/**
* @param JWKInterface $key
*/
private function checkKey(JWKInterface $key)
{
Assertion::eq($key->get('kty'), 'OKP', 'Wrong key type.');
Assertion::true($key->has('x'), 'The key parameter "x" is missing.');
Assertion::true($key->has('crv'), 'The key parameter "crv" is missing.');
Assertion::inArray($key->get('crv'), ['Ed25519'], 'Unsupported curve');
}
private function setHandlerLoggerLevel($handlerLoggerLevel)
{
$levels = [Logger::DEBUG, Logger::INFO, Logger::NOTICE, Logger::WARNING, Logger::ERROR, Logger::CRITICAL, Logger::ALERT, Logger::EMERGENCY];
Assertion::inArray($handlerLoggerLevel, $levels);
$this->handlerLoggerLevel = $handlerLoggerLevel;
return $this;
}
private function assertConfig(array $config)
{
Assertion::keyExists($config, "dbname");
Assertion::string($config['dbname']);
Assertion::keyExists($config, "driver");
Assertion::inArray($config["driver"], $this->supportedDrivers);
}
/**
* @param string $type
* @param string $code
*/
public function __construct($type, $code)
{
Assertion::inArray($type, $this->types);
Assertion::string($code);
$this->type = $type;
$this->code = $code;
}
/**
* @param string $text
* @param string $position
*/
public function __construct($text, $position = self::POSITION_CENTER)
{
Assertion::string($text);
Assertion::inArray($position, [self::POSITION_CENTER, self::POSITION_RIGHT, self::POSITION_LEFT]);
$this->text = $text;
$this->position = $position;
$this->artLength = max(array_map('mb_strlen', explode("\n", $text)));
}
public function thumbprint($hash_algorithm)
{
Assertion::inArray($hash_algorithm, hash_algos(), sprintf('Hash algorithm "%s" is not supported', $hash_algorithm));
$values = array_intersect_key($this->getAll(), array_flip(['kty', 'n', 'e', 'crv', 'x', 'y', 'k']));
ksort($values);
$input = json_encode($values);
return Base64Url::encode(hash($hash_algorithm, $input, true));
}
/**
* @param string $aType
* @param array $aProcessStepCollection
* @param AgentOptions $anOptions
*/
public function __construct($aType, array $aProcessStepCollection, AgentOptions $anOptions = null)
{
Assertion::inArray($aType, array(self::SEQUENCE, self::SPLIT, self::FORK, self::LOOP));
Assertion::allIsInstanceOf($aProcessStepCollection, 'GingerCore\\Model\\JsonWDL\\ProcessStep');
$this->type = $aType;
$this->processSteps = $aProcessStepCollection;
$this->options = is_null($anOptions) ? new AgentOptions(array()) : $anOptions;
}
/**
* @param string $name
* @param array $options
* @return ElementMetadata
*/
protected function addElement($name, array $options)
{
Assertion::inArray($options['type'], array_keys($this->types), "'{$options['type']}' is not a valid type");
/** @var ElementMetadata $element */
$element = new ElementMetadata($this->types[$options['type']]);
$element->setElementName($name);
$element->configure($options);
return $element;
}
/**
* @param string $aPathWithKey
* @param string $aValueType
*/
public function __construct($aPathWithKey, $aValueType)
{
Assertion::string($aPathWithKey);
$aPathWithKey = trim($aPathWithKey);
Assertion::notEmpty($aPathWithKey);
Assertion::inArray($aValueType, array(StructureDefinition::BOOLEAN, StructureDefinition::INTEGER, StructureDefinition::FLOAT, StructureDefinition::STRING, StructureDefinition::COLLECTION, StructureDefinition::HASHTABLE));
$this->extractPathFromKey($aPathWithKey);
$this->valueType = $aValueType;
}
public function __construct(DateTimeInterface $logDate, $logLevel, $logMessage, array $logContext, array $logCallGraph)
{
Assertion::inArray($logLevel, (new ReflectionClass(LogLevel::class))->getConstants());
Assertion::string($logMessage);
$this->logDate = $logDate;
$this->logLevel = $logLevel;
$this->logMessage = $logMessage;
$this->logContext = $logContext;
$this->logCallGraph = $logCallGraph;
}
/**
* @param \Jose\JWTCreatorInterface $jwt_creator
* @param string $issuer
* @param string $signature_algorithm
* @param \Jose\Object\JWKSetInterface $signature_key_set
*/
public function enableSignedResponsesSupport(JWTCreatorInterface $jwt_creator, $issuer, $signature_algorithm, JWKSetInterface $signature_key_set)
{
Assertion::string($issuer);
Assertion::inArray($signature_algorithm, $jwt_creator->getSupportedSignatureAlgorithms());
Assertion::greaterThan($signature_key_set->countKeys(), 0, 'The signature key set must have at least one key.');
$this->setJWTCreator($jwt_creator);
$this->setIssuer($issuer);
$this->signature_key_set = $signature_key_set;
$this->signature_algorithm = $signature_algorithm;
}
/**
* Static constructor.
