openinfra/openstackid
Code Issues Proposed changes

Migration to PHP 7.x

Browse Source 
* updated dependencies
* updated LV version to 5.6

Depends-On: https://review.openstack.org/629495

Depends-On: https://review.openstack.org/629896

Change-Id: Iacf81dd65d71102ad0660c5c2bdd6633bf727ec0
This commit is contained in:
smarcet 2018-10-19 12:00:43 -07:00
parent 51702c2d7b
commit cb3fee441f
77 changed files with 931 additions and 407 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -33,3 +33,4 @@ public/assets/css/index.css
/public/assets/sweetalert2/ /public/assets/sweetalert2/
/public/assets/urijs /public/assets/urijs
/public/assets/uri.js /public/assets/uri.js
_intellij_phpdebug_validator.php

8
app/Http/Controllers/Api/ApiEndpointController.php
View File

@ -20,6 +20,7 @@ use OAuth2\Exceptions\InvalidApiEndpoint;
use OAuth2\Exceptions\InvalidApiScope; use OAuth2\Exceptions\InvalidApiScope;
use OAuth2\Repositories\IApiEndpointRepository; use OAuth2\Repositories\IApiEndpointRepository;
use OAuth2\Services\IApiEndpointService; use OAuth2\Services\IApiEndpointService;
use Utils\Exceptions\EntityNotFoundException;
use Utils\Services\ILogService; use Utils\Services\ILogService;
/** /**
@ -65,7 +66,12 @@ class ApiEndpointController extends AbstractRESTController implements ICRUDContr
$data = $api_endpoint->toArray(); $data = $api_endpoint->toArray();
$data['scopes'] = $scopes->toArray(); $data['scopes'] = $scopes->toArray();
return $this->ok($data); return $this->ok($data);
} catch (Exception $ex) { }
catch (EntityNotFoundException $ex1) {
$this->log_service->warning($ex1);
return $this->error404($ex1);
}
catch (Exception $ex) {
$this->log_service->error($ex); $this->log_service->error($ex);
return $this->error500($ex); return $this->error500($ex);
} }

4
app/Http/Controllers/Controller.php
View File

@ -15,13 +15,11 @@ use Illuminate\Foundation\Bus\DispatchesJobs;
use Illuminate\Routing\Controller as BaseController; use Illuminate\Routing\Controller as BaseController;
use Illuminate\Foundation\Validation\ValidatesRequests; use Illuminate\Foundation\Validation\ValidatesRequests;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests; use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
use Illuminate\Foundation\Auth\Access\AuthorizesResources;
/** /**
* Class Controller * Class Controller
* @package App\Http\Controllers * @package App\Http\Controllers
*/ */
class Controller extends BaseController class Controller extends BaseController
{ {
use AuthorizesRequests, AuthorizesResources, DispatchesJobs, ValidatesRequests; use AuthorizesRequests, DispatchesJobs, ValidatesRequests;
} }

42
app/Http/Controllers/UserController.php
View File

@ -111,6 +111,11 @@ final class UserController extends OpenIdController
*/ */
private $utils_configuration_service; private $utils_configuration_service;
/**
* @var ISecurityContextService
*/
private $security_context_service;
/** /**
* UserController constructor. * UserController constructor.
* @param IMementoOpenIdSerializerService $openid_memento_service * @param IMementoOpenIdSerializerService $openid_memento_service
@ -160,23 +165,25 @@ final class UserController extends OpenIdController
$this->token_service = $token_service; $this->token_service = $token_service;
$this->resource_server_service = $resource_server_service; $this->resource_server_service = $resource_server_service;
$this->utils_configuration_service = $utils_configuration_service; $this->utils_configuration_service = $utils_configuration_service;
$this->security_context_service = $security_context_service;
$this->middleware(function ($request, $next) {
if ($this->openid_memento_service->exists()) if ($this->openid_memento_service->exists())
{ {
//openid stuff //openid stuff
$this->login_strategy = new OpenIdLoginStrategy $this->login_strategy = new OpenIdLoginStrategy
( (
$openid_memento_service, $this->openid_memento_service,
$user_action_service, $this->user_action_service,
$auth_service $this->auth_service
); );
$this->consent_strategy = new OpenIdConsentStrategy $this->consent_strategy = new OpenIdConsentStrategy
( (
$openid_memento_service, $this->openid_memento_service,
$auth_service, $this->auth_service,
$server_configuration_service, $this->server_configuration_service,
$user_action_service $this->user_action_service
); );
} }
@ -185,26 +192,29 @@ final class UserController extends OpenIdController
$this->login_strategy = new OAuth2LoginStrategy $this->login_strategy = new OAuth2LoginStrategy
( (
$auth_service, $this->auth_service,
$oauth2_memento_service, $this->oauth2_memento_service,
$user_action_service, $this->user_action_service,
$security_context_service $this->security_context_service
); );
$this->consent_strategy = new OAuth2ConsentStrategy $this->consent_strategy = new OAuth2ConsentStrategy
( (
$auth_service, $this->auth_service,
$oauth2_memento_service, $this->oauth2_memento_service,
$scope_repository, $this->scope_repository,
$client_repository $this->client_repository
); );
} }
else else
{ {
//default stuff //default stuff
$this->login_strategy = new DefaultLoginStrategy($user_action_service, $auth_service); $this->login_strategy = new DefaultLoginStrategy($this->user_action_service, $this->auth_service);
$this->consent_strategy = null; $this->consent_strategy = null;
} }
return $next($request);
});
} }
public function getLogin() public function getLogin()

6
app/Http/Middleware/CORSMiddleware.php
View File

@ -1,5 +1,4 @@
<?php namespace App\Http\Middleware; <?php namespace App\Http\Middleware;
/** /**
* Copyright 2015 OpenStack Foundation * Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -21,8 +20,7 @@ use Symfony\Component\HttpFoundation\Response;
use Illuminate\Support\Facades\Cache; use Illuminate\Support\Facades\Cache;
use Carbon\Carbon; use Carbon\Carbon;
use Illuminate\Support\Facades\Config; use Illuminate\Support\Facades\Config;
use Illuminate\Support\Facades\Route; use libs\utils\RequestUtils;
/** /**
* *
* @package App\Http\Middleware\ * @package App\Http\Middleware\
@ -141,7 +139,7 @@ final class CORSMiddleware
// correct route // correct route
$real_method = $request->headers->get('Access-Control-Request-Method'); $real_method = $request->headers->get('Access-Control-Request-Method');
$route_path = Route::getCurrentRoute()->getPath(); $route_path = RequestUtils::getCurrentRoutePath($request);
if (strpos($route_path, '/') != 0) if (strpos($route_path, '/') != 0)
$route_path = '/' . $route_path; $route_path = '/' . $route_path;

17
app/Http/Middleware/CheckForMaintenanceMode.php Normal file
View File

@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode as Middleware;
class CheckForMaintenanceMode extends Middleware
{
/**
* The URIs that should be reachable while maintenance mode is enabled.
*
* @var array
*/
protected $except = [
//
];
}

4
app/Http/Middleware/CurrentUserCanEditOAuth2Client.php
View File

@ -58,10 +58,10 @@ final class CurrentUserCanEditOAuth2Client
{ {
try{ try{
$route = Route::getCurrentRoute(); $route = Route::getCurrentRoute();
$client_id = $route->getParameter('id'); $client_id = $route->parameter('id');
if(is_null($client_id)) if(is_null($client_id))
$client_id = $route->getParameter('client_id'); $client_id = $route->parameter('client_id');
if(is_null($client_id)) if(is_null($client_id))
$client_id = Input::get('client_id',null);; $client_id = Input::get('client_id',null);;

4
app/Http/Middleware/CurrentUserCheckRouteParams.php
View File

@ -45,10 +45,10 @@ class CurrentUserCheckRouteParams
$used_id = Input::get('id',null); $used_id = Input::get('id',null);
if(is_null($used_id)) if(is_null($used_id))
$used_id = $route->getParameter('user_id'); $used_id = $route->parameter('user_id');
if(is_null($used_id)) if(is_null($used_id))
$used_id = $route->getParameter('id'); $used_id = $route->parameter('id');
$user = $authentication_service->getCurrentUser(); $user = $authentication_service->getCurrentUser();
if (is_null($used_id) || intval($used_id) !== intval($user->getId())) if (is_null($used_id) || intval($used_id) !== intval($user->getId()))

4
app/Http/Middleware/CurrentUserOwnsOAuth2Client.php
View File

@ -58,10 +58,10 @@ class CurrentUserOwnsOAuth2Client
{ {
try{ try{
$route = Route::getCurrentRoute(); $route = Route::getCurrentRoute();
$client_id = $route->getParameter('id'); $client_id = $route->parameter('id');
if(is_null($client_id)) if(is_null($client_id))
$client_id = $route->getParameter('client_id'); $client_id = $route->parameter('client_id');
if(is_null($client_id)) if(is_null($client_id))
$client_id = Input::get('client_id',null);; $client_id = Input::get('client_id',null);;

