributes; - } - - - /** - * Returns the set of SAML attributes indexed by FriendlyName - * - * @return array Attributes of the user. - */ - public function getAttributesWithFriendlyName() - { - return $this->_attributesWithFriendlyName; - } - - /** - * Returns the nameID - * - * @return string The nameID of the assertion - */ - public function getNameId() - { - return $this->_nameid; - } - - /** - * Returns the nameID Format - * - * @return string The nameID Format of the assertion - */ - public function getNameIdFormat() - { - return $this->_nameidFormat; - } - - /** - * Returns the nameID NameQualifier - * - * @return string The nameID NameQualifier of the assertion - */ - public function getNameIdNameQualifier() - { - return $this->_nameidNameQualifier; - } - - /** - * Returns the nameID SP NameQualifier - * - * @return string The nameID SP NameQualifier of the assertion - */ - public function getNameIdSPNameQualifier() - { - return $this->_nameidSPNameQualifier; - } - - /** - * Returns the SessionIndex - * - * @return string|null The SessionIndex of the assertion - */ - public function getSessionIndex() - { - return $this->_sessionIndex; - } - - /** - * Returns the SessionNotOnOrAfter - * - * @return int|null The SessionNotOnOrAfter of the assertion - */ - public function getSessionExpiration() - { - return $this->_sessionExpiration; - } - - /** - * Returns if there were any error - * - * @return array Errors - */ - public function getErrors() - { - return $this->_errors; - } - - /** - * Returns the reason for the last error - * - * @return string|null Error reason - */ - public function getLastErrorReason() - { - return $this->_lastError; - } - - - /** - * Returns the last error - * - * @return Exception|null Error - */ - public function getLastErrorException() - { - return $this->_lastErrorException; - } - - /** - * Returns the requested SAML attribute - * - * @param string $name The requested attribute of the user. - * - * @return array|null Requested SAML attribute ($name). - */ - public function getAttribute($name) - { - assert(is_string($name)); - - $value = null; - if (isset($this->_attributes[$name])) { - return $this->_attributes[$name]; - } - return $value; - } - - /** - * Returns the requested SAML attribute indexed by FriendlyName - * - * @param string $friendlyName The requested attribute of the user. - * - * @return array|null Requested SAML attribute ($friendlyName). - */ - public function getAttributeWithFriendlyName($friendlyName) - { - assert(is_string($friendlyName)); - $value = null; - if (isset($this->_attributesWithFriendlyName[$friendlyName])) { - return $this->_attributesWithFriendlyName[$friendlyName]; - } - return $value; - } - - /** - * Initiates the SSO process. - * - * @param string|null $returnTo The target URL the user should be returned to after login. - * @param array $parameters Extra parameters to be added to the GET - * @param bool $forceAuthn When true the AuthNRequest will set the ForceAuthn='true' - * @param bool $isPassive When true the AuthNRequest will set the Ispassive='true' - * @param bool $stay True if we want to stay (returns the url string) False to redirect - * @param bool $setNameIdPolicy When true the AuthNRequest will set a nameIdPolicy element - * @param string $nameIdValueReq Indicates to the IdP the subject that should be authenticated - * - * @return string|null If $stay is True, it return a string with the SLO URL + LogoutRequest + parameters - * - * @throws Error - */ - public function login($returnTo = null, array $parameters = array(), $forceAuthn = false, $isPassive = false, $stay = false, $setNameIdPolicy = true, $nameIdValueReq = null) - { - $authnRequest = $this->buildAuthnRequest($this->_settings, $forceAuthn, $isPassive, $setNameIdPolicy, $nameIdValueReq); - - $this->_lastRequest = $authnRequest->getXML(); - $this->_lastRequestID = $authnRequest->getId(); - - $samlRequest = $authnRequest->getRequest(); - $parameters['SAMLRequest'] = $samlRequest; - - if (!empty($returnTo)) { - $parameters['RelayState'] = $returnTo; - } else { - $parameters['RelayState'] = Utils::getSelfRoutedURLNoQuery(); - } - - $security = $this->_settings->getSecurityData(); - if (isset($security['authnRequestsSigned']) && $security['authnRequestsSigned']) { - $signature = $this->buildRequestSignature($samlRequest, $parameters['RelayState'], $security['signatureAlgorithm']); - $parameters['SigAlg'] = $security['signatureAlgorithm']; - $parameters['Signature'] = $signature; - } - return $this->redirectTo($this->getSSOurl(), $parameters, $stay); - } - - /** - * Initiates the SLO process. - * - * @param string|null $returnTo The target URL the user should be returned to after logout. - * @param array $parameters Extra parameters to be added to the GET - * @param string|null $nameId The NameID that will be set in the LogoutRequest. - * @param string|null $sessionIndex The SessionIndex (taken from the SAML Response in the SSO process). - * @param bool $stay True if we want to stay (returns the url string) False to redirect - * @param string|null $nameIdFormat The NameID Format will be set in the LogoutRequest. - * @param string|null $nameIdNameQualifier The NameID NameQualifier will be set in the LogoutRequest. - * - * @return string|null If $stay is True, it return a string with the SLO URL + LogoutRequest + parameters - * - * @throws Error - */ - public function logout($returnTo = null, array $parameters = array(), $nameId = null, $sessionIndex = null, $stay = false, $nameIdFormat = null, $nameIdNameQualifier = null, $nameIdSPNameQualifier = null) - { - $sloUrl = $this->getSLOurl(); - if (empty($sloUrl)) { - throw new Error( - 'The IdP does not support Single Log Out', - Error::SAML_SINGLE_LOGOUT_NOT_SUPPORTED - ); - } - - if (empty($nameId) && !empty($this->_nameid)) { - $nameId = $this->_nameid; - } - if (empty($nameIdFormat) && !empty($this->_nameidFormat)) { - $nameIdFormat = $this->_nameidFormat; - } - - $logoutRequest = new LogoutRequest($this->_settings, null, $nameId, $sessionIndex, $nameIdFormat, $nameIdNameQualifier, $nameIdSPNameQualifier); - - $this->_lastRequest = $logoutRequest->getXML(); - $this->_lastRequestID = $logoutRequest->id; - - $samlRequest = $logoutRequest->getRequest(); - - $parameters['SAMLRequest'] = $samlRequest; - if (!empty($returnTo)) { - $parameters['RelayState'] = $returnTo; - } else { - $parameters['RelayState'] = Utils::getSelfRoutedURLNoQuery(); - } - - $security = $this->_settings->getSecurityData(); - if (isset($security['logoutRequestSigned']) && $security['logoutRequestSigned']) { - $signature = $this->buildRequestSignature($samlRequest, $parameters['RelayState'], $security['signatureAlgorithm']); - $parameters['SigAlg'] = $security['signatureAlgorithm']; - $parameters['Signature'] = $signature; - } - - return $this->redirectTo($sloUrl, $parameters, $stay); - } - - /** - * Gets the IdP SSO url. - * - * @return string The url of the IdP Single Sign On Service - */ - public function getSSOurl() - { - return $this->_settings->getIdPSSOUrl(); - } - - /** - * Gets the IdP SLO url. - * - * @return string|null The url of the IdP Single Logout Service - */ - public function getSLOurl() - { - return $this->_settings->getIdPSLOUrl(); - } - - /** - * Gets the IdP SLO response url. - * - * @return string|null The response url of the IdP Single Logout Service - */ - public function getSLOResponseUrl() - { - return $this->_settings->getIdPSLOResponseUrl(); - } - - - /** - * Gets the ID of the last AuthNRequest or LogoutRequest generated by the Service Provider. - * - * @return string The ID of the Request SAML message. - */ - public function getLastRequestID() - { - return $this->_lastRequestID; - } - - /** - * Creates an AuthnRequest - * - * @param Settings $settings Setting data - * @param bool $forceAuthn When true the AuthNRequest will set the ForceAuthn='true' - * @param bool $isPassive When true the AuthNRequest will set the Ispassive='true' - * @param bool $setNameIdPolicy When true the AuthNRequest will set a nameIdPolicy element - * @param string $nameIdValueReq Indicates to the IdP the subject that should be authenticated - * - * @return AuthnRequest The AuthnRequest object - */ - public function buildAuthnRequest($settings, $forceAuthn, $isPassive, $setNameIdPolicy, $nameIdValueReq = null) - { - return new AuthnRequest($settings, $forceAuthn, $isPassive, $setNameIdPolicy, $nameIdValueReq); - } - - /** - * Generates the Signature for a SAML Request - * - * @param string $samlRequest The SAML Request - * @param string $relayState The RelayState - * @param string $signAlgorithm Signature algorithm method - * - * @return string A base64 encoded signature - * - * @throws Exception - * @throws Error - */ - public function buildRequestSignature($samlRequest, $relayState, $signAlgorithm = XMLSecurityKey::RSA_SHA256) - { - return $this->buildMessageSignature($samlRequest, $relayState, $signAlgorithm, "SAMLRequest"); - } - - /** - * Generates the Signature for a SAML Response - * - * @param string $samlResponse The SAML Response - * @param string $relayState The RelayState - * @param string $signAlgorithm Signature algorithm method - * - * @return string A base64 encoded signature - * - * @throws Exception - * @throws Error - */ - public function buildResponseSignature($samlResponse, $relayState, $signAlgorithm = XMLSecurityKey::RSA_SHA256) - { - return $this->buildMessageSignature($samlResponse, $relayState, $signAlgorithm, "SAMLResponse"); - } - - /** - * Generates the Signature for a SAML Message - * - * @param string $samlMessage The SAML Message - * @param string $relayState The RelayState - * @param string $signAlgorithm Signature algorithm method - * @param string $type "SAMLRequest" or "SAMLResponse" - * - * @return string A base64 encoded signature - * - * @throws Exception - * @throws Error - */ - private function buildMessageSignature($samlMessage, $relayState, $signAlgorithm = XMLSecurityKey::RSA_SHA256, $type = "SAMLRequest") - { - $key = $this->_settings->getSPkey(); - if (empty($key)) { - if ($type == "SAMLRequest") { - $errorMsg = "Trying to sign the SAML Request but can't load the SP private key"; - } else { - $errorMsg = "Trying to sign the SAML Response but can't load the SP private key"; - } - - throw new Error($errorMsg, Error::PRIVATE_KEY_NOT_FOUND); - } - - $objKey = new XMLSecurityKey($signAlgorithm, array('type' => 'private')); - $objKey->loadKey($key, false); - - $security = $this->_settings->getSecurityData(); - if ($security['lowercaseUrlencoding']) { - $msg = $type.'='.rawurlencode($samlMessage); - if (isset($relayState)) { - $msg .= '&RelayState='.rawurlencode($relayState); - } - $msg .= '&SigAlg=' . rawurlencode($signAlgorithm); - } else { - $msg = $type.'='.urlencode($samlMessage); - if (isset($relayState)) { - $msg .= '&RelayState='.urlencode($relayState); - } - $msg .= '&SigAlg=' . urlencode($signAlgorithm); - } - $signature = $objKey->signData($msg); - return base64_encode($signature); - } - - /** - * @return string The ID of the last message processed - */ - public function getLastMessageId() - { - return $this->_lastMessageId; - } - - /** - * @return string The ID of the last assertion processed - */ - public function getLastAssertionId() - { - return $this->_lastAssertionId; - } - - /** - * @return int The NotOnOrAfter value of the valid - * SubjectConfirmationData node (if any) - * of the last assertion processed - */ - public function getLastAssertionNotOnOrAfter() - { - return $this->_lastAssertionNotOnOrAfter; - } - - /** - * Returns the most recently-constructed/processed - * XML SAML request (AuthNRequest, LogoutRequest) - * - * @return string|null The Request XML - */ - public function getLastRequestXML() - { - return $this->_lastRequest; - } - - /** - * Returns the most recently-constructed/processed - * XML SAML response (SAMLResponse, LogoutResponse). - * If the SAMLResponse was encrypted, by default tries - * to return the decrypted XML. - * - * @return string|null The Response XML - */ - public function getLastResponseXML() - { - $response = null; - if (isset($this->_lastResponse)) { - if (is_string($this->_lastResponse)) { - $response = $this->_lastResponse; - } else { - $response = $this->_lastResponse->saveXML(); - } - } - - return $response; - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/AuthnRequest.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/AuthnRequest.php deleted file mode 100644 index fd9afb53..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/AuthnRequest.php +++ /dev/null @@ -1,214 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -/** - * SAML 2 Authentication Request - */ -class AuthnRequest -{ - /** - * Object that represents the setting info - * - * @var Settings - */ - protected $_settings; - - /** - * SAML AuthNRequest string - * - * @var string - */ - private $_authnRequest; - - /** - * SAML AuthNRequest ID. - * - * @var string - */ - private $_id; - - /** - * Constructs the AuthnRequest object. - * - * @param Settings $settings SAML Toolkit Settings - * @param bool $forceAuthn When true the AuthNReuqest will set the ForceAuthn='true' - * @param bool $isPassive When true the AuthNReuqest will set the Ispassive='true' - * @param bool $setNameIdPolicy When true the AuthNReuqest will set a nameIdPolicy - * @param string $nameIdValueReq Indicates to the IdP the subject that should be authenticated - */ - public function __construct(\OneLogin\Saml2\Settings $settings, $forceAuthn = false, $isPassive = false, $setNameIdPolicy = true, $nameIdValueReq = null) - { - $this->_settings = $settings; - - $spData = $this->_settings->getSPData(); - $security = $this->_settings->getSecurityData(); - - $id = Utils::generateUniqueID(); - $issueInstant = Utils::parseTime2SAML(time()); - - $subjectStr = ""; - if (isset($nameIdValueReq)) { - $subjectStr = << - {$nameIdValueReq} - - -SUBJECT; - } - - $nameIdPolicyStr = ''; - if ($setNameIdPolicy) { - $nameIDPolicyFormat = $spData['NameIDFormat']; - if (isset($security['wantNameIdEncrypted']) && $security['wantNameIdEncrypted']) { - $nameIDPolicyFormat = Constants::NAMEID_ENCRYPTED; - } - - $nameIdPolicyStr = << -NAMEIDPOLICY; - } - - - $providerNameStr = ''; - $organizationData = $settings->getOrganization(); - if (!empty($organizationData)) { - $langs = array_keys($organizationData); - if (in_array('en-US', $langs)) { - $lang = 'en-US'; - } else { - $lang = $langs[0]; - } - if (isset($organizationData[$lang]['displayname']) && !empty($organizationData[$lang]['displayname'])) { - $providerNameStr = << - urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport - -REQUESTEDAUTHN; - } else { - $requestedAuthnStr .= " \n"; - foreach ($security['requestedAuthnContext'] as $contextValue) { - $requestedAuthnStr .= " ".$contextValue."\n"; - } - $requestedAuthnStr .= ' '; - } - } - - $spEntityId = htmlspecialchars($spData['entityId'], ENT_QUOTES); - $acsUrl = htmlspecialchars($spData['assertionConsumerService']['url'], ENT_QUOTES); - $destination = $this->_settings->getIdPSSOUrl(); - $request = << - {$spEntityId}{$subjectStr}{$nameIdPolicyStr}{$requestedAuthnStr} - -AUTHNREQUEST; - - $this->_id = $id; - $this->_authnRequest = $request; - } - - /** - * Returns deflated, base64 encoded, unsigned AuthnRequest. - * - * @param bool|null $deflate Whether or not we should 'gzdeflate' the request body before we return it. - * - * @return string - */ - public function getRequest($deflate = null) - { - $subject = $this->_authnRequest; - - if (is_null($deflate)) { - $deflate = $this->_settings->shouldCompressRequests(); - } - - if ($deflate) { - $subject = gzdeflate($this->_authnRequest); - } - - $base64Request = base64_encode($subject); - return $base64Request; - } - - /** - * Returns the AuthNRequest ID. - * - * @return string - */ - public function getId() - { - return $this->_id; - } - - /** - * Returns the XML that will be sent as part of the request - * - * @return string - */ - public function getXML() - { - return $this->_authnRequest; - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Constants.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Constants.php deleted file mode 100644 index 1b467dd6..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Constants.php +++ /dev/null @@ -1,86 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -/** - * Constants of OneLogin PHP Toolkit - * - * Defines all required constants - */ -class Constants -{ - // Value added to the current time in time condition validations - const ALLOWED_CLOCK_DRIFT = 180; // 3 min in seconds - - // NameID Formats - const NAMEID_EMAIL_ADDRESS = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'; - const NAMEID_X509_SUBJECT_NAME = 'urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName'; - const NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME = 'urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName'; - const NAMEID_UNSPECIFIED = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'; - const NAMEID_KERBEROS = 'urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos'; - const NAMEID_ENTITY = 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity'; - const NAMEID_TRANSIENT = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'; - const NAMEID_PERSISTENT = 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'; - const NAMEID_ENCRYPTED = 'urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted'; - - // Attribute Name Formats - const ATTRNAME_FORMAT_UNSPECIFIED = 'urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified'; - const ATTRNAME_FORMAT_URI = 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'; - const ATTRNAME_FORMAT_BASIC = 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic'; - - // Namespaces - const NS_SAML = 'urn:oasis:names:tc:SAML:2.0:assertion'; - const NS_SAMLP = 'urn:oasis:names:tc:SAML:2.0:protocol'; - const NS_SOAP = 'http://schemas.xmlsoap.org/soap/envelope/'; - const NS_MD = 'urn:oasis:names:tc:SAML:2.0:metadata'; - const NS_XS = 'http://www.w3.org/2001/XMLSchema'; - const NS_XSI = 'http://www.w3.org/2001/XMLSchema-instance'; - const NS_XENC = 'http://www.w3.org/2001/04/xmlenc#'; - const NS_DS = 'http://www.w3.org/2000/09/xmldsig#'; - - // Bindings - const BINDING_HTTP_POST = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'; - const BINDING_HTTP_REDIRECT = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'; - const BINDING_HTTP_ARTIFACT = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'; - const BINDING_SOAP = 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP'; - const BINDING_DEFLATE = 'urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE'; - - // Auth Context Class - const AC_UNSPECIFIED = 'urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified'; - const AC_PASSWORD = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password'; - const AC_PASSWORD_PROTECTED = 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'; - const AC_X509 = 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'; - const AC_SMARTCARD = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard'; - const AC_SMARTCARD_PKI = 'urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI'; - const AC_KERBEROS = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos'; - const AC_WINDOWS = 'urn:federation:authentication:windows'; - const AC_TLS = 'urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient'; - const AC_RSATOKEN = 'urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken'; - - // Subject Confirmation - const CM_BEARER = 'urn:oasis:names:tc:SAML:2.0:cm:bearer'; - const CM_HOLDER_KEY = 'urn:oasis:names:tc:SAML:2.0:cm:holder-of-key'; - const CM_SENDER_VOUCHES = 'urn:oasis:names:tc:SAML:2.0:cm:sender-vouches'; - - // Status Codes - const STATUS_SUCCESS = 'urn:oasis:names:tc:SAML:2.0:status:Success'; - const STATUS_REQUESTER = 'urn:oasis:names:tc:SAML:2.0:status:Requester'; - const STATUS_RESPONDER = 'urn:oasis:names:tc:SAML:2.0:status:Responder'; - const STATUS_VERSION_MISMATCH = 'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch'; - const STATUS_NO_PASSIVE = 'urn:oasis:names:tc:SAML:2.0:status:NoPassive'; - const STATUS_PARTIAL_LOGOUT = 'urn:oasis:names:tc:SAML:2.0:status:PartialLogout'; - const STATUS_PROXY_COUNT_EXCEEDED = 'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded'; -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Error.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Error.php deleted file mode 100644 index 211acf48..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Error.php +++ /dev/null @@ -1,66 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -use Exception; - -/** - * Error class of OneLogin PHP Toolkit - * - * Defines the Error class - */ -class Error extends Exception -{ - // Errors - const SETTINGS_FILE_NOT_FOUND = 0; - const SETTINGS_INVALID_SYNTAX = 1; - const SETTINGS_INVALID = 2; - const METADATA_SP_INVALID = 3; - const SP_CERTS_NOT_FOUND = 4; - // SP_CERTS_NOT_FOUND is deprecated, use CERT_NOT_FOUND instead - const CERT_NOT_FOUND = 4; - const REDIRECT_INVALID_URL = 5; - const PUBLIC_CERT_FILE_NOT_FOUND = 6; - const PRIVATE_KEY_FILE_NOT_FOUND = 7; - const SAML_RESPONSE_NOT_FOUND = 8; - const SAML_LOGOUTMESSAGE_NOT_FOUND = 9; - const SAML_LOGOUTREQUEST_INVALID = 10; - const SAML_LOGOUTRESPONSE_INVALID = 11; - const SAML_SINGLE_LOGOUT_NOT_SUPPORTED = 12; - const PRIVATE_KEY_NOT_FOUND = 13; - const UNSUPPORTED_SETTINGS_OBJECT = 14; - - /** - * Constructor - * - * @param string $msg Describes the error. - * @param int $code The code error (defined in the error class). - * @param array|null $args Arguments used in the message that describes the error. - */ - public function __construct($msg, $code = 0, $args = array()) - { - assert(is_string($msg)); - assert(is_int($code)); - - if (!isset($args)) { - $args = array(); - } - $params = array_merge(array($msg), $args); - $message = call_user_func_array('sprintf', $params); - - parent::__construct($message, $code); - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/IdPMetadataParser.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/IdPMetadataParser.php deleted file mode 100644 index 947d6548..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/IdPMetadataParser.php +++ /dev/null @@ -1,243 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -use DOMDocument; -use Exception; - -/** - * IdP Metadata Parser of OneLogin PHP Toolkit - */ -class IdPMetadataParser -{ - /** - * Get IdP Metadata Info from URL - * - * @param string $url URL where the IdP metadata is published - * @param string $entityId Entity Id of the desired IdP, if no - * entity Id is provided and the XML - * metadata contains more than one - * IDPSSODescriptor, the first is returned - * @param string $desiredNameIdFormat If available on IdP metadata, use that nameIdFormat - * @param string $desiredSSOBinding Parse specific binding SSO endpoint - * @param string $desiredSLOBinding Parse specific binding SLO endpoint - * - * @return array metadata info in php-saml settings format - */ - public static function parseRemoteXML($url, $entityId = null, $desiredNameIdFormat = null, $desiredSSOBinding = Constants::BINDING_HTTP_REDIRECT, $desiredSLOBinding = Constants::BINDING_HTTP_REDIRECT) - { - $metadataInfo = array(); - - try { - $ch = curl_init($url); - curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET"); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); - curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); - curl_setopt($ch, CURLOPT_FAILONERROR, 1); - - $xml = curl_exec($ch); - if ($xml !== false) { - $metadataInfo = self::parseXML($xml, $entityId, $desiredNameIdFormat, $desiredSSOBinding, $desiredSLOBinding); - } else { - throw new Exception(curl_error($ch), curl_errno($ch)); - } - } catch (Exception $e) { - throw new Exception('Error on parseRemoteXML. '.$e->getMessage()); - } - return $metadataInfo; - } - - /** - * Get IdP Metadata Info from File - * - * @param string $filepath File path - * @param string $entityId Entity Id of the desired IdP, if no - * entity Id is provided and the XML - * metadata contains more than one - * IDPSSODescriptor, the first is returned - * @param string $desiredNameIdFormat If available on IdP metadata, use that nameIdFormat - * @param string $desiredSSOBinding Parse specific binding SSO endpoint - * @param string $desiredSLOBinding Parse specific binding SLO endpoint - * - * @return array metadata info in php-saml settings format - */ - public static function parseFileXML($filepath, $entityId = null, $desiredNameIdFormat = null, $desiredSSOBinding = Constants::BINDING_HTTP_REDIRECT, $desiredSLOBinding = Constants::BINDING_HTTP_REDIRECT) - { - $metadataInfo = array(); - - try { - if (file_exists($filepath)) { - $data = file_get_contents($filepath); - $metadataInfo = self::parseXML($data, $entityId, $desiredNameIdFormat, $desiredSSOBinding, $desiredSLOBinding); - } - } catch (Exception $e) { - throw new Exception('Error on parseFileXML. '.$e->getMessage()); - } - return $metadataInfo; - } - - /** - * Get IdP Metadata Info from URL - * - * @param string $xml XML that contains IdP metadata - * @param string $entityId Entity Id of the desired IdP, if no - * entity Id is provided and the XML - * metadata contains more than one - * IDPSSODescriptor, the first is returned - * @param string $desiredNameIdFormat If available on IdP metadata, use that nameIdFormat - * @param string $desiredSSOBinding Parse specific binding SSO endpoint - * @param string $desiredSLOBinding Parse specific binding SLO endpoint - * - * @return array metadata info in php-saml settings format - * - * @throws Exception - */ - public static function parseXML($xml, $entityId = null, $desiredNameIdFormat = null, $desiredSSOBinding = Constants::BINDING_HTTP_REDIRECT, $desiredSLOBinding = Constants::BINDING_HTTP_REDIRECT) - { - $metadataInfo = array(); - - $dom = new DOMDocument(); - $dom->preserveWhiteSpace = false; - $dom->formatOutput = true; - try { - $dom = Utils::loadXML($dom, $xml); - if (!$dom) { - throw new Exception('Error parsing metadata'); - } - - $customIdPStr = ''; - if (!empty($entityId)) { - $customIdPStr = '[@entityID="' . $entityId . '"]'; - } - $idpDescryptorXPath = '//md:EntityDescriptor' . $customIdPStr . '/md:IDPSSODescriptor'; - - $idpDescriptorNodes = Utils::query($dom, $idpDescryptorXPath); - - if (isset($idpDescriptorNodes) && $idpDescriptorNodes->length > 0) { - $metadataInfo['idp'] = array(); - - $idpDescriptor = $idpDescriptorNodes->item(0); - - if (empty($entityId) && $idpDescriptor->parentNode->hasAttribute('entityID')) { - $entityId = $idpDescriptor->parentNode->getAttribute('entityID'); - } - - if (!empty($entityId)) { - $metadataInfo['idp']['entityId'] = $entityId; - } - - $ssoNodes = Utils::query($dom, './md:SingleSignOnService[@Binding="'.$desiredSSOBinding.'"]', $idpDescriptor); - if ($ssoNodes->length < 1) { - $ssoNodes = Utils::query($dom, './md:SingleSignOnService', $idpDescriptor); - } - if ($ssoNodes->length > 0) { - $metadataInfo['idp']['singleSignOnService'] = array( - 'url' => $ssoNodes->item(0)->getAttribute('Location'), - 'binding' => $ssoNodes->item(0)->getAttribute('Binding') - ); - } - - $sloNodes = Utils::query($dom, './md:SingleLogoutService[@Binding="'.$desiredSLOBinding.'"]', $idpDescriptor); - if ($sloNodes->length < 1) { - $sloNodes = Utils::query($dom, './md:SingleLogoutService', $idpDescriptor); - } - if ($sloNodes->length > 0) { - $metadataInfo['idp']['singleLogoutService'] = array( - 'url' => $sloNodes->item(0)->getAttribute('Location'), - 'binding' => $sloNodes->item(0)->getAttribute('Binding') - ); - - if ($sloNodes->item(0)->hasAttribute('ResponseLocation')) { - $metadataInfo['idp']['singleLogoutService']['responseUrl'] = $sloNodes->item(0)->getAttribute('ResponseLocation'); - } - } - - $keyDescriptorCertSigningNodes = Utils::query($dom, './md:KeyDescriptor[not(contains(@use, "encryption"))]/ds:KeyInfo/ds:X509Data/ds:X509Certificate', $idpDescriptor); - - $keyDescriptorCertEncryptionNodes = Utils::query($dom, './md:KeyDescriptor[not(contains(@use, "signing"))]/ds:KeyInfo/ds:X509Data/ds:X509Certificate', $idpDescriptor); - - if (!empty($keyDescriptorCertSigningNodes) || !empty($keyDescriptorCertEncryptionNodes)) { - $metadataInfo['idp']['x509certMulti'] = array(); - if (!empty($keyDescriptorCertSigningNodes)) { - $idpInfo['x509certMulti']['signing'] = array(); - foreach ($keyDescriptorCertSigningNodes as $keyDescriptorCertSigningNode) { - $metadataInfo['idp']['x509certMulti']['signing'][] = Utils::formatCert($keyDescriptorCertSigningNode->nodeValue, false); - } - } - if (!empty($keyDescriptorCertEncryptionNodes)) { - $idpInfo['x509certMulti']['encryption'] = array(); - foreach ($keyDescriptorCertEncryptionNodes as $keyDescriptorCertEncryptionNode) { - $metadataInfo['idp']['x509certMulti']['encryption'][] = Utils::formatCert($keyDescriptorCertEncryptionNode->nodeValue, false); - } - } - - $idpCertdata = $metadataInfo['idp']['x509certMulti']; - if ((count($idpCertdata) == 1 and - ((isset($idpCertdata['signing']) and count($idpCertdata['signing']) == 1) or (isset($idpCertdata['encryption']) and count($idpCertdata['encryption']) == 1))) or - ((isset($idpCertdata['signing']) && count($idpCertdata['signing']) == 1) && isset($idpCertdata['encryption']) && count($idpCertdata['encryption']) == 1 && strcmp($idpCertdata['signing'][0], $idpCertdata['encryption'][0]) == 0)) { - if (isset($metadataInfo['idp']['x509certMulti']['signing'][0])) { - $metadataInfo['idp']['x509cert'] = $metadataInfo['idp']['x509certMulti']['signing'][0]; - } else { - $metadataInfo['idp']['x509cert'] = $metadataInfo['idp']['x509certMulti']['encryption'][0]; - } - unset($metadataInfo['idp']['x509certMulti']); - } - } - - $nameIdFormatNodes = Utils::query($dom, './md:NameIDFormat', $idpDescriptor); - if ($nameIdFormatNodes->length > 0) { - $metadataInfo['sp']['NameIDFormat'] = $nameIdFormatNodes->item(0)->nodeValue; - if (!empty($desiredNameIdFormat)) { - foreach ($nameIdFormatNodes as $nameIdFormatNode) { - if (strcmp($nameIdFormatNode->nodeValue, $desiredNameIdFormat) == 0) { - $metadataInfo['sp']['NameIDFormat'] = $nameIdFormatNode->nodeValue; - break; - } - } - } - } - } - } catch (Exception $e) { - throw new Exception('Error parsing metadata. '.$e->getMessage()); - } - - return $metadataInfo; - } - - /** - * Inject metadata info into php-saml settings array - * - * @param array $settings php-saml settings array - * @param array $metadataInfo array metadata info - * - * @return array settings - */ - public static function injectIntoSettings($settings, $metadataInfo) - { - if (isset($metadataInfo['idp']) && isset($settings['idp'])) { - if (isset($metadataInfo['idp']['x509certMulti']) && !empty($metadataInfo['idp']['x509certMulti']) && isset($settings['idp']['x509cert'])) { - unset($settings['idp']['x509cert']); - } - - if (isset($metadataInfo['idp']['x509cert']) && !empty($metadataInfo['idp']['x509cert']) && isset($settings['idp']['x509certMulti'])) { - unset($settings['idp']['x509certMulti']); - } - } - - return array_replace_recursive($settings, $metadataInfo); - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/LogoutRequest.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/LogoutRequest.php deleted file mode 100644 index 108c49be..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/LogoutRequest.php +++ /dev/null @@ -1,494 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -use RobRichards\XMLSecLibs\XMLSecurityKey; - -use DOMDocument; -use Exception; - -/** - * SAML 2 Logout Request - */ -class LogoutRequest -{ - /** - * Contains the ID of the Logout Request - * - * @var string - */ - public $id; - - /** - * Object that represents the setting info - * - * @var Settings - */ - protected $_settings; - - /** - * SAML Logout Request - * - * @var string - */ - protected $_logoutRequest; - - /** - * After execute a validation process, this var contains the cause - * - * @var Exception - */ - private $_error; - - /** - * Constructs the Logout Request object. - * - * @param Settings $settings Settings - * @param string|null $request A UUEncoded Logout Request. - * @param string|null $nameId The NameID that will be set in the LogoutRequest. - * @param string|null $sessionIndex The SessionIndex (taken from the SAML Response in the SSO process). - * @param string|null $nameIdFormat The NameID Format will be set in the LogoutRequest. - * @param string|null $nameIdNameQualifier The NameID NameQualifier will be set in the LogoutRequest. - * @param string|null $nameIdSPNameQualifier The NameID SP NameQualifier will be set in the LogoutRequest. - */ - public function __construct(\OneLogin\Saml2\Settings $settings, $request = null, $nameId = null, $sessionIndex = null, $nameIdFormat = null, $nameIdNameQualifier = null, $nameIdSPNameQualifier = null) - { - $this->_settings = $settings; - - $baseURL = $this->_settings->getBaseURL(); - if (!empty($baseURL)) { - Utils::setBaseURL($baseURL); - } - - if (!isset($request) || empty($request)) { - $spData = $this->_settings->getSPData(); - $idpData = $this->_settings->getIdPData(); - $security = $this->_settings->getSecurityData(); - - $id = Utils::generateUniqueID(); - $this->id = $id; - - $issueInstant = Utils::parseTime2SAML(time()); - - $cert = null; - if (isset($security['nameIdEncrypted']) && $security['nameIdEncrypted']) { - $existsMultiX509Enc = isset($idpData['x509certMulti']) && isset($idpData['x509certMulti']['encryption']) && !empty($idpData['x509certMulti']['encryption']); - - if ($existsMultiX509Enc) { - $cert = $idpData['x509certMulti']['encryption'][0]; - } else { - $cert = $idpData['x509cert']; - } - } - - if (!empty($nameId)) { - if (empty($nameIdFormat) - && $spData['NameIDFormat'] != Constants::NAMEID_UNSPECIFIED) { - $nameIdFormat = $spData['NameIDFormat']; - } - } else { - $nameId = $idpData['entityId']; - $nameIdFormat = Constants::NAMEID_ENTITY; - } - - /* From saml-core-2.0-os 8.3.6, when the entity Format is used: - "The NameQualifier, SPNameQualifier, and SPProvidedID attributes MUST be omitted. - */ - if (!empty($nameIdFormat) && $nameIdFormat == Constants::NAMEID_ENTITY) { - $nameIdNameQualifier = null; - $nameIdSPNameQualifier = null; - } - - // NameID Format UNSPECIFIED omitted - if (!empty($nameIdFormat) && $nameIdFormat == Constants::NAMEID_UNSPECIFIED) { - $nameIdFormat = null; - } - - $nameIdObj = Utils::generateNameId( - $nameId, - $nameIdSPNameQualifier, - $nameIdFormat, - $cert, - $nameIdNameQualifier, - $security['encryption_algorithm'] - ); - - $sessionIndexStr = isset($sessionIndex) ? "{$sessionIndex}" : ""; - - $spEntityId = htmlspecialchars($spData['entityId'], ENT_QUOTES); - $destination = $this->_settings->getIdPSLOUrl(); - $logoutRequest = << - {$spEntityId} - {$nameIdObj} - {$sessionIndexStr} - -LOGOUTREQUEST; - } else { - $decoded = base64_decode($request); - // We try to inflate - $inflated = @gzinflate($decoded); - if ($inflated != false) { - $logoutRequest = $inflated; - } else { - $logoutRequest = $decoded; - } - $this->id = static::getID($logoutRequest); - } - $this->_logoutRequest = $logoutRequest; - } - - /** - * Returns the Logout Request defated, base64encoded, unsigned - * - * @param bool|null $deflate Whether or not we should 'gzdeflate' the request body before we return it. - * - * @return string Deflated base64 encoded Logout Request - */ - public function getRequest($deflate = null) - { - $subject = $this->_logoutRequest; - - if (is_null($deflate)) { - $deflate = $this->_settings->shouldCompressRequests(); - } - - if ($deflate) { - $subject = gzdeflate($this->_logoutRequest); - } - - return base64_encode($subject); - } - - /** - * Returns the ID of the Logout Request. - * - * @param string|DOMDocument $request Logout Request Message - * - * @return string ID - * - * @throws Error - */ - public static function getID($request) - { - if ($request instanceof DOMDocument) { - $dom = $request; - } else { - $dom = new DOMDocument(); - $dom = Utils::loadXML($dom, $request); - } - - - if (false === $dom) { - throw new Error( - "LogoutRequest could not be processed", - Error::SAML_LOGOUTREQUEST_INVALID - ); - } - - $id = $dom->documentElement->getAttribute('ID'); - return $id; - } - - /** - * Gets the NameID Data of the the Logout Request. - * - * @param string|DOMDocument $request Logout Request Message - * @param string|null $key The SP key - * - * @return array Name ID Data (Value, Format, NameQualifier, SPNameQualifier) - * - * @throws Error - * @throws Exception - * @throws ValidationError - */ - public static function getNameIdData($request, $key = null) - { - if ($request instanceof DOMDocument) { - $dom = $request; - } else { - $dom = new DOMDocument(); - $dom = Utils::loadXML($dom, $request); - } - - $encryptedEntries = Utils::query($dom, '/samlp:LogoutRequest/saml:EncryptedID'); - - if ($encryptedEntries->length == 1) { - $encryptedDataNodes = $encryptedEntries->item(0)->getElementsByTagName('EncryptedData'); - $encryptedData = $encryptedDataNodes->item(0); - - if (empty($key)) { - throw new Error( - "Private Key is required in order to decrypt the NameID, check settings", - Error::PRIVATE_KEY_NOT_FOUND - ); - } - - $seckey = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type'=>'private')); - $seckey->loadKey($key); - - $nameId = Utils::decryptElement($encryptedData, $seckey); - - } else { - $entries = Utils::query($dom, '/samlp:LogoutRequest/saml:NameID'); - if ($entries->length == 1) { - $nameId = $entries->item(0); - } - } - - if (!isset($nameId)) { - throw new ValidationError( - "NameID not found in the Logout Request", - ValidationError::NO_NAMEID - ); - } - - $nameIdData = array(); - $nameIdData['Value'] = $nameId->nodeValue; - foreach (array('Format', 'SPNameQualifier', 'NameQualifier') as $attr) { - if ($nameId->hasAttribute($attr)) { - $nameIdData[$attr] = $nameId->getAttribute($attr); - } - } - - return $nameIdData; - } - - /** - * Gets the NameID of the Logout Request. - * - * @param string|DOMDocument $request Logout Request Message - * @param string|null $key The SP key - * - * @return string Name ID Value - * - * @throws Error - * @throws Exception - * @throws ValidationError - */ - public static function getNameId($request, $key = null) - { - $nameId = self::getNameIdData($request, $key); - return $nameId['Value']; - } - - /** - * Gets the Issuer of the Logout Request. - * - * @param string|DOMDocument $request Logout Request Message - * - * @return string|null $issuer The Issuer - * - * @throws Exception - */ - public static function getIssuer($request) - { - if ($request instanceof DOMDocument) { - $dom = $request; - } else { - $dom = new DOMDocument(); - $dom = Utils::loadXML($dom, $request); - } - - $issuer = null; - $issuerNodes = Utils::query($dom, '/samlp:LogoutRequest/saml:Issuer'); - if ($issuerNodes->length == 1) { - $issuer = $issuerNodes->item(0)->textContent; - } - return $issuer; - } - - /** - * Gets the SessionIndexes from the Logout Request. - * Notice: Our Constructor only support 1 SessionIndex but this parser - * extracts an array of all the SessionIndex found on a - * Logout Request, that could be many. - * - * @param string|DOMDocument $request Logout Request Message - * - * @return array The SessionIndex value - * - * @throws Exception - */ - public static function getSessionIndexes($request) - { - if ($request instanceof DOMDocument) { - $dom = $request; - } else { - $dom = new DOMDocument(); - $dom = Utils::loadXML($dom, $request); - } - - $sessionIndexes = array(); - $sessionIndexNodes = Utils::query($dom, '/samlp:LogoutRequest/samlp:SessionIndex'); - foreach ($sessionIndexNodes as $sessionIndexNode) { - $sessionIndexes[] = $sessionIndexNode->textContent; - } - return $sessionIndexes; - } - - /** - * Checks if the Logout Request recieved is valid. - * - * @param bool $retrieveParametersFromServer True if we want to use parameters from $_SERVER to validate the signature - * - * @return bool If the Logout Request is or not valid - * - * @throws Exception - * @throws ValidationError - */ - public function isValid($retrieveParametersFromServer = false) - { - $this->_error = null; - try { - $dom = new DOMDocument(); - $dom = Utils::loadXML($dom, $this->_logoutRequest); - - $idpData = $this->_settings->getIdPData(); - $idPEntityId = $idpData['entityId']; - - if ($this->_settings->isStrict()) { - $security = $this->_settings->getSecurityData(); - - if ($security['wantXMLValidation']) { - $res = Utils::validateXML($dom, 'saml-schema-protocol-2.0.xsd', $this->_settings->isDebugActive(), $this->_settings->getSchemasPath()); - if (!$res instanceof DOMDocument) { - throw new ValidationError( - "Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd", - ValidationError::INVALID_XML_FORMAT - ); - } - } - - $currentURL = Utils::getSelfRoutedURLNoQuery(); - - // Check NotOnOrAfter - if ($dom->documentElement->hasAttribute('NotOnOrAfter')) { - $na = Utils::parseSAML2Time($dom->documentElement->getAttribute('NotOnOrAfter')); - if ($na <= time()) { - throw new ValidationError( - "Could not validate timestamp: expired. Check system clock.", - ValidationError::RESPONSE_EXPIRED - ); - } - } - - // Check destination - if ($dom->documentElement->hasAttribute('Destination')) { - $destination = $dom->documentElement->getAttribute('Destination'); - if (empty($destination)) { - if (!$security['relaxDestinationValidation']) { - throw new ValidationError( - "The LogoutRequest has an empty Destination value", - ValidationError::EMPTY_DESTINATION - ); - } - } else { - $urlComparisonLength = $security['destinationStrictlyMatches'] ? strlen($destination) : strlen($currentURL); - if (strncmp($destination, $currentURL, $urlComparisonLength) !== 0) { - $currentURLNoRouted = Utils::getSelfURLNoQuery(); - $urlComparisonLength = $security['destinationStrictlyMatches'] ? strlen($destination) : strlen($currentURLNoRouted); - if (strncmp($destination, $currentURLNoRouted, $urlComparisonLength) !== 0) { - throw new ValidationError( - "The LogoutRequest was received at $currentURL instead of $destination", - ValidationError::WRONG_DESTINATION - ); - } - } - } - } - - $nameId = static::getNameId($dom, $this->_settings->getSPkey()); - - // Check issuer - $issuer = static::getIssuer($dom); - if (!empty($issuer) && $issuer != $idPEntityId) { - throw new ValidationError( - "Invalid issuer in the Logout Request", - ValidationError::WRONG_ISSUER - ); - } - - if ($security['wantMessagesSigned'] && !isset($_GET['Signature'])) { - throw new ValidationError( - "The Message of the Logout Request is not signed and the SP require it", - ValidationError::NO_SIGNED_MESSAGE - ); - } - } - - if (isset($_GET['Signature'])) { - $signatureValid = Utils::validateBinarySign("SAMLRequest", $_GET, $idpData, $retrieveParametersFromServer); - if (!$signatureValid) { - throw new ValidationError( - "Signature validation failed. Logout Request rejected", - ValidationError::INVALID_SIGNATURE - ); - } - } - - return true; - } catch (Exception $e) { - $this->_error = $e; - $debug = $this->_settings->isDebugActive(); - if ($debug) { - echo htmlentities($this->_error->getMessage()); - } - return false; - } - } - - /** - * After execute a validation process, if fails this method returns the Exception of the cause - * - * @return Exception Cause - */ - public function getErrorException() - { - return $this->_error; - } - - /** - * After execute a validation process, if fails this method returns the cause - * - * @return null|string Error reason - */ - public function getError() - { - $errorMsg = null; - if (isset($this->_error)) { - $errorMsg = htmlentities($this->_error->getMessage()); - } - return $errorMsg; - } - - /** - * Returns the XML that will be sent as part of the request - * or that was received at the SP - * - * @return string - */ - public function getXML() - { - return $this->_logoutRequest; - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/LogoutResponse.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/LogoutResponse.php deleted file mode 100644 index 9c3f020e..