*
* @param string $type
* @param int $id
* @param int $userId
* @param \DateTimeInterface $date
*
* @return TwitterDelete
*/
public static function create($type, $id, $userId, \DateTimeInterface $date)
{
$obj = new self();
Assertion::inArray($type, [self::TWEET, self::DM]);
$obj->type = $type;
$obj->id = $id;
$obj->userId = $userId;
$obj->date = $date;
return $obj;
}
/**
* EncryptedSubjectIdentifier constructor.
*
* @param string $pairwise_hash_key
* @param string $algorithm
* @param string $salt
*/
public function __construct($pairwise_hash_key, $algorithm, $salt)
{
Assertion::string($pairwise_hash_key);
Assertion::string($algorithm);
Assertion::string($salt);
Assertion::inArray($algorithm, hash_algos(), sprintf('The algorithm "%s" is not supported.', $algorithm));
$this->pairwise_hash_key = $pairwise_hash_key;
$this->algorithm = $algorithm;
$this->salt = $salt;
}
/**
* EncryptedSubjectIdentifier constructor.
*
* @param string $pairwise_encryption_key
* @param string $algorithm
* @param null|string $iv
* @param string $salt
*/
public function __construct($pairwise_encryption_key, $algorithm, $iv, $salt)
{
Assertion::nullOrString($iv);
Assertion::string($salt);
Assertion::string($pairwise_encryption_key);
Assertion::string($algorithm);
Assertion::inArray($algorithm, openssl_get_cipher_methods(), sprintf('The algorithm "%s" is not supported.', $algorithm));
$this->pairwise_encryption_key = $pairwise_encryption_key;
$this->algorithm = $algorithm;
$this->salt = $salt;
$this->iv = $iv;
}
/**
* {@inheritdoc}
*/
public function check(ClientInterface $client, array $registration_parameters)
{
if (!array_key_exists('id_token_encrypted_response_alg', $registration_parameters) || !array_key_exists('id_token_encrypted_response_enc', $registration_parameters)) {
return;
}
Assertion::string($registration_parameters['id_token_encrypted_response_alg'], 'Invalid parameter "id_token_encrypted_response_alg". The value must be a string.');
Assertion::string($registration_parameters['id_token_encrypted_response_enc'], 'Invalid parameter "id_token_encrypted_response_enc". The value must be a string.');
Assertion::inArray($registration_parameters['id_token_encrypted_response_alg'], $this->getIdTokenManager()->getSupportedKeyEncryptionAlgorithms(), sprintf('The ID Token content encryption algorithm "%s" is not supported. Please choose one of the following algorithm: %s', $registration_parameters['id_token_encrypted_response_alg'], json_encode($this->getIdTokenManager()->getSupportedContentEncryptionAlgorithms())));
Assertion::inArray($registration_parameters['id_token_encrypted_response_enc'], $this->getIdTokenManager()->getSupportedContentEncryptionAlgorithms(), sprintf('The ID Token key encryption algorithm "%s" is not supported. Please choose one of the following algorithm: %s', $registration_parameters['id_token_encrypted_response_enc'], json_encode($this->getIdTokenManager()->getSupportedKeyEncryptionAlgorithms())));
$client->set('id_token_encrypted_response_alg', $registration_parameters['id_token_encrypted_response_alg']);
$client->set('id_token_encrypted_response_enc', $registration_parameters['id_token_encrypted_response_enc']);
}
/**
* {@inheritdoc}
*/
public function check(ClientInterface $client, array $registration_parameters)
{
if (!array_key_exists('subject_type', $registration_parameters)) {
return;
}
Assertion::string($registration_parameters['subject_type'], 'Invalid parameter "subject_type". The value must be a string.');
$supported_types = ['public'];
if ($this->getUserinfo()->isPairwiseSubjectIdentifierSupported()) {
$supported_types[] = 'pairwise';
}