32
app/Http/Middleware/EncryptCookies.php
View File

@ -1,14 +1,25 @@
<?php namespace App\Http\Middleware; <?php namespace App\Http\Middleware;
/**
* Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Illuminate\Contracts\Encryption\DecryptException;
use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
use OAuth2\Services\IPrincipalService; use OAuth2\Services\IPrincipalService;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
use Illuminate\Cookie\Middleware\EncryptCookies as BaseEncrypter; /**
use Illuminate\Contracts\Encryption\DecryptException;
/***
* Class EncryptCookies * Class EncryptCookies
* @package App\Http\Middleware * @package App\Http\Middleware
*/ */
class EncryptCookies extends BaseEncrypter class EncryptCookies extends Middleware
{ {
/** /**
* The names of the cookies that should not be encrypted. * The names of the cookies that should not be encrypted.
@ -19,15 +30,21 @@ class EncryptCookies extends BaseEncrypter
IPrincipalService::OP_BROWSER_STATE_COOKIE_NAME IPrincipalService::OP_BROWSER_STATE_COOKIE_NAME
]; ];
/**
* Decrypt the cookies on the request.
*
* @param \Symfony\Component\HttpFoundation\Request $request
* @return \Symfony\Component\HttpFoundation\Request
*/
protected function decrypt(Request $request) protected function decrypt(Request $request)
{ {
foreach ($request->cookies as $key => $c) { foreach ($request->cookies as $key => $cookie) {
if ($this->isDisabled($key)) { if ($this->isDisabled($key)) {
continue; continue;
} }
try { try {
$request->cookies->set($key, $this->decryptCookie($c)); $request->cookies->set($key, $this->decryptCookie($key, $cookie));
} catch (DecryptException $e) { } catch (DecryptException $e) {
$request->cookies->set($key, null); $request->cookies->set($key, null);
} }
@ -38,4 +55,5 @@ class EncryptCookies extends BaseEncrypter
return $request; return $request;
} }
} }

5
app/Http/Middleware/OAuth2BearerAccessTokenRequestValidator.php
View File

@ -28,13 +28,12 @@ use OAuth2\Responses\OAuth2WWWAuthenticateErrorResponse;
use OAuth2\Services\ITokenService; use OAuth2\Services\ITokenService;
use OAuth2\IResourceServerContext; use OAuth2\IResourceServerContext;
use OAuth2\Repositories\IApiEndpointRepository; use OAuth2\Repositories\IApiEndpointRepository;
use OAuth2\Services\IClientService;
use URL\Normalizer; use URL\Normalizer;
use Illuminate\Support\Facades\Route; use Illuminate\Support\Facades\Route;
use Exception; use Exception;
use Utils\Services\ICheckPointService; use Utils\Services\ICheckPointService;
use Utils\Services\ILogService; use Utils\Services\ILogService;
use libs\utils\RequestUtils;
/** /**
* Class OAuth2BearerAccessTokenRequestValidator * Class OAuth2BearerAccessTokenRequestValidator
* this class implements the logic to Accessing to Protected Resources * this class implements the logic to Accessing to Protected Resources
@ -117,7 +116,7 @@ final class OAuth2BearerAccessTokenRequestValidator
$realm = $request->getHost(); $realm = $request->getHost();
try { try {
$route_path = Route::getCurrentRoute()->getPath(); $route_path = RequestUtils::getCurrentRoutePath($request);
if (strpos($route_path, '/') != 0) if (strpos($route_path, '/') != 0)
$route_path = '/' . $route_path; $route_path = '/' . $route_path;

4
app/Http/Middleware/RedirectIfAuthenticated.php
View File

@ -11,10 +11,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
use Closure; use Closure;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
/** /**
* Class RedirectIfAuthenticated * Class RedirectIfAuthenticated
* @package App\Http\Middleware * @package App\Http\Middleware
@ -32,7 +30,7 @@ class RedirectIfAuthenticated
public function handle($request, Closure $next, $guard = null) public function handle($request, Closure $next, $guard = null)
{ {
if (Auth::guard($guard)->check()) { if (Auth::guard($guard)->check()) {
return redirect('/'); return redirect('/home');
} }
return $next($request); return $next($request);

18
app/Http/Middleware/TrimStrings.php Normal file
View File

@ -0,0 +1,18 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
class TrimStrings extends Middleware
{
/**
* The names of the attributes that should not be trimmed.
*
* @var array
*/
protected $except = [
'password',
'password_confirmation',
];
}

23
app/Http/Middleware/TrustProxies.php Normal file
View File

@ -0,0 +1,23 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Http\Request;
use Fideloper\Proxy\TrustProxies as Middleware;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array
*/
protected $proxies;
/**
* The headers that should be used to detect proxies.
*
* @var int
*/
protected $headers = Request::HEADER_X_FORWARDED_ALL;
}

4
app/Http/Middleware/VerifyCsrfToken.php
View File

@ -2,9 +2,9 @@
namespace App\Http\Middleware; namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier; use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends BaseVerifier class VerifyCsrfToken extends Middleware
{ {
/** /**
* The URIs that should be excluded from CSRF verification. * The URIs that should be excluded from CSRF verification.

4
app/Models/OAuth2/ServerPrivateKey.php
View File

@ -16,7 +16,7 @@ use jwk\impl\RSAJWKFactory;
use jwk\impl\RSAJWKPEMPrivateKeySpecification; use jwk\impl\RSAJWKPEMPrivateKeySpecification;
use OAuth2\Models\IServerPrivateKey; use OAuth2\Models\IServerPrivateKey;
use DateTime; use DateTime;
use Crypt_RSA; use phpseclib\Crypt\RSA;
use Illuminate\Support\Facades\Crypt; use Illuminate\Support\Facades\Crypt;
/** /**
* Class ServerPrivateKey * Class ServerPrivateKey
@ -122,7 +122,7 @@ final class ServerPrivateKey extends AsymmetricKey implements IServerPrivateKey
public function getPublicKeyPEM() public function getPublicKeyPEM()
{ {
$private_key_pem = $this->pem_content; $private_key_pem = $this->pem_content;
$rsa = new Crypt_RSA(); $rsa = new RSA();
if(!empty($this->password)){ if(!empty($this->password)){
$rsa->setPassword($this->password); $rsa->setPassword($this->password);

9
app/Providers/AppServiceProvider.php
View File

@ -31,9 +31,10 @@ class AppServiceProvider extends ServiceProvider
*/ */
public function boot() public function boot()
{ {
$monolog = Log::getMonolog();
foreach($monolog->getHandlers() as $handler) { $logger = Log::getLogger();
foreach($logger->getHandlers() as $handler) {
$handler->setLevel(Config::get('log.level', 'error')); $handler->setLevel(Config::get('log.level', 'error'));
} }
@ -44,11 +45,9 @@ class AppServiceProvider extends ServiceProvider
if (!empty($to) && !empty($from)) { if (!empty($to) && !empty($from)) {
$subject = 'openstackid error'; $subject = 'openstackid error';
$mono_log = Log::getMonolog();
$handler = new NativeMailerHandler($to, $subject, $from); $handler = new NativeMailerHandler($to, $subject, $from);
$handler->setLevel(Config::get('log.email_level', 'error')); $handler->setLevel(Config::get('log.email_level', 'error'));
$mono_log->pushHandler($handler); $logger->pushHandler($handler);
} }

5
app/Providers/AuthServiceProvider.php
View File

@ -34,10 +34,9 @@ class AuthServiceProvider extends ServiceProvider
* @param \Illuminate\Contracts\Auth\Access\Gate $gate * @param \Illuminate\Contracts\Auth\Access\Gate $gate
* @return void * @return void
*/ */
public function boot(GateContract $gate) public function boot()
{ {
$this->registerPolicies($gate); $this->registerPolicies();
// //
} }
} }

6
app/Providers/EventServiceProvider.php
View File

@ -36,10 +36,8 @@ class EventServiceProvider extends ServiceProvider
* @param \Illuminate\Contracts\Events\Dispatcher $events * @param \Illuminate\Contracts\Events\Dispatcher $events
* @return void * @return void
*/ */
public function boot(DispatcherContract $events) public function boot()
{ {
parent::boot($events); parent::boot();
//
} }
} }

4
app/Providers/RouteServiceProvider.php
View File

@ -34,9 +34,9 @@ final class RouteServiceProvider extends ServiceProvider
* @param \Illuminate\Routing\Router $router * @param \Illuminate\Routing\Router $router
* @return void * @return void
*/ */
public function boot(Router $router) public function boot()
{ {
parent::boot($router); parent::boot();
} }
/** /**

15
app/Services/OAuth2/ApiEndpointService.php
View File

@ -11,7 +11,6 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
use OAuth2\Models\IApiEndpoint; use OAuth2\Models\IApiEndpoint;
use OAuth2\Repositories\IApiEndpointRepository; use OAuth2\Repositories\IApiEndpointRepository;
use OAuth2\Repositories\IApiScopeRepository; use OAuth2\Repositories\IApiScopeRepository;
@ -21,12 +20,11 @@ use OAuth2\Exceptions\InvalidApiEndpoint;
use OAuth2\Exceptions\InvalidApiScope; use OAuth2\Exceptions\InvalidApiScope;
use Utils\Db\ITransactionService; use Utils\Db\ITransactionService;
use Utils\Exceptions\EntityNotFoundException; use Utils\Exceptions\EntityNotFoundException;
/** /**
* Class ApiEndpointService * Class ApiEndpointService
* @package Services\OAuth2 * @package Services\OAuth2
*/ */
class ApiEndpointService implements IApiEndpointService { final class ApiEndpointService implements IApiEndpointService {
/** /**
* @var ITransactionService * @var ITransactionService
@ -272,4 +270,15 @@ class ApiEndpointService implements IApiEndpointService {
return true; return true;
}); });
} }
/**
* @param int $id
* @return mixed
*/
public function get($id)
{
return $this->tx_service->transaction(function () use($id){
return $this->repository->get($id);
});
}
} }

7
app/Services/OAuth2/HttpIClientJWKSetReader.php
View File

@ -18,7 +18,8 @@ use OAuth2\Services\IClientJWKSetReader;
use GuzzleHttp\Client as HttpClient; use GuzzleHttp\Client as HttpClient;
use GuzzleHttp\Exception\RequestException as HttpRequestException; use GuzzleHttp\Exception\RequestException as HttpRequestException;
use Utils\Http\HttpContentType; use Utils\Http\HttpContentType;
use Log; use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Config;
/** /**
* Class HttpIClientJWKSetReader * Class HttpIClientJWKSetReader
* @package Services\OAuth2 * @package Services\OAuth2
@ -28,7 +29,9 @@ final class HttpIClientJWKSetReader implements IClientJWKSetReader
/** /**
* @param IClient $client * @param IClient $client
* @return IJWKSet * @return IJWKSet|null
* @throws \jwk\exceptions\InvalidJWKAlgorithm
* @throws \jwk\exceptions\JWKInvalidIdentifierException
*/ */
public function read(IClient $client) public function read(IClient $client)
{ {

