/** * {@inheritdoc} */ public function checkPKCEInput($code_challenge_method, $code_challenge, $code_verifier) { Assertion::true($this->hasPKCEMethod($code_challenge_method), sprintf('Unsupported code challenge method "%s".', $code_challenge_method)); $method = $this->getPKCEMethod($code_challenge_method); Assertion::notNull($code_verifier, 'The parameter "code_verifier" is required.'); Assertion::true($method->isChallengeVerified($code_verifier, $code_challenge), 'Invalid parameter "code_verifier".'); }
/** * SimpleStringAccessTokenManager constructor. * * @param string $class * @param \Doctrine\Common\Persistence\ManagerRegistry $manager_registry * @param \Symfony\Component\EventDispatcher\EventDispatcherInterface $event_dispatcher */ public function __construct($class, ManagerRegistry $manager_registry, EventDispatcherInterface $event_dispatcher) { $this->class = $class; $this->event_dispatcher = $event_dispatcher; $this->entity_manager = $manager_registry->getManagerForClass($class); Assertion::notNull($this->entity_manager, sprintf('Unable to find the entity manager for the class "%s"', $class)); $this->entity_repository = $this->entity_manager->getRepository($class); }
/** * @param LetterGuessedCorrectly $event */ public function applyLetterGuessedCorrectly(LetterGuessedCorrectly $event) { $readModel = $this->repository->findBy(["gameId" => $event->getGameId()]); Assertion::notNull($readModel, "Readmodel doesn't hold an object"); $lastResult = end($readModel); $readModel = $lastResult->setLetterCorrectlyGuessed($event->getLetters()); $this->repository->save($readModel); }
/** * @param mixed $data * @throws \InvalidArgumentException */ public function __construct($data) { Assertion::notNull($data, 'Data must not be null'); if (is_object($data)) { throw new \InvalidArgumentException('Complex data must only be structured as array. An object is not allowed'); } $this->data = $data; }
/** * @Then the role and admin fixtures should be applied */ public function theRoleAndAdminFixturesShouldBeApplied() { $em = $this->getEntityManager(); $roleRepository = $em->getRepository('Account:Role'); $userRepository = $em->getRepository('Account:User'); Assertion::notNull($roleRepository->findOneBy(['role' => 'ROLE_USER'])); Assertion::notNull($roleRepository->findOneBy(['role' => 'ROLE_ADMIN'])); Assertion::notNull($userRepository->findOneBy(['username' => 'admin'])); }
/** * @param string $basketId * * @return Response */ public function addProductToBasketAction(Request $request, $basketId) { $basketId = new BasketId($basketId); $productToAdd = $request->request->get('productId'); $productName = $request->request->get('productName'); Assert::notNull($productName); $command = new AddProductToBasket($basketId, $productToAdd, $productName); $this->commandBus->dispatch($command); return new Response(); }
/** * @param string $result * @param Coords $target * @param Coords $startPoint * @param Coords $endPoint */ private function __construct($result, Coords $target, Coords $startPoint = null, Coords $endPoint = null) { Assertion::choice($result, [static::HIT, static::MISS, static::SANK, static::WIN]); if (in_array($result, [static::SANK, static::WIN])) { Assertion::notNull($startPoint); Assertion::notNull($endPoint); } $this->result = $result; $this->startPoint = $startPoint; $this->endPoint = $endPoint; $this->target = $target; }
/** * @param $anAgentDescriptionOrRole * @param ActionDescription $anActionDescriptionOrNull */ private function __construct($anAgentDescriptionOrRole, ActionDescription $anActionDescriptionOrNull = null) { if ($anAgentDescriptionOrRole instanceof AgentDescription) { $this->agentDescription = $anAgentDescriptionOrRole; } else { if ($anAgentDescriptionOrRole instanceof RoleDescription) { Assertion::notNull($anActionDescriptionOrNull, 'ActionDescription is required when ProcessSep is setup with a RoleDescription.'); $this->role = $anAgentDescriptionOrRole; $this->actionDescription = $anActionDescriptionOrNull; } } }