Assertion::inArray($registration_parameters['subject_type'], $supported_types, sprintf('The subject type "%s" is not supported. Please use one of the following value: %s', $registration_parameters['subject_type'], json_encode($supported_types)));
$client->set('subject_type', $registration_parameters['subject_type']);
}
/**
* {@inheritdoc}
*/
public function checkClaim(JWTInterface $jwt)
{
if (!$jwt->hasClaim('aud')) {
return [];
}
$audience = $jwt->getClaim('aud');
if (is_string($audience)) {
Assertion::eq($audience, $this->audience, sprintf('The audience "%s" is not known.', $audience));
} elseif (is_array($audience)) {
Assertion::inArray($this->audience, $audience, sprintf('The audience "%s" is not known.', $audience));
} else {
throw new \InvalidArgumentException('The claim "aud" has a bad format');
}
return ['aud'];
}
/**
* @param string $label
* @param string $nativeType
* @param bool $hasIdentifier
* @param null|string $identifierName
*/
public function __construct($label, $nativeType, $hasIdentifier, $identifierName = null)
{
Assertion::notEmpty($label);
Assertion::string($label);
Assertion::inArray($nativeType, NativeType::all());
Assertion::boolean($hasIdentifier);
if (!is_null($identifierName)) {
Assertion::notEmpty($identifierName);
Assertion::string($identifierName);
}
$this->label = $label;
$this->nativeType = $nativeType;
$this->hasIdentifier = $hasIdentifier;
$this->identifierName = $identifierName;
}
/**
* {@inheritdoc}
*/
public function checkClaim(JWTInterface $jwt)
{
if (!$jwt->hasClaim('aud')) {
return [];
}
$audience = $jwt->getClaim('aud');
if (is_string($audience)) {
Assertion::eq($audience, $this->getAudience(), 'Bad audience.');
} elseif (is_array($audience)) {
Assertion::inArray($this->getAudience(), $audience, 'Bad audience.');
} else {
throw new \InvalidArgumentException('Bad audience.');
}
return ['aud'];
}
/**
* DownloadedJWKSet constructor.
*
* @param string $url
* @param \Psr\Cache\CacheItemPoolInterface|null $cache
* @param int $ttl
* @param bool $allow_unsecured_connection
* @param bool $allow_http_connection
*/
public function __construct($url, CacheItemPoolInterface $cache = null, $ttl = 86400, $allow_unsecured_connection = false, $allow_http_connection = false)
{
Assertion::boolean($allow_unsecured_connection);
Assertion::boolean($allow_http_connection);
Assertion::integer($ttl);
Assertion::min($ttl, 0);
Assertion::false(false === filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED | FILTER_FLAG_HOST_REQUIRED), 'Invalid URL.');
$allowed_protocols = ['https'];
if (true === $allow_http_connection) {
$allowed_protocols[] = 'http';
}
Assertion::inArray(mb_substr($url, 0, mb_strpos($url, '://', 0, '8bit'), '8bit'), $allowed_protocols, sprintf('The provided sector identifier URI is not valid: scheme must be one of the following: %s.', json_encode($allowed_protocols)));
$this->url = $url;
$this->cache = $cache;
$this->ttl = $ttl;
$this->allow_unsecured_connection = $allow_unsecured_connection;
}
private function __construct($target, array $allowedTypes, $preferredType = null, array $metadata)
{
Assertion::notEmpty($target);
Assertion::string($target);
Assertion::notEmpty($allowedTypes);
$this->assertMetadata($metadata);
foreach ($allowedTypes as $allowedType) {
Assertion::classExists($allowedType);
Assertion::implementsInterface($allowedType, 'Prooph\\Processing\\Type\\Type');
}
if (!is_null($preferredType)) {
Assertion::inArray($preferredType, $allowedTypes);
}
$this->target = $target;
$this->allowedTypes = $allowedTypes;
$this->preferredType = $preferredType;
$this->metadata = $metadata;
}
/**
* JWTAccessTokenManager constructor.
