Project-Pro/drmaterac.pl
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Jacek Pyziak
2025-10-20 14:10:54 +02:00
parent 75ca8fd840
commit d2c1970ef8
732 changed files with 101915 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
modules/pshowsso/vendor/league/oauth2-client/LICENSE vendored Normal file
View File

@@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2013-2020 Alex Bilbie <hello@alexbilbie.com>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

58
modules/pshowsso/vendor/league/oauth2-client/README.md vendored Normal file
View File

@@ -0,0 +1,58 @@
# OAuth 2.0 Client
This package provides a base for integrating with [OAuth 2.0](http://oauth.net/2/) service providers.
[![Gitter Chat](https://img.shields.io/badge/gitter-join_chat-brightgreen.svg?style=flat-square)](https://gitter.im/thephpleague/oauth2-client)
[![Source Code](https://img.shields.io/badge/source-thephpleague/oauth2--client-blue.svg?style=flat-square)](https://github.com/thephpleague/oauth2-client)
[![Latest Version](https://img.shields.io/github/release/thephpleague/oauth2-client.svg?style=flat-square)](https://github.com/thephpleague/oauth2-client/releases)
[![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](https://github.com/thephpleague/oauth2-client/blob/master/LICENSE)
[![Build Status](https://img.shields.io/github/actions/workflow/status/thephpleague/oauth2-client/continuous-integration.yml?label=CI&logo=github&style=flat-square)](https://github.com/thephpleague/oauth2-client/actions?query=workflow%3ACI)
[![Codecov Code Coverage](https://img.shields.io/codecov/c/gh/thephpleague/oauth2-client?label=codecov&logo=codecov&style=flat-square)](https://codecov.io/gh/thephpleague/oauth2-client)
[![Total Downloads](https://img.shields.io/packagist/dt/league/oauth2-client.svg?style=flat-square)](https://packagist.org/packages/league/oauth2-client)
---
The OAuth 2.0 login flow, seen commonly around the web in the form of "Connect with Facebook/Google/etc." buttons, is a common integration added to web applications, but it can be tricky and tedious to do right. To help, we've created the `league/oauth2-client` package, which provides a base for integrating with various OAuth 2.0 providers, without overburdening your application with the concerns of [RFC 6749](http://tools.ietf.org/html/rfc6749).
This OAuth 2.0 client library will work with any OAuth 2.0 provider that conforms to the OAuth 2.0 Authorization Framework. Out-of-the-box, we provide a `GenericProvider` class to connect to any service provider that uses [Bearer tokens](http://tools.ietf.org/html/rfc6750). See our [basic usage guide](https://oauth2-client.thephpleague.com/usage/) for examples using `GenericProvider`.
Many service providers provide additional functionality above and beyond the OAuth 2.0 specification. For this reason, you may extend and wrap this library to support additional behavior. There are already many [official](https://oauth2-client.thephpleague.com/providers/league/) and [third-party](https://oauth2-client.thephpleague.com/providers/thirdparty/) provider clients available (e.g., Facebook, GitHub, Google, Instagram, LinkedIn, etc.). If your provider isn't in the list, feel free to add it.
This package is compliant with [PSR-1][], [PSR-2][], [PSR-4][], and [PSR-7][]. If you notice compliance oversights, please send a patch via pull request. If you're interested in contributing to this library, please take a look at our [contributing guidelines](https://github.com/thephpleague/oauth2-client/blob/master/CONTRIBUTING.md).
## Requirements
We support the following versions of PHP:
* PHP 8.1
* PHP 8.0
* PHP 7.4
* PHP 7.3
* PHP 7.2
* PHP 7.1
* PHP 7.0
* PHP 5.6
## Provider Clients
We provide a list of [official PHP League provider clients](https://oauth2-client.thephpleague.com/providers/league/), as well as [third-party provider clients](https://oauth2-client.thephpleague.com/providers/thirdparty/).
To build your own provider client, please refer to "[Implementing a Provider Client](https://oauth2-client.thephpleague.com/providers/implementing/)."
## Usage
For usage and code examples, check out our [basic usage guide](https://oauth2-client.thephpleague.com/usage/).
## Contributing
Please see [our contributing guidelines](https://github.com/thephpleague/oauth2-client/blob/master/CONTRIBUTING.md) for details.
## License
The MIT License (MIT). Please see [LICENSE](https://github.com/thephpleague/oauth2-client/blob/master/LICENSE) for more information.
[PSR-1]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-1-basic-coding-standard.md
[PSR-2]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md
[PSR-4]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-4-autoloader.md
[PSR-7]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-7-http-message.md

57
modules/pshowsso/vendor/league/oauth2-client/composer.json vendored Normal file
View File

@@ -0,0 +1,57 @@
{
"name": "league\/oauth2-client",
"description": "OAuth 2.0 Client Library",
"license": "MIT",
"config": {
"sort-packages": true
},
"require": {
"php": "^5.6 || ^7.0 || ^8.0",
"guzzlehttp\/guzzle": "^6.0 || ^7.0",
"paragonie\/random_compat": "^1 || ^2 || ^9.99"
},
"require-dev": {
"mockery\/mockery": "^1.3.5",
"php-parallel-lint\/php-parallel-lint": "^1.3.1",
"phpunit\/phpunit": "^5.7 || ^6.0 || ^9.5",
"squizlabs\/php_codesniffer": "^2.3 || ^3.0"
},
"keywords": [
"oauth",
"oauth2",
"authorization",
"authentication",
"idp",
"identity",
"sso",
"single sign on"
],
"authors": [
{
"name": "Alex Bilbie",
"email": "hello@alexbilbie.com",
"homepage": "http:\/\/www.alexbilbie.com",
"role": "Developer"
},
{
"name": "Woody Gilk",
"homepage": "https:\/\/github.com\/shadowhand",
"role": "Contributor"
}
],
"autoload": {
"psr-4": {
"Pshowsso\\Scope68f5e85e9608b\\League\\OAuth2\\Client\\": "src\/"
}
},
"autoload-dev": {
"psr-4": {
"Pshowsso\\Scope68f5e85e9608b\\League\\OAuth2\\Client\\Test\\": "test\/src\/"
}
},
"extra": {
"branch-alias": {
"dev-2.x": "2.0.x-dev"
}
}
}

85
modules/pshowsso/vendor/league/oauth2-client/src/Grant/AbstractGrant.php vendored Normal file
View File

@@ -0,0 +1,85 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool\RequiredParameterTrait;
/**
* Represents a type of authorization grant.
*
* An authorization grant is a credential representing the resource
* owner's authorization (to access its protected resources) used by the
* client to obtain an access token. OAuth 2.0 defines four
* grant types -- authorization code, implicit, resource owner password
* credentials, and client credentials -- as well as an extensibility
* mechanism for defining additional types.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3 Authorization Grant (RFC 6749, §1.3)
*/
abstract class AbstractGrant
{
use RequiredParameterTrait;
/**
* Returns the name of this grant, eg. 'grant_name', which is used as the
* grant type when encoding URL query parameters.
*
* @return string
*/
abstract protected function getName();
/**
* Returns a list of all required request parameters.
*
* @return array
*/
abstract protected function getRequiredRequestParameters();
/**
* Returns this grant's name as its string representation. This allows for
* string interpolation when building URL query parameters.
*
* @return string
*/
public function __toString()
{
return $this->getName();
}
/**
* Prepares an access token request's parameters by checking that all
* required parameters are set, then merging with any given defaults.
*
* @param array $defaults
* @param array $options
* @return array
*/
public function prepareRequestParameters(array $defaults, array $options)
{
$defaults['grant_type'] = $this->getName();
$required = $this->getRequiredRequestParameters();
$provided = array_merge($defaults, $options);
$this->checkRequiredParameters($required, $provided);
return $provided;
}
}
/**
* Represents a type of authorization grant.
*
* An authorization grant is a credential representing the resource
* owner's authorization (to access its protected resources) used by the
* client to obtain an access token. OAuth 2.0 defines four
* grant types -- authorization code, implicit, resource owner password
* credentials, and client credentials -- as well as an extensibility
* mechanism for defining additional types.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3 Authorization Grant (RFC 6749, §1.3)
*/

44
modules/pshowsso/vendor/league/oauth2-client/src/Grant/AuthorizationCode.php vendored Normal file
View File

@@ -0,0 +1,44 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant;
/**
* Represents an authorization code grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3.1 Authorization Code (RFC 6749, §1.3.1)
*/
class AuthorizationCode extends AbstractGrant
{
/**
* @inheritdoc
*/
protected function getName()
{
return 'authorization_code';
}
/**
* @inheritdoc
*/
protected function getRequiredRequestParameters()
{
return ['code'];
}
}
/**
* Represents an authorization code grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3.1 Authorization Code (RFC 6749, §1.3.1)
*/

44
modules/pshowsso/vendor/league/oauth2-client/src/Grant/ClientCredentials.php vendored Normal file
View File

@@ -0,0 +1,44 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant;
/**
* Represents a client credentials grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3.4 Client Credentials (RFC 6749, §1.3.4)
*/
class ClientCredentials extends AbstractGrant
{
/**
* @inheritdoc
*/
protected function getName()
{
return 'client_credentials';
}
/**
* @inheritdoc
*/
protected function getRequiredRequestParameters()
{
return [];
}
}
/**
* Represents a client credentials grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3.4 Client Credentials (RFC 6749, §1.3.4)
*/

31
modules/pshowsso/vendor/league/oauth2-client/src/Grant/Exception/InvalidGrantException.php vendored Normal file
View File

@@ -0,0 +1,31 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant\Exception;
use InvalidArgumentException;
/**
* Exception thrown if the grant does not extend from AbstractGrant.
*
* @see League\OAuth2\Client\Grant\AbstractGrant
*/
class InvalidGrantException extends InvalidArgumentException
{
}
/**
* Exception thrown if the grant does not extend from AbstractGrant.
*
* @see League\OAuth2\Client\Grant\AbstractGrant
*/

95
modules/pshowsso/vendor/league/oauth2-client/src/Grant/GrantFactory.php vendored Normal file
View File

@@ -0,0 +1,95 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant\Exception\InvalidGrantException;
/**
* Represents a factory used when retrieving an authorization grant type.
*/
class GrantFactory
{
/**
* @var array
*/
protected $registry = [];
/**
* Defines a grant singleton in the registry.
*
* @param string $name
* @param AbstractGrant $grant
* @return self
*/
public function setGrant($name, AbstractGrant $grant)
{
$this->registry[$name] = $grant;
return $this;
}
/**
* Returns a grant singleton by name.
*
* If the grant has not be registered, a default grant will be loaded.
*
* @param string $name
* @return AbstractGrant
*/
public function getGrant($name)
{
if (empty($this->registry[$name])) {
$this->registerDefaultGrant($name);
}
return $this->registry[$name];
}
/**
* Registers a default grant singleton by name.
*
* @param string $name
* @return self
*/
protected function registerDefaultGrant($name)
{
// PascalCase the grant. E.g: 'authorization_code' becomes 'AuthorizationCode'
$class = str_replace(' ', '', ucwords(str_replace(['-', '_'], ' ', $name)));
$class = 'League\OAuth2\Client\Grant\\' . $class;
$this->checkGrant($class);
return $this->setGrant($name, new $class());
}
/**
* Determines if a variable is a valid grant.
*
* @param mixed $class
* @return boolean
*/
public function isGrant($class)
{
return is_subclass_of($class, AbstractGrant::class);
}
/**
* Checks if a variable is a valid grant.
*
* @throws InvalidGrantException
* @param mixed $class
* @return void
*/
public function checkGrant($class)
{
if (!$this->isGrant($class)) {
throw new InvalidGrantException(sprintf('Grant "%s" must extend AbstractGrant', is_object($class) ? get_class($class) : $class));
}
}
}
/**
* Represents a factory used when retrieving an authorization grant type.
*/

44
modules/pshowsso/vendor/league/oauth2-client/src/Grant/Password.php vendored Normal file
View File

@@ -0,0 +1,44 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant;
/**
* Represents a resource owner password credentials grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3.3 Resource Owner Password Credentials (RFC 6749, §1.3.3)
*/
class Password extends AbstractGrant
{
/**
* @inheritdoc
*/
protected function getName()
{
return 'password';
}
/**
* @inheritdoc
*/
protected function getRequiredRequestParameters()
{
return ['username', 'password'];
}
}
/**
* Represents a resource owner password credentials grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.3.3 Resource Owner Password Credentials (RFC 6749, §1.3.3)
*/

44
modules/pshowsso/vendor/league/oauth2-client/src/Grant/RefreshToken.php vendored Normal file
View File

@@ -0,0 +1,44 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant;
/**
* Represents a refresh token grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-6 Refreshing an Access Token (RFC 6749, §6)
*/
class RefreshToken extends AbstractGrant
{
/**
* @inheritdoc
*/
protected function getName()
{
return 'refresh_token';
}
/**
* @inheritdoc
*/
protected function getRequiredRequestParameters()
{
return ['refresh_token'];
}
}
/**
* Represents a refresh token grant.
*
* @link http://tools.ietf.org/html/rfc6749#section-6 Refreshing an Access Token (RFC 6749, §6)
*/

38
modules/pshowsso/vendor/league/oauth2-client/src/OptionProvider/HttpBasicAuthOptionProvider.php vendored Normal file
View File

@@ -0,0 +1,38 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\OptionProvider;
use InvalidArgumentException;
/**
* Add http basic auth into access token request options
* @link https://tools.ietf.org/html/rfc6749#section-2.3.1
*/
class HttpBasicAuthOptionProvider extends PostAuthOptionProvider
{
/**
* @inheritdoc
*/
public function getAccessTokenOptions($method, array $params)
{
if (empty($params['client_id']) || empty($params['client_secret'])) {
throw new InvalidArgumentException('clientId and clientSecret are required for http basic auth');
}
$encodedCredentials = base64_encode(sprintf('%s:%s', $params['client_id'], $params['client_secret']));
unset($params['client_id'], $params['client_secret']);
$options = parent::getAccessTokenOptions($method, $params);
$options['headers']['Authorization'] = 'Basic ' . $encodedCredentials;
return $options;
}
}