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/LogoutResponse.php +++ /dev/null @@ -1,347 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -use DOMDocument; -use DOMNodeList; -use Exception; - -/** - * SAML 2 Logout Response - */ -class LogoutResponse -{ - /** - * Contains the ID of the Logout Response - * - * @var string - */ - public $id; - - /** - * Object that represents the setting info - * - * @var Settings - */ - protected $_settings; - - /** - * The decoded, unprocessed XML response provided to the constructor. - * - * @var string|null - */ - protected $_logoutResponse; - - /** - * A DOMDocument class loaded from the SAML LogoutResponse. - * - * @var DOMDocument - */ - public $document; - - /** - * After execute a validation process, if it fails, this var contains the cause - * - * @var Exception|null - */ - private $_error; - - /** - * Constructs a Logout Response object (Initialize params from settings and if provided - * load the Logout Response. - * - * @param Settings $settings Settings. - * @param string|null $response An UUEncoded SAML Logout response from the IdP. - * - * @throws Error - * @throws Exception - */ - public function __construct(\OneLogin\Saml2\Settings $settings, $response = null) - { - $this->_settings = $settings; - - $baseURL = $this->_settings->getBaseURL(); - if (!empty($baseURL)) { - Utils::setBaseURL($baseURL); - } - - if ($response) { - $decoded = base64_decode($response); - $inflated = @gzinflate($decoded); - if ($inflated != false) { - $this->_logoutResponse = $inflated; - } else { - $this->_logoutResponse = $decoded; - } - $this->document = new DOMDocument(); - $this->document = Utils::loadXML($this->document, $this->_logoutResponse); - - if (false === $this->document) { - throw new Error( - "LogoutResponse could not be processed", - Error::SAML_LOGOUTRESPONSE_INVALID - ); - } - - if ($this->document->documentElement->hasAttribute('ID')) { - $this->id = $this->document->documentElement->getAttribute('ID'); - } - } - } - - /** - * Gets the Issuer of the Logout Response. - * - * @return string|null $issuer The Issuer - */ - public function getIssuer() - { - $issuer = null; - $issuerNodes = $this->_query('/samlp:LogoutResponse/saml:Issuer'); - if ($issuerNodes->length == 1) { - $issuer = $issuerNodes->item(0)->textContent; - } - return $issuer; - } - - /** - * Gets the Status of the Logout Response. - * - * @return string|null The Status - */ - public function getStatus() - { - $entries = $this->_query('/samlp:LogoutResponse/samlp:Status/samlp:StatusCode'); - if ($entries->length != 1) { - return null; - } - $status = $entries->item(0)->getAttribute('Value'); - return $status; - } - - /** - * Determines if the SAML LogoutResponse is valid - * - * @param string|null $requestId The ID of the LogoutRequest sent by this SP to the IdP - * @param bool $retrieveParametersFromServer True if we want to use parameters from $_SERVER to validate the signature - * - * @return bool Returns if the SAML LogoutResponse is or not valid - * - * @throws ValidationError - */ - public function isValid($requestId = null, $retrieveParametersFromServer = false) - { - $this->_error = null; - try { - $idpData = $this->_settings->getIdPData(); - $idPEntityId = $idpData['entityId']; - - if ($this->_settings->isStrict()) { - $security = $this->_settings->getSecurityData(); - - if ($security['wantXMLValidation']) { - $res = Utils::validateXML($this->document, 'saml-schema-protocol-2.0.xsd', $this->_settings->isDebugActive(), $this->_settings->getSchemasPath()); - if (!$res instanceof DOMDocument) { - throw new ValidationError( - "Invalid SAML Logout Response. Not match the saml-schema-protocol-2.0.xsd", - ValidationError::INVALID_XML_FORMAT - ); - } - } - - // Check if the InResponseTo of the Logout Response matchs the ID of the Logout Request (requestId) if provided - if (isset($requestId) && $this->document->documentElement->hasAttribute('InResponseTo')) { - $inResponseTo = $this->document->documentElement->getAttribute('InResponseTo'); - if ($requestId != $inResponseTo) { - throw new ValidationError( - "The InResponseTo of the Logout Response: $inResponseTo, does not match the ID of the Logout request sent by the SP: $requestId", - ValidationError::WRONG_INRESPONSETO - ); - } - } - - // Check issuer - $issuer = $this->getIssuer(); - if (!empty($issuer) && $issuer != $idPEntityId) { - throw new ValidationError( - "Invalid issuer in the Logout Response", - ValidationError::WRONG_ISSUER - ); - } - - $currentURL = Utils::getSelfRoutedURLNoQuery(); - - if ($this->document->documentElement->hasAttribute('Destination')) { - $destination = $this->document->documentElement->getAttribute('Destination'); - if (empty($destination)) { - if (!$security['relaxDestinationValidation']) { - throw new ValidationError( - "The LogoutResponse has an empty Destination value", - ValidationError::EMPTY_DESTINATION - ); - } - } else { - $urlComparisonLength = $security['destinationStrictlyMatches'] ? strlen($destination) : strlen($currentURL); - if (strncmp($destination, $currentURL, $urlComparisonLength) !== 0) { - $currentURLNoRouted = Utils::getSelfURLNoQuery(); - $urlComparisonLength = $security['destinationStrictlyMatches'] ? strlen($destination) : strlen($currentURLNoRouted); - if (strncmp($destination, $currentURLNoRouted, $urlComparisonLength) !== 0) { - throw new ValidationError( - "The LogoutResponse was received at $currentURL instead of $destination", - ValidationError::WRONG_DESTINATION - ); - } - } - } - } - - if ($security['wantMessagesSigned'] && !isset($_GET['Signature'])) { - throw new ValidationError( - "The Message of the Logout Response is not signed and the SP requires it", - ValidationError::NO_SIGNED_MESSAGE - ); - } - } - - if (isset($_GET['Signature'])) { - $signatureValid = Utils::validateBinarySign("SAMLResponse", $_GET, $idpData, $retrieveParametersFromServer); - if (!$signatureValid) { - throw new ValidationError( - "Signature validation failed. Logout Response rejected", - ValidationError::INVALID_SIGNATURE - ); - } - } - return true; - } catch (Exception $e) { - $this->_error = $e; - $debug = $this->_settings->isDebugActive(); - if ($debug) { - echo htmlentities($this->_error->getMessage()); - } - return false; - } - } - - /** - * Extracts a node from the DOMDocument (Logout Response Menssage) - * - * @param string $query Xpath Expression - * - * @return DOMNodeList The queried node - */ - private function _query($query) - { - return Utils::query($this->document, $query); - - } - - /** - * Generates a Logout Response object. - * - * @param string $inResponseTo InResponseTo value for the Logout Response. - */ - public function build($inResponseTo) - { - - $spData = $this->_settings->getSPData(); - - $this->id = Utils::generateUniqueID(); - $issueInstant = Utils::parseTime2SAML(time()); - $spEntityId = htmlspecialchars($spData['entityId'], ENT_QUOTES); - $destination = $this->_settings->getIdPSLOResponseUrl(); - $logoutResponse = << - {$spEntityId} - - - - -LOGOUTRESPONSE; - $this->_logoutResponse = $logoutResponse; - } - - /** - * Returns a Logout Response object. - * - * @param bool|null $deflate Whether or not we should 'gzdeflate' the response body before we return it. - * - * @return string Logout Response deflated and base64 encoded - */ - public function getResponse($deflate = null) - { - $logoutResponse = $this->_logoutResponse; - - if (is_null($deflate)) { - $deflate = $this->_settings->shouldCompressResponses(); - } - - if ($deflate) { - $logoutResponse = gzdeflate($this->_logoutResponse); - } - return base64_encode($logoutResponse); - } - - /** - * After execute a validation process, if fails this method returns the cause. - * - * @return Exception|null Cause - */ - public function getErrorException() - { - return $this->_error; - } - - /** - * After execute a validation process, if fails this method returns the cause - * - * @return null|string Error reason - */ - public function getError() - { - $errorMsg = null; - if (isset($this->_error)) { - $errorMsg = htmlentities($this->_error->getMessage()); - } - return $errorMsg; - } - - /** - * @return string the ID of the Response - */ - public function getId() - { - return $this->id; - } - - /** - * Returns the XML that will be sent as part of the response - * or that was received at the SP - * - * @return string|null - */ - public function getXML() - { - return $this->_logoutResponse; - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Metadata.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Metadata.php deleted file mode 100644 index 922ad60b..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Metadata.php +++ /dev/null @@ -1,267 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -use RobRichards\XMLSecLibs\XMLSecurityKey; -use RobRichards\XMLSecLibs\XMLSecurityDSig; - -use DOMDocument; -use Exception; - -/** - * Metadata lib of OneLogin PHP Toolkit - */ -class Metadata -{ - const TIME_VALID = 172800; // 2 days - const TIME_CACHED = 604800; // 1 week - - /** - * Generates the metadata of the SP based on the settings - * - * @param array $sp The SP data - * @param bool|string $authnsign authnRequestsSigned attribute - * @param bool|string $wsign wantAssertionsSigned attribute - * @param int|null $validUntil Metadata's valid time - * @param int|null $cacheDuration Duration of the cache in seconds - * @param array $contacts Contacts info - * @param array $organization Organization ingo - * @param array $attributes - * - * @return string SAML Metadata XML - */ - public static function builder($sp, $authnsign = false, $wsign = false, $validUntil = null, $cacheDuration = null, $contacts = array(), $organization = array(), $attributes = array()) - { - - if (!isset($validUntil)) { - $validUntil = time() + self::TIME_VALID; - } - $validUntilTime = Utils::parseTime2SAML($validUntil); - - if (!isset($cacheDuration)) { - $cacheDuration = self::TIME_CACHED; - } - - $sls = ''; - - if (isset($sp['singleLogoutService'])) { - $slsUrl = htmlspecialchars($sp['singleLogoutService']['url'], ENT_QUOTES); - $sls = << - -SLS_TEMPLATE; - } - - if ($authnsign) { - $strAuthnsign = 'true'; - } else { - $strAuthnsign = 'false'; - } - - if ($wsign) { - $strWsign = 'true'; - } else { - $strWsign = 'false'; - } - - $strOrganization = ''; - - if (!empty($organization)) { - $organizationInfoNames = array(); - $organizationInfoDisplaynames = array(); - $organizationInfoUrls = array(); - foreach ($organization as $lang => $info) { - $organizationInfoNames[] = <<{$info['name']} -ORGANIZATION_NAME; - $organizationInfoDisplaynames[] = <<{$info['displayname']} -ORGANIZATION_DISPLAY; - $organizationInfoUrls[] = <<{$info['url']} -ORGANIZATION_URL; - } - $orgData = implode("\n", $organizationInfoNames)."\n".implode("\n", $organizationInfoDisplaynames)."\n".implode("\n", $organizationInfoUrls); - $strOrganization = << -{$orgData} - -ORGANIZATIONSTR; - } - - $strContacts = ''; - if (!empty($contacts)) { - $contactsInfo = array(); - foreach ($contacts as $type => $info) { - $contactsInfo[] = << - {$info['givenName']} - {$info['emailAddress']} - -CONTACT; - } - $strContacts = "\n".implode("\n", $contactsInfo); - } - - $strAttributeConsumingService = ''; - if (isset($sp['attributeConsumingService'])) { - $attrCsDesc = ''; - if (isset($sp['attributeConsumingService']['serviceDescription'])) { - $attrCsDesc = sprintf( - ' %s' . PHP_EOL, - $sp['attributeConsumingService']['serviceDescription'] - ); - } - if (!isset($sp['attributeConsumingService']['serviceName'])) { - $sp['attributeConsumingService']['serviceName'] = 'Service'; - } - $requestedAttributeData = array(); - foreach ($sp['attributeConsumingService']['requestedAttributes'] as $attribute) { - $requestedAttributeStr = sprintf(' {$attrValue} -ATTRIBUTEVALUE; - } - $reqAttrAuxStr .= "\n "; - } - - $requestedAttributeData[] = $requestedAttributeStr . $reqAttrAuxStr; - } - - $requestedAttributeStr = implode(PHP_EOL, $requestedAttributeData); - $strAttributeConsumingService = << - {$sp['attributeConsumingService']['serviceName']} -{$attrCsDesc}{$requestedAttributeStr} - -METADATA_TEMPLATE; - } - - $spEntityId = htmlspecialchars($sp['entityId'], ENT_QUOTES); - $acsUrl = htmlspecialchars($sp['assertionConsumerService']['url'], ENT_QUOTES); - $metadata = << - - -{$sls} {$sp['NameIDFormat']} - - {$strAttributeConsumingService} - {$strOrganization}{$strContacts} - -METADATA_TEMPLATE; - return $metadata; - } - - /** - * Signs the metadata with the key/cert provided - * - * @param string $metadata SAML Metadata XML - * @param string $key x509 key - * @param string $cert x509 cert - * @param string $signAlgorithm Signature algorithm method - * @param string $digestAlgorithm Digest algorithm method - * - * @return string Signed Metadata - * - * @throws Exception - */ - public static function signMetadata($metadata, $key, $cert, $signAlgorithm = XMLSecurityKey::RSA_SHA256, $digestAlgorithm = XMLSecurityDSig::SHA256) - { - return Utils::addSign($metadata, $key, $cert, $signAlgorithm, $digestAlgorithm); - } - - /** - * Adds the x509 descriptors (sign/encryption) to the metadata - * The same cert will be used for sign/encrypt - * - * @param string $metadata SAML Metadata XML - * @param string $cert x509 cert - * @param bool $wantsEncrypted Whether to include the KeyDescriptor for encryption - * - * @return string Metadata with KeyDescriptors - * - * @throws Exception - */ - public static function addX509KeyDescriptors($metadata, $cert, $wantsEncrypted = true) - { - $xml = new DOMDocument(); - $xml->preserveWhiteSpace = false; - $xml->formatOutput = true; - try { - $xml = Utils::loadXML($xml, $metadata); - if (!$xml) { - throw new Exception('Error parsing metadata'); - } - } catch (Exception $e) { - throw new Exception('Error parsing metadata. '.$e->getMessage()); - } - - $formatedCert = Utils::formatCert($cert, false); - $x509Certificate = $xml->createElementNS(Constants::NS_DS, 'X509Certificate', $formatedCert); - - $keyData = $xml->createElementNS(Constants::NS_DS, 'ds:X509Data'); - $keyData->appendChild($x509Certificate); - - $keyInfo = $xml->createElementNS(Constants::NS_DS, 'ds:KeyInfo'); - $keyInfo->appendChild($keyData); - - $keyDescriptor = $xml->createElementNS(Constants::NS_MD, "md:KeyDescriptor"); - - $SPSSODescriptor = $xml->getElementsByTagName('SPSSODescriptor')->item(0); - $SPSSODescriptor->insertBefore($keyDescriptor->cloneNode(), $SPSSODescriptor->firstChild); - if ($wantsEncrypted === true) { - $SPSSODescriptor->insertBefore($keyDescriptor->cloneNode(), $SPSSODescriptor->firstChild); - } - - $signing = $xml->getElementsByTagName('KeyDescriptor')->item(0); - $signing->setAttribute('use', 'signing'); - $signing->appendChild($keyInfo); - - if ($wantsEncrypted === true) { - $encryption = $xml->getElementsByTagName('KeyDescriptor')->item(1); - $encryption->setAttribute('use', 'encryption'); - - $encryption->appendChild($keyInfo->cloneNode(true)); - } - - return $xml->saveXML(); - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Response.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Response.php deleted file mode 100644 index a2f8d6dd..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Response.php +++ /dev/null @@ -1,1237 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -use RobRichards\XMLSecLibs\XMLSecurityKey; -use RobRichards\XMLSecLibs\XMLSecEnc; - -use DOMDocument; -use DOMNodeList; -use DOMXPath; -use Exception; - -/** - * SAML 2 Authentication Response - */ -class Response -{ - /** - * Settings - * - * @var Settings - */ - protected $_settings; - - /** - * The decoded, unprocessed XML response provided to the constructor. - * - * @var string - */ - public $response; - - /** - * A DOMDocument class loaded from the SAML Response. - * - * @var DOMDocument - */ - public $document; - - /** - * A DOMDocument class loaded from the SAML Response (Decrypted). - * - * @var DOMDocument - */ - public $decryptedDocument; - - /** - * The response contains an encrypted assertion. - * - * @var bool - */ - public $encrypted = false; - - /** - * After validation, if it fail this var has the cause of the problem - * - * @var Exception|null - */ - private $_error; - - /** - * NotOnOrAfter value of a valid SubjectConfirmationData node - * - * @var int - */ - private $_validSCDNotOnOrAfter; - - /** - * Constructs the SAML Response object. - * - * @param Settings $settings Settings. - * @param string $response A UUEncoded SAML response from the IdP. - * - * @throws Exception - * @throws ValidationError - */ - public function __construct(\OneLogin\Saml2\Settings $settings, $response) - { - $this->_settings = $settings; - - $baseURL = $this->_settings->getBaseURL(); - if (!empty($baseURL)) { - Utils::setBaseURL($baseURL); - } - - $this->response = base64_decode($response); - - $this->document = new DOMDocument(); - $this->document = Utils::loadXML($this->document, $this->response); - if (!$this->document) { - throw new ValidationError( - "SAML Response could not be processed", - ValidationError::INVALID_XML_FORMAT - ); - } - - // Quick check for the presence of EncryptedAssertion - $encryptedAssertionNodes = $this->document->getElementsByTagName('EncryptedAssertion'); - if ($encryptedAssertionNodes->length !== 0) { - $this->decryptedDocument = clone $this->document; - $this->encrypted = true; - $this->decryptedDocument = $this->decryptAssertion($this->decryptedDocument); - } - } - - /** - * Determines if the SAML Response is valid using the certificate. - * - * @param string|null $requestId The ID of the AuthNRequest sent by this SP to the IdP - * - * @return bool Validate the document - * - * @throws Exception - * @throws ValidationError - */ - public function isValid($requestId = null) - { - $this->_error = null; - try { - // Check SAML version - if ($this->document->documentElement->getAttribute('Version') != '2.0') { - throw new ValidationError( - "Unsupported SAML version", - ValidationError::UNSUPPORTED_SAML_VERSION - ); - } - - if (!$this->document->documentElement->hasAttribute('ID')) { - throw new ValidationError( - "Missing ID attribute on SAML Response", - ValidationError::MISSING_ID - ); - } - - $this->checkStatus(); - - $singleAssertion = $this->validateNumAssertions(); - if (!$singleAssertion) { - throw new ValidationError( - "SAML Response must contain 1 assertion", - ValidationError::WRONG_NUMBER_OF_ASSERTIONS - ); - } - - $idpData = $this->_settings->getIdPData(); - $idPEntityId = $idpData['entityId']; - $spData = $this->_settings->getSPData(); - $spEntityId = $spData['entityId']; - - $signedElements = $this->processSignedElements(); - - $responseTag = '{'.Constants::NS_SAMLP.'}Response'; - $assertionTag = '{'.Constants::NS_SAML.'}Assertion'; - - $hasSignedResponse = in_array($responseTag, $signedElements); - $hasSignedAssertion = in_array($assertionTag, $signedElements); - - if ($this->_settings->isStrict()) { - $security = $this->_settings->getSecurityData(); - - if ($security['wantXMLValidation']) { - $errorXmlMsg = "Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd"; - $res = Utils::validateXML($this->document, 'saml-schema-protocol-2.0.xsd', $this->_settings->isDebugActive(), $this->_settings->getSchemasPath()); - if (!$res instanceof DOMDocument) { - throw new ValidationError( - $errorXmlMsg, - ValidationError::INVALID_XML_FORMAT - ); - } - - // If encrypted, check also the decrypted document - if ($this->encrypted) { - $res = Utils::validateXML($this->decryptedDocument, 'saml-schema-protocol-2.0.xsd', $this->_settings->isDebugActive(), $this->_settings->getSchemasPath()); - if (!$res instanceof DOMDocument) { - throw new ValidationError( - $errorXmlMsg, - ValidationError::INVALID_XML_FORMAT - ); - } - } - - } - - $currentURL = Utils::getSelfRoutedURLNoQuery(); - - $responseInResponseTo = null; - if ($this->document->documentElement->hasAttribute('InResponseTo')) { - $responseInResponseTo = $this->document->documentElement->getAttribute('InResponseTo'); - } - - if (!isset($requestId) && isset($responseInResponseTo) && $security['rejectUnsolicitedResponsesWithInResponseTo']) { - throw new ValidationError( - "The Response has an InResponseTo attribute: " . $responseInResponseTo . " while no InResponseTo was expected", - ValidationError::WRONG_INRESPONSETO - ); - } - - // Check if the InResponseTo of the Response matchs the ID of the AuthNRequest (requestId) if provided - if (isset($requestId) && $requestId != $responseInResponseTo) { - if ($responseInResponseTo == null) { - throw new ValidationError( - "No InResponseTo at the Response, but it was provided the requestId related to the AuthNRequest sent by the SP: $requestId", - ValidationError::WRONG_INRESPONSETO - ); - } else { - throw new ValidationError( - "The InResponseTo of the Response: $responseInResponseTo, does not match the ID of the AuthNRequest sent by the SP: $requestId", - ValidationError::WRONG_INRESPONSETO - ); - } - } - - if (!$this->encrypted && $security['wantAssertionsEncrypted']) { - throw new ValidationError( - "The assertion of the Response is not encrypted and the SP requires it", - ValidationError::NO_ENCRYPTED_ASSERTION - ); - } - - if ($security['wantNameIdEncrypted']) { - $encryptedIdNodes = $this->_queryAssertion('/saml:Subject/saml:EncryptedID/xenc:EncryptedData'); - if ($encryptedIdNodes->length != 1) { - throw new ValidationError( - "The NameID of the Response is not encrypted and the SP requires it", - ValidationError::NO_ENCRYPTED_NAMEID - ); - } - } - - // Validate Conditions element exists - if (!$this->checkOneCondition()) { - throw new ValidationError( - "The Assertion must include a Conditions element", - ValidationError::MISSING_CONDITIONS - ); - } - - // Validate Asserion timestamps - $this->validateTimestamps(); - - // Validate AuthnStatement element exists and is unique - if (!$this->checkOneAuthnStatement()) { - throw new ValidationError( - "The Assertion must include an AuthnStatement element", - ValidationError::WRONG_NUMBER_OF_AUTHSTATEMENTS - ); - } - - // EncryptedAttributes are not supported - $encryptedAttributeNodes = $this->_queryAssertion('/saml:AttributeStatement/saml:EncryptedAttribute'); - if ($encryptedAttributeNodes->length > 0) { - throw new ValidationError( - "There is an EncryptedAttribute in the Response and this SP not support them", - ValidationError::ENCRYPTED_ATTRIBUTES - ); - } - - // Check destination - if ($this->document->documentElement->hasAttribute('Destination')) { - $destination = trim($this->document->documentElement->getAttribute('Destination')); - if (empty($destination)) { - if (!$security['relaxDestinationValidation']) { - throw new ValidationError( - "The response has an empty Destination value", - ValidationError::EMPTY_DESTINATION - ); - } - } else { - $urlComparisonLength = $security['destinationStrictlyMatches'] ? strlen($destination) : strlen($currentURL); - if (strncmp($destination, $currentURL, $urlComparisonLength) !== 0) { - $currentURLNoRouted = Utils::getSelfURLNoQuery(); - $urlComparisonLength = $security['destinationStrictlyMatches'] ? strlen($destination) : strlen($currentURLNoRouted); - if (strncmp($destination, $currentURLNoRouted, $urlComparisonLength) !== 0) { - throw new ValidationError( - "The response was received at $currentURL instead of $destination", - ValidationError::WRONG_DESTINATION - ); - } - } - } - } - - // Check audience - $validAudiences = $this->getAudiences(); - if (!empty($validAudiences) && !in_array($spEntityId, $validAudiences, true)) { - throw new ValidationError( - sprintf( - "Invalid audience for this Response (expected '%s', got '%s')", - $spEntityId, - implode(',', $validAudiences) - ), - ValidationError::WRONG_AUDIENCE - ); - } - - // Check the issuers - $issuers = $this->getIssuers(); - foreach ($issuers as $issuer) { - $trimmedIssuer = trim($issuer); - if (empty($trimmedIssuer) || $trimmedIssuer !== $idPEntityId) { - throw new ValidationError( - "Invalid issuer in the Assertion/Response (expected '$idPEntityId', got '$trimmedIssuer')", - ValidationError::WRONG_ISSUER - ); - } - } - - // Check the session Expiration - $sessionExpiration = $this->getSessionNotOnOrAfter(); - if (!empty($sessionExpiration) && $sessionExpiration + Constants::ALLOWED_CLOCK_DRIFT <= time()) { - throw new ValidationError( - "The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response", - ValidationError::SESSION_EXPIRED - ); - } - - // Check the SubjectConfirmation, at least one SubjectConfirmation must be valid - $anySubjectConfirmation = false; - $subjectConfirmationNodes = $this->_queryAssertion('/saml:Subject/saml:SubjectConfirmation'); - foreach ($subjectConfirmationNodes as $scn) { - if ($scn->hasAttribute('Method') && $scn->getAttribute('Method') != Constants::CM_BEARER) { - continue; - } - $subjectConfirmationDataNodes = $scn->getElementsByTagName('SubjectConfirmationData'); - if ($subjectConfirmationDataNodes->length == 0) { - continue; - } else { - $scnData = $subjectConfirmationDataNodes->item(0); - if ($scnData->hasAttribute('InResponseTo')) { - $inResponseTo = $scnData->getAttribute('InResponseTo'); - if (isset($responseInResponseTo) && $responseInResponseTo != $inResponseTo) { - continue; - } - } - if ($scnData->hasAttribute('Recipient')) { - $recipient = $scnData->getAttribute('Recipient'); - if (!empty($recipient) && strpos($recipient, $currentURL) === false) { - continue; - } - } - if ($scnData->hasAttribute('NotOnOrAfter')) { - $noa = Utils::parseSAML2Time($scnData->getAttribute('NotOnOrAfter')); - if ($noa + Constants::ALLOWED_CLOCK_DRIFT <= time()) { - continue; - } - } - if ($scnData->hasAttribute('NotBefore')) { - $nb = Utils::parseSAML2Time($scnData->getAttribute('NotBefore')); - if ($nb > time() + Constants::ALLOWED_CLOCK_DRIFT) { - continue; - } - } - - // Save NotOnOrAfter value - if ($scnData->hasAttribute('NotOnOrAfter')) { - $this->_validSCDNotOnOrAfter = $noa; - } - $anySubjectConfirmation = true; - break; - } - } - - if (!$anySubjectConfirmation) { - throw new ValidationError( - "A valid SubjectConfirmation was not found on this Response", - ValidationError::WRONG_SUBJECTCONFIRMATION - ); - } - - if ($security['wantAssertionsSigned'] && !$hasSignedAssertion) { - throw new ValidationError( - "The Assertion of the Response is not signed and the SP requires it", - ValidationError::NO_SIGNED_ASSERTION - ); - } - - if ($security['wantMessagesSigned'] && !$hasSignedResponse) { - throw new ValidationError( - "The Message of the Response is not signed and the SP requires it", - ValidationError::NO_SIGNED_MESSAGE - ); - } - } - - // Detect case not supported - if ($this->encrypted) { - $encryptedIDNodes = Utils::query($this->decryptedDocument, '/samlp:Response/saml:Assertion/saml:Subject/saml:EncryptedID'); - if ($encryptedIDNodes->length > 0) { - throw new ValidationError( - 'SAML Response that contains an encrypted Assertion with encrypted nameId is not supported.', - ValidationError::NOT_SUPPORTED - ); - } - } - - if (empty($signedElements) || (!$hasSignedResponse && !$hasSignedAssertion)) { - throw new ValidationError( - 'No Signature found. SAML Response rejected', - ValidationError::NO_SIGNATURE_FOUND - ); - } else { - $cert = $idpData['x509cert']; - $fingerprint = $idpData['certFingerprint']; - $fingerprintalg = $idpData['certFingerprintAlgorithm']; - - $multiCerts = null; - $existsMultiX509Sign = isset($idpData['x509certMulti']) && isset($idpData['x509certMulti']['signing']) && !empty($idpData['x509certMulti']['signing']); - - if ($existsMultiX509Sign) { - $multiCerts = $idpData['x509certMulti']['signing']; - } - - // If find a Signature on the Response, validates it checking the original response - if ($hasSignedResponse && !Utils::validateSign($this->document, $cert, $fingerprint, $fingerprintalg, Utils::RESPONSE_SIGNATURE_XPATH, $multiCerts)) { - throw new ValidationError( - "Signature validation failed. SAML Response rejected", - ValidationError::INVALID_SIGNATURE - ); - } - - // If find a Signature on the Assertion (decrypted assertion if was encrypted) - $documentToCheckAssertion = $this->encrypted ? $this->decryptedDocument : $this->document; - if ($hasSignedAssertion && !Utils::validateSign($documentToCheckAssertion, $cert, $fingerprint, $fingerprintalg, Utils::ASSERTION_SIGNATURE_XPATH, $multiCerts)) { - throw new ValidationError( - "Signature validation failed. SAML Response rejected", - ValidationError::INVALID_SIGNATURE - ); - } - } - return true; - } catch (Exception $e) { - $this->_error = $e; - $debug = $this->_settings->isDebugActive(); - if ($debug) { - echo htmlentities($e->getMessage()); - } - return false; - } - } - - /** - * @return string|null the ID of the Response - */ - public function getId() - { - $id = null; - if ($this->document->documentElement->hasAttribute('ID')) { - $id = $this->document->documentElement->getAttribute('ID'); - } - return $id; - } - - /** - * @return string|null the ID of the assertion in the Response - * - * @throws ValidationError - */ - public function getAssertionId() - { - if (!$this->validateNumAssertions()) { - throw new ValidationError("SAML Response must contain 1 Assertion.", ValidationError::WRONG_NUMBER_OF_ASSERTIONS); - } - $assertionNodes = $this->_queryAssertion(""); - $id = null; - if ($assertionNodes->length == 1 && $assertionNodes->item(0)->hasAttribute('ID')) { - $id = $assertionNodes->item(0)->getAttribute('ID'); - } - return $id; - } - - /** - * @return int the NotOnOrAfter value of the valid SubjectConfirmationData - * node if any - */ - public function getAssertionNotOnOrAfter() - { - return $this->_validSCDNotOnOrAfter; - } - - /** - * Checks if the Status is success - * - * @throws ValidationError If status is not success - */ - public function checkStatus() - { - $status = Utils::getStatus($this->document); - - if (isset($status['code']) && $status['code'] !== Constants::STATUS_SUCCESS) { - $explodedCode = explode(':', $status['code']); - $printableCode = array_pop($explodedCode); - - $statusExceptionMsg = 'The status code of the Response was not Success, was '.$printableCode; - if (!empty($status['msg'])) { - $statusExceptionMsg .= ' -> '.$status['msg']; - } - throw new ValidationError( - $statusExceptionMsg, - ValidationError::STATUS_CODE_IS_NOT_SUCCESS - ); - } - } - - /** - * Checks that the samlp:Response/saml:Assertion/saml:Conditions element exists and is unique. - * - * @return boolean true if the Conditions element exists and is unique - */ - public function checkOneCondition() - { - $entries = $this->_queryAssertion("/saml:Conditions"); - if ($entries->length == 1) { - return true; - } else { - return false; - } - } - - /** - * Checks that the samlp:Response/saml:Assertion/saml:AuthnStatement element exists and is unique. - * - * @return boolean true if the AuthnStatement element exists and is unique - */ - public function checkOneAuthnStatement() - { - $entries = $this->_queryAssertion("/saml:AuthnStatement"); - if ($entries->length == 1) { - return true; - } else { - return false; - } - } - - /** - * Gets the audiences. - * - * @return array @audience The valid audiences of the response - */ - public function getAudiences() - { - $audiences = array(); - - $entries = $this->_queryAssertion('/saml:Conditions/saml:AudienceRestriction/saml:Audience'); - foreach ($entries as $entry) { - $value = trim($entry->textContent); - if (!empty($value)) { - $audiences[] = $value; - } - } - - return array_unique($audiences); - } - - /** - * Gets the Issuers (from Response and Assertion). - * - * @return array @issuers The issuers of the assertion/response - * - * @throws ValidationError - */ - public function getIssuers() - { - $issuers = array(); - - $responseIssuer = Utils::query($this->document, '/samlp:Response/saml:Issuer'); - if ($responseIssuer->length > 0) { - if ($responseIssuer->length == 1) { - $issuers[] = $responseIssuer->item(0)->textContent; - } else { - throw new ValidationError( - "Issuer of the Response is multiple.", - ValidationError::ISSUER_MULTIPLE_IN_RESPONSE - ); - } - } - - $assertionIssuer = $this->_queryAssertion('/saml:Issuer'); - if ($assertionIssuer->length == 1) { - $issuers[] = $assertionIssuer->item(0)->textContent; - } else { - throw new ValidationError( - "Issuer of the Assertion not found or multiple.", - ValidationError::ISSUER_NOT_FOUND_IN_ASSERTION - ); - } - - return array_unique($issuers); - } - - /** - * Gets the NameID Data provided by the SAML response from the IdP. - * - * @return array Name ID Data (Value, Format, NameQualifier, SPNameQualifier) - * - * @throws ValidationError - */ - public function getNameIdData() - { - $encryptedIdDataEntries = $this->_queryAssertion('/saml:Subject/saml:EncryptedID/xenc:EncryptedData'); - - if ($encryptedIdDataEntries->length == 1) { - $encryptedData = $encryptedIdDataEntries->item(0); - - $key = $this->_settings->getSPkey(); - $seckey = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type'=>'private')); - $seckey->loadKey($key); - - $nameId = Utils::decryptElement($encryptedData, $seckey); - - } else { - $entries = $this->_queryAssertion('/saml:Subject/saml:NameID'); - if ($entries->length == 1) { - $nameId = $entries->item(0); - } - } - - $nameIdData = array(); - - if (!isset($nameId)) { - $security = $this->_settings->getSecurityData(); - if ($security['wantNameId']) { - throw new ValidationError( - "NameID not found in the assertion of the Response", - ValidationError::NO_NAMEID - ); - } - } else { - if ($this->_settings->isStrict() && empty($nameId->nodeValue)) { - throw new ValidationError( - "An empty NameID value found", - ValidationError::EMPTY_NAMEID - ); - } - $nameIdData['Value'] = $nameId->nodeValue; - - foreach (array('Format', 'SPNameQualifier', 'NameQualifier') as $attr) { - if ($nameId->hasAttribute($attr)) { - if ($this->_settings->isStrict() && $attr == 'SPNameQualifier') { - $spData = $this->_settings->getSPData(); - $spEntityId = $spData['entityId']; - if ($spEntityId != $nameId->getAttribute($attr)) { - throw new ValidationError( - "The SPNameQualifier value mistmatch the SP entityID value.", - ValidationError::SP_NAME_QUALIFIER_NAME_MISMATCH - ); - } - } - $nameIdData[$attr] = $nameId->getAttribute($attr); - } - } - } - - return $nameIdData; - } - - /** - * Gets the NameID provided by the SAML response from the IdP. - * - * @return string|null Name ID Value - * - * @throws ValidationError - */ - public function getNameId() - { - $nameIdvalue = null; - $nameIdData = $this->getNameIdData(); - if (!empty($nameIdData) && isset($nameIdData['Value'])) { - $nameIdvalue = $nameIdData['Value']; - } - return $nameIdvalue; - } - - /** - * Gets the NameID Format provided by the SAML response from the IdP. - * - * @return string|null Name ID Format - * - * @throws ValidationError - */ - public function getNameIdFormat() - { - $nameIdFormat = null; - $nameIdData = $this->getNameIdData(); - if (!empty($nameIdData) && isset($nameIdData['Format'])) { - $nameIdFormat = $nameIdData['Format']; - } - return $nameIdFormat; - } - - /** - * Gets the NameID NameQualifier provided by the SAML response from the IdP. - * - * @return string|null Name ID NameQualifier - * - * @throws ValidationError - */ - public function getNameIdNameQualifier() - { - $nameIdNameQualifier = null; - $nameIdData = $this->getNameIdData(); - if (!empty($nameIdData) && isset($nameIdData['NameQualifier'])) { - $nameIdNameQualifier = $nameIdData['NameQualifier']; - } - return $nameIdNameQualifier; - } - - /** - * Gets the NameID SP NameQualifier provided by the SAML response from the IdP. - * - * @return string|null NameID SP NameQualifier - * - * @throws ValidationError - */ - public function getNameIdSPNameQualifier() - { - $nameIdSPNameQualifier = null; - $nameIdData = $this->getNameIdData(); - if (!empty($nameIdData) && isset($nameIdData['SPNameQualifier'])) { - $nameIdSPNameQualifier = $nameIdData['SPNameQualifier']; - } - return $nameIdSPNameQualifier; - } - - /** - * Gets the SessionNotOnOrAfter from the AuthnStatement. - * Could be used to set the local session expiration - * - * @return int|null The SessionNotOnOrAfter value - * - * @throws Exception - */ - public function getSessionNotOnOrAfter() - { - $notOnOrAfter = null; - $entries = $this->_queryAssertion('/saml:AuthnStatement[@SessionNotOnOrAfter]'); - if ($entries->length !== 0) { - $notOnOrAfter = Utils::parseSAML2Time($entries->item(0)->getAttribute('SessionNotOnOrAfter')); - } - return $notOnOrAfter; - } - - /** - * Gets the SessionIndex from the AuthnStatement. - * Could be used to be stored in the local session in order - * to be used in a future Logout Request that the SP could - * send to the SP, to set what specific session must be deleted - * - * @return string|null The SessionIndex value - */ - public function getSessionIndex() - { - $sessionIndex = null; - $entries = $this->_queryAssertion('/saml:AuthnStatement[@SessionIndex]'); - if ($entries->length !== 0) { - $sessionIndex = $entries->item(0)->getAttribute('SessionIndex'); - } - return $sessionIndex; - } - - /** - * Gets the Attributes from the AttributeStatement element. - * - * @return array The attributes of the SAML Assertion - * - * @throws ValidationError - */ - public function getAttributes() - { - return $this->_getAttributesByKeyName('Name'); - } - - /** - * Gets the Attributes from the AttributeStatement element using their FriendlyName. - * - * @return array The attributes of the SAML Assertion - * - * @throws ValidationError - */ - public function getAttributesWithFriendlyName() - { - return $this->_getAttributesByKeyName('FriendlyName'); - } - - /** - * @param string $keyName - * - * @return array - * - * @throws ValidationError - */ - private function _getAttributesByKeyName($keyName = "Name") - { - $attributes = array(); - $entries = $this->_queryAssertion('/saml:AttributeStatement/saml:Attribute'); - - $security = $this->_settings->getSecurityData(); - $allowRepeatAttributeName = $security['allowRepeatAttributeName']; - /** @var $entry DOMNode */ - foreach ($entries as $entry) { - $attributeKeyNode = $entry->attributes->getNamedItem($keyName); - if ($attributeKeyNode === null) { - continue; - } - $attributeKeyName = $attributeKeyNode->nodeValue; - if (in_array($attributeKeyName, array_keys($attributes))) { - if (!$allowRepeatAttributeName) { - throw new ValidationError( - "Found an Attribute element with duplicated ".$keyName, - ValidationError::DUPLICATED_ATTRIBUTE_NAME_FOUND - ); - } - } - $attributeValues = array(); - foreach ($entry->childNodes as $childNode) { - $tagName = ($childNode->prefix ? $childNode->prefix.':' : '') . 'AttributeValue'; - if ($childNode->nodeType == XML_ELEMENT_NODE && $childNode->tagName === $tagName) { - $attributeValues[] = $childNode->nodeValue; - } - } - - if (in_array($attributeKeyName, array_keys($attributes))) { - $attributes[$attributeKeyName] = array_merge($attributes[$attributeKeyName], $attributeValues); - } else { - $attributes[$attributeKeyName] = $attributeValues; - } - } - return $attributes; - } - - /** - * Verifies that the document only contains a single Assertion (encrypted or not). - * - * @return bool TRUE if the document passes. - */ - public function validateNumAssertions() - { - $encryptedAssertionNodes = $this->document->getElementsByTagName('EncryptedAssertion'); - $assertionNodes = $this->document->getElementsByTagName('Assertion'); - - $valid = $assertionNodes->length + $encryptedAssertionNodes->length == 1; - - if ($this->encrypted) { - $assertionNodes = $this->decryptedDocument->getElementsByTagName('Assertion'); - $valid = $valid && $assertionNodes->length == 1; - } - - return $valid; - } - - /** - * Verifies the signature nodes: - * - Checks that are Response or Assertion - * - Check that IDs and reference URI are unique and consistent. - * - * @return array Signed element tags - * - * @throws ValidationError - */ - public function processSignedElements() - { - $signedElements = array(); - $verifiedSeis = array(); - $verifiedIds = array(); - - if ($this->encrypted) { - $signNodes = $this->decryptedDocument->getElementsByTagName('Signature'); - } else { - $signNodes = $this->document->getElementsByTagName('Signature'); - } - foreach ($signNodes as $signNode) { - $responseTag = '{'.Constants::NS_SAMLP.'}Response'; - $assertionTag = '{'.Constants::NS_SAML.'}Assertion'; - - $signedElement = '{'.$signNode->parentNode->namespaceURI.'}'.$signNode->parentNode->localName; - - if ($signedElement != $responseTag && $signedElement != $assertionTag) { - throw new ValidationError( - "Invalid Signature Element $signedElement SAML Response rejected", - ValidationError::WRONG_SIGNED_ELEMENT - ); - } - - // Check that reference URI matches the parent ID and no duplicate References or IDs - $idValue = $signNode->parentNode->getAttribute('ID'); - if (empty($idValue)) { - throw new ValidationError( - 'Signed Element must contain an ID. SAML Response rejected', - ValidationError::ID_NOT_FOUND_IN_SIGNED_ELEMENT - ); - } - - if (in_array($idValue, $verifiedIds)) { - throw new ValidationError( - 'Duplicated ID. SAML Response rejected', - ValidationError::DUPLICATED_ID_IN_SIGNED_ELEMENTS - ); - } - $verifiedIds[] = $idValue; - - $ref = $signNode->getElementsByTagName('Reference'); - if ($ref->length == 1) { - $ref = $ref->item(0); - $sei = $ref->getAttribute('URI'); - if (!empty($sei)) { - $sei = substr($sei, 1); - - if ($sei != $idValue) { - throw new ValidationError( - 'Found an invalid Signed Element. SAML Response rejected', - ValidationError::INVALID_SIGNED_ELEMENT - ); - } - - if (in_array($sei, $verifiedSeis)) { - throw new ValidationError( - 'Duplicated Reference URI. SAML Response rejected', - ValidationError::DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS - ); - } - $verifiedSeis[] = $sei; - } - } else { - throw new ValidationError( - 'Unexpected number of Reference nodes found for signature. SAML Response rejected.', - ValidationError::UNEXPECTED_REFERENCE - ); - } - $signedElements[] = $signedElement; - } - - // Check SignedElements - if (!empty($signedElements) && !$this->validateSignedElements($signedElements)) { - throw new ValidationError( - 'Found an unexpected Signature Element. SAML Response rejected', - ValidationError::UNEXPECTED_SIGNED_ELEMENTS - ); - } - return $signedElements; - } - - /** - * Verifies that the document is still valid according Conditions Element. - * - * @return bool - * - * @throws Exception - * @throws ValidationError - */ - public function validateTimestamps() - { - if ($this->encrypted) { - $document = $this->decryptedDocument; - } else { - $document = $this->document; - } - - $timestampNodes = $document->getElementsByTagName('Conditions'); - for ($i = 0; $i < $timestampNodes->length; $i++) { - $nbAttribute = $timestampNodes->item($i)->attributes->getNamedItem("NotBefore"); - $naAttribute = $timestampNodes->item($i)->attributes->getNamedItem("NotOnOrAfter"); - if ($nbAttribute && Utils::parseSAML2Time($nbAttribute->textContent) > time() + Constants::ALLOWED_CLOCK_DRIFT) { - throw new ValidationError( - 'Could not validate timestamp: not yet valid. Check system clock.', - ValidationError::ASSERTION_TOO_EARLY - ); - } - if ($naAttribute && Utils::parseSAML2Time($naAttribute->textContent) + Constants::ALLOWED_CLOCK_DRIFT <= time()) { - throw new ValidationError( - 'Could not validate timestamp: expired. Check system clock.', - ValidationError::ASSERTION_EXPIRED - ); - } - } - return true; - } - - /** - * Verifies that the document has the expected signed nodes. - * - * @param array $signedElements Signed elements - * - * @return bool - * - * @throws ValidationError - */ - public function validateSignedElements($signedElements) - { - if (count($signedElements) > 2) { - return false; - } - - $responseTag = '{'.Constants::NS_SAMLP.'}Response'; - $assertionTag = '{'.Constants::NS_SAML.'}Assertion'; - - $ocurrence = array_count_values($signedElements); - if ((in_array($responseTag, $signedElements) && $ocurrence[$responseTag] > 1) - || (in_array($assertionTag, $signedElements) && $ocurrence[$assertionTag] > 1) - || !in_array($responseTag, $signedElements) && !in_array($assertionTag, $signedElements) - ) { - return false; - } - - // Check that the signed elements found here, are the ones that will be verified - // by Utils->validateSign() - if (in_array($responseTag, $signedElements)) { - $expectedSignatureNodes = Utils::query($this->document, Utils::RESPONSE_SIGNATURE_XPATH); - if ($expectedSignatureNodes->length != 1) { - throw new ValidationError( - "Unexpected number of Response signatures found. SAML Response rejected.", - ValidationError::WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE - ); - } - } - - if (in_array($assertionTag, $signedElements)) { - $expectedSignatureNodes = $this->_query(Utils::ASSERTION_SIGNATURE_XPATH); - if ($expectedSignatureNodes->length != 1) { - throw new ValidationError( - "Unexpected number of Assertion signatures found. SAML Response rejected.", - ValidationError::WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION - ); - } - } - - return true; - } - - /** - * Extracts a node from the DOMDocument (Assertion). - * - * @param string $assertionXpath Xpath Expression - * - * @return DOMNodeList The queried node - */ - protected function _queryAssertion($assertionXpath) - { - if ($this->encrypted) { - $xpath = new DOMXPath($this->decryptedDocument); - } else { - $xpath = new DOMXPath($this->document); - } - - $xpath->registerNamespace('samlp', Constants::NS_SAMLP); - $xpath->registerNamespace('saml', Constants::NS_SAML); - $xpath->registerNamespace('ds', Constants::NS_DS); - $xpath->registerNamespace('xenc', Constants::NS_XENC); - - $assertionNode = '/samlp:Response/saml:Assertion'; - $signatureQuery = $assertionNode . '/ds:Signature/ds:SignedInfo/ds:Reference'; - $assertionReferenceNode = $xpath->query($signatureQuery)->item(0); - if (!$assertionReferenceNode) { - // is the response signed as a whole? - $signatureQuery = '/samlp:Response/ds:Signature/ds:SignedInfo/ds:Reference'; - $responseReferenceNode = $xpath->query($signatureQuery)->item(0); - if ($responseReferenceNode) { - $uri = $responseReferenceNode->attributes->getNamedItem('URI')->nodeValue; - if (empty($uri)) { - $id = $responseReferenceNode->parentNode->parentNode->parentNode->attributes->getNamedItem('ID')->nodeValue; - } else { - $id = substr($responseReferenceNode->attributes->getNamedItem('URI')->nodeValue, 1); - } - $nameQuery = "/samlp:Response[@ID='$id']/saml:Assertion" . $assertionXpath; - } else { - $nameQuery = "/samlp:Response/saml:Assertion" . $assertionXpath; - } - } else { - $uri = $assertionReferenceNode->attributes->getNamedItem('URI')->nodeValue; - if (empty($uri)) { - $id = $assertionReferenceNode->parentNode->parentNode->parentNode->attributes->getNamedItem('ID')->nodeValue; - } else { - $id = substr($assertionReferenceNode->attributes->getNamedItem('URI')->nodeValue, 1); - } - $nameQuery = $assertionNode."