From 2a2b5861a5e0330a96f6413696ce9c0b8a2bc6a7 Mon Sep 17 00:00:00 2001 From: humano Date: Sun, 21 Oct 2018 11:53:11 -0500 Subject: [PATCH] generacion de token --- funciones/funciones.php | 79 ++- rest/composer.json | 4 +- rest/composer.lock | 152 +++- rest/public/.htaccess | 1 + rest/vendor/composer/autoload_psr4.php | 3 + rest/vendor/composer/autoload_static.php | 15 + rest/vendor/composer/installed.json | 154 ++++ rest/vendor/firebase/php-jwt/LICENSE | 30 + rest/vendor/firebase/php-jwt/README.md | 200 ++++++ rest/vendor/firebase/php-jwt/composer.json | 29 + .../php-jwt/src/BeforeValidException.php | 7 + .../firebase/php-jwt/src/ExpiredException.php | 7 + rest/vendor/firebase/php-jwt/src/JWT.php | 379 ++++++++++ .../php-jwt/src/SignatureInvalidException.php | 7 + rest/vendor/psr/log/.gitignore | 1 + rest/vendor/psr/log/LICENSE | 19 + .../vendor/psr/log/Psr/Log/AbstractLogger.php | 128 ++++ .../log/Psr/Log/InvalidArgumentException.php | 7 + rest/vendor/psr/log/Psr/Log/LogLevel.php | 18 + .../psr/log/Psr/Log/LoggerAwareInterface.php | 18 + .../psr/log/Psr/Log/LoggerAwareTrait.php | 26 + .../psr/log/Psr/Log/LoggerInterface.php | 123 ++++ rest/vendor/psr/log/Psr/Log/LoggerTrait.php | 140 ++++ rest/vendor/psr/log/Psr/Log/NullLogger.php | 28 + .../log/Psr/Log/Test/LoggerInterfaceTest.php | 140 ++++ rest/vendor/psr/log/README.md | 45 ++ rest/vendor/psr/log/composer.json | 26 + .../vendor/tuupola/slim-jwt-auth/CHANGELOG.md | 53 ++ rest/vendor/tuupola/slim-jwt-auth/LICENSE.md | 21 + rest/vendor/tuupola/slim-jwt-auth/Makefile | 33 + rest/vendor/tuupola/slim-jwt-auth/codecov.yml | 3 + .../tuupola/slim-jwt-auth/composer.json | 43 ++ .../slim-jwt-auth/src/JwtAuthentication.php | 667 ++++++++++++++++++ .../JwtAuthentication/RequestMethodRule.php | 53 ++ .../src/JwtAuthentication/RequestPathRule.php | 71 ++ .../src/JwtAuthentication/RuleInterface.php | 23 + 36 files changed, 2720 insertions(+), 33 deletions(-) create mode 100644 rest/vendor/firebase/php-jwt/LICENSE create mode 100644 rest/vendor/firebase/php-jwt/README.md create mode 100644 rest/vendor/firebase/php-jwt/composer.json create mode 100644 rest/vendor/firebase/php-jwt/src/BeforeValidException.php create mode 100644 rest/vendor/firebase/php-jwt/src/ExpiredException.php create mode 100644 rest/vendor/firebase/php-jwt/src/JWT.php create mode 100644 rest/vendor/firebase/php-jwt/src/SignatureInvalidException.php create mode 100644 rest/vendor/psr/log/.gitignore create mode 100644 rest/vendor/psr/log/LICENSE create mode 100644 rest/vendor/psr/log/Psr/Log/AbstractLogger.php create mode 100644 rest/vendor/psr/log/Psr/Log/InvalidArgumentException.php create mode 100644 rest/vendor/psr/log/Psr/Log/LogLevel.php create mode 100644 rest/vendor/psr/log/Psr/Log/LoggerAwareInterface.php create mode 100644 rest/vendor/psr/log/Psr/Log/LoggerAwareTrait.php create mode 100644 rest/vendor/psr/log/Psr/Log/LoggerInterface.php create mode 100644 rest/vendor/psr/log/Psr/Log/LoggerTrait.php create mode 100644 rest/vendor/psr/log/Psr/Log/NullLogger.php create mode 100644 rest/vendor/psr/log/Psr/Log/Test/LoggerInterfaceTest.php create mode 100644 rest/vendor/psr/log/README.md create mode 100644 rest/vendor/psr/log/composer.json create mode 100644 rest/vendor/tuupola/slim-jwt-auth/CHANGELOG.md create mode 100644 rest/vendor/tuupola/slim-jwt-auth/LICENSE.md create mode 100644 rest/vendor/tuupola/slim-jwt-auth/Makefile create mode 100644 rest/vendor/tuupola/slim-jwt-auth/codecov.yml create mode 100644 rest/vendor/tuupola/slim-jwt-auth/composer.json create mode 100644 rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication.php create mode 100644 rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RequestMethodRule.php create mode 100644 rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RequestPathRule.php create mode 100644 rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RuleInterface.php diff --git a/funciones/funciones.php b/funciones/funciones.php index 31c029f..c5e2405 100644 --- a/funciones/funciones.php +++ b/funciones/funciones.php @@ -1,17 +1,42 @@ $time, // Tiempo que inició el token + // 'exp' => $time + (60*60), // Tiempo que expirará el token (+1 hora) + 'data' => [ // información del usuario + 'id' => 1, + 'tipo' => "$tipo", + 'form_id' => "$valor" + + ] +); + + $jwt = JWT::encode($token, $key); + //$data = JWT::decode($jwt, $key, array('HS256')); + //$datos = print_r($data, true); + $token=$jwt; + + $link=Conectarse(); mysqli_set_charset($link, "utf8"); - $token = sprintf( '%04x%04x-%04x-%04x-%04x-%04x%04x%04x', mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0x0C2f ) | 0x4000, mt_rand( 0, 0x3fff ) | 0x8000, mt_rand( 0, 0x2Aff ), mt_rand( 0, 0xffD3 ), mt_rand( 0, 0xff4B ) ); - $color = "#".substr($token, 0, 6); + $color = "#".substr(MD5(rand(1,9999)), 0, 6); //escritura: ebf3f1cb-88c3-43fa-8df5-242b591f5367 Nuevo key lectura: f6fdf0b7-b3c7-46cc-a308-10eb8561cc9 if($tipo =='proyecto'){ - + $token = sprintf( '%04x%04x-%04x-%04x-%04x-%04x%04x%04x', mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0x0C2f ) | 0x4000, mt_rand( 0, 0x3fff ) | 0x8000, mt_rand( 0, 0x2Aff ), mt_rand( 0, 0xffD3 ), mt_rand( 0, 0xff4B ) ); + $consulta = "UPDATE `empresa` SET `secret_key` = '$token' WHERE `empresa`.`id` = '$_SESSION[id_empresa]'"; $sql=mysqli_query($link,$consulta); @@ -21,7 +46,7 @@ date_default_timezone_set('America/Bogota'); return $respuesta; } }else{ - $valor= intval(preg_replace('/[^0-9]+/', '', $div), 10); ; + $existe = remplacetas('form_permisos','form_id',$valor,'id',"tipo='$tipo' AND id_empresa = '$_SESSION[id_empresa]'") ; if($existe[0] !=""){ @@ -38,7 +63,7 @@ date_default_timezone_set('America/Bogota'); VALUES (NULL, '', '$token', '0', NOW(), '$_SESSION[id]', '$tipo', '$_SESSION[id_empresa]', '$valor')"; $sql=mysqli_query($link,$consulta); $respuesta->addAssign("$div","value","$token" ); - $respuesta->addAssign("$div"."_aviso","innerHTML","Nuevo key $tipo: $token" ); + $respuesta->addAssign("$div"."_aviso","innerHTML","Nuevo key $tipo: $token " ); return $respuesta; } $respuesta->addAlert("$valor $consulta "); @@ -15441,32 +15466,26 @@ $item .= "
API -
- Key Administrador - -
- -
-
- -
- Key Lectura - -
- -
-
- -
- Key Escritura - -
- -
-
- + + +
+ + +
+ + +
+ + +
+ + +
+ + +
+ -
Portal
  • diff --git a/rest/composer.json b/rest/composer.json index 49b7ae5..a890f7d 100644 --- a/rest/composer.json +++ b/rest/composer.json @@ -1,5 +1,7 @@ { "require": { - "slim/slim": "^3.0" + "slim/slim": "^3.0", + "tuupola/slim-jwt-auth": "^2.4", + "firebase/php-jwt": "^5.0" } } diff --git a/rest/composer.lock b/rest/composer.lock index 8017c48..55bc5c9 100644 --- a/rest/composer.lock +++ b/rest/composer.lock @@ -4,8 +4,8 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "6f5d3d05d70b58db9144bb1ca70c8698", - "content-hash": "3b0766dbcef4dfb1a4a2012fef8611d8", + "hash": "db06d159aa973eb83cbd8c8a94dff140", + "content-hash": "9aebed89c362ee9703dec74f7f636758", "packages": [ { "name": "container-interop/container-interop", @@ -38,6 +38,52 @@ "homepage": "https://github.com/container-interop/container-interop", "time": "2017-02-14 19:40:03" }, + { + "name": "firebase/php-jwt", + "version": "v5.0.0", + "source": { + "type": "git", + "url": "https://github.com/firebase/php-jwt.git", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/firebase/php-jwt/zipball/9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "require-dev": { + "phpunit/phpunit": " 4.8.35" + }, + "type": "library", + "autoload": { + "psr-4": { + "Firebase\\JWT\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Neuman Vong", + "email": "neuman+pear@twilio.com", + "role": "Developer" + }, + { + "name": "Anant Narayanan", + "email": "anant@php.net", + "role": "Developer" + } + ], + "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", + "homepage": "https://github.com/firebase/php-jwt", + "time": "2017-06-27 22:17:23" + }, { "name": "nikic/fast-route", "version": "v1.3.0", @@ -233,6 +279,53 @@ ], "time": "2016-08-06 14:39:51" }, + { + "name": "psr/log", + "version": "1.0.2", + "source": { + "type": "git", + "url": "https://github.com/php-fig/log.git", + "reference": "4ebe3a8bf773a19edfe0a84b6585ba3d401b724d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/log/zipball/4ebe3a8bf773a19edfe0a84b6585ba3d401b724d", + "reference": "4ebe3a8bf773a19edfe0a84b6585ba3d401b724d", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Log\\": "Psr/Log/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "http://www.php-fig.org/" + } + ], + "description": "Common interface for logging libraries", + "homepage": "https://github.com/php-fig/log", + "keywords": [ + "log", + "psr", + "psr-3" + ], + "time": "2016-10-10 12:19:37" + }, { "name": "slim/slim", "version": "3.11.0", @@ -303,6 +396,61 @@ "router" ], "time": "2018-09-16 10:54:21" + }, + { + "name": "tuupola/slim-jwt-auth", + "version": "2.4.0", + "source": { + "type": "git", + "url": "https://github.com/tuupola/slim-jwt-auth.git", + "reference": "bca54de41a8207d4d67faf3601a06a96cb7ed48f" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/tuupola/slim-jwt-auth/zipball/bca54de41a8207d4d67faf3601a06a96cb7ed48f", + "reference": "bca54de41a8207d4d67faf3601a06a96cb7ed48f", + "shasum": "" + }, + "require": { + "firebase/php-jwt": "^3.0 || ^4.0 || ^5.0", + "php": "^5.5 || ^7.0", + "psr/http-message": "^1.0", + "psr/log": "^1.0" + }, + "require-dev": { + "overtrue/phplint": "^0.2.4", + "phpunit/phpunit": "^4.6", + "squizlabs/php_codesniffer": "^2.3", + "zendframework/zend-diactoros": "^1.3" + }, + "type": "library", + "autoload": { + "psr-4": { + "Slim\\Middleware\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Mika Tuupola", + "email": "tuupola@appelsiini.net", + "homepage": "http://www.appelsiini.net/", + "role": "Developer" + } + ], + "description": "PSR-7 JWT Authentication Middleware", + "homepage": "https://github.com/tuupola/slim-jwt-auth", + "keywords": [ + "auth", + "json", + "jwt", + "middleware", + "psr-7" + ], + "time": "2018-04-03 06:12:18" } ], "packages-dev": [], diff --git a/rest/public/.htaccess b/rest/public/.htaccess index 66ef8f6..b5c4dcf 100644 --- a/rest/public/.htaccess +++ b/rest/public/.htaccess @@ -2,3 +2,4 @@ RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^ index.php [QSA,L] +RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}] diff --git a/rest/vendor/composer/autoload_psr4.php b/rest/vendor/composer/autoload_psr4.php index 9c0b471..9fa9d8a 100644 --- a/rest/vendor/composer/autoload_psr4.php +++ b/rest/vendor/composer/autoload_psr4.php @@ -6,9 +6,12 @@ $vendorDir = dirname(dirname(__FILE__)); $baseDir = dirname($vendorDir); return array( + 'Slim\\Middleware\\' => array($vendorDir . '/tuupola/slim-jwt-auth/src'), 'Slim\\' => array($vendorDir . '/slim/slim/Slim'), + 'Psr\\Log\\' => array($vendorDir . '/psr/log/Psr/Log'), 'Psr\\Http\\Message\\' => array($vendorDir . '/psr/http-message/src'), 'Psr\\Container\\' => array($vendorDir . '/psr/container/src'), 'Interop\\Container\\' => array($vendorDir . '/container-interop/container-interop/src/Interop/Container'), + 'Firebase\\JWT\\' => array($vendorDir . '/firebase/php-jwt/src'), 'FastRoute\\' => array($vendorDir . '/nikic/fast-route/src'), ); diff --git a/rest/vendor/composer/autoload_static.php b/rest/vendor/composer/autoload_static.php index 3f8b64f..569048c 100644 --- a/rest/vendor/composer/autoload_static.php +++ b/rest/vendor/composer/autoload_static.php @@ -13,10 +13,12 @@ class ComposerStaticInitf276a0def1050763d961e731ed5733c4 public static $prefixLengthsPsr4 = array ( 'S' => array ( + 'Slim\\Middleware\\' => 16, 'Slim\\' => 5, ), 'P' => array ( + 'Psr\\Log\\' => 8, 'Psr\\Http\\Message\\' => 17, 'Psr\\Container\\' => 14, ), @@ -26,15 +28,24 @@ class ComposerStaticInitf276a0def1050763d961e731ed5733c4 ), 'F' => array ( + 'Firebase\\JWT\\' => 13, 'FastRoute\\' => 10, ), ); public static $prefixDirsPsr4 = array ( + 'Slim\\Middleware\\' => + array ( + 0 => __DIR__ . '/..' . '/tuupola/slim-jwt-auth/src', + ), 'Slim\\' => array ( 0 => __DIR__ . '/..' . '/slim/slim/Slim', ), + 'Psr\\Log\\' => + array ( + 0 => __DIR__ . '/..' . '/psr/log/Psr/Log', + ), 'Psr\\Http\\Message\\' => array ( 0 => __DIR__ . '/..' . '/psr/http-message/src', @@ -47,6 +58,10 @@ class ComposerStaticInitf276a0def1050763d961e731ed5733c4 array ( 0 => __DIR__ . '/..' . '/container-interop/container-interop/src/Interop/Container', ), + 'Firebase\\JWT\\' => + array ( + 0 => __DIR__ . '/..' . '/firebase/php-jwt/src', + ), 'FastRoute\\' => array ( 0 => __DIR__ . '/..' . '/nikic/fast-route/src', diff --git a/rest/vendor/composer/installed.json b/rest/vendor/composer/installed.json index d7aa3a2..4aaf3c8 100644 --- a/rest/vendor/composer/installed.json +++ b/rest/vendor/composer/installed.json @@ -307,5 +307,159 @@ "micro", "router" ] + }, + { + "name": "firebase/php-jwt", + "version": "v5.0.0", + "version_normalized": "5.0.0.0", + "source": { + "type": "git", + "url": "https://github.com/firebase/php-jwt.git", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/firebase/php-jwt/zipball/9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "require-dev": { + "phpunit/phpunit": " 4.8.35" + }, + "time": "2017-06-27 22:17:23", + "type": "library", + "installation-source": "dist", + "autoload": { + "psr-4": { + "Firebase\\JWT\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Neuman Vong", + "email": "neuman+pear@twilio.com", + "role": "Developer" + }, + { + "name": "Anant Narayanan", + "email": "anant@php.net", + "role": "Developer" + } + ], + "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", + "homepage": "https://github.com/firebase/php-jwt" + }, + { + "name": "psr/log", + "version": "1.0.2", + "version_normalized": "1.0.2.0", + "source": { + "type": "git", + "url": "https://github.com/php-fig/log.git", + "reference": "4ebe3a8bf773a19edfe0a84b6585ba3d401b724d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/log/zipball/4ebe3a8bf773a19edfe0a84b6585ba3d401b724d", + "reference": "4ebe3a8bf773a19edfe0a84b6585ba3d401b724d", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "time": "2016-10-10 12:19:37", + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "installation-source": "dist", + "autoload": { + "psr-4": { + "Psr\\Log\\": "Psr/Log/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "http://www.php-fig.org/" + } + ], + "description": "Common interface for logging libraries", + "homepage": "https://github.com/php-fig/log", + "keywords": [ + "log", + "psr", + "psr-3" + ] + }, + { + "name": "tuupola/slim-jwt-auth", + "version": "2.4.0", + "version_normalized": "2.4.0.0", + "source": { + "type": "git", + "url": "https://github.com/tuupola/slim-jwt-auth.git", + "reference": "bca54de41a8207d4d67faf3601a06a96cb7ed48f" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/tuupola/slim-jwt-auth/zipball/bca54de41a8207d4d67faf3601a06a96cb7ed48f", + "reference": "bca54de41a8207d4d67faf3601a06a96cb7ed48f", + "shasum": "" + }, + "require": { + "firebase/php-jwt": "^3.0 || ^4.0 || ^5.0", + "php": "^5.5 || ^7.0", + "psr/http-message": "^1.0", + "psr/log": "^1.0" + }, + "require-dev": { + "overtrue/phplint": "^0.2.4", + "phpunit/phpunit": "^4.6", + "squizlabs/php_codesniffer": "^2.3", + "zendframework/zend-diactoros": "^1.3" + }, + "time": "2018-04-03 06:12:18", + "type": "library", + "installation-source": "dist", + "autoload": { + "psr-4": { + "Slim\\Middleware\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Mika Tuupola", + "email": "tuupola@appelsiini.net", + "homepage": "http://www.appelsiini.net/", + "role": "Developer" + } + ], + "description": "PSR-7 JWT Authentication Middleware", + "homepage": "https://github.com/tuupola/slim-jwt-auth", + "keywords": [ + "auth", + "json", + "jwt", + "middleware", + "psr-7" + ] } ] diff --git a/rest/vendor/firebase/php-jwt/LICENSE b/rest/vendor/firebase/php-jwt/LICENSE new file mode 100644 index 0000000..cb0c49b --- /dev/null +++ b/rest/vendor/firebase/php-jwt/LICENSE @@ -0,0 +1,30 @@ +Copyright (c) 2011, Neuman Vong + +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials provided + with the distribution. + + * Neither the name of Neuman Vong nor the names of other + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/rest/vendor/firebase/php-jwt/README.md b/rest/vendor/firebase/php-jwt/README.md new file mode 100644 index 0000000..b1a7a3a --- /dev/null +++ b/rest/vendor/firebase/php-jwt/README.md @@ -0,0 +1,200 @@ +[![Build Status](https://travis-ci.org/firebase/php-jwt.png?branch=master)](https://travis-ci.org/firebase/php-jwt) +[![Latest Stable Version](https://poser.pugx.org/firebase/php-jwt/v/stable)](https://packagist.org/packages/firebase/php-jwt) +[![Total Downloads](https://poser.pugx.org/firebase/php-jwt/downloads)](https://packagist.org/packages/firebase/php-jwt) +[![License](https://poser.pugx.org/firebase/php-jwt/license)](https://packagist.org/packages/firebase/php-jwt) + +PHP-JWT +======= +A simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to [RFC 7519](https://tools.ietf.org/html/rfc7519). + +Installation +------------ + +Use composer to manage your dependencies and download PHP-JWT: + +```bash +composer require firebase/php-jwt +``` + +Example +------- +```php + "http://example.org", + "aud" => "http://example.com", + "iat" => 1356999524, + "nbf" => 1357000000 +); + +/** + * IMPORTANT: + * You must specify supported algorithms for your application. See + * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40 + * for a list of spec-compliant algorithms. + */ +$jwt = JWT::encode($token, $key); +$decoded = JWT::decode($jwt, $key, array('HS256')); + +print_r($decoded); + +/* + NOTE: This will now be an object instead of an associative array. To get + an associative array, you will need to cast it as such: +*/ + +$decoded_array = (array) $decoded; + +/** + * You can add a leeway to account for when there is a clock skew times between + * the signing and verifying servers. It is recommended that this leeway should + * not be bigger than a few minutes. + * + * Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef + */ +JWT::$leeway = 60; // $leeway in seconds +$decoded = JWT::decode($jwt, $key, array('HS256')); + +?