/**
* {@inheritdoc}
*/
public function checkerParameter(ClientInterface $client, array &$parameters)
{
if (!array_key_exists('prompt', $parameters)) {
return;
}
Assertion::true(empty(array_diff($parameters['prompt'], $this->getAllowedPromptValues())), sprintf('Invalid parameter "prompt". Allowed values are %s', json_encode($this->getAllowedPromptValues())));
Assertion::false(in_array('none', $parameters['prompt']) && 1 !== count($parameters['prompt']), 'Invalid parameter "prompt". Prompt value "none" must be used alone.');
}
/**
* @param string $gameId
* @param string $letter
* @return int
*/
public function chooseLetter($gameId, $letter)
{
Assertion::false($this->gameWon, "Game already won");
Assertion::false($this->gameLost, "Game already lost");
// if letter already exists do nothing
if ($this->lettersCorrectlyGuessed->LetterExistsInContainer($letter) || $this->lettersWrongGuessed->LetterExistsInContainer($letter)) {
$this->wrongGuessedLetter($gameId, $letter);
return;
}
// Execute the right event
$wordContainsLetter = $this->word->wordContainsLetter($letter);
if ($wordContainsLetter === false) {
$this->wrongGuessedLetter($gameId, $letter);
return;
}
// throw good guess
$this->correctlyGuessedLetters($gameId, $letter);
}
/**
* {@inheritdoc}
*/
public function encrypt(Object\JWEInterface &$jwe)
{
Assertion::false($jwe->isEncrypted(), 'The JWE is already encrypted.');
Assertion::greaterThan($jwe->countRecipients(), 0, 'The JWE does not contain recipient.');
$additional_headers = [];
$nb_recipients = $jwe->countRecipients();
$content_encryption_algorithm = $this->getContentEncryptionAlgorithm($jwe);
$compression_method = $this->getCompressionMethod($jwe);
$key_management_mode = $this->getKeyManagementMode($jwe);
$cek = $this->determineCEK($jwe, $content_encryption_algorithm, $key_management_mode, $additional_headers);
for ($i = 0; $i < $nb_recipients; $i++) {
$this->processRecipient($jwe, $jwe->getRecipient($i), $cek, $content_encryption_algorithm, $additional_headers);
}
if (!empty($additional_headers) && 1 === $jwe->countRecipients()) {
$jwe = $jwe->withSharedProtectedHeaders(array_merge($jwe->getSharedProtectedHeaders(), $additional_headers));
}
$iv_size = $content_encryption_algorithm->getIVSize();
$iv = $this->createIV($iv_size);
$this->encryptJWE($jwe, $content_encryption_algorithm, $cek, $iv, $compression_method);
}
/**
* @param \Jose\Object\JWSInterface $jws
* @param null|string $detached_payload
*/
private function checkPayload(Object\JWSInterface $jws, $detached_payload = null)
{
Assertion::false(null !== $detached_payload && !empty($jws->getPayload()), 'A detached payload is set, but the JWS already has a payload.');
Assertion::true(!empty($jws->getPayload()) || null !== $detached_payload, 'No payload.');
}
/**
* @param array $complete_header The complete header
* @param \Jose\Object\JWKInterface $key
*
* @return \Jose\Algorithm\SignatureAlgorithmInterface
*/
private function getSignatureAlgorithm(array $complete_header, Object\JWKInterface $key)
{
Assertion::keyExists($complete_header, 'alg', 'No "alg" parameter set in the header.');
Assertion::false($key->has('alg') && $key->get('alg') !== $complete_header['alg'], sprintf('The algorithm "%s" is not allowed with this key.', $complete_header['alg']));
$signature_algorithm = $this->getJWAManager()->getAlgorithm($complete_header['alg']);
Assertion::isInstanceOf($signature_algorithm, Algorithm\SignatureAlgorithmInterface::class, sprintf('The algorithm "%s" is not supported.', $complete_header['alg']));
return $signature_algorithm;
}
/**
* @throws \InvalidArgumentException
*
* @return string
*/
private function downloadContent()
{
$params = [CURLOPT_RETURNTRANSFER => true, CURLOPT_URL => $this->url];
if (false === $this->allow_unsecured_connection) {
$params[CURLOPT_SSL_VERIFYPEER] = true;
$params[CURLOPT_SSL_VERIFYHOST] = 2;
}
$ch = curl_init();
curl_setopt_array($ch, $params);
