Fix styling

CHANGELOG.md

@@ -19,6 +19,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Authorization Request objects are now created through the factory method, `createAuthorizationRequest()` (PR #1111)
 - Changed parameters for `finalizeScopes()` to allow a reference to an auth code ID (PR #1112)
 
+### Removed
+- Removed message property from OAuthException HTTP response. Now just use error_description as per the OAuth 2 spec (PR #1375)
+
 ### [8.3.6] - released 2022-11-14
 ### Fixed
 - Use LooseValidAt instead of StrictValidAt so that users aren't forced to use claims such as NBF in their JWT tokens (PR #1312)

phpstan.neon.dist

@@ -4,6 +4,10 @@ parameters:
         - src
         - tests
     ignoreErrors:
+        -
+          message: '#Call to an undefined method League\\OAuth2\\Server\\ResponseTypes\\ResponseTypeInterface::getAccessToken\(\)\.#'
+          path: tests/Grant/ClientCredentialsGrantTest.php 
+        - '#Return type \(League\\Event\\EmitterInterface\|null\) of method LeagueTests\\Stubs\\GrantType::getEmitter\(\) should be covariant with return type \(League\\Event\\EmitterInterface\) of method League\\Event\\EmitterAwareInterface::getEmitter\(\)#'
         - '#Method League\\OAuth2\\Server\\Grant\\AbstractGrant::issueAccessToken\(\) should return League\\OAuth2\\Server\\Entities\\AccessTokenEntityInterface but return statement is missing\.#'
         - '#Method League\\OAuth2\\Server\\Grant\\AbstractGrant::issueAuthCode\(\) should return League\\OAuth2\\Server\\Entities\\AuthCodeEntityInterface but return statement is missing\.#'
         - '#Method League\\OAuth2\\Server\\Grant\\AbstractGrant::issueRefreshToken\(\) should return League\\OAuth2\\Server\\Entities\\RefreshTokenEntityInterface\|null but return statement is missing\.#'

src/AuthorizationServer.php

@@ -48,12 +48,6 @@ class AuthorizationServer implements EmitterAwareInterface
 
     protected ResponseTypeInterface $responseType;
 
-    private ClientRepositoryInterface $clientRepository;
-
-    private AccessTokenRepositoryInterface $accessTokenRepository;
-
-    private ScopeRepositoryInterface $scopeRepository;
-
     private string|Key $encryptionKey;
 
     private string $defaultScope = '';
@@ -64,16 +58,13 @@ class AuthorizationServer implements EmitterAwareInterface
      * New server instance
      */
     public function __construct(
-        ClientRepositoryInterface $clientRepository,
-        AccessTokenRepositoryInterface $accessTokenRepository,
-        ScopeRepositoryInterface $scopeRepository,
+        private ClientRepositoryInterface $clientRepository,
+        private AccessTokenRepositoryInterface $accessTokenRepository,
+        private ScopeRepositoryInterface $scopeRepository,
         CryptKeyInterface|string $privateKey,
         Key|string $encryptionKey,
         ResponseTypeInterface|null $responseType = null
     ) {
-        $this->clientRepository = $clientRepository;
-        $this->accessTokenRepository = $accessTokenRepository;
-        $this->scopeRepository = $scopeRepository;
 
         if ($privateKey instanceof CryptKeyInterface === false) {
             $privateKey = new CryptKey($privateKey);

src/AuthorizationValidators/BearerTokenValidator.php

@@ -39,20 +39,16 @@ class BearerTokenValidator implements AuthorizationValidatorInterface
 {
     use CryptTrait;
 
-    private AccessTokenRepositoryInterface $accessTokenRepository;
-
     protected CryptKeyInterface $publicKey;
 
     private Configuration $jwtConfiguration;
 
-    public function __construct(AccessTokenRepositoryInterface $accessTokenRepository)
+    public function __construct(private AccessTokenRepositoryInterface $accessTokenRepository)
     {
-        $this->accessTokenRepository = $accessTokenRepository;
     }
 
     /**
      * Set the public key
-     *
      */
     public function setPublicKey(CryptKeyInterface $key): void
     {
@@ -113,7 +109,7 @@ public function validateAuthorization(ServerRequestInterface $request): ServerRe
             throw OAuthServerException::accessDenied('Access token could not be verified');
         }
 
-        if (! $token instanceof UnencryptedToken) {
+        if (!$token instanceof UnencryptedToken) {
             throw OAuthServerException::accessDenied('Access token is not an instance of UnencryptedToken');
         }
 
@@ -135,6 +131,7 @@ public function validateAuthorization(ServerRequestInterface $request): ServerRe
     /**
      * Convert single record arrays into strings to ensure backwards compatibility between v4 and v3.x of lcobucci/jwt
      *
+     * TODO: Investigate as I don't think we need this any more
      *
      * @return array<string>|string
      */

src/CodeChallengeVerifiers/CodeChallengeVerifierInterface.php

@@ -16,14 +16,11 @@ interface CodeChallengeVerifierInterface
 {
     /**
      * Return code challenge method.
-     *
      */
     public function getMethod(): string;
 
     /**
      * Verify the code challenge.
-     *
-     *
      */
     public function verifyCodeChallenge(string $codeVerifier, string $codeChallenge): bool;
 }

src/CodeChallengeVerifiers/PlainVerifier.php

@@ -18,7 +18,6 @@ class PlainVerifier implements CodeChallengeVerifierInterface
 {
     /**
      * Return code challenge method.
-     *
      */
     public function getMethod(): string
     {
@@ -27,8 +26,6 @@ public function getMethod(): string
 
     /**
      * Verify the code challenge.
-     *
-     *
      */
     public function verifyCodeChallenge(string $codeVerifier, string $codeChallenge): bool
     {

src/CodeChallengeVerifiers/S256Verifier.php

@@ -22,7 +22,6 @@ class S256Verifier implements CodeChallengeVerifierInterface