[@ID='$id']" . $assertionXpath; - } - - return $xpath->query($nameQuery); - } - - /** - * Extracts nodes that match the query from the DOMDocument (Response Menssage) - * - * @param string $query Xpath Expression - * - * @return DOMNodeList The queried nodes - */ - private function _query($query) - { - if ($this->encrypted) { - return Utils::query($this->decryptedDocument, $query); - } else { - return Utils::query($this->document, $query); - } - } - - /** - * Decrypts the Assertion (DOMDocument) - * - * @param \DomNode $dom DomDocument - * - * @return DOMDocument Decrypted Assertion - * - * @throws Exception - * @throws ValidationError - */ - protected function decryptAssertion(\DomNode $dom) - { - $pem = $this->_settings->getSPkey(); - - if (empty($pem)) { - throw new Error( - "No private key available, check settings", - Error::PRIVATE_KEY_NOT_FOUND - ); - } - - $objenc = new XMLSecEnc(); - $encData = $objenc->locateEncryptedData($dom); - if (!$encData) { - throw new ValidationError( - "Cannot locate encrypted assertion", - ValidationError::MISSING_ENCRYPTED_ELEMENT - ); - } - - $objenc->setNode($encData); - $objenc->type = $encData->getAttribute("Type"); - if (!$objKey = $objenc->locateKey()) { - throw new ValidationError( - "Unknown algorithm", - ValidationError::KEY_ALGORITHM_ERROR - ); - } - - $key = null; - if ($objKeyInfo = $objenc->locateKeyInfo($objKey)) { - if ($objKeyInfo->isEncrypted) { - $objencKey = $objKeyInfo->encryptedCtx; - $objKeyInfo->loadKey($pem, false, false); - $key = $objencKey->decryptKey($objKeyInfo); - } else { - // symmetric encryption key support - $objKeyInfo->loadKey($pem, false, false); - } - } - - if (empty($objKey->key)) { - $objKey->loadKey($key); - } - - $decryptedXML = $objenc->decryptNode($objKey, false); - $decrypted = new DOMDocument(); - $check = Utils::loadXML($decrypted, $decryptedXML); - if ($check === false) { - throw new Exception('Error: string from decrypted assertion could not be loaded into a XML document'); - } - if ($encData->parentNode instanceof DOMDocument) { - return $decrypted; - } else { - $decrypted = $decrypted->documentElement; - $encryptedAssertion = $encData->parentNode; - $container = $encryptedAssertion->parentNode; - - // Fix possible issue with saml namespace - if (!$decrypted->hasAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns:saml') - && !$decrypted->hasAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns:saml2') - && !$decrypted->hasAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns') - && !$container->hasAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns:saml') - && !$container->hasAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns:saml2') - ) { - if (strpos($encryptedAssertion->tagName, 'saml2:') !== false) { - $ns = 'xmlns:saml2'; - } else if (strpos($encryptedAssertion->tagName, 'saml:') !== false) { - $ns = 'xmlns:saml'; - } else { - $ns = 'xmlns'; - } - $decrypted->setAttributeNS('http://www.w3.org/2000/xmlns/', $ns, Constants::NS_SAML); - } - - Utils::treeCopyReplace($encryptedAssertion, $decrypted); - - // Rebuild the DOM will fix issues with namespaces as well - $dom = new DOMDocument(); - return Utils::loadXML($dom, $container->ownerDocument->saveXML()); - } - } - - /** - * After execute a validation process, if fails this method returns the cause - * - * @return Exception|null Cause - */ - public function getErrorException() - { - return $this->_error; - } - - /** - * After execute a validation process, if fails this method returns the cause - * - * @return null|string Error reason - */ - public function getError() - { - $errorMsg = null; - if (isset($this->_error)) { - $errorMsg = htmlentities($this->_error->getMessage()); - } - return $errorMsg; - } - - /** - * Returns the SAML Response document (If contains an encrypted assertion, decrypts it) - * - * @return DomDocument SAML Response - */ - public function getXMLDocument() - { - if ($this->encrypted) { - return $this->decryptedDocument; - } else { - return $this->document; - } - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Settings.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Settings.php deleted file mode 100644 index 43457bad..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Settings.php +++ /dev/null @@ -1,1166 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -use RobRichards\XMLSecLibs\XMLSecurityKey; -use RobRichards\XMLSecLibs\XMLSecurityDSig; - -use DOMDocument; -use Exception; - -/** - * Configuration of the OneLogin PHP Toolkit - */ -class Settings -{ - /** - * List of paths. - * - * @var array - */ - private $_paths = array(); - - /** - * @var string - */ - private $_baseurl; - - /** - * Strict. If active, PHP Toolkit will reject unsigned or unencrypted messages - * if it expects them signed or encrypted. If not, the messages will be accepted - * and some security issues will be also relaxed. - * - * @var bool - */ - private $_strict = true; - - /** - * Activate debug mode - * - * @var bool - */ - private $_debug = false; - - /** - * SP data. - * - * @var array - */ - private $_sp = array(); - - /** - * IdP data. - * - * @var array - */ - private $_idp = array(); - - /** - * Compression settings that determine - * whether gzip compression should be used. - * - * @var array - */ - private $_compress = array(); - - /** - * Security Info related to the SP. - * - * @var array - */ - private $_security = array(); - - /** - * Setting contacts. - * - * @var array - */ - private $_contacts = array(); - - /** - * Setting organization. - * - * @var array - */ - private $_organization = array(); - - /** - * Setting errors. - * - * @var array - */ - private $_errors = array(); - - /** - * Valitate SP data only flag - * - * @var bool - */ - private $_spValidationOnly = false; - - /** - * Initializes the settings: - * - Sets the paths of the different folders - * - Loads settings info from settings file or array/object provided - * - * @param array|null $settings SAML Toolkit Settings - * @param bool $spValidationOnly Validate or not the IdP data - * - * @throws Error If any settings parameter is invalid - * @throws Exception If Settings is incorrectly supplied - */ - public function __construct(array $settings = null, $spValidationOnly = false) - { - $this->_spValidationOnly = $spValidationOnly; - $this->_loadPaths(); - - if (!isset($settings)) { - if (!$this->_loadSettingsFromFile()) { - throw new Error( - 'Invalid file settings: %s', - Error::SETTINGS_INVALID, - array(implode(', ', $this->_errors)) - ); - } - $this->_addDefaultValues(); - } else { - if (!$this->_loadSettingsFromArray($settings)) { - throw new Error( - 'Invalid array settings: %s', - Error::SETTINGS_INVALID, - array(implode(', ', $this->_errors)) - ); - } - } - - $this->formatIdPCert(); - $this->formatSPCert(); - $this->formatSPKey(); - $this->formatSPCertNew(); - $this->formatIdPCertMulti(); - } - - /** - * Sets the paths of the different folders - * @suppress PhanUndeclaredConstant - */ - private function _loadPaths() - { - $basePath = dirname(dirname(__DIR__)) . '/'; - $this->_paths = array( - 'base' => $basePath, - 'config' => $basePath, - 'cert' => $basePath.'certs/', - 'lib' => __DIR__ . '/', - ); - - if (defined('ONELOGIN_CUSTOMPATH')) { - $this->_paths['config'] = ONELOGIN_CUSTOMPATH; - $this->_paths['cert'] = ONELOGIN_CUSTOMPATH . 'certs/'; - } - } - - /** - * Returns base path. - * - * @return string The base toolkit folder path - */ - public function getBasePath() - { - return $this->_paths['base']; - } - - /** - * Returns cert path. - * - * @return string The cert folder path - */ - public function getCertPath() - { - return $this->_paths['cert']; - } - - /** - * Returns config path. - * - * @return string The config folder path - */ - public function getConfigPath() - { - return $this->_paths['config']; - } - - /** - * Returns lib path. - * - * @return string The library folder path - */ - public function getLibPath() - { - return $this->_paths['lib']; - } - - /** - * Returns schema path. - * - * @return string The external library folder path - */ - public function getSchemasPath() - { - if (isset($this->_paths['schemas'])) { - return $this->_paths['schemas']; - } - return __DIR__ . '/schemas/'; - } - - /** - * Set schemas path - * - * @param string $path - * @return $this - */ - public function setSchemasPath($path) - { - $this->_paths['schemas'] = $path; - } - - /** - * Loads settings info from a settings Array - * - * @param array $settings SAML Toolkit Settings - * - * @return bool True if the settings info is valid - */ - private function _loadSettingsFromArray(array $settings) - { - if (isset($settings['sp'])) { - $this->_sp = $settings['sp']; - } - if (isset($settings['idp'])) { - $this->_idp = $settings['idp']; - } - - $errors = $this->checkSettings($settings); - if (empty($errors)) { - $this->_errors = array(); - - if (isset($settings['strict'])) { - $this->_strict = $settings['strict']; - } - if (isset($settings['debug'])) { - $this->_debug = $settings['debug']; - } - - if (isset($settings['baseurl'])) { - $this->_baseurl = $settings['baseurl']; - } - - if (isset($settings['compress'])) { - $this->_compress = $settings['compress']; - } - - if (isset($settings['security'])) { - $this->_security = $settings['security']; - } - - if (isset($settings['contactPerson'])) { - $this->_contacts = $settings['contactPerson']; - } - - if (isset($settings['organization'])) { - $this->_organization = $settings['organization']; - } - - $this->_addDefaultValues(); - return true; - } else { - $this->_errors = $errors; - return false; - } - } - - /** - * Loads settings info from the settings file - * - * @return bool True if the settings info is valid - * - * @throws Error - * - * @suppress PhanUndeclaredVariable - */ - private function _loadSettingsFromFile() - { - $filename = $this->getConfigPath().'settings.php'; - - if (!file_exists($filename)) { - throw new Error( - 'Settings file not found: %s', - Error::SETTINGS_FILE_NOT_FOUND, - array($filename) - ); - } - - /** @var array $settings */ - include $filename; - - // Add advance_settings if exists - $advancedFilename = $this->getConfigPath().'advanced_settings.php'; - - if (file_exists($advancedFilename)) { - /** @var array $advancedSettings */ - include $advancedFilename; - $settings = array_merge($settings, $advancedSettings); - } - - - return $this->_loadSettingsFromArray($settings); - } - - /** - * Add default values if the settings info is not complete - */ - private function _addDefaultValues() - { - if (!isset($this->_sp['assertionConsumerService']['binding'])) { - $this->_sp['assertionConsumerService']['binding'] = Constants::BINDING_HTTP_POST; - } - if (isset($this->_sp['singleLogoutService']) && !isset($this->_sp['singleLogoutService']['binding'])) { - $this->_sp['singleLogoutService']['binding'] = Constants::BINDING_HTTP_REDIRECT; - } - - if (!isset($this->_compress['requests'])) { - $this->_compress['requests'] = true; - } - - if (!isset($this->_compress['responses'])) { - $this->_compress['responses'] = true; - } - - // Related to nameID - if (!isset($this->_sp['NameIDFormat'])) { - $this->_sp['NameIDFormat'] = Constants::NAMEID_UNSPECIFIED; - } - if (!isset($this->_security['nameIdEncrypted'])) { - $this->_security['nameIdEncrypted'] = false; - } - if (!isset($this->_security['requestedAuthnContext'])) { - $this->_security['requestedAuthnContext'] = true; - } - - // sign provided - if (!isset($this->_security['authnRequestsSigned'])) { - $this->_security['authnRequestsSigned'] = false; - } - if (!isset($this->_security['logoutRequestSigned'])) { - $this->_security['logoutRequestSigned'] = false; - } - if (!isset($this->_security['logoutResponseSigned'])) { - $this->_security['logoutResponseSigned'] = false; - } - if (!isset($this->_security['signMetadata'])) { - $this->_security['signMetadata'] = false; - } - - // sign expected - if (!isset($this->_security['wantMessagesSigned'])) { - $this->_security['wantMessagesSigned'] = false; - } - if (!isset($this->_security['wantAssertionsSigned'])) { - $this->_security['wantAssertionsSigned'] = false; - } - - // NameID element expected - if (!isset($this->_security['wantNameId'])) { - $this->_security['wantNameId'] = true; - } - - // Relax Destination validation - if (!isset($this->_security['relaxDestinationValidation'])) { - $this->_security['relaxDestinationValidation'] = false; - } - - // Strict Destination match validation - if (!isset($this->_security['destinationStrictlyMatches'])) { - $this->_security['destinationStrictlyMatches'] = false; - } - - // Allow duplicated Attribute Names - if (!isset($this->_security['allowRepeatAttributeName'])) { - $this->_security['allowRepeatAttributeName'] = false; - } - - // InResponseTo - if (!isset($this->_security['rejectUnsolicitedResponsesWithInResponseTo'])) { - $this->_security['rejectUnsolicitedResponsesWithInResponseTo'] = false; - } - - // encrypt expected - if (!isset($this->_security['wantAssertionsEncrypted'])) { - $this->_security['wantAssertionsEncrypted'] = false; - } - if (!isset($this->_security['wantNameIdEncrypted'])) { - $this->_security['wantNameIdEncrypted'] = false; - } - - // XML validation - if (!isset($this->_security['wantXMLValidation'])) { - $this->_security['wantXMLValidation'] = true; - } - - // SignatureAlgorithm - if (!isset($this->_security['signatureAlgorithm'])) { - $this->_security['signatureAlgorithm'] = XMLSecurityKey::RSA_SHA256; - } - - // DigestAlgorithm - if (!isset($this->_security['digestAlgorithm'])) { - $this->_security['digestAlgorithm'] = XMLSecurityDSig::SHA256; - } - - // EncryptionAlgorithm - if (!isset($this->_security['encryption_algorithm'])) { - $this->_security['encryption_algorithm'] = XMLSecurityKey::AES128_CBC; - } - - if (!isset($this->_security['lowercaseUrlencoding'])) { - $this->_security['lowercaseUrlencoding'] = false; - } - - // Certificates / Private key /Fingerprint - if (!isset($this->_idp['x509cert'])) { - $this->_idp['x509cert'] = ''; - } - if (!isset($this->_idp['certFingerprint'])) { - $this->_idp['certFingerprint'] = ''; - } - if (!isset($this->_idp['certFingerprintAlgorithm'])) { - $this->_idp['certFingerprintAlgorithm'] = 'sha1'; - } - - if (!isset($this->_sp['x509cert'])) { - $this->_sp['x509cert'] = ''; - } - if (!isset($this->_sp['privateKey'])) { - $this->_sp['privateKey'] = ''; - } - } - - /** - * Checks the settings info. - * - * @param array $settings Array with settings data - * - * @return array $errors Errors found on the settings data - */ - public function checkSettings(array $settings) - { - if (empty($settings)) { - $errors = array('invalid_syntax'); - } else { - $errors = array(); - if (!$this->_spValidationOnly) { - $idpErrors = $this->checkIdPSettings($settings); - $errors = array_merge($idpErrors, $errors); - } - $spErrors = $this->checkSPSettings($settings); - $errors = array_merge($spErrors, $errors); - - $compressErrors = $this->checkCompressionSettings($settings); - $errors = array_merge($compressErrors, $errors); - } - - return $errors; - } - - /** - * Checks the compression settings info. - * - * @param array $settings Array with settings data - * - * @return array $errors Errors found on the settings data - */ - public function checkCompressionSettings($settings) - { - $errors = array(); - - if (isset($settings['compress'])) { - if (!is_array($settings['compress'])) { - $errors[] = "invalid_syntax"; - } else if (isset($settings['compress']['requests']) - && $settings['compress']['requests'] !== true - && $settings['compress']['requests'] !== false - ) { - $errors[] = "'compress'=>'requests' values must be true or false."; - } else if (isset($settings['compress']['responses']) - && $settings['compress']['responses'] !== true - && $settings['compress']['responses'] !== false - ) { - $errors[] = "'compress'=>'responses' values must be true or false."; - } - } - return $errors; - } - - /** - * Checks the IdP settings info. - * - * @param array $settings Array with settings data - * - * @return array $errors Errors found on the IdP settings data - */ - public function checkIdPSettings(array $settings) - { - if (empty($settings)) { - return array('invalid_syntax'); - } - - $errors = array(); - - if (!isset($settings['idp']) || empty($settings['idp'])) { - $errors[] = 'idp_not_found'; - } else { - $idp = $settings['idp']; - if (!isset($idp['entityId']) || empty($idp['entityId'])) { - $errors[] = 'idp_entityId_not_found'; - } - - if (!isset($idp['singleSignOnService']) - || !isset($idp['singleSignOnService']['url']) - || empty($idp['singleSignOnService']['url']) - ) { - $errors[] = 'idp_sso_not_found'; - } else if (!filter_var($idp['singleSignOnService']['url'], FILTER_VALIDATE_URL)) { - $errors[] = 'idp_sso_url_invalid'; - } - - if (isset($idp['singleLogoutService']) - && isset($idp['singleLogoutService']['url']) - && !empty($idp['singleLogoutService']['url']) - && !filter_var($idp['singleLogoutService']['url'], FILTER_VALIDATE_URL) - ) { - $errors[] = 'idp_slo_url_invalid'; - } - - if (isset($idp['singleLogoutService']) - && isset($idp['singleLogoutService']['responseUrl']) - && !empty($idp['singleLogoutService']['responseUrl']) - && !filter_var($idp['singleLogoutService']['responseUrl'], FILTER_VALIDATE_URL) - ) { - $errors[] = 'idp_slo_response_url_invalid'; - } - - $existsX509 = isset($idp['x509cert']) && !empty($idp['x509cert']); - $existsMultiX509Sign = isset($idp['x509certMulti']) && isset($idp['x509certMulti']['signing']) && !empty($idp['x509certMulti']['signing']); - $existsFingerprint = isset($idp['certFingerprint']) && !empty($idp['certFingerprint']); - if (!($existsX509 || $existsFingerprint || $existsMultiX509Sign) - ) { - $errors[] = 'idp_cert_or_fingerprint_not_found_and_required'; - } - - if (isset($settings['security'])) { - $existsMultiX509Enc = isset($idp['x509certMulti']) && isset($idp['x509certMulti']['encryption']) && !empty($idp['x509certMulti']['encryption']); - - if ((isset($settings['security']['nameIdEncrypted']) && $settings['security']['nameIdEncrypted'] == true) - && !($existsX509 || $existsMultiX509Enc) - ) { - $errors[] = 'idp_cert_not_found_and_required'; - } - } - } - - return $errors; - } - - /** - * Checks the SP settings info. - * - * @param array $settings Array with settings data - * - * @return array $errors Errors found on the SP settings data - */ - public function checkSPSettings(array $settings) - { - if (empty($settings)) { - return array('invalid_syntax'); - } - - $errors = array(); - - if (!isset($settings['sp']) || empty($settings['sp'])) { - $errors[] = 'sp_not_found'; - } else { - $sp = $settings['sp']; - $security = array(); - if (isset($settings['security'])) { - $security = $settings['security']; - } - - if (!isset($sp['entityId']) || empty($sp['entityId'])) { - $errors[] = 'sp_entityId_not_found'; - } - - if (!isset($sp['assertionConsumerService']) - || !isset($sp['assertionConsumerService']['url']) - || empty($sp['assertionConsumerService']['url']) - ) { - $errors[] = 'sp_acs_not_found'; - } else if (!filter_var($sp['assertionConsumerService']['url'], FILTER_VALIDATE_URL)) { - $errors[] = 'sp_acs_url_invalid'; - } - - if (isset($sp['singleLogoutService']) - && isset($sp['singleLogoutService']['url']) - && !filter_var($sp['singleLogoutService']['url'], FILTER_VALIDATE_URL) - ) { - $errors[] = 'sp_sls_url_invalid'; - } - - if (isset($security['signMetadata']) && is_array($security['signMetadata'])) { - if ((!isset($security['signMetadata']['keyFileName']) - || !isset($security['signMetadata']['certFileName'])) && - (!isset($security['signMetadata']['privateKey']) - || !isset($security['signMetadata']['x509cert'])) - ) { - $errors[] = 'sp_signMetadata_invalid'; - } - } - - if (((isset($security['authnRequestsSigned']) && $security['authnRequestsSigned'] == true) - || (isset($security['logoutRequestSigned']) && $security['logoutRequestSigned'] == true) - || (isset($security['logoutResponseSigned']) && $security['logoutResponseSigned'] == true) - || (isset($security['wantAssertionsEncrypted']) && $security['wantAssertionsEncrypted'] == true) - || (isset($security['wantNameIdEncrypted']) && $security['wantNameIdEncrypted'] == true)) - && !$this->checkSPCerts() - ) { - $errors[] = 'sp_certs_not_found_and_required'; - } - } - - if (isset($settings['contactPerson'])) { - $types = array_keys($settings['contactPerson']); - $validTypes = array('technical', 'support', 'administrative', 'billing', 'other'); - foreach ($types as $type) { - if (!in_array($type, $validTypes)) { - $errors[] = 'contact_type_invalid'; - break; - } - } - - foreach ($settings['contactPerson'] as $type => $contact) { - if (!isset($contact['givenName']) || empty($contact['givenName']) - || !isset($contact['emailAddress']) || empty($contact['emailAddress']) - ) { - $errors[] = 'contact_not_enought_data'; - break; - } - } - } - - if (isset($settings['organization'])) { - foreach ($settings['organization'] as $organization) { - if (!isset($organization['name']) || empty($organization['name']) - || !isset($organization['displayname']) || empty($organization['displayname']) - || !isset($organization['url']) || empty($organization['url']) - ) { - $errors[] = 'organization_not_enought_data'; - break; - } - } - } - - return $errors; - } - - /** - * Checks if the x509 certs of the SP exists and are valid. - * - * @return bool - */ - public function checkSPCerts() - { - $key = $this->getSPkey(); - $cert = $this->getSPcert(); - return (!empty($key) && !empty($cert)); - } - - /** - * Returns the x509 private key of the SP. - * - * @return string SP private key - */ - public function getSPkey() - { - $key = null; - if (isset($this->_sp['privateKey']) && !empty($this->_sp['privateKey'])) { - $key = $this->_sp['privateKey']; - } else { - $keyFile = $this->_paths['cert'].'sp.key'; - - if (file_exists($keyFile)) { - $key = file_get_contents($keyFile); - } - } - return $key; - } - - /** - * Returns the x509 public cert of the SP. - * - * @return string SP public cert - */ - public function getSPcert() - { - $cert = null; - - if (isset($this->_sp['x509cert']) && !empty($this->_sp['x509cert'])) { - $cert = $this->_sp['x509cert']; - } else { - $certFile = $this->_paths['cert'].'sp.crt'; - - if (file_exists($certFile)) { - $cert = file_get_contents($certFile); - } - } - return $cert; - } - - /** - * Returns the x509 public of the SP that is - * planed to be used soon instead the other - * public cert - * - * @return string SP public cert New - */ - public function getSPcertNew() - { - $cert = null; - - if (isset($this->_sp['x509certNew']) && !empty($this->_sp['x509certNew'])) { - $cert = $this->_sp['x509certNew']; - } else { - $certFile = $this->_paths['cert'].'sp_new.crt'; - - if (file_exists($certFile)) { - $cert = file_get_contents($certFile); - } - } - return $cert; - } - - /** - * Gets the IdP data. - * - * @return array IdP info - */ - public function getIdPData() - { - return $this->_idp; - } - - /** - * Gets the SP data. - * - * @return array SP info - */ - public function getSPData() - { - return $this->_sp; - } - - /** - * Gets security data. - * - * @return array SP info - */ - public function getSecurityData() - { - return $this->_security; - } - - /** - * Gets contact data. - * - * @return array SP info - */ - public function getContacts() - { - return $this->_contacts; - } - - /** - * Gets organization data. - * - * @return array SP info - */ - public function getOrganization() - { - return $this->_organization; - } - - /** - * Should SAML requests be compressed? - * - * @return bool Yes/No as True/False - */ - public function shouldCompressRequests() - { - return $this->_compress['requests']; - } - - /** - * Should SAML responses be compressed? - * - * @return bool Yes/No as True/False - */ - public function shouldCompressResponses() - { - return $this->_compress['responses']; - } - - /** - * Gets the IdP SSO url. - * - * @return string|null The url of the IdP Single Sign On Service - */ - public function getIdPSSOUrl() - { - $ssoUrl = null; - if (isset($this->_idp['singleSignOnService']) && isset($this->_idp['singleSignOnService']['url'])) { - $ssoUrl = $this->_idp['singleSignOnService']['url']; - } - return $ssoUrl; - } - - /** - * Gets the IdP SLO url. - * - * @return string|null The request url of the IdP Single Logout Service - */ - public function getIdPSLOUrl() - { - $sloUrl = null; - if (isset($this->_idp['singleLogoutService']) && isset($this->_idp['singleLogoutService']['url'])) { - $sloUrl = $this->_idp['singleLogoutService']['url']; - } - return $sloUrl; - } - - /** - * Gets the IdP SLO response url. - * - * @return string|null The response url of the IdP Single Logout Service - */ - public function getIdPSLOResponseUrl() - { - if (isset($this->_idp['singleLogoutService']) && isset($this->_idp['singleLogoutService']['responseUrl'])) { - return $this->_idp['singleLogoutService']['responseUrl']; - } - return $this->getIdPSLOUrl(); - } - - /** - * Gets the SP metadata. The XML representation. - * - * @param bool $alwaysPublishEncryptionCert When 'true', the returned - * metadata will always include an 'encryption' KeyDescriptor. Otherwise, - * the 'encryption' KeyDescriptor will only be included if - * $advancedSettings['security']['wantNameIdEncrypted'] or - * $advancedSettings['security']['wantAssertionsEncrypted'] are enabled. - * @param int|null $validUntil Metadata's valid time - * @param int|null $cacheDuration Duration of the cache in seconds - * - * @return string SP metadata (xml) - * @throws Exception - * @throws Error - */ - public function getSPMetadata($alwaysPublishEncryptionCert = false, $validUntil = null, $cacheDuration = null) - { - $metadata = Metadata::builder($this->_sp, $this->_security['authnRequestsSigned'], $this->_security['wantAssertionsSigned'], $validUntil, $cacheDuration, $this->getContacts(), $this->getOrganization()); - - $certNew = $this->getSPcertNew(); - if (!empty($certNew)) { - $metadata = Metadata::addX509KeyDescriptors( - $metadata, - $certNew, - $alwaysPublishEncryptionCert || $this->_security['wantNameIdEncrypted'] || $this->_security['wantAssertionsEncrypted'] - ); - } - - $cert = $this->getSPcert(); - if (!empty($cert)) { - $metadata = Metadata::addX509KeyDescriptors( - $metadata, - $cert, - $alwaysPublishEncryptionCert || $this->_security['wantNameIdEncrypted'] || $this->_security['wantAssertionsEncrypted'] - ); - } - - //Sign Metadata - if (isset($this->_security['signMetadata']) && $this->_security['signMetadata'] != false) { - if ($this->_security['signMetadata'] === true) { - $keyMetadata = $this->getSPkey(); - $certMetadata = $cert; - - if (!$keyMetadata) { - throw new Error( - 'SP Private key not found.', - Error::PRIVATE_KEY_FILE_NOT_FOUND - ); - } - - if (!$certMetadata) { - throw new Error( - 'SP Public cert not found.', - Error::PUBLIC_CERT_FILE_NOT_FOUND - ); - } - } else if (isset($this->_security['signMetadata']['keyFileName']) && - isset($this->_security['signMetadata']['certFileName'])) { - $keyFileName = $this->_security['signMetadata']['keyFileName']; - $certFileName = $this->_security['signMetadata']['certFileName']; - - $keyMetadataFile = $this->_paths['cert'].$keyFileName; - $certMetadataFile = $this->_paths['cert'].$certFileName; - - if (!file_exists($keyMetadataFile)) { - throw new Error( - 'SP Private key file not found: %s', - Error::PRIVATE_KEY_FILE_NOT_FOUND, - array($keyMetadataFile) - ); - } - - if (!file_exists($certMetadataFile)) { - throw new Error( - 'SP Public cert file not found: %s', - Error::PUBLIC_CERT_FILE_NOT_FOUND, - array($certMetadataFile) - ); - } - $keyMetadata = file_get_contents($keyMetadataFile); - $certMetadata = file_get_contents($certMetadataFile); - } else if (isset($this->_security['signMetadata']['privateKey']) && - isset($this->_security['signMetadata']['x509cert'])) { - $keyMetadata = Utils::formatPrivateKey($this->_security['signMetadata']['privateKey']); - $certMetadata = Utils::formatCert($this->_security['signMetadata']['x509cert']); - if (!$keyMetadata) { - throw new Error( - 'Private key not found.', - Error::PRIVATE_KEY_FILE_NOT_FOUND - ); - } - - if (!$certMetadata) { - throw new Error( - 'Public cert not found.', - Error::PUBLIC_CERT_FILE_NOT_FOUND - ); - } - } else { - throw new Error( - 'Invalid Setting: signMetadata value of the sp is not valid', - Error::SETTINGS_INVALID_SYNTAX - ); - - } - - $signatureAlgorithm = $this->_security['signatureAlgorithm']; - $digestAlgorithm = $this->_security['digestAlgorithm']; - $metadata = Metadata::signMetadata($metadata, $keyMetadata, $certMetadata, $signatureAlgorithm, $digestAlgorithm); - } - return $metadata; - } - - /** - * Validates an XML SP Metadata. - * - * @param string $xml Metadata's XML that will be validate - * - * @return array The list of found errors - * - * @throws Exception - */ - public function validateMetadata($xml) - { - assert(is_string($xml)); - - $errors = array(); - $res = Utils::validateXML($xml, 'saml-schema-metadata-2.0.xsd', $this->_debug, $this->getSchemasPath()); - if (!$res instanceof DOMDocument) { - $errors[] = $res; - } else { - $dom = $res; - $element = $dom->documentElement; - if ($element->tagName !== 'md:EntityDescriptor') { - $errors[] = 'noEntityDescriptor_xml'; - } else { - $validUntil = $cacheDuration = $expireTime = null; - - if ($element->hasAttribute('validUntil')) { - $validUntil = Utils::parseSAML2Time($element->getAttribute('validUntil')); - } - if ($element->hasAttribute('cacheDuration')) { - $cacheDuration = $element->getAttribute('cacheDuration'); - } - - $expireTime = Utils::getExpireTime($cacheDuration, $validUntil); - if (isset($expireTime) && time() > $expireTime) { - $errors[] = 'expired_xml'; - } - } - } - - // TODO: Support Metadata Sign Validation - - return $errors; - } - - /** - * Formats the IdP cert. - */ - public function formatIdPCert() - { - if (isset($this->_idp['x509cert'])) { - $this->_idp['x509cert'] = Utils::formatCert($this->_idp['x509cert']); - } - } - - /** - * Formats the Multple IdP certs. - */ - public function formatIdPCertMulti() - { - if (isset($this->_idp['x509certMulti'])) { - if (isset($this->_idp['x509certMulti']['signing'])) { - foreach ($this->_idp['x509certMulti']['signing'] as $i => $cert) { - $this->_idp['x509certMulti']['signing'][$i] = Utils::formatCert($cert); - } - } - if (isset($this->_idp['x509certMulti']['encryption'])) { - foreach ($this->_idp['x509certMulti']['encryption'] as $i => $cert) { - $this->_idp['x509certMulti']['encryption'][$i] = Utils::formatCert($cert); - } - } - } - } - - /** - * Formats the SP cert. - */ - public function formatSPCert() - { - if (isset($this->_sp['x509cert'])) { - $this->_sp['x509cert'] = Utils::formatCert($this->_sp['x509cert']); - } - } - - /** - * Formats the SP cert. - */ - public function formatSPCertNew() - { - if (isset($this->_sp['x509certNew'])) { - $this->_sp['x509certNew'] = Utils::formatCert($this->_sp['x509certNew']); - } - } - - /** - * Formats the SP private key. - */ - public function formatSPKey() - { - if (isset($this->_sp['privateKey'])) { - $this->_sp['privateKey'] = Utils::formatPrivateKey($this->_sp['privateKey']); - } - } - - /** - * Returns an array with the errors, the array is empty when the settings is ok. - * - * @return array Errors - */ - public function getErrors() - { - return $this->_errors; - } - - /** - * Activates or deactivates the strict mode. - * - * @param bool $value Strict parameter - * - * @throws Exception - */ - public function setStrict($value) - { - if (!is_bool($value)) { - throw new Exception('Invalid value passed to setStrict()'); - } - - $this->_strict = $value; - } - - /** - * Returns if the 'strict' mode is active. - * - * @return bool Strict parameter - */ - public function isStrict() - { - return $this->_strict; - } - - /** - * Returns if the debug is active. - * - * @return bool Debug parameter - */ - public function isDebugActive() - { - return $this->_debug; - } - - /** - * Set a baseurl value. - * - * @param string $baseurl Base URL. - */ - public function setBaseURL($baseurl) - { - $this->_baseurl = $baseurl; - } - - /** - * Returns the baseurl set on the settings if any. - * - * @return null|string The baseurl - */ - public function getBaseURL() - { - return $this->_baseurl; - } - - /** - * Sets the IdP certificate. - * - * @param string $cert IdP certificate - */ - public function setIdPCert($cert) - { - $this->_idp['x509cert'] = $cert; - $this->formatIdPCert(); - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Utils.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Utils.php deleted file mode 100644 index 582c117b..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/Utils.php +++ /dev/null @@ -1,1579 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -use RobRichards\XMLSecLibs\XMLSecurityKey; -use RobRichards\XMLSecLibs\XMLSecurityDSig; -use RobRichards\XMLSecLibs\XMLSecEnc; - -use DOMDocument; -use DOMElement; -use DOMNodeList; -use DomNode; -use DOMXPath; -use Exception; - -/** - * Utils of OneLogin PHP Toolkit - * - * Defines several often used methods - */ -class Utils -{ - const RESPONSE_SIGNATURE_XPATH = "/samlp:Response/ds:Signature"; - const ASSERTION_SIGNATURE_XPATH = "/samlp:Response/saml:Assertion/ds:Signature"; - - /** - * @var bool Control if the `Forwarded-For-*` headers are used - */ - private static $_proxyVars = false; - - /** - * @var string|null - */ - private static $_host; - - /** - * @var string|null - */ - private static $_protocol; - - /** - * @var string - */ - private static $_protocolRegex = '@^https?://@i'; - - /** - * @var int|null - */ - private static $_port; - - /** - * @var string|null - */ - private static $_baseurlpath; - - /** - * This function load an XML string in a save way. - * Prevent XEE/XXE Attacks - * - * @param DOMDocument $dom The document where load the xml. - * @param string $xml The XML string to be loaded. - * - * @return DOMDocument|false $dom The result of load the XML at the DOMDocument - * - * @throws Exception - */ - public static function loadXML(DOMDocument $dom, $xml) - { - assert($dom instanceof DOMDocument); - assert(is_string($xml)); - - $oldEntityLoader = null; - if (PHP_VERSION_ID < 80000) { - $oldEntityLoader = libxml_disable_entity_loader(true); - } - - $res = $dom->loadXML($xml); - - if (PHP_VERSION_ID < 80000) { - libxml_disable_entity_loader($oldEntityLoader); - } - - foreach ($dom->childNodes as $child) { - if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) { - throw new Exception( - 'Detected use of DOCTYPE/ENTITY in XML, disabled to prevent XXE/XEE attacks' - ); - } - } - - if (!$res) { - return false; - } else { - return $dom; - } - } - - /** - * This function attempts to validate an XML string against the specified schema. - * - * It will parse the string into a DOMDocument and validate this document against the schema. - * - * @param string|DOMDocument $xml The XML string or document which should be validated. - * @param string $schema The schema filename which should be used. - * @param bool $debug To disable/enable the debug mode - * @param string $schemaPath Change schema path - * - * @return string|DOMDocument $dom string that explains the problem or the DOMDocument - * - * @throws Exception - */ - public static function validateXML($xml, $schema, $debug = false, $schemaPath = null) - { - assert(is_string($xml) || $xml instanceof DOMDocument); - assert(is_string($schema)); - - libxml_clear_errors(); - libxml_use_internal_errors(true); - - if ($xml instanceof DOMDocument) { - $dom = $xml; - } else { - $dom = new DOMDocument; - $dom = self::loadXML($dom, $xml); - if (!$dom) { - return 'unloaded_xml'; - } - } - - if (isset($schemaPath)) { - $schemaFile = $schemaPath . $schema; - } else { - $schemaFile = __DIR__ . '/schemas/' . $schema; - } - - $oldEntityLoader = null; - if (PHP_VERSION_ID < 80000) { - $oldEntityLoader = libxml_disable_entity_loader(false); - } - $res = $dom->schemaValidate($schemaFile); - if (PHP_VERSION_ID < 80000) { - libxml_disable_entity_loader($oldEntityLoader); - } - if (!$res) { - $xmlErrors = libxml_get_errors(); - syslog(LOG_INFO, 'Error validating the metadata: '.var_export($xmlErrors, true)); - - if ($debug) { - foreach ($xmlErrors as $error) { - echo htmlentities($error->message)."\n"; - } - } - return 'invalid_xml'; - } - - return $dom; - } - - /** - * Import a node tree into a target document - * Copy it before a reference node as a sibling - * and at the end of the copy remove - * the reference node in the target document - * As it were 'replacing' it - * Leaving nested default namespaces alone - * (Standard importNode with deep copy - * mangles nested default namespaces) - * - * The reference node must not be a DomDocument - * It CAN be the top element of a document - * Returns the copied node in the target document - * - * @param DomNode $targetNode - * @param DomNode $sourceNode - * @param bool $recurse - * @return DOMNode - * @throws Exception - */ - public static function treeCopyReplace(DomNode $targetNode, DomNode $sourceNode, $recurse = false) - { - if ($targetNode->parentNode === null) { - throw new Exception('Illegal argument targetNode. It has no parentNode.'); - } - $clonedNode = $targetNode->ownerDocument->importNode($sourceNode, false); - if ($recurse) { - $resultNode = $targetNode->appendChild($clonedNode); - } else { - $resultNode = $targetNode->parentNode->insertBefore($clonedNode, $targetNode); - } - if ($sourceNode->childNodes !== null) { - foreach ($sourceNode->childNodes as $child) { - self::treeCopyReplace($resultNode, $child, true); - } - } - if (!$recurse) { - $targetNode->parentNode->removeChild($targetNode); - } - return $resultNode; - } - - /** - * Returns a x509 cert (adding header & footer if required). - * - * @param string $cert A x509 unformated cert - * @param bool $heads True if we want to include head and footer - * - * @return string $x509 Formatted cert - */ - public static function formatCert($cert, $heads = true) - { - $x509cert = str_replace(array("\x0D", "\r", "\n"), "", $cert); - if (!empty($x509cert)) { - $x509cert = str_replace('-----BEGIN CERTIFICATE-----', "", $x509cert); - $x509cert = str_replace('-----END CERTIFICATE-----', "", $x509cert); - $x509cert = str_replace(' ', '', $x509cert); - - if ($heads) { - $x509cert = "-----BEGIN CERTIFICATE-----\n".chunk_split($x509cert, 64, "\n")."-----END CERTIFICATE-----\n"; - } - - } - return $x509cert; - } - - /** - * Returns a private key (adding header & footer if required). - * - * @param string $key A private key - * @param bool $heads True if we want to include head and footer - * - * @return string $rsaKey Formatted private key - */ - public static function formatPrivateKey($key, $heads = true) - { - $key = str_replace(array("\x0D", "\r", "\n"), "", $key); - if (!empty($key)) { - if (strpos($key, '-----BEGIN PRIVATE KEY-----') !== false) { - $key = Utils::getStringBetween($key, '-----BEGIN PRIVATE KEY-----', '-----END PRIVATE KEY-----'); - $key = str_replace(' ', '', $key); - - if ($heads) { - $key = "-----BEGIN PRIVATE KEY-----\n".chunk_split($key, 64, "\n")."-----END PRIVATE KEY-----\n"; - } - } else if (strpos($key, '-----BEGIN RSA PRIVATE KEY-----') !== false) { - $key = Utils::getStringBetween($key, '-----BEGIN RSA PRIVATE KEY-----', '-----END RSA PRIVATE KEY-----'); - $key = str_replace(' ', '', $key); - - if ($heads) { - $key = "-----BEGIN RSA PRIVATE KEY-----\n".chunk_split($key, 64, "\n")."-----END RSA PRIVATE KEY-----\n"; - } - } else { - $key = str_replace(' ', '', $key); - - if ($heads) { - $key = "-----BEGIN RSA PRIVATE KEY-----\n".chunk_split($key, 64, "\n")."-----END RSA PRIVATE KEY-----\n"; - } - } - } - return $key; - } - - /** - * Extracts a substring between 2 marks - * - * @param string $str The target string - * @param string $start The initial mark - * @param string $end The end mark - * - * @return string A substring or an empty string if is not able to find the marks - * or if there is no string between the marks - */ - public static function getStringBetween($str, $start, $end) - { - $str = ' ' . $str; - $ini = strpos($str, $start); - - if ($ini == 0) { - return ''; - } - - $ini += strlen($start); - $len = strpos($str, $end, $ini) - $ini; - return substr($str, $ini, $len); - } - - /** - * Executes a redirection to the provided url (or return the target url). - * - * @param string $url The target url - * @param array $parameters Extra parameters to be passed as part of the url - * @param bool $stay True if we want to stay (returns the url string) False to redirect - * - * @return string|null $url - * - * @throws Error - */ - public static function redirect($url, array $parameters = array(), $stay = false) - { - assert(is_string($url)); - - if (substr($url, 0, 1) === '/') { - $url = self::getSelfURLhost() . $url; - } - - /** - * Verify that the URL matches the regex for the protocol. - * By default this will check for http and https - */ - $wrongProtocol = !preg_match(self::$_protocolRegex, $url); - $url = filter_var($url, FILTER_VALIDATE_URL); - if ($wrongProtocol || empty($url)) { - throw new Error( - 'Redirect to invalid URL: ' . $url, - Error::REDIRECT_INVALID_URL - ); - } - - /* Add encoded parameters */ - if (strpos($url, '?') === false) { - $paramPrefix = '?'; - } else { - $paramPrefix = '&'; - } - - foreach ($parameters as $name => $value) { - if ($value === null) { - $param = urlencode($name); - } else if (is_array($value)) { - $param = ""; - foreach ($value as $val) { - $param .= urlencode($name) . "[]=" . urlencode($val). '&'; - } - if (!empty($param)) { - $param = substr($param, 0, -1); - } - } else { - $param = urlencode($name) . '=' . urlencode($value); - } - - if (!empty($param)) { - $url .= $paramPrefix . $param; - $paramPrefix = '&'; - } - } - - if ($stay) { - return $url; - } - - header('Pragma: no-cache'); - header('Cache-Control: no-cache, must-revalidate'); - header('Location: ' . $url); - exit(); - } - - /** - * @param $protocolRegex string - */ - public static function setProtocolRegex($protocolRegex) - { - if (!empty($protocolRegex)) { - self::$_protocolRegex = $protocolRegex; - } - } - - /** - * Set the Base URL value. - * - * @param string $baseurl The base url to be used when constructing URLs - */ - public static function setBaseURL($baseurl) - { - if (!empty($baseurl)) { - $baseurlpath = '/'; - $matches = array(); - if (preg_match('#^https?://([^/]*)/?(.*)#i', $baseurl, $matches)) { - if (strpos($baseurl, 'https://') === false) { - self::setSelfProtocol('http'); - $port = '80'; - } else { - self::setSelfProtocol('https'); - $port = '443'; - } - - $currentHost = $matches[1]; - if (false !== strpos($currentHost, ':')) { - list($currentHost, $possiblePort) = explode(':', $matches[1], 2); - if (is_numeric($possiblePort)) { - $port = $possiblePort; - } - } - - if (isset($matches[2]) && !empty($matches[2])) { - $baseurlpath = $matches[2]; - } - - self::setSelfHost($currentHost); - self::setSelfPort($port); - self::setBaseURLPath($baseurlpath); - } - } else { - self::$_host = null; - self::$_protocol = null; - self::$_port = null; - self::$_baseurlpath = null; - } - } - - /** - * @param bool $proxyVars Whether to use `X-Forwarded-*` headers to determine port/domain/protocol - */ - public static function setProxyVars($proxyVars) - { - self::$_proxyVars = (bool)$proxyVars; - } - - /** - * @return bool - */ - public static function getProxyVars() - { - return self::$_proxyVars; - } - - /** - * Returns the protocol + the current host + the port (if different than - * common ports). - * - * @return string The URL - */ - public static function getSelfURLhost() - { - $currenthost = self::getSelfHost(); - - $port = ''; - - if (self::isHTTPS()) { - $protocol = 'https'; - } else { - $protocol = 'http'; - } - - $portnumber = self::getSelfPort(); - - if (isset($portnumber) && ($portnumber != '80') && ($portnumber != '443')) { - $port = ':' . $portnumber; - } - - return $protocol."://" . $currenthost . $port; - } - - /** - * @param string $host The host to use when constructing URLs - */ - public static function setSelfHost($host) - { - self::$_host = $host; - } - - /** - * @param string $baseurlpath The baseurl path to use when constructing URLs - */ - public static function setBaseURLPath($baseurlpath) - { - if (empty($baseurlpath)) { - self::$_baseurlpath = null; - } else if ($baseurlpath == '/') { - self::$_baseurlpath = '/'; - } else { - self::$_baseurlpath = '/' . trim($baseurlpath, '/') . '/'; - } - } - - /** - * @return string The baseurlpath to be used when constructing URLs - */ - public static function getBaseURLPath() - { - return self::$_baseurlpath; - } - - /** - * @return string The raw host name - */ - protected static function getRawHost() - { - if (self::$_host) { - $currentHost = self::$_host; - } elseif (self::getProxyVars() && array_key_exists('HTTP_X_FORWARDED_HOST', $_SERVER)) { - $currentHost = $_SERVER['HTTP_X_FORWARDED_HOST']; - } elseif (array_key_exists('HTTP_HOST', $_SERVER)) { - $currentHost = $_SERVER['HTTP_HOST']; - } elseif (array_key_exists('SERVER_NAME', $_SERVER)) { - $currentHost = $_SERVER['SERVER_NAME']; - } else { - if (function_exists('gethostname')) { - $currentHost = gethostname(); - } else { - $currentHost = php_uname("n"); - } - } - return $currentHost; - } - - /** - * @param int $port The port number to use when constructing URLs - */ - public static function setSelfPort($port) - { - self::$_port = $port; - } - - /** - * @param string $protocol The protocol to identify as using, usually http or https - */ - public static function setSelfProtocol($protocol) - { - self::$_protocol = $protocol; - } - - /** - * @return string http|https - */ - public static function getSelfProtocol() - { - $protocol = 'http'; - if (self::$_protocol) { - $protocol = self::$_protocol; - } elseif (self::getSelfPort() == 443) { - $protocol = 'https'; - } elseif (self::getProxyVars() && isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { - $protocol = $_SERVER['HTTP_X_FORWARDED_PROTO']; - } elseif (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') { - $protocol = 'https'; - } - return $protocol; - } - - /** - * Returns the current host. - * - * @return string $currentHost The current host - */ - public static function getSelfHost() - { - $currentHost = self::getRawHost(); - - // strip the port - if (false !