4
app/Services/OAuth2/PrincipalService.php
View File

@ -11,7 +11,7 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
use phpseclib\Crypt\Random;
use Illuminate\Support\Facades\Cookie; use Illuminate\Support\Facades\Cookie;
use Illuminate\Support\Facades\Session; use Illuminate\Support\Facades\Session;
use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Log;
@ -78,7 +78,7 @@ final class PrincipalService implements IPrincipalService
Log::debug(sprintf("PrincipalService::register user_id %s auth_time %s", $user_id, $auth_time)); Log::debug(sprintf("PrincipalService::register user_id %s auth_time %s", $user_id, $auth_time));
Session::put(self::UserIdParam, $user_id); Session::put(self::UserIdParam, $user_id);
Session::put(self::AuthTimeParam, $auth_time); Session::put(self::AuthTimeParam, $auth_time);
$opbs = bin2hex(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)); $opbs = bin2hex(Random::string(16));
Cookie::queue(IPrincipalService::OP_BROWSER_STATE_COOKIE_NAME, $opbs, $minutes = config("session.op_browser_state_lifetime"), $path = '/', $domain = null, $secure = false, $httpOnly = false); Cookie::queue(IPrincipalService::OP_BROWSER_STATE_COOKIE_NAME, $opbs, $minutes = config("session.op_browser_state_lifetime"), $path = '/', $domain = null, $secure = false, $httpOnly = false);
Log::debug(sprintf("PrincipalService::register opbs %s", $opbs)); Log::debug(sprintf("PrincipalService::register opbs %s", $opbs));
Session::put(self::OPBrowserState, $opbs); Session::put(self::OPBrowserState, $opbs);

6
app/Services/OAuth2/ServerPrivateKeyService.php
View File

@ -18,7 +18,7 @@ use OAuth2\Repositories\IServerPrivateKeyRepository;
use Utils\Db\ITransactionService; use Utils\Db\ITransactionService;
use Models\OAuth2\ServerPrivateKey; use Models\OAuth2\ServerPrivateKey;
use DateTime; use DateTime;
use Crypt_RSA; use phpseclib\Crypt\RSA;
use Services\Exceptions\ValidationException; use Services\Exceptions\ValidationException;
/** /**
@ -29,7 +29,7 @@ final class ServerPrivateKeyService extends AsymmetricKeyService implements ISer
{ {
/** /**
* @var Crypt_RSA * @var RSA
*/ */
private $rsa; private $rsa;
@ -45,7 +45,7 @@ final class ServerPrivateKeyService extends AsymmetricKeyService implements ISer
) )
{ {
parent::__construct($repository, $tx_service); parent::__construct($repository, $tx_service);
$this->rsa = new Crypt_RSA(); $this->rsa = new RSA();
} }
/** /**

1
app/Services/OpenId/OpenIdMementoSessionSerializerService.php
View File

@ -14,7 +14,6 @@
use OpenId\Requests\OpenIdMessageMemento; use OpenId\Requests\OpenIdMessageMemento;
use OpenId\Services\IMementoOpenIdSerializerService; use OpenId\Services\IMementoOpenIdSerializerService;
use Illuminate\Support\Facades\Session; use Illuminate\Support\Facades\Session;
/** /**
* Class OpenIdMementoSessionSerializerService * Class OpenIdMementoSessionSerializerService
* @package Services\OpenId * @package Services\OpenId

6
app/Services/Utils/UtilsProvider.php
View File

@ -11,13 +11,11 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
use Utils\Services\UtilsServiceCatalog; use Utils\Services\UtilsServiceCatalog;
use Illuminate\Support\ServiceProvider; use Illuminate\Support\ServiceProvider;
use Illuminate\Foundation\AliasLoader; use Illuminate\Foundation\AliasLoader;
use Illuminate\Support\Facades\App; use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Log;
/** /**
* Class UtilsProvider * Class UtilsProvider
* @package Services\Utils * @package Services\Utils
@ -41,7 +39,7 @@ final class UtilsProvider extends ServiceProvider {
App::singleton(UtilsServiceCatalog::BannedIpService, 'Services\\Utils\\BannedIPService'); App::singleton(UtilsServiceCatalog::BannedIpService, 'Services\\Utils\\BannedIPService');
// setting facade // setting facade
$this->app['serverconfigurationservice'] = App::share(function ($app) { App::singleton('serverconfigurationservice', function ($app) {
return new ServerConfigurationService return new ServerConfigurationService
( (
App::make(UtilsServiceCatalog::CacheService), App::make(UtilsServiceCatalog::CacheService),
@ -50,7 +48,7 @@ final class UtilsProvider extends ServiceProvider {
}); });
// setting facade // setting facade
$this->app['externalurlservice'] = App::share(function ($app) { App::singleton('externalurlservice', function ($app) {
return new ExternalUrlService(); return new ExternalUrlService();
}); });

20
app/Validators/CustomValidator.php
View File

@ -13,13 +13,13 @@
**/ **/
use Illuminate\Validation\Validator; use Illuminate\Validation\Validator;
use Models\OAuth2\Client; use Models\OAuth2\Client;
use Symfony\Component\Translation\TranslatorInterface; use Illuminate\Contracts\Translation\Translator;
use jwk\JSONWebKeyPublicKeyUseValues; use jwk\JSONWebKeyPublicKeyUseValues;
use jwk\JSONWebKeyTypes; use jwk\JSONWebKeyTypes;
use OAuth2\OAuth2Protocol; use OAuth2\OAuth2Protocol;
use OAuth2\Models\IClient; use OAuth2\Models\IClient;
use Utils\Services\IAuthService; use Utils\Services\IAuthService;
use Crypt_RSA; use phpseclib\Crypt\RSA;
/** /**
* Class CustomValidator * Class CustomValidator
@ -37,7 +37,7 @@ class CustomValidator extends Validator
'RequiredWithoutField' 'RequiredWithoutField'
); );
public function __construct(TranslatorInterface $translator, $data, $rules, $messages = array()) public function __construct(Translator $translator, $data, $rules, $messages = array())
{ {
parent::__construct($translator, $data, $rules, $messages); parent::__construct($translator, $data, $rules, $messages);
$this->isImplicit('fail'); $this->isImplicit('fail');
@ -221,7 +221,7 @@ class CustomValidator extends Validator
$PKCS8 = $res1 !== false && $res3 !== false; $PKCS8 = $res1 !== false && $res3 !== false;
$PKCS1 = $res2 !== false && $res4 !== false; $PKCS1 = $res2 !== false && $res4 !== false;
$rsa = new Crypt_RSA; $rsa = new RSA;
$parsed = $rsa->loadKey($value); $parsed = $rsa->loadKey($value);
return ($PKCS8 || $PKCS1) && $parsed; return ($PKCS8 || $PKCS1) && $parsed;
@ -229,7 +229,7 @@ class CustomValidator extends Validator
public function validatePublicKeyPemLength($attribute, $value) public function validatePublicKeyPemLength($attribute, $value)
{ {
$rsa = new Crypt_RSA(); $rsa = new RSA();
$parsed = $rsa->loadKey($value); $parsed = $rsa->loadKey($value);
return $parsed && $rsa->getSize() > 1024; return $parsed && $rsa->getSize() > 1024;
@ -247,7 +247,7 @@ class CustomValidator extends Validator
$encrypted = strpos($value,'ENCRYPTED') !== false ; $encrypted = strpos($value,'ENCRYPTED') !== false ;
$password_param = $parameters[0]; $password_param = $parameters[0];
$rsa = new Crypt_RSA; $rsa = new RSA;
if(isset($this->data[$password_param]) && $encrypted){ if(isset($this->data[$password_param]) && $encrypted){
$rsa->setPassword($this->data[$password_param]); $rsa->setPassword($this->data[$password_param]);
} }
@ -262,7 +262,7 @@ class CustomValidator extends Validator
$encrypted = strpos($value,'ENCRYPTED') !== false ; $encrypted = strpos($value,'ENCRYPTED') !== false ;
$password_param = $parameters[0]; $password_param = $parameters[0];
$rsa = new Crypt_RSA; $rsa = new RSA;
if(isset($this->data[$password_param]) && $encrypted){ if(isset($this->data[$password_param]) && $encrypted){
$rsa->setPassword($this->data[$password_param]); $rsa->setPassword($this->data[$password_param]);
} }
@ -286,7 +286,7 @@ class CustomValidator extends Validator
$pem_param = $parameters[0]; $pem_param = $parameters[0];
if(!isset($this->data[$pem_param])) return true; if(!isset($this->data[$pem_param])) return true;
$pem_content = $this->data[$pem_param]; $pem_content = $this->data[$pem_param];
$rsa = new Crypt_RSA; $rsa = new RSA;
$rsa->setPassword($value); $rsa->setPassword($value);
$parsed = $rsa->loadKey($pem_content); $parsed = $rsa->loadKey($pem_content);
return $parsed; return $parsed;
@ -301,7 +301,7 @@ class CustomValidator extends Validator
$urls = explode(',', $value); $urls = explode(',', $value);
$res = true; $res = true;
foreach ($urls as $url) { foreach ($urls as $url) {
$res = $app_type === IClient::ApplicationType_Native ? $this->validateCustomUrl($attribute, $url, $parameters): $this->validateSslurl($attribute, $url, $parameters); $res = $app_type === IClient::ApplicationType_Native ? $this->validateCustomUrl($attribute, $url, $parameters): $this->validateSslurl($attribute, $url);
if (!$res) { if (!$res) {
break; break;
} }
@ -324,7 +324,7 @@ class CustomValidator extends Validator
$urls = explode(',', $value); $urls = explode(',', $value);
$res = true; $res = true;
foreach ($urls as $url) { foreach ($urls as $url) {
$res = $this->validateSslurl($attribute, $url, $parameters); $res = $this->validateSslurl($attribute, $url);
if (!$res) { if (!$res) {
break; break;
} }