*
* @param \Jose\JWTCreatorInterface $jwt_creator
* @param \Jose\JWTLoaderInterface $jwt_loader
* @param string $signature_algorithm
* @param \Jose\Object\JWKSetInterface $signature_key_set
* @param string $issuer
* @param string $key_encryption_algorithm
* @param string $content_encryption_algorithm
* @param \Jose\Object\JWKSetInterface $key_encryption_key_set
*/
public function __construct(JWTCreatorInterface $jwt_creator, JWTLoaderInterface $jwt_loader, $signature_algorithm, JWKSetInterface $signature_key_set, $key_encryption_algorithm, $content_encryption_algorithm, JWKSetInterface $key_encryption_key_set, $issuer)
{
Assertion::string($signature_algorithm);
Assertion::string($key_encryption_algorithm);
Assertion::string($content_encryption_algorithm);
Assertion::greaterThan($signature_key_set->countKeys(), 0, 'The signature key set must have at least one key.');
Assertion::greaterThan($key_encryption_key_set->countKeys(), 0, 'The encryption key set must have at least one key.');
Assertion::inArray($signature_algorithm, $jwt_creator->getSupportedSignatureAlgorithms());
Assertion::inArray($key_encryption_algorithm, $jwt_creator->getSupportedKeyEncryptionAlgorithms());
Assertion::inArray($content_encryption_algorithm, $jwt_creator->getSupportedContentEncryptionAlgorithms());
$this->signature_algorithm = $signature_algorithm;
$this->key_encryption_algorithm = $key_encryption_algorithm;
$this->content_encryption_algorithm = $content_encryption_algorithm;
$this->setIssuer($issuer);
$this->signature_key_set = $signature_key_set;
$this->key_encryption_key_set = $key_encryption_key_set;
$this->setJWTCreator($jwt_creator);
$this->setJWTLoader($jwt_loader);
}
/**
* {@inheritdoc}
*/
public function check(ClientInterface $client, array $registration_parameters)
{
if (!$this->hasScopeManager()) {
return;
}
if (array_key_exists('scope', $registration_parameters)) {
Assertion::regex($registration_parameters['scope'], '/^[\\x20\\x23-\\x5B\\x5D-\\x7E]+$/', 'Invalid characters found in the "scope" parameter.');
$client->set('scope', $registration_parameters['scope']);
}
if (array_key_exists('scope_policy', $registration_parameters)) {
Assertion::inArray($registration_parameters['scope_policy'], $this->getScopeManager()->getSupportedScopePolicies(), sprintf('The scope policy "%s" is not supported. Please choose one of the following policy: "%s".', $registration_parameters['scope_policy'], json_encode($this->getScopeManager()->getSupportedScopePolicies())));
$client->set('scope_policy', $registration_parameters['scope_policy']);
}
/*
* Should be handled by the scope policy itself
*/
if (array_key_exists('default_scope', $registration_parameters)) {
Assertion::regex($registration_parameters['default_scope'], '/^[\\x20\\x23-\\x5B\\x5D-\\x7E]+$/', 'Invalid characters found in the "default_scope" parameter.');
$client->set('default_scope', $registration_parameters['default_scope']);
}
}
/**
* @param array $taskListEntryData
* @return TaskListEntry
*/
public static function fromArray(array $taskListEntryData)
{
Assertion::keyExists($taskListEntryData, 'taskListPosition');
Assertion::keyExists($taskListEntryData, 'taskData');
Assertion::keyExists($taskListEntryData, 'taskClass');
Assertion::keyExists($taskListEntryData, 'status');
Assertion::keyExists($taskListEntryData, 'startedOn');
Assertion::keyExists($taskListEntryData, 'finishedOn');
Assertion::keyExists($taskListEntryData, 'log');
Assertion::inArray($taskListEntryData['status'], [self::STATUS_NOT_STARTED, self::STATUS_IN_PROGRESS, self::STATUS_DONE, self::STATUS_FAILED]);