30
modules/pshowsso/vendor/league/oauth2-client/src/OptionProvider/OptionProviderInterface.php vendored Normal file
View File

@@ -0,0 +1,30 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\OptionProvider;
/**
* Interface for access token options provider
*/
interface OptionProviderInterface
{
/**
* Builds request options used for requesting an access token.
*
* @param string $method
* @param array $params
* @return array
*/
public function getAccessTokenOptions($method, array $params);
}

46
modules/pshowsso/vendor/league/oauth2-client/src/OptionProvider/PostAuthOptionProvider.php vendored Normal file
View File

@@ -0,0 +1,46 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\OptionProvider;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\AbstractProvider;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool\QueryBuilderTrait;
/**
* Provide options for access token
*/
class PostAuthOptionProvider implements OptionProviderInterface
{
use QueryBuilderTrait;
/**
* @inheritdoc
*/
public function getAccessTokenOptions($method, array $params)
{
$options = ['headers' => ['content-type' => 'application/x-www-form-urlencoded']];
if ($method === AbstractProvider::METHOD_POST) {
$options['body'] = $this->getAccessTokenBody($params);
}
return $options;
}
/**
* Returns the request body for requesting an access token.
*
* @param array $params
* @return string
*/
protected function getAccessTokenBody(array $params)
{
return $this->buildQueryString($params);
}
}

783
modules/pshowsso/vendor/league/oauth2-client/src/Provider/AbstractProvider.php vendored Normal file
View File

@@ -0,0 +1,783 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
use Pshowsso\Scope68f5e85e9608b\GuzzleHttp\Client as HttpClient;
use Pshowsso\Scope68f5e85e9608b\GuzzleHttp\ClientInterface as HttpClientInterface;
use Pshowsso\Scope68f5e85e9608b\GuzzleHttp\Exception\BadResponseException;
use InvalidArgumentException;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant\AbstractGrant;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant\GrantFactory;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\OptionProvider\OptionProviderInterface;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\OptionProvider\PostAuthOptionProvider;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token\AccessToken;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token\AccessTokenInterface;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool\ArrayAccessorTrait;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool\GuardedPropertyTrait;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool\QueryBuilderTrait;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool\RequestFactory;
use Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\RequestInterface;
use Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface;
use UnexpectedValueException;
/**
* Represents a service provider (authorization server).
*
* @link http://tools.ietf.org/html/rfc6749#section-1.1 Roles (RFC 6749, §1.1)
*/
abstract class AbstractProvider
{
use ArrayAccessorTrait;
use GuardedPropertyTrait;
use QueryBuilderTrait;
/**
* @var string|null Key used in a token response to identify the resource owner.
*/
const ACCESS_TOKEN_RESOURCE_OWNER_ID = null;
/**
* @var string HTTP method used to fetch access tokens.
*/
const METHOD_GET = 'GET';
/**
* @var string HTTP method used to fetch access tokens.
*/
const METHOD_POST = 'POST';
/**
* @var string PKCE method used to fetch authorization token.
* The PKCE code challenge will be hashed with sha256 (recommended).
*/
const PKCE_METHOD_S256 = 'S256';
/**
* @var string PKCE method used to fetch authorization token.
* The PKCE code challenge will be sent as plain text, this is NOT recommended.
* Only use `plain` if no other option is possible.
*/
const PKCE_METHOD_PLAIN = 'plain';
/**
* @var string
*/
protected $clientId;
/**
* @var string
*/
protected $clientSecret;
/**
* @var string
*/
protected $redirectUri;
/**
* @var string
*/
protected $state;
/**
* @var string|null
*/
protected $pkceCode = null;
/**
* @var GrantFactory
*/
protected $grantFactory;
/**
* @var RequestFactory
*/
protected $requestFactory;
/**
* @var HttpClientInterface
*/
protected $httpClient;
/**
* @var OptionProviderInterface
*/
protected $optionProvider;
/**
* Constructs an OAuth 2.0 service provider.
*
* @param array $options An array of options to set on this provider.
* Options include `clientId`, `clientSecret`, `redirectUri`, and `state`.
* Individual providers may introduce more options, as needed.
* @param array $collaborators An array of collaborators that may be used to
* override this provider's default behavior. Collaborators include
* `grantFactory`, `requestFactory`, and `httpClient`.
* Individual providers may introduce more collaborators, as needed.
*/
public function __construct(array $options = [], array $collaborators = [])
{
// We'll let the GuardedPropertyTrait handle mass assignment of incoming
// options, skipping any blacklisted properties defined in the provider
$this->fillProperties($options);
if (empty($collaborators['grantFactory'])) {
$collaborators['grantFactory'] = new GrantFactory();
}
$this->setGrantFactory($collaborators['grantFactory']);
if (empty($collaborators['requestFactory'])) {
$collaborators['requestFactory'] = new RequestFactory();
}
$this->setRequestFactory($collaborators['requestFactory']);
if (empty($collaborators['httpClient'])) {
$client_options = $this->getAllowedClientOptions($options);
$collaborators['httpClient'] = new HttpClient(array_intersect_key($options, array_flip($client_options)));
}
$this->setHttpClient($collaborators['httpClient']);
if (empty($collaborators['optionProvider'])) {
$collaborators['optionProvider'] = new PostAuthOptionProvider();
}
$this->setOptionProvider($collaborators['optionProvider']);
}
/**
* Returns the list of options that can be passed to the HttpClient
*
* @param array $options An array of options to set on this provider.
* Options include `clientId`, `clientSecret`, `redirectUri`, and `state`.
* Individual providers may introduce more options, as needed.
* @return array The options to pass to the HttpClient constructor
*/
protected function getAllowedClientOptions(array $options)
{
$client_options = ['timeout', 'proxy'];
// Only allow turning off ssl verification if it's for a proxy
if (!empty($options['proxy'])) {
$client_options[] = 'verify';
}
return $client_options;
}
/**
* Sets the grant factory instance.
*
* @param GrantFactory $factory
* @return self
*/
public function setGrantFactory(GrantFactory $factory)
{
$this->grantFactory = $factory;
return $this;
}
/**
* Returns the current grant factory instance.
*
* @return GrantFactory
*/
public function getGrantFactory()
{
return $this->grantFactory;
}
/**
* Sets the request factory instance.
*
* @param RequestFactory $factory
* @return self
*/
public function setRequestFactory(RequestFactory $factory)
{
$this->requestFactory = $factory;
return $this;
}
/**
* Returns the request factory instance.
*
* @return RequestFactory
*/
public function getRequestFactory()
{
return $this->requestFactory;
}
/**
* Sets the HTTP client instance.
*
* @param HttpClientInterface $client
* @return self
*/
public function setHttpClient(HttpClientInterface $client)
{
$this->httpClient = $client;
return $this;
}
/**
* Returns the HTTP client instance.
*
* @return HttpClientInterface
*/
public function getHttpClient()
{
return $this->httpClient;
}
/**
* Sets the option provider instance.
*
* @param OptionProviderInterface $provider
* @return self
*/
public function setOptionProvider(OptionProviderInterface $provider)
{
$this->optionProvider = $provider;
return $this;
}
/**
* Returns the option provider instance.
*
* @return OptionProviderInterface
*/
public function getOptionProvider()
{
return $this->optionProvider;
}
/**
* Returns the current value of the state parameter.
*
* This can be accessed by the redirect handler during authorization.
*
* @return string
*/
public function getState()
{
return $this->state;
}
/**
* Set the value of the pkceCode parameter.
*
* When using PKCE this should be set before requesting an access token.
*
* @param string $pkceCode
* @return self
*/
public function setPkceCode($pkceCode)
{
$this->pkceCode = $pkceCode;
return $this;
}
/**
* Returns the current value of the pkceCode parameter.
*
* This can be accessed by the redirect handler during authorization.
*
* @return string|null
*/
public function getPkceCode()
{
return $this->pkceCode;
}
/**
* Returns the base URL for authorizing a client.
*
* Eg. https://oauth.service.com/authorize
*
* @return string
*/
abstract public function getBaseAuthorizationUrl();
/**
* Returns the base URL for requesting an access token.
*
* Eg. https://oauth.service.com/token
*
* @param array $params
* @return string
*/
abstract public function getBaseAccessTokenUrl(array $params);
/**
* Returns the URL for requesting the resource owner's details.
*
* @param AccessToken $token
* @return string
*/
abstract public function getResourceOwnerDetailsUrl(AccessToken $token);
/**
* Returns a new random string to use as the state parameter in an
* authorization flow.
*
* @param int $length Length of the random string to be generated.
* @return string
*/
protected function getRandomState($length = 32)
{
// Converting bytes to hex will always double length. Hence, we can reduce
// the amount of bytes by half to produce the correct length.
return bin2hex(random_bytes($length / 2));
}
/**
* Returns a new random string to use as PKCE code_verifier and
* hashed as code_challenge parameters in an authorization flow.
* Must be between 43 and 128 characters long.
*
* @param int $length Length of the random string to be generated.
* @return string
*/
protected function getRandomPkceCode($length = 64)
{
return substr(strtr(base64_encode(random_bytes($length)), '+/', '-_'), 0, $length);
}
/**
* Returns the default scopes used by this provider.
*
* This should only be the scopes that are required to request the details
* of the resource owner, rather than all the available scopes.
*
* @return array
*/
abstract protected function getDefaultScopes();
/**
* Returns the string that should be used to separate scopes when building
* the URL for requesting an access token.
*
* @return string Scope separator, defaults to ','
*/
protected function getScopeSeparator()
{
return ',';
}
/**
* @return string|null
*/
protected function getPkceMethod()
{
return null;
}
/**
* Returns authorization parameters based on provided options.
*
* @param array $options
* @return array Authorization parameters
*/
protected function getAuthorizationParameters(array $options)
{
if (empty($options['state'])) {
$options['state'] = $this->getRandomState();
}
if (empty($options['scope'])) {
$options['scope'] = $this->getDefaultScopes();
}
$options += ['response_type' => 'code', 'approval_prompt' => 'auto'];
if (is_array($options['scope'])) {
$separator = $this->getScopeSeparator();
$options['scope'] = implode($separator, $options['scope']);
}
// Store the state as it may need to be accessed later on.
$this->state = $options['state'];
$pkceMethod = $this->getPkceMethod();
if (!empty($pkceMethod)) {
$this->pkceCode = $this->getRandomPkceCode();
if ($pkceMethod === static::PKCE_METHOD_S256) {
$options['code_challenge'] = trim(strtr(base64_encode(hash('sha256', $this->pkceCode, \true)), '+/', '-_'), '=');
} elseif ($pkceMethod === static::PKCE_METHOD_PLAIN) {
$options['code_challenge'] = $this->pkceCode;
} else {
throw new InvalidArgumentException('Unknown PKCE method "' . $pkceMethod . '".');
}
$options['code_challenge_method'] = $pkceMethod;
}
// Business code layer might set a different redirect_uri parameter
// depending on the context, leave it as-is
if (!isset($options['redirect_uri'])) {
$options['redirect_uri'] = $this->redirectUri;
}
$options['client_id'] = $this->clientId;
return $options;
}
/**
* Builds the authorization URL's query string.
*
* @param array $params Query parameters
* @return string Query string
*/
protected function getAuthorizationQuery(array $params)
{
return $this->buildQueryString($params);
}
/**
* Builds the authorization URL.
*
* @param array $options
* @return string Authorization URL
*/
public function getAuthorizationUrl(array $options = [])
{
$base = $this->getBaseAuthorizationUrl();
$params = $this->getAuthorizationParameters($options);
$query = $this->getAuthorizationQuery($params);
return $this->appendQuery($base, $query);
}
/**
* Redirects the client for authorization.
*
* @param array $options
* @param callable|null $redirectHandler
* @return mixed
*/
public function authorize(array $options = [], callable $redirectHandler = null)
{
$url = $this->getAuthorizationUrl($options);
if ($redirectHandler) {
return $redirectHandler($url, $this);
}
// @codeCoverageIgnoreStart
header('Location: ' . $url);
exit;
// @codeCoverageIgnoreEnd
}
/**
* Appends a query string to a URL.
*
* @param string $url The URL to append the query to
* @param string $query The HTTP query string
* @return string The resulting URL
*/
protected function appendQuery($url, $query)
{
$query = trim($query, '?&');
if ($query) {
$glue = strstr($url, '?') === \false ? '?' : '&';
return $url . $glue . $query;
}
return $url;
}
/**
* Returns the method to use when requesting an access token.
*
* @return string HTTP method
*/
protected function getAccessTokenMethod()
{
return self::METHOD_POST;
}
/**
* Returns the key used in the access token response to identify the resource owner.
*
* @return string|null Resource owner identifier key
*/
protected function getAccessTokenResourceOwnerId()
{
return static::ACCESS_TOKEN_RESOURCE_OWNER_ID;
}
/**
* Builds the access token URL's query string.
*
* @param array $params Query parameters
* @return string Query string
*/
protected function getAccessTokenQuery(array $params)
{
return $this->buildQueryString($params);
}
/**
* Checks that a provided grant is valid, or attempts to produce one if the
* provided grant is a string.
*
* @param AbstractGrant|string $grant
* @return AbstractGrant
*/
protected function verifyGrant($grant)
{
if (is_string($grant)) {
return $this->grantFactory->getGrant($grant);
}
$this->grantFactory->checkGrant($grant);
return $grant;
}
/**
* Returns the full URL to use when requesting an access token.
*
* @param array $params Query parameters
* @return string
*/
protected function getAccessTokenUrl(array $params)
{
$url = $this->getBaseAccessTokenUrl($params);
if ($this->getAccessTokenMethod() === self::METHOD_GET) {
$query = $this->getAccessTokenQuery($params);
return $this->appendQuery($url, $query);
}
return $url;
}
/**
* Returns a prepared request for requesting an access token.
*
* @param array $params Query string parameters
* @return RequestInterface
*/
protected function getAccessTokenRequest(array $params)
{
$method = $this->getAccessTokenMethod();
$url = $this->getAccessTokenUrl($params);
$options = $this->optionProvider->getAccessTokenOptions($this->getAccessTokenMethod(), $params);
return $this->getRequest($method, $url, $options);
}
/**
* Requests an access token using a specified grant and option set.
*
* @param mixed $grant
* @param array<string, mixed> $options
* @throws IdentityProviderException
* @return AccessTokenInterface
*/
public function getAccessToken($grant, array $options = [])
{
$grant = $this->verifyGrant($grant);
$params = ['client_id' => $this->clientId, 'client_secret' => $this->clientSecret, 'redirect_uri' => $this->redirectUri];
if (!empty($this->pkceCode)) {
$params['code_verifier'] = $this->pkceCode;
}
$params = $grant->prepareRequestParameters($params, $options);
$request = $this->getAccessTokenRequest($params);
$response = $this->getParsedResponse($request);
if (\false === is_array($response)) {
throw new UnexpectedValueException('Invalid response received from Authorization Server. Expected JSON.');
}
$prepared = $this->prepareAccessTokenResponse($response);
$token = $this->createAccessToken($prepared, $grant);
return $token;
}
/**
* Returns a PSR-7 request instance that is not authenticated.
*
* @param string $method
* @param string $url
* @param array $options
* @return RequestInterface
*/
public function getRequest($method, $url, array $options = [])
{
return $this->createRequest($method, $url, null, $options);
}
/**
* Returns an authenticated PSR-7 request instance.
*
* @param string $method
* @param string $url
* @param AccessTokenInterface|string|null $token
* @param array $options Any of "headers", "body", and "protocolVersion".
* @return RequestInterface
*/
public function getAuthenticatedRequest($method, $url, $token, array $options = [])
{
return $this->createRequest($method, $url, $token, $options);
}
/**
* Creates a PSR-7 request instance.
*
* @param string $method
* @param string $url
* @param AccessTokenInterface|string|null $token
* @param array $options
* @return RequestInterface
*/
protected function createRequest($method, $url, $token, array $options)
{
$defaults = ['headers' => $this->getHeaders($token)];
$options = array_merge_recursive($defaults, $options);
$factory = $this->getRequestFactory();
return $factory->getRequestWithOptions($method, $url, $options);
}
/**
* Sends a request instance and returns a response instance.
*
* WARNING: This method does not attempt to catch exceptions caused by HTTP
* errors! It is recommended to wrap this method in a try/catch block.
*
* @param RequestInterface $request
* @return ResponseInterface
*/
public function getResponse(RequestInterface $request)
{
return $this->getHttpClient()->send($request);
}
/**
* Sends a request and returns the parsed response.
*
* @param RequestInterface $request
* @throws IdentityProviderException
* @return mixed
*/
public function getParsedResponse(RequestInterface $request)
{
try {
$response = $this->getResponse($request);
} catch (BadResponseException $e) {
$response = $e->getResponse();
}
$parsed = $this->parseResponse($response);
$this->checkResponse($response, $parsed);
return $parsed;
}
/**
* Attempts to parse a JSON response.
*
* @param string $content JSON content from response body
* @return array Parsed JSON data
* @throws UnexpectedValueException if the content could not be parsed
*/
protected function parseJson($content)
{
$content = json_decode($content, \true);
if (json_last_error() !== \JSON_ERROR_NONE) {
throw new UnexpectedValueException(sprintf("Failed to parse JSON response: %s", json_last_error_msg()));
}
return $content;
}
/**
* Returns the content type header of a response.
*
* @param ResponseInterface $response
* @return string Semi-colon separated join of content-type headers.
*/
protected function getContentType(ResponseInterface $response)
{
return join(';', (array) $response->getHeader('content-type'));
}
/**
* Parses the response according to its content-type header.
*
* @throws UnexpectedValueException
* @param ResponseInterface $response
* @return array
*/
protected function parseResponse(ResponseInterface $response)
{
$content = (string) $response->getBody();
$type = $this->getContentType($response);
if (strpos($type, 'urlencoded') !== \false) {
parse_str($content, $parsed);
return $parsed;
}
// Attempt to parse the string as JSON regardless of content type,
// since some providers use non-standard content types. Only throw an
// exception if the JSON could not be parsed when it was expected to.
try {
return $this->parseJson($content);
} catch (UnexpectedValueException $e) {
if (strpos($type, 'json') !== \false) {
throw $e;
}
if ($response->getStatusCode() == 500) {
throw new UnexpectedValueException('An OAuth server error was encountered that did not contain a JSON body', 0, $e);
}
return $content;
}
}
/**
* Checks a provider response for errors.
*
* @throws IdentityProviderException
* @param ResponseInterface $response
* @param array|string $data Parsed response data
* @return void
*/
abstract protected function checkResponse(ResponseInterface $response, $data);
/**
* Prepares an parsed access token response for a grant.
*
* Custom mapping of expiration, etc should be done here. Always call the
* parent method when overloading this method.
*
* @param mixed $result
* @return array
*/
protected function prepareAccessTokenResponse(array $result)
{
if ($this->getAccessTokenResourceOwnerId() !== null) {
$result['resource_owner_id'] = $this->getValueByKey($result, $this->getAccessTokenResourceOwnerId());
}
return $result;
}
/**
* Creates an access token from a response.
*
* The grant that was used to fetch the response can be used to provide
* additional context.
*
* @param array $response
* @param AbstractGrant $grant
* @return AccessTokenInterface
*/
protected function createAccessToken(array $response, AbstractGrant $grant)
{
return new AccessToken($response);
}
/**
* Generates a resource owner object from a successful resource owner
* details request.
*
* @param array $response
* @param AccessToken $token
* @return ResourceOwnerInterface
*/
abstract protected function createResourceOwner(array $response, AccessToken $token);
/**
* Requests and returns the resource owner of given access token.
*
* @param AccessToken $token
* @return ResourceOwnerInterface
*/
public function getResourceOwner(AccessToken $token)
{
$response = $this->fetchResourceOwnerDetails($token);
return $this->createResourceOwner($response, $token);
}
/**
* Requests resource owner details.
*
* @param AccessToken $token
* @return mixed
*/
protected function fetchResourceOwnerDetails(AccessToken $token)
{
$url = $this->getResourceOwnerDetailsUrl($token);
$request = $this->getAuthenticatedRequest(self::METHOD_GET, $url, $token);
$response = $this->getParsedResponse($request);
if (\false === is_array($response)) {
throw new UnexpectedValueException('Invalid response received from Authorization Server. Expected JSON.');
}
return $response;
}
/**
* Returns the default headers used by this provider.
*
* Typically this is used to set 'Accept' or 'Content-Type' headers.
*
* @return array
*/
protected function getDefaultHeaders()
{
return [];
}
/**
* Returns the authorization headers used by this provider.
*
* Typically this is "Bearer" or "MAC". For more information see:
* http://tools.ietf.org/html/rfc6749#section-7.1
*
* No default is provided, providers must overload this method to activate
* authorization headers.
*
* @param mixed|null $token Either a string or an access token instance
* @return array
*/
protected function getAuthorizationHeaders($token = null)
{
return [];
}
/**
* Returns all headers used by this provider for a request.
*
* The request will be authenticated if an access token is provided.
*
* @param mixed|null $token object or string
* @return array
*/
public function getHeaders($token = null)
{
if ($token) {
return array_merge($this->getDefaultHeaders(), $this->getAuthorizationHeaders($token));
}
return $this->getDefaultHeaders();
}
}