$content = curl_exec($ch);
curl_close($ch);
Assertion::false(false === $content, 'Unable to get content.');
return $content;
}
/**
* @Then /^the block should not be confirmed$/
*/
public function ensureNotBlocked()
{
Assertion::false($this->isBlocked);
}
public function testInvalidFalse()
{
$this->setExpectedException('Assert\\AssertionFailedException', null, Assertion::INVALID_FALSE);
Assertion::false(true);
}
/**
* {@inheritdoc}
*/
public function uncompress($data)
{
$data = gzuncompress($data);
Assertion::false(false === $data, 'Unable to uncompress data');
return $data;
}
private function validate()
{
Assertion::nullOrString($this->logMessageRegExp);
Assertion::nullOrString($this->logMessageInString);
Assertion::nullOrString($this->logContextFuzzy);
Assertion::nullOrIsInstanceOf($this->logTimeLowerBounds, DateTimeInterface::class);
Assertion::nullOrIsInstanceOf($this->logTimeUpperBounds, DateTimeInterface::class);
Assertion::nullOrIsArray($this->logLevelList);
if (!is_null($this->logLevelList)) {
Assertion::notEmpty($this->logLevelList);
Assertion::allInArray($this->logLevelList, array_values((new ReflectionClass(LogLevel::class))->getConstants()));
}
if (!is_null($this->logMessageRegExp)) {
Assertion::true(RegexGuardFactory::getGuard()->isRegexValid($this->logMessageRegExp));
}
if (!is_null($this->logTimeLowerBounds) && !is_null($this->logTimeUpperBounds)) {
Assertion::false($this->logTimeLowerBounds->diff($this->logTimeUpperBounds)->invert);
}
}
/**
* @param \SpomkyLabs\JoseBundle\DependencyInjection\Source\SourceInterface $source
*/
public function addServiceSource(Source\SourceInterface $source)
{
$name = $source->getName();
Assertion::false(in_array($name, $this->service_sources), sprintf('The source "%s" is already set.', $name));
$this->service_sources[$name] = $source;
}
/**
* @throws \InvalidArgumentException
*/
private function checkRedirectUriForAllClient()
{
Assertion::false($this->isRedirectUriStorageEnforced(), 'Clients must register at least one redirect URI.');
}
/**
* @param string $data
*
* @throws \Exception
* @throws \FG\ASN1\Exception\ParserException
*
* @return array
*/
private function loadPEM($data)
{
$res = openssl_pkey_get_private($data);
if (false === $res) {
$res = openssl_pkey_get_public($data);
}
Assertion::false(false === $res, 'Unable to load the key');
$details = openssl_pkey_get_details($res);
Assertion::keyExists($details, 'rsa', 'Unable to load the key');
$this->values['kty'] = 'RSA';
$keys = ['n' => 'n', 'e' => 'e', 'd' => 'd', 'p' => 'p', 'q' => 'q', 'dp' => 'dmp1', 'dq' => 'dmq1', 'qi' => 'iqmp'];
foreach ($details['rsa'] as $key => $value) {
if (in_array($key, $keys)) {
$value = Base64Url::encode($value);
$this->values[array_search($key, $keys)] = $value;
}
}
}
/**
* @Then /^no log about "(.*)" should exist on user "(.*)" should exist$/
*
* @param string $ip
* @param string $username
*/
public function ensureNoLogRemains(string $ip, string $username)
{
Assertion::false($this->getEntityManager()->getRepository('Account:User')->findOneBy(['username' => $username])->exceedsIpFailedAuthAttemptMaximum($ip, new DateTimeComparison()));
}
/**
* {@inheritdoc}
*/
public function addPKCEMethod(PKCEMethodInterface $method)
{
Assertion::false(array_key_exists($method->getMethodName(), $this->pkce_methods), sprintf('The method "%s" already exists.', $method->getMethodName()));
$this->pkce_methods[$method->getMethodName()] = $method;
}
/**
* @param array $x5c
*
* @return array
*/
public static function loadFromX5C(array $x5c)
{
$certificate = null;
$last_issuer = null;
$last_subject = null;
foreach ($x5c as $cert) {
$current_cert = '-----BEGIN CERTIFICATE-----' . PHP_EOL . $cert . PHP_EOL . '-----END CERTIFICATE-----';
$x509 = openssl_x509_read($current_cert);
if (false === $x509) {
$last_issuer = null;
$last_subject = null;
break;
}
$parsed = openssl_x509_parse($x509);
