-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
panguobin
committed
Feb 15, 2022
1 parent
d60671d
commit ae984c1
Showing
4 changed files
with
167 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
<?php | ||
|
||
declare(strict_types=1); | ||
|
||
namespace Auth0\SDK\Exception; | ||
|
||
/** | ||
* @codeCoverageIgnore | ||
*/ | ||
final class ArgumentException extends \Exception implements Auth0Exception | ||
{ | ||
public const MSG_VALUE_CANNOT_BE_EMPTY = 'A value for `%s` must be provided'; | ||
public const MSG_PKCE_CODE_VERIFIER_LENGTH = 'Code verifier must be created with a minimum length of 43 characters and a maximum length of 128 characters.'; | ||
public const MSG_BAD_PERMISSIONS_ARRAY = 'Invalid or empty permissions array passed. All permissions must include both permission_name and resource_server_identifier keys.'; | ||
public const MSG_UNKNOWN_METHOD = 'Unknown method %s.'; | ||
|
||
public static function missing( | ||
string $parameterName, | ||
?\Throwable $previous = null | ||
): self { | ||
return new self(sprintf(self::MSG_VALUE_CANNOT_BE_EMPTY, $parameterName), 0, $previous); | ||
} | ||
|
||
public static function codeVerifierLength( | ||
?\Throwable $previous = null | ||
): self { | ||
return new self(self::MSG_PKCE_CODE_VERIFIER_LENGTH, 0, $previous); | ||
} | ||
|
||
public static function badPermissionsArray( | ||
?\Throwable $previous = null | ||
): self { | ||
return new self(self::MSG_BAD_PERMISSIONS_ARRAY, 0, $previous); | ||
} | ||
|
||
public static function unknownMethod( | ||
string $methodName, | ||
?\Throwable $previous = null | ||
): self { | ||
return new self(sprintf(self::MSG_UNKNOWN_METHOD, $methodName), 0, $previous); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
<?php | ||
|
||
declare(strict_types=1); | ||
|
||
namespace Upbond\Auth\SDK\Utility; | ||
|
||
/** | ||
* Class PKCE. | ||
*/ | ||
final class PKCE | ||
{ | ||
/** | ||
* Generate a random string of between 43 and 128 characters containing | ||
* letters, numbers and "-", ".", "_", "~", as defined in the RFC 7636 | ||
* specification. | ||
* | ||
* @param int $length Code verifier length | ||
* | ||
* @link https://tools.ietf.org/html/rfc7636 | ||
*/ | ||
public static function generateCodeVerifier( | ||
int $length = 43 | ||
): string { | ||
if ($length < 43 || $length > 128) { | ||
throw \Auth0\SDK\Exception\ArgumentException::codeVerifierLength(); | ||
} | ||
|
||
$string = ''; | ||
|
||
while (($len = mb_strlen($string)) < $length) { | ||
$size = $length - $len; | ||
|
||
// @codeCoverageIgnoreStart | ||
try { | ||
$bytes = random_bytes($size); | ||
} catch (\Exception $exception) { | ||
$bytes = (string) openssl_random_pseudo_bytes($size); | ||
} | ||
// @codeCoverageIgnoreEnd | ||
|
||
$string .= mb_substr(str_replace(['/', '+', '='], '', base64_encode($bytes)), 0, $size); | ||
} | ||
|
||
return $string; | ||
} | ||
|
||
/** | ||
* Returns the generated code challenge from the given code_verifier. The | ||
* code_challenge should be a Base64 encoded string with URL and | ||
* filename-safe characters. The trailing '=' characters should be removed | ||
* and no line breaks, whitespace, or other additional characters should be | ||
* present. | ||
* | ||
* @param string $codeVerifier String to generate code challenge from. | ||
* | ||
* @link https://auth0.com/docs/flows/concepts/auth-code-pkce | ||
*/ | ||
public static function generateCodeChallenge( | ||
string $codeVerifier | ||
): string { | ||
$encoded = base64_encode(hash('sha256', $codeVerifier, true)); | ||
|
||
return strtr(rtrim($encoded, '='), '+/', '-_'); | ||
} | ||
} |