45
modules/pshowsso/vendor/league/oauth2-client/src/Provider/Exception/IdentityProviderException.php vendored Normal file
View File

@@ -0,0 +1,45 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\Exception;
/**
* Exception thrown if the provider response contains errors.
*/
class IdentityProviderException extends \Exception
{
/**
* @var mixed
*/
protected $response;
/**
* @param string $message
* @param int $code
* @param mixed $response The response body
*/
public function __construct($message, $code, $response)
{
$this->response = $response;
parent::__construct($message, $code);
}
/**
* Returns the exception's response body.
*
* @return mixed
*/
public function getResponseBody()
{
return $this->response;
}
}

201
modules/pshowsso/vendor/league/oauth2-client/src/Provider/GenericProvider.php vendored Normal file
View File

@@ -0,0 +1,201 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
use InvalidArgumentException;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token\AccessToken;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool\BearerAuthorizationTrait;
use Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface;
/**
* Represents a generic service provider that may be used to interact with any
* OAuth 2.0 service provider, using Bearer token authentication.
*/
class GenericProvider extends AbstractProvider
{
use BearerAuthorizationTrait;
/**
* @var string
*/
private $urlAuthorize;
/**
* @var string
*/
private $urlAccessToken;
/**
* @var string
*/
private $urlResourceOwnerDetails;
/**
* @var string
*/
private $accessTokenMethod;
/**
* @var string
*/
private $accessTokenResourceOwnerId;
/**
* @var array|null
*/
private $scopes = null;
/**
* @var string
*/
private $scopeSeparator;
/**
* @var string
*/
private $responseError = 'error';
/**
* @var string
*/
private $responseCode;
/**
* @var string
*/
private $responseResourceOwnerId = 'id';
/**
* @var string|null
*/
private $pkceMethod = null;
/**
* @param array $options
* @param array $collaborators
*/
public function __construct(array $options = [], array $collaborators = [])
{
$this->assertRequiredOptions($options);
$possible = $this->getConfigurableOptions();
$configured = array_intersect_key($options, array_flip($possible));
foreach ($configured as $key => $value) {
$this->{$key} = $value;
}
// Remove all options that are only used locally
$options = array_diff_key($options, $configured);
parent::__construct($options, $collaborators);
}
/**
* Returns all options that can be configured.
*
* @return array
*/
protected function getConfigurableOptions()
{
return array_merge($this->getRequiredOptions(), ['accessTokenMethod', 'accessTokenResourceOwnerId', 'scopeSeparator', 'responseError', 'responseCode', 'responseResourceOwnerId', 'scopes', 'pkceMethod']);
}
/**
* Returns all options that are required.
*
* @return array
*/
protected function getRequiredOptions()
{
return ['urlAuthorize', 'urlAccessToken', 'urlResourceOwnerDetails'];
}
/**
* Verifies that all required options have been passed.
*
* @param array $options
* @return void
* @throws InvalidArgumentException
*/
private function assertRequiredOptions(array $options)
{
$missing = array_diff_key(array_flip($this->getRequiredOptions()), $options);
if (!empty($missing)) {
throw new InvalidArgumentException('Required options not defined: ' . implode(', ', array_keys($missing)));
}
}
/**
* @inheritdoc
*/
public function getBaseAuthorizationUrl()
{
return $this->urlAuthorize;
}
/**
* @inheritdoc
*/
public function getBaseAccessTokenUrl(array $params)
{
return $this->urlAccessToken;
}
/**
* @inheritdoc
*/
public function getResourceOwnerDetailsUrl(AccessToken $token)
{
return $this->urlResourceOwnerDetails;
}
/**
* @inheritdoc
*/
public function getDefaultScopes()
{
return $this->scopes;
}
/**
* @inheritdoc
*/
protected function getAccessTokenMethod()
{
return $this->accessTokenMethod ?: parent::getAccessTokenMethod();
}
/**
* @inheritdoc
*/
protected function getAccessTokenResourceOwnerId()
{
return $this->accessTokenResourceOwnerId ?: parent::getAccessTokenResourceOwnerId();
}
/**
* @inheritdoc
*/
protected function getScopeSeparator()
{
return $this->scopeSeparator ?: parent::getScopeSeparator();
}
/**
* @inheritdoc
*/
protected function getPkceMethod()
{
return $this->pkceMethod ?: parent::getPkceMethod();
}
/**
* @inheritdoc
*/
protected function checkResponse(ResponseInterface $response, $data)
{
if (!empty($data[$this->responseError])) {
$error = $data[$this->responseError];
if (!is_string($error)) {
$error = var_export($error, \true);
}
$code = $this->responseCode && !empty($data[$this->responseCode]) ? $data[$this->responseCode] : 0;
if (!is_int($code)) {
$code = intval($code);
}
throw new IdentityProviderException($error, $code, $data);
}
}
/**
* @inheritdoc
*/
protected function createResourceOwner(array $response, AccessToken $token)
{
return new GenericResourceOwner($response, $this->responseResourceOwnerId);
}
}

57
modules/pshowsso/vendor/league/oauth2-client/src/Provider/GenericResourceOwner.php vendored Normal file
View File

@@ -0,0 +1,57 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
/**
* Represents a generic resource owner for use with the GenericProvider.
*/
class GenericResourceOwner implements ResourceOwnerInterface
{
/**
* @var array
*/
protected $response;
/**
* @var string
*/
protected $resourceOwnerId;
/**
* @param array $response
* @param string $resourceOwnerId
*/
public function __construct(array $response, $resourceOwnerId)
{
$this->response = $response;
$this->resourceOwnerId = $resourceOwnerId;
}
/**
* Returns the identifier of the authorized resource owner.
*
* @return mixed
*/
public function getId()
{
return $this->response[$this->resourceOwnerId];
}
/**
* Returns the raw resource owner response.
*
* @return array
*/
public function toArray()
{
return $this->response;
}
}

35
modules/pshowsso/vendor/league/oauth2-client/src/Provider/ResourceOwnerInterface.php vendored Normal file
View File

@@ -0,0 +1,35 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
/**
* Classes implementing `ResourceOwnerInterface` may be used to represent
* the resource owner authenticated with a service provider.
*/
interface ResourceOwnerInterface
{
/**
* Returns the identifier of the authorized resource owner.
*
* @return mixed
*/
public function getId();
/**
* Return all of the owner details available as an array.
*
* @return array
*/
public function toArray();
}

204
modules/pshowsso/vendor/league/oauth2-client/src/Token/AccessToken.php vendored Normal file
View File