== strpos($currentHost, ':')) { - list($currentHost, $port) = explode(':', $currentHost, 2); - } - - return $currentHost; - } - - /** - * @return null|string The port number used for the request - */ - public static function getSelfPort() - { - $portnumber = null; - if (self::$_port) { - $portnumber = self::$_port; - } else if (self::getProxyVars() && isset($_SERVER["HTTP_X_FORWARDED_PORT"])) { - $portnumber = $_SERVER["HTTP_X_FORWARDED_PORT"]; - } else if (isset($_SERVER["SERVER_PORT"])) { - $portnumber = $_SERVER["SERVER_PORT"]; - } else { - $currentHost = self::getRawHost(); - - // strip the port - if (false !== strpos($currentHost, ':')) { - list($currentHost, $port) = explode(':', $currentHost, 2); - if (is_numeric($port)) { - $portnumber = $port; - } - } - } - return $portnumber; - } - - /** - * Checks if https or http. - * - * @return bool $isHttps False if https is not active - */ - public static function isHTTPS() - { - return self::getSelfProtocol() == 'https'; - } - - /** - * Returns the URL of the current host + current view. - * - * @return string - */ - public static function getSelfURLNoQuery() - { - $selfURLNoQuery = self::getSelfURLhost(); - - $infoWithBaseURLPath = self::buildWithBaseURLPath($_SERVER['SCRIPT_NAME']); - if (!empty($infoWithBaseURLPath)) { - $selfURLNoQuery .= $infoWithBaseURLPath; - } else { - $selfURLNoQuery .= $_SERVER['SCRIPT_NAME']; - } - - if (isset($_SERVER['PATH_INFO'])) { - $selfURLNoQuery .= $_SERVER['PATH_INFO']; - } - - return $selfURLNoQuery; - } - - /** - * Returns the routed URL of the current host + current view. - * - * @return string - */ - public static function getSelfRoutedURLNoQuery() - { - $selfURLhost = self::getSelfURLhost(); - $route = ''; - - if (!empty($_SERVER['REQUEST_URI'])) { - $route = $_SERVER['REQUEST_URI']; - if (!empty($_SERVER['QUERY_STRING'])) { - $route = self::strLreplace($_SERVER['QUERY_STRING'], '', $route); - if (substr($route, -1) == '?') { - $route = substr($route, 0, -1); - } - } - } - - $infoWithBaseURLPath = self::buildWithBaseURLPath($route); - if (!empty($infoWithBaseURLPath)) { - $route = $infoWithBaseURLPath; - } - - $selfRoutedURLNoQuery = $selfURLhost . $route; - - $pos = strpos($selfRoutedURLNoQuery, "?"); - if ($pos !== false) { - $selfRoutedURLNoQuery = substr($selfRoutedURLNoQuery, 0, $pos); - } - - return $selfRoutedURLNoQuery; - } - - public static function strLreplace($search, $replace, $subject) - { - $pos = strrpos($subject, $search); - - if ($pos !== false) { - $subject = substr_replace($subject, $replace, $pos, strlen($search)); - } - - return $subject; - } - - /** - * Returns the URL of the current host + current view + query. - * - * @return string - */ - public static function getSelfURL() - { - $selfURLhost = self::getSelfURLhost(); - - $requestURI = ''; - if (!empty($_SERVER['REQUEST_URI'])) { - $requestURI = $_SERVER['REQUEST_URI']; - $matches = array(); - if ($requestURI[0] !== '/' && preg_match('#^https?://[^/]*(/.*)#i', $requestURI, $matches)) { - $requestURI = $matches[1]; - } - } - - $infoWithBaseURLPath = self::buildWithBaseURLPath($requestURI); - if (!empty($infoWithBaseURLPath)) { - $requestURI = $infoWithBaseURLPath; - } - - return $selfURLhost . $requestURI; - } - - /** - * Returns the part of the URL with the BaseURLPath. - * - * @param string $info Contains path info - * - * @return string - */ - protected static function buildWithBaseURLPath($info) - { - $result = ''; - $baseURLPath = self::getBaseURLPath(); - if (!empty($baseURLPath)) { - $result = $baseURLPath; - if (!empty($info)) { - $path = explode('/', $info); - $extractedInfo = array_pop($path); - if (!empty($extractedInfo)) { - $result .= $extractedInfo; - } - } - } - return $result; - } - - /** - * Extract a query param - as it was sent - from $_SERVER[QUERY_STRING] - * - * @param string $name The param to-be extracted - * - * @return string - */ - public static function extractOriginalQueryParam($name) - { - $index = strpos($_SERVER['QUERY_STRING'], $name.'='); - $substring = substr($_SERVER['QUERY_STRING'], $index + strlen($name) + 1); - $end = strpos($substring, '&'); - return $end ? substr($substring, 0, strpos($substring, '&')) : $substring; - } - - /** - * Generates an unique string (used for example as ID for assertions). - * - * @return string A unique string - */ - public static function generateUniqueID() - { - return 'ONELOGIN_' . sha1(uniqid((string)mt_rand(), true)); - } - - /** - * Converts a UNIX timestamp to SAML2 timestamp on the form - * yyyy-mm-ddThh:mm:ss(\.s+)?Z. - * - * @param string|int $time The time we should convert (DateTime). - * - * @return string $timestamp SAML2 timestamp. - */ - public static function parseTime2SAML($time) - { - $date = new \DateTime("@$time", new \DateTimeZone('UTC')); - $timestamp = $date->format("Y-m-d\TH:i:s\Z"); - return $timestamp; - } - - /** - * Converts a SAML2 timestamp on the form yyyy-mm-ddThh:mm:ss(\.s+)?Z - * to a UNIX timestamp. The sub-second part is ignored. - * - * @param string $time The time we should convert (SAML Timestamp). - * - * @return int $timestamp Converted to a unix timestamp. - * - * @throws Exception - */ - public static function parseSAML2Time($time) - { - $matches = array(); - - /* We use a very strict regex to parse the timestamp. */ - $exp1 = '/^(\\d\\d\\d\\d)-(\\d\\d)-(\\d\\d)'; - $exp2 = 'T(\\d\\d):(\\d\\d):(\\d\\d)(?:\\.\\d+)?Z$/D'; - if (preg_match($exp1 . $exp2, $time, $matches) == 0) { - throw new Exception( - 'Invalid SAML2 timestamp passed to' . - ' parseSAML2Time: ' . $time - ); - } - - /* Extract the different components of the time from the - * matches in the regex. int cast will ignore leading zeroes - * in the string. - */ - $year = (int) $matches[1]; - $month = (int) $matches[2]; - $day = (int) $matches[3]; - $hour = (int) $matches[4]; - $minute = (int) $matches[5]; - $second = (int) $matches[6]; - - /* We use gmmktime because the timestamp will always be given - * in UTC. - */ - $ts = gmmktime($hour, $minute, $second, $month, $day, $year); - - return $ts; - } - - - /** - * Interprets a ISO8601 duration value relative to a given timestamp. - * - * @param string $duration The duration, as a string. - * @param int|null $timestamp The unix timestamp we should apply the - * duration to. Optional, default to the - * current time. - * - * @return int The new timestamp, after the duration is applied. - * - * @throws Exception - */ - public static function parseDuration($duration, $timestamp = null) - { - assert(is_string($duration)); - assert(is_null($timestamp) || is_int($timestamp)); - - $matches = array(); - - /* Parse the duration. We use a very strict pattern. */ - $durationRegEx = '#^(-?)P(?:(?:(?:(\\d+)Y)?(?:(\\d+)M)?(?:(\\d+)D)?(?:T(?:(\\d+)H)?(?:(\\d+)M)?(?:(\\d+)S)?)?)|(?:(\\d+)W))$#D'; - if (!preg_match($durationRegEx, $duration, $matches)) { - throw new Exception('Invalid ISO 8601 duration: ' . $duration); - } - - $durYears = (empty($matches[2]) ? 0 : (int)$matches[2]); - $durMonths = (empty($matches[3]) ? 0 : (int)$matches[3]); - $durDays = (empty($matches[4]) ? 0 : (int)$matches[4]); - $durHours = (empty($matches[5]) ? 0 : (int)$matches[5]); - $durMinutes = (empty($matches[6]) ? 0 : (int)$matches[6]); - $durSeconds = (empty($matches[7]) ? 0 : (int)$matches[7]); - $durWeeks = (empty($matches[8]) ? 0 : (int)$matches[8]); - - if (!empty($matches[1])) { - /* Negative */ - $durYears = -$durYears; - $durMonths = -$durMonths; - $durDays = -$durDays; - $durHours = -$durHours; - $durMinutes = -$durMinutes; - $durSeconds = -$durSeconds; - $durWeeks = -$durWeeks; - } - - if ($timestamp === null) { - $timestamp = time(); - } - - if ($durYears !== 0 || $durMonths !== 0) { - /* Special handling of months and years, since they aren't a specific interval, but - * instead depend on the current time. - */ - - /* We need the year and month from the timestamp. Unfortunately, PHP doesn't have the - * gmtime function. Instead we use the gmdate function, and split the result. - */ - $yearmonth = explode(':', gmdate('Y:n', $timestamp)); - $year = (int)$yearmonth[0]; - $month = (int)$yearmonth[1]; - - /* Remove the year and month from the timestamp. */ - $timestamp -= gmmktime(0, 0, 0, $month, 1, $year); - - /* Add years and months, and normalize the numbers afterwards. */ - $year += $durYears; - $month += $durMonths; - while ($month > 12) { - $year += 1; - $month -= 12; - } - while ($month < 1) { - $year -= 1; - $month += 12; - } - - /* Add year and month back into timestamp. */ - $timestamp += gmmktime(0, 0, 0, $month, 1, $year); - } - - /* Add the other elements. */ - $timestamp += $durWeeks * 7 * 24 * 60 * 60; - $timestamp += $durDays * 24 * 60 * 60; - $timestamp += $durHours * 60 * 60; - $timestamp += $durMinutes * 60; - $timestamp += $durSeconds; - - return $timestamp; - } - - /** - * Compares 2 dates and returns the earliest. - * - * @param string|null $cacheDuration The duration, as a string. - * @param string|int|null $validUntil The valid until date, as a string or as a timestamp - * - * @return int|null $expireTime The expiration time. - * - * @throws Exception - */ - public static function getExpireTime($cacheDuration = null, $validUntil = null) - { - $expireTime = null; - - if ($cacheDuration !== null) { - $expireTime = self::parseDuration($cacheDuration, time()); - } - - if ($validUntil !== null) { - if (is_int($validUntil)) { - $validUntilTime = $validUntil; - } else { - $validUntilTime = self::parseSAML2Time($validUntil); - } - if ($expireTime === null || $expireTime > $validUntilTime) { - $expireTime = $validUntilTime; - } - } - - return $expireTime; - } - - - /** - * Extracts nodes from the DOMDocument. - * - * @param DOMDocument $dom The DOMDocument - * @param string $query \Xpath Expression - * @param DOMElement|null $context Context Node (DOMElement) - * - * @return DOMNodeList The queried nodes - */ - public static function query(DOMDocument $dom, $query, DOMElement $context = null) - { - $xpath = new DOMXPath($dom); - $xpath->registerNamespace('samlp', Constants::NS_SAMLP); - $xpath->registerNamespace('saml', Constants::NS_SAML); - $xpath->registerNamespace('ds', Constants::NS_DS); - $xpath->registerNamespace('xenc', Constants::NS_XENC); - $xpath->registerNamespace('xsi', Constants::NS_XSI); - $xpath->registerNamespace('xs', Constants::NS_XS); - $xpath->registerNamespace('md', Constants::NS_MD); - - if (isset($context)) { - $res = $xpath->query($query, $context); - } else { - $res = $xpath->query($query); - } - return $res; - } - - /** - * Checks if the session is started or not. - * - * @return bool true if the sessíon is started - */ - public static function isSessionStarted() - { - if (PHP_VERSION_ID >= 50400) { - return session_status() === PHP_SESSION_ACTIVE ? true : false; - } else { - return session_id() === '' ? false : true; - } - } - - /** - * Deletes the local session. - */ - public static function deleteLocalSession() - { - if (Utils::isSessionStarted()) { - session_unset(); - session_destroy(); - } else { - $_SESSION = array(); - } - } - - /** - * Calculates the fingerprint of a x509cert. - * - * @param string $x509cert x509 cert formatted - * @param string $alg Algorithm to be used in order to calculate the fingerprint - * - * @return null|string Formatted fingerprint - */ - public static function calculateX509Fingerprint($x509cert, $alg = 'sha1') - { - assert(is_string($x509cert)); - - $arCert = explode("\n", $x509cert); - $data = ''; - $inData = false; - - foreach ($arCert as $curData) { - if (! $inData) { - if (strncmp($curData, '-----BEGIN CERTIFICATE', 22) == 0) { - $inData = true; - } elseif ((strncmp($curData, '-----BEGIN PUBLIC KEY', 21) == 0) || (strncmp($curData, '-----BEGIN RSA PRIVATE KEY', 26) == 0)) { - /* This isn't an X509 certificate. */ - return null; - } - } else { - if (strncmp($curData, '-----END CERTIFICATE', 20) == 0) { - break; - } - $data .= trim($curData); - } - } - - if (empty($data)) { - return null; - } - - $decodedData = base64_decode($data); - - switch ($alg) { - case 'sha512': - case 'sha384': - case 'sha256': - $fingerprint = hash($alg, $decodedData, false); - break; - case 'sha1': - default: - $fingerprint = strtolower(sha1($decodedData)); - break; - } - return $fingerprint; - } - - /** - * Formates a fingerprint. - * - * @param string $fingerprint fingerprint - * - * @return string Formatted fingerprint - */ - public static function formatFingerPrint($fingerprint) - { - $formatedFingerprint = str_replace(':', '', $fingerprint); - $formatedFingerprint = strtolower($formatedFingerprint); - return $formatedFingerprint; - } - - /** - * Generates a nameID. - * - * @param string $value fingerprint - * @param string $spnq SP Name Qualifier - * @param string|null $format SP Format - * @param string|null $cert IdP Public cert to encrypt the nameID - * @param string|null $nq IdP Name Qualifier - * @param string|null $encAlg Encryption algorithm - * - * @return string $nameIDElement DOMElement | XMLSec nameID - * - * @throws Exception - */ - public static function generateNameId($value, $spnq, $format = null, $cert = null, $nq = null, $encAlg = XMLSecurityKey::AES128_CBC) - { - - $doc = new DOMDocument(); - - $nameId = $doc->createElement('saml:NameID'); - if (isset($spnq)) { - $nameId->setAttribute('SPNameQualifier', $spnq); - } - if (isset($nq)) { - $nameId->setAttribute('NameQualifier', $nq); - } - if (isset($format)) { - $nameId->setAttribute('Format', $format); - } - $nameId->appendChild($doc->createTextNode($value)); - - $doc->appendChild($nameId); - - if (!empty($cert)) { - if ($encAlg == XMLSecurityKey::AES128_CBC) { - $seckey = new XMLSecurityKey(XMLSecurityKey::RSA_1_5, array('type'=>'public')); - } else { - $seckey = new XMLSecurityKey(XMLSecurityKey::RSA_OAEP_MGF1P, array('type'=>'public')); - } - $seckey->loadKey($cert); - - $enc = new XMLSecEnc(); - $enc->setNode($nameId); - $enc->type = XMLSecEnc::Element; - - $symmetricKey = new XMLSecurityKey($encAlg); - $symmetricKey->generateSessionKey(); - $enc->encryptKey($seckey, $symmetricKey); - - $encryptedData = $enc->encryptNode($symmetricKey); - - $newdoc = new DOMDocument(); - - $encryptedID = $newdoc->createElement('saml:EncryptedID'); - - $newdoc->appendChild($encryptedID); - - $encryptedID->appendChild($encryptedID->ownerDocument->importNode($encryptedData, true)); - - return $newdoc->saveXML($encryptedID); - } else { - return $doc->saveXML($nameId); - } - } - - - /** - * Gets Status from a Response. - * - * @param DOMDocument $dom The Response as XML - * - * @return array $status The Status, an array with the code and a message. - * - * @throws ValidationError - */ - public static function getStatus(DOMDocument $dom) - { - $status = array(); - - $statusEntry = self::query($dom, '/samlp:Response/samlp:Status'); - if ($statusEntry->length != 1) { - throw new ValidationError( - "Missing Status on response", - ValidationError::MISSING_STATUS - ); - } - - $codeEntry = self::query($dom, '/samlp:Response/samlp:Status/samlp:StatusCode', $statusEntry->item(0)); - if ($codeEntry->length != 1) { - throw new ValidationError( - "Missing Status Code on response", - ValidationError::MISSING_STATUS_CODE - ); - } - $code = $codeEntry->item(0)->getAttribute('Value'); - $status['code'] = $code; - - $status['msg'] = ''; - $messageEntry = self::query($dom, '/samlp:Response/samlp:Status/samlp:StatusMessage', $statusEntry->item(0)); - if ($messageEntry->length == 0) { - $subCodeEntry = self::query($dom, '/samlp:Response/samlp:Status/samlp:StatusCode/samlp:StatusCode', $statusEntry->item(0)); - if ($subCodeEntry->length == 1) { - $status['msg'] = $subCodeEntry->item(0)->getAttribute('Value'); - } - } else if ($messageEntry->length == 1) { - $msg = $messageEntry->item(0)->textContent; - $status['msg'] = $msg; - } - - return $status; - } - - /** - * Decrypts an encrypted element. - * - * @param DOMElement $encryptedData The encrypted data. - * @param XMLSecurityKey $inputKey The decryption key. - * @param bool $formatOutput Format or not the output. - * - * @return DOMElement The decrypted element. - * - * @throws ValidationError - */ - public static function decryptElement(DOMElement $encryptedData, XMLSecurityKey $inputKey, $formatOutput = true) - { - - $enc = new XMLSecEnc(); - - $enc->setNode($encryptedData); - $enc->type = $encryptedData->getAttribute("Type"); - - $symmetricKey = $enc->locateKey($encryptedData); - if (!$symmetricKey) { - throw new ValidationError( - 'Could not locate key algorithm in encrypted data.', - ValidationError::KEY_ALGORITHM_ERROR - ); - } - - $symmetricKeyInfo = $enc->locateKeyInfo($symmetricKey); - if (!$symmetricKeyInfo) { - throw new ValidationError( - "Could not locate for the encrypted key.", - ValidationError::KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA - ); - } - - $inputKeyAlgo = $inputKey->getAlgorithm(); - if ($symmetricKeyInfo->isEncrypted) { - $symKeyInfoAlgo = $symmetricKeyInfo->getAlgorithm(); - - if ($symKeyInfoAlgo === XMLSecurityKey::RSA_OAEP_MGF1P && $inputKeyAlgo === XMLSecurityKey::RSA_1_5) { - $inputKeyAlgo = XMLSecurityKey::RSA_OAEP_MGF1P; - } - - if ($inputKeyAlgo !== $symKeyInfoAlgo) { - throw new ValidationError( - 'Algorithm mismatch between input key and key used to encrypt ' . - ' the symmetric key for the message. Key was: ' . - var_export($inputKeyAlgo, true) . '; message was: ' . - var_export($symKeyInfoAlgo, true), - ValidationError::KEY_ALGORITHM_ERROR - ); - } - - $encKey = $symmetricKeyInfo->encryptedCtx; - $symmetricKeyInfo->key = $inputKey->key; - $keySize = $symmetricKey->getSymmetricKeySize(); - if ($keySize === null) { - // To protect against "key oracle" attacks - throw new ValidationError( - 'Unknown key size for encryption algorithm: ' . var_export($symmetricKey->type, true), - ValidationError::KEY_ALGORITHM_ERROR - ); - } - - $key = $encKey->decryptKey($symmetricKeyInfo); - if (strlen($key) != $keySize) { - $encryptedKey = $encKey->getCipherValue(); - $pkey = openssl_pkey_get_details($symmetricKeyInfo->key); - $pkey = sha1(serialize($pkey), true); - $key = sha1($encryptedKey . $pkey, true); - - /* Make sure that the key has the correct length. */ - if (strlen($key) > $keySize) { - $key = substr($key, 0, $keySize); - } elseif (strlen($key) < $keySize) { - $key = str_pad($key, $keySize); - } - } - $symmetricKey->loadKey($key); - } else { - $symKeyAlgo = $symmetricKey->getAlgorithm(); - if ($inputKeyAlgo !== $symKeyAlgo) { - throw new ValidationError( - 'Algorithm mismatch between input key and key in message. ' . - 'Key was: ' . var_export($inputKeyAlgo, true) . '; message was: ' . - var_export($symKeyAlgo, true), - ValidationError::KEY_ALGORITHM_ERROR - ); - } - $symmetricKey = $inputKey; - } - - $decrypted = $enc->decryptNode($symmetricKey, false); - - $xml = ''.$decrypted.''; - $newDoc = new DOMDocument(); - if ($formatOutput) { - $newDoc->preserveWhiteSpace = false; - $newDoc->formatOutput = true; - } - $newDoc = self::loadXML($newDoc, $xml); - if (!$newDoc) { - throw new ValidationError( - 'Failed to parse decrypted XML.', - ValidationError::INVALID_XML_FORMAT - ); - } - - $decryptedElement = $newDoc->firstChild->firstChild; - if ($decryptedElement === null) { - throw new ValidationError( - 'Missing encrypted element.', - ValidationError::MISSING_ENCRYPTED_ELEMENT - ); - } - - return $decryptedElement; - } - - /** - * Converts a XMLSecurityKey to the correct algorithm. - * - * @param XMLSecurityKey $key The key. - * @param string $algorithm The desired algorithm. - * @param string $type Public or private key, defaults to public. - * - * @return XMLSecurityKey The new key. - * - * @throws Exception - */ - public static function castKey(XMLSecurityKey $key, $algorithm, $type = 'public') - { - assert(is_string($algorithm)); - assert($type === 'public' || $type === 'private'); - - // do nothing if algorithm is already the type of the key - if ($key->type === $algorithm) { - return $key; - } - - if (!Utils::isSupportedSigningAlgorithm($algorithm)) { - throw new Exception('Unsupported signing algorithm.'); - } - - $keyInfo = openssl_pkey_get_details($key->key); - if ($keyInfo === false) { - throw new Exception('Unable to get key details from XMLSecurityKey.'); - } - if (!isset($keyInfo['key'])) { - throw new Exception('Missing key in public key details.'); - } - $newKey = new XMLSecurityKey($algorithm, array('type'=>$type)); - $newKey->loadKey($keyInfo['key']); - return $newKey; - } - - /** - * @param $algorithm - * - * @return bool - */ - public static function isSupportedSigningAlgorithm($algorithm) - { - return in_array( - $algorithm, - array( - XMLSecurityKey::RSA_1_5, - XMLSecurityKey::RSA_SHA1, - XMLSecurityKey::RSA_SHA256, - XMLSecurityKey::RSA_SHA384, - XMLSecurityKey::RSA_SHA512 - ) - ); - } - - /** - * Adds signature key and senders certificate to an element (Message or Assertion). - * - * @param string|DOMDocument $xml The element we should sign - * @param string $key The private key - * @param string $cert The public - * @param string $signAlgorithm Signature algorithm method - * @param string $digestAlgorithm Digest algorithm method - * - * @return string - * - * @throws Exception - */ - public static function addSign($xml, $key, $cert, $signAlgorithm = XMLSecurityKey::RSA_SHA256, $digestAlgorithm = XMLSecurityDSig::SHA256) - { - if ($xml instanceof DOMDocument) { - $dom = $xml; - } else { - $dom = new DOMDocument(); - $dom = self::loadXML($dom, $xml); - if (!$dom) { - throw new Exception('Error parsing xml string'); - } - } - - /* Load the private key. */ - $objKey = new XMLSecurityKey($signAlgorithm, array('type' => 'private')); - $objKey->loadKey($key, false); - - /* Get the EntityDescriptor node we should sign. */ - $rootNode = $dom->firstChild; - - /* Sign the metadata with our private key. */ - $objXMLSecDSig = new XMLSecurityDSig(); - $objXMLSecDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); - - $objXMLSecDSig->addReferenceList( - array($rootNode), - $digestAlgorithm, - array('http://www.w3.org/2000/09/xmldsig#enveloped-signature', XMLSecurityDSig::EXC_C14N), - array('id_name' => 'ID') - ); - - $objXMLSecDSig->sign($objKey); - - /* Add the certificate to the signature. */ - $objXMLSecDSig->add509Cert($cert, true); - - $insertBefore = $rootNode->firstChild; - $messageTypes = array('AuthnRequest', 'Response', 'LogoutRequest','LogoutResponse'); - if (in_array($rootNode->localName, $messageTypes)) { - $issuerNodes = self::query($dom, '/'.$rootNode->tagName.'/saml:Issuer'); - if ($issuerNodes->length == 1) { - $insertBefore = $issuerNodes->item(0)->nextSibling; - } - } - - /* Add the signature. */ - $objXMLSecDSig->insertSignature($rootNode, $insertBefore); - - /* Return the DOM tree as a string. */ - $signedxml = $dom->saveXML(); - - return $signedxml; - } - - /** - * Validates a signature (Message or Assertion). - * - * @param string|\DomNode $xml The element we should validate - * @param string|null $cert The public cert - * @param string|null $fingerprint The fingerprint of the public cert - * @param string|null $fingerprintalg The algorithm used to get the fingerprint - * @param string|null $xpath The xpath of the signed element - * @param array|null $multiCerts Multiple public certs - * - * @return bool - * - * @throws Exception - */ - public static function validateSign($xml, $cert = null, $fingerprint = null, $fingerprintalg = 'sha1', $xpath = null, $multiCerts = null) - { - if ($xml instanceof DOMDocument) { - $dom = clone $xml; - } else if ($xml instanceof DOMElement) { - $dom = clone $xml->ownerDocument; - } else { - $dom = new DOMDocument(); - $dom = self::loadXML($dom, $xml); - } - - $objXMLSecDSig = new XMLSecurityDSig(); - $objXMLSecDSig->idKeys = array('ID'); - - if ($xpath) { - $nodeset = Utils::query($dom, $xpath); - $objDSig = $nodeset->item(0); - $objXMLSecDSig->sigNode = $objDSig; - } else { - $objDSig = $objXMLSecDSig->locateSignature($dom); - } - - if (!$objDSig) { - throw new Exception('Cannot locate Signature Node'); - } - - $objKey = $objXMLSecDSig->locateKey(); - if (!$objKey) { - throw new Exception('We have no idea about the key'); - } - - if (!Utils::isSupportedSigningAlgorithm($objKey->type)) { - throw new Exception('Unsupported signing algorithm.'); - } - - $objXMLSecDSig->canonicalizeSignedInfo(); - - try { - $retVal = $objXMLSecDSig->validateReference(); - } catch (Exception $e) { - throw $e; - } - - XMLSecEnc::staticLocateKeyInfo($objKey, $objDSig); - - if (!empty($multiCerts)) { - // If multiple certs are provided, I may ignore $cert and - // $fingerprint provided by the method and just check the - // certs on the array - $fingerprint = null; - } else { - // else I add the cert to the array in order to check - // validate signatures with it and the with it and the - // $fingerprint value - $multiCerts = array($cert); - } - - $valid = false; - foreach ($multiCerts as $cert) { - if (!empty($cert)) { - $objKey->loadKey($cert, false, true); - if ($objXMLSecDSig->verify($objKey) === 1) { - $valid = true; - break; - } - } else { - if (!empty($fingerprint)) { - $domCert = $objKey->getX509Certificate(); - $domCertFingerprint = Utils::calculateX509Fingerprint($domCert, $fingerprintalg); - if (Utils::formatFingerPrint($fingerprint) == $domCertFingerprint) { - $objKey->loadKey($domCert, false, true); - if ($objXMLSecDSig->verify($objKey) === 1) { - $valid = true; - break; - } - } - } - } - } - return $valid; - } - - /** - * Validates a binary signature - * - * @param string $messageType Type of SAML Message - * @param array $getData HTTP GET array - * @param array $idpData IdP setting data - * @param bool $retrieveParametersFromServer Indicates where to get the values in order to validate the Sign, from getData or from $_SERVER - * - * @return bool - * - * @throws Exception - */ - public static function validateBinarySign($messageType, $getData, $idpData, $retrieveParametersFromServer = false) - { - if (!isset($getData['SigAlg'])) { - $signAlg = XMLSecurityKey::RSA_SHA1; - } else { - $signAlg = $getData['SigAlg']; - } - - if ($retrieveParametersFromServer) { - $signedQuery = $messageType.'='.Utils::extractOriginalQueryParam($messageType); - if (isset($getData['RelayState'])) { - $signedQuery .= '&RelayState='.Utils::extractOriginalQueryParam('RelayState'); - } - $signedQuery .= '&SigAlg='.Utils::extractOriginalQueryParam('SigAlg'); - } else { - $signedQuery = $messageType.'='.urlencode($getData[$messageType]); - if (isset($getData['RelayState'])) { - $signedQuery .= '&RelayState='.urlencode($getData['RelayState']); - } - $signedQuery .= '&SigAlg='.urlencode($signAlg); - } - - if ($messageType == "SAMLRequest") { - $strMessageType = "Logout Request"; - } else { - $strMessageType = "Logout Response"; - } - $existsMultiX509Sign = isset($idpData['x509certMulti']) && isset($idpData['x509certMulti']['signing']) && !empty($idpData['x509certMulti']['signing']); - if ((!isset($idpData['x509cert']) || empty($idpData['x509cert'])) && !$existsMultiX509Sign) { - throw new Error( - "In order to validate the sign on the ".$strMessageType.", the x509cert of the IdP is required", - Error::CERT_NOT_FOUND - ); - } - - if ($existsMultiX509Sign) { - $multiCerts = $idpData['x509certMulti']['signing']; - } else { - $multiCerts = array($idpData['x509cert']); - } - - $signatureValid = false; - foreach ($multiCerts as $cert) { - $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type' => 'public')); - $objKey->loadKey($cert, false, true); - - if ($signAlg != XMLSecurityKey::RSA_SHA1) { - try { - $objKey = Utils::castKey($objKey, $signAlg, 'public'); - } catch (Exception $e) { - $ex = new ValidationError( - "Invalid signAlg in the recieved ".$strMessageType, - ValidationError::INVALID_SIGNATURE - ); - if (count($multiCerts) == 1) { - throw $ex; - } - } - } - - if ($objKey->verifySignature($signedQuery, base64_decode($getData['Signature'])) === 1) { - $signatureValid = true; - break; - } - } - return $signatureValid; - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/ValidationError.php b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/ValidationError.php deleted file mode 100644 index 889f531c..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/ValidationError.php +++ /dev/null @@ -1,100 +0,0 @@ - - * @license MIT https://github.com/onelogin/php-saml/blob/master/LICENSE - * @link https://github.com/onelogin/php-saml - */ - -namespace OneLogin\Saml2; - -use Exception; - -/** - * ValidationError class of OneLogin PHP Toolkit - * - * This class implements another custom Exception handler, - * related to exceptions that happens during validation process. - */ -class ValidationError extends Exception -{ - // Validation Errors - const UNSUPPORTED_SAML_VERSION = 0; - const MISSING_ID = 1; - const WRONG_NUMBER_OF_ASSERTIONS = 2; - const MISSING_STATUS = 3; - const MISSING_STATUS_CODE = 4; - const STATUS_CODE_IS_NOT_SUCCESS = 5; - const WRONG_SIGNED_ELEMENT = 6; - const ID_NOT_FOUND_IN_SIGNED_ELEMENT = 7; - const DUPLICATED_ID_IN_SIGNED_ELEMENTS = 8; - const INVALID_SIGNED_ELEMENT = 9; - const DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS = 10; - const UNEXPECTED_SIGNED_ELEMENTS = 11; - const WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE = 12; - const WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION = 13; - const INVALID_XML_FORMAT = 14; - const WRONG_INRESPONSETO = 15; - const NO_ENCRYPTED_ASSERTION = 16; - const NO_ENCRYPTED_NAMEID = 17; - const MISSING_CONDITIONS = 18; - const ASSERTION_TOO_EARLY = 19; - const ASSERTION_EXPIRED = 20; - const WRONG_NUMBER_OF_AUTHSTATEMENTS = 21; - const NO_ATTRIBUTESTATEMENT = 22; - const ENCRYPTED_ATTRIBUTES = 23; - const WRONG_DESTINATION = 24; - const EMPTY_DESTINATION = 25; - const WRONG_AUDIENCE = 26; - const ISSUER_MULTIPLE_IN_RESPONSE = 27; - const ISSUER_NOT_FOUND_IN_ASSERTION = 28; - const WRONG_ISSUER = 29; - const SESSION_EXPIRED = 30; - const WRONG_SUBJECTCONFIRMATION = 31; - const NO_SIGNED_MESSAGE = 32; - const NO_SIGNED_ASSERTION = 33; - const NO_SIGNATURE_FOUND = 34; - const KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA = 35; - const CHILDREN_NODE_NOT_FOUND_IN_KEYINFO = 36; - const UNSUPPORTED_RETRIEVAL_METHOD = 37; - const NO_NAMEID = 38; - const EMPTY_NAMEID = 39; - const SP_NAME_QUALIFIER_NAME_MISMATCH = 40; - const DUPLICATED_ATTRIBUTE_NAME_FOUND = 41; - const INVALID_SIGNATURE = 42; - const WRONG_NUMBER_OF_SIGNATURES = 43; - const RESPONSE_EXPIRED = 44; - const UNEXPECTED_REFERENCE = 45; - const NOT_SUPPORTED = 46; - const KEY_ALGORITHM_ERROR = 47; - const MISSING_ENCRYPTED_ELEMENT = 48; - - - /** - * Constructor - * - * @param string $msg Describes the error. - * @param int $code The code error (defined in the error class). - * @param array|null $args Arguments used in the message that describes the error. - */ - public function __construct($msg, $code = 0, $args = array()) - { - assert(is_string($msg)); - assert(is_int($code)); - - if (!isset($args)) { - $args = array(); - } - $params = array_merge(array($msg), $args); - $message = call_user_func_array('sprintf', $params); - - parent::__construct($message, $code); - } -} diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-assertion-2.0.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-assertion-2.0.xsd deleted file mode 100644 index 2b2f7b80..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-assertion-2.0.xsd +++ /dev/null @@ -1,283 +0,0 @@ - - - - - - - Document identifier: saml-schema-assertion-2.0 - Location: http://docs.oasis-open.org/security/saml/v2.0/ - Revision history: - V1.0 (November, 2002): - Initial Standard Schema. - V1.1 (September, 2003): - Updates within the same V1.0 namespace. - V2.0 (March, 2005): - New assertion schema for SAML V2.0 namespace. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-authn-context-2.0.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-authn-context-2.0.xsd deleted file mode 100644 index e4754faf..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-authn-context-2.0.xsd +++ /dev/null @@ -1,23 +0,0 @@ - - - - - - Document identifier: saml-schema-authn-context-2.0 - Location: http://docs.oasis-open.org/security/saml/v2.0/ - Revision history: - V2.0 (March, 2005): - New core authentication context schema for SAML V2.0. - This is just an include of all types from the schema - referred to in the include statement below. - - - - - - \ No newline at end of file diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-authn-context-types-2.0.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-authn-context-types-2.0.xsd deleted file mode 100644 index 8513959a..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-authn-context-types-2.0.xsd +++ /dev/null @@ -1,821 +0,0 @@ - - - - - - Document identifier: saml-schema-authn-context-types-2.0 - Location: http://docs.oasis-open.org/security/saml/v2.0/ - Revision history: - V2.0 (March, 2005): - New core authentication context schema types for SAML V2.0. - - - - - - - A particular assertion on an identity - provider's part with respect to the authentication - context associated with an authentication assertion. - - - - - - - - Refers to those characteristics that describe the - processes and mechanisms - the Authentication Authority uses to initially create - an association between a Principal - and the identity (or name) by which the Principal will - be known - - - - - - - - This element indicates that identification has been - performed in a physical - face-to-face meeting with the principal and not in an - online manner. - - - - - - - - - - - - - - - - - - - - Refers to those characterstics that describe how the - 'secret' (the knowledge or possession - of which allows the Principal to authenticate to the - Authentication Authority) is kept secure - - - - - - - - This element indicates the types and strengths of - facilities - of a UA used to protect a shared secret key from - unauthorized access and/or use. - - - - - - - - This element indicates the types and strengths of - facilities - of a UA used to protect a private key from - unauthorized access and/or use. - - - - - - - The actions that must be performed - before the private key can be used. - - - - - - Whether or not the private key is shared - with the certificate authority. - - - - - - - In which medium is the key stored. - memory - the key is stored in memory. - smartcard - the key is stored in a smartcard. - token - the key is stored in a hardware token. - MobileDevice - the key is stored in a mobile device. - MobileAuthCard - the key is stored in a mobile - authentication card. - - - - - - - - - - - This element indicates that a password (or passphrase) - has been used to - authenticate the Principal to a remote system. - - - - - - - - This element indicates that a Pin (Personal - Identification Number) has been used to authenticate the Principal to - some local system in order to activate a key. - - - - - - - - This element indicates that a hardware or software - token is used - as a method of identifying the Principal. - - - - - - - - This element indicates that a time synchronization - token is used to identify the Principal. hardware - - the time synchonization - token has been implemented in hardware. software - the - time synchronization - token has been implemented in software. SeedLength - - the length, in bits, of the - random seed used in the time synchronization token. - - - - - - - - This element indicates that a smartcard is used to - identity the Principal. - - - - - - - - This element indicates the minimum and/or maximum - ASCII length of the password which is enforced (by the UA or the - IdP). In other words, this is the minimum and/or maximum number of - ASCII characters required to represent a valid password. - min - the minimum number of ASCII characters required - in a valid password, as enforced by the UA or the IdP. - max - the maximum number of ASCII characters required - in a valid password, as enforced by the UA or the IdP. - - - - - - - - This element indicates the length of time for which an - PIN-based authentication is valid. - - - - - - - - Indicates whether the password was chosen by the - Principal or auto-supplied by the Authentication Authority. - principalchosen - the Principal is allowed to choose - the value of the password. This is true even if - the initial password is chosen at random by the UA or - the IdP and the Principal is then free to change - the password. - automatic - the password is chosen by the UA or the - IdP to be cryptographically strong in some sense, - or to satisfy certain password rules, and that the - Principal is not free to change it or to choose a new password. - - - - - - - - - - - - - - - - - - - Refers to those characteristics that define the - mechanisms by which the Principal authenticates to the Authentication - Authority. - - - - - - - - The method that a Principal employs to perform - authentication to local system components. - - - - - - - - The method applied to validate a principal's - authentication across a network - - - - - - - - Supports Authenticators with nested combinations of - additional complexity. - - - - - - - - Indicates that the Principal has been strongly - authenticated in a previous session during which the IdP has set a - cookie in the UA. During the present session the Principal has only - been authenticated by the UA returning the cookie to the IdP. - - - - - - - - Rather like PreviousSession but using stronger - security. A secret that was established in a previous session with - the Authentication Authority has been cached by the local system and - is now re-used (e.g. a Master Secret is used to derive new session - keys in TLS, SSL, WTLS). - - - - - - - - This element indicates that the Principal has been - authenticated by a zero knowledge technique as specified in ISO/IEC - 9798-5. - - - - - - - - - - This element indicates that the Principal has been - authenticated by a challenge-response protocol utilizing shared secret - keys and symmetric cryptography. - - - - - - - - - - - - This element indicates that the Principal has been - authenticated by a mechanism which involves the Principal computing a - digital signature over at least challenge data provided by the IdP. - - - - - - - - The local system has a private key but it is used - in decryption mode, rather than signature mode. For example, the - Authentication Authority generates a secret and encrypts it using the - local system's public key: the local system then proves it has - decrypted the secret. - - - - - - - - The local system has a private key and uses it for - shared secret key agreement with the Authentication Authority (e.g. - via Diffie Helman). - - - - - - - - - - - - - - - This element indicates that the Principal has been - authenticated through connection from a particular IP address. - - - - - - - - The local system and Authentication Authority - share a secret key. The local system uses this to encrypt a - randomised string to pass to the Authentication Authority. - - - - - - - - The protocol across which Authenticator information is - transferred to an Authentication Authority verifier. - - - - - - - - This element indicates that the Authenticator has been - transmitted using bare HTTP utilizing no additional security - protocols. - - - - - - - - This element indicates that the Authenticator has been - transmitted using a transport mechanism protected by an IPSEC session. - - - - - - - - This element indicates that the Authenticator has been - transmitted using a transport mechanism protected by a WTLS session. - - - - - - - - This element indicates that the Authenticator has been - transmitted solely across a mobile network using no additional - security mechanism. - - - - - - - - - - - This element indicates that the Authenticator has been - transmitted using a transport mechnanism protected by an SSL or TLS - session. - - - - - - - - - - - - Refers to those characteristics that describe - procedural security controls employed by the Authentication Authority. - - - - - - - - - - - - Provides a mechanism for linking to external (likely - human readable) documents in which additional business agreements, - (e.g. liability constraints, obligations, etc) can be placed. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - This attribute indicates whether or not the - Identification mechanisms allow the actions of the Principal to be - linked to an actual end user. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - This element indicates that the Key Activation Limit is - defined as a specific duration of time. - - - - - - - - This element indicates that the Key Activation Limit is - defined as a number of usages. - - - - - - - - This element indicates that the Key Activation Limit is - the session. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-metadata-2.0.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-metadata-2.0.xsd deleted file mode 100644 index 86e58f9b..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-metadata-2.0.xsd +++ /dev/null @@ -1,336 +0,0 @@ - - - - - - - - - Document identifier: saml-schema-metadata-2.0 - Location: http://docs.oasis-open.org/security/saml/v2.0/ - Revision history: - V2.0 (March, 2005): - Schema for SAML metadata, first published in SAML 2.0. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-protocol-2.0.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-protocol-2.0.xsd deleted file mode 100644 index 7fa6f489..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/saml-schema-protocol-2.0.xsd +++ /dev/null @@ -1,302 +0,0 @@ - - - - - - - Document identifier: saml-schema-protocol-2.0 - Location: http://docs.oasis-open.org/security/saml/v2.0/ - Revision history: - V1.0 (November, 2002): - Initial Standard Schema. - V1.1 (September, 2003): - Updates within the same V1.0 namespace. - V2.0 (March, 2005): - New protocol schema based in a SAML V2.0 namespace. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-metadata-attr.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-metadata-attr.xsd deleted file mode 100644 index f23e462a..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-metadata-attr.xsd +++ /dev/null @@ -1,35 +0,0 @@ - - - - - - Document title: SAML V2.0 Metadata Extention for Entity Attributes Schema - Document identifier: sstc-metadata-attr.xsd - Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security - Revision history: - V1.0 (November 2008): - Initial version. - - - - - - - - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-attribute-ext.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-attribute-ext.xsd deleted file mode 100644 index ad309c14..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-attribute-ext.xsd +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - Document title: SAML V2.0 Attribute Extension Schema - Document identifier: sstc-saml-attribute-ext.xsd - Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security - Revision history: - V1.0 (October 2008): - Initial version. - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-metadata-algsupport-v1.0.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-metadata-algsupport-v1.0.xsd deleted file mode 100644 index 3236ffcd..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-metadata-algsupport-v1.0.xsd +++ /dev/null @@ -1,41 +0,0 @@ - - - - - - Document title: Metadata Extension Schema for SAML V2.0 Metadata Profile for Algorithm Support Version 1.0 - Document identifier: sstc-saml-metadata-algsupport.xsd - Location: http://docs.oasis-open.org/security/saml/Post2.0/ - Revision history: - V1.0 (June 2010): - Initial version. - - - - - - - - - - - - - - - - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-metadata-ui-v1.0.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-metadata-ui-v1.0.xsd deleted file mode 100644 index de0b754a..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/sstc-saml-metadata-ui-v1.0.xsd +++ /dev/null @@ -1,89 +0,0 @@ - - - - - - Document title: Metadata Extension Schema for SAML V2.0 Metadata Extensions for Login and Discovery User Interface Version 1.0 - Document identifier: sstc-saml-metadata-ui-v1.0.xsd - Location: http://docs.oasis-open.org/security/saml/Post2.0/ - Revision history: - 16 November 2010: - Added Keywords element/type. - 01 November 2010 - Changed filename. - September 2010: - Initial version. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xenc-schema.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xenc-schema.xsd deleted file mode 100644 index d6d79103..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xenc-schema.xsd +++ /dev/null @@ -1,136 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xml.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xml.xsd deleted file mode 100644 index aea7d0db..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xml.xsd +++ /dev/null @@ -1,287 +0,0 @@ - - - - - - -
-