openssl_x509_free($x509);
if (false === $parsed) {
$last_issuer = null;
$last_subject = null;
break;
}
if (null === $last_subject) {
$last_subject = $parsed['subject'];
$last_issuer = $parsed['issuer'];
$certificate = $current_cert;
} else {
if (json_encode($last_issuer) === json_encode($parsed['subject'])) {
$last_subject = $parsed['subject'];
$last_issuer = $parsed['issuer'];
} else {
$last_issuer = null;
$last_subject = null;
break;
}
}
}
Assertion::false(null === $last_issuer || json_encode($last_issuer) !== json_encode($last_subject), 'Invalid certificate chain.');
return self::loadKeyFromCertificate($certificate);
}
/**
* @param string $thumbnailLocation
* @param string $title
* @param string $description
* @param string|null $contentLocation
* @param PlayerLocationInterface|null $playerLocation
*
* @throws \InvalidArgumentException
*/
public function __construct($thumbnailLocation, $title, $description, $contentLocation = null, PlayerLocationInterface $playerLocation = null)
{
Assertion::maxLength($title, VideoInterface::TITLE_MAX_LENGTH);
Assertion::maxLength($description, VideoInterface::DESCRIPTION_MAX_LENGTH);
Assertion::false($contentLocation === null && $playerLocation === null, sprintf('At least one of parameters "%s" needs to be specified', implode('", "', ['contentLocation', 'playerLocation'])));
$this->thumbnailLocation = $thumbnailLocation;
$this->title = $title;
$this->description = $description;
$this->contentLocation = $contentLocation;
$this->playerLocation = $playerLocation;
}
/**
* @When I enter this api key in order to approve the recently created account
*/
public function iEnterThisApiKeyInOrderToApproveTheRecentlyCreatedAccount()
{
$user = $this->getRegisteredUser();
$query = http_build_query(['username' => $user->getUsername(), 'activation_key' => $user->getActivationKey()]);
Assertion::false(empty($user->getActivationKey()));
$this->response = $this->performRequest('PATCH', sprintf('/api/users/activate.json?%s', $query), [], true, [], [], 204);
}
/**
* Authenticates a user and returns the api key.
*
* @param string $username
* @param string $password
* @param bool $expectSuccess
*
* @throws \Exception If the authentication failed
*
* @return string
*/
protected function authenticate($username, $password, $expectSuccess = true)
{
$response = $this->performRequest('POST', '/api/api-key.json', ['username' => $username, 'password' => $password], $expectSuccess, [], [], $expectSuccess ? 200 : 401);
if ($expectSuccess) {
return $response['apiKey'];
} else {
Assertion::false(isset($response['apiKey']));
return false;
}
}
/**
* @param string $key The Key to wrap
* @param bool $padding_enabled
*/
private static function checkKeySize($key, $padding_enabled)
{
Assertion::false(false === $padding_enabled && 0 !== mb_strlen($key, '8bit') % 8, 'Bad key size');
Assertion::greaterOrEqualThan(mb_strlen($key, '8bit'), 1, 'Bad key size');
}
/**
* @param array $request_parameters
*/
private function checkSoftwareStatement(array &$request_parameters)
{
if ($this->isSoftwareStatementSupported()) {
Assertion::false(false === array_key_exists('software_statement', $request_parameters) && true === $this->is_software_statement_required, 'Software Statement required.');
if (array_key_exists('software_statement', $request_parameters)) {
$this->updateRequestParametersWithSoftwareStatement($request_parameters);
}
} elseif (array_key_exists('software_statement', $request_parameters)) {
throw new \InvalidArgumentException('Software Statement parameter not supported.');
}
}
/**
* @param string $issuer
*/
public function setIssuer($issuer)
{
Assertion::string($issuer, 'Issuer must be a string.');
Assertion::false($this->hasColon($issuer), 'Issuer must not contain a colon.');
$this->issuer = $issuer;
}
/**
* @Then the key should not be approvable
*/
public function theKeyShouldNotBeApprovable()
{
Assertion::false($this->result);
}