@@ -0,0 +1,204 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token;
use InvalidArgumentException;
use RuntimeException;
/**
* Represents an access token.
*
* @link http://tools.ietf.org/html/rfc6749#section-1.4 Access Token (RFC 6749, §1.4)
*/
class AccessToken implements AccessTokenInterface, ResourceOwnerAccessTokenInterface
{
/**
* @var string
*/
protected $accessToken;
/**
* @var int
*/
protected $expires;
/**
* @var string
*/
protected $refreshToken;
/**
* @var string
*/
protected $resourceOwnerId;
/**
* @var array
*/
protected $values = [];
/**
* @var int
*/
private static $timeNow;
/**
* Set the time now. This should only be used for testing purposes.
*
* @param int $timeNow the time in seconds since epoch
* @return void
*/
public static function setTimeNow($timeNow)
{
self::$timeNow = $timeNow;
}
/**
* Reset the time now if it was set for test purposes.
*
* @return void
*/
public static function resetTimeNow()
{
self::$timeNow = null;
}
/**
* @return int
*/
public function getTimeNow()
{
return self::$timeNow ? self::$timeNow : time();
}
/**
* Constructs an access token.
*
* @param array $options An array of options returned by the service provider
* in the access token request. The `access_token` option is required.
* @throws InvalidArgumentException if `access_token` is not provided in `$options`.
*/
public function __construct(array $options = [])
{
if (empty($options['access_token'])) {
throw new InvalidArgumentException('Required option not passed: "access_token"');
}
$this->accessToken = $options['access_token'];
if (!empty($options['resource_owner_id'])) {
$this->resourceOwnerId = $options['resource_owner_id'];
}
if (!empty($options['refresh_token'])) {
$this->refreshToken = $options['refresh_token'];
}
// We need to know when the token expires. Show preference to
// 'expires_in' since it is defined in RFC6749 Section 5.1.
// Defer to 'expires' if it is provided instead.
if (isset($options['expires_in'])) {
if (!is_numeric($options['expires_in'])) {
throw new \InvalidArgumentException('expires_in value must be an integer');
}
$this->expires = $options['expires_in'] != 0 ? $this->getTimeNow() + $options['expires_in'] : 0;
} elseif (!empty($options['expires'])) {
// Some providers supply the seconds until expiration rather than
// the exact timestamp. Take a best guess at which we received.
$expires = $options['expires'];
if (!$this->isExpirationTimestamp($expires)) {
$expires += $this->getTimeNow();
}
$this->expires = $expires;
}
// Capture any additional values that might exist in the token but are
// not part of the standard response. Vendors will sometimes pass
// additional user data this way.
$this->values = array_diff_key($options, array_flip(['access_token', 'resource_owner_id', 'refresh_token', 'expires_in', 'expires']));
}
/**
* Check if a value is an expiration timestamp or second value.
*
* @param integer $value
* @return bool
*/
protected function isExpirationTimestamp($value)
{
// If the given value is larger than the original OAuth 2 draft date,
// assume that it is meant to be a (possible expired) timestamp.
$oauth2InceptionDate = 1349067600;
// 2012-10-01
return $value > $oauth2InceptionDate;
}
/**
* @inheritdoc
*/
public function getToken()
{
return $this->accessToken;
}
/**
* @inheritdoc
*/
public function getRefreshToken()
{
return $this->refreshToken;
}
/**
* @inheritdoc
*/
public function getExpires()
{
return $this->expires;
}
/**
* @inheritdoc
*/
public function getResourceOwnerId()
{
return $this->resourceOwnerId;
}
/**
* @inheritdoc
*/
public function hasExpired()
{
$expires = $this->getExpires();
if (empty($expires)) {
throw new RuntimeException('"expires" is not set on the token');
}
return $expires < time();
}
/**
* @inheritdoc
*/
public function getValues()
{
return $this->values;
}
/**
* @inheritdoc
*/
public function __toString()
{
return (string) $this->getToken();
}
/**
* @inheritdoc
*/
public function jsonSerialize()
{
$parameters = $this->values;
if ($this->accessToken) {
$parameters['access_token'] = $this->accessToken;
}
if ($this->refreshToken) {
$parameters['refresh_token'] = $this->refreshToken;
}
if ($this->expires) {
$parameters['expires'] = $this->expires;
}
if ($this->resourceOwnerId) {
$parameters['resource_owner_id'] = $this->resourceOwnerId;
}
return $parameters;
}
}

67
modules/pshowsso/vendor/league/oauth2-client/src/Token/AccessTokenInterface.php vendored Normal file
View File

@@ -0,0 +1,67 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token;
use JsonSerializable;
use ReturnTypeWillChange;
use RuntimeException;
interface AccessTokenInterface extends JsonSerializable
{
/**
* Returns the access token string of this instance.
*
* @return string
*/
public function getToken();
/**
* Returns the refresh token, if defined.
*
* @return string|null
*/
public function getRefreshToken();
/**
* Returns the expiration timestamp in seconds, if defined.
*
* @return integer|null
*/
public function getExpires();
/**
* Checks if this token has expired.
*
* @return boolean true if the token has expired, false otherwise.
* @throws RuntimeException if 'expires' is not set on the token.
*/
public function hasExpired();
/**
* Returns additional vendor values stored in the token.
*
* @return array
*/
public function getValues();
/**
* Returns a string representation of the access token
*
* @return string
*/
public function __toString();
/**
* Returns an array of parameters to serialize when this is serialized with
* json_encode().
*
* @return array
*/
#[ReturnTypeWillChange]
public function jsonSerialize();
}

25
modules/pshowsso/vendor/league/oauth2-client/src/Token/ResourceOwnerAccessTokenInterface.php vendored Normal file
View File

@@ -0,0 +1,25 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token;
interface ResourceOwnerAccessTokenInterface extends AccessTokenInterface
{
/**
* Returns the resource owner identifier, if defined.
*
* @return string|null
*/
public function getResourceOwnerId();
}

47
modules/pshowsso/vendor/league/oauth2-client/src/Tool/ArrayAccessorTrait.php vendored Normal file
View File

@@ -0,0 +1,47 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool;
/**
* Provides generic array navigation tools.
*/
trait ArrayAccessorTrait
{
/**
* Returns a value by key using dot notation.
*
* @param array $data
* @param string $key
* @param mixed|null $default
* @return mixed
*/
private function getValueByKey(array $data, $key, $default = null)
{
if (!is_string($key) || empty($key) || !count($data)) {
return $default;
}
if (strpos($key, '.') !== \false) {
$keys = explode('.', $key);
foreach ($keys as $innerKey) {
if (!is_array($data) || !array_key_exists($innerKey, $data)) {
return $default;
}
$data = $data[$innerKey];
}
return $data;
}
return array_key_exists($key, $data) ? $data[$key] : $default;
}
}

35
modules/pshowsso/vendor/league/oauth2-client/src/Tool/BearerAuthorizationTrait.php vendored Normal file
View File

@@ -0,0 +1,35 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token\AccessTokenInterface;
/**
* Enables `Bearer` header authorization for providers.
*
* @link http://tools.ietf.org/html/rfc6750 Bearer Token Usage (RFC 6750)
*/
trait BearerAuthorizationTrait
{
/**
* Returns authorization headers for the 'bearer' grant.
*
* @param AccessTokenInterface|string|null $token Either a string or an access token instance
* @return array
*/
protected function getAuthorizationHeaders($token = null)
{
return ['Authorization' => 'Bearer ' . $token];
}
}

66
modules/pshowsso/vendor/league/oauth2-client/src/Tool/GuardedPropertyTrait.php vendored Normal file
View File

@@ -0,0 +1,66 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool;
/**
* Provides support for blacklisting explicit properties from the
* mass assignment behavior.
*/
trait GuardedPropertyTrait
{
/**
* The properties that aren't mass assignable.
*
* @var array
*/
protected $guarded = [];
/**
* Attempts to mass assign the given options to explicitly defined properties,
* skipping over any properties that are defined in the guarded array.
*
* @param array $options
* @return mixed
*/
protected function fillProperties(array $options = [])
{
if (isset($options['guarded'])) {
unset($options['guarded']);
}
foreach ($options as $option => $value) {
if (property_exists($this, $option) && !$this->isGuarded($option)) {
$this->{$option} = $value;
}
}
}
/**
* Returns current guarded properties.
*
* @return array
*/
public function getGuarded()
{
return $this->guarded;
}
/**
* Determines if the given property is guarded.
*
* @param string $property
* @return bool
*/
public function isGuarded($property)
{
return in_array($property, $this->getGuarded());
}
}

76
modules/pshowsso/vendor/league/oauth2-client/src/Tool/MacAuthorizationTrait.php vendored Normal file
View File

@@ -0,0 +1,76 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token\AccessToken;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token\AccessTokenInterface;
/**
* Enables `MAC` header authorization for providers.
*
* @link http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-05 Message Authentication Code (MAC) Tokens
*/
trait MacAuthorizationTrait
{
/**
* Returns the id of this token for MAC generation.
*
* @param AccessToken $token
* @return string
*/
abstract protected function getTokenId(AccessToken $token);
/**
* Returns the MAC signature for the current request.
*
* @param string $id
* @param integer $ts
* @param string $nonce
* @return string
*/
abstract protected function getMacSignature($id, $ts, $nonce);
/**
* Returns a new random string to use as the state parameter in an
* authorization flow.
*
* @param int $length Length of the random string to be generated.
* @return string
*/
abstract protected function getRandomState($length = 32);
/**
* Returns the authorization headers for the 'mac' grant.
*
* @param AccessTokenInterface|string|null $token Either a string or an access token instance
* @return array
* @codeCoverageIgnore
*
* @todo This is currently untested and provided only as an example. If you
* complete the implementation, please create a pull request for
* https://github.com/thephpleague/oauth2-client
*/
protected function getAuthorizationHeaders($token = null)
{
if ($token === null) {
return [];
}
$ts = time();
$id = $this->getTokenId($token);
$nonce = $this->getRandomState(16);
$mac = $this->getMacSignature($id, $ts, $nonce);
$parts = [];
foreach (compact('id', 'ts', 'nonce', 'mac') as $key => $value) {
$parts[] = sprintf('%s="%s"', $key, $value);
}
return ['Authorization' => 'MAC ' . implode(', ', $parts)];
}
}

105
modules/pshowsso/vendor/league/oauth2-client/src/Tool/ProviderRedirectTrait.php vendored Normal file
View File

@@ -0,0 +1,105 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool;
use Pshowsso\Scope68f5e85e9608b\GuzzleHttp\Exception\BadResponseException;
use Pshowsso\Scope68f5e85e9608b\GuzzleHttp\Psr7\Uri;
use InvalidArgumentException;
use Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\RequestInterface;
use Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface;
trait ProviderRedirectTrait
{
/**
* Maximum number of times to follow provider initiated redirects
*
* @var integer
*/
protected $redirectLimit = 2;
/**
* Retrieves a response for a given request and retrieves subsequent
* responses, with authorization headers, if a redirect is detected.
*
* @param RequestInterface $request
* @return ResponseInterface
* @throws BadResponseException
*/
protected function followRequestRedirects(RequestInterface $request)
{
$response = null;
$attempts = 0;
while ($attempts < $this->redirectLimit) {
$attempts++;
$response = $this->getHttpClient()->send($request, ['allow_redirects' => \false]);
if ($this->isRedirect($response)) {
$redirectUrl = new Uri($response->getHeader('Location')[0]);
$request = $request->withUri($redirectUrl);
} else {
break;
}
}
return $response;
}
/**
* Returns the HTTP client instance.
*
* @return GuzzleHttp\ClientInterface
*/
abstract public function getHttpClient();
/**
* Retrieves current redirect limit.
*
* @return integer
*/
public function getRedirectLimit()
{
return $this->redirectLimit;
}
/**
* Determines if a given response is a redirect.
*
* @param ResponseInterface $response
*
* @return boolean
*/
protected function isRedirect(ResponseInterface $response)
{
$statusCode = $response->getStatusCode();
return $statusCode > 300 && $statusCode < 400 && $response->hasHeader('Location');
}
/**
* Sends a request instance and returns a response instance.
*
* WARNING: This method does not attempt to catch exceptions caused by HTTP
* errors! It is recommended to wrap this method in a try/catch block.
*
* @param RequestInterface $request
* @return ResponseInterface
*/
public function getResponse(RequestInterface $request)
{
try {
$response = $this->followRequestRedirects($request);
} catch (BadResponseException $e) {
$response = $e->getResponse();
}
return $response;
}
/**
* Updates the redirect limit.
*
* @param integer $limit
* @return League\OAuth2\Client\Provider\AbstractProvider
* @throws InvalidArgumentException
*/
public function setRedirectLimit($limit)
{
if (!is_int($limit)) {
throw new InvalidArgumentException('redirectLimit must be an integer.');
}
if ($limit < 1) {
throw new InvalidArgumentException('redirectLimit must be greater than or equal to one.');
}
$this->redirectLimit = $limit;
return $this;
}
}

33
modules/pshowsso/vendor/league/oauth2-client/src/Tool/QueryBuilderTrait.php vendored Normal file
View File

@@ -0,0 +1,33 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool;
/**
* Provides a standard way to generate query strings.
*/
trait QueryBuilderTrait
{
/**
* Build a query string from an array.
*
* @param array $params
*
* @return string
*/
protected function buildQueryString(array $params)
{
return http_build_query($params, '', '&', \PHP_QUERY_RFC3986);
}
}

67
modules/pshowsso/vendor/league/oauth2-client/src/Tool/RequestFactory.php vendored Normal file
View File

@@ -0,0 +1,67 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool;
use Pshowsso\Scope68f5e85e9608b\GuzzleHttp\Psr7\Request;
/**
* Used to produce PSR-7 Request instances.
*
* @link https://github.com/guzzle/guzzle/pull/1101
*/
class RequestFactory
{
/**
* Creates a PSR-7 Request instance.
*
* @param null|string $method HTTP method for the request.
* @param null|string $uri URI for the request.
* @param array $headers Headers for the message.
* @param string|resource|StreamInterface $body Message body.
* @param string $version HTTP protocol version.
*
* @return Request
*/
public function getRequest($method, $uri, array $headers = [], $body = null, $version = '1.1')
{
return new Request($method, $uri, $headers, $body, $version);
}
/**
* Parses simplified options.
*
* @param array $options Simplified options.
*
* @return array Extended options for use with getRequest.
*/
protected function parseOptions(array $options)
{
// Should match default values for getRequest
$defaults = ['headers' => [], 'body' => null, 'version' => '1.1'];
return array_merge($defaults, $options);
}
/**
* Creates a request using a simplified array of options.
*
* @param null|string $method
* @param null|string $uri
* @param array $options
*
* @return Request
*/
public function getRequestWithOptions($method, $uri, array $options = [])
{
$options = $this->parseOptions($options);
return $this->getRequest($method, $uri, $options['headers'], $options['body'], $options['version']);
}
}