6
app/libs/Auth/AuthService.php
View File

@ -132,7 +132,7 @@ final class AuthService implements IAuthService
} }
/** /**
* @return AuthorizationResponse_* * @return string
*/ */
public function getUserAuthorizationResponse() public function getUserAuthorizationResponse()
{ {
@ -158,7 +158,7 @@ final class AuthService implements IAuthService
public function setUserAuthorizationResponse($auth_response) public function setUserAuthorizationResponse($auth_response)
{ {
Session::set("openid.authorization.response", $auth_response); Session::put("openid.authorization.response", $auth_response);
Session::save(); Session::save();
} }
@ -216,7 +216,7 @@ final class AuthService implements IAuthService
public function setUserAuthenticationResponse($auth_response) public function setUserAuthenticationResponse($auth_response)
{ {
Session::set("openstackid.authentication.response", $auth_response); Session::put("openstackid.authentication.response", $auth_response);
Session::save(); Session::save();
} }

5
app/libs/OAuth2/GrantTypes/InteractiveGrantType.php
View File

@ -57,7 +57,7 @@ use utils\exceptions\InvalidCompactSerializationException;
use utils\factories\BasicJWTFactory; use utils\factories\BasicJWTFactory;
use Utils\Services\IAuthService; use Utils\Services\IAuthService;
use Utils\Services\ILogService; use Utils\Services\ILogService;
use phpseclib\Crypt\Random;
/** /**
* Class InteractiveGrantType * Class InteractiveGrantType
* @package OAuth2\GrantTypes * @package OAuth2\GrantTypes
@ -327,8 +327,7 @@ abstract class InteractiveGrantType extends AbstractGrantType
$session_id $session_id
)); ));
// warning: mcrypt_create_iv deprecated on php 7.x $salt = bin2hex(Random::string(16));
$salt = bin2hex(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM));
$message = "{$client_id}{$origin}{$session_id}{$salt}"; $message = "{$client_id}{$origin}{$session_id}{$salt}";
$this->log_service->debug_msg(sprintf( $this->log_service->debug_msg(sprintf(
"InteractiveGrantType::getSessionState message %s", "InteractiveGrantType::getSessionState message %s",

6
app/libs/OAuth2/Services/IApiEndpointService.php
View File

@ -69,6 +69,12 @@ interface IApiEndpointService {
*/ */
public function delete($id); public function delete($id);
/**
* @param int $id
* @return mixed
*/
public function get($id);
/** /**
* @param int $id * @param int $id
* @param array $params * @param array $params

45
app/libs/Utils/RequestUtils.php Normal file
View File

@ -0,0 +1,45 @@
<?php namespace libs\utils;
/**
* Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\Log;
/**
* Class RequestUtils
* @package libs\utils
*/
final class RequestUtils {
/**
* @param \Illuminate\Http\Request $request
* @return bool|string
*/
public static function getCurrentRoutePath($request)
{
try
{
$route = Route::getRoutes()->match($request);
if(is_null($route)) return false;
$route_path = $route->uri();
if (strpos($route_path, '/') != 0)
$route_path = '/' . $route_path;
return $route_path;
}
catch (\Exception $ex)
{
Log::error($ex);
}
return false;
}
}

6
artisan
View File

@ -1,6 +1,8 @@
#!/usr/bin/env php #!/usr/bin/env php
<?php <?php
define('LARAVEL_START', microtime(true));
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Register The Auto Loader | Register The Auto Loader
@ -13,7 +15,7 @@
| |
*/ */
require __DIR__.'/bootstrap/autoload.php'; require __DIR__.'/vendor/autoload.php';
$app = require_once __DIR__.'/bootstrap/app.php'; $app = require_once __DIR__.'/bootstrap/app.php';
@ -40,7 +42,7 @@ $status = $kernel->handle(
| Shutdown The Application | Shutdown The Application
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| |
| Once Artisan has finished running. We will fire off the shutdown events | Once Artisan has finished running, we will fire off the shutdown events
| so that any final work may be done by the application before we shut | so that any final work may be done by the application before we shut
| down the process. This is the last thing to happen to the request. | down the process. This is the last thing to happen to the request.
| |

31
bindep.txt
View File

@ -1,28 +1,21 @@
mcrypt php7.2 [platform:dpkg]
php [platform:ubuntu-xenial] php7.2-cli [platform:dpkg]
php5 [platform:dpkg !platform:ubuntu-xenial]
php-cli [platform:rpm platform:ubuntu-xenial] php7.2-common [platform:dpkg]
php5-cli [platform:dpkg !platform:ubuntu-xenial]
php-common [platform:ubuntu-xenial] php7.2-curl [platform:dpkg]
php5-common [platform:dpkg !platform:ubuntu-xenial]
php-curl [platform:rpm platform:ubuntu-xenial] php7.2-gd [platform:dpkg]
php5-curl [platform:dpkg !platform:ubuntu-xenial]
php-gd [platform:rpm platform:ubuntu-xenial] php7.2-json [platform:dpkg]
php5-gd [platform:dpkg !platform:ubuntu-xenial]
php-json [platform:rpm platform:ubuntu-xenial] php7.2-mysqlnd [platform:dpkg]
php5-json [platform:dpkg !platform:ubuntu-xenial]
php-mysql [platform:rpm platform:ubuntu-xenial] php7.2-xml [platform:dpkg]
php5-mysql [platform:dpkg !platform:ubuntu-xenial]
php-gmp [platform:rpm platform:ubuntu-xenial] php7.2-mbstring [platform:dpkg]
php5-gmp [platform:dpkg !platform:ubuntu-xenial]
php-mcrypt [platform:ubuntu-xenial] php7.2-gmp [platform:dpkg]
php5-mcrypt [platform:dpkg !platform:ubuntu-xenial]
php7.2-ssh2 [platform:dpkg]

85
composer.json
View File

@ -1,34 +1,51 @@
{ {
"name": "laravel/laravel", "name": "openstack/openstackid",
"description": "The Laravel Framework.", "description": "OpenStackID IDP",
"keywords": ["framework", "laravel"], "keywords": [
"idp",
"openstack",
"oauth2",
"openid2.0",
"jwt",
"oidc"
],
"license": "MIT", "license": "MIT",
"type": "project", "type": "project",
"require": { "require": {
"php": ">=5.5.9", "php": "^7.1.3",
"laravel/framework": "5.2.*", "fideloper/proxy": "^4.0",
"zendframework/zend-crypt": "2.6.*", "laravel/framework": "5.6.*",
"zendframework/zend-math": "2.7.*", "laravel/tinker": "^1.0",
"zendframework/zend-crypt": "3.3.0",
"zendframework/zend-math": "3.1.1",
"ircmaxell/random-lib": "1.1.*", "ircmaxell/random-lib": "1.1.*",
"greggilbert/recaptcha": "2.1.*", "greggilbert/recaptcha": "2.1.*",
"guzzlehttp/guzzle": "5.3.0", "guzzlehttp/guzzle": "6.3.3",
"smarcet/jose4php": "1.0.15", "smarcet/jose4php": "dev-feature/php7.2-migration",
"glenscott/url-normalizer": "1.4.*", "glenscott/url-normalizer": "1.4.*",
"jenssegers/agent": "2.3.*", "jenssegers/agent": "2.3.*",
"predis/predis": "1.0.1", "laravelcollective/html": "5.6.*",
"laravelcollective/html": "5.2.4" "phpseclib/phpseclib": "2.0.11",
"predis/predis": "1.0.*",
"ext-json":"*",
"ext-pdo":"*"
}, },
"require-dev": { "require-dev": {
"fzaninotto/faker": "~1.4", "filp/whoops": "^2.0",
"phpunit/phpunit": "~4.0", "fzaninotto/faker": "^1.4",
"symfony/css-selector": "2.8.*|3.0.*", "mockery/mockery": "^1.0",
"symfony/dom-crawler": "2.8.*|3.0.*", "nunomaduro/collision": "^2.0",
"doctrine/dbal": "*", "phpunit/phpunit": "^7.0",
"mockery/mockery": "*", "laravel/browser-kit-testing": "4.0.2"
"way/laravel-test-helpers": "dev-master" },
"suggest":{
"lib-openssl": "Required to use AES algorithms (except AES GCM)",
"ext-json":"Required to use json algorithms"
}, },
"autoload": { "autoload": {
"classmap": [ "classmap": [
"database/seeds",
"database/factories",
"database", "database",
"app", "app",
"tests" "tests"
@ -43,27 +60,33 @@
} }
}, },
"autoload-dev": { "autoload-dev": {
"classmap": [ "psr-4": {
"tests/TestCase.php" "Tests\\": "tests/"
}
},
"extra": {
"laravel": {
"dont-discover": [
] ]
}
}, },
"scripts": { "scripts": {
"post-root-package-install": [ "post-root-package-install": [
"php -r \"copy('.env.example', '.env');\"" "@php -r \"file_exists('.env') || copy('.env.example', '.env');\""
], ],
"post-create-project-cmd": [ "post-create-project-cmd": [
"php artisan key:generate" "@php artisan key:generate"
], ],
"post-install-cmd": [ "post-autoload-dump": [
"Illuminate\\Foundation\\ComposerScripts::postInstall", "Illuminate\\Foundation\\ComposerScripts::postAutoloadDump",
"php artisan optimize" "@php artisan package:discover"
],
"post-update-cmd": [
"Illuminate\\Foundation\\ComposerScripts::postUpdate",
"php artisan optimize"
] ]
}, },
"config": { "config": {
"preferred-install": "dist" "preferred-install": "dist",
} "sort-packages": true,
"optimize-autoloader": true
},
"minimum-stability": "dev",
"prefer-stable": true
} }