About the XML namespace

- -
-

- This schema document describes the XML namespace, in a form - suitable for import by other schema documents. -

-

- See - http://www.w3.org/XML/1998/namespace.html and - - http://www.w3.org/TR/REC-xml for information - about this namespace. -

-

- Note that local names in this namespace are intended to be - defined only by the World Wide Web Consortium or its subgroups. - The names currently defined in this namespace are listed below. - They should not be used with conflicting semantics by any Working - Group, specification, or document instance. -

-

- See further below in this document for more information about how to refer to this schema document from your own - XSD schema documents and about the - namespace-versioning policy governing this schema document. -

-
-
-
-
- - - - -
- -

lang (as an attribute name)

-

- denotes an attribute whose value - is a language code for the natural language of the content of - any element; its value is inherited. This name is reserved - by virtue of its definition in the XML specification.

- -
-
-

Notes

-

- Attempting to install the relevant ISO 2- and 3-letter - codes as the enumerated possible values is probably never - going to be a realistic possibility. -

-

- See BCP 47 at - http://www.rfc-editor.org/rfc/bcp/bcp47.txt - and the IANA language subtag registry at - - http://www.iana.org/assignments/language-subtag-registry - for further information. -

-

- The union allows for the 'un-declaration' of xml:lang with - the empty string. -

-
-
-
- - - - - - - - - -
- - - - -
- -

space (as an attribute name)

-

- denotes an attribute whose - value is a keyword indicating what whitespace processing - discipline is intended for the content of the element; its - value is inherited. This name is reserved by virtue of its - definition in the XML specification.

- -
-
-
- - - - - - -
- - - -
- -

base (as an attribute name)

-

- denotes an attribute whose value - provides a URI to be used as the base for interpreting any - relative URIs in the scope of the element on which it - appears; its value is inherited. This name is reserved - by virtue of its definition in the XML Base specification.

- -

- See http://www.w3.org/TR/xmlbase/ - for information about this attribute. -

-
-
-
-
- - - - -
- -

id (as an attribute name)

-

- denotes an attribute whose value - should be interpreted as if declared to be of type ID. - This name is reserved by virtue of its definition in the - xml:id specification.