51
modules/pshowsso/vendor/league/oauth2-client/src/Tool/RequiredParameterTrait.php vendored Normal file
View File

@@ -0,0 +1,51 @@
<?php
/**
* This file is part of the league/oauth2-client library
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @copyright Copyright (c) Alex Bilbie <hello@alexbilbie.com>
* @license http://opensource.org/licenses/MIT MIT
* @link http://thephpleague.com/oauth2-client/ Documentation
* @link https://packagist.org/packages/league/oauth2-client Packagist
* @link https://github.com/thephpleague/oauth2-client GitHub
*/
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool;
use BadMethodCallException;
/**
* Provides functionality to check for required parameters.
*/
trait RequiredParameterTrait
{
/**
* Checks for a required parameter in a hash.
*
* @throws BadMethodCallException
* @param string $name
* @param array $params
* @return void
*/
private function checkRequiredParameter($name, array $params)
{
if (!isset($params[$name])) {
throw new BadMethodCallException(sprintf('Required parameter not passed: "%s"', $name));
}
}
/**
* Checks for multiple required parameters in a hash.
*
* @throws InvalidArgumentException
* @param array $names
* @param array $params
* @return void
*/
private function checkRequiredParameters(array $names, array $params)
{
foreach ($names as $name) {
$this->checkRequiredParameter($name, $params);
}
}
}

56
modules/pshowsso/vendor/league/oauth2-facebook/.github/workflows/ci.yaml vendored Normal file
View File

@@ -0,0 +1,56 @@
name: CI
on:
pull_request:
push:
branches: [ master ]
jobs:
run:
runs-on: ubuntu-18.04
strategy:
fail-fast: false
matrix:
php:
- '7.3'
- '7.4'
- '8.0'
coverage: ['none']
include:
- description: 'Log Code Coverage'
php: '8.0'
coverage: 'xdebug'
name: PHP ${{ matrix.php }} ${{ matrix.description }}
steps:
- name: Checkout
uses: actions/checkout@v2
- uses: actions/cache@v2
with:
path: ~/.composer/cache/files
key: ${{ matrix.php }}
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
coverage: ${{ matrix.coverage }}
- name: Install dependencies
run: composer install
- name: Run PHPUnit tests
run: vendor/bin/phpunit
if: matrix.coverage == 'none'
- name: PHPUnit tests and Log Code coverage
run: vendor/bin/phpunit --exclude-group proxy --coverage-clover=coverage.xml
if: matrix.coverage == 'xdebug'
- name: Run codecov
uses: codecov/codecov-action@v1
if: matrix.coverage == 'xdebug'
with:
file: './coverage.xml'
fail_ci_if_error: true

23
modules/pshowsso/vendor/league/oauth2-facebook/.github/workflows/static-analysis.yaml vendored Normal file
View File

@@ -0,0 +1,23 @@
name: Code style
on:
pull_request:
push:
branches: [ master ]
jobs:
php-cs-fixer:
name: PHP-CodeSniffer
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup PHP
uses: shivammathur/setup-php@v2
- name: Install dependencies
run: composer install
- name: Run script
run: ./vendor/bin/phpcs src --standard=psr12 -sp

21
modules/pshowsso/vendor/league/oauth2-facebook/LICENSE vendored Normal file
View File

@@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2015 Sammy Kaye Powers <me@sammyk.me>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

40
modules/pshowsso/vendor/league/oauth2-facebook/composer.json vendored Normal file
View File

@@ -0,0 +1,40 @@
{
"name": "league\/oauth2-facebook",
"description": "Facebook OAuth 2.0 Client Provider for The PHP League OAuth2-Client",
"license": "MIT",
"authors": [
{
"name": "Sammy Kaye Powers",
"email": "me@sammyk.me",
"homepage": "http:\/\/www.sammyk.me"
}
],
"keywords": [
"oauth",
"oauth2",
"client",
"authorization",
"authentication",
"facebook"
],
"require": {
"php": ">=7.3",
"league\/oauth2-client": "^2.0"
},
"require-dev": {
"ext-json": "*",
"phpunit\/phpunit": "^9.4",
"mockery\/mockery": "~1.3.0",
"squizlabs\/php_codesniffer": "~3.0"
},
"autoload": {
"psr-4": {
"Pshowsso\\Scope68f5e85e9608b\\League\\OAuth2\\Client\\": "src\/"
}
},
"autoload-dev": {
"psr-4": {
"Pshowsso\\Scope68f5e85e9608b\\League\\OAuth2\\Client\\Test\\": "tests\/src\/"
}
}
}

20
modules/pshowsso/vendor/league/oauth2-facebook/src/Grant/FbExchangeToken.php vendored Normal file
View File

@@ -0,0 +1,20 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Grant;
class FbExchangeToken extends AbstractGrant
{
public function __toString(): string
{
return 'fb_exchange_token';
}
protected function getRequiredRequestParameters(): array
{
return ['fb_exchange_token'];
}
protected function getName(): string
{
return 'fb_exchange_token';
}
}

19
modules/pshowsso/vendor/league/oauth2-facebook/src/Provider/AppSecretProof.php vendored Normal file
View File

@@ -0,0 +1,19 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
class AppSecretProof
{
/**
* The app secret proof to sign requests made to the Graph API
* @see https://developers.facebook.com/docs/graph-api/securing-requests#appsecret_proof
*
* @param string $appSecret
* @param string $accessToken
* @return string
*/
public static function create(string $appSecret, string $accessToken): string
{
return hash_hmac('sha256', $accessToken, $appSecret);
}
}

8
modules/pshowsso/vendor/league/oauth2-facebook/src/Provider/Exception/FacebookProviderException.php vendored Normal file
View File

@@ -0,0 +1,8 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\Exception;
use Exception;
class FacebookProviderException extends Exception
{
}

168
modules/pshowsso/vendor/league/oauth2-facebook/src/Provider/Facebook.php vendored Normal file
View File

@@ -0,0 +1,168 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token\AccessToken;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\Exception\FacebookProviderException;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token\AccessTokenInterface;
use Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface;
/**
* @method FacebookUser getResourceOwner(AccessToken $token)
*/
class Facebook extends AbstractProvider
{
/**
* Production Graph API URL.
*
* @const string
*/
protected const BASE_FACEBOOK_URL = 'https://www.facebook.com/';
/**
* Beta tier URL of the Graph API.
*
* @const string
*/
protected const BASE_FACEBOOK_URL_BETA = 'https://www.beta.facebook.com/';
/**
* Production Graph API URL.
*
* @const string
*/
protected const BASE_GRAPH_URL = 'https://graph.facebook.com/';
/**
* Beta tier URL of the Graph API.
*
* @const string
*/
protected const BASE_GRAPH_URL_BETA = 'https://graph.beta.facebook.com/';
/**
* Regular expression used to check for graph API version format
*
* @const string
*/
protected const GRAPH_API_VERSION_REGEX = '~^v\d+\.\d+$~';
/**
* The Graph API version to use for requests.
*
* @var string
*/
protected $graphApiVersion;
/**
* A toggle to enable the beta tier URL's.
*
* @var boolean
*/
private $enableBetaMode = \false;
/**
* The fields to look up when requesting the resource owner
*
* @var string[]
*/
protected $fields;
/**
* @param array $options
* @param array $collaborators
*
* @throws \InvalidArgumentException
*/
public function __construct($options = [], array $collaborators = [])
{
parent::__construct($options, $collaborators);
if (empty($options['graphApiVersion'])) {
$message = 'The "graphApiVersion" option not set. Please set a default Graph API version.';
throw new \InvalidArgumentException($message);
}
if (!preg_match(self::GRAPH_API_VERSION_REGEX, $options['graphApiVersion'])) {
$message = 'The "graphApiVersion" must start with letter "v" followed by version number, ie: "v2.4".';
throw new \InvalidArgumentException($message);
}
$this->graphApiVersion = $options['graphApiVersion'];
if (!empty($options['enableBetaTier']) && $options['enableBetaTier'] === \true) {
$this->enableBetaMode = \true;
}
if (!empty($options['fields']) && is_array($options['fields'])) {
$this->fields = $options['fields'];
} else {
$this->fields = ['id', 'name', 'first_name', 'last_name', 'email', 'hometown', 'picture.type(large){url,is_silhouette}', 'gender', 'age_range'];
// backwards compatibility less than 2.8
if (version_compare(substr($this->graphApiVersion, 1), '2.8') < 0) {
$this->fields[] = 'bio';
}
}
}
public function getBaseAuthorizationUrl(): string
{
return $this->getBaseFacebookUrl() . $this->graphApiVersion . '/dialog/oauth';
}
public function getBaseAccessTokenUrl(array $params): string
{
return $this->getBaseGraphUrl() . $this->graphApiVersion . '/oauth/access_token';
}
public function getDefaultScopes(): array
{
return ['public_profile', 'email'];
}
public function getResourceOwnerDetailsUrl(AccessToken $token): string
{
$appSecretProof = AppSecretProof::create($this->clientSecret, $token->getToken());
return $this->getBaseGraphUrl() . $this->graphApiVersion . '/me?fields=' . implode(',', $this->fields) . '&access_token=' . $token . '&appsecret_proof=' . $appSecretProof;
}
public function getAccessToken($grant = 'authorization_code', array $params = []): AccessTokenInterface
{
if (isset($params['refresh_token'])) {
throw new FacebookProviderException('Facebook does not support token refreshing.');
}
return parent::getAccessToken($grant, $params);
}
/**
* Exchanges a short-lived access token with a long-lived access-token.
*/
public function getLongLivedAccessToken(string $accessToken): AccessTokenInterface
{
$params = ['fb_exchange_token' => $accessToken];
return $this->getAccessToken('fb_exchange_token', $params);
}
protected function createResourceOwner(array $response, AccessToken $token): FacebookUser
{
return new FacebookUser($response);
}
protected function checkResponse(ResponseInterface $response, $data): void
{
if (empty($data['error'])) {
return;
}
$message = $data['error']['type'] . ': ' . $data['error']['message'];
throw new IdentityProviderException($message, $data['error']['code'], $data);
}
/**
* @inheritdoc
*/
protected function getContentType(ResponseInterface $response): string
{
$type = parent::getContentType($response);
// Fix for Facebook's pseudo-JSONP support
if (strpos($type, 'javascript') !== \false) {
return 'application/json';
}
// Fix for Facebook's pseudo-urlencoded support
if (strpos($type, 'plain') !== \false) {
return 'application/x-www-form-urlencoded';
}
return $type;
}
/**
* Get the base Facebook URL.
*/
protected function getBaseFacebookUrl(): string
{
return $this->enableBetaMode ? static::BASE_FACEBOOK_URL_BETA : static::BASE_FACEBOOK_URL;
}
/**
* Get the base Graph API URL.
*/
protected function getBaseGraphUrl(): string
{
return $this->enableBetaMode ? static::BASE_GRAPH_URL_BETA : static::BASE_GRAPH_URL;
}
}

193
modules/pshowsso/vendor/league/oauth2-facebook/src/Provider/FacebookUser.php vendored Normal file
View File

@@ -0,0 +1,193 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
class FacebookUser implements ResourceOwnerInterface
{
/**
* @var array
*/
protected $data;
/**
* @param array $response
*/
public function __construct(array $response)
{
$this->data = $response;
if (!empty($response['picture']['data']['url'])) {
$this->data['picture_url'] = $response['picture']['data']['url'];
}
if (isset($response['picture']['data']['is_silhouette'])) {
$this->data['is_silhouette'] = $response['picture']['data']['is_silhouette'];
}
if (!empty($response['cover']['source'])) {
$this->data['cover_photo_url'] = $response['cover']['source'];
}
}
/**
* Returns the ID for the user as a string if present.
*
* @return string|null
*/
public function getId(): ?string
{
return $this->getField('id');
}
/**
* Returns the name for the user as a string if present.
*
* @return string|null
*/
public function getName(): ?string
{
return $this->getField('name');
}
/**
* Returns the first name for the user as a string if present.
*
* @return string|null
*/
public function getFirstName(): ?string
{
return $this->getField('first_name');
}
/**
* Returns the last name for the user as a string if present.
*
* @return string|null
*/
public function getLastName(): ?string
{
return $this->getField('last_name');
}
/**
* Returns the email for the user as a string if present.
*
* @return string|null
*/
public function getEmail(): ?string
{
return $this->getField('email');
}
/**
* Returns the current location of the user as an array.
*
* @return array|null
*/
public function getHometown(): ?array
{
return $this->getField('hometown');
}
/**
* Returns the "about me" bio for the user as a string if present.
*
* @return string|null
* @deprecated The bio field was removed in Graph v2.8
*/
public function getBio(): ?string
{
return $this->getField('bio');
}
/**
* Returns if user has not defined a specific avatar
*
* @return boolean
*/
public function isDefaultPicture(): bool
{
return $this->getField('is_silhouette');
}
/**
* Returns the profile picture of the user as a string if present.
*
* @return string|null
*/
public function getPictureUrl(): ?string
{
return $this->getField('picture_url');
}
/**
* Returns the cover photo URL of the user as a string if present.
*
* @return string|null
* @deprecated
*/
public function getCoverPhotoUrl(): ?string
{
return $this->getField('cover_photo_url');
}
/**
* Returns the gender for the user as a string if present.
*
* @return string|null
*/
public function getGender(): ?string
{
return $this->getField('gender');
}
/**
* Returns the locale of the user as a string if available.
*
* @return string|null
* @deprecated
*/
public function getLocale(): ?string
{
return $this->getField('locale');
}
/**
* Returns the Facebook URL for the user as a string if available.
*
* @return string|null
*/
public function getLink(): ?string
{
return $this->getField('link');
}
/**
* Returns the current timezone offset from UTC (from -24 to 24)
*
* @return float|null
* @deprecated
*/
public function getTimezone(): ?float
{
return $this->getField('timezone');
}
/**
* Returns the lower bound of the user's age range
*
* @return integer|null
*/
public function getMinAge(): ?int
{
return $this->data['age_range']['min'] ?? null;
}
/**
* Returns the upper bound of the user's age range
*
* @return integer|null
*/
public function getMaxAge(): ?int
{
return $this->data['age_range']['max'] ?? null;
}
/**
* Returns all the data obtained about the user.
*
* @return array
*/
public function toArray(): array
{
return $this->data;
}
/**
* Returns a field from the Graph node data.
*
* @return mixed|null
*/
private function getField(string $key)
{
return $this->data[$key] ?? null;
}
}