15
config/app.php
View File

@ -95,21 +95,6 @@ return [
'cipher' => 'AES-256-CBC', 'cipher' => 'AES-256-CBC',
/*
|--------------------------------------------------------------------------
| Logging Configuration
|--------------------------------------------------------------------------
|
| Here you may configure the log settings for your application. Out of
| the box, Laravel uses the Monolog PHP logging library. This gives
| you a variety of powerful log handlers / formatters to utilize.
|
| Available Settings: "single", "daily", "syslog", "errorlog"
|
*/
'log' => env('APP_LOG', 'single'),
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Autoloaded Service Providers | Autoloaded Service Providers

52
config/hashing.php Normal file
View File

@ -0,0 +1,52 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Hash Driver
|--------------------------------------------------------------------------
|
| This option controls the default hash driver that will be used to hash
| passwords for your application. By default, the bcrypt algorithm is
| used; however, you remain free to modify this option if you wish.
|
| Supported: "bcrypt", "argon"
|
*/
'driver' => 'bcrypt',
/*
|--------------------------------------------------------------------------
| Bcrypt Options
|--------------------------------------------------------------------------
|
| Here you may specify the configuration options that should be used when
| passwords are hashed using the Bcrypt algorithm. This will allow you
| to control the amount of time it takes to hash the given password.
|
*/
'bcrypt' => [
'rounds' => env('BCRYPT_ROUNDS', 10),
],
/*
|--------------------------------------------------------------------------
| Argon Options
|--------------------------------------------------------------------------
|
| Here you may specify the configuration options that should be used when
| passwords are hashed using the Argon algorithm. These will allow you
| to control the amount of time it takes to hash the given password.
|
*/
'argon' => [
'memory' => 1024,
'threads' => 2,
'time' => 2,
],
];

81
config/logging.php Normal file
View File

@ -0,0 +1,81 @@
<?php
use Monolog\Handler\StreamHandler;
return [
/*
|--------------------------------------------------------------------------
| Default Log Channel
|--------------------------------------------------------------------------
|
| This option defines the default log channel that gets used when writing
| messages to the logs. The name specified in this option should match
| one of the channels defined in the "channels" configuration array.
|
*/
'default' => env('LOG_CHANNEL', 'stack'),
/*
|--------------------------------------------------------------------------
| Log Channels
|--------------------------------------------------------------------------
|
| Here you may configure the log channels for your application. Out of
| the box, Laravel uses the Monolog PHP logging library. This gives
| you a variety of powerful log handlers / formatters to utilize.
|
| Available Drivers: "single", "daily", "slack", "syslog",
| "errorlog", "monolog",
| "custom", "stack"
|
*/
'channels' => [
'stack' => [
'driver' => 'stack',
'channels' => ['daily'],
],
'single' => [
'driver' => 'single',
'path' => storage_path('logs/laravel.log'),
'level' => 'debug',
],
'daily' => [
'driver' => 'daily',
'path' => storage_path('logs/laravel.log'),
'level' => 'debug',
'days' => 7,
],
'slack' => [
'driver' => 'slack',
'url' => env('LOG_SLACK_WEBHOOK_URL'),
'username' => 'Laravel Log',
'emoji' => ':boom:',
'level' => 'critical',
],
'stderr' => [
'driver' => 'monolog',
'handler' => StreamHandler::class,
'with' => [
'stream' => 'php://stderr',
],
],
'syslog' => [
'driver' => 'syslog',
'level' => 'debug',
],
'errorlog' => [
'driver' => 'errorlog',
'level' => 'debug',
],
],
];

17
config/session.php
View File

@ -162,9 +162,26 @@ return [
*/ */
'http_only' => env('SESSION_COOKIE_HTTP_ONLY', true), 'http_only' => env('SESSION_COOKIE_HTTP_ONLY', true),
/*
|--------------------------------------------------------------------------
| Same-Site Cookies
|--------------------------------------------------------------------------
|
| This option determines how your cookies behave when cross-site requests
| take place, and can be used to mitigate CSRF attacks. By default, we
| do not enable this as other CSRF protection services are in place.
|
| Supported: "lax", "strict"
|
*/
'same_site' => null,
/* /*
* http://openid.net/specs/openid-connect-session-1_0.html#OPiframe * http://openid.net/specs/openid-connect-session-1_0.html#OPiframe
* OP Browser state lifetime * OP Browser state lifetime
*/ */
'op_browser_state_lifetime' => env('SESSION_OP_BROWSER_STATE_LIFETIME', 120) 'op_browser_state_lifetime' => env('SESSION_OP_BROWSER_STATE_LIFETIME', 120)
]; ];

23
database/factories/UserFactory.php Normal file
View File

@ -0,0 +1,23 @@
<?php
use Faker\Generator as Faker;
/*
|--------------------------------------------------------------------------
| Model Factories
|--------------------------------------------------------------------------
|
| This directory should contain each of the model factory definitions for
| your application. Factories provide a convenient way to generate new
| model instances for testing / seeding your application's database.
|
*/
$factory->define(App\User::class, function (Faker $faker) {
return [
'name' => $faker->name,
'email' => $faker->unique()->safeEmail,
'password' => '$2y$10$TKh8H1.PfQx37YgCzwiKb.KjNyWgaHb9cbcoQgdIVFlYg7B77UdFm', // secret
'remember_token' => str_random(10),
];
});

33
package-lock.json generated
View File

@ -3841,11 +3841,13 @@
}, },
"balanced-match": { "balanced-match": {
"version": "1.0.0", "version": "1.0.0",
"bundled": true "bundled": true,
"optional": true
}, },
"brace-expansion": { "brace-expansion": {
"version": "1.1.11", "version": "1.1.11",
"bundled": true, "bundled": true,
"optional": true,
"requires": { "requires": {
"balanced-match": "^1.0.0", "balanced-match": "^1.0.0",
"concat-map": "0.0.1" "concat-map": "0.0.1"
@ -3858,15 +3860,18 @@
}, },
"code-point-at": { "code-point-at": {
"version": "1.1.0", "version": "1.1.0",
"bundled": true "bundled": true,
"optional": true
}, },
"concat-map": { "concat-map": {
"version": "0.0.1", "version": "0.0.1",
"bundled": true "bundled": true,
"optional": true
}, },
"console-control-strings": { "console-control-strings": {
"version": "1.1.0", "version": "1.1.0",
"bundled": true "bundled": true,
"optional": true
}, },
"core-util-is": { "core-util-is": {
"version": "1.0.2", "version": "1.0.2",
@ -3969,7 +3974,8 @@
}, },
"inherits": { "inherits": {
"version": "2.0.3", "version": "2.0.3",
"bundled": true "bundled": true,
"optional": true
}, },
"ini": { "ini": {
"version": "1.3.5", "version": "1.3.5",
@ -3979,6 +3985,7 @@
"is-fullwidth-code-point": { "is-fullwidth-code-point": {
"version": "1.0.0", "version": "1.0.0",
"bundled": true, "bundled": true,
"optional": true,
"requires": { "requires": {
"number-is-nan": "^1.0.0" "number-is-nan": "^1.0.0"
} }
@ -3991,17 +3998,20 @@
"minimatch": { "minimatch": {
"version": "3.0.4", "version": "3.0.4",
"bundled": true, "bundled": true,
"optional": true,
"requires": { "requires": {
"brace-expansion": "^1.1.7" "brace-expansion": "^1.1.7"
} }
}, },
"minimist": { "minimist": {
"version": "0.0.8", "version": "0.0.8",
"bundled": true "bundled": true,
"optional": true
}, },
"minipass": { "minipass": {
"version": "2.2.4", "version": "2.2.4",
"bundled": true, "bundled": true,
"optional": true,
"requires": { "requires": {
"safe-buffer": "^5.1.1", "safe-buffer": "^5.1.1",
"yallist": "^3.0.0" "yallist": "^3.0.0"
@ -4018,6 +4028,7 @@
"mkdirp": { "mkdirp": {
"version": "0.5.1", "version": "0.5.1",
"bundled": true, "bundled": true,
"optional": true,
"requires": { "requires": {
"minimist": "0.0.8" "minimist": "0.0.8"
} }
@ -4090,7 +4101,8 @@
}, },
"number-is-nan": { "number-is-nan": {
"version": "1.0.1", "version": "1.0.1",
"bundled": true "bundled": true,
"optional": true
}, },
"object-assign": { "object-assign": {
"version": "4.1.1", "version": "4.1.1",
@ -4100,6 +4112,7 @@
"once": { "once": {
"version": "1.4.0", "version": "1.4.0",
"bundled": true, "bundled": true,
"optional": true,
"requires": { "requires": {
"wrappy": "1" "wrappy": "1"
} }
@ -4205,6 +4218,7 @@
"string-width": { "string-width": {
"version": "1.0.2", "version": "1.0.2",
"bundled": true, "bundled": true,
"optional": true,
"requires": { "requires": {
"code-point-at": "^1.0.0", "code-point-at": "^1.0.0",
"is-fullwidth-code-point": "^1.0.0", "is-fullwidth-code-point": "^1.0.0",
@ -11087,11 +11101,6 @@
"punycode": "^2.1.0" "punycode": "^2.1.0"
} }
}, },
"uri.js": {
"version": "0.1.3",
"resolved": "https://registry.npmjs.org/uri.js/-/uri.js-0.1.3.tgz",
"integrity": "sha1-uT7umQWzyBucOLu83/9e9tDI3l8="
},
"urijs": { "urijs": {
"version": "1.19.1", "version": "1.19.1",
"resolved": "https://registry.npmjs.org/urijs/-/urijs-1.19.1.tgz", "resolved": "https://registry.npmjs.org/urijs/-/urijs-1.19.1.tgz",

2
phpunit.xml
View File

@ -8,7 +8,7 @@
convertWarningsToExceptions="true" convertWarningsToExceptions="true"
processIsolation="false" processIsolation="false"
stopOnFailure="false" stopOnFailure="false"
syntaxCheck="false"> >
<testsuites> <testsuites>
<testsuite name="Application Test Suite"> <testsuite name="Application Test Suite">
<directory>./tests/</directory> <directory>./tests/</directory>