/** * {@inheritdoc} */ public function getEncodedPayload(SignatureInterface $signature) { if (true === $this->isPayloadDetached()) { return; } if (null !== $this->encoded_payload) { return $this->encoded_payload; } $payload = $this->getPayload(); if (!is_string($payload)) { $payload = json_encode($payload); } Assertion::notNull($payload, 'Unsupported payload.'); return $this->isPayloadEncoded($signature) ? Base64Url::encode($payload) : $payload; }
/** * {@inheritdoc} */ public function prepareGrantTypeResponse(ServerRequestInterface $request, GrantTypeResponseInterface &$grant_type_response) { $assertion = RequestBody::getParameter($request, 'assertion'); try { Assertion::notNull($assertion, 'Parameter "assertion" is missing.'); $jwt = $this->getJWTLoader()->load($assertion, $this->key_encryption_key_set, $this->encryption_required); Assertion::isInstanceOf($jwt, JWSInterface::class, 'Assertion does not contain signed claims.'); Assertion::true($jwt->hasClaim('sub'), 'Assertion does not contain "sub" claims.'); } catch (\Exception $e) { throw $this->getExceptionManager()->getBadRequestException(ExceptionManagerInterface::ERROR_INVALID_REQUEST, $e->getMessage()); } //We modify the response: // - We add the subject as the client public id // - We transmit the JWT to the response for further needs $grant_type_response->setClientPublicId($jwt->getClaim('sub')); $grant_type_response->setAdditionalData('jwt', $jwt); }
/** * {@inheritdoc} */ public function processUserAccount(ServerRequestInterface $request, ResponseInterface &$response, AuthorizationInterface $authorization, UserAccountInterface &$user_account = null) { // The query parameter 'id_token_hint' and the Id Token Manager are set if ($authorization->hasQueryParam('id_token_hint') && null !== $this->getIdTokenManager()) { try { $id_token_hint = $this->getIdTokenManager()->loadIdToken($authorization->getQueryParam('id_token_hint')); Assertion::true($id_token_hint->hasClaim('sub'), 'Invalid "id_token_hint" parameter.'); $public_id = $this->getIdTokenManager()->getPublicIdFromSubjectIdentifier($id_token_hint->getClaim('sub')); Assertion::notNull($public_id, 'Invalid "id_token_hint" parameter.'); if (null === $user_account) { $user_account = $this->getUserAccountManager()->getUserAccountByPublicId($public_id); } else { if ($user_account->getPublicId() !== $public_id) { throw new RedirectToLoginPageException($authorization); } } } catch (\InvalidArgumentException $e) { throw new CreateRedirectionException($authorization, ExceptionManagerInterface::BAD_REQUEST, $e->getMessage()); } } }
/** * @param array $params * @param string $request * @param \OAuth2\Client\ClientInterface|null $client * * @throws \OAuth2\Exception\BadRequestExceptionInterface * * @return \Jose\Object\JWSInterface */ private function loadRequest(array $params, $request, ClientInterface &$client = null) { $jwt = $this->getJWTLoader()->load($request, $this->key_encryption_key_set, $this->require_encryption); try { Assertion::true($jwt->hasClaims(), 'The request object does not contain claims.'); $client = $this->getClient(array_merge($params, $jwt->getClaims())); $public_key_set = $client->getPublicKeySet(); Assertion::notNull($public_key_set, 'The client does not have signature capabilities.'); $this->getJWTLoader()->verify($jwt, $public_key_set); $missing_claims = array_keys(array_diff_key(array_flip($this->mandatory_claims), $jwt->getClaims())); Assertion::true(0 === count($missing_claims), 'The following mandatory claims are missing: %s.', json_encode($missing_claims)); } catch (\Exception $e) { throw $this->getExceptionManager()->getBadRequestException(ExceptionManagerInterface::ERROR_INVALID_REQUEST_OBJECT, $e->getMessage()); } return $jwt; }