5
modules/pshowsso/vendor/league/oauth2-github/.gitignore vendored Normal file
View File

@@ -0,0 +1,5 @@
/build
/vendor
composer.phar
composer.lock
.DS_Store

35
modules/pshowsso/vendor/league/oauth2-github/.scrutinizer.yml vendored Normal file
View File

@@ -0,0 +1,35 @@
filter:
excluded_paths: [test/*]
checks:
php:
code_rating: true
remove_extra_empty_lines: true
remove_php_closing_tag: true
remove_trailing_whitespace: true
fix_use_statements:
remove_unused: true
preserve_multiple: false
preserve_blanklines: true
order_alphabetically: true
fix_php_opening_tag: true
fix_linefeed: true
fix_line_ending: true
fix_identation_4spaces: true
fix_doc_comments: true
tools:
external_code_coverage:
timeout: 600
runs: 3
php_analyzer: true
php_code_coverage: false
php_code_sniffer:
config:
standard: PSR2
filter:
paths: ['src']
php_loc:
enabled: true
excluded_dirs: [vendor, test]
php_cpd:
enabled: true
excluded_dirs: [vendor, test]

27
modules/pshowsso/vendor/league/oauth2-github/.travis.yml vendored Normal file
View File

@@ -0,0 +1,27 @@
language: php
sudo: false
php:
- 5.6
- 7.0
- 7.1
- hhvm
matrix:
include:
- php: 5.6
env: 'COMPOSER_FLAGS="--prefer-stable --prefer-lowest"'
before_script:
- travis_retry composer self-update
- travis_retry composer install --no-interaction --prefer-source --dev
- travis_retry phpenv rehash
script:
- ./vendor/bin/phpcs --standard=psr2 src/
- ./vendor/bin/phpunit --coverage-text --coverage-clover=coverage.clover
after_script:
- wget https://scrutinizer-ci.com/ocular.phar
- php ocular.phar code-coverage:upload --format=php-clover coverage.clover

92
modules/pshowsso/vendor/league/oauth2-github/CHANGELOG.md vendored Normal file
View File

@@ -0,0 +1,92 @@
# Changelog
All Notable changes to `oauth2-github` will be documented in this file
## 2.0.0 - 2017-01-25
### Added
- PHP 7.1 Support
### Deprecated
- Nothing
### Fixed
- Nothing
### Removed
- PHP 5.5 Support
### Security
- Nothing
## 1.0.0 - 2017-01-25
Bump for base package parity
## 0.2.2 - 2016-11-21
### Added
- Update base package version from 1.0 to 1.4
- Update GithubResourceOwner to utilize ArrayAccessorTrait from base package
### Deprecated
- Nothing
### Fixed
- Nothing
### Removed
- Nothing
### Security
- Nothing
## 0.2.1 - 2016-04-13
### Added
- Support OAuth exceptions from Github with non-standard status codes (https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request)
### Deprecated
- Nothing
### Fixed
- Nothing
### Removed
- Nothing
### Security
- Nothing
## 0.2.0 - 2015-08-20
### Added
- Upgrade to support version 1.0 release of core client
### Deprecated
- Nothing
### Fixed
- Nothing
### Removed
- Nothing
### Security
- Nothing
## 0.1.0 - 2015-04-13
### Added
- Initial release!
### Deprecated
- Nothing
### Fixed
- Nothing
### Removed
- Nothing
### Security
- Nothing

42
modules/pshowsso/vendor/league/oauth2-github/CONTRIBUTING.md vendored Normal file
View File

@@ -0,0 +1,42 @@
# Contributing
Contributions are **welcome** and will be fully **credited**.
We accept contributions via Pull Requests on [Github](https://github.com/thephpleague/oauth2-github).
## Pull Requests
- **[PSR-2 Coding Standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md)** - The easiest way to apply the conventions is to install [PHP Code Sniffer](http://pear.php.net/package/PHP_CodeSniffer).
- **Add tests!** - Your patch won't be accepted if it doesn't have tests.
- **Document any change in behaviour** - Make sure the README and any other relevant documentation are kept up-to-date.
- **Consider our release cycle** - We try to follow SemVer. Randomly breaking public APIs is not an option.
- **Create topic branches** - Don't ask us to pull from your master branch.
- **One pull request per feature** - If you want to do more than one thing, send multiple pull requests.
- **Send coherent history** - Make sure each individual commit in your pull request is meaningful. If you had to make multiple intermediate commits while developing, please squash them before submitting.
- **Ensure tests pass!** - Please run the tests (see below) before submitting your pull request, and make sure they pass. We won't accept a patch until all tests pass.
- **Ensure no coding standards violations** - Please run PHP Code Sniffer using the PSR-2 standard (see below) before submitting your pull request. A violation will cause the build to fail, so please make sure there are no violations. We can't accept a patch if the build fails.
## Running Tests
``` bash
$ ./vendor/bin/phpunit
```
## Running PHP Code Sniffer
``` bash
$ ./vendor/bin/phpcs src --standard=psr2 -sp
```
**Happy coding**!

21
modules/pshowsso/vendor/league/oauth2-github/LICENSE vendored Normal file
View File

@@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2015 Steven Maguire
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

129
modules/pshowsso/vendor/league/oauth2-github/README.md vendored Normal file
View File

@@ -0,0 +1,129 @@
# Github Provider for OAuth 2.0 Client
[![Latest Version](https://img.shields.io/github/release/thephpleague/oauth2-github.svg?style=flat-square)](https://github.com/thephpleague/oauth2-github/releases)
[![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](LICENSE.md)
[![Build Status](https://img.shields.io/travis/thephpleague/oauth2-github/master.svg?style=flat-square)](https://travis-ci.org/thephpleague/oauth2-github)
[![Coverage Status](https://img.shields.io/scrutinizer/coverage/g/thephpleague/oauth2-github.svg?style=flat-square)](https://scrutinizer-ci.com/g/thephpleague/oauth2-github/code-structure)
[![Quality Score](https://img.shields.io/scrutinizer/g/thephpleague/oauth2-github.svg?style=flat-square)](https://scrutinizer-ci.com/g/thephpleague/oauth2-github)
[![Total Downloads](https://img.shields.io/packagist/dt/league/oauth2-github.svg?style=flat-square)](https://packagist.org/packages/league/oauth2-github)
This package provides Github OAuth 2.0 support for the PHP League's [OAuth 2.0 Client](https://github.com/thephpleague/oauth2-client).
## Installation
To install, use composer:
```
composer require league/oauth2-github
```
## Usage
Usage is the same as The League's OAuth client, using `\League\OAuth2\Client\Provider\Github` as the provider.
### Authorization Code Flow
```php
$provider = new League\OAuth2\Client\Provider\Github([
'clientId' => '{github-client-id}',
'clientSecret' => '{github-client-secret}',
'redirectUri' => 'https://example.com/callback-url',
]);
if (!isset($_GET['code'])) {
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->getState();
header('Location: '.$authUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
exit('Invalid state');
} else {
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken('authorization_code', [
'code' => $_GET['code']
]);
// Optional: Now you have a token you can look up a users profile data
try {
// We got an access token, let's now get the user's details
$user = $provider->getResourceOwner($token);
// Use these details to create a new profile
printf('Hello %s!', $user->getNickname());
} catch (Exception $e) {
// Failed to get user details
exit('Oh dear...');
}
// Use this to interact with an API on the users behalf
echo $token->getToken();
}
```
### Managing Scopes
When creating your Github authorization URL, you can specify the state and scopes your application may authorize.
```php
$options = [
'state' => 'OPTIONAL_CUSTOM_CONFIGURED_STATE',
'scope' => ['user','user:email','repo'] // array or string
];
$authorizationUrl = $provider->getAuthorizationUrl($options);
```
If neither are defined, the provider will utilize internal defaults.
At the time of authoring this documentation, the [following scopes are available](https://developer.github.com/v3/oauth/#scopes).
- user
- user:email
- user:follow
- public_repo
- repo
- repo_deployment
- repo:status
- delete_repo
- notifications
- gist
- read:repo_hook
- write:repo_hook
- admin:repo_hook
- admin:org_hook
- read:org
- write:org
- admin:org
- read:public_key
- write:public_key
- admin:public_key
## Testing
``` bash
$ ./vendor/bin/phpunit
```
## Contributing
Please see [CONTRIBUTING](https://github.com/thephpleague/oauth2-github/blob/master/CONTRIBUTING.md) for details.
## Credits
- [Steven Maguire](https://github.com/stevenmaguire)
- [All Contributors](https://github.com/thephpleague/oauth2-github/contributors)
## License
The MIT License (MIT). Please see [License File](https://github.com/thephpleague/oauth2-github/blob/master/LICENSE) for more information.

43
modules/pshowsso/vendor/league/oauth2-github/composer.json vendored Normal file
View File

@@ -0,0 +1,43 @@
{
"name": "league\/oauth2-github",
"description": "Github OAuth 2.0 Client Provider for The PHP League OAuth2-Client",
"license": "MIT",
"authors": [
{
"name": "Steven Maguire",
"email": "stevenmaguire@gmail.com",
"homepage": "https:\/\/github.com\/stevenmaguire"
}
],
"keywords": [
"oauth",
"oauth2",
"client",
"authorization",
"authorisation",
"github"
],
"require": {
"league\/oauth2-client": "^2.0"
},
"require-dev": {
"phpunit\/phpunit": "~4.0",
"mockery\/mockery": "~0.9",
"squizlabs\/php_codesniffer": "~2.0"
},
"autoload": {
"psr-4": {
"Pshowsso\\Scope68f5e85e9608b\\League\\OAuth2\\Client\\": "src\/"
}
},
"autoload-dev": {
"psr-4": {
"Pshowsso\\Scope68f5e85e9608b\\League\\OAuth2\\Client\\Test\\": "test\/src\/"
}
},
"extra": {
"branch-alias": {
"dev-master": "1.0.x-dev"
}
}
}

37
modules/pshowsso/vendor/league/oauth2-github/phpunit.xml vendored Normal file
View File

@@ -0,0 +1,37 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit backupGlobals="false"
backupStaticAttributes="false"
bootstrap="vendor/autoload.php"
colors="true"
convertErrorsToExceptions="true"
convertNoticesToExceptions="true"
convertWarningsToExceptions="true"
processIsolation="false"
stopOnFailure="false"
syntaxCheck="false"
>
<logging>
<log type="coverage-html"
target="./build/coverage/html"
charset="UTF-8"
highlight="false"
lowUpperBound="35"
highLowerBound="70"/>
<log type="coverage-clover"
target="./build/coverage/log/coverage.xml"/>
</logging>
<testsuites>
<testsuite name="Package Test Suite">
<directory suffix=".php">./test/</directory>
</testsuite>
</testsuites>
<filter>
<whitelist>
<directory suffix=".php">./</directory>
<exclude>
<directory suffix=".php">./vendor</directory>
<directory suffix=".php">./test</directory>
</exclude>
</whitelist>
</filter>
</phpunit>

44
modules/pshowsso/vendor/league/oauth2-github/src/Provider/Exception/GithubIdentityProviderException.php vendored Normal file
View File

@@ -0,0 +1,44 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\Exception;
use Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface;
class GithubIdentityProviderException extends IdentityProviderException
{
/**
* Creates client exception from response.
*
* @param ResponseInterface $response
* @param string $data Parsed response data
*
* @return IdentityProviderException
*/
public static function clientException(ResponseInterface $response, $data)
{
return static::fromResponse($response, isset($data['message']) ? $data['message'] : $response->getReasonPhrase());
}
/**
* Creates oauth exception from response.
*
* @param ResponseInterface $response
* @param string $data Parsed response data
*
* @return IdentityProviderException
*/
public static function oauthException(ResponseInterface $response, $data)
{
return static::fromResponse($response, isset($data['error']) ? $data['error'] : $response->getReasonPhrase());
}
/**
* Creates identity exception from response.
*
* @param ResponseInterface $response
* @param string $message
*
* @return IdentityProviderException
*/
protected static function fromResponse(ResponseInterface $response, $message = null)
{
return new static($message, $response->getStatusCode(), (string) $response->getBody());
}
}

100
modules/pshowsso/vendor/league/oauth2-github/src/Provider/Github.php vendored Normal file
View File