- -

- See http://www.w3.org/TR/xml-id/ - for information about this attribute. -

-
-
-
-
- - - - - - - - - - -
- -

Father (in any context at all)

- -
-

- denotes Jon Bosak, the chair of - the original XML Working Group. This name is reserved by - the following decision of the W3C XML Plenary and - XML Coordination groups: -

-
-

- In appreciation for his vision, leadership and - dedication the W3C XML Plenary on this 10th day of - February, 2000, reserves for Jon Bosak in perpetuity - the XML name "xml:Father". -

-
-
-
-
-
- - - -
-

About this schema document

- -
-

- This schema defines attributes and an attribute group suitable - for use by schemas wishing to allow xml:base, - xml:lang, xml:space or - xml:id attributes on elements they define. -

-

- To enable this, such a schema must import this schema for - the XML namespace, e.g. as follows: -

-
-          <schema . . .>
-           . . .
-           <import namespace="http://www.w3.org/XML/1998/namespace"
-                      schemaLocation="http://www.w3.org/2001/xml.xsd"/>
-     
-

- or -

-
-           <import namespace="http://www.w3.org/XML/1998/namespace"
-                      schemaLocation="http://www.w3.org/2009/01/xml.xsd"/>
-     
-

- Subsequently, qualified reference to any of the attributes or the - group defined below will have the desired effect, e.g. -

-
-          <type . . .>
-           . . .
-           <attributeGroup ref="xml:specialAttrs"/>
-     
-

- will define a type which will schema-validate an instance element - with any of those attributes. -

-
-
-
-
- - - -
-

Versioning policy for this schema document

-
-

- In keeping with the XML Schema WG's standard versioning - policy, this schema document will persist at - - http://www.w3.org/2009/01/xml.xsd. -

-

- At the date of issue it can also be found at - - http://www.w3.org/2001/xml.xsd. -

-

- The schema document at that URI may however change in the future, - in order to remain compatible with the latest version of XML - Schema itself, or with the XML namespace itself. In other words, - if the XML Schema or XML namespaces change, the version of this - document at - http://www.w3.org/2001/xml.xsd - - will change accordingly; the version at - - http://www.w3.org/2009/01/xml.xsd - - will not change. -