$taskListPosition = TaskListPosition::fromString($taskListEntryData['taskListPosition']);
$taskClass = $taskListEntryData['taskClass'];
$task = $taskClass::reconstituteFromArray($taskListEntryData['taskData']);
$startedOn = is_null($taskListEntryData['startedOn']) ? null : new \DateTime($taskListEntryData['startedOn']);
$finishedOn = is_null($taskListEntryData['finishedOn']) ? null : new \DateTime($taskListEntryData['finishedOn']);
$instance = new self($taskListPosition, $task);
$instance->status = $taskListEntryData['status'];
$instance->startedOn = $startedOn;
$instance->finishedOn = $finishedOn;
$instance->setLogFromArray($taskListEntryData['log']);
return $instance;
}
/**
* @param \Jose\Object\JWKInterface $key
* @param string $usage
*
* @return bool
*/
private function checkOperation(JWKInterface $key, $usage)
{
$ops = $key->get('key_ops');
if (!is_array($ops)) {
$ops = [$ops];
}
switch ($usage) {
case 'verification':
Assertion::inArray('verify', $ops, 'Key cannot be used to verify a signature');
return true;
case 'signature':
Assertion::inArray('sign', $ops, 'Key cannot be used to sign');
return true;
case 'encryption':
Assertion::true(in_array('encrypt', $ops) || in_array('wrapKey', $ops), 'Key cannot be used to encrypt');
return true;
case 'decryption':
Assertion::true(in_array('decrypt', $ops) || in_array('unwrapKey', $ops), 'Key cannot be used to decrypt');
return true;
default:
throw new \InvalidArgumentException('Unsupported key usage.');
}
}
/**
* @param int $result
*/
private static function assertDeletePersistentSubscriptionResult(int $result)
{
Assertion::inArray($result, [self::SUCCESS, self::DOES_NOT_EXIST, self::FAIL, self::ACCESS_DENIED], 'Not a valid result');
}
/**
* @param $value
* @throws Exception\InvalidTypeException
* @return AbstractDictionary
*/
public static function fromJsonDecodedData($value)
{
$prototypes = static::getPropertyPrototypes();
$propertyNames = array_keys($prototypes);
if (!is_array($value)) {
throw InvalidTypeException::fromMessageAndPrototype("Value must be an array", static::prototype());
}
$valueKeys = array_keys($value);
try {
if ($valueKeys != $propertyNames) {
foreach (array_keys($value) as $propertyName) {
Assertion::inArray($propertyName, $propertyNames);
}
foreach ($propertyNames as $propertyName) {
Assertion::inArray($propertyName, array_keys($value));
}
}
foreach ($value as $propertyName => $encodedProperty) {
$propertyPrototype = $prototypes[$propertyName];
$propertyClass = $propertyPrototype->of();
try {
$value[$propertyName] = $propertyClass::fromJsonDecodedData($encodedProperty);
} catch (\Exception $ex) {
throw InvalidTypeException::fromMessageAndPrototype(sprintf('Failed to create property %s from json. Error: %s', $propertyName, $ex->getMessage()), static::prototype());
}
}
return new static($value);
} catch (\InvalidArgumentException $ex) {
throw InvalidTypeException::fromInvalidArgumentExceptionAndPrototype($ex, static::prototype());
}
}
/**
* @param string $digest
*/
private function setDigest($digest)
{
Assertion::string($digest, 'Digest must be a string.');
Assertion::inArray($digest, hash_algos(), sprintf('The "%s" digest is not supported.', $digest));
$this->parameters['algorithm'] = $digest;
}
/**
* @param string $colour
* @return $this
*/
public function setForegroundColour($colour)
{
Assertion::inArray($colour, MenuStyle::getAvailableColours());
$this->style['fg'] = $colour;
return $this;
}
/**
* @param string $type
*/
private function __construct($type)
{
Assertion::inArray($type, $this->allowedTypes);
$this->type = $type;
}