> +``` +Example with RS256 (openssl) +---------------------------- +```php + "example.org", + "aud" => "example.com", + "iat" => 1356999524, + "nbf" => 1357000000 +); + +$jwt = JWT::encode($token, $privateKey, 'RS256'); +echo "Encode:\n" . print_r($jwt, true) . "\n"; + +$decoded = JWT::decode($jwt, $publicKey, array('RS256')); + +/* + NOTE: This will now be an object instead of an associative array. To get + an associative array, you will need to cast it as such: +*/ + +$decoded_array = (array) $decoded; +echo "Decode:\n" . print_r($decoded_array, true) . "\n"; +?> +``` + +Changelog +--------- + +#### 5.0.0 / 2017-06-26 +- Support RS384 and RS512. + See [#117](https://github.com/firebase/php-jwt/pull/117). Thanks [@joostfaassen](https://github.com/joostfaassen)! +- Add an example for RS256 openssl. + See [#125](https://github.com/firebase/php-jwt/pull/125). Thanks [@akeeman](https://github.com/akeeman)! +- Detect invalid Base64 encoding in signature. + See [#162](https://github.com/firebase/php-jwt/pull/162). Thanks [@psignoret](https://github.com/psignoret)! +- Update `JWT::verify` to handle OpenSSL errors. + See [#159](https://github.com/firebase/php-jwt/pull/159). Thanks [@bshaffer](https://github.com/bshaffer)! +- Add `array` type hinting to `decode` method + See [#101](https://github.com/firebase/php-jwt/pull/101). Thanks [@hywak](https://github.com/hywak)! +- Add all JSON error types. + See [#110](https://github.com/firebase/php-jwt/pull/110). Thanks [@gbalduzzi](https://github.com/gbalduzzi)! +- Bugfix 'kid' not in given key list. + See [#129](https://github.com/firebase/php-jwt/pull/129). Thanks [@stampycode](https://github.com/stampycode)! +- Miscellaneous cleanup, documentation and test fixes. + See [#107](https://github.com/firebase/php-jwt/pull/107), [#115](https://github.com/firebase/php-jwt/pull/115), + [#160](https://github.com/firebase/php-jwt/pull/160), [#161](https://github.com/firebase/php-jwt/pull/161), and + [#165](https://github.com/firebase/php-jwt/pull/165). Thanks [@akeeman](https://github.com/akeeman), + [@chinedufn](https://github.com/chinedufn), and [@bshaffer](https://github.com/bshaffer)! + +#### 4.0.0 / 2016-07-17 +- Add support for late static binding. See [#88](https://github.com/firebase/php-jwt/pull/88) for details. Thanks to [@chappy84](https://github.com/chappy84)! +- Use static `$timestamp` instead of `time()` to improve unit testing. See [#93](https://github.com/firebase/php-jwt/pull/93) for details. Thanks to [@josephmcdermott](https://github.com/josephmcdermott)! +- Fixes to exceptions classes. See [#81](https://github.com/firebase/php-jwt/pull/81) for details. Thanks to [@Maks3w](https://github.com/Maks3w)! +- Fixes to PHPDoc. See [#76](https://github.com/firebase/php-jwt/pull/76) for details. Thanks to [@akeeman](https://github.com/akeeman)! + +#### 3.0.0 / 2015-07-22 +- Minimum PHP version updated from `5.2.0` to `5.3.0`. +- Add `\Firebase\JWT` namespace. See +[#59](https://github.com/firebase/php-jwt/pull/59) for details. Thanks to +[@Dashron](https://github.com/Dashron)! +- Require a non-empty key to decode and verify a JWT. See +[#60](https://github.com/firebase/php-jwt/pull/60) for details. Thanks to +[@sjones608](https://github.com/sjones608)! +- Cleaner documentation blocks in the code. See +[#62](https://github.com/firebase/php-jwt/pull/62) for details. Thanks to +[@johanderuijter](https://github.com/johanderuijter)! + +#### 2.2.0 / 2015-06-22 +- Add support for adding custom, optional JWT headers to `JWT::encode()`. See +[#53](https://github.com/firebase/php-jwt/pull/53/files) for details. Thanks to +[@mcocaro](https://github.com/mcocaro)! + +#### 2.1.0 / 2015-05-20 +- Add support for adding a leeway to `JWT:decode()` that accounts for clock skew +between signing and verifying entities. Thanks to [@lcabral](https://github.com/lcabral)! +- Add support for passing an object implementing the `ArrayAccess` interface for +`$keys` argument in `JWT::decode()`. Thanks to [@aztech-dev](https://github.com/aztech-dev)! + +#### 2.0.0 / 2015-04-01 +- **Note**: It is strongly recommended that you update to > v2.0.0 to address + known security vulnerabilities in prior versions when both symmetric and + asymmetric keys are used together. +- Update signature for `JWT::decode(...)` to require an array of supported + algorithms to use when verifying token signatures. + + +Tests +----- +Run the tests using phpunit: + +```bash +$ pear install PHPUnit +$ phpunit --configuration phpunit.xml.dist +PHPUnit 3.7.10 by Sebastian Bergmann. +..... +Time: 0 seconds, Memory: 2.50Mb +OK (5 tests, 5 assertions) +``` + +New Lines in private keys +----- + +If your private key contains `\n` characters, be sure to wrap it in double quotes `""` +and not single quotes `''` in order to properly interpret the escaped characters. + +License +------- +[3-Clause BSD](http://opensource.org/licenses/BSD-3-Clause). diff --git a/rest/vendor/firebase/php-jwt/composer.json b/rest/vendor/firebase/php-jwt/composer.json new file mode 100644 index 0000000..b76ffd1 --- /dev/null +++ b/rest/vendor/firebase/php-jwt/composer.json @@ -0,0 +1,29 @@ +{ + "name": "firebase/php-jwt", + "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", + "homepage": "https://github.com/firebase/php-jwt", + "authors": [ + { + "name": "Neuman Vong", + "email": "neuman+pear@twilio.com", + "role": "Developer" + }, + { + "name": "Anant Narayanan", + "email": "anant@php.net", + "role": "Developer" + } + ], + "license": "BSD-3-Clause", + "require": { + "php": ">=5.3.0" + }, + "autoload": { + "psr-4": { + "Firebase\\JWT\\": "src" + } + }, + "require-dev": { + "phpunit/phpunit": " 4.8.35" + } +} diff --git a/rest/vendor/firebase/php-jwt/src/BeforeValidException.php b/rest/vendor/firebase/php-jwt/src/BeforeValidException.php new file mode 100644 index 0000000..a6ee2f7 --- /dev/null +++ b/rest/vendor/firebase/php-jwt/src/BeforeValidException.php @@ -0,0 +1,7 @@ + + * @author Anant Narayanan + * @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD + * @link https://github.com/firebase/php-jwt + */ +class JWT +{ + + /** + * When checking nbf, iat or expiration times, + * we want to provide some extra leeway time to + * account for clock skew. + */ + public static $leeway = 0; + + /** + * Allow the current timestamp to be specified. + * Useful for fixing a value within unit testing. + * + * Will default to PHP time() value if null. + */ + public static $timestamp = null; + + public static $supported_algs = array( + 'HS256' => array('hash_hmac', 'SHA256'), + 'HS512' => array('hash_hmac', 'SHA512'), + 'HS384' => array('hash_hmac', 'SHA384'), + 'RS256' => array('openssl', 'SHA256'), + 'RS384' => array('openssl', 'SHA384'), + 'RS512' => array('openssl', 'SHA512'), + ); + + /** + * Decodes a JWT string into a PHP object. + * + * @param string $jwt The JWT + * @param string|array $key The key, or map of keys. + * If the algorithm used is asymmetric, this is the public key + * @param array $allowed_algs List of supported verification algorithms + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * + * @return object The JWT's payload as a PHP object + * + * @throws UnexpectedValueException Provided JWT was invalid + * @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed + * @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf' + * @throws BeforeValidException Provided JWT is trying to be used before it's been created as defined by 'iat' + * @throws ExpiredException Provided JWT has since expired, as defined by the 'exp' claim + * + * @uses jsonDecode + * @uses urlsafeB64Decode + */ + public static function decode($jwt, $key, array $allowed_algs = array()) + { + $timestamp = is_null(static::$timestamp) ? time() : static::$timestamp; + + if (empty($key)) { + throw new InvalidArgumentException('Key may not be empty'); + } + $tks = explode('.', $jwt); + if (count($tks) != 3) { + throw new UnexpectedValueException('Wrong number of segments'); + } + list($headb64, $bodyb64, $cryptob64) = $tks; + if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) { + throw new UnexpectedValueException('Invalid header encoding'); + } + if (null === $payload = static::jsonDecode(static::urlsafeB64Decode($bodyb64))) { + throw new UnexpectedValueException('Invalid claims encoding'); + } + if (false === ($sig = static::urlsafeB64Decode($cryptob64))) { + throw new UnexpectedValueException('Invalid signature encoding'); + } + if (empty($header->alg)) { + throw new UnexpectedValueException('Empty algorithm'); + } + if (empty(static::$supported_algs[$header->alg])) { + throw new UnexpectedValueException('Algorithm not supported'); + } + if (!in_array($header->alg, $allowed_algs)) { + throw new UnexpectedValueException('Algorithm not allowed'); + } + if (is_array($key) || $key instanceof \ArrayAccess) { + if (isset($header->kid)) { + if (!isset($key[$header->kid])) { + throw new UnexpectedValueException('"kid" invalid, unable to lookup correct key'); + } + $key = $key[$header->kid]; + } else { + throw new UnexpectedValueException('"kid" empty, unable to lookup correct key'); + } + } + + // Check the signature + if (!static::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) { + throw new SignatureInvalidException('Signature verification failed'); + } + + // Check if the nbf if it is defined. This is the time that the + // token can actually be used. If it's not yet that time, abort. + if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) { + throw new BeforeValidException( + 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf) + ); + } + + // Check that this token has been created before 'now'. This prevents + // using tokens that have been created for later use (and haven't + // correctly used the nbf claim). + if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) { + throw new BeforeValidException( + 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat) + ); + } + + // Check if this token has expired. + if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) { + throw new ExpiredException('Expired token'); + } + + return $payload; + } + + /** + * Converts and signs a PHP object or array into a JWT string. + * + * @param object|array $payload PHP object or array + * @param string $key The secret key. + * If the algorithm used is asymmetric, this is the private key + * @param string $alg The signing algorithm. + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * @param mixed $keyId + * @param array $head An array with header elements to attach + * + * @return string A signed JWT + * + * @uses jsonEncode + * @uses urlsafeB64Encode + */ + public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null) + { + $header = array('typ' => 'JWT', 'alg' => $alg); + if ($keyId !== null) { + $header['kid'] = $keyId; + } + if ( isset($head) && is_array($head) ) { + $header = array_merge($head, $header); + } + $segments = array(); + $segments[] = static::urlsafeB64Encode(static::jsonEncode($header)); + $segments[] = static::urlsafeB64Encode(static::jsonEncode($payload)); + $signing_input = implode('.', $segments); + + $signature = static::sign($signing_input, $key, $alg); + $segments[] = static::urlsafeB64Encode($signature); + + return implode('.', $segments); + } + + /** + * Sign a string with a given key and algorithm. + * + * @param string $msg The message to sign + * @param string|resource $key The secret key + * @param string $alg The signing algorithm. + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * + * @return string An encrypted message + * + * @throws DomainException Unsupported algorithm was specified + */ + public static function sign($msg, $key, $alg = 'HS256') + { + if (empty(static::$supported_algs[$alg])) { + throw new DomainException('Algorithm not supported'); + } + list($function, $algorithm) = static::$supported_algs[$alg]; + switch($function) { + case 'hash_hmac': + return hash_hmac($algorithm, $msg, $key, true); + case 'openssl': + $signature = ''; + $success = openssl_sign($msg, $signature, $key, $algorithm); + if (!$success) { + throw new DomainException("OpenSSL unable to sign data"); + } else { + return $signature; + } + } + } + + /** + * Verify a signature with the message, key and method. Not all methods + * are symmetric, so we must have a separate verify and sign method. + * + * @param string $msg The original message (header and body) + * @param string $signature The original signature + * @param string|resource $key For HS*, a string key works. for RS*, must be a resource of an openssl public key + * @param string $alg The algorithm + * + * @return bool + * + * @throws DomainException Invalid Algorithm or OpenSSL failure + */ + private static function verify($msg, $signature, $key, $alg) + { + if (empty(static::$supported_algs[$alg])) { + throw new DomainException('Algorithm not supported'); + } + + list($function, $algorithm) = static::$supported_algs[$alg]; + switch($function) { + case 'openssl': + $success = openssl_verify($msg, $signature, $key, $algorithm); + if ($success === 1) { + return true; + } elseif ($success === 0) { + return false; + } + // returns 1 on success, 0 on failure, -1 on error. + throw new DomainException( + 'OpenSSL error: ' . openssl_error_string() + ); + case 'hash_hmac': + default: + $hash = hash_hmac($algorithm, $msg, $key, true); + if (function_exists('hash_equals')) { + return hash_equals($signature, $hash); + } + $len = min(static::safeStrlen($signature), static::safeStrlen($hash)); + + $status = 0; + for ($i = 0; $i < $len; $i++) { + $status |= (ord($signature[$i]) ^ ord($hash[$i])); + } + $status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash)); + + return ($status === 0); + } + } + + /** + * Decode a JSON string into a PHP object. + * + * @param string $input JSON string + * + * @return object Object representation of JSON string + * + * @throws DomainException Provided string was invalid JSON + */ + public static function jsonDecode($input) + { + if (version_compare(PHP_VERSION, '5.4.0', '>=') && !(defined('JSON_C_VERSION') && PHP_INT_SIZE > 4)) { + /** In PHP >=5.4.0, json_decode() accepts an options parameter, that allows you + * to specify that large ints (like Steam Transaction IDs) should be treated as + * strings, rather than the PHP default behaviour of converting them to floats. + */ + $obj = json_decode($input, false, 512, JSON_BIGINT_AS_STRING); + } else { + /** Not all servers will support that, however, so for older versions we must + * manually detect large ints in the JSON string and quote them (thus converting + *them to strings) before decoding, hence the preg_replace() call. + */ + $max_int_length = strlen((string) PHP_INT_MAX) - 1; + $json_without_bigints = preg_replace('/:\s*(-?\d{'.$max_int_length.',})/', ': "$1"', $input); + $obj = json_decode($json_without_bigints); + } + + if (function_exists('json_last_error') && $errno = json_last_error()) { + static::handleJsonError($errno); + } elseif ($obj === null && $input !== 'null') { + throw new DomainException('Null result with non-null input'); + } + return $obj; + } + + /** + * Encode a PHP object into a JSON string. + * + * @param object|array $input A PHP object or array + * + * @return string JSON representation of the PHP object or array + * + * @throws DomainException Provided object could not be encoded to valid JSON + */ + public static function jsonEncode($input) + { + $json = json_encode($input); + if (function_exists('json_last_error') && $errno = json_last_error()) { + static::handleJsonError($errno); + } elseif ($json === 'null' && $input !== null) { + throw new DomainException('Null result with non-null input'); + } + return $json; + } + + /** + * Decode a string with URL-safe Base64. + * + * @param string $input A Base64 encoded string + * + * @return string A decoded string + */ + public static function urlsafeB64Decode($input) + { + $remainder = strlen($input) % 4; + if ($remainder) { + $padlen = 4 - $remainder; + $input .