2
public/assets/js/oauth2/profile/admin/server-private-keys.js
View File

@ -30,7 +30,7 @@
todayBtn: "linked", todayBtn: "linked",
clearBtn: true, clearBtn: true,
todayHighlight: true, todayHighlight: true,
orientation: "top right", orientation: "bottom right",
autoclose: true autoclose: true
}); });

2
public/assets/js/oauth2/profile/edit-client-public-keys.js
View File

@ -10,7 +10,7 @@
todayBtn: "linked", todayBtn: "linked",
clearBtn: true, clearBtn: true,
todayHighlight: true, todayHighlight: true,
orientation: "top right", orientation: "bottom right",
autoclose: true autoclose: true
}); });

2
server.php
View File

@ -4,7 +4,7 @@
* Laravel - A PHP Framework For Web Artisans * Laravel - A PHP Framework For Web Artisans
* *
* @package Laravel * @package Laravel
* @author Taylor Otwell <taylorotwell@gmail.com> * @author Taylor Otwell <taylor@laravel.com>
*/ */
$uri = urldecode( $uri = urldecode(

19
tests/ApiEndpointTest.php
View File

@ -1,13 +1,24 @@
<?php <?php
/**
* Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Models\OAuth2\ApiEndpoint; use Models\OAuth2\ApiEndpoint;
use Models\OAuth2\Api; use Models\OAuth2\Api;
use Models\OAuth2\ApiScope; use Models\OAuth2\ApiScope;
use Tests\BrowserKitTestCase;
/** /**
* Class ApiEndpointTest * Class ApiEndpointTest
*/ */
class ApiEndpointTest extends TestCase { final class ApiEndpointTest extends BrowserKitTestCase {
private $current_realm; private $current_realm;
@ -190,6 +201,8 @@ class ApiEndpointTest extends TestCase {
array(), array(),
array()); array());
$content = $response->getContent();
$this->assertResponseStatus(404); $this->assertResponseStatus(404);
} }

32
tests/ApiScopeTest.php
View File

@ -1,11 +1,23 @@
<?php <?php
/**
* Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Models\OAuth2\ApiScope; use Models\OAuth2\ApiScope;
use Models\OAuth2\Api; use Models\OAuth2\Api;
use Tests\BrowserKitTestCase;
/** /**
* Class ApiScopeTest * Class ApiScopeTest
*/ */
class ApiScopeTest extends TestCase { final class ApiScopeTest extends BrowserKitTestCase {
private $current_realm; private $current_realm;
@ -110,20 +122,4 @@ class ApiScopeTest extends TestCase {
} }
/**
* testUpdate
* @covers updates an existing scope
*/
public function testUpdate(){
}
/**
* testUpdateStatus
* @covers updates status of an existing scope
*/
public function testUpdateStatus(){
}
} }

18
tests/ApiTest.php
View File

@ -1,12 +1,24 @@
<?php <?php
/**
* Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Models\OAuth2\Api; use Models\OAuth2\Api;
use Models\OAuth2\ResourceServer; use Models\OAuth2\ResourceServer;
use Tests\TestCase;
use Tests\BrowserKitTestCase;
/** /**
* Class ApiTest * Class ApiTest
*/ */
class ApiTest extends TestCase { final class ApiTest extends BrowserKitTestCase {
private $current_realm; private $current_realm;

25
tests/AssociationServiceTest.php
View File

@ -1,19 +1,28 @@
<?php <?php
/**
* Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use OpenId\Services\OpenIdServiceCatalog; use OpenId\Services\OpenIdServiceCatalog;
use OpenId\Helpers\AssociationFactory; use OpenId\Helpers\AssociationFactory;
use OpenId\OpenIdProtocol; use OpenId\OpenIdProtocol;
use Utils\Services\UtilsServiceCatalog; use Utils\Services\UtilsServiceCatalog;
use Utils\Exceptions\UnacquiredLockException; use Utils\Exceptions\UnacquiredLockException;
use Tests\BrowserKitTestCase;
class AssociationServiceTest extends TestCase /**
* Class AssociationServiceTest
*/
final class AssociationServiceTest extends BrowserKitTestCase
{ {
public function __construct()
{
}
public function tearDown() public function tearDown()
{ {
Mockery::close(); Mockery::close();

54
tests/BrowserKitTestCase.php Normal file
View File

@ -0,0 +1,54 @@
<?php namespace Tests;
/**
* Copyright 2015 Openstack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Illuminate\Support\Facades\Artisan;
use Illuminate\Support\Facades\Redis;
use Laravel\BrowserKitTesting\TestCase as BaseTestCase;
/**
* Class TestCase
* @package Tests
*/
abstract class BrowserKitTestCase extends BaseTestCase
{
use CreatesApplication;
private $redis;
/**
* The base URL to use while testing the application.
*
* @var string
*/
protected $baseUrl = 'http://localhost';
public function setUp()
{
parent::setUp(); // Don't forget this!
$this->redis = Redis::connection();
$this->redis->flushall();
$this->prepareForTests();
}
/**
* Migrates the database and set the mailer to 'pretend'.
* This will cause the tests to run quickly.
*
*/
protected function prepareForTests()
{
Artisan::call('migrate');
//Mail::pretend(true);
$this->seed('TestSeeder');
}
}

16
tests/CacheServiceStub.php
View File

@ -1,7 +1,21 @@
<?php <?php
/**
* Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Utils\Services\ICacheService; use Utils\Services\ICacheService;
/**
* Class CacheServiceStub
*/
class CacheServiceStub implements ICacheService { class CacheServiceStub implements ICacheService {
private static $cache = array(); private static $cache = array();

4
tests/ClientApiTest.php
View File

@ -11,16 +11,14 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
use OAuth2\Models\IClient; use OAuth2\Models\IClient;
use Auth\User; use Auth\User;
use Models\OAuth2\Client; use Models\OAuth2\Client;
use Illuminate\Support\Facades\Session; use Illuminate\Support\Facades\Session;
/** /**
* Class ClientApiTest * Class ClientApiTest
*/ */
class ClientApiTest extends TestCase { class ClientApiTest extends \Tests\BrowserKitTestCase {
private $current_realm; private $current_realm;

4
tests/ClientPublicKeyApiTest.php
View File

@ -11,13 +11,11 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
use jwk\JSONWebKeyTypes; use jwk\JSONWebKeyTypes;
use jwk\JSONWebKeyPublicKeyUseValues; use jwk\JSONWebKeyPublicKeyUseValues;
use Models\OAuth2\Client; use Models\OAuth2\Client;
use jwa\JSONWebSignatureAndEncryptionAlgorithms; use jwa\JSONWebSignatureAndEncryptionAlgorithms;
use Tests\TestCase;
/** /**
* Class ClientPublicKeyApiTest * Class ClientPublicKeyApiTest
*/ */

34
tests/CreatesApplication.php Normal file
View File

@ -0,0 +1,34 @@
<?php namespace Tests;
/**
* Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Illuminate\Contracts\Console\Kernel;
/**
* Trait CreatesApplication
* @package Tests
*/
trait CreatesApplication
{
/**
* Creates the application.
*
* @return \Illuminate\Foundation\Application
*/
public function createApplication()
{
$app = require __DIR__.'/../bootstrap/app.php';
$app->make(Kernel::class)->bootstrap();
return $app;
}
}

2
tests/CustomAuthProviderTest.php
View File

@ -18,7 +18,7 @@ use OpenId\Services\OpenIdServiceCatalog;
use Auth\Repositories\IUserRepository; use Auth\Repositories\IUserRepository;
use Auth\Repositories\IMemberRepository; use Auth\Repositories\IMemberRepository;
use Auth\IAuthenticationExtensionService; use Auth\IAuthenticationExtensionService;
use Tests\TestCase;
/** /**
* Class CustomAuthProviderTest * Class CustomAuthProviderTest
*/ */

15
tests/DiffieHellmanTest.php
View File

@ -1,10 +1,21 @@
<?php <?php
/**
* Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use OpenId\Helpers\AssocHandleGenerator; use OpenId\Helpers\AssocHandleGenerator;
use OpenId\Helpers\OpenIdCryptoHelper; use OpenId\Helpers\OpenIdCryptoHelper;
use OpenId\Requests\OpenIdDHAssociationSessionRequest; use OpenId\Requests\OpenIdDHAssociationSessionRequest;
use Zend\Crypt\PublicKey\DiffieHellman; use Zend\Crypt\PublicKey\DiffieHellman;
use Tests\TestCase;
/** /**
* Class DiffieHellmanTest * Class DiffieHellmanTest
*/ */

19
tests/DiscoveryControllerTest.php
View File

@ -1,6 +1,21 @@
<?php <?php
/**
class DiscoveryControllerTest extends TestCase * Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Tests\BrowserKitTestCase;
/***
* Class DiscoveryControllerTest
*/
final class DiscoveryControllerTest extends BrowserKitTestCase
{ {
public function testIdpDiscovery() public function testIdpDiscovery()

21
tests/Feature/ExampleTest.php Normal file
View File

@ -0,0 +1,21 @@
<?php
namespace Tests\Feature;
use Tests\TestCase;
use Illuminate\Foundation\Testing\RefreshDatabase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*
* @return void
*/
public function testBasicTest()
{
$response = $this->get('/');
$response->assertStatus(200);
}
}