@@ -0,0 +1,100 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\Exception\GithubIdentityProviderException;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token\AccessToken;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool\BearerAuthorizationTrait;
use Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface;
class Github extends AbstractProvider
{
use BearerAuthorizationTrait;
/**
* Domain
*
* @var string
*/
public $domain = 'https://github.com';
/**
* Api domain
*
* @var string
*/
public $apiDomain = 'https://api.github.com';
/**
* Get authorization url to begin OAuth flow
*
* @return string
*/
public function getBaseAuthorizationUrl()
{
return $this->domain . '/login/oauth/authorize';
}
/**
* Get access token url to retrieve token
*
* @param array $params
*
* @return string
*/
public function getBaseAccessTokenUrl(array $params)
{
return $this->domain . '/login/oauth/access_token';
}
/**
* Get provider url to fetch user details
*
* @param AccessToken $token
*
* @return string
*/
public function getResourceOwnerDetailsUrl(AccessToken $token)
{
if ($this->domain === 'https://github.com') {
return $this->apiDomain . '/user';
}
return $this->domain . '/api/v3/user';
}
/**
* Get the default scopes used by this provider.
*
* This should not be a complete list of all scopes, but the minimum
* required for the provider user interface!
*
* @return array
*/
protected function getDefaultScopes()
{
return [];
}
/**
* Check a provider response for errors.
*
* @link https://developer.github.com/v3/#client-errors
* @link https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request
* @throws IdentityProviderException
* @param ResponseInterface $response
* @param string $data Parsed response data
* @return void
*/
protected function checkResponse(ResponseInterface $response, $data)
{
if ($response->getStatusCode() >= 400) {
throw GithubIdentityProviderException::clientException($response, $data);
} elseif (isset($data['error'])) {
throw GithubIdentityProviderException::oauthException($response, $data);
}
}
/**
* Generate a user object from a successful user details request.
*
* @param array $response
* @param AccessToken $token
* @return League\OAuth2\Client\Provider\ResourceOwnerInterface
*/
protected function createResourceOwner(array $response, AccessToken $token)
{
$user = new GithubResourceOwner($response);
return $user->setDomain($this->domain);
}
}

97
modules/pshowsso/vendor/league/oauth2-github/src/Provider/GithubResourceOwner.php vendored Normal file
View File

@@ -0,0 +1,97 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool\ArrayAccessorTrait;
class GithubResourceOwner implements ResourceOwnerInterface
{
use ArrayAccessorTrait;
/**
* Domain
*
* @var string
*/
protected $domain;
/**
* Raw response
*
* @var array
*/
protected $response;
/**
* Creates new resource owner.
*
* @param array $response
*/
public function __construct(array $response = array())
{
$this->response = $response;
}
/**
* Get resource owner id
*
* @return string|null
*/
public function getId()
{
return $this->getValueByKey($this->response, 'id');
}
/**
* Get resource owner email
*
* @return string|null
*/
public function getEmail()
{
return $this->getValueByKey($this->response, 'email');
}
/**
* Get resource owner name
*
* @return string|null
*/
public function getName()
{
return $this->getValueByKey($this->response, 'name');
}
/**
* Get resource owner nickname
*
* @return string|null
*/
public function getNickname()
{
return $this->getValueByKey($this->response, 'login');
}
/**
* Get resource owner url
*
* @return string|null
*/
public function getUrl()
{
$urlParts = array_filter([$this->domain, $this->getNickname()]);
return count($urlParts) ? implode('/', $urlParts) : null;
}
/**
* Set resource owner domain
*
* @param string $domain
*
* @return ResourceOwner
*/
public function setDomain($domain)
{
$this->domain = $domain;
return $this;
}
/**
* Return all of the owner details available as an array.
*
* @return array
*/
public function toArray()
{
return $this->response;
}
}

29
modules/pshowsso/vendor/league/oauth2-github/test/src/Provider/GithubResourceOwnerTest.php vendored Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Test\Provider;
use Mockery as m;
class GithubResourceOwnerTest extends \PHPUnit_Framework_TestCase
{
public function testUrlIsNullWithoutDomainOrNickname()
{
$user = new \Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\GithubResourceOwner();
$url = $user->getUrl();
$this->assertNull($url);
}
public function testUrlIsDomainWithoutNickname()
{
$domain = uniqid();
$user = new \Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\GithubResourceOwner();
$user->setDomain($domain);
$url = $user->getUrl();
$this->assertEquals($domain, $url);
}
public function testUrlIsNicknameWithoutDomain()
{
$nickname = uniqid();
$user = new \Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\GithubResourceOwner(['login' => $nickname]);
$url = $user->getUrl();
$this->assertEquals($nickname, $url);
}
}

172
modules/pshowsso/vendor/league/oauth2-github/test/src/Provider/GithubTest.php vendored Normal file
View File

@@ -0,0 +1,172 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Test\Provider;
use Mockery as m;
class GithubTest extends \PHPUnit_Framework_TestCase
{
protected $provider;
protected function setUp()
{
$this->provider = new \Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\Github(['clientId' => 'mock_client_id', 'clientSecret' => 'mock_secret', 'redirectUri' => 'none']);
}
public function tearDown()
{
m::close();
parent::tearDown();
}
public function testAuthorizationUrl()
{
$url = $this->provider->getAuthorizationUrl();
$uri = parse_url($url);
parse_str($uri['query'], $query);
$this->assertArrayHasKey('client_id', $query);
$this->assertArrayHasKey('redirect_uri', $query);
$this->assertArrayHasKey('state', $query);
$this->assertArrayHasKey('scope', $query);
$this->assertArrayHasKey('response_type', $query);
$this->assertArrayHasKey('approval_prompt', $query);
$this->assertNotNull($this->provider->getState());
}
public function testScopes()
{
$options = ['scope' => [uniqid(), uniqid()]];
$url = $this->provider->getAuthorizationUrl($options);
$this->assertContains(urlencode(implode(',', $options['scope'])), $url);
}
public function testGetAuthorizationUrl()
{
$url = $this->provider->getAuthorizationUrl();
$uri = parse_url($url);
$this->assertEquals('/login/oauth/authorize', $uri['path']);
}
public function testGetBaseAccessTokenUrl()
{
$params = [];
$url = $this->provider->getBaseAccessTokenUrl($params);
$uri = parse_url($url);
$this->assertEquals('/login/oauth/access_token', $uri['path']);
}
public function testGetAccessToken()
{
$response = m::mock('Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface');
$response->shouldReceive('getBody')->andReturn('{"access_token":"mock_access_token", "scope":"repo,gist", "token_type":"bearer"}');
$response->shouldReceive('getHeader')->andReturn(['content-type' => 'json']);
$response->shouldReceive('getStatusCode')->andReturn(200);
$client = m::mock('Pshowsso\Scope68f5e85e9608b\GuzzleHttp\ClientInterface');
$client->shouldReceive('send')->times(1)->andReturn($response);
$this->provider->setHttpClient($client);
$token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']);
$this->assertEquals('mock_access_token', $token->getToken());
$this->assertNull($token->getExpires());
$this->assertNull($token->getRefreshToken());
$this->assertNull($token->getResourceOwnerId());
}
public function testGithubEnterpriseDomainUrls()
{
$this->provider->domain = 'https://github.company.com';
$response = m::mock('Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface');
$response->shouldReceive('getBody')->times(1)->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}');
$response->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
$response->shouldReceive('getStatusCode')->andReturn(200);
$client = m::mock('Pshowsso\Scope68f5e85e9608b\GuzzleHttp\ClientInterface');
$client->shouldReceive('send')->times(1)->andReturn($response);
$this->provider->setHttpClient($client);
$token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']);
$this->assertEquals($this->provider->domain . '/login/oauth/authorize', $this->provider->getBaseAuthorizationUrl());
$this->assertEquals($this->provider->domain . '/login/oauth/access_token', $this->provider->getBaseAccessTokenUrl([]));
$this->assertEquals($this->provider->domain . '/api/v3/user', $this->provider->getResourceOwnerDetailsUrl($token));
//$this->assertEquals($this->provider->domain.'/api/v3/user/emails', $this->provider->urlUserEmails($token));
}
public function testUserData()
{
$userId = rand(1000, 9999);
$name = uniqid();
$nickname = uniqid();
$email = uniqid();
$postResponse = m::mock('Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface');
$postResponse->shouldReceive('getBody')->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}');
$postResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
$postResponse->shouldReceive('getStatusCode')->andReturn(200);
$userResponse = m::mock('Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface');
$userResponse->shouldReceive('getBody')->andReturn('{"id": ' . $userId . ', "login": "' . $nickname . '", "name": "' . $name . '", "email": "' . $email . '"}');
$userResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'json']);
$userResponse->shouldReceive('getStatusCode')->andReturn(200);
$client = m::mock('Pshowsso\Scope68f5e85e9608b\GuzzleHttp\ClientInterface');
$client->shouldReceive('send')->times(2)->andReturn($postResponse, $userResponse);
$this->provider->setHttpClient($client);
$token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']);
$user = $this->provider->getResourceOwner($token);
$this->assertEquals($userId, $user->getId());
$this->assertEquals($userId, $user->toArray()['id']);
$this->assertEquals($name, $user->getName());
$this->assertEquals($name, $user->toArray()['name']);
$this->assertEquals($nickname, $user->getNickname());
$this->assertEquals($nickname, $user->toArray()['login']);
$this->assertEquals($email, $user->getEmail());
$this->assertEquals($email, $user->toArray()['email']);
$this->assertContains($nickname, $user->getUrl());
}
public function testUserEmails()
{
/*
$userId = rand(1000,9999);
$name = uniqid();
$nickname = uniqid();
$email = uniqid();
$postResponse = m::mock('Psr\Http\Message\ResponseInterface');
$postResponse->shouldReceive('getBody')->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}');
$postResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
$userResponse = m::mock('Psr\Http\Message\ResponseInterface');
$userResponse->shouldReceive('getBody')->andReturn('[{"email":"mock_email_1","primary":false,"verified":true},{"email":"mock_email_2","primary":false,"verified":true},{"email":"mock_email_3","primary":true,"verified":true}]');
$userResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'json']);
$client = m::mock('GuzzleHttp\ClientInterface');
$client->shouldReceive('send')
->times(2)
->andReturn($postResponse, $userResponse);
$this->provider->setHttpClient($client);
$token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']);
$emails = $this->provider->getUserEmails($token);
$this->assertEquals($userId, $user->getUserId());
$this->assertEquals($name, $user->getName());
$this->assertEquals($nickname, $user->getNickname());
$this->assertEquals($email, $user->getEmail());
$this->assertContains($nickname, $user->getUrl());
*/
}
/**
* @expectedException League\OAuth2\Client\Provider\Exception\IdentityProviderException
**/
public function testExceptionThrownWhenErrorObjectReceived()
{
$status = rand(400, 600);
$postResponse = m::mock('Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface');
$postResponse->shouldReceive('getBody')->andReturn('{"message": "Validation Failed","errors": [{"resource": "Issue","field": "title","code": "missing_field"}]}');
$postResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'json']);
$postResponse->shouldReceive('getStatusCode')->andReturn($status);
$client = m::mock('Pshowsso\Scope68f5e85e9608b\GuzzleHttp\ClientInterface');
$client->shouldReceive('send')->times(1)->andReturn($postResponse);
$this->provider->setHttpClient($client);
$token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']);
}
/**
* @expectedException League\OAuth2\Client\Provider\Exception\IdentityProviderException
**/
public function testExceptionThrownWhenOAuthErrorReceived()
{
$status = 200;
$postResponse = m::mock('Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface');
$postResponse->shouldReceive('getBody')->andReturn('{"error": "bad_verification_code","error_description": "The code passed is incorrect or expired.","error_uri": "https://developer.github.com/v3/oauth/#bad-verification-code"}');
$postResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'json']);
$postResponse->shouldReceive('getStatusCode')->andReturn($status);
$client = m::mock('Pshowsso\Scope68f5e85e9608b\GuzzleHttp\ClientInterface');
$client->shouldReceive('send')->times(1)->andReturn($postResponse);
$this->provider->setHttpClient($client);
$token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']);
}
}

85
modules/pshowsso/vendor/league/oauth2-google/CHANGELOG.md vendored Normal file
View File

@@ -0,0 +1,85 @@
OAuth 2.0 Google Provider Changelog
## 4.0.1 - 2022-03-17
### Changed
- Corrected file excludes for dist archive, #120 by @cedric-anne
## 4.0.0 - 2022-03-04
### Changed
- Adding return type, #98 by @yozhef
- Add PHP 8.0 support, require PHP 7.3 or newer, #102 by @yozhef
## 3.0.4 - 2021-01-27
### Fixed
- Correct OAuth endpoint, #94 by @Slamdunk
## 3.0.3 - 2020-07-24
### Fixed
- Remove the `approval_prompt` from default parameters, #90
## 3.0.2 - 2019-11-16
### Fixed
- Allow for `family_name` to be undefined in user information, #79 by @majkel89
## 3.0.1 - 2018-12-28
### Fixed
- Correct conflict handling for prompt option, #69 by @mxdpeep
## 3.0.0 - 2018-12-23
### Changed
- Update to latest version of Google OAuth
- Use only OpenID Connect for user details
### Fixed
- Correct handling of selecting from multiple user accounts, #45
- Prevent conflict when using prompt option, #42
### Added
- Add "locale" to user details, #60
- Support additional scopes at construction
### Removed
- Dropped support for Google+ user details, #34 and #63
## 2.2.0 - 2018-03-19
### Added
- Hosted domain validation, #54 by @pradtke
## 2.1.0 - 2018-03-09
### Added
- OpenID Connect support, #48 by @pradtke
## 2.0.0 - 2017-01-24
### Added
- PHP 7.1 support
### Removed
- Dropped PHP 5.5 support
## 1.0.0 - 2015-08-12
- Initial release

42
modules/pshowsso/vendor/league/oauth2-google/CONTRIBUTING.md vendored Normal file
View File

@@ -0,0 +1,42 @@
# Contributing
Contributions are **welcome** and will be fully **credited**.
We accept contributions via Pull Requests on [Github](https://github.com/thephpleague/oauth2-google).
## Pull Requests
- **[PSR-2 Coding Standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md)** - The easiest way to apply the conventions is to install [PHP Code Sniffer](http://pear.php.net/package/PHP_CodeSniffer).
- **Add tests!** - Your patch won't be accepted if it doesn't have tests.
- **Document any change in behaviour** - Make sure the README and any other relevant documentation are kept up-to-date.
- **Consider our release cycle** - We try to follow SemVer. Randomly breaking public APIs is not an option.
- **Create topic branches** - Don't ask us to pull from your master branch.
- **One pull request per feature** - If you want to do more than one thing, send multiple pull requests.
- **Send coherent history** - Make sure each individual commit in your pull request is meaningful. If you had to make multiple intermediate commits while developing, please squash them before submitting.
- **Ensure tests pass!** - Please run the tests (see below) before submitting your pull request, and make sure they pass. We won't accept a patch until all tests pass.
- **Ensure no coding standards violations** - Please run PHP Code Sniffer using the PSR-2 standard (see below) before submitting your pull request. A violation will cause the build to fail, so please make sure there are no violations. We can't accept a patch if the build fails.
## Running Tests
```sh
composer test
```
## Running PHP Code Sniffer
```sh
composer check
```
**Happy coding**!