= str_repeat('=', $padlen); + } + return base64_decode(strtr($input, '-_', '+/')); + } + + /** + * Encode a string with URL-safe Base64. + * + * @param string $input The string you want encoded + * + * @return string The base64 encode of what you passed in + */ + public static function urlsafeB64Encode($input) + { + return str_replace('=', '', strtr(base64_encode($input), '+/', '-_')); + } + + /** + * Helper method to create a JSON error. + * + * @param int $errno An error number from json_last_error() + * + * @return void + */ + private static function handleJsonError($errno) + { + $messages = array( + JSON_ERROR_DEPTH => 'Maximum stack depth exceeded', + JSON_ERROR_STATE_MISMATCH => 'Invalid or malformed JSON', + JSON_ERROR_CTRL_CHAR => 'Unexpected control character found', + JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON', + JSON_ERROR_UTF8 => 'Malformed UTF-8 characters' //PHP >= 5.3.3 + ); + throw new DomainException( + isset($messages[$errno]) + ? $messages[$errno] + : 'Unknown JSON error: ' . $errno + ); + } + + /** + * Get the number of bytes in cryptographic strings. + * + * @param string + * + * @return int + */ + private static function safeStrlen($str) + { + if (function_exists('mb_strlen')) { + return mb_strlen($str, '8bit'); + } + return strlen($str); + } +} diff --git a/rest/vendor/firebase/php-jwt/src/SignatureInvalidException.php b/rest/vendor/firebase/php-jwt/src/SignatureInvalidException.php new file mode 100644 index 0000000..27332b2 --- /dev/null +++ b/rest/vendor/firebase/php-jwt/src/SignatureInvalidException.php @@ -0,0 +1,7 @@ +log(LogLevel::EMERGENCY, $message, $context); + } + + /** + * Action must be taken immediately. + * + * Example: Entire website down, database unavailable, etc. This should + * trigger the SMS alerts and wake you up. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function alert($message, array $context = array()) + { + $this->log(LogLevel::ALERT, $message, $context); + } + + /** + * Critical conditions. + * + * Example: Application component unavailable, unexpected exception. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function critical($message, array $context = array()) + { + $this->log(LogLevel::CRITICAL, $message, $context); + } + + /** + * Runtime errors that do not require immediate action but should typically + * be logged and monitored. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function error($message, array $context = array()) + { + $this->log(LogLevel::ERROR, $message, $context); + } + + /** + * Exceptional occurrences that are not errors. + * + * Example: Use of deprecated APIs, poor use of an API, undesirable things + * that are not necessarily wrong. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function warning($message, array $context = array()) + { + $this->log(LogLevel::WARNING, $message, $context); + } + + /** + * Normal but significant events. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function notice($message, array $context = array()) + { + $this->log(LogLevel::NOTICE, $message, $context); + } + + /** + * Interesting events. + * + * Example: User logs in, SQL logs. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function info($message, array $context = array()) + { + $this->log(LogLevel::INFO, $message, $context); + } + + /** + * Detailed debug information. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function debug($message, array $context = array()) + { + $this->log(LogLevel::DEBUG, $message, $context); + } +} diff --git a/rest/vendor/psr/log/Psr/Log/InvalidArgumentException.php b/rest/vendor/psr/log/Psr/Log/InvalidArgumentException.php new file mode 100644 index 0000000..67f852d --- /dev/null +++ b/rest/vendor/psr/log/Psr/Log/InvalidArgumentException.php @@ -0,0 +1,7 @@ +logger = $logger; + } +} diff --git a/rest/vendor/psr/log/Psr/Log/LoggerInterface.php b/rest/vendor/psr/log/Psr/Log/LoggerInterface.php new file mode 100644 index 0000000..5ea7243 --- /dev/null +++ b/rest/vendor/psr/log/Psr/Log/LoggerInterface.php @@ -0,0 +1,123 @@ +log(LogLevel::EMERGENCY, $message, $context); + } + + /** + * Action must be taken immediately. + * + * Example: Entire website down, database unavailable, etc. This should + * trigger the SMS alerts and wake you up. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function alert($message, array $context = array()) + { + $this->log(LogLevel::ALERT, $message, $context); + } + + /** + * Critical conditions. + * + * Example: Application component unavailable, unexpected exception. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function critical($message, array $context = array()) + { + $this->log(LogLevel::CRITICAL, $message, $context); + } + + /** + * Runtime errors that do not require immediate action but should typically + * be logged and monitored. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function error($message, array $context = array()) + { + $this->log(LogLevel::ERROR, $message, $context); + } + + /** + * Exceptional occurrences that are not errors. + * + * Example: Use of deprecated APIs, poor use of an API, undesirable things + * that are not necessarily wrong. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function warning($message, array $context = array()) + { + $this->log(LogLevel::WARNING, $message, $context); + } + + /** + * Normal but significant events. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function notice($message, array $context = array()) + { + $this->log(LogLevel::NOTICE, $message, $context); + } + + /** + * Interesting events. + * + * Example: User logs in, SQL logs. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function info($message, array $context = array()) + { + $this->log(LogLevel::INFO, $message, $context); + } + + /** + * Detailed debug information. + * + * @param string $message + * @param array $context + * + * @return void + */ + public function debug($message, array $context = array()) + { + $this->log(LogLevel::DEBUG, $message, $context); + } + + /** + * Logs with an arbitrary level. + * + * @param mixed $level + * @param string $message + * @param array $context + * + * @return void + */ + abstract public function log($level, $message, array $context = array()); +} diff --git a/rest/vendor/psr/log/Psr/Log/NullLogger.php b/rest/vendor/psr/log/Psr/Log/NullLogger.php new file mode 100644 index 0000000..d8cd682 --- /dev/null +++ b/rest/vendor/psr/log/Psr/Log/NullLogger.php @@ -0,0 +1,28 @@ +logger) { }` + * blocks. + */ +class NullLogger extends AbstractLogger +{ + /** + * Logs with an arbitrary level. + * + * @param mixed $level + * @param string $message + * @param array $context + * + * @return void + */ + public function log($level, $message, array $context = array()) + { + // noop + } +} diff --git a/rest/vendor/psr/log/Psr/Log/Test/LoggerInterfaceTest.php b/rest/vendor/psr/log/Psr/Log/Test/LoggerInterfaceTest.php new file mode 100644 index 0000000..a0391a5 --- /dev/null +++ b/rest/vendor/psr/log/Psr/Log/Test/LoggerInterfaceTest.php @@ -0,0 +1,140 @@ + ". + * + * Example ->error('Foo') would yield "error Foo". + * + * @return string[] + */ + abstract public function getLogs(); + + public function testImplements() + { + $this->assertInstanceOf('Psr\Log\LoggerInterface', $this->getLogger()); + } + + /** + * @dataProvider provideLevelsAndMessages + */ + public function testLogsAtAllLevels($level, $message) + { + $logger = $this->getLogger(); + $logger->{$level}($message, array('user' => 'Bob')); + $logger->log($level, $message, array('user' => 'Bob')); + + $expected = array( + $level.' message of level '.$level.' with context: Bob', + $level.' message of level '.$level.' with context: Bob', + ); + $this->assertEquals($expected, $this->getLogs()); + } + + public function provideLevelsAndMessages() + { + return array( + LogLevel::EMERGENCY => array(LogLevel::EMERGENCY, 'message of level emergency with context: {user}'), + LogLevel::ALERT => array(LogLevel::ALERT, 'message of level alert with context: {user}'), + LogLevel::CRITICAL => array(LogLevel::CRITICAL, 'message of level critical with context: {user}'), + LogLevel::ERROR => array(LogLevel::ERROR, 'message of level error with context: {user}'), + LogLevel::WARNING => array(LogLevel::WARNING, 'message of level warning with context: {user}'), + LogLevel::NOTICE => array(LogLevel::NOTICE, 'message of level notice with context: {user}'), + LogLevel::INFO => array(LogLevel::INFO, 'message of level info with context: {user}'), + LogLevel::DEBUG => array(LogLevel::DEBUG, 'message of level debug with context: {user}'), + ); + } + + /** + * @expectedException \Psr\Log\InvalidArgumentException + */ + public function testThrowsOnInvalidLevel() + { + $logger = $this->getLogger(); + $logger->log('invalid level', 'Foo'); + } + + public function testContextReplacement() + { + $logger = $this->getLogger(); + $logger->info('{Message {nothing} {user} {foo.bar} a}', array('user' => 'Bob', 'foo.bar' => 'Bar')); + + $expected = array('info {Message {nothing} Bob Bar a}'); + $this->assertEquals($expected, $this->getLogs()); + } + + public function testObjectCastToString() + { + if (method_exists($this, 'createPartialMock')) { + $dummy = $this->createPartialMock('Psr\Log\Test\DummyTest', array('__toString')); + } else { + $dummy = $this->getMock('Psr\Log\Test\DummyTest', array('__toString')); + } + $dummy->expects($this->once()) + ->method('__toString') + ->will($this->returnValue('DUMMY')); + + $this->getLogger()->warning($dummy); + + $expected = array('warning DUMMY'); + $this->assertEquals($expected, $this->getLogs()); + } + + public function testContextCanContainAnything() + { + $context = array( + 'bool' => true, + 'null' => null, + 'string' => 'Foo', + 'int' => 0, + 'float' => 0.5, + 'nested' => array('with object' => new DummyTest), + 'object' => new \DateTime, + 'resource' => fopen('php://memory', 'r'), + ); + + $this->getLogger()->warning('Crazy context data', $context); + + $expected = array('warning Crazy context data'); + $this->assertEquals($expected, $this->getLogs()); + } + + public function testContextExceptionKeyCanBeExceptionOrOtherValues() + { + $logger = $this->getLogger(); + $logger->warning('Random message', array('exception' => 'oops')); + $logger->critical('Uncaught Exception!', array('exception' => new \LogicException('Fail'))); + + $expected = array( + 'warning Random message', + 'critical Uncaught Exception!' + ); + $this->assertEquals($expected, $this->getLogs()); + } +} + +class DummyTest +{ + public function __toString() + { + } +} diff --git a/rest/vendor/psr/log/README.md b/rest/vendor/psr/log/README.md new file mode 100644 index 0000000..574bc1c --- /dev/null +++ b/rest/vendor/psr/log/README.md @@ -0,0 +1,45 @@ +PSR Log +======= + +This repository holds all interfaces/classes/traits related to +[PSR-3](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md). + +Note that this is not a logger of its own. It is merely an interface that +describes a logger. See the specification for more details. + +Usage +----- + +If you need a logger, you can use the interface like this: + +```php +logger = $logger; + } + + public function doSomething() + { + if ($this->logger) { + $this->logger->info('Doing work'); + } + + // do something useful + } +} +``` + +You can then pick one of the implementations of the interface to get a logger. + +If you want to implement the interface, you can require this package and +implement `Psr\Log\LoggerInterface` in your code. Please read the +[specification text](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md) +for details. diff --git a/rest/vendor/psr/log/composer.json b/rest/vendor/psr/log/composer.json new file mode 100644 index 0000000..87934d7 --- /dev/null +++ b/rest/vendor/psr/log/composer.json @@ -0,0 +1,26 @@ +{ + "name": "psr/log", + "description": "Common interface for logging libraries", + "keywords": ["psr", "psr-3", "log"], + "homepage": "https://github.com/php-fig/log", + "license": "MIT", + "authors": [ + { + "name": "PHP-FIG", + "homepage": "http://www.php-fig.org/" + } + ], + "require": { + "php": ">=5.3.0" + }, + "autoload": { + "psr-4": { + "Psr\\Log\\": "Psr/Log/" + } + }, + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + } +} diff --git a/rest/vendor/tuupola/slim-jwt-auth/CHANGELOG.md b/rest/vendor/tuupola/slim-jwt-auth/CHANGELOG.md new file mode 100644 index 0000000..0ae0101 --- /dev/null +++ b/rest/vendor/tuupola/slim-jwt-auth/CHANGELOG.md @@ -0,0 +1,53 @@ +# Changelog + +All notable changes to this project will be documented in this file, in reverse chronological order by release. + +## 2.4.0 - 2018-04-03 +### Added +- Callback now receives also the raw token in arguments ([#93](https://github.com/tuupola/slim-jwt-auth/pull/93)). + ```php + $app->add(new \Slim\Middleware\JwtAuthentication([ + "secret" => "supersecretkeyyoushouldnotcommittogithub", + "callback" => function ($request, $response, $arguments) { + print_r($arguments["token"]); + } + ])); + ``` + +### Changed +- Response status code set in error handler is no longer ignored ([#111](https://github.com/tuupola/slim-jwt-auth/pull/111)) ([#110](https://github.com/tuupola/slim-jwt-auth/issues/110)). + +## 2.3.3 - 2017-07-12 +### Added + +- Support for `firebase/php-jwt:^5.0` ([#59](https://github.com/tuupola/slim-jwt-auth/issues/59)) ([#61](https://github.com/tuupola/slim-jwt-auth/pull/61)). + +## 2.3.2 - 2017-02-27 + +This is a security release. + +`RequestPathRule` now removes multiple slashes from the URI before determining whether the path should be authenticated or not. For HTTP client `/foo` and `//foo` are different URIs and technically valid according to [RFC3986](https://tools.ietf.org/html/rfc3986). However on serverside it depends on implementation and often `/foo`, `//foo` and even `/////foo` are considered a same route. + +Different PSR-7 implementations were behaving in different way. Diactoros [removes multiple leading slashes](https://github.com/zendframework/zend-diactoros/blob/master/CHANGELOG.md#104---2015-06-23). By default Slim does not alter any slashes. However when installed in subfolder [Slim removes all slashes](https://github.com/slimphp/Slim/issues/1554). + +This means if you are authenticating a subfolder, for example `/api` and Slim is installed in document root it was possible to bypass authentication by doing a request to `//api`. Problem did not exist if Slim was installed in subfolder. Diactoros was not affected. + +```php +$app->add(new \Slim\Middleware\JwtAuthentication([ + "path" => "/api", + "secret" => "supersecretkeyyoushouldnotcommittogithub" +])); +``` + +If you were using default setting of authenticating all routes you were not affected. + +```php +$app->add(new \Slim\Middleware\JwtAuthentication([ + "secret" => "supersecretkeyyoushouldnotcommittogithub" +])); +``` + +### Fixed + +- Bug [#50](https://github.com/tuupola/slim-jwt-auth/issues/50) where in some cases it was possible to bypass authentication by adding multiple slashes to request URI. + diff --git a/rest/vendor/tuupola/slim-jwt-auth/LICENSE.md b/rest/vendor/tuupola/slim-jwt-auth/LICENSE.md new file mode 100644 index 0000000..c09c3b0 --- /dev/null +++ b/rest/vendor/tuupola/slim-jwt-auth/LICENSE.md @@ -0,0 +1,21 @@ +# The MIT License (MIT) + +Copyright (c) 2015-2018 Mika Tuupola + +> Permission is hereby granted, free of charge, to any person obtaining a copy +> of this software and associated documentation files (the "Software"), to deal +> in the Software without restriction, including without limitation the rights +> to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +> copies of the Software, and to permit persons to whom the Software is +> furnished to do so, subject to the following conditions: +> +> The above copyright notice and this permission notice shall be included in +> all copies or substantial portions of the Software. +> +> THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +> IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +> FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +> AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +> LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +> OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +> THE SOFTWARE. diff --git a/rest/vendor/tuupola/slim-jwt-auth/Makefile b/rest/vendor/tuupola/slim-jwt-auth/Makefile new file mode 100644 index 0000000..d77893c --- /dev/null +++ b/rest/vendor/tuupola/slim-jwt-auth/Makefile @@ -0,0 +1,33 @@ +.DEFAULT_GOAL := help + +help: + @echo "" + @echo "Available tasks:" + @echo " lint Run linter and code style checker" + @echo " unit Run unit tests and generate coverage" + @echo " test Run linter and unit tests" + @echo " watch Run linter and unit tests when any of the source files change" + @echo " deps Install dependencies" + @echo " all Install dependencies and run linter and unit tests" + @echo "" + +deps: + composer install --prefer-dist + +lint: + vendor/bin/phplint . --exclude=vendor/ + vendor/bin/phpcs -p --standard=PSR2 --extensions=php --encoding=utf-8 --ignore=*/vendor/*,*/benchmarks/* . + +unit: + vendor/bin/phpunit --coverage-text --coverage-clover=coverage.xml --coverage-html=./report/ + +watch: + find . -name "*.php" -not -path "./vendor/*" -o -name "*.json" -not -path "./vendor/*" | entr -c make test + +test: lint unit + +travis: lint unit + +all: deps test + +.PHONY: help deps lint test watch all diff --git a/rest/vendor/tuupola/slim-jwt-auth/codecov.yml b/rest/vendor/tuupola/slim-jwt-auth/codecov.yml new file mode 100644 index 0000000..d1d990b --- /dev/null +++ b/rest/vendor/tuupola/slim-jwt-auth/codecov.yml @@ -0,0 +1,3 @@ +codecov: + branch: 2.x +comment: false \ No newline at end of file diff --git a/rest/vendor/tuupola/slim-jwt-auth/composer.json b/rest/vendor/tuupola/slim-jwt-auth/composer.json new file mode 100644 index 0000000..f923025 --- /dev/null +++ b/rest/vendor/tuupola/slim-jwt-auth/composer.json @@ -0,0 +1,43 @@ +{ + "name": "tuupola/slim-jwt-auth", + "description": "PSR-7 JWT Authentication Middleware", + "keywords": [ + "psr-7", + "middleware", + "jwt", + "json", + "auth" + ], + "homepage": "https://github.com/tuupola/slim-jwt-auth", + "license": "MIT", + "authors": [ + { + "name": "Mika Tuupola", + "email": "tuupola@appelsiini.net", + "homepage": "http://www.appelsiini.net/", + "role": "Developer" + } + ], + "require": { + "php" : "^5.5 || ^7.0", + "psr/log": "^1.0", + "firebase/php-jwt": "^3.0 || ^4.0 || ^5.0", + "psr/http-message": "^1.0" + }, + "require-dev": { + "phpunit/phpunit" : "^4.6", + "squizlabs/php_codesniffer": "^2.3", + "zendframework/zend-diactoros": "^1.3", + "overtrue/phplint": "^0.2.4" + }, + "autoload": { + "psr-4": { + "Slim\\Middleware\\": "src" + } + }, + "autoload-dev": { + "psr-4": { + "Slim\\Middleware\\": "tests" + } + } +} diff --git a/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication.php b/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication.php new file mode 100644 index 0000000..fdbc82a --- /dev/null +++ b/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication.php @@ -0,0 +1,667 @@ + true, + "relaxed" => ["localhost", "127.0.0.1"], + "environment" => ["HTTP_AUTHORIZATION", "REDIRECT_HTTP_AUTHORIZATION"], + "algorithm" => ["HS256", "HS512", "HS384"], + "header" => "Authorization", + "regexp" => "/Bearer\s+(.*)$/i", + "cookie" => "token", + "attribute" => "token", + "path" => null, + "passthrough" => null, + "callback" => null, + "error" => null + ]; + + /** + * Create a new middleware instance + * + * @param string[] $options + */ + public function __construct(array $options = []) + { + /* Setup stack for rules */ + $this->rules = new \SplStack; + + /* Store passed in options overwriting any defaults. */ + $this->hydrate($options); + + /* If nothing was passed in options add default rules. */ + if (!isset($options["rules"])) { + $this->addRule(new RequestMethodRule([ + "passthrough" => ["OPTIONS"] + ])); + } + + /* If path was given in easy mode add rule for it. */ + if (null !== ($this->options["path"])) { + $this->addRule(new RequestPathRule([ + "path" => $this->options["path"], + "passthrough" => $this->options["passthrough"] + ])); + } + } + + /** + * Call the middleware + * + * @param \Psr\Http\Message\RequestInterface $request + * @param \Psr\Http\Message\ResponseInterface $response + * @param callable $next + * @return \Psr\Http\Message\ResponseInterface + */ + public function __invoke(RequestInterface $request, ResponseInterface $response, callable $next) + { + $scheme = $request->getUri()->getScheme(); + $host = $request->getUri()->getHost(); + + /* If rules say we should not authenticate call next and return. */ + if (false === $this->shouldAuthenticate($request)) { + return $next($request, $response); + } + + /* HTTP allowed only if secure is false or server is in relaxed array. */ + if ("https" !== $scheme && true === $this->options["secure"]) { + if (!in_array($host, $this->options["relaxed"])) { + $message = sprintf( + "Insecure use of middleware over %s denied by configuration.", + strtoupper($scheme) + ); + throw new \RuntimeException($message); + } + } + + /* If token cannot be found return with 401 Unauthorized. */ + if (false === $token = $this->fetchToken($request)) { + return $this->error($request, $response->withStatus(401), [ + "message" => $this->message + ]); + } + + /* If token cannot be decoded return with 401 Unauthorized. */ + if (false === $decoded = $this->decodeToken($token)) { + return $this->error($request, $response->withStatus(401), [ + "message" => $this->message, + "token" => $token + ]); + } + + /* If callback returns false return with 401 Unauthorized. */ + if (is_callable($this->options["callback"])) { + $params = ["decoded" => $decoded, "token" => $token]; + if (false === $this->options["callback"]($request, $response, $params)) { + return $this->error($request, $response->withStatus(401), [ + "message" => $this->message ? $this->message : "Callback returned false" + ]); + } + } + + /* Add decoded token to request as attribute when requested. */ + if ($this->options["attribute"]) { + $request = $request->withAttribute($this->options["attribute"], $decoded); + } + + /* Everything ok, call next middleware and return. */ + return $next($request, $response); + } + + /** + * Check if middleware should authenticate + * + * @param \Psr\Http\Message\RequestInterface $request + * @return boolean True if middleware should authenticate. + */ + public function shouldAuthenticate(RequestInterface $request) + { + /* If any of the rules in stack return false will not authenticate */ + foreach ($this->rules as $callable) { + if (false === $callable($request)) { + return false; + } + } + return true; + } + + /** + * Call the error handler if it exists + * + * @param \Psr\Http\Message\RequestInterface $request + * @param \Psr\Http\Message\ResponseInterface $response + * @param mixed[] $arguments + + * @return \Psr\Http\Message\ResponseInterface + */ + public function error(RequestInterface $request, ResponseInterface $response, $arguments) + { + if (is_callable($this->options["error"])) { + $handler_response = $this->options["error"]($request, $response, $arguments); + if (is_a($handler_response, "\Psr\Http\Message\ResponseInterface")) { + return $handler_response; + } + } + return $response; + } + + /** + * Fetch the access token + * + * @param \Psr\Http\Message\RequestInterface $request + * @return string|null Base64 encoded JSON Web Token or null if not found. + */ + public function fetchToken(RequestInterface $request) + { + /* If using PHP in CGI mode and non standard environment */ + $server_params = $request->getServerParams(); + $header = ""; + $message = ""; + + /* Check for each given environment */ + foreach ((array) $this->options["environment"] as $environment) { + if (isset($server_params[$environment])) { + $message = "Using token from environment"; + $header = $server_params[$environment]; + } + } + + /* Nothing in environment, try header instead */ + if (empty($header)) { + $message = "Using token from request header"; + $headers = $request->getHeader($this->options["header"]); + $header = isset($headers[0]) ? $headers[0] : ""; + } + + /* Try apache_request_headers() as last resort */ + if (empty($header) && function_exists("apache_request_headers")) { + $message = "Using token from apache_request_headers()"; + $headers = apache_request_headers(); + $header = isset($headers[$this->options["header"]]) ? $headers[$this->options["header"]] : ""; + } + + if (preg_match($this->options["regexp"], $header, $matches)) { + $this->log(LogLevel::DEBUG, $message); + return $matches[1]; + } + + /* Bearer not found, try a cookie. */ + $cookie_params = $request->getCookieParams(); + + if (isset($cookie_params[$this->options["cookie"]])) { + $this->log(LogLevel::DEBUG, "Using token from cookie"); + $this->log(LogLevel::DEBUG, $cookie_params[$this->options["cookie"]]); + return $cookie_params[$this->options["cookie"]]; + }; + + /* If everything fails log and return false. */ + $this->message = "Token not found"; + $this->log(LogLevel::WARNING, $this->message); + return false; + } + + /** + * Decode the token + * + * @param string $$token + * @return object|boolean The JWT's payload as a PHP object or false in case of error + */ + public function decodeToken($token) + { + try { + return JWT::decode( + $token, + $this->options["secret"], + (array) $this->options["algorithm"] + ); + } catch (\Exception $exception) { + $this->message = $exception->getMessage(); + $this->log(LogLevel::WARNING, $exception->getMessage(), [$token]); + return false; + } + } + + /** + * Hydate options from given array + * + * @param array $data Array of options. + * @return self + */ + private function hydrate(array $data = []) + { + foreach ($data as $key => $value) { + $method = "set" . ucfirst($key); + if (method_exists($this, $method)) { + call_user_func(array($this, $method), $value); + } + } + return $this; + } + + + /** + * Get path where middleware is be binded to + * + * @return string + */ + public function getPath() + { + return $this->options["path"]; + } + + /** + * Set path where middleware should be binded to + * + * @param string|string[] $$path + * @return self + */ + public function setPath($path) + { + $this->options["path"] = $path; + return $this; + } + + /** + * Get path which middleware ignores + * + * @return string|array + */ + public function getPassthrough() + { + return $this->options["passthrough"]; + } + + /** + * Set path which middleware ignores + * + * @param string|string[] $passthrough + * @return self + */ + public function setPassthrough($passthrough) + { + $this->options["passthrough"] = $passthrough; + return $this; + } + + /** + * Get the environment name where to search the token from + * + * @return string Name of environment variable. + */ + public function getEnvironment() + { + return $this->options["environment"]; + } + + /** + * Set the environment name where to search the token from + * + * @param string $environment + * @return self + */ + public function setEnvironment($environment) + { + $this->options["environment"] = $environment; + return $this; + } + + /** + * Get the cookie name where to search the token from + * + * @return string + */ + public function getCookie() + { + return $this->options["cookie"]; + } + + /** + * Set the cookie name where to search the token from + * + * @param string $cookie + * @return self + */ + public function setCookie($cookie) + { + $this->options["cookie"] = $cookie; + return $this; + } + + /** + * Get the secure flag + * + * @return boolean + */ + public function getSecure() + { + return $this->options["secure"]; + } + + /** + * Set the secure flag + * + * @param boolean $secure + * @return self + */ + public function setSecure($secure) + { + $this->options["secure"] = !!$secure; + return $this; + } + + + /** + * Get hosts where secure rule is relaxed + * + * @return array + */ + public function getRelaxed() + { + return $this->options["relaxed"]; + } + + /** + * Set hosts where secure rule is relaxed + * + * @param string[] $relaxed + * @return self + */ + public function setRelaxed(array $relaxed) + { + $this->options["relaxed"] = $relaxed; + return $this; + } + + /** + * Get the secret key + * + * @return string + */ + public function getSecret() + { + return $this->options["secret"]; + } + + /** + * Set the secret key + * + * @param string $secret + * @return self + */ + public function setSecret($secret) + { + $this->options["secret"] = $secret; + return $this; + } + + /** + * Get the callback + * + * @return callable + */ + public function getCallback() + { + return $this->options["callback"]; + } + + /** + * Set the callback + * + * @param callable $callback + * @return self + */ + public function setCallback($callback) + { + $this->options["callback"] = $callback->bindTo($this); + return $this; + } + + /** + * Get the error handler + * + * @return callable + */ + public function getError() + { + return $this->options["error"]; + } + + /** + * Set the error handler + * + * @param callable $error + * @return self + */ + public function setError($error) + { + $this->options["error"] = $error; + return $this; + } + + /** + * Get the rules stack + * + * @return \SplStack + */ + public function getRules() + { + return $this->rules; + } + + /** + * Set all rules in the stack + * + * @param array $rules + * @return self + */ + public function setRules(array $rules) + { + /* Clear the stack */ + unset($this->rules); + $this->rules = new \SplStack; + /* Add the rules */ + foreach ($rules as $callable) { + $this->addRule($callable); + } + return $this; + } + + /** + * Add rule to the stack + * + * @param callable $callable Callable which returns a boolean. + * @return self + */ + public function addRule($callable) + { + $this->rules->push($callable); + return $this; + } + + /* Cannot use traits since PHP 5.3 should be supported */ + + /** + * Get the logger + * + * @return \Psr\Log\LoggerInterface $logger + */ + public function getLogger() + { + return $this->logger; + } + + /** + * Set the logger + * + * @param \Psr\Log\LoggerInterface $logger + * @return self + */ + public function setLogger(LoggerInterface $logger = null) + { + $this->logger = $logger; + return $this; + } + + /** + * Logs with an arbitrary level. + * + * @param mixed $level + * @param string $message + * @param array $context + * + * @return null + */ + public function log($level, $message, array $context = []) + { + if ($this->logger) { + return $this->logger->log($level, $message, $context); + } + } + + /** + * Get last error message + * + * @return string + */ + public function getMessage() + { + return $this->message; + } + + /** + * Set the last error message + * + * @param string + * @return self + */ + public function setMessage($message) + { + $this->message = $message; + return $this; + } + + /** + * Get the attribute name used to attach decoded token to request + * + * @return string + */ + public function getAttribute() + { + return $this->options["attribute"]; + } + + /** + * Set the attribute name used to attach decoded token to request + * + * @param string + * @return self + */ + public function setAttribute($attribute) + { + $this->options["attribute"] = $attribute; + return $this; + } + + /** + * Get the header where token is searched from + * + * @return string + */ + public function getHeader() + { + return $this->options["header"]; + } + + /** + * Set the header where token is searched from + * + * @param string + * @return self + */ + public function setHeader($header) + { + $this->options["header"] = $header; + return $this; + } + + /** + * Get the regexp used to extract token from header or environment + * + * @return string + */ + public function getRegexp() + { + return $this->options["regexp"]; + } + + /** + * Set the regexp used to extract token from header or environment + * + * @param string + * @return self + */ + public function setRegexp($regexp) + { + $this->options["regexp"] = $regexp; + return $this; + } + + /** + * Get the allowed algorithms + * + * @return string|string[] + */ + public function getAlgorithm() + { + return $this->options["algorithm"]; + } + + /** + * Set the allowed algorithms + * + * @param string|string[] $algorithm + * @return self + */ + public function setAlgorithm($algorithm) + { + $this->options["algorithm"] = $algorithm; + return $this; + } +} diff --git a/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RequestMethodRule.php b/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RequestMethodRule.php new file mode 100644 index 0000000..2938d21 --- /dev/null +++ b/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RequestMethodRule.php @@ -0,0 +1,53 @@ + ["OPTIONS"] + ]; + + /** + * Create a new rule instance + * + * @param string[] $options + * @return void + */ + public function __construct(array $options = []) + { + $this->options = array_merge($this->options, $options); + } + + /** + * @param \Psr\Http\Message\RequestInterface $request + * @return boolean + */ + public function __invoke(RequestInterface $request) + { + return !in_array($request->getMethod(), $this->options["passthrough"]); + } +} diff --git a/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RequestPathRule.php b/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RequestPathRule.php new file mode 100644 index 0000000..32630ea --- /dev/null +++ b/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RequestPathRule.php @@ -0,0 +1,71 @@ + ["/"], + "passthrough" => [] + ]; + + /** + * Create a new rule instance + * + * @param string[] $options + * @return void + */ + public function __construct($options = []) + { + $this->options = array_merge($this->options, $options); + } + + /** + * @param \Psr\Http\Message\RequestInterface $request + * @return boolean + */ + public function __invoke(RequestInterface $request) + { + $uri = "/" . $request->getUri()->getPath(); + $uri = preg_replace("#/+#", "/", $uri); + + /* If request path is matches passthrough should not authenticate. */ + foreach ((array)$this->options["passthrough"] as $passthrough) { + $passthrough = rtrim($passthrough, "/"); + if (!!preg_match("@^{$passthrough}(/.*)?$@", $uri)) { + return false; + } + } + + /* Otherwise check if path matches and we should authenticate. */ + foreach ((array)$this->options["path"] as $path) { + $path = rtrim($path, "/"); + if (!!preg_match("@^{$path}(/.*)?$@", $uri)) { + return true; + } + } + return false; + } +} diff --git a/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RuleInterface.php b/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RuleInterface.php new file mode 100644 index 0000000..b5a495f --- /dev/null +++ b/rest/vendor/tuupola/slim-jwt-auth/src/JwtAuthentication/RuleInterface.php @@ -0,0 +1,23 @@ +