/** * @param string $address */ public function setAddress($address) { Assertion::notNull($address); Assertion::string($address); $this->address = $address; }
/** * {@inheritdoc} */ public function createIdToken(ClientInterface $client, UserAccountInterface $user_account, $redirect_uri, $claims_locales, array $request_claims, array $scope, array $id_token_claims = [], AccessTokenInterface $access_token = null, AuthCodeInterface $auth_code = null) { $id_token = $this->createEmptyIdToken(); $exp = null !== $access_token ? $access_token->getExpiresAt() : time() + $this->getLifetime($client); $claims = array_merge($this->getUserinfo()->getUserinfo($client, $user_account, $redirect_uri, $claims_locales, $request_claims, $scope), ['jti' => Base64Url::encode(random_bytes(25)), 'iss' => $this->getIssuer(), 'aud' => [$client->getPublicId(), $this->getIssuer()], 'iat' => time(), 'nbf' => time(), 'exp' => $exp]); foreach (['at_hash' => $access_token, 'c_hash' => $auth_code] as $key => $token) { if (null !== $token) { $claims[$key] = $this->getHash($token->getToken()); } } foreach (['last_login_at' => 'auth_time', 'amr' => 'amr', 'acr' => 'acr'] as $claim => $key) { if ($user_account->has($claim)) { $claims[$key] = $user_account->get($claim); } } $headers = ['typ' => 'JWT', 'alg' => $this->getSignatureAlgorithm()]; $signature_key = $this->signature_key_set->selectKey('sig', $this->getSignatureAlgorithm()); Assertion::notNull($signature_key, 'Unable to find a key to sign the ID Token. Please verify the selected key set contains suitable keys.'); if ($signature_key->has('kid')) { $headers['kid'] = $signature_key->get('kid'); } if (!empty($id_token_claims)) { $claims = array_merge($claims, $id_token_claims); } $jwt = $this->jwt_creator->sign($claims, $headers, $signature_key); if ($client->hasPublicKeySet() && $client->has('id_token_encrypted_response_alg') && $client->has('id_token_encrypted_response_enc')) { $key_set = $client->getPublicKeySet(); $key = $key_set->selectKey('enc'); if (null !== $key) { $headers = ['typ' => 'JWT', 'jti' => Base64Url::encode(random_bytes(25)), 'alg' => $client->get('id_token_encrypted_response_alg'), 'enc' => $client->get('id_token_encrypted_response_enc')]; $jwt = $this->jwt_creator->encrypt($jwt, $headers, $key); } } $id_token->setToken($jwt); $id_token->setExpiresAt($exp); $id_token->setClientPublicId($client->getPublicId()); $id_token->setResourceOwnerPublicId($user_account->getUserPublicId()); return $id_token; }
private function checkRequestAndClient(ServerRequestInterface $request, ClientInterface $client) { Assertion::true($this->isRequestSecured($request), 'The request must be secured.'); Assertion::true($client->has('registration_access_token'), 'Invalid client.'); $values = []; $token = $this->bearer_token->findToken($request, $values); Assertion::notNull($token, 'Initial Access Token is missing or invalid.'); Assertion::eq($token, $client->get('registration_access_token'), 'Initial Access Token is missing or invalid.'); }
public function testInvalidNotNull() { $this->setExpectedException('Assert\\AssertionFailedException', null, Assertion::VALUE_NULL); Assertion::notNull(null); }
public function getTargetPropertyName() : string { Assertion::notNull($this->targetPropertyName); return $this->targetPropertyName; }
/** * {@inheritdoc} */ public function verify(Object\JWSInterface $jws, Object\JWKSetInterface $signature_key_set, $detached_payload = null) { Assertion::inArray($jws->getSignature(0)->getProtectedHeader('alg'), $this->getSupportedSignatureAlgorithms(), sprintf('The signature algorithm "%s" is not supported or not allowed.', $jws->getSignature(0)->getProtectedHeader('alg'))); $index = null; $this->verifier->verifyWithKeySet($jws, $signature_key_set, $detached_payload, $index); Assertion::notNull($index, 'JWS signature(s) verification failed.'); $this->checker_manager->checkJWS($jws, $index); return $index; }