-

- Previous dated (and unchanging) versions of this schema - document are at: -

- -
-
-
-
- -
- diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xmldsig-core-schema.xsd b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xmldsig-core-schema.xsd deleted file mode 100644 index 6f5acc75..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/schemas/xmldsig-core-schema.xsd +++ /dev/null @@ -1,309 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/version.json b/plugins/auth/vendor/onelogin/php-saml/src/Saml2/version.json deleted file mode 100644 index 2367ebec..00000000 --- a/plugins/auth/vendor/onelogin/php-saml/src/Saml2/version.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "php-saml": { - "version": "3.6.1", - "released": "02/03/2021" - } -} - diff --git a/plugins/auth/vendor/paragonie/random_compat/LICENSE b/plugins/auth/vendor/paragonie/random_compat/LICENSE deleted file mode 100644 index 45c7017d..00000000 --- a/plugins/auth/vendor/paragonie/random_compat/LICENSE +++ /dev/null @@ -1,22 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2015 Paragon Initiative Enterprises - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - diff --git a/plugins/auth/vendor/paragonie/random_compat/build-phar.sh b/plugins/auth/vendor/paragonie/random_compat/build-phar.sh deleted file mode 100755 index b4a5ba31..00000000 --- a/plugins/auth/vendor/paragonie/random_compat/build-phar.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/env bash - -basedir=$( dirname $( readlink -f ${BASH_SOURCE[0]} ) ) - -php -dphar.readonly=0 "$basedir/other/build_phar.php" $* \ No newline at end of file diff --git a/plugins/auth/vendor/paragonie/random_compat/composer.json b/plugins/auth/vendor/paragonie/random_compat/composer.json deleted file mode 100644 index f2b9c4e5..00000000 --- a/plugins/auth/vendor/paragonie/random_compat/composer.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "name": "paragonie/random_compat", - "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", - "keywords": [ - "csprng", - "random", - "polyfill", - "pseudorandom" - ], - "license": "MIT", - "type": "library", - "authors": [ - { - "name": "Paragon Initiative Enterprises", - "email": "security@paragonie.com", - "homepage": "https://paragonie.com" - } - ], - "support": { - "issues": "https://github.com/paragonie/random_compat/issues", - "email": "info@paragonie.com", - "source": "https://github.com/paragonie/random_compat" - }, - "require": { - "php": ">= 7" - }, - "require-dev": { - "vimeo/psalm": "^1", - "phpunit/phpunit": "4.*|5.*" - }, - "suggest": { - "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." - } -} diff --git a/plugins/auth/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey b/plugins/auth/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey deleted file mode 100644 index eb50ebfc..00000000 --- a/plugins/auth/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN PUBLIC KEY----- -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEEd+wCqJDrx5B4OldM0dQE0ZMX+lx1ZWm -pui0SUqD4G29L3NGsz9UhJ/0HjBdbnkhIK5xviT0X5vtjacF6ajgcCArbTB+ds+p -+h7Q084NuSuIpNb6YPfoUFgC/CL9kAoc ------END PUBLIC KEY----- diff --git a/plugins/auth/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc b/plugins/auth/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc deleted file mode 100644 index 6a1d7f30..00000000 --- a/plugins/auth/vendor/paragonie/random_compat/dist/random_compat.phar.pubkey.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.22 (MingW32) - -iQEcBAABAgAGBQJWtW1hAAoJEGuXocKCZATaJf0H+wbZGgskK1dcRTsuVJl9IWip -QwGw/qIKI280SD6/ckoUMxKDCJiFuPR14zmqnS36k7N5UNPnpdTJTS8T11jttSpg -1LCmgpbEIpgaTah+cELDqFCav99fS+bEiAL5lWDAHBTE/XPjGVCqeehyPYref4IW -NDBIEsvnHPHPLsn6X5jq4+Yj5oUixgxaMPiR+bcO4Sh+RzOVB6i2D0upWfRXBFXA -NNnsg9/zjvoC7ZW73y9uSH+dPJTt/Vgfeiv52/v41XliyzbUyLalf02GNPY+9goV -JHG1ulEEBJOCiUD9cE1PUIJwHA/HqyhHIvV350YoEFiHl8iSwm7SiZu5kPjaq74= -=B6+8 ------END PGP SIGNATURE----- diff --git a/plugins/auth/vendor/paragonie/random_compat/lib/random.php b/plugins/auth/vendor/paragonie/random_compat/lib/random.php deleted file mode 100644 index c7731a56..00000000 --- a/plugins/auth/vendor/paragonie/random_compat/lib/random.php +++ /dev/null @@ -1,32 +0,0 @@ -buildFromDirectory(dirname(__DIR__).'/lib'); -rename( - dirname(__DIR__).'/lib/index.php', - dirname(__DIR__).'/lib/random.php' -); - -/** - * If we pass an (optional) path to a private key as a second argument, we will - * sign the Phar with OpenSSL. - * - * If you leave this out, it will produce an unsigned .phar! - */ -if ($argc > 1) { - if (!@is_readable($argv[1])) { - echo 'Could not read the private key file:', $argv[1], "\n"; - exit(255); - } - $pkeyFile = file_get_contents($argv[1]); - - $private = openssl_get_privatekey($pkeyFile); - if ($private !== false) { - $pkey = ''; - openssl_pkey_export($private, $pkey); - $phar->setSignatureAlgorithm(Phar::OPENSSL, $pkey); - - /** - * Save the corresponding public key to the file - */ - if (!@is_readable($dist.'/random_compat.phar.pubkey')) { - $details = openssl_pkey_get_details($private); - file_put_contents( - $dist.'/random_compat.phar.pubkey', - $details['key'] - ); - } - } else { - echo 'An error occurred reading the private key from OpenSSL.', "\n"; - exit(255); - } -} diff --git a/plugins/auth/vendor/paragonie/random_compat/psalm-autoload.php b/plugins/auth/vendor/paragonie/random_compat/psalm-autoload.php deleted file mode 100644 index d71d1b81..00000000 --- a/plugins/auth/vendor/paragonie/random_compat/psalm-autoload.php +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - - - - - - - diff --git a/plugins/auth/vendor/psr/http-client/CHANGELOG.md b/plugins/auth/vendor/psr/http-client/CHANGELOG.md deleted file mode 100644 index e2dc25f5..00000000 --- a/plugins/auth/vendor/psr/http-client/CHANGELOG.md +++ /dev/null @@ -1,23 +0,0 @@ -# Changelog - -All notable changes to this project will be documented in this file, in reverse chronological order by release. - -## 1.0.1 - -Allow installation with PHP 8. No code changes. - -## 1.0.0 - -First stable release. No changes since 0.3.0. - -## 0.3.0 - -Added Interface suffix on exceptions - -## 0.2.0 - -All exceptions are in `Psr\Http\Client` namespace - -## 0.1.0 - -First release diff --git a/plugins/auth/vendor/psr/http-client/LICENSE b/plugins/auth/vendor/psr/http-client/LICENSE deleted file mode 100644 index cd5e0020..00000000 --- a/plugins/auth/vendor/psr/http-client/LICENSE +++ /dev/null @@ -1,19 +0,0 @@ -Copyright (c) 2017 PHP Framework Interoperability Group - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/plugins/auth/vendor/psr/http-client/README.md b/plugins/auth/vendor/psr/http-client/README.md deleted file mode 100644 index 6876b840..00000000 --- a/plugins/auth/vendor/psr/http-client/README.md +++ /dev/null @@ -1,12 +0,0 @@ -HTTP Client -=========== - -This repository holds all the common code related to [PSR-18 (HTTP Client)][psr-url]. - -Note that this is not a HTTP Client implementation of its own. It is merely abstractions that describe the components of a HTTP Client. - -The installable [package][package-url] and [implementations][implementation-url] are listed on Packagist. - -[psr-url]: http://www.php-fig.org/psr/psr-18 -[package-url]: https://packagist.org/packages/psr/http-client -[implementation-url]: https://packagist.org/providers/psr/http-client-implementation diff --git a/plugins/auth/vendor/psr/http-client/composer.json b/plugins/auth/vendor/psr/http-client/composer.json deleted file mode 100644 index c195f8ff..00000000 --- a/plugins/auth/vendor/psr/http-client/composer.json +++ /dev/null @@ -1,27 +0,0 @@ -{ - "name": "psr/http-client", - "description": "Common interface for HTTP clients", - "keywords": ["psr", "psr-18", "http", "http-client"], - "homepage": "https://github.com/php-fig/http-client", - "license": "MIT", - "authors": [ - { - "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" - } - ], - "require": { - "php": "^7.0 || ^8.0", - "psr/http-message": "^1.0" - }, - "autoload": { - "psr-4": { - "Psr\\Http\\Client\\": "src/" - } - }, - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - } -} diff --git a/plugins/auth/vendor/psr/http-client/src/ClientExceptionInterface.php b/plugins/auth/vendor/psr/http-client/src/ClientExceptionInterface.php deleted file mode 100644 index aa0b9cf1..00000000 --- a/plugins/auth/vendor/psr/http-client/src/ClientExceptionInterface.php +++ /dev/null @@ -1,10 +0,0 @@ -=7.0.0", - "psr/http-message": "^1.0" - }, - "autoload": { - "psr-4": { - "Psr\\Http\\Message\\": "src/" - } - }, - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - } -} diff --git a/plugins/auth/vendor/psr/http-factory/src/RequestFactoryInterface.php b/plugins/auth/vendor/psr/http-factory/src/RequestFactoryInterface.php deleted file mode 100644 index cb39a08b..00000000 --- a/plugins/auth/vendor/psr/http-factory/src/RequestFactoryInterface.php +++ /dev/null @@ -1,18 +0,0 @@ -=5.3.0" - }, - "autoload": { - "psr-4": { - "Psr\\Http\\Message\\": "src/" - } - }, - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - } -} diff --git a/plugins/auth/vendor/psr/http-message/src/MessageInterface.php b/plugins/auth/vendor/psr/http-message/src/MessageInterface.php deleted file mode 100644 index dd46e5ec..00000000 --- a/plugins/auth/vendor/psr/http-message/src/MessageInterface.php +++ /dev/null @@ -1,187 +0,0 @@ -getHeaders() as $name => $values) { - * echo $name . ": " . implode(", ", $values); - * } - * - * // Emit headers iteratively: - * foreach ($message->getHeaders() as $name => $values) { - * foreach ($values as $value) { - * header(sprintf('%s: %s', $name, $value), false); - * } - * } - * - * While header names are not case-sensitive, getHeaders() will preserve the - * exact case in which headers were originally specified. - * - * @return string[][] Returns an associative array of the message's headers. Each - * key MUST be a header name, and each value MUST be an array of strings - * for that header. - */ - public function getHeaders(); - - /** - * Checks if a header exists by the given case-insensitive name. - * - * @param string $name Case-insensitive header field name. - * @return bool Returns true if any header names match the given header - * name using a case-insensitive string comparison. Returns false if - * no matching header name is found in the message. - */ - public function hasHeader($name); - - /** - * Retrieves a message header value by the given case-insensitive name. - * - * This method returns an array of all the header values of the given - * case-insensitive header name. - * - * If the header does not appear in the message, this method MUST return an - * empty array. - * - * @param string $name Case-insensitive header field name. - * @return string[] An array of string values as provided for the given - * header. If the header does not appear in the message, this method MUST - * return an empty array. - */ - public function getHeader($name); - - /** - * Retrieves a comma-separated string of the values for a single header. - * - * This method returns all of the header values of the given - * case-insensitive header name as a string concatenated together using - * a comma. - * - * NOTE: Not all header values may be appropriately represented using - * comma concatenation. For such headers, use getHeader() instead - * and supply your own delimiter when concatenating. - * - * If the header does not appear in the message, this method MUST return - * an empty string. - * - * @param string $name Case-insensitive header field name. - * @return string A string of values as provided for the given header - * concatenated together using a comma. If the header does not appear in - * the message, this method MUST return an empty string. - */ - public function getHeaderLine($name); - - /** - * Return an instance with the provided value replacing the specified header. - * - * While header names are case-insensitive, the casing of the header will - * be preserved by this function, and returned from getHeaders(). - * - * This method MUST be implemented in such a way as to retain the - * immutability of the message, and MUST return an instance that has the - * new and/or updated header and value. - * - * @param string $name Case-insensitive header field name. - * @param string|string[] $value Header value(s). - * @return static - * @throws \InvalidArgumentException for invalid header names or values. - */ - public function withHeader($name, $value); - - /** - * Return an instance with the specified header appended with the given value. - * - * Existing values for the specified header will be maintained. The new - * value(s) will be appended to the existing list. If the header did not - * exist previously, it will be added. - * - * This method MUST be implemented in such a way as to retain the - * immutability of the message, and MUST return an instance that has the - * new header and/or value. - * - * @param string $name Case-insensitive header field name to add. - * @param string|string[] $value Header value(s). - * @return static - * @throws \InvalidArgumentException for invalid header names or values. - */ - public function withAddedHeader($name, $value); - - /** - * Return an instance without the specified header. - * - * Header resolution MUST be done without case-sensitivity. - * - * This method MUST be implemented in such a way as to retain the - * immutability of the message, and MUST return an instance that removes - * the named header. - * - * @param string $name Case-insensitive header field name to remove. - * @return static - */ - public function withoutHeader($name); - - /** - * Gets the body of the message. - * - * @return StreamInterface Returns the body as a stream. - */ - public function getBody(); - - /** - * Return an instance with the specified message body. - * - * The body MUST be a StreamInterface object. - * - * This method MUST be implemented in such a way as to retain the - * immutability of the message, and MUST return a new instance that has the - * new body stream. - * - * @param StreamInterface $body Body. - * @return static - * @throws \InvalidArgumentException When the body is not valid. - */ - public function withBody(StreamInterface $body); -} diff --git a/plugins/auth/vendor/psr/http-message/src/RequestInterface.php b/plugins/auth/vendor/psr/http-message/src/RequestInterface.php deleted file mode 100644 index a96d4fd6..00000000 --- a/plugins/auth/vendor/psr/http-message/src/RequestInterface.php +++ /dev/null @@ -1,129 +0,0 @@ -getQuery()` - * or from the `QUERY_STRING` server param. - * - * @return array - */ - public function getQueryParams(); - - /** - * Return an instance with the specified query string arguments. - * - * These values SHOULD remain immutable over the course of the incoming - * request. They MAY be injected during instantiation, such as from PHP's - * $_GET superglobal, or MAY be derived from some other value such as the - * URI. In cases where the arguments are parsed from the URI, the data - * MUST be compatible with what PHP's parse_str() would return for - * purposes of how duplicate query parameters are handled, and how nested - * sets are handled. - * - * Setting query string arguments MUST NOT change the URI stored by the - * request, nor the values in the server params. - * - * This method MUST be implemented in such a way as to retain the - * immutability of the message, and MUST return an instance that has the - * updated query string arguments. - * - * @param array $query Array of query string arguments, typically from - * $_GET. - * @return static - */ - public function withQueryParams(array $query); - - /** - * Retrieve normalized file upload data. - * - * This method returns upload metadata in a normalized tree, with each leaf - * an instance of Psr\Http\Message\UploadedFileInterface. - * - * These values MAY be prepared from $_FILES or the message body during - * instantiation, or MAY be injected via withUploadedFiles(). - * - * @return array An array tree of UploadedFileInterface instances; an empty - * array MUST be returned if no data is present. - */ - public function getUploadedFiles(); - - /** - * Create a new instance with the specified uploaded files. - * - * This method MUST be implemented in such a way as to retain the - * immutability of the message, and MUST return an instance that has the - * updated body parameters. - * - * @param array $uploadedFiles An array tree of UploadedFileInterface instances. - * @return static - * @throws \InvalidArgumentException if an invalid structure is provided. - */ - public function withUploadedFiles(array $uploadedFiles); - - /** - * Retrieve any parameters provided in the request body. - * - * If the request Content-Type is either application/x-www-form-urlencoded - * or multipart/form-data, and the request method is POST, this method MUST - * return the contents of $_POST. - * - * Otherwise, this method may return any results of deserializing - * the request body content; as parsing returns structured content, the - * potential types MUST be arrays or objects only. A null value indicates - * the absence of body content. - * - * @return null|array|object The deserialized body parameters, if any. - * These will typically be an array or object. - */ - public function getParsedBody(); - - /** - * Return an instance with the specified body parameters. - * - * These MAY be injected during instantiation. - * - * If the request Content-Type is either application/x-www-form-urlencoded - * or multipart/form-data, and the request method is POST, use this method - * ONLY to inject the contents of $_POST. - * - * The data IS NOT REQUIRED to come from $_POST, but MUST be the results of - * deserializing the request body content. Deserialization/parsing returns - * structured data, and, as such, this method ONLY accepts arrays or objects, - * or a null value if nothing was available to parse. - * - * As an example, if content negotiation determines that the request data - * is a JSON payload, this method could be used to create a request - * instance with the deserialized parameters. - * - * This method MUST be implemented in such a way as to retain the - * immutability of the message, and MUST return an instance that has the - * updated body parameters. - * - * @param null|array|object $data The deserialized body data. This will - * typically be in an array or object. - * @return static - * @throws \InvalidArgumentException if an unsupported argument type is - * provided. - */ - public function withParsedBody($data); - - /** - * Retrieve attributes derived from the request. - * - * The request "attributes" may be used to allow injection of any - * parameters derived from the request: e.g., the results of path - * match operations; the results of decrypting cookies; the results of - * deserializing non-form-encoded message bodies; etc. Attributes - * will be application and request specific, and CAN be mutable. - * - * @return array Attributes derived from the request. - */ - public function getAttributes(); - - /** - * Retrieve a single derived request attribute. - * - * Retrieves a single derived request attribute as described in - * getAttributes(). If the attribute has not been previously set, returns - * the default value as provided. - * - * This method obviates the need for a hasAttribute() method, as it allows - * specifying a default value to return if the attribute is not found. - * - * @see getAttributes() - * @param string $name The attribute name. - * @param mixed $default Default value to return if the attribute does not exist. - * @return mixed - */ - public function getAttribute($name, $default = null); - - /** - * Return an instance with the specified derived request attribute. - * - * This method allows setting a single derived request attribute as - * described in getAttributes(). - * - * This method MUST be implemented in such a way as to retain the - * immutability of the message, and MUST return an instance that has the - * updated attribute. - * - * @see getAttributes() - * @param string $name The attribute name. - * @param mixed $value The value of the attribute. - * @return static - */ - public function withAttribute($name, $value); - - /** - * Return an instance that removes the specified derived request attribute. - * - * This method allows removing a single derived request attribute as - * described in getAttributes(). - * - * This method MUST be implemented in such a way as to retain the - * immutability of the message, and MUST return an instance that removes - * the attribute. - * - * @see getAttributes() - * @param string $name The attribute name. - * @return static - */ - public function withoutAttribute($name); -} diff --git a/plugins/auth/vendor/psr/http-message/src/StreamInterface.php b/plugins/auth/vendor/psr/http-message/src/StreamInterface.php deleted file mode 100644 index f68f3912..00000000 --- a/plugins/auth/vendor/psr/http-message/src/StreamInterface.php +++ /dev/null @@ -1,158 +0,0 @@ - - * [user-info@]host[:port] - * - * - * If the port component is not set or is the standard port for the current - * scheme, it SHOULD NOT be included. - * - * @see https://tools.ietf.org/html/rfc3986#section-3.2 - * @return string The URI authority, in "[user-info@]host[:port]" format. - */ - public function getAuthority(); - - /** - * Retrieve the user information component of the URI. - * - * If no user information is present, this method MUST return an empty - * string. - * - * If a user is present in the URI, this will return that value; - * additionally, if the password is also present, it will be appended to the - * user value, with a colon (":") separating the values. - * - * The trailing "@" character is not part of the user information and MUST - * NOT be added. - * - * @return string The URI user information, in "username[:password]" format. - */ - public function getUserInfo(); - - /** - * Retrieve the host component of the URI. - * - * If no host is present, this method MUST return an empty string. - * - * The value returned MUST be normalized to lowercase, per RFC 3986 - * Section 3.2.2. - * - * @see http://tools.ietf.org/html/rfc3986#section-3.2.2 - * @return string The URI host. - */ - public function getHost(); - - /** - * Retrieve the port component of the URI. - * - * If a port is present, and it is non-standard for the current scheme, - * this method MUST return it as an integer. If the port is the standard port - * used with the current scheme, this method SHOULD return null. - * - * If no port is present, and no scheme is present, this method MUST return - * a null value. - * - * If no port is present, but a scheme is present, this method MAY return - * the standard port for that scheme, but SHOULD return null. - * - * @return null|int The URI port. - */ - public function getPort(); - - /** - * Retrieve the path component of the URI. - * - * The path can either be empty or absolute (starting with a slash) or - * rootless (not starting with a slash). Implementations MUST support all - * three syntaxes. - * - * Normally, the empty path "" and absolute path "/" are considered equal as - * defined in RFC 7230 Section 2.7.3. But this method MUST NOT automatically - * do this normalization because in contexts with a trimmed base path, e.g. - * the front controller, this difference becomes significant. It's the task - * of the user to handle both "" and "/". - * - * The value returned MUST be percent-encoded, but MUST NOT double-encode - * any characters. To determine what characters to encode, please refer to - * RFC 3986, Sections 2 and 3.3. - * - * As an example, if the value should include a slash ("/") not intended as - * delimiter between path segments, that value MUST be passed in encoded - * form (e.g., "%2F") to the instance. - * - * @see https://tools.ietf.org/html/rfc3986#section-2 - * @see https://tools.ietf.org/html/rfc3986#section-3.3 - * @return string The URI path. - */ - public function getPath(); - - /** - * Retrieve the query string of the URI. - * - * If no query string is present, this method MUST return an empty string. - * - * The leading "?" character is not part of the query and MUST NOT be - * added. - * - * The value returned MUST be percent-encoded, but MUST NOT double-encode - * any characters. To determine what characters to encode, please refer to - * RFC 3986, Sections 2 and 3.4. - * - * As an example, if a value in a key/value pair of the query string should - * include an ampersand ("&") not intended as a delimiter between values, - * that value MUST be passed in encoded form (e.g., "%26") to the instance. - * - * @see https://tools.ietf.org/html/rfc3986#section-2 - * @see https://tools.ietf.org/html/rfc3986#section-3.4 - * @return string The URI query string. - */ - public function getQuery(); - - /** - * Retrieve the fragment component of the URI. - * - * If no fragment is present, this method MUST return an empty string. - * - * The leading "#" character is not part of the fragment and MUST NOT be - * added. - * - * The value returned MUST be percent-encoded, but MUST NOT double-encode - * any characters. To determine what characters to encode, please refer to - * RFC 3986, Sections 2 and 3.5. - * - * @see https://tools.ietf.org/html/rfc3986#section-2 - * @see https://tools.ietf.org/html/rfc3986#section-3.5 - * @return string The URI fragment. - */ - public function getFragment(); - - /** - * Return an instance with the specified scheme. - * - * This method MUST retain the state of the current instance, and return - * an instance that contains the specified scheme. - * - * Implementations MUST support the schemes "http" and "https" case - * insensitively, and MAY accommodate other schemes if required. - * - * An empty scheme is equivalent to removing the scheme. - * - * @param string $scheme The scheme to use with the new instance. - * @return static A new instance with the specified scheme. - * @throws \InvalidArgumentException for invalid or unsupported schemes. - */ - public function withScheme($scheme); - - /** - * Return an instance with the specified user information. - * - * This method MUST retain the state of the current instance, and return - * an instance that contains the specified user information. - * - * Password is optional, but the user information MUST include the - * user; an empty string for the user is equivalent to removing user - * information. - * - * @param string $user The user name to use for authority. - * @param null|string $password The password associated with $user. - * @return static A new instance with the specified user information. - */ - public function withUserInfo($user, $password = null); - - /** - * Return an instance with the specified host. - * - * This method MUST retain the state of the current instance, and return - * an instance that contains the specified host. - * - * An empty host value is equivalent to removing the host. - * - * @param string $host The hostname to use with the new instance. - * @return static A new instance with the specified host. - * @throws \InvalidArgumentException for invalid hostnames. - */ - public function withHost($host); - - /** - * Return an instance with the specified port. - * - * This method MUST retain the state of the current instance, and return - * an instance that contains the specified port. - * - * Implementations MUST raise an exception for ports outside the - * established TCP and UDP port ranges. - * - * A null value provided for the port is equivalent to removing the port - * information. - * - * @param null|int $port The port to use with the new instance; a null value - * removes the port information. - * @return static A new instance with the specified port. - * @throws \InvalidArgumentException for invalid ports. - */ - public function withPort($port); - - /** - * Return an instance with the specified path. - * - * This method MUST retain the state of the current instance, and return - * an instance that contains the specified path. - * - * The path can either be empty or absolute (starting with a slash) or - * rootless (not starting with a slash). Implementations MUST support all - * three syntaxes. - * - * If the path is intended to be domain-relative rather than path relative then - * it must begin with a slash ("/"). Paths not starting with a slash ("/") - * are assumed to be relative to some base path known to the application or - * consumer. - * - * Users can provide both encoded and decoded path characters. - * Implementations ensure the correct encoding as outlined in getPath(). - * - * @param string $path The path to use with the new instance. - * @return static A new instance with the specified path. - * @throws \InvalidArgumentException for invalid paths. - */ - public function withPath($path); - - /** - * Return an instance with the specified query string. - * - * This method MUST retain the state of the current instance, and return - * an instance that contains the specified query string. - * - * Users can provide both encoded and decoded query characters. - * Implementations ensure the correct encoding as outlined in getQuery(). - * - * An empty query string value is equivalent to removing the query string. - * - * @param string $query The query string to use with the new instance. - * @return static A new instance with the specified query string. - * @throws \InvalidArgumentException for invalid query strings. - */ - public function withQuery($query); - - /** - * Return an instance with the specified URI fragment. - * - * This method MUST retain the state of the current instance, and return - * an instance that contains the specified URI fragment. - * - * Users can provide both encoded and decoded fragment characters. - * Implementations ensure the correct encoding as outlined in getFragment(). - * - * An empty fragment value is equivalent to removing the fragment. - * - * @param string $fragment The fragment to use with the new instance. - * @return static A new instance with the specified fragment. - */ - public function withFragment($fragment); - - /** - * Return the string representation as a URI reference. - * - * Depending on which components of the URI are present, the resulting - * string is either a full URI or relative reference according to RFC 3986, - * Section 4.1. The method concatenates the various components of the URI, - * using the appropriate delimiters: - * - * - If a scheme is present, it MUST be suffixed by ":". - * - If an authority is present, it MUST be prefixed by "//". - * - The path can be concatenated without delimiters. But there are two - * cases where the path has to be adjusted to make the URI reference - * valid as PHP does not allow to throw an exception in __toString(): - * - If the path is rootless and an authority is present, the path MUST - * be prefixed by "/". - * - If the path is starting with more than one "/" and no authority is - * present, the starting slashes MUST be reduced to one. - * - If a query is present, it MUST be prefixed by "?". - * - If a fragment is present, it MUST be prefixed by "#". - * - * @see http://tools.ietf.org/html/rfc3986#section-4.1 - * @return string - */ - public function __toString(); -} diff --git a/plugins/auth/vendor/psr/log/LICENSE b/plugins/auth/vendor/psr/log/LICENSE deleted file mode 100644 index 474c952b..00000000 --- a/plugins/auth/vendor/psr/log/LICENSE +++ /dev/null @@ -1,19 +0,0 @@ -Copyright (c) 2012 PHP Framework Interoperability Group - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/plugins/auth/vendor/psr/log/README.md b/plugins/auth/vendor/psr/log/README.md deleted file mode 100644 index a9f20c43..00000000 --- a/plugins/auth/vendor/psr/log/README.md +++ /dev/null @@ -1,58 +0,0 @@ -PSR Log -======= - -This repository holds all interfaces/classes/traits related to -[PSR-3](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md). - -Note that this is not a logger of its own. It is merely an interface that -describes a logger. See the specification for more details. - -Installation ------------- - -```bash -composer require psr/log -``` - -Usage ------ - -If you need a logger, you can use the interface like this: - -```php -logger = $logger; - } - - public function doSomething() - { - if ($this->logger) { - $this->logger->info('Doing work'); - } - - try { - $this->doSomethingElse(); - } catch (Exception $exception) { - $this->logger->error('Oh no!', array('exception' => $exception)); - } - - // do something useful - } -} -``` - -You can then pick one of the implementations of the interface to get a logger. - -If you want to implement the interface, you can require this package and -implement `Psr\Log\LoggerInterface` in your code. Please read the -[specification text](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md) -for details. diff --git a/plugins/auth/vendor/psr/log/composer.json b/plugins/auth/vendor/psr/log/composer.json deleted file mode 100644 index ca056953..00000000 --- a/plugins/auth/vendor/psr/log/composer.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "name": "psr/log", - "description": "Common interface for logging libraries", - "keywords": ["psr", "psr-3", "log"], - "homepage": "https://github.com/php-fig/log", - "license": "MIT", - "authors": [ - { - "name": "PHP-FIG", - "homepage": "https://www.php-fig.org/" - } - ], - "require": { - "php": ">=5.3.0" - }, - "autoload": { - "psr-4": { - "Psr\\Log\\": "Psr/Log/" - } - }, - "extra": { - "branch-alias": { - "dev-master": "1.1.x-dev" - } - } -} diff --git a/plugins/auth/vendor/ralouphie/getallheaders/LICENSE b/plugins/auth/vendor/ralouphie/getallheaders/LICENSE deleted file mode 100644 index be5540c2..00000000 --- a/plugins/auth/vendor/ralouphie/getallheaders/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2014 Ralph Khattar - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/plugins/auth/vendor/ralouphie/getallheaders/README.md b/plugins/auth/vendor/ralouphie/getallheaders/README.md deleted file mode 100644 index 9430d76b..00000000 --- a/plugins/auth/vendor/ralouphie/getallheaders/README.md +++ /dev/null @@ -1,27 +0,0 @@ -getallheaders -============= - -PHP `getallheaders()` polyfill. Compatible with PHP >= 5.3. - -[![Build Status](https://travis-ci.org/ralouphie/getallheaders.svg?branch=master)](https://travis-ci.org/ralouphie/getallheaders) -[![Coverage Status](https://coveralls.io/repos/ralouphie/getallheaders/badge.png?branch=master)](https://coveralls.io/r/ralouphie/getallheaders?branch=master) -[![Latest Stable Version](https://poser.pugx.org/ralouphie/getallheaders/v/stable.png)](https://packagist.org/packages/ralouphie/getallheaders) -[![Latest Unstable Version](https://poser.pugx.org/ralouphie/getallheaders/v/unstable.png)](https://packagist.org/packages/ralouphie/getallheaders) -[![License](https://poser.pugx.org/ralouphie/getallheaders/license.png)](https://packagist.org/packages/ralouphie/getallheaders) - - -This is a simple polyfill for [`getallheaders()`](http://www.php.net/manual/en/function.getallheaders.php). - -## Install - -For PHP version **`>= 5.6`**: - -``` -composer require ralouphie/getallheaders -``` - -For PHP version **`< 5.6`**: - -``` -composer require ralouphie/getallheaders "^2" -``` diff --git a/plugins/auth/vendor/ralouphie/getallheaders/composer.json b/plugins/auth/vendor/ralouphie/getallheaders/composer.json deleted file mode 100644 index de8ce62e..00000000 --- a/plugins/auth/vendor/ralouphie/getallheaders/composer.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "name": "ralouphie/getallheaders", - "description": "A polyfill for getallheaders.", - "license": "MIT", - "authors": [ - { - "name": "Ralph Khattar", - "email": "ralph.khattar@gmail.com" - } - ], - "require": { - "php": ">=5.6" - }, - "require-dev": { - "phpunit/phpunit": "^5 || ^6.5", - "php-coveralls/php-coveralls": "^2.1" - }, - "autoload": { - "files": ["src/getallheaders.php"] - }, - "autoload-dev": { - "psr-4": { - "getallheaders\\Tests\\": "tests/" - } - } -} diff --git a/plugins/auth/vendor/ralouphie/getallheaders/src/getallheaders.php b/plugins/auth/vendor/ralouphie/getallheaders/src/getallheaders.php deleted file mode 100644 index c7285a5b..00000000 --- a/plugins/auth/vendor/ralouphie/getallheaders/src/getallheaders.php +++ /dev/null @@ -1,46 +0,0 @@ - 'Content-Type', - 'CONTENT_LENGTH' => 'Content-Length', - 'CONTENT_MD5' => 'Content-Md5', - ); - - foreach ($_SERVER as $key => $value) { - if (substr($key, 0, 5) === 'HTTP_') { - $key = substr($key, 5); - if (!isset($copy_server[$key]) || !isset($_SERVER[$key])) { - $key = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', $key)))); - $headers[$key] = $value; - } - } elseif (isset($copy_server[$key])) { - $headers[$copy_server[$key]] = $value; - } - } - - if (!isset($headers['Authorization'])) { - if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) { - $headers['Authorization'] = $_SERVER['REDIRECT_HTTP_AUTHORIZATION']; - } elseif (isset($_SERVER['PHP_AUTH_USER'])) { - $basic_pass = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : ''; - $headers['Authorization'] = 'Basic ' . base64_encode($_SERVER['PHP_AUTH_USER'] . ':' . $basic_pass); - } elseif (isset($_SERVER['PHP_AUTH_DIGEST'])) { - $headers['Authorization'] = $_SERVER['PHP_AUTH_DIGEST']; - } - } - - return $headers; - } - -} diff --git a/plugins/auth/vendor/robrichards/xmlseclibs/CHANGELOG.txt b/plugins/auth/vendor/robrichards/xmlseclibs/CHANGELOG.txt deleted file mode 100644 index 351b1042..00000000 --- a/plugins/auth/vendor/robrichards/xmlseclibs/CHANGELOG.txt +++ /dev/null @@ -1,228 +0,0 @@ -xmlseclibs.php -||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -05, Sep 2020, 3.1.1 -Features: -- Support OAEP (iggyvolz) - -Bug Fixes: -- Fix AES128 (iggyvolz) - -Improvements: -- Fix tests for older PHP - -22, Apr 2020, 3.1.0 -Features: -- Support AES-GCM. Requires PHP 7.1. (François Kooman) - -Improvements: -- Fix Travis tests for older PHP versions. -- Use DOMElement interface to fix some IDEs reporting documentation errors - -Bug Fixes: -- FIX missing InclusiveNamespaces PrefixList from Java + Apache WSS4J. (njake) - -06, Nov 2019, 3.0.4 -Security Improvements: -- Insure only a single SignedInfo element exists within a signature during - verification. Refs CVE-2019-3465. -Bug Fixes: -- Fix variable casing. - -15, Nov 2018, 3.0.3 -Bug Fixes: -- Fix casing of class name. (Willem Stuursma-Ruwen) -- Fix Xpath casing. (Tim van Dijen) - -Improvements: -- Make PCRE2 compliant. (Stefan Winter) -- Add PHP 7.3 support. (Stefan Winter) - -27, Sep 2018, 3.0.2 -Security Improvements: -- OpenSSL is now a requirement rather than suggestion. (Slaven Bacelic) -- Filter input to avoid XPath injection. (Jaime Pérez) - -Bug Fixes: -- Fix missing parentheses (Tim van Dijen) - -Improvements: -- Use strict comparison operator to compare digest values. (Jaime Pérez) -- Remove call to file_get_contents that doesn't even work. (Jaime Pérez) -- Document potentially dangerous return value behaviour. (Thijs Kinkhorst) - -31, Aug 2017, 3.0.1 -Bug Fixes: -- Fixed missing () in function call. (Dennis Væversted) - -Improvements: -- Add OneLogin to supported software. -- Add .gitattributes to remove unneeded files. (Filippo Tessarotto) -- Fix bug in example code. (Dan Church) -- Travis: add PHP 7.1, move hhvm to allowed failures. (Thijs Kinkhorst) -- Drop failing extract-win-cert test (Thijs Kinkhorst). (Thijs Kinkhorst) -- Add comments to warn about return values of verify(). (Thijs Kinkhorst) -- Fix tests to properly check return code of verify(). (Thijs Kinkhorst) -- Restore support for PHP >= 5.4. (Jaime Pérez) - -25, May 2017, 3.0.0 -Improvements: -- Remove use of mcrypt (skymeyer) - -08, Sep 2016, 2.0.1 -Bug Fixes: -- Strip whitespace characters when parsing X509Certificate. fixes #84 - (klemen.bratec) -- Certificate 'subject' values can be arrays. fixes #80 (Andreas Stangl) -- HHVM signing node with ID attribute w/out namespace regenerates ID value. - fixes #88 (Milos Tomic) - -Improvements: -- Fix typos and add some PHPDoc Blocks. (gfaust-qb) -- Update lightSAML link. (Milos Tomic) -- Update copyright dates. - -31, Jul 2015, 2.0.0 -Features: -- Namespace support. Classes now in the RobRichards\XMLSecLibs\ namespace. - -Improvements: -- Dropped support for PHP 5.2 - -31, Jul 2015, 1.4.1 -Bug Fixes: -- Allow for large digest values that may have line breaks. fixes #62 - -Features: -- Support for locating specific signature when multiple exist in - document. (griga3k) - -Improvements: -- Add optional argument to XMLSecurityDSig to define the prefix to be used, - also allowing for null to use no prefix, for the dsig namespace. fixes #13 -- Code cleanup -- Depreciated XMLSecurityDSig::generate_GUID for XMLSecurityDSig::generateGUID - -23, Jun 2015, 1.4.0 -Features: -- Support for PSR-0 standard. -- Support for X509SubjectName. (Milos Tomic) -- Add HMAC-SHA1 support. - -Improvements: -- Add how to install to README. (Bernardo Vieira da Silva) -- Code cleanup. (Jaime Pérez) -- Normalilze tests. (Hidde Wieringa) -- Add basic usage to README. (Hidde Wieringa) - -21, May 2015, 1.3.2 -Bug Fixes: -- Fix Undefined variable notice. (dpieper85) -- Fix typo when setting MimeType attribute. (Eugene OZ) -- Fix validateReference() with enveloping signatures - -Features: -- canonicalizeData performance optimization. (Jaime Pérez) -- Add composer support (Maks3w) - -19, Jun 2013, 1.3.1 -Features: -- return encrypted node from XMLSecEnc::encryptNode() when replace is set to - false. (Olav) -- Add support for RSA SHA384 and RSA_SHA512 and SHA384 digest. (Jaime PŽrez) -- Add options parameter to the add cert methods. -- Add optional issuerSerial creation with cert - -Bug Fixes: -- Fix persisted Id when namespaced. (Koen Thomeer) - -Improvements: -- Add LICENSE file -- Convert CHANGELOG.txt to UTF-8 - -26, Sep 2011, 1.3.0 -Features: -- Add param to append sig to node when signing. Fixes a problem when using - inclusive canonicalization to append a signature within a namespaced subtree. - ex. $objDSig->sign($objKey, $appendToNode); -- Add ability to encrypt by reference -- Add support for refences within an encrypted key -- Add thumbprint generation capability (XMLSecurityKey->getX509Thumbprint() and - XMLSecurityKey::getRawThumbprint($cert)) -- Return signature element node from XMLSecurityDSig::insertSignature() and - XMLSecurityDSig::appendSignature() methods -- Support for with simple URI Id reference. -- Add XMLSecurityKey::getSymmetricKeySize() method (Olav) -- Add XMLSecEnc::getCipherValue() method (Olav) -- Improve XMLSecurityKey:generateSessionKey() logic (Olav) - -Bug Fixes: -- Change split() to explode() as split is now depreciated -- ds:References using empty or simple URI Id reference should never include - comments in canonicalized data. -- Make sure that the elements in EncryptedData are emitted in the correct - sequence. - -11 Jan 2010, 1.2.2 -Features: -- Add support XPath support when creating signature. Provides support for - working with EBXML documents. -- Add reference option to force creation of URI attribute. For use - when adding a DOM Document where by default no URI attribute is added. -- Add support for RSA-SHA256 - -Bug Fixes: -- fix bug #5: createDOMDocumentFragment() in decryptNode when data is node - content (patch by Francois Wang) - - -08 Jul 2008, 1.2.1 -Features: -- Attempt to use mhash when hash extension is not present. (Alfredo Cubitos). -- Add fallback to built-in sha1 if both hash and mhash are not available and - throw error for other for other missing hashes. (patch by Olav Morken). -- Add getX509Certificate method to retrieve the x509 cert used for Key. - (patch by Olav Morken). -- Add getValidatedNodes method to retrieve the elements signed by the - signature. (patch by Olav Morken). -- Add insertSignature method for precision signature insertion. Merge - functionality from appendSignature in the process. (Olav Morken, Rob). -- Finally add some tests - -Bug Fixes: -- Fix canonicalization for Document node when using PHP < 5.2. -- Add padding for RSA_SHA1. (patch by Olav Morken). - - -27 Nov 2007, 1.2.0 -Features: -- New addReference/List option (overwrite). Boolean flag indicating if URI - value should be overwritten if already existing within document. - Default is TRUE to maintain BC. - -18 Nov 2007, 1.1.2 -Bug Fixes: -- Remove closing PHP tag to fix extra whitespace characters from being output - -11 Nov 2007, 1.1.1 -Features: -- Add getRefNodeID() and getRefIDs() methods missed in previous release. - Provide functionality to find URIs of existing reference nodes. - Required by simpleSAMLphp project - -Bug Fixes: -- Remove erroneous whitespace causing issues under certain circumastances. - -18 Oct 2007, 1.1.0 -Features: -- Enable creation of enveloping signature. This allows the creation of - managed information cards. -- Add addObject method for enveloping signatures. -- Add staticGet509XCerts method. Chained certificates within a PEM file can - now be added within the X509Data node. -- Add xpath support within transformations -- Add InclusiveNamespaces prefix list support within exclusive transformations. - -Bug Fixes: -- Initialize random number generator for mcrypt_create_iv. (Joan Cornadó). -- Fix an interoperability issue with .NET when encrypting data in CBC mode. - (Joan Cornadó). diff --git a/plugins/auth/vendor/robrichards/xmlseclibs/LICENSE b/plugins/auth/vendor/robrichards/xmlseclibs/LICENSE deleted file mode 100644 index 4fe5e5ff..00000000 --- a/plugins/auth/vendor/robrichards/xmlseclibs/LICENSE +++ /dev/null @@ -1,31 +0,0 @@ -Copyright (c) 2007-2019, Robert Richards . -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - - * Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in - the documentation and/or other materials provided with the - distribution. - - * Neither the name of Robert Richards nor the names of his - contributors may be used to endorse or promote products derived - from this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN -ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/plugins/auth/vendor/robrichards/xmlseclibs/README.md b/plugins/auth/vendor/robrichards/xmlseclibs/README.md deleted file mode 100644 index a576080a..00000000 --- a/plugins/auth/vendor/robrichards/xmlseclibs/README.md +++ /dev/null @@ -1,85 +0,0 @@ -#xmlseclibs - -xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. - -The author of xmlseclibs is Rob Richards. - -# Branches -Master is currently the only actively maintained branch. -* master/3.1: Added AES-GCM support requiring 7.1+ -* 3.0: Removes mcrypt usage requiring 5.4+ (5.6.24+ recommended for security reasons) -* 2.0: Contains namespace support requiring 5.3+ -* 1.4: Contains auto-loader support while also maintaining backwards compatiblity with the older 1.3 version using the xmlseclibs.php file. Supports PHP 5.2+ - -# Requirements - -xmlseclibs requires PHP version 5.4 or greater. **5.6.24+ recommended for security reasons** - - -## How to Install - -Install with [`composer.phar`](http://getcomposer.org). - -```sh -php composer.phar require "robrichards/xmlseclibs" -``` - - -## Use cases - -xmlseclibs is being used in many different software. - -* [SimpleSAMLPHP](https://github.com/simplesamlphp/simplesamlphp) -* [LightSAML](https://github.com/lightsaml/lightsaml) -* [OneLogin](https://github.com/onelogin/php-saml) - -## Basic usage - -The example below shows basic usage of xmlseclibs, with a SHA-256 signature. - -```php -use RobRichards\XMLSecLibs\XMLSecurityDSig; -use RobRichards\XMLSecLibs\XMLSecurityKey; - -// Load the XML to be signed -$doc = new DOMDocument(); -$doc->load('./path/to/file/tobesigned.xml'); - -// Create a new Security object -$objDSig = new XMLSecurityDSig(); -// Use the c14n exclusive canonicalization -$objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); -// Sign using SHA-256 -$objDSig->addReference( - $doc, - XMLSecurityDSig::SHA256, - array('http://www.w3.org/2000/09/xmldsig#enveloped-signature') -); - -// Create a new (private) Security key -$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type'=>'private')); -/* -If key has a passphrase, set it using -$objKey->passphrase = ''; -*/ -// Load the private key -$objKey->loadKey('./path/to/privatekey.pem', TRUE); - -// Sign the XML file -$objDSig->sign($objKey); - -// Add the associated public key to the signature -$objDSig->add509Cert(file_get_contents('./path/to/file/mycert.pem')); - -// Append the signature to the XML -$objDSig->appendSignature($doc->documentElement); -// Save the signed XML -$doc->save('./path/to/signed.xml'); -``` - -## How to Contribute - -* [Open Issues](https://github.com/robrichards/xmlseclibs/issues) -* [Open Pull Requests](https://github.com/robrichards/xmlseclibs/pulls) - -Mailing List: https://groups.google.com/forum/#!forum/xmlseclibs diff --git a/plugins/auth/vendor/robrichards/xmlseclibs/composer.json b/plugins/auth/vendor/robrichards/xmlseclibs/composer.json deleted file mode 100644 index 22ce7a3e..00000000 --- a/plugins/auth/vendor/robrichards/xmlseclibs/composer.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "name": "robrichards/xmlseclibs", - "description": "A PHP library for XML Security", - "license": "BSD-3-Clause", - "keywords": [ - "xml", - "xmldsig", - "signature", - "security" - ], - "homepage": "https://github.com/robrichards/xmlseclibs", - "autoload": { - "psr-4": { - "RobRichards\\XMLSecLibs\\": "src" - } - }, - "require": { - "php": ">= 5.4", - "ext-openssl": "*" - } -} diff --git a/plugins/auth/vendor/robrichards/xmlseclibs/src/Utils/XPath.php b/plugins/auth/vendor/robrichards/xmlseclibs/src/Utils/XPath.php deleted file mode 100644 index 8cdc48e1..00000000 --- a/plugins/auth/vendor/robrichards/xmlseclibs/src/Utils/XPath.php +++ /dev/null @@ -1,44 +0,0 @@ -. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * * Neither the name of Robert Richards nor the names of his - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN - * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - * - * @author Robert Richards - * @copyright 2007-2020 Robert Richards - * @license http://www.opensource.org/licenses/bsd-license.php BSD License - */ - -class XMLSecEnc -{ - const template = " - - - -"; - - const Element = 'http://www.w3.org/2001/04/xmlenc#Element'; - const Content = 'http://www.w3.org/2001/04/xmlenc#Content'; - const URI = 3; - const XMLENCNS = 'http://www.w3.org/2001/04/xmlenc#'; - - /** @var null|DOMDocument */ - private $encdoc = null; - - /** @var null|DOMNode */ - private $rawNode = null; - - /** @var null|string */ - public $type = null; - - /** @var null|DOMElement */ - public $encKey = null; - - /** @var array */ - private $references = array(); - - public function __construct() - { - $this->_resetTemplate(); - } - - private function _resetTemplate() - { - $this->encdoc = new DOMDocument(); - $this->encdoc->loadXML(self::template); - } - - /** - * @param string $name - * @param DOMNode $node - * @param string $type - * @throws Exception - */ - public function addReference($name, $node, $type) - { - if (! $node instanceOf DOMNode) { - throw new Exception('$node is not of type DOMNode'); - } - $curencdoc = $this->encdoc; - $this->_resetTemplate(); - $encdoc = $this->encdoc; - $this->encdoc = $curencdoc; - $refuri = XMLSecurityDSig::generateGUID(); - $element = $encdoc->documentElement; - $element->setAttribute("Id", $refuri); - $this->references[$name] = array("node" => $node, "type" => $type, "encnode" => $encdoc, "refuri" => $refuri); - } - - /** - * @param DOMNode $node - */ - public function setNode($node) - { - $this->rawNode = $node; - } - - /** - * Encrypt the selected node with the given key. - * - * @param XMLSecurityKey $objKey The encryption key and algorithm. - * @param bool $replace Whether the encrypted node should be replaced in the original tree. Default is true. - * @throws Exception - * - * @return DOMElement The -element. - */ - public function encryptNode($objKey, $replace = true) - { - $data = ''; - if (empty($this->rawNode)) { - throw new Exception('Node to encrypt has not been set'); - } - if (! $objKey instanceof XMLSecurityKey) { - throw new Exception('Invalid Key'); - } - $doc = $this->rawNode->ownerDocument; - $xPath = new DOMXPath($this->encdoc); - $objList = $xPath->query('/xenc:EncryptedData/xenc:CipherData/xenc:CipherValue'); - $cipherValue = $objList->item(0); - if ($cipherValue == null) { - throw new Exception('Error locating CipherValue element within template'); - } - switch ($this->type) { - case (self::Element): - $data = $doc->saveXML($this->rawNode); - $this->encdoc->documentElement->setAttribute('Type', self::Element); - break; - case (self::Content): - $children = $this->rawNode->childNodes; - foreach ($children AS $child) { - $data .= $doc->saveXML($child); - } - $this->encdoc->documentElement->setAttribute('Type', self::Content); - break; - default: - throw new Exception('Type is currently not supported'); - } - - $encMethod = $this->encdoc->documentElement->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptionMethod')); - $encMethod->setAttribute('Algorithm', $objKey->getAlgorithm()); - $cipherValue->parentNode->parentNode->insertBefore($encMethod, $cipherValue->parentNode->parentNode->firstChild); - - $strEncrypt = base64_encode($objKey->encryptData($data)); - $value = $this->encdoc->createTextNode($strEncrypt); - $cipherValue->appendChild($value); - - if ($replace) { - switch ($this->type) { - case (self::Element): - if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { - return $this->encdoc; - } - $importEnc = $this->rawNode->ownerDocument->importNode($this->encdoc->documentElement, true); - $this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode); - return $importEnc; - case (self::Content): - $importEnc = $this->rawNode->ownerDocument->importNode($this->encdoc->documentElement, true); - while ($this->rawNode->firstChild) { - $this->rawNode->removeChild($this->rawNode->firstChild); - } - $this->rawNode->appendChild($importEnc); - return $importEnc; - } - } else { - return $this->encdoc->documentElement; - } - } - - /** - * @param XMLSecurityKey $objKey - * @throws Exception - */ - public function encryptReferences($objKey) - { - $curRawNode = $this->rawNode; - $curType = $this->type; - foreach ($this->references AS $name => $reference) { - $this->encdoc = $reference["encnode"]; - $this->rawNode = $reference["node"]; - $this->type = $reference["type"]; - try { - $encNode = $this->encryptNode($objKey); - $this->references[$name]["encnode"] = $encNode; - } catch (Exception $e) { - $this->rawNode = $curRawNode; - $this->type = $curType; - throw $e; - } - } - $this->rawNode = $curRawNode; - $this->type = $curType; - } - - /** - * Retrieve the CipherValue text from this encrypted node. - * - * @throws Exception - * @return string|null The Ciphervalue text, or null if no CipherValue is found. - */ - public function getCipherValue() - { - if (empty($this->rawNode)) { - throw new Exception('Node to decrypt has not been set'); - } - - $doc = $this->rawNode->ownerDocument; - $xPath = new DOMXPath($doc); - $xPath->registerNamespace('xmlencr', self::XMLENCNS); - /* Only handles embedded content right now and not a reference */ - $query = "./xmlencr:CipherData/xmlencr:CipherValue"; - $nodeset = $xPath->query($query, $this->rawNode); - $node = $nodeset->item(0); - - if (!$node) { - return null; - } - - return base64_decode($node->nodeValue); - } - - /** - * Decrypt this encrypted node. - * - * The behaviour of this function depends on the value of $replace. - * If $replace is false, we will return the decrypted data as a string. - * If $replace is true, we will insert the decrypted element(s) into the - * document, and return the decrypted element(s). - * - * @param XMLSecurityKey $objKey The decryption key that should be used when decrypting the node. - * @param boolean $replace Whether we should replace the encrypted node in the XML document with the decrypted data. The default is true. - * - * @return string|DOMElement The decrypted data. - */ - public function decryptNode($objKey, $replace=true) - { - if (! $objKey instanceof XMLSecurityKey) { - throw new Exception('Invalid Key'); - } - - $encryptedData = $this->getCipherValue(); - if ($encryptedData) { - $decrypted = $objKey->decryptData($encryptedData); - if ($replace) { - switch ($this->type) { - case (self::Element): - $newdoc = new DOMDocument(); - $newdoc->loadXML($decrypted); - if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { - return $newdoc; - } - $importEnc = $this->rawNode->ownerDocument->importNode($newdoc->documentElement, true); - $this->rawNode->parentNode->replaceChild($importEnc, $this->rawNode); - return $importEnc; - case (self::Content): - if ($this->rawNode->nodeType == XML_DOCUMENT_NODE) { - $doc = $this->rawNode; - } else { - $doc = $this->rawNode->ownerDocument; - } - $newFrag = $doc->createDocumentFragment(); - $newFrag->appendXML($decrypted); - $parent = $this->rawNode->parentNode; - $parent->replaceChild($newFrag, $this->rawNode); - return $parent; - default: - return $decrypted; - } - } else { - return $decrypted; - } - } else { - throw new Exception("Cannot locate encrypted data"); - } - } - - /** - * Encrypt the XMLSecurityKey - * - * @param XMLSecurityKey $srcKey - * @param XMLSecurityKey $rawKey - * @param bool $append - * @throws Exception - */ - public function encryptKey($srcKey, $rawKey, $append=true) - { - if ((! $srcKey instanceof XMLSecurityKey) || (! $rawKey instanceof XMLSecurityKey)) { - throw new Exception('Invalid Key'); - } - $strEncKey = base64_encode($srcKey->encryptData($rawKey->key)); - $root = $this->encdoc->documentElement; - $encKey = $this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptedKey'); - if ($append) { - $keyInfo = $root->insertBefore($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo'), $root->firstChild); - $keyInfo->appendChild($encKey); - } else { - $this->encKey = $encKey; - } - $encMethod = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:EncryptionMethod')); - $encMethod->setAttribute('Algorithm', $srcKey->getAlgorith()); - if (! empty($srcKey->name)) { - $keyInfo = $encKey->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyInfo')); - $keyInfo->appendChild($this->encdoc->createElementNS('http://www.w3.org/2000/09/xmldsig#', 'dsig:KeyName', $srcKey->name)); - } - $cipherData = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:CipherData')); - $cipherData->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:CipherValue', $strEncKey)); - if (is_array($this->references) && count($this->references) > 0) { - $refList = $encKey->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:ReferenceList')); - foreach ($this->references AS $name => $reference) { - $refuri = $reference["refuri"]; - $dataRef = $refList->appendChild($this->encdoc->createElementNS(self::XMLENCNS, 'xenc:DataReference')); - $dataRef->setAttribute("URI", '#' . $refuri); - } - } - return; - } - - /** - * @param XMLSecurityKey $encKey - * @return DOMElement|string - * @throws Exception - */ - public function decryptKey($encKey) - { - if (! $encKey->isEncrypted) { - throw new Exception("Key is not Encrypted"); - } - if (empty($encKey->key)) { - throw new Exception("Key is missing data to perform the decryption"); - } - return $this->decryptNode($encKey, false); - } - - /** - * @param DOMDocument $element - * @return DOMNode|null - */ - public function locateEncryptedData($element) - { - if ($element instanceof DOMDocument) { - $doc = $element; - } else { - $doc = $element->ownerDocument; - } - if ($doc) { - $xpath = new DOMXPath($doc); - $query = "//*[local-name()='EncryptedData' and namespace-uri()='".self::XMLENCNS."']"; - $nodeset = $xpath->query($query); - return $nodeset->item(0); - } - return null; - } - - /** - * Returns the key from the DOM - * @param null|DOMNode $node - * @return null|XMLSecurityKey - */ - public function locateKey($node=null) - { - if (empty($node)) { - $node = $this->rawNode; - } - if (! $node instanceof DOMNode) { - return null; - } - if ($doc = $node->ownerDocument) { - $xpath = new DOMXPath($doc); - $xpath->registerNamespace('xmlsecenc', self::XMLENCNS); - $query = ".