4
tests/OAuth2ProtectedApiTest.php
View File

@ -11,13 +11,11 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
use OAuth2\OAuth2Protocol; use OAuth2\OAuth2Protocol;
use Auth\User; use Auth\User;
use Utils\Services\IAuthService; use Utils\Services\IAuthService;
use Illuminate\Support\Facades\Session; use Illuminate\Support\Facades\Session;
use Illuminate\Support\Facades\Config; use Illuminate\Support\Facades\Config;
/** /**
* Class OAuth2ProtectedApiTest * Class OAuth2ProtectedApiTest
*/ */
@ -67,7 +65,7 @@ abstract class OAuth2ProtectedApiTest extends OpenStackIDBaseTest {
OAuth2Protocol::OAuth2Protocol_AccessType => OAuth2Protocol::OAuth2Protocol_AccessType_Offline, OAuth2Protocol::OAuth2Protocol_AccessType => OAuth2Protocol::OAuth2Protocol_AccessType_Offline,
); );
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$response = $this->action("POST", "OAuth2\OAuth2ProviderController@auth", $response = $this->action("POST", "OAuth2\OAuth2ProviderController@auth",
$params, $params,

36
tests/OAuth2ProtocolTest.php
View File

@ -17,7 +17,7 @@ use OAuth2\OAuth2Protocol;
use Utils\Services\IAuthService; use Utils\Services\IAuthService;
use Utils\Services\UtilsServiceCatalog; use Utils\Services\UtilsServiceCatalog;
use Illuminate\Support\Facades\Session; use Illuminate\Support\Facades\Session;
use Illuminate\Support\Facades\Config;
/** /**
* Class OAuth2ProtocolTest * Class OAuth2ProtocolTest
* Test Suite for OAuth2 Protocol * Test Suite for OAuth2 Protocol
@ -191,7 +191,7 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
OAuth2Protocol::OAuth2Protocol_AccessType => OAuth2Protocol::OAuth2Protocol_AccessType_Offline, OAuth2Protocol::OAuth2Protocol_AccessType => OAuth2Protocol::OAuth2Protocol_AccessType_Offline,
); );
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$response = $this->action("POST", "OAuth2\OAuth2ProviderController@auth", $response = $this->action("POST", "OAuth2\OAuth2ProviderController@auth",
$params, $params,
@ -271,7 +271,7 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
OAuth2Protocol::OAuth2Protocol_AccessType => OAuth2Protocol::OAuth2Protocol_AccessType_Offline, OAuth2Protocol::OAuth2Protocol_AccessType => OAuth2Protocol::OAuth2Protocol_AccessType_Offline,
); );
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$response = $this->action("POST", "OAuth2\OAuth2ProviderController@auth", $response = $this->action("POST", "OAuth2\OAuth2ProviderController@auth",
$params, $params,
@ -339,7 +339,7 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
$client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client'; $client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client';
$client_secret = 'ITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhg'; $client_secret = 'ITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhg';
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
//do authorization ... //do authorization ...
@ -491,7 +491,7 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
$client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client'; $client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client';
$client_secret = 'ITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhg'; $client_secret = 'ITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhg';
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
//do authorization ... //do authorization ...
@ -596,7 +596,7 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
$client_secret = 'ITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhg'; $client_secret = 'ITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhg';
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
//do authorization ... //do authorization ...
@ -710,7 +710,7 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
$client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client'; $client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client';
$client_secret = 'ITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhg'; $client_secret = 'ITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhg';
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
//do authorization ... //do authorization ...
@ -822,7 +822,7 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
$client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client'; $client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client';
$client_secret = 'ITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhg'; $client_secret = 'ITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhgITc/6Y5N7kOtGKhg';
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
//do authorization ... //do authorization ...
@ -905,9 +905,9 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
public function testImplicitFlow() public function testImplicitFlow()
{ {
$client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client'; $client_id = '1234/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client';
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$params = array( $params = array(
'client_id' => $client_id, 'client_id' => $client_id,
@ -943,9 +943,9 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
public function testTokenRevocation() public function testTokenRevocation()
{ {
$client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client'; $client_id = '1234/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client';
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$params = array( $params = array(
'client_id' => $client_id, 'client_id' => $client_id,
@ -997,9 +997,9 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
public function testTokenRevocationInvalidClient() public function testTokenRevocationInvalidClient()
{ {
$client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client'; $client_id = '1234/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client';
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$params = array( $params = array(
'client_id' => $client_id, 'client_id' => $client_id,
@ -1052,9 +1052,9 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
public function testTokenRevocationInvalidHint() public function testTokenRevocationInvalidHint()
{ {
$client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client'; $client_id = '1234/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client';
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$params = array( $params = array(
'client_id' => $client_id, 'client_id' => $client_id,
@ -1107,9 +1107,9 @@ final class OAuth2ProtocolTest extends OpenStackIDBaseTest
public function testTokenRevocationInvalidToken() public function testTokenRevocationInvalidToken()
{ {
$client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client'; $client_id = '1234/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client';
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$params = array( $params = array(
'client_id' => $client_id, 'client_id' => $client_id,

16
tests/OAuth2UserServiceApiTest.php
View File

@ -1,11 +1,21 @@
<?php <?php
/**
* Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use OAuth2\ResourceServer\IUserService; use OAuth2\ResourceServer\IUserService;
/** /**
* Class OAuth2UserServiceApiTest * Class OAuth2UserServiceApiTest
*/ */
class OAuth2UserServiceApiTest extends OAuth2ProtectedApiTest { final class OAuth2UserServiceApiTest extends OAuth2ProtectedApiTest {
/** /**

6
tests/OIDCProtocolTest.php
View File

@ -1,5 +1,4 @@
<?php <?php
/** /**
* Copyright 2015 OpenStack Foundation * Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -37,7 +36,7 @@ use jwt\impl\UnsecuredJWT;
* Class OIDCProtocolTest * Class OIDCProtocolTest
* http://openid.net/wordpress-content/uploads/2015/02/OpenID-Connect-Conformance-Profiles.pdf * http://openid.net/wordpress-content/uploads/2015/02/OpenID-Connect-Conformance-Profiles.pdf
*/ */
class OIDCProtocolTest extends OpenStackIDBaseTest final class OIDCProtocolTest extends OpenStackIDBaseTest
{ {
/** /**
* @var string * @var string
@ -83,8 +82,7 @@ class OIDCProtocolTest extends OpenStackIDBaseTest
$this->assertTrue(array_key_exists('error', $output)); $this->assertTrue(array_key_exists('error', $output));
$this->assertTrue(!empty($output['error'])); $this->assertTrue(!empty($output['error']));
$this->assertTrue($output['error'] === OAuth2Protocol::OAuth2Protocol_Error_Interaction_Required); $this->assertTrue($output['error'] === OAuth2Protocol::OAuth2Protocol_Error_Login_Required);
} }
public function testLoginWithTrailingSpace() public function testLoginWithTrailingSpace()

34
tests/OpenIdProtocolTest.php
View File

@ -1,5 +1,16 @@
<?php <?php
/**
* Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Auth\User; use Auth\User;
use OpenId\Extensions\Implementations\OpenIdOAuth2Extension; use OpenId\Extensions\Implementations\OpenIdOAuth2Extension;
use OpenId\Extensions\Implementations\OpenIdSREGExtension; use OpenId\Extensions\Implementations\OpenIdSREGExtension;
@ -15,7 +26,7 @@ use OpenId\Extensions\Implementations\OpenIdSREGExtension_1_0;
* Class OpenIdProtocolTest * Class OpenIdProtocolTest
* Test Suite for OpenId Protocol * Test Suite for OpenId Protocol
*/ */
class OpenIdProtocolTest extends OpenStackIDBaseTest final class OpenIdProtocolTest extends OpenStackIDBaseTest
{ {
private $current_realm; private $current_realm;
private $g; private $g;
@ -26,8 +37,9 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
private $oauth2_client_secret; private $oauth2_client_secret;
private $user; private $user;
public function __construct() public function __construct($name = null, array $data = [], $dataName = '')
{ {
parent::__construct($name, $data, $dataName);
//DH openid values //DH openid values
$this->g = '1'; $this->g = '1';
$this->private = '84009535308644335779530519631942543663544485189066558731295758689838227409144125540638118058012144795574289866857191302071807568041343083679600155026066530597177004145874642611724010339353151653679189142289183802715816551715563883085859667759854344959305451172754264893136955464706052993052626766687910313992'; $this->private = '84009535308644335779530519631942543663544485189066558731295758689838227409144125540638118058012144795574289866857191302071807568041343083679600155026066530597177004145874642611724010339353151653679189142289183802715816551715563883085859667759854344959305451172754264893136955464706052993052626766687910313992';
@ -428,7 +440,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
$this->assertTrue(isset($openid_response['enc_mac_key'])); $this->assertTrue(isset($openid_response['enc_mac_key']));
$this->assertTrue(isset($openid_response['expires_in'])); $this->assertTrue(isset($openid_response['expires_in']));
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$params = array( $params = array(
OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType,
@ -539,7 +551,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
public function testAuthenticationCheckImmediateAuthenticationPrivateSession() public function testAuthenticationCheckImmediateAuthenticationPrivateSession()
{ {
//set login info //set login info
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
//add trusted site //add trusted site
$site = new OpenIdTrustedSite; $site = new OpenIdTrustedSite;
@ -598,7 +610,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
public function testAuthenticationCheckImmediateAuthenticationPrivateSession_SetupNeeded() public function testAuthenticationCheckImmediateAuthenticationPrivateSession_SetupNeeded()
{ {
//set login info //set login info
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$this->user->trusted_sites()->delete(); $this->user->trusted_sites()->delete();
$params = array( $params = array(
OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType,
@ -634,7 +646,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
{ {
//set login info //set login info
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever);
$sreg_required_params = array('email', 'fullname', 'nickname'); $sreg_required_params = array('email', 'fullname', 'nickname');
$params = array( $params = array(
@ -708,7 +720,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
{ {
//set login info //set login info
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever);
$sreg_required_params = array('email', 'fullname'); $sreg_required_params = array('email', 'fullname');
$params = array( $params = array(
@ -782,7 +794,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
{ {
//set login info //set login info
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever);
$sreg_required_params = array('email', 'fullname'); $sreg_required_params = array('email', 'fullname');
$params = array( $params = array(
@ -982,7 +994,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
{ {
//set login info //set login info
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$scope = array( $scope = array(
sprintf('%s/resource-server/read', $this->current_realm), sprintf('%s/resource-server/read', $this->current_realm),
@ -1063,7 +1075,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
{ {
//set login info //set login info
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce); Session::put("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$scope = array( $scope = array(
sprintf('%s/resource-server/read', $this->current_realm), sprintf('%s/resource-server/read', $this->current_realm),