21
modules/pshowsso/vendor/league/oauth2-google/LICENSE vendored Normal file
View File

@@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2015 Woody Gilk <woody.gilk@gmail.com>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

239
modules/pshowsso/vendor/league/oauth2-google/README.md vendored Normal file
View File

@@ -0,0 +1,239 @@
# Google Provider for OAuth 2.0 Client
[![Build Status](https://img.shields.io/github/workflow/status/thephpleague/oauth2-google/test/main)](https://github.com/thephpleague/oauth2-google/actions/workflows/test.yaml)
[![Code Coverage](https://img.shields.io/codecov/c/gh/thephpleague/oauth2-google)](https://app.codecov.io/gh/thephpleague/oauth2-google)
[![License](https://img.shields.io/packagist/l/league/oauth2-google)](https://github.com/thephpleague/oauth2-google/blob/main/LICENSE)
[![Latest Stable Version](https://img.shields.io/packagist/v/league/oauth2-google)](https://packagist.org/packages/league/oauth2-google)
This package provides Google OAuth 2.0 support for the PHP League's [OAuth 2.0 Client](https://github.com/thephpleague/oauth2-client).
This package is compliant with [PSR-1][], [PSR-2][] and [PSR-4][]. If you notice compliance oversights, please send
a patch via pull request.
[PSR-1]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-1-basic-coding-standard.md
[PSR-2]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md
[PSR-4]: https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-4-autoloader.md
## Requirements
The following versions of PHP are supported.
* PHP 7.3
* PHP 7.4
* PHP 8.0
* PHP 8.1
This package uses [OpenID Connect][openid-connect] to authenticate users with
Google accounts.
To use this package, it will be necessary to have a Google client ID and client
secret. These are referred to as `{google-client-id}` and `{google-client-secret}`
in the documentation.
Please follow the [Google instructions][oauth-setup] to create the required credentials.
[openid-connect]: https://developers.google.com/identity/protocols/OpenIDConnect
[oauth-setup]: https://developers.google.com/identity/protocols/OpenIDConnect#registeringyourapp
## Installation
To install, use composer:
```sh
composer require league/oauth2-google
```
## Usage
### Authorization Code Flow
```php
require __DIR__ . '/vendor/autoload.php';
use League\OAuth2\Client\Provider\Google;
session_start(); // Remove if session.auto_start=1 in php.ini
$provider = new Google([
'clientId' => '{google-client-id}',
'clientSecret' => '{google-client-secret}',
'redirectUri' => 'https://example.com/callback-url',
'hostedDomain' => 'example.com', // optional; used to restrict access to users on your G Suite/Google Apps for Business accounts
]);
if (!empty($_GET['error'])) {
// Got an error, probably user denied access
exit('Got error: ' . htmlspecialchars($_GET['error'], ENT_QUOTES, 'UTF-8'));
} elseif (empty($_GET['code'])) {
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->getState();
header('Location: ' . $authUrl);
exit;
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
// State is invalid, possible CSRF attack in progress
unset($_SESSION['oauth2state']);
exit('Invalid state');
} else {
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken('authorization_code', [
'code' => $_GET['code']
]);
// Optional: Now you have a token you can look up a users profile data
try {
// We got an access token, let's now get the owner details
$ownerDetails = $provider->getResourceOwner($token);
// Use these details to create a new profile
printf('Hello %s!', $ownerDetails->getFirstName());
} catch (Exception $e) {
// Failed to get user details
exit('Something went wrong: ' . $e->getMessage());
}
// Use this to interact with an API on the users behalf
echo $token->getToken();
// Use this to get a new access token if the old one expires
echo $token->getRefreshToken();
// Unix timestamp at which the access token expires
echo $token->getExpires();
}
```
#### Available Options
The `Google` provider has the following [options][auth-params]:
- `accessType` to use online or offline access
- `hostedDomain` to authenticate G Suite users
- `prompt` to modify the prompt that the user will see
- `scopes` to request access to additional user information
[auth-params]: https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
#### Accessing Token JWT
Google provides a [JSON Web Token][jwt] (JWT) with all access tokens. This token
[contains basic information][openid-jwt] about the authenticated user. The JWT
can be accessed from the `id_token` value of the access token:
```php
/** @var League\OAuth2\Client\Token\AccessToken $token */
$values = $token->getValues();
/** @var string */
$jwt = $values['id_token'];
```
Parsing the JWT will require a [JWT parser][jwt-parsers]. Refer to parser
documentation for instructions.
[jwt]: https://jwt.io/
[openid-jwt]: https://developers.google.com/identity/protocols/OpenIDConnect#obtainuserinfo
[jwt-parsers]: https://packagist.org/search/?q=jwt
### Refreshing a Token
Refresh tokens are only provided to applications which request offline access. You can specify offline access by setting the `accessType` option in your provider:
```php
use League\OAuth2\Client\Provider\Google;
$provider = new Google([
'clientId' => '{google-client-id}',
'clientSecret' => '{google-client-secret}',
'redirectUri' => 'https://example.com/callback-url',
'accessType' => 'offline',
]);
```
It is important to note that the refresh token is only returned on the first request after this it will be `null`. You should securely store the refresh token when it is returned:
```php
$token = $provider->getAccessToken('authorization_code', [
'code' => $code
]);
// persist the token in a database
$refreshToken = $token->getRefreshToken();
```
If you ever need to get a new refresh token you can request one by forcing the consent prompt:
```php
$authUrl = $provider->getAuthorizationUrl(['prompt' => 'consent', 'access_type' => 'offline']);
```
Now you have everything you need to refresh an access token using a refresh token:
```php
use League\OAuth2\Client\Provider\Google;
use League\OAuth2\Client\Grant\RefreshToken;
$provider = new Google([
'clientId' => '{google-client-id}',
'clientSecret' => '{google-client-secret}',
'redirectUri' => 'https://example.com/callback-url',
]);
$grant = new RefreshToken();
$token = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);
```
## Scopes
Additional [scopes][scopes] can be set by using the `scope` parameter when
generating the authorization URL:
```php
$authorizationUrl = $provider->getAuthorizationUrl([
'scope' => [
'scope-url-here'
],
]);
```
[scopes]: https://developers.google.com/identity/protocols/googlescopes
## Testing
Tests can be run with:
```sh
composer test
```
Style checks can be run with:
```sh
composer check
```
## Contributing
Please see [CONTRIBUTING](https://github.com/thephpleague/oauth2-google/blob/main/CONTRIBUTING.md) for details.
## Credits
- [Woody Gilk](https://github.com/shadowhand)
- [All Contributors](https://github.com/thephpleague/oauth2-google/contributors)
## License
The MIT License (MIT). Please see [License File](https://github.com/thephpleague/oauth2-google/blob/main/LICENSE) for more information.

43
modules/pshowsso/vendor/league/oauth2-google/composer.json vendored Normal file
View File

@@ -0,0 +1,43 @@
{
"name": "league\/oauth2-google",
"description": "Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client",
"license": "MIT",
"authors": [
{
"name": "Woody Gilk",
"email": "hello@shadowhand.com",
"homepage": "https:\/\/shadowhand.com"
}
],
"keywords": [
"oauth",
"oauth2",
"client",
"authorization",
"authentication",
"google"
],
"minimum-stability": "stable",
"require": {
"php": "^7.3 || ^8.0",
"league\/oauth2-client": "^2.0"
},
"require-dev": {
"eloquent\/phony-phpunit": "^6.0 || ^7.1",
"phpunit\/phpunit": "^8.0 || ^9.0",
"squizlabs\/php_codesniffer": "^3.0"
},
"autoload": {
"psr-4": {
"Pshowsso\\Scope68f5e85e9608b\\League\\OAuth2\\Client\\": "src\/"
}
},
"autoload-dev": {
"psr-4": {
"Pshowsso\\Scope68f5e85e9608b\\League\\OAuth2\\Client\\Test\\": "test\/src\/"
}
},
"scripts": {
"check": "phpcs src test --standard=PSR12 -sp"
}
}

19
modules/pshowsso/vendor/league/oauth2-google/src/Exception/HostedDomainException.php vendored Normal file
View File

@@ -0,0 +1,19 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Exception;
/**
* Exception thrown if the Google Provider is configured with a hosted domain that the user doesn't belong to
*/
class HostedDomainException extends \Exception
{
/**
* @param $configuredDomain
*
* @return static
*/
public static function notMatchingDomain($configuredDomain): self
{
return new static("User is not part of domain '{$configuredDomain}'");
}
}

120
modules/pshowsso/vendor/league/oauth2-google/src/Provider/Google.php vendored Normal file
View File

@@ -0,0 +1,120 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Exception\HostedDomainException;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Token\AccessToken;
use Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Tool\BearerAuthorizationTrait;
use Pshowsso\Scope68f5e85e9608b\Psr\Http\Message\ResponseInterface;
class Google extends AbstractProvider
{
use BearerAuthorizationTrait;
/**
* @var string If set, this will be sent to google as the "access_type" parameter.
* @link https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
*/
protected $accessType;
/**
* @var string If set, this will be sent to google as the "hd" parameter.
* @link https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
*/
protected $hostedDomain;
/**
* @var string If set, this will be sent to google as the "prompt" parameter.
* @link https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
*/
protected $prompt;
/**
* @var array List of scopes that will be used for authentication.
* @link https://developers.google.com/identity/protocols/googlescopes
*/
protected $scopes = [];
public function getBaseAuthorizationUrl(): string
{
return 'https://accounts.google.com/o/oauth2/v2/auth';
}
public function getBaseAccessTokenUrl(array $params): string
{
return 'https://oauth2.googleapis.com/token';
}
public function getResourceOwnerDetailsUrl(AccessToken $token): string
{
return 'https://openidconnect.googleapis.com/v1/userinfo';
}
protected function getAuthorizationParameters(array $options): array
{
if (empty($options['hd']) && $this->hostedDomain) {
$options['hd'] = $this->hostedDomain;
}
if (empty($options['access_type']) && $this->accessType) {
$options['access_type'] = $this->accessType;
}
if (empty($options['prompt']) && $this->prompt) {
$options['prompt'] = $this->prompt;
}
// Default scopes MUST be included for OpenID Connect.
// Additional scopes MAY be added by constructor or option.
$scopes = array_merge($this->getDefaultScopes(), $this->scopes);
if (!empty($options['scope'])) {
$scopes = array_merge($scopes, $options['scope']);
}
$options['scope'] = array_unique($scopes);
$options = parent::getAuthorizationParameters($options);
// The "approval_prompt" MUST be removed as it is not supported by Google, use "prompt" instead:
// https://developers.google.com/identity/protocols/oauth2/openid-connect#prompt
unset($options['approval_prompt']);
return $options;
}
protected function getDefaultScopes(): array
{
// "openid" MUST be the first scope in the list.
return ['openid', 'email', 'profile'];
}
protected function getScopeSeparator(): string
{
return ' ';
}
protected function checkResponse(ResponseInterface $response, $data): void
{
// @codeCoverageIgnoreStart
if (empty($data['error'])) {
return;
}
// @codeCoverageIgnoreEnd
$code = 0;
$error = $data['error'];
if (is_array($error)) {
$code = $error['code'];
$error = $error['message'];
}
throw new IdentityProviderException($error, $code, $data);
}
protected function createResourceOwner(array $response, AccessToken $token): GoogleUser
{
$user = new GoogleUser($response);
$this->assertMatchingDomain($user->getHostedDomain());
return $user;
}
/**
* @param string|null $hostedDomain
*
* @throws HostedDomainException If the domain does not match the configured domain.
*/
protected function assertMatchingDomain(?string $hostedDomain): void
{
if ($this->hostedDomain === null) {
// No hosted domain configured.
return;
}
if ($this->hostedDomain === '*' && $hostedDomain) {
// Any hosted domain is allowed.
return;
}
if ($this->hostedDomain === $hostedDomain) {
// Hosted domain is correct.
return;
}
throw HostedDomainException::notMatchingDomain($this->hostedDomain);
}
}

98
modules/pshowsso/vendor/league/oauth2-google/src/Provider/GoogleUser.php vendored Normal file
View File

@@ -0,0 +1,98 @@
<?php
namespace Pshowsso\Scope68f5e85e9608b\League\OAuth2\Client\Provider;
class GoogleUser implements ResourceOwnerInterface
{
/**
* @var array
*/
protected $response;
/**
* @param array $response
*/
public function __construct(array $response)
{
$this->response = $response;
}
public function getId()
{
return $this->response['sub'];
}
/**
* Get preferred display name.
*
* @return string
*/
public function getName(): string
{
return $this->response['name'];
}
/**
* Get preferred first name.
*
* @return string|null
*/
public function getFirstName(): ?string
{
return $this->getResponseValue('given_name');
}
/**
* Get preferred last name.
*
* @return string|null
*/
public function getLastName(): ?string
{
return $this->getResponseValue('family_name');
}
/**
* Get locale.
*
* @return string|null
*/
public function getLocale(): ?string
{
return $this->getResponseValue('locale');
}
/**
* Get email address.
*
* @return string|null
*/
public function getEmail(): ?string
{
return $this->getResponseValue('email');
}
/**
* Get hosted domain.
*
* @return string|null
*/
public function getHostedDomain(): ?string
{
return $this->getResponseValue('hd');
}
/**
* Get avatar image URL.
*
* @return string|null
*/
public function getAvatar(): ?string
{
return $this->getResponseValue('picture');
}
/**
* Get user data as an array.
*
* @return array
*/
public function toArray(): array
{
return $this->response;
}
private function getResponseValue($key)
{
return $this->response[$key] ?? null;
}
}