//xmlsecenc:EncryptionMethod"; - $nodeset = $xpath->query($query, $node); - if ($encmeth = $nodeset->item(0)) { - $attrAlgorithm = $encmeth->getAttribute("Algorithm"); - try { - $objKey = new XMLSecurityKey($attrAlgorithm, array('type' => 'private')); - } catch (Exception $e) { - return null; - } - return $objKey; - } - } - return null; - } - - /** - * @param null|XMLSecurityKey $objBaseKey - * @param null|DOMNode $node - * @return null|XMLSecurityKey - * @throws Exception - */ - public static function staticLocateKeyInfo($objBaseKey=null, $node=null) - { - if (empty($node) || (! $node instanceof DOMNode)) { - return null; - } - $doc = $node->ownerDocument; - if (!$doc) { - return null; - } - - $xpath = new DOMXPath($doc); - $xpath->registerNamespace('xmlsecenc', self::XMLENCNS); - $xpath->registerNamespace('xmlsecdsig', XMLSecurityDSig::XMLDSIGNS); - $query = "./xmlsecdsig:KeyInfo"; - $nodeset = $xpath->query($query, $node); - $encmeth = $nodeset->item(0); - if (!$encmeth) { - /* No KeyInfo in EncryptedData / EncryptedKey. */ - return $objBaseKey; - } - - foreach ($encmeth->childNodes AS $child) { - switch ($child->localName) { - case 'KeyName': - if (! empty($objBaseKey)) { - $objBaseKey->name = $child->nodeValue; - } - break; - case 'KeyValue': - foreach ($child->childNodes AS $keyval) { - switch ($keyval->localName) { - case 'DSAKeyValue': - throw new Exception("DSAKeyValue currently not supported"); - case 'RSAKeyValue': - $modulus = null; - $exponent = null; - if ($modulusNode = $keyval->getElementsByTagName('Modulus')->item(0)) { - $modulus = base64_decode($modulusNode->nodeValue); - } - if ($exponentNode = $keyval->getElementsByTagName('Exponent')->item(0)) { - $exponent = base64_decode($exponentNode->nodeValue); - } - if (empty($modulus) || empty($exponent)) { - throw new Exception("Missing Modulus or Exponent"); - } - $publicKey = XMLSecurityKey::convertRSA($modulus, $exponent); - $objBaseKey->loadKey($publicKey); - break; - } - } - break; - case 'RetrievalMethod': - $type = $child->getAttribute('Type'); - if ($type !== 'http://www.w3.org/2001/04/xmlenc#EncryptedKey') { - /* Unsupported key type. */ - break; - } - $uri = $child->getAttribute('URI'); - if ($uri[0] !== '#') { - /* URI not a reference - unsupported. */ - break; - } - $id = substr($uri, 1); - - $query = '//xmlsecenc:EncryptedKey[@Id="'.XPath::filterAttrValue($id, XPath::DOUBLE_QUOTE).'"]'; - $keyElement = $xpath->query($query)->item(0); - if (!$keyElement) { - throw new Exception("Unable to locate EncryptedKey with @Id='$id'."); - } - - return XMLSecurityKey::fromEncryptedKeyElement($keyElement); - case 'EncryptedKey': - return XMLSecurityKey::fromEncryptedKeyElement($child); - case 'X509Data': - if ($x509certNodes = $child->getElementsByTagName('X509Certificate')) { - if ($x509certNodes->length > 0) { - $x509cert = $x509certNodes->item(0)->textContent; - $x509cert = str_replace(array("\r", "\n", " "), "", $x509cert); - $x509cert = "-----BEGIN CERTIFICATE-----\n".chunk_split($x509cert, 64, "\n")."-----END CERTIFICATE-----\n"; - $objBaseKey->loadKey($x509cert, false, true); - } - } - break; - } - } - return $objBaseKey; - } - - /** - * @param null|XMLSecurityKey $objBaseKey - * @param null|DOMNode $node - * @return null|XMLSecurityKey - */ - public function locateKeyInfo($objBaseKey=null, $node=null) - { - if (empty($node)) { - $node = $this->rawNode; - } - return self::staticLocateKeyInfo($objBaseKey, $node); - } -} diff --git a/plugins/auth/vendor/robrichards/xmlseclibs/src/XMLSecurityDSig.php b/plugins/auth/vendor/robrichards/xmlseclibs/src/XMLSecurityDSig.php deleted file mode 100644 index 9986123e..00000000 --- a/plugins/auth/vendor/robrichards/xmlseclibs/src/XMLSecurityDSig.php +++ /dev/null @@ -1,1162 +0,0 @@ -. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * * Neither the name of Robert Richards nor the names of his - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN - * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - * - * @author Robert Richards - * @copyright 2007-2020 Robert Richards - * @license http://www.opensource.org/licenses/bsd-license.php BSD License - */ - -class XMLSecurityDSig -{ - const XMLDSIGNS = 'http://www.w3.org/2000/09/xmldsig#'; - const SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1'; - const SHA256 = 'http://www.w3.org/2001/04/xmlenc#sha256'; - const SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#sha384'; - const SHA512 = 'http://www.w3.org/2001/04/xmlenc#sha512'; - const RIPEMD160 = 'http://www.w3.org/2001/04/xmlenc#ripemd160'; - - const C14N = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'; - const C14N_COMMENTS = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments'; - const EXC_C14N = 'http://www.w3.org/2001/10/xml-exc-c14n#'; - const EXC_C14N_COMMENTS = 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments'; - - const template = ' - - - -'; - - const BASE_TEMPLATE = ' - - - -'; - - /** @var DOMElement|null */ - public $sigNode = null; - - /** @var array */ - public $idKeys = array(); - - /** @var array */ - public $idNS = array(); - - /** @var string|null */ - private $signedInfo = null; - - /** @var DomXPath|null */ - private $xPathCtx = null; - - /** @var string|null */ - private $canonicalMethod = null; - - /** @var string */ - private $prefix = ''; - - /** @var string */ - private $searchpfx = 'secdsig'; - - /** - * This variable contains an associative array of validated nodes. - * @var array|null - */ - private $validatedNodes = null; - - /** - * @param string $prefix - */ - public function __construct($prefix='ds') - { - $template = self::BASE_TEMPLATE; - if (! empty($prefix)) { - $this->prefix = $prefix.':'; - $search = array("ownerDocument; - } - if ($doc) { - $xpath = new DOMXPath($doc); - $xpath->registerNamespace('secdsig', self::XMLDSIGNS); - $query = ".//secdsig:Signature"; - $nodeset = $xpath->query($query, $objDoc); - $this->sigNode = $nodeset->item($pos); - $query = "./secdsig:SignedInfo"; - $nodeset = $xpath->query($query, $this->sigNode); - if ($nodeset->length > 1) { - throw new Exception("Invalid structure - Too many SignedInfo elements found"); - } - return $this->sigNode; - } - return null; - } - - /** - * @param string $name - * @param null|string $value - * @return DOMElement - */ - public function createNewSignNode($name, $value=null) - { - $doc = $this->sigNode->ownerDocument; - if (! is_null($value)) { - $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.$name, $value); - } else { - $node = $doc->createElementNS(self::XMLDSIGNS, $this->prefix.$name); - } - return $node; - } - - /** - * @param string $method - * @throws Exception - */ - public function setCanonicalMethod($method) - { - switch ($method) { - case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315': - case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments': - case 'http://www.w3.org/2001/10/xml-exc-c14n#': - case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments': - $this->canonicalMethod = $method; - break; - default: - throw new Exception('Invalid Canonical Method'); - } - if ($xpath = $this->getXPathObj()) { - $query = './'.$this->searchpfx.':SignedInfo'; - $nodeset = $xpath->query($query, $this->sigNode); - if ($sinfo = $nodeset->item(0)) { - $query = './'.$this->searchpfx.'CanonicalizationMethod'; - $nodeset = $xpath->query($query, $sinfo); - if (! ($canonNode = $nodeset->item(0))) { - $canonNode = $this->createNewSignNode('CanonicalizationMethod'); - $sinfo->insertBefore($canonNode, $sinfo->firstChild); - } - $canonNode->setAttribute('Algorithm', $this->canonicalMethod); - } - } - } - - /** - * @param DOMNode $node - * @param string $canonicalmethod - * @param null|array $arXPath - * @param null|array $prefixList - * @return string - */ - private function canonicalizeData($node, $canonicalmethod, $arXPath=null, $prefixList=null) - { - $exclusive = false; - $withComments = false; - switch ($canonicalmethod) { - case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315': - $exclusive = false; - $withComments = false; - break; - case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments': - $withComments = true; - break; - case 'http://www.w3.org/2001/10/xml-exc-c14n#': - $exclusive = true; - break; - case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments': - $exclusive = true; - $withComments = true; - break; - } - - if (is_null($arXPath) && ($node instanceof DOMNode) && ($node->ownerDocument !== null) && $node->isSameNode($node->ownerDocument->documentElement)) { - /* Check for any PI or comments as they would have been excluded */ - $element = $node; - while ($refnode = $element->previousSibling) { - if ($refnode->nodeType == XML_PI_NODE || (($refnode->nodeType == XML_COMMENT_NODE) && $withComments)) { - break; - } - $element = $refnode; - } - if ($refnode == null) { - $node = $node->ownerDocument; - } - } - - return $node->C14N($exclusive, $withComments, $arXPath, $prefixList); - } - - /** - * @return null|string - */ - public function canonicalizeSignedInfo() - { - - $doc = $this->sigNode->ownerDocument; - $canonicalmethod = null; - if ($doc) { - $xpath = $this->getXPathObj(); - $query = "./secdsig:SignedInfo"; - $nodeset = $xpath->query($query, $this->sigNode); - if ($nodeset->length > 1) { - throw new Exception("Invalid structure - Too many SignedInfo elements found"); - } - if ($signInfoNode = $nodeset->item(0)) { - $query = "./secdsig:CanonicalizationMethod"; - $nodeset = $xpath->query($query, $signInfoNode); - $prefixList = null; - if ($canonNode = $nodeset->item(0)) { - $canonicalmethod = $canonNode->getAttribute('Algorithm'); - foreach ($canonNode->childNodes as $node) - { - if ($node->localName == 'InclusiveNamespaces') { - if ($pfx = $node->getAttribute('PrefixList')) { - $arpfx = array_filter(explode(' ', $pfx)); - if (count($arpfx) > 0) { - $prefixList = array_merge($prefixList ? $prefixList : array(), $arpfx); - } - } - } - } - } - $this->signedInfo = $this->canonicalizeData($signInfoNode, $canonicalmethod, null, $prefixList); - return $this->signedInfo; - } - } - return null; - } - - /** - * @param string $digestAlgorithm - * @param string $data - * @param bool $encode - * @return string - * @throws Exception - */ - public function calculateDigest($digestAlgorithm, $data, $encode = true) - { - switch ($digestAlgorithm) { - case self::SHA1: - $alg = 'sha1'; - break; - case self::SHA256: - $alg = 'sha256'; - break; - case self::SHA384: - $alg = 'sha384'; - break; - case self::SHA512: - $alg = 'sha512'; - break; - case self::RIPEMD160: - $alg = 'ripemd160'; - break; - default: - throw new Exception("Cannot validate digest: Unsupported Algorithm <$digestAlgorithm>"); - } - - $digest = hash($alg, $data, true); - if ($encode) { - $digest = base64_encode($digest); - } - return $digest; - - } - - /** - * @param $refNode - * @param string $data - * @return bool - */ - public function validateDigest($refNode, $data) - { - $xpath = new DOMXPath($refNode->ownerDocument); - $xpath->registerNamespace('secdsig', self::XMLDSIGNS); - $query = 'string(./secdsig:DigestMethod/@Algorithm)'; - $digestAlgorithm = $xpath->evaluate($query, $refNode); - $digValue = $this->calculateDigest($digestAlgorithm, $data, false); - $query = 'string(./secdsig:DigestValue)'; - $digestValue = $xpath->evaluate($query, $refNode); - return ($digValue === base64_decode($digestValue)); - } - - /** - * @param $refNode - * @param DOMNode $objData - * @param bool $includeCommentNodes - * @return string - */ - public function processTransforms($refNode, $objData, $includeCommentNodes = true) - { - $data = $objData; - $xpath = new DOMXPath($refNode->ownerDocument); - $xpath->registerNamespace('secdsig', self::XMLDSIGNS); - $query = './secdsig:Transforms/secdsig:Transform'; - $nodelist = $xpath->query($query, $refNode); - $canonicalMethod = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'; - $arXPath = null; - $prefixList = null; - foreach ($nodelist AS $transform) { - $algorithm = $transform->getAttribute("Algorithm"); - switch ($algorithm) { - case 'http://www.w3.org/2001/10/xml-exc-c14n#': - case 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments': - - if (!$includeCommentNodes) { - /* We remove comment nodes by forcing it to use a canonicalization - * without comments. - */ - $canonicalMethod = 'http://www.w3.org/2001/10/xml-exc-c14n#'; - } else { - $canonicalMethod = $algorithm; - } - - $node = $transform->firstChild; - while ($node) { - if ($node->localName == 'InclusiveNamespaces') { - if ($pfx = $node->getAttribute('PrefixList')) { - $arpfx = array(); - $pfxlist = explode(" ", $pfx); - foreach ($pfxlist AS $pfx) { - $val = trim($pfx); - if (! empty($val)) { - $arpfx[] = $val; - } - } - if (count($arpfx) > 0) { - $prefixList = $arpfx; - } - } - break; - } - $node = $node->nextSibling; - } - break; - case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315': - case 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments': - if (!$includeCommentNodes) { - /* We remove comment nodes by forcing it to use a canonicalization - * without comments. - */ - $canonicalMethod = 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315'; - } else { - $canonicalMethod = $algorithm; - } - - break; - case 'http://www.w3.org/TR/1999/REC-xpath-19991116': - $node = $transform->firstChild; - while ($node) { - if ($node->localName == 'XPath') { - $arXPath = array(); - $arXPath['query'] = '(.//. | .//@* | .//namespace::*)['.$node->nodeValue.']'; - $arXPath['namespaces'] = array(); - $nslist = $xpath->query('./namespace::*', $node); - foreach ($nslist AS $nsnode) { - if ($nsnode->localName != "xml") { - $arXPath['namespaces'][$nsnode->localName] = $nsnode->nodeValue; - } - } - break; - } - $node = $node->nextSibling; - } - break; - } - } - if ($data instanceof DOMNode) { - $data = $this->canonicalizeData($objData, $canonicalMethod, $arXPath, $prefixList); - } - return $data; - } - - /** - * @param DOMNode $refNode - * @return bool - */ - public function processRefNode($refNode) - { - $dataObject = null; - - /* - * Depending on the URI, we may not want to include comments in the result - * See: http://www.w3.org/TR/xmldsig-core/#sec-ReferenceProcessingModel - */ - $includeCommentNodes = true; - - if ($uri = $refNode->getAttribute("URI")) { - $arUrl = parse_url($uri); - if (empty($arUrl['path'])) { - if ($identifier = $arUrl['fragment']) { - - /* This reference identifies a node with the given id by using - * a URI on the form "#identifier". This should not include comments. - */ - $includeCommentNodes = false; - - $xPath = new DOMXPath($refNode->ownerDocument); - if ($this->idNS && is_array($this->idNS)) { - foreach ($this->idNS as $nspf => $ns) { - $xPath->registerNamespace($nspf, $ns); - } - } - $iDlist = '@Id="'.XPath::filterAttrValue($identifier, XPath::DOUBLE_QUOTE).'"'; - if (is_array($this->idKeys)) { - foreach ($this->idKeys as $idKey) { - $iDlist .= " or @".XPath::filterAttrName($idKey).'="'. - XPath::filterAttrValue($identifier, XPath::DOUBLE_QUOTE).'"'; - } - } - $query = '//*['.$iDlist.']'; - $dataObject = $xPath->query($query)->item(0); - } else { - $dataObject = $refNode->ownerDocument; - } - } - } else { - /* This reference identifies the root node with an empty URI. This should - * not include comments. - */ - $includeCommentNodes = false; - - $dataObject = $refNode->ownerDocument; - } - $data = $this->processTransforms($refNode, $dataObject, $includeCommentNodes); - if (!$this->validateDigest($refNode, $data)) { - return false; - } - - if ($dataObject instanceof DOMNode) { - /* Add this node to the list of validated nodes. */ - if (! empty($identifier)) { - $this->validatedNodes[$identifier] = $dataObject; - } else { - $this->validatedNodes[] = $dataObject; - } - } - - return true; - } - - /** - * @param DOMNode $refNode - * @return null - */ - public function getRefNodeID($refNode) - { - if ($uri = $refNode->getAttribute("URI")) { - $arUrl = parse_url($uri); - if (empty($arUrl['path'])) { - if ($identifier = $arUrl['fragment']) { - return $identifier; - } - } - } - return null; - } - - /** - * @return array - * @throws Exception - */ - public function getRefIDs() - { - $refids = array(); - - $xpath = $this->getXPathObj(); - $query = "./secdsig:SignedInfo[1]/secdsig:Reference"; - $nodeset = $xpath->query($query, $this->sigNode); - if ($nodeset->length == 0) { - throw new Exception("Reference nodes not found"); - } - foreach ($nodeset AS $refNode) { - $refids[] = $this->getRefNodeID($refNode); - } - return $refids; - } - - /** - * @return bool - * @throws Exception - */ - public function validateReference() - { - $docElem = $this->sigNode->ownerDocument->documentElement; - if (! $docElem->isSameNode($this->sigNode)) { - if ($this->sigNode->parentNode != null) { - $this->sigNode->parentNode->removeChild($this->sigNode); - } - } - $xpath = $this->getXPathObj(); - $query = "./secdsig:SignedInfo[1]/secdsig:Reference"; - $nodeset = $xpath->query($query, $this->sigNode); - if ($nodeset->length == 0) { - throw new Exception("Reference nodes not found"); - } - - /* Initialize/reset the list of validated nodes. */ - $this->validatedNodes = array(); - - foreach ($nodeset AS $refNode) { - if (! $this->processRefNode($refNode)) { - /* Clear the list of validated nodes. */ - $this->validatedNodes = null; - throw new Exception("Reference validation failed"); - } - } - return true; - } - - /** - * @param DOMNode $sinfoNode - * @param DOMDocument $node - * @param string $algorithm - * @param null|array $arTransforms - * @param null|array $options - */ - private function addRefInternal($sinfoNode, $node, $algorithm, $arTransforms=null, $options=null) - { - $prefix = null; - $prefix_ns = null; - $id_name = 'Id'; - $overwrite_id = true; - $force_uri = false; - - if (is_array($options)) { - $prefix = empty($options['prefix']) ? null : $options['prefix']; - $prefix_ns = empty($options['prefix_ns']) ? null : $options['prefix_ns']; - $id_name = empty($options['id_name']) ? 'Id' : $options['id_name']; - $overwrite_id = !isset($options['overwrite']) ? true : (bool) $options['overwrite']; - $force_uri = !isset($options['force_uri']) ? false : (bool) $options['force_uri']; - } - - $attname = $id_name; - if (! empty($prefix)) { - $attname = $prefix.':'.$attname; - } - - $refNode = $this->createNewSignNode('Reference'); - $sinfoNode->appendChild($refNode); - - if (! $node instanceof DOMDocument) { - $uri = null; - if (! $overwrite_id) { - $uri = $prefix_ns ? $node->getAttributeNS($prefix_ns, $id_name) : $node->getAttribute($id_name); - } - if (empty($uri)) { - $uri = self::generateGUID(); - $node->setAttributeNS($prefix_ns, $attname, $uri); - } - $refNode->setAttribute("URI", '#'.$uri); - } elseif ($force_uri) { - $refNode->setAttribute("URI", ''); - } - - $transNodes = $this->createNewSignNode('Transforms'); - $refNode->appendChild($transNodes); - - if (is_array($arTransforms)) { - foreach ($arTransforms AS $transform) { - $transNode = $this->createNewSignNode('Transform'); - $transNodes->appendChild($transNode); - if (is_array($transform) && - (! empty($transform['http://www.w3.org/TR/1999/REC-xpath-19991116'])) && - (! empty($transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['query']))) { - $transNode->setAttribute('Algorithm', 'http://www.w3.org/TR/1999/REC-xpath-19991116'); - $XPathNode = $this->createNewSignNode('XPath', $transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['query']); - $transNode->appendChild($XPathNode); - if (! empty($transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['namespaces'])) { - foreach ($transform['http://www.w3.org/TR/1999/REC-xpath-19991116']['namespaces'] AS $prefix => $namespace) { - $XPathNode->setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:$prefix", $namespace); - } - } - } else { - $transNode->setAttribute('Algorithm', $transform); - } - } - } elseif (! empty($this->canonicalMethod)) { - $transNode = $this->createNewSignNode('Transform'); - $transNodes->appendChild($transNode); - $transNode->setAttribute('Algorithm', $this->canonicalMethod); - } - - $canonicalData = $this->processTransforms($refNode, $node); - $digValue = $this->calculateDigest($algorithm, $canonicalData); - - $digestMethod = $this->createNewSignNode('DigestMethod'); - $refNode->appendChild($digestMethod); - $digestMethod->setAttribute('Algorithm', $algorithm); - - $digestValue = $this->createNewSignNode('DigestValue', $digValue); - $refNode->appendChild($digestValue); - } - - /** - * @param DOMDocument $node - * @param string $algorithm - * @param null|array $arTransforms - * @param null|array $options - */ - public function addReference($node, $algorithm, $arTransforms=null, $options=null) - { - if ($xpath = $this->getXPathObj()) { - $query = "./secdsig:SignedInfo"; - $nodeset = $xpath->query($query, $this->sigNode); - if ($sInfo = $nodeset->item(0)) { - $this->addRefInternal($sInfo, $node, $algorithm, $arTransforms, $options); - } - } - } - - /** - * @param array $arNodes - * @param string $algorithm - * @param null|array $arTransforms - * @param null|array $options - */ - public function addReferenceList($arNodes, $algorithm, $arTransforms=null, $options=null) - { - if ($xpath = $this->getXPathObj()) { - $query = "./secdsig:SignedInfo"; - $nodeset = $xpath->query($query, $this->sigNode); - if ($sInfo = $nodeset->item(0)) { - foreach ($arNodes AS $node) { - $this->addRefInternal($sInfo, $node, $algorithm, $arTransforms, $options); - } - } - } - } - - /** - * @param DOMElement|string $data - * @param null|string $mimetype - * @param null|string $encoding - * @return DOMElement - */ - public function addObject($data, $mimetype=null, $encoding=null) - { - $objNode = $this->createNewSignNode('Object'); - $this->sigNode->appendChild($objNode); - if (! empty($mimetype)) { - $objNode->setAttribute('MimeType', $mimetype); - } - if (! empty($encoding)) { - $objNode->setAttribute('Encoding', $encoding); - } - - if ($data instanceof DOMElement) { - $newData = $this->sigNode->ownerDocument->importNode($data, true); - } else { - $newData = $this->sigNode->ownerDocument->createTextNode($data); - } - $objNode->appendChild($newData); - - return $objNode; - } - - /** - * @param null|DOMNode $node - * @return null|XMLSecurityKey - */ - public function locateKey($node=null) - { - if (empty($node)) { - $node = $this->sigNode; - } - if (! $node instanceof DOMNode) { - return null; - } - if ($doc = $node->ownerDocument) { - $xpath = new DOMXPath($doc); - $xpath->registerNamespace('secdsig', self::XMLDSIGNS); - $query = "string(./secdsig:SignedInfo/secdsig:SignatureMethod/@Algorithm)"; - $algorithm = $xpath->evaluate($query, $node); - if ($algorithm) { - try { - $objKey = new XMLSecurityKey($algorithm, array('type' => 'public')); - } catch (Exception $e) { - return null; - } - return $objKey; - } - } - return null; - } - - /** - * Returns: - * Bool when verifying HMAC_SHA1; - * Int otherwise, with following meanings: - * 1 on succesful signature verification, - * 0 when signature verification failed, - * -1 if an error occurred during processing. - * - * NOTE: be very careful when checking the int return value, because in - * PHP, -1 will be cast to True when in boolean context. Always check the - * return value in a strictly typed way, e.g. "$obj->verify(...) === 1". - * - * @param XMLSecurityKey $objKey - * @return bool|int - * @throws Exception - */ - public function verify($objKey) - { - $doc = $this->sigNode->ownerDocument; - $xpath = new DOMXPath($doc); - $xpath->registerNamespace('secdsig', self::XMLDSIGNS); - $query = "string(./secdsig:SignatureValue)"; - $sigValue = $xpath->evaluate($query, $this->sigNode); - if (empty($sigValue)) { - throw new Exception("Unable to locate SignatureValue"); - } - return $objKey->verifySignature($this->signedInfo, base64_decode($sigValue)); - } - - /** - * @param XMLSecurityKey $objKey - * @param string $data - * @return mixed|string - */ - public function signData($objKey, $data) - { - return $objKey->signData($data); - } - - /** - * @param XMLSecurityKey $objKey - * @param null|DOMNode $appendToNode - */ - public function sign($objKey, $appendToNode = null) - { - // If we have a parent node append it now so C14N properly works - if ($appendToNode != null) { - $this->resetXPathObj(); - $this->appendSignature($appendToNode); - $this->sigNode = $appendToNode->lastChild; - } - if ($xpath = $this->getXPathObj()) { - $query = "./secdsig:SignedInfo"; - $nodeset = $xpath->query($query, $this->sigNode); - if ($sInfo = $nodeset->item(0)) { - $query = "./secdsig:SignatureMethod"; - $nodeset = $xpath->query($query, $sInfo); - $sMethod = $nodeset->item(0); - $sMethod->setAttribute('Algorithm', $objKey->type); - $data = $this->canonicalizeData($sInfo, $this->canonicalMethod); - $sigValue = base64_encode($this->signData($objKey, $data)); - $sigValueNode = $this->createNewSignNode('SignatureValue', $sigValue); - if ($infoSibling = $sInfo->nextSibling) { - $infoSibling->parentNode->insertBefore($sigValueNode, $infoSibling); - } else { - $this->sigNode->appendChild($sigValueNode); - } - } - } - } - - public function appendCert() - { - - } - - /** - * @param XMLSecurityKey $objKey - * @param null|DOMNode $parent - */ - public function appendKey($objKey, $parent=null) - { - $objKey->serializeKey($parent); - } - - - /** - * This function inserts the signature element. - * - * The signature element will be appended to the element, unless $beforeNode is specified. If $beforeNode - * is specified, the signature element will be inserted as the last element before $beforeNode. - * - * @param DOMNode $node The node the signature element should be inserted into. - * @param DOMNode $beforeNode The node the signature element should be located before. - * - * @return DOMNode The signature element node - */ - public function insertSignature($node, $beforeNode = null) - { - - $document = $node->ownerDocument; - $signatureElement = $document->importNode($this->sigNode, true); - - if ($beforeNode == null) { - return $node->insertBefore($signatureElement); - } else { - return $node->insertBefore($signatureElement, $beforeNode); - } - } - - /** - * @param DOMNode $parentNode - * @param bool $insertBefore - * @return DOMNode - */ - public function appendSignature($parentNode, $insertBefore = false) - { - $beforeNode = $insertBefore ? $parentNode->firstChild : null; - return $this->insertSignature($parentNode, $beforeNode); - } - - /** - * @param string $cert - * @param bool $isPEMFormat - * @return string - */ - public static function get509XCert($cert, $isPEMFormat=true) - { - $certs = self::staticGet509XCerts($cert, $isPEMFormat); - if (! empty($certs)) { - return $certs[0]; - } - return ''; - } - - /** - * @param string $certs - * @param bool $isPEMFormat - * @return array - */ - public static function staticGet509XCerts($certs, $isPEMFormat=true) - { - if ($isPEMFormat) { - $data = ''; - $certlist = array(); - $arCert = explode("\n", $certs); - $inData = false; - foreach ($arCert AS $curData) { - if (! $inData) { - if (strncmp($curData, '-----BEGIN CERTIFICATE', 22) == 0) { - $inData = true; - } - } else { - if (strncmp($curData, '-----END CERTIFICATE', 20) == 0) { - $inData = false; - $certlist[] = $data; - $data = ''; - continue; - } - $data .= trim($curData); - } - } - return $certlist; - } else { - return array($certs); - } - } - - /** - * @param DOMElement $parentRef - * @param string $cert - * @param bool $isPEMFormat - * @param bool $isURL - * @param null|DOMXPath $xpath - * @param null|array $options - * @throws Exception - */ - public static function staticAdd509Cert($parentRef, $cert, $isPEMFormat=true, $isURL=false, $xpath=null, $options=null) - { - if ($isURL) { - $cert = file_get_contents($cert); - } - if (! $parentRef instanceof DOMElement) { - throw new Exception('Invalid parent Node parameter'); - } - $baseDoc = $parentRef->ownerDocument; - - if (empty($xpath)) { - $xpath = new DOMXPath($parentRef->ownerDocument); - $xpath->registerNamespace('secdsig', self::XMLDSIGNS); - } - - $query = "./secdsig:KeyInfo"; - $nodeset = $xpath->query($query, $parentRef); - $keyInfo = $nodeset->item(0); - $dsig_pfx = ''; - if (! $keyInfo) { - $pfx = $parentRef->lookupPrefix(self::XMLDSIGNS); - if (! empty($pfx)) { - $dsig_pfx = $pfx.":"; - } - $inserted = false; - $keyInfo = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'KeyInfo'); - - $query = "./secdsig:Object"; - $nodeset = $xpath->query($query, $parentRef); - if ($sObject = $nodeset->item(0)) { - $sObject->parentNode->insertBefore($keyInfo, $sObject); - $inserted = true; - } - - if (! $inserted) { - $parentRef->appendChild($keyInfo); - } - } else { - $pfx = $keyInfo->lookupPrefix(self::XMLDSIGNS); - if (! empty($pfx)) { - $dsig_pfx = $pfx.":"; - } - } - - // Add all certs if there are more than one - $certs = self::staticGet509XCerts($cert, $isPEMFormat); - - // Attach X509 data node - $x509DataNode = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509Data'); - $keyInfo->appendChild($x509DataNode); - - $issuerSerial = false; - $subjectName = false; - if (is_array($options)) { - if (! empty($options['issuerSerial'])) { - $issuerSerial = true; - } - if (! empty($options['subjectName'])) { - $subjectName = true; - } - } - - // Attach all certificate nodes and any additional data - foreach ($certs as $X509Cert) { - if ($issuerSerial || $subjectName) { - if ($certData = openssl_x509_parse("-----BEGIN CERTIFICATE-----\n".chunk_split($X509Cert, 64, "\n")."-----END CERTIFICATE-----\n")) { - if ($subjectName && ! empty($certData['subject'])) { - if (is_array($certData['subject'])) { - $parts = array(); - foreach ($certData['subject'] AS $key => $value) { - if (is_array($value)) { - foreach ($value as $valueElement) { - array_unshift($parts, "$key=$valueElement"); - } - } else { - array_unshift($parts, "$key=$value"); - } - } - $subjectNameValue = implode(',', $parts); - } else { - $subjectNameValue = $certData['issuer']; - } - $x509SubjectNode = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509SubjectName', $subjectNameValue); - $x509DataNode->appendChild($x509SubjectNode); - } - if ($issuerSerial && ! empty($certData['issuer']) && ! empty($certData['serialNumber'])) { - if (is_array($certData['issuer'])) { - $parts = array(); - foreach ($certData['issuer'] AS $key => $value) { - array_unshift($parts, "$key=$value"); - } - $issuerName = implode(',', $parts); - } else { - $issuerName = $certData['issuer']; - } - - $x509IssuerNode = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509IssuerSerial'); - $x509DataNode->appendChild($x509IssuerNode); - - $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509IssuerName', $issuerName); - $x509IssuerNode->appendChild($x509Node); - $x509Node = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509SerialNumber', $certData['serialNumber']); - $x509IssuerNode->appendChild($x509Node); - } - } - - } - $x509CertNode = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'X509Certificate', $X509Cert); - $x509DataNode->appendChild($x509CertNode); - } - } - - /** - * @param string $cert - * @param bool $isPEMFormat - * @param bool $isURL - * @param null|array $options - */ - public function add509Cert($cert, $isPEMFormat=true, $isURL=false, $options=null) - { - if ($xpath = $this->getXPathObj()) { - self::staticAdd509Cert($this->sigNode, $cert, $isPEMFormat, $isURL, $xpath, $options); - } - } - - /** - * This function appends a node to the KeyInfo. - * - * The KeyInfo element will be created if one does not exist in the document. - * - * @param DOMNode $node The node to append to the KeyInfo. - * - * @return DOMNode The KeyInfo element node - */ - public function appendToKeyInfo($node) - { - $parentRef = $this->sigNode; - $baseDoc = $parentRef->ownerDocument; - - $xpath = $this->getXPathObj(); - if (empty($xpath)) { - $xpath = new DOMXPath($parentRef->ownerDocument); - $xpath->registerNamespace('secdsig', self::XMLDSIGNS); - } - - $query = "./secdsig:KeyInfo"; - $nodeset = $xpath->query($query, $parentRef); - $keyInfo = $nodeset->item(0); - if (! $keyInfo) { - $dsig_pfx = ''; - $pfx = $parentRef->lookupPrefix(self::XMLDSIGNS); - if (! empty($pfx)) { - $dsig_pfx = $pfx.":"; - } - $inserted = false; - $keyInfo = $baseDoc->createElementNS(self::XMLDSIGNS, $dsig_pfx.'KeyInfo'); - - $query = "./secdsig:Object"; - $nodeset = $xpath->query($query, $parentRef); - if ($sObject = $nodeset->item(0)) { - $sObject->parentNode->insertBefore($keyInfo, $sObject); - $inserted = true; - } - - if (! $inserted) { - $parentRef->appendChild($keyInfo); - } - } - - $keyInfo->appendChild($node); - - return $keyInfo; - } - - /** - * This function retrieves an associative array of the validated nodes. - * - * The array will contain the id of the referenced node as the key and the node itself - * as the value. - * - * Returns: - * An associative array of validated nodes or null if no nodes have been validated. - * - * @return array Associative array of validated nodes - */ - public function getValidatedNodes() - { - return $this->validatedNodes; - } -} diff --git a/plugins/auth/vendor/robrichards/xmlseclibs/src/XMLSecurityKey.php b/plugins/auth/vendor/robrichards/xmlseclibs/src/XMLSecurityKey.php deleted file mode 100644 index 7eed04d2..00000000 --- a/plugins/auth/vendor/robrichards/xmlseclibs/src/XMLSecurityKey.php +++ /dev/null @@ -1,813 +0,0 @@ -. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * * Neither the name of Robert Richards nor the names of his - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN - * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - * - * @author Robert Richards - * @copyright 2007-2020 Robert Richards - * @license http://www.opensource.org/licenses/bsd-license.php BSD License - */ - -class XMLSecurityKey -{ - const TRIPLEDES_CBC = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'; - const AES128_CBC = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'; - const AES192_CBC = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc'; - const AES256_CBC = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'; - const AES128_GCM = 'http://www.w3.org/2009/xmlenc11#aes128-gcm'; - const AES192_GCM = 'http://www.w3.org/2009/xmlenc11#aes192-gcm'; - const AES256_GCM = 'http://www.w3.org/2009/xmlenc11#aes256-gcm'; - const RSA_1_5 = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'; - const RSA_OAEP_MGF1P = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'; - const RSA_OAEP = 'http://www.w3.org/2009/xmlenc11#rsa-oaep'; - const DSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1'; - const RSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'; - const RSA_SHA256 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'; - const RSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'; - const RSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'; - const HMAC_SHA1 = 'http://www.w3.org/2000/09/xmldsig#hmac-sha1'; - const AUTHTAG_LENGTH = 16; - - /** @var array */ - private $cryptParams = array(); - - /** @var int|string */ - public $type = 0; - - /** @var mixed|null */ - public $key = null; - - /** @var string */ - public $passphrase = ""; - - /** @var string|null */ - public $iv = null; - - /** @var string|null */ - public $name = null; - - /** @var mixed|null */ - public $keyChain = null; - - /** @var bool */ - public $isEncrypted = false; - - /** @var XMLSecEnc|null */ - public $encryptedCtx = null; - - /** @var mixed|null */ - public $guid = null; - - /** - * This variable contains the certificate as a string if this key represents an X509-certificate. - * If this key doesn't represent a certificate, this will be null. - * @var string|null - */ - private $x509Certificate = null; - - /** - * This variable contains the certificate thumbprint if we have loaded an X509-certificate. - * @var string|null - */ - private $X509Thumbprint = null; - - /** - * @param string $type - * @param null|array $params - * @throws Exception - */ - public function __construct($type, $params=null) - { - switch ($type) { - case (self::TRIPLEDES_CBC): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['cipher'] = 'des-ede3-cbc'; - $this->cryptParams['type'] = 'symmetric'; - $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'; - $this->cryptParams['keysize'] = 24; - $this->cryptParams['blocksize'] = 8; - break; - case (self::AES128_CBC): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['cipher'] = 'aes-128-cbc'; - $this->cryptParams['type'] = 'symmetric'; - $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'; - $this->cryptParams['keysize'] = 16; - $this->cryptParams['blocksize'] = 16; - break; - case (self::AES192_CBC): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['cipher'] = 'aes-192-cbc'; - $this->cryptParams['type'] = 'symmetric'; - $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc'; - $this->cryptParams['keysize'] = 24; - $this->cryptParams['blocksize'] = 16; - break; - case (self::AES256_CBC): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['cipher'] = 'aes-256-cbc'; - $this->cryptParams['type'] = 'symmetric'; - $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'; - $this->cryptParams['keysize'] = 32; - $this->cryptParams['blocksize'] = 16; - break; - case (self::AES128_GCM): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['cipher'] = 'aes-128-gcm'; - $this->cryptParams['type'] = 'symmetric'; - $this->cryptParams['method'] = 'http://www.w3.org/2009/xmlenc11#aes128-gcm'; - $this->cryptParams['keysize'] = 16; - $this->cryptParams['blocksize'] = 16; - break; - case (self::AES192_GCM): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['cipher'] = 'aes-192-gcm'; - $this->cryptParams['type'] = 'symmetric'; - $this->cryptParams['method'] = 'http://www.w3.org/2009/xmlenc11#aes192-gcm'; - $this->cryptParams['keysize'] = 24; - $this->cryptParams['blocksize'] = 16; - break; - case (self::AES256_GCM): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['cipher'] = 'aes-256-gcm'; - $this->cryptParams['type'] = 'symmetric'; - $this->cryptParams['method'] = 'http://www.w3.org/2009/xmlenc11#aes256-gcm'; - $this->cryptParams['keysize'] = 32; - $this->cryptParams['blocksize'] = 16; - break; - case (self::RSA_1_5): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; - $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'; - if (is_array($params) && ! empty($params['type'])) { - if ($params['type'] == 'public' || $params['type'] == 'private') { - $this->cryptParams['type'] = $params['type']; - break; - } - } - throw new Exception('Certificate "type" (private/public) must be passed via parameters'); - case (self::RSA_OAEP_MGF1P): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['padding'] = OPENSSL_PKCS1_OAEP_PADDING; - $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'; - $this->cryptParams['hash'] = null; - if (is_array($params) && ! empty($params['type'])) { - if ($params['type'] == 'public' || $params['type'] == 'private') { - $this->cryptParams['type'] = $params['type']; - break; - } - } - throw new Exception('Certificate "type" (private/public) must be passed via parameters'); - case (self::RSA_OAEP): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['padding'] = OPENSSL_PKCS1_OAEP_PADDING; - $this->cryptParams['method'] = 'http://www.w3.org/2009/xmlenc11#rsa-oaep'; - $this->cryptParams['hash'] = 'http://www.w3.org/2009/xmlenc11#mgf1sha1'; - if (is_array($params) && ! empty($params['type'])) { - if ($params['type'] == 'public' || $params['type'] == 'private') { - $this->cryptParams['type'] = $params['type']; - break; - } - } - throw new Exception('Certificate "type" (private/public) must be passed via parameters'); - case (self::RSA_SHA1): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['method'] = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'; - $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; - if (is_array($params) && ! empty($params['type'])) { - if ($params['type'] == 'public' || $params['type'] == 'private') { - $this->cryptParams['type'] = $params['type']; - break; - } - } - throw new Exception('Certificate "type" (private/public) must be passed via parameters'); - case (self::RSA_SHA256): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'; - $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; - $this->cryptParams['digest'] = 'SHA256'; - if (is_array($params) && ! empty($params['type'])) { - if ($params['type'] == 'public' || $params['type'] == 'private') { - $this->cryptParams['type'] = $params['type']; - break; - } - } - throw new Exception('Certificate "type" (private/public) must be passed via parameters'); - case (self::RSA_SHA384): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'; - $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; - $this->cryptParams['digest'] = 'SHA384'; - if (is_array($params) && ! empty($params['type'])) { - if ($params['type'] == 'public' || $params['type'] == 'private') { - $this->cryptParams['type'] = $params['type']; - break; - } - } - throw new Exception('Certificate "type" (private/public) must be passed via parameters'); - case (self::RSA_SHA512): - $this->cryptParams['library'] = 'openssl'; - $this->cryptParams['method'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'; - $this->cryptParams['padding'] = OPENSSL_PKCS1_PADDING; - $this->cryptParams['digest'] = 'SHA512'; - if (is_array($params) && ! empty($params['type'])) { - if ($params['type'] == 'public' || $params['type'] == 'private') { - $this->cryptParams['type'] = $params['type']; - break; - } - } - throw new Exception('Certificate "type" (private/public) must be passed via parameters'); - case (self::HMAC_SHA1): - $this->cryptParams['library'] = $type; - $this->cryptParams['method'] = 'http://www.w3.org/2000/09/xmldsig#hmac-sha1'; - break; - default: - throw new Exception('Invalid Key Type'); - } - $this->type = $type; - } - - /** - * Retrieve the key size for the symmetric encryption algorithm.. - * - * If the key size is unknown, or this isn't a symmetric encryption algorithm, - * null is returned. - * - * @return int|null The number of bytes in the key. - */ - public function getSymmetricKeySize() - { - if (! isset($this->cryptParams['keysize'])) { - return null; - } - return $this->cryptParams['keysize']; - } - - /** - * Generates a session key using the openssl-extension. - * In case of using DES3-CBC the key is checked for a proper parity bits set. - * @return string - * @throws Exception - */ - public function generateSessionKey() - { - if (!isset($this->cryptParams['keysize'])) { - throw new Exception('Unknown key size for type "' . $this->type . '".'); - } - $keysize = $this->cryptParams['keysize']; - - $key = openssl_random_pseudo_bytes($keysize); - - if ($this->type === self::TRIPLEDES_CBC) { - /* Make sure that the generated key has the proper parity bits set. - * Mcrypt doesn't care about the parity bits, but others may care. - */ - for ($i = 0; $i < strlen($key); $i++) { - $byte = ord($key[$i]) & 0xfe; - $parity = 1; - for ($j = 1; $j < 8; $j++) { - $parity ^= ($byte >> $j) & 1; - } - $byte |= $parity; - $key[$i] = chr($byte); - } - } - - $this->key = $key; - return $key; - } - - /** - * Get the raw thumbprint of a certificate - * - * @param string $cert - * @return null|string - */ - public static function getRawThumbprint($cert) - { - - $arCert = explode("\n", $cert); - $data = ''; - $inData = false; - - foreach ($arCert AS $curData) { - if (! $inData) { - if (strncmp($curData, '-----BEGIN CERTIFICATE', 22) == 0) { - $inData = true; - } - } else { - if (strncmp($curData, '-----END CERTIFICATE', 20) == 0) { - break; - } - $data .= trim($curData); - } - } - - if (! empty($data)) { - return strtolower(sha1(base64_decode($data))); - } - - return null; - } - - /** - * Loads the given key, or - with isFile set true - the key from the keyfile. - * - * @param string $key - * @param bool $isFile - * @param bool $isCert - * @throws Exception - */ - public function loadKey($key, $isFile=false, $isCert = false) - { - if ($isFile) { - $this->key = file_get_contents($key); - } else { - $this->key = $key; - } - if ($isCert) { - $this->key = openssl_x509_read($this->key); - openssl_x509_export($this->key, $str_cert); - $this->x509Certificate = $str_cert; - $this->key = $str_cert; - } else { - $this->x509Certificate = null; - } - if ($this->cryptParams['library'] == 'openssl') { - switch ($this->cryptParams['type']) { - case 'public': - if ($isCert) { - /* Load the thumbprint if this is an X509 certificate. */ - $this->X509Thumbprint = self::getRawThumbprint($this->key); - } - $this->key = openssl_get_publickey($this->key); - if (! $this->key) { - throw new Exception('Unable to extract public key'); - } - break; - - case 'private': - $this->key = openssl_get_privatekey($this->key, $this->passphrase); - break; - - case'symmetric': - if (strlen($this->key) < $this->cryptParams['keysize']) { - throw new Exception('Key must contain at least '.$this->cryptParams['keysize'].' characters for this cipher, contains '.strlen($this->key)); - } - break; - - default: - throw new Exception('Unknown type'); - } - } - } - - /** - * ISO 10126 Padding - * - * @param string $data - * @param integer $blockSize - * @throws Exception - * @return string - */ - private function padISO10126($data, $blockSize) - { - if ($blockSize > 256) { - throw new Exception('Block size higher than 256 not allowed'); - } - $padChr = $blockSize - (strlen($data) % $blockSize); - $pattern = chr($padChr); - return $data . str_repeat($pattern, $padChr); - } - - /** - * Remove ISO 10126 Padding - * - * @param string $data - * @return string - */ - private function unpadISO10126($data) - { - $padChr = substr($data, -1); - $padLen = ord($padChr); - return substr($data, 0, -$padLen); - } - - /** - * Encrypts the given data (string) using the openssl-extension - * - * @param string $data - * @return string - */ - private function encryptSymmetric($data) - { - $this->iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($this->cryptParams['cipher'])); - $authTag = null; - if(in_array($this->cryptParams['cipher'], ['aes-128-gcm', 'aes-192-gcm', 'aes-256-gcm'])) { - if (version_compare(PHP_VERSION, '7.1.0') < 0) { - throw new Exception('PHP 7.1.0 is required to use AES GCM algorithms'); - } - $authTag = openssl_random_pseudo_bytes(self::AUTHTAG_LENGTH); - $encrypted = openssl_encrypt($data, $this->cryptParams['cipher'], $this->key, OPENSSL_RAW_DATA, $this->iv, $authTag); - } else { - $data = $this->padISO10126($data, $this->cryptParams['blocksize']); - $encrypted = openssl_encrypt($data, $this->cryptParams['cipher'], $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->iv); - } - - if (false === $encrypted) { - throw new Exception('Failure encrypting Data (openssl symmetric) - ' . openssl_error_string()); - } - return $this->iv . $encrypted . $authTag; - } - - /** - * Decrypts the given data (string) using the openssl-extension - * - * @param string $data - * @return string - */ - private function decryptSymmetric($data) - { - $iv_length = openssl_cipher_iv_length($this->cryptParams['cipher']); - $this->iv = substr($data, 0, $iv_length); - $data = substr($data, $iv_length); - $authTag = null; - if(in_array($this->cryptParams['cipher'], ['aes-128-gcm', 'aes-192-gcm', 'aes-256-gcm'])) { - if (version_compare(PHP_VERSION, '7.1.0') < 0) { - throw new Exception('PHP 7.1.0 is required to use AES GCM algorithms'); - } - // obtain and remove the authentication tag - $offset = 0 - self::AUTHTAG_LENGTH; - $authTag = substr($data, $offset); - $data = substr($data, 0, $offset); - $decrypted = openssl_decrypt($data, $this->cryptParams['cipher'], $this->key, OPENSSL_RAW_DATA, $this->iv, $authTag); - } else { - $decrypted = openssl_decrypt($data, $this->cryptParams['cipher'], $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->iv); - } - - if (false === $decrypted) { - throw new Exception('Failure decrypting Data (openssl symmetric) - ' . openssl_error_string()); - } - return null !== $authTag ? $decrypted : $this->unpadISO10126($decrypted); - } - - /** - * Encrypts the given public data (string) using the openssl-extension - * - * @param string $data - * @return string - * @throws Exception - */ - private function encryptPublic($data) - { - if (! openssl_public_encrypt($data, $encrypted, $this->key, $this->cryptParams['padding'])) { - throw new Exception('Failure encrypting Data (openssl public) - ' . openssl_error_string()); - } - return $encrypted; - } - - /** - * Decrypts the given public data (string) using the openssl-extension - * - * @param string $data - * @return string - * @throws Exception - */ - private function decryptPublic($data) - { - if (! openssl_public_decrypt($data, $decrypted, $this->key, $this->cryptParams['padding'])) { - throw new Exception('Failure decrypting Data (openssl public) - ' . openssl_error_string()); - } - return $decrypted; - } - - /** - * Encrypts the given private data (string) using the openssl-extension - * - * @param string $data - * @return string - * @throws Exception - */ - private function encryptPrivate($data) - { - if (! openssl_private_encrypt($data, $encrypted, $this->key, $this->cryptParams['padding'])) { - throw new Exception('Failure encrypting Data (openssl private) - ' . openssl_error_string()); - } - return $encrypted; - } - - /** - * Decrypts the given private data (string) using the openssl-extension - * - * @param string $data - * @return string - * @throws Exception - */ - private function decryptPrivate($data) - { - if (! openssl_private_decrypt($data, $decrypted, $this->key, $this->cryptParams['padding'])) { - throw new Exception('Failure decrypting Data (openssl private) - ' . openssl_error_string()); - } - return $decrypted; - } - - /** - * Signs the given data (string) using the openssl-extension - * - * @param string $data - * @return string - * @throws Exception - */ - private function signOpenSSL($data) - { - $algo = OPENSSL_ALGO_SHA1; - if (! empty($this->cryptParams['digest'])) { - $algo = $this->cryptParams['digest']; - } - if (! openssl_sign($data, $signature, $this->key, $algo)) { - throw new Exception('Failure Signing Data: ' . openssl_error_string() . ' - ' . $algo); - } - return $signature; - } - - /** - * Verifies the given data (string) belonging to the given signature using the openssl-extension - * - * Returns: - * 1 on succesful signature verification, - * 0 when signature verification failed, - * -1 if an error occurred during processing. - * - * NOTE: be very careful when checking the return value, because in PHP, - * -1 will be cast to True when in boolean context. So always check the - * return value in a strictly typed way, e.g. "$obj->verify(...) === 1". - * - * @param string $data - * @param string $signature - * @return int - */ - private function verifyOpenSSL($data, $signature) - { - $algo = OPENSSL_ALGO_SHA1; - if (! empty($this->cryptParams['digest'])) { - $algo = $this->cryptParams['digest']; - } - return openssl_verify($data, $signature, $this->key, $algo); - } - - /** - * Encrypts the given data (string) using the regarding php-extension, depending on the library assigned to algorithm in the contructor. - * - * @param string $data - * @return mixed|string - */ - public function encryptData($data) - { - if ($this->cryptParams['library'] === 'openssl') { - switch ($this->cryptParams['type']) { - case 'symmetric': - return $this->encryptSymmetric($data); - case 'public': - return $this->encryptPublic($data); - case 'private': - return $this->encryptPrivate($data); - } - } - } - - /** - * Decrypts the given data (string) using the regarding php-extension, depending on the library assigned to algorithm in the contructor. - * - * @param string $data - * @return mixed|string - */ - public function decryptData($data) - { - if ($this->cryptParams['library'] === 'openssl') { - switch ($this->cryptParams['type']) { - case 'symmetric': - return $this->decryptSymmetric($data); - case 'public': - return $this->decryptPublic($data); - case 'private': - return $this->decryptPrivate($data); - } - } - } - - /** - * Signs the data (string) using the extension assigned to the type in the constructor. - * - * @param string $data - * @return mixed|string - */ - public function signData($data) - { - switch ($this->cryptParams['library']) { - case 'openssl': - return $this->signOpenSSL($data); - case (self::HMAC_SHA1): - return hash_hmac("sha1", $data, $this->key, true); - } - } - - /** - * Verifies the data (string) against the given signature using the extension assigned to the type in the constructor. - * - * Returns in case of openSSL: - * 1 on succesful signature verification, - * 0 when signature verification failed, - * -1 if an error occurred during processing. - * - * NOTE: be very careful when checking the return value, because in PHP, - * -1 will be cast to True when in boolean context. So always check the - * return value in a strictly typed way, e.g. "$obj->verify(...) === 1". - * - * @param string $data - * @param string $signature - * @return bool|int - */ - public function verifySignature($data, $signature) - { - switch ($this->cryptParams['library']) { - case 'openssl': - return $this->verifyOpenSSL($data, $signature); - case (self::HMAC_SHA1): - $expectedSignature = hash_hmac("sha1", $data, $this->key, true); - return strcmp($signature, $expectedSignature) == 0; - } - } - - /** - * @deprecated - * @see getAlgorithm() - * @return mixed - */ - public function getAlgorith() - { - return $this->getAlgorithm(); - } - - /** - * @return mixed - */ - public function getAlgorithm() - { - return $this->cryptParams['method']; - } - - /** - * - * @param int $type - * @param string $string - * @return null|string - */ - public static function makeAsnSegment($type, $string) - { - switch ($type) { - case 0x02: - if (ord($string) > 0x7f) - $string = chr(0).$string; - break; - case 0x03: - $string = chr(0).$string; - break; - } - - $length = strlen($string); - - if ($length < 128) { - $output = sprintf("%c%c%s", $type, $length, $string); - } else if ($length < 0x0100) { - $output = sprintf("%c%c%c%s", $type, 0x81, $length, $string); - } else if ($length < 0x010000) { - $output = sprintf("%c%c%c%c%s", $type, 0x82, $length / 0x0100, $length % 0x0100, $string); - } else { - $output = null; - } - return $output; - } - - /** - * - * Hint: Modulus and Exponent must already be base64 decoded - * @param string $modulus - * @param string $exponent - * @return string - */ - public static function convertRSA($modulus, $exponent) - { - /* make an ASN publicKeyInfo */ - $exponentEncoding = self::makeAsnSegment(0x02, $exponent); - $modulusEncoding = self::makeAsnSegment(0x02, $modulus); - $sequenceEncoding = self::makeAsnSegment(0x30, $modulusEncoding.$exponentEncoding); - $bitstringEncoding = self::makeAsnSegment(0x03, $sequenceEncoding); - $rsaAlgorithmIdentifier = pack("H*", "300D06092A864886F70D0101010500"); - $publicKeyInfo = self::makeAsnSegment(0x30, $rsaAlgorithmIdentifier.$bitstringEncoding); - - /* encode the publicKeyInfo in base64 and add PEM brackets */ - $publicKeyInfoBase64 = base64_encode($publicKeyInfo); - $encoding = "-----BEGIN PUBLIC KEY-----\n"; - $offset = 0; - while ($segment = substr($publicKeyInfoBase64, $offset, 64)) { - $encoding = $encoding.$segment."\n"; - $offset += 64; - } - return $encoding."-----END PUBLIC KEY-----\n"; - } - - /** - * @param mixed $parent - */ - public function serializeKey($parent) - { - - } - - /** - * Retrieve the X509 certificate this key represents. - * - * Will return the X509 certificate in PEM-format if this key represents - * an X509 certificate. - * - * @return string The X509 certificate or null if this key doesn't represent an X509-certificate. - */ - public function getX509Certificate() - { - return $this->x509Certificate; - } - - /** - * Get the thumbprint of this X509 certificate. - * - * Returns: - * The thumbprint as a lowercase 40-character hexadecimal number, or null - * if this isn't a X509 certificate. - * - * @return string Lowercase 40-character hexadecimal number of thumbprint - */ - public function getX509Thumbprint() - { - return $this->X509Thumbprint; - } - - - /** - * Create key from an EncryptedKey-element. - * - * @param DOMElement $element The EncryptedKey-element. - * @throws Exception - * - * @return XMLSecurityKey The new key. - */ - public static function fromEncryptedKeyElement(DOMElement $element) - { - - $objenc = new XMLSecEnc(); - $objenc->setNode($element); - if (! $objKey = $objenc->locateKey()) { - throw new Exception("Unable to locate algorithm for this Encrypted Key"); - } - $objKey->isEncrypted = true; - $objKey->encryptedCtx = $objenc; - XMLSecEnc::staticLocateKeyInfo($objKey, $element); - return $objKey; - } - -} diff --git a/plugins/auth/vendor/robrichards/xmlseclibs/xmlseclibs.php b/plugins/auth/vendor/robrichards/xmlseclibs/xmlseclibs.php deleted file mode 100644 index 1c10acc7..00000000 --- a/plugins/auth/vendor/robrichards/xmlseclibs/xmlseclibs.php +++ /dev/null @@ -1,47 +0,0 @@ -. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * * Neither the name of Robert Richards nor the names of his - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN - * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - * - * @author Robert Richards - * @copyright 2007-2020 Robert Richards - * @license http://www.opensource.org/licenses/bsd-license.php BSD License - * @version 3.1.1 - */ - -$xmlseclibs_srcdir = dirname(__FILE__) . '/src/'; -require $xmlseclibs_srcdir . '/XMLSecurityKey.php'; -require $xmlseclibs_srcdir . '/XMLSecurityDSig.php'; -require $xmlseclibs_srcdir . '/XMLSecEnc.php'; -require $xmlseclibs_srcdir . '/Utils/XPath.php'; diff --git a/plugins/auth/ytemplates/bootstrap/value.ycom_auth_extern.tpl.php b/plugins/auth/ytemplates/bootstrap/value.ycom_auth_extern.tpl.php index ba721814..70395f84 100644 --- a/plugins/auth/ytemplates/bootstrap/value.ycom_auth_extern.tpl.php +++ b/plugins/auth/ytemplates/bootstrap/value.ycom_auth_extern.tpl.php @@ -5,7 +5,7 @@ * @psalm-scope-this rex_yform_value_abstract */ -$url = $url ?? ''; -$name = $name ?? ''; +$url ??= ''; +$name ??= ''; -echo '' . $name . ''; +echo '' . $name . ''; diff --git a/plugins/auth/ytemplates/bootstrap/value.ycom_auth_saml.tpl.php b/plugins/auth/ytemplates/bootstrap/value.ycom_auth_saml.tpl.php index ba721814..70395f84 100644 --- a/plugins/auth/ytemplates/bootstrap/value.ycom_auth_saml.tpl.php +++ b/plugins/auth/ytemplates/bootstrap/value.ycom_auth_saml.tpl.php @@ -5,7 +5,7 @@ * @psalm-scope-this rex_yform_value_abstract */ -$url = $url ?? ''; -$name = $name ?? ''; +$url ??= ''; +$name ??= ''; -echo '' . $name . ''; +echo '' . $name . ''; diff --git a/plugins/auth/ytemplates/bootstrap/value.ycom_password.tpl.php b/plugins/auth/ytemplates/bootstrap/value.ycom_password.tpl.php index bcdfffef..740bb5d0 100644 --- a/plugins/auth/ytemplates/bootstrap/value.ycom_password.tpl.php +++ b/plugins/auth/ytemplates/bootstrap/value.ycom_password.tpl.php @@ -5,10 +5,10 @@ * @psalm-scope-this rex_yform_value_abstract */ -$type = $type ?? 'text'; +$type ??= 'text'; $class = 'text' == $type ? '' : 'form-' . $type . ' '; -$script = $script ?? false; -$rules = $rules ?? []; +$script ??= false; +$rules ??= []; if (!isset($value)) { $value = $this->getValue(); @@ -48,15 +48,15 @@ $input_group_end = ''; if ($script) { - $funcName = uniqid('rex_ycom_password_create'.$this->getId()); + $funcName = uniqid('rex_ycom_password_create' . $this->getId()); $span = ' - + '; $nonce = ''; $nonce = ' nonce="' . rex_response::getNonce() . '"'; - ?>