5
tests/OpenStackIDBaseTest.php
View File

@ -11,14 +11,13 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
use Illuminate\Support\Facades\Schema; use Illuminate\Support\Facades\Schema;
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\DB;
use Tests\BrowserKitTestCase;
/** /**
* Class OpenStackIDBaseTest * Class OpenStackIDBaseTest
*/ */
abstract class OpenStackIDBaseTest extends TestCase { abstract class OpenStackIDBaseTest extends BrowserKitTestCase {
protected function prepareForTests() protected function prepareForTests()
{ {

17
tests/ResourceServerApiTest.php
View File

@ -1,15 +1,26 @@
<?php <?php
/**
* Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Models\OAuth2\ResourceServer; use Models\OAuth2\ResourceServer;
use Illuminate\Support\Facades\Config; use Illuminate\Support\Facades\Config;
use Auth\User; use Auth\User;
use Illuminate\Support\Facades\Session; use Illuminate\Support\Facades\Session;
use Tests\BrowserKitTestCase;
/** /**
* Class ResourceServerApiTest * Class ResourceServerApiTest
* Test ResourceServer REST API * Test ResourceServer REST API
*/ */
class ResourceServerApiTest extends TestCase final class ResourceServerApiTest extends BrowserKitTestCase
{ {
private $current_realm; private $current_realm;

1
tests/StubServerConfigurationService.php
View File

@ -1,5 +1,4 @@
<?php <?php
/** /**
* Copyright 2016 OpenStack Foundation * Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");

69
tests/TestCase.php
View File

@ -1,57 +1,22 @@
<?php <?php namespace Tests;
/**
use Illuminate\Support\Facades\Redis; * Copyright 2015 Openstack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Illuminate\Foundation\Testing\TestCase as BaseTestCase;
/** /**
* Class TestCase * Class TestCase
* @package Tests
*/ */
class TestCase extends Illuminate\Foundation\Testing\TestCase abstract class TestCase extends BaseTestCase
{ {
private $redis; use CreatesApplication;
/**
* The base URL to use while testing the application.
*
* @var string
*/
protected $baseUrl = 'http://localhost';
/**
* Creates the application.
*
* @return \Illuminate\Foundation\Application
*/
public function createApplication()
{
$app = require __DIR__.'/../bootstrap/app.php';
$app->make(Illuminate\Contracts\Console\Kernel::class)->bootstrap();
return $app;
}
public function __construct(){
}
public function setUp()
{
parent::setUp(); // Don't forget this!
$this->redis = Redis::connection();
$this->redis->flushall();
$this->prepareForTests();
}
/**
* Migrates the database and set the mailer to 'pretend'.
* This will cause the tests to run quickly.
*
*/
protected function prepareForTests()
{
Artisan::call('migrate');
//Mail::pretend(true);
$this->seed('TestSeeder');
}
} }

7
tests/TokenRepositoryTest.php
View File

@ -1,5 +1,4 @@
<?php <?php
/** /**
* Copyright 2016 OpenStack Foundation * Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -12,7 +11,11 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
class TokenRepositoryTest extends TestCase use Tests\TestCase;
/**
* Class TokenRepositoryTest
*/
final class TokenRepositoryTest extends TestCase
{ {
public function testAccessTokenRepository(){ public function testAccessTokenRepository(){
$repository = $this->app[\OAuth2\Repositories\IAccessTokenRepository::class]; $repository = $this->app[\OAuth2\Repositories\IAccessTokenRepository::class];

31
tests/TrustedSitesServiceTest.php
View File

@ -1,20 +1,27 @@
<?php <?php
/**
* Copyright 2016 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use OpenId\Services\OpenIdServiceCatalog; use OpenId\Services\OpenIdServiceCatalog;
use Utils\Services\IAuthService; use Utils\Services\IAuthService;
use OpenId\Repositories\IOpenIdTrustedSiteRepository; use OpenId\Repositories\IOpenIdTrustedSiteRepository;
use OpenId\Models\IOpenIdUser; use OpenId\Models\IOpenIdUser;
use Auth\User; use Auth\User;
use Repositories\EloquentOpenIdTrustedSiteRepository; use Repositories\EloquentOpenIdTrustedSiteRepository;
use Way\Tests\Factory; use Tests\BrowserKitTestCase;
/** /**
* Class TrustedSitesServiceTest * Class TrustedSitesServiceTest
*/ */
class TrustedSitesServiceTest extends TestCase { final class TrustedSitesServiceTest extends BrowserKitTestCase {
public function __construct()
{
}
protected function prepareForTests() protected function prepareForTests()
{ {
@ -46,29 +53,23 @@ class TrustedSitesServiceTest extends TestCase {
} }
public function testAdd(){ public function testAdd(){
$service = $this->app[OpenIdServiceCatalog::TrustedSitesService]; $service = $this->app[OpenIdServiceCatalog::TrustedSitesService];
$user = User::where('identifier','=','sebastian.marcet')->first();
$user = Factory::create(User::class);
$res = $service->addTrustedSite($user, $res = $service->addTrustedSite($user,
$realm = 'https://www.test.com', $realm = 'https://www.test.com',
IAuthService::AuthorizationResponse_AllowForever, IAuthService::AuthorizationResponse_AllowForever,
$data = array()); $data = array());
$this->assertTrue(!is_null($res)); $this->assertTrue(!is_null($res));
} }
public function testGetTrustedSitesByRealm(){ public function testGetTrustedSitesByRealm(){
$realm = 'https://*.test.com'; $realm = 'https://*.test.com';
$service = $this->app[OpenIdServiceCatalog::TrustedSitesService]; $service = $this->app[OpenIdServiceCatalog::TrustedSitesService];
$user = Factory::create(User::class); $user = User::where('identifier','=','sebastian.marcet')->first();
$res = $service->addTrustedSite($user, $realm, IAuthService::AuthorizationResponse_AllowForever, $data = array('email','profile','address')); $res = $service->addTrustedSite($user, $realm, IAuthService::AuthorizationResponse_AllowForever, $data = array('email','profile','address'));

19
tests/Unit/ExampleTest.php Normal file
View File

@ -0,0 +1,19 @@
<?php
namespace Tests\Unit;
use Tests\TestCase;
use Illuminate\Foundation\Testing\RefreshDatabase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*
* @return void
*/
public function testBasicTest()
{
$this->assertTrue(true);
}
}

9
tests/UserGeneratorServiceTest.php
View File

@ -1,5 +1,4 @@
<?php <?php
/** /**
* Copyright 2015 OpenStack Foundation * Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -14,15 +13,11 @@
**/ **/
use Auth\UserNameGeneratorService; use Auth\UserNameGeneratorService;
use Auth\Repositories\IMemberRepository; use Auth\Repositories\IMemberRepository;
use Tests\BrowserKitTestCase;
/** /**
* Class UserGeneratorServiceTest * Class UserGeneratorServiceTest
*/ */
class UserGeneratorServiceTest extends TestCase { final class UserGeneratorServiceTest extends BrowserKitTestCase {
public function __construct(){
}
protected function prepareForTests() protected function prepareForTests()
{ {

6
tests/UserServiceTest.php
View File

@ -1,5 +1,4 @@
<?php <?php
/** /**
* Copyright 2015 OpenStack Foundation * Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -12,14 +11,13 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
use Auth\Repositories\IMemberRepository; use Auth\Repositories\IMemberRepository;
use OpenId\Services\IUserService; use OpenId\Services\IUserService;
use Tests\BrowserKitTestCase;
/** /**
* Class UserServiceTest * Class UserServiceTest
*/ */
class UserServiceTest extends TestCase final class UserServiceTest extends BrowserKitTestCase
{ {
protected function prepareForTests() protected function prepareForTests()

4
tests/UserTest.php
View File

@ -1,14 +1,14 @@
<?php <?php
use Auth\User; use Auth\User;
use Models\Member; use Models\Member;
use OpenId\Services\OpenIdServiceCatalog; use OpenId\Services\OpenIdServiceCatalog;
use Illuminate\Support\Facades\App; use Illuminate\Support\Facades\App;
use Auth\UserNameGeneratorService; use Auth\UserNameGeneratorService;
use Tests\BrowserKitTestCase;
/** /**
* Class UserTest * Class UserTest
*/ */
class UserTest extends TestCase class UserTest extends BrowserKitTestCase
{ {
public function testMember() public function testMember()

4
tests/XRDSDocumentTest.php
View File

@ -11,13 +11,13 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ **/
use OpenId\Xrds\XRDSDocumentBuilder; use OpenId\Xrds\XRDSDocumentBuilder;
use OpenId\Xrds\XRDSService; use OpenId\Xrds\XRDSService;
use Tests\BrowserKitTestCase;
/** /**
* Class XRDSDocumentTest * Class XRDSDocumentTest
*/ */
class XRDSDocumentTest extends TestCase class XRDSDocumentTest extends BrowserKitTestCase
{ {
public function testBuildDocument() public function testBuildDocument()
{ {

15
webpack.mix.js Normal file
View File

@ -0,0 +1,15 @@
let mix = require('laravel-mix');
/*
|--------------------------------------------------------------------------
| Mix Asset Management
|--------------------------------------------------------------------------
|
| Mix provides a clean, fluent API for defining some Webpack build steps
| for your Laravel application. By default, we are compiling the Sass
| file for the application as well as bundling up all the JS files.
|
*/
mix.js('resources/assets/js/app.js', 'public/js')
.sass('resources/assets/sass/app.scss', 'public/css');