/** * Validate id: * $id !== null * @param $id */ public static function id($id) { Assert::notNull($id); }
/** * Static constructor. * * @param string $type * @param TwitterUser $source * @param TwitterUser $target * @param TwitterEventTarget $object * @param \DateTimeInterface $date * * @return TwitterEvent */ public static function create($type, TwitterUser $source, TwitterUser $target = null, TwitterEventTarget $object = null, \DateTimeInterface $date = null) { $obj = new self(); Assertion::notNull($date); Assertion::eq(new \DateTimeZone('UTC'), $date->getTimezone()); $obj->type = $type; $obj->source = $source; $obj->target = $target; $obj->object = $object; $obj->date = $date; return $obj; }
/** * @param string $method * * @throws \InvalidArgumentException * * @return \Jose\Compression\CompressionInterface */ private function getCompressionMethod($method) { $compression_method = $this->getCompressionManager()->getCompressionAlgorithm($method); Assertion::notNull($compression_method, sprintf('Compression method "%s" not supported', $method)); return $compression_method; }
public function getIdentity() : Identity { Assertion::notNull($this->identity); return $this->identity; }
public function getRecordId() : RecordId { Assertion::notNull($this->recordId); return $this->recordId; }
/** * @param $curve * * @return string */ private function getOID($curve) { $curves = $this->getSupportedCurves(); $oid = array_key_exists($curve, $curves) ? $curves[$curve] : null; Assertion::notNull($oid, 'Unsupported curve'); return $oid; }
/** * @param string $password */ public function setPassword($password) { Assertion::notNull($password); $this->password = $password; }
/** * @Then I should get an error */ public function iShouldGetAnError() { Assertion::notNull($this->exception); Assertion::isInstanceOf($this->exception, \InvalidArgumentException::class); }
protected function guardRequiredState() { parent::guardRequiredState(); Assertion::notNull($this->auth_token); Assertion::date($this->token_expire_date, DATE_ISO8601); }
/** * @param string $pem * @param string[] $matches * @param null|string $password * * @return string */ private static function decodePem($pem, array $matches, $password = null) { Assertion::notNull($password, 'Password required for encrypted keys.'); $iv = pack('H*', trim($matches[2])); $iv_sub = mb_substr($iv, 0, 8, '8bit'); $symkey = pack('H*', md5($password . $iv_sub)); $symkey .= pack('H*', md5($symkey . $password . $iv_sub)); $key = preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $pem); $ciphertext = base64_decode(preg_replace('#-.*-|\\r|\\n#', '', $key)); $decoded = openssl_decrypt($ciphertext, strtolower($matches[1]), $symkey, true, $iv); $number = preg_match_all('#-{5}.*-{5}#', $pem, $result); Assertion::eq($number, 2, 'Unable to load the key'); $pem = $result[0][0] . PHP_EOL; $pem .= chunk_split(base64_encode($decoded), 64); $pem .= $result[0][1] . PHP_EOL; return $pem; }
public function getFormErrorSequence() : FormErrorSequence { Assertion::notNull($this->formErrorSequence, 'Form errors can only be retrieved when bind result was not successful'); return $this->formErrorSequence; }
/** * Resets the Temporal object to its initial value * * @return int Returns the initial value */ public function reset() { Assertion::notNull(self::$redis, "Redis connection hasn't been set"); // Remove each individual key $items = self::$redis->sMembers($this->identifier); foreach ($items as $i) { self::$redis->delete($i); } // Remove the set and check its emptiness self::$redis->delete($this->identifier); Assertion::count(self::$redis->sMembers($this->identifier), 0); return $this->initialNumber; }