Merge pull request #12910 from nextcloud/td/oauth/strict
Make OAuth2 app strict
This commit is contained in:
Morris Jobke
GitHub
commit
f7e4718779
5 changed files with 10 additions and 16 deletions
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
/**
|
||||
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
||||
*
|
||||
|
|
@ -50,7 +51,7 @@ class LoginRedirectorController extends Controller {
|
|||
* @param ISession $session
|
||||
* @param IL10N $l
|
||||
*/
|
||||
public function __construct($appName,
|
||||
public function __construct(string $appName,
|
||||
IRequest $request,
|
||||
IURLGenerator $urlGenerator,
|
||||
ClientMapper $clientMapper,
|
||||
|
|
@ -75,7 +76,7 @@ class LoginRedirectorController extends Controller {
|
|||
*/
|
||||
public function authorize($client_id,
|
||||
$state,
|
||||
$response_type) {
|
||||
$response_type): Response {
|
||||
try {
|
||||
$client = $this->clientMapper->getByIdentifier($client_id);
|
||||
} catch (ClientNotFoundException $e) {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
/**
|
||||
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
||||
*
|
||||
|
|
@ -53,18 +54,7 @@ class OauthApiController extends Controller {
|
|||
/** @var Throttler */
|
||||
private $throttler;
|
||||
|
||||
/**
|
||||
* @param string $appName
|
||||
* @param IRequest $request
|
||||
* @param ICrypto $crypto
|
||||
* @param AccessTokenMapper $accessTokenMapper
|
||||
* @param ClientMapper $clientMapper
|
||||
* @param TokenProvider $tokenProvider
|
||||
* @param ISecureRandom $secureRandom
|
||||
* @param ITimeFactory $time
|
||||
* @param Throttler $throttler
|
||||
*/
|
||||
public function __construct($appName,
|
||||
public function __construct(string $appName,
|
||||
IRequest $request,
|
||||
ICrypto $crypto,
|
||||
AccessTokenMapper $accessTokenMapper,
|
||||
|
|
@ -94,7 +84,7 @@ class OauthApiController extends Controller {
|
|||
* @param string $client_secret
|
||||
* @return JSONResponse
|
||||
*/
|
||||
public function getToken($grant_type, $code, $refresh_token, $client_id, $client_secret) {
|
||||
public function getToken($grant_type, $code, $refresh_token, $client_id, $client_secret): JSONResponse {
|
||||
|
||||
// We only handle two types
|
||||
if ($grant_type !== 'authorization_code' && $grant_type !== 'refresh_token') {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
/**
|
||||
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
||||
*
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
/**
|
||||
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
||||
*
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
/**
|
||||
* @copyright Copyright 2018, Roeland Jago Douma <roeland@famdouma.nl>
|
||||
*
|
||||
|
|
@ -50,7 +51,7 @@ class SetTokenExpiration implements IRepairStep {
|
|||
$this->tokenProvider = $tokenProvider;
|
||||
}
|
||||
|
||||
public function getName() {
|
||||
public function getName(): string {
|
||||
return 'Update OAuth token expiration times';
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue