Automattic · ashfame · Apr 5, 2023 · Apr 5, 2023
diff --git a/src/Http/Handlers/AuthenticateHandler.php b/src/Http/Handlers/AuthenticateHandler.php
@@ -12,11 +12,27 @@ class AuthenticateHandler extends RequestHandler {
 	private ConsentStorage $consent_storage;
 	private array $clients;
 
+	/**
+	 * Constructor for the ConsentManager class
+	 *
+	 * @param ConsentStorage $consent_storage The ConsentStorage object
+	 * @param array          $clients         An array of clients
+	 */
+
 	public function __construct( ConsentStorage $consent_storage, array $clients ) {
 		$this->consent_storage = $consent_storage;
 		$this->clients         = $clients;
 	}
 
+	/**
+	 * Handle the request for consent.
+	 *
+	 * @param Request  $request  The request object.
+	 * @param Response $response The response object.
+	 *
+	 * @return Response The response object.
+	 */
+
 	public function handle( Request $request, Response $response ): Response {
 		if ( ! is_user_logged_in() ) {
 			auth_redirect();
@@ -59,6 +75,12 @@ public function handle( Request $request, Response $response ): Response {
 		return $response;
 	}
 
+	/**
+	 * Render the no permission screen.
+	 *
+	 * @param array $data The data to be used to render the screen.
+	 */
+
 	private function render_no_permission_screen( $data ) {
 		?>
 		<div id="openid-connect-authenticate">
@@ -91,6 +113,12 @@ private function render_no_permission_screen( $data ) {
 		<?php
 	}
 
+	/**
+	 * Render the consent screen for the user to authorize a request.
+	 *
+	 * @param array $data The data needed to render the consent screen.
+	 */
+
 	private function render_consent_screen( $data ) {
 		?>
 		<div id="openid-connect-authenticate">
@@ -142,6 +170,12 @@ private function render_consent_screen( $data ) {
 		<?php
 	}
 
+	/**
+	 * Redirects the request to the authorize endpoint.
+	 *
+	 * @param Request $request The request object.
+	 */
+
 	private function redirect( Request $request ) {
 		// Rebuild request with all parameters and send to authorize endpoint.
 		wp_safe_redirect(
@@ -174,6 +208,14 @@ private function get_client_name( Request $request ): string {
 		return $client['name'];
 	}
 
+	/**
+	 * Get the cancel URL.
+	 *
+	 * @param Request $request The request object.
+	 *
+	 * @return string The cancel URL.
+	 */
+
 	private function get_cancel_url( Request $request ) {
 		return add_query_arg(
 			array(

diff --git a/src/Http/Handlers/AuthorizeHandler.php b/src/Http/Handlers/AuthorizeHandler.php
@@ -16,11 +16,30 @@ class AuthorizeHandler extends RequestHandler {
 	private OAuth2Server $server;
 	private ConsentStorage $consent_storage;
 
+	/**
+	 * Constructor
+	 *
+	 * @param OAuth2Server   $server          The OAuth2 server instance
+	 * @param ConsentStorage $consent_storage The consent storage instance
+	 */
+
 	public function __construct( OAuth2Server $server, ConsentStorage $consent_storage ) {
 		$this->server          = $server;
 		$this->consent_storage = $consent_storage;
 	}
 
+	/**
+	 * Handle an OIDC Authorize request.
+	 * This function will check if the request is valid and if the user is logged in. If the user is not logged in, the
+	 * user will be redirected to the login page. If the user is logged in, the request will be handled and the
+	 * response will be returned.
+	 *
+	 * @param Request  $request  The request object.
+	 * @param Response $response The response object.
+	 *
+	 * @return Response The response object.
+	 */
+
 	public function handle( Request $request, Response $response ): Response {
 		// Our dependency bshaffer's OAuth library currently has a bug where it doesn't pick up nonce correctly if it's a POST request to the Authorize endpoint.
 		// Fix has been contributed upstream (https://github.com/bshaffer/oauth2-server-php/pull/1032) but it doesn't look it would be merged anytime soon based on recent activity.

diff --git a/src/Http/Handlers/ConfigurationHandler.php b/src/Http/Handlers/ConfigurationHandler.php
@@ -8,6 +8,14 @@
 use OpenIDConnectServer\Http\Router;
 
 class ConfigurationHandler extends RequestHandler {
+	/**
+	 * Handle a Request and Response object
+	 *
+	 * @param Request  $request  The Request object
+	 * @param Response $response The Response object
+	 *
+	 * @return Response The modified Response object
+	 */
 	public function handle( Request $request, Response $response ): Response {
 		$response->addHttpHeaders(
 			array(
@@ -21,6 +29,12 @@ public function handle( Request $request, Response $response ): Response {
 		return $response;
 	}
 
+	/**
+	 * Configuration function to set up the OAuth2 server.
+	 *
+	 * @return array An array of configuration settings.
+	 */
+
 	private function configuration(): array {
 		return array(
 			'issuer'                                => Router::make_url(),

diff --git a/src/Http/Handlers/TokenHandler.php b/src/Http/Handlers/TokenHandler.php
@@ -10,10 +10,25 @@
 class TokenHandler extends RequestHandler {
 	private OAuth2Server $server;
 
+	/**
+	 * Constructor
+	 *
+	 * @param OAuth2Server $server The OAuth2 server instance
+	 */
+
 	public function __construct( OAuth2Server $server ) {
 		$this->server = $server;
 	}
 
+	/**
+	 * Handles a request and returns a response.
+	 *
+	 * @param Request  $request  The request to handle
+	 * @param Response $response The response to return
+	 *
+	 * @return Response The response
+	 */
+
 	public function handle( Request $request, Response $response ): Response {
 		return $this->server->handleTokenRequest( $request );
 	}

diff --git a/src/Http/Handlers/UserInfoHandler.php b/src/Http/Handlers/UserInfoHandler.php
@@ -10,10 +10,25 @@
 class UserInfoHandler extends RequestHandler {
 	private OAuth2Server $server;
 
+	/**
+	 * Constructor
+	 *
+	 * @param OAuth2Server $server The OAuth2 server object
+	 */
+
 	public function __construct( OAuth2Server $server ) {
 		$this->server = $server;
 	}
 
+	/**
+	 * Handles a Request and returns a Response
+	 *
+	 * @param Request  $request  The Request object
+	 * @param Response $response The Response object
+	 *
+	 * @return Response The Response object
+	 */
+
 	public function handle( Request $request, Response $response ): Response {
 		return $this->server->handleUserInfoRequest( $request );
 	}

diff --git a/src/Http/Handlers/WebKeySetsHandler.php b/src/Http/Handlers/WebKeySetsHandler.php
@@ -9,10 +9,25 @@
 class WebKeySetsHandler extends RequestHandler {
 	private string $public_key;
 
+	/**
+	 * Constructor for the class
+	 *
+	 * @param string $public_key The public key to be used
+	 */
+
 	public function __construct( string $public_key ) {
 		$this->public_key = $public_key;
 	}
 
+	/**
+	 * Handle the Request and Response objects
+	 *
+	 * @param Request  $request  The Request object
+	 * @param Response $response The Response object
+	 *
+	 * @return Response The modified Response object
+	 */
+
 	public function handle( Request $request, Response $response ): Response {
 		$response->addHttpHeaders(
 			array(
@@ -26,6 +41,12 @@ public function handle( Request $request, Response $response ): Response {
 		return $response;
 	}
 
+	/**
+	 * Retrieve the key information
+	 *
+	 * @return array An array containing the key information (kty, use, alg, n, e)
+	 */
+
 	private function key_info(): array {
 		$key = openssl_pkey_get_details( openssl_pkey_get_public( $this->public_key ) );
 

diff --git a/src/Http/Router.php b/src/Http/Router.php
@@ -12,18 +12,49 @@ class Router {
 
 	private array $rest_routes = array();
 
+	/**
+	 * Creates a URL from a given route.
+	 *
+	 * @param string $route The route to create the URL from.
+	 *
+	 * @return string The URL created from the given route.
+	 */
+
 	public static function make_url( string $route = '' ): string {
 		return home_url( "/$route" );
 	}
 
+	/**
+	 * Constructs a REST URL for the given route.
+	 *
+	 * @param string $route The route to construct the URL for.
+	 *
+	 * @return string The constructed REST URL.
+	 */
+
 	public static function make_rest_url( string $route ): string {
 		return rest_url( self::PREFIX . "/$route" );
 	}
 
+	/**
+	 * Constructor
+	 *
+	 * @return void
+	 * @since  1.0.0
+	 * @access public
+	 */
+
 	public function __construct() {
 		add_action( 'template_redirect', array( $this, 'handle_request' ) );
 	}
 
+	/**
+	 * Add a route to the router
+	 *
+	 * @param string         $route   The route to add
+	 * @param RequestHandler $handler The request handler for the route
+	 */
+
 	public function add_route( string $route, RequestHandler $handler ) {
 		if ( isset( $this->rest_routes[ $route ] ) ) {
 			return;
@@ -32,6 +63,14 @@ public function add_route( string $route, RequestHandler $handler ) {
 		$this->routes[ $route ] = $handler;
 	}
 
+	/**
+	 * Add a new REST route
+	 *
+	 * @param string         $route   The route to add
+	 * @param RequestHandler $handler The handler for the route
+	 * @param array          $methods The HTTP methods to allow for the route (defaults to GET)
+	 */
+
 	public function add_rest_route( string $route, RequestHandler $handler, array $methods = array( 'GET' ), array $args = array() ) {
 		$route_with_prefix = self::PREFIX . "/$route";
 		if ( isset( $this->rest_routes[ $route_with_prefix ] ) ) {
@@ -57,6 +96,12 @@ function () use ( $route, $methods, $args ) {
 		);
 	}
 
+	/**
+	 * Get the current route of the request
+	 *
+	 * @return string The current route of the request
+	 */
+
 	private function get_current_route(): string {
 		$wp_url        = get_site_url();
 		$installed_dir = wp_parse_url( $wp_url, PHP_URL_PATH );
@@ -111,6 +156,14 @@ public function handle_rest_request( $wp_request ) {
 		$this->do_handle_request( $handler );
 	}
 
+	/**
+	 * Handles a request and sends a response
+	 *
+	 * @param RequestHandler $handler The request handler
+	 *
+	 * @return void
+	 */
+
 	private function do_handle_request( RequestHandler $handler ) {
 		$request  = Request::createFromGlobals();
 		$response = new Response();

diff --git a/src/OpenIDConnectServer.php b/src/OpenIDConnectServer.php
@@ -25,6 +25,14 @@ class OpenIDConnectServer {
 	private Router $router;
 	private ConsentStorage $consent_storage;
 
+	/**
+	 * Constructor for the class.
+	 *
+	 * @param string $public_key  The public key.
+	 * @param string $private_key The private key.
+	 * @param array  $clients     An array of clients.
+	 */
+
 	public function __construct( string $public_key, string $private_key, array $clients ) {
 		$this->public_key      = $public_key;
 		$this->clients         = $clients;
@@ -71,6 +79,13 @@ public function __construct( string $public_key, string $private_key, array $cli
 		$this->setup_cron_hook();
 	}
 
+	/**
+	 * Handles authentication requests
+	 *
+	 * @param Request  $request  The request object
+	 * @param Response $response The response object
+	 */
+
 	public function authenticate_handler() {
 		$request  = Request::createFromGlobals();
 		$response = new Response();
@@ -80,6 +95,14 @@ public function authenticate_handler() {
 		exit;
 	}
 
+	/**
+	 * Specifies the expected arguments for a given route.
+	 *
+	 * @param string $route The route to get the arguments for.
+	 *
+	 * @return array An array of arguments for the given route.
+	 */
+
 	private function expected_arguments_specification( $route ) {
 		switch ( $route ) {
 			case 'authorize':
@@ -127,6 +150,12 @@ private function expected_arguments_specification( $route ) {
 		}
 	}
 
+	/**
+	 * Sets up a cron hook to run weekly
+	 *
+	 * @return void
+	 */
+
 	public function setup_cron_hook() {
 		if ( ! wp_next_scheduled( 'oidc_cron_hook' ) ) {
 			wp_schedule_event( time(), 'weekly', 'oidc_cron_hook' );
@@ -135,7 +164,6 @@ public function setup_cron_hook() {
 
 	/**
 	 * This function is invoked from uninstall.php
-	 *
 	 * As of v1.0 we have two things that are being stored and should be removed on uninstall:
 	 * 1) Consent storage
 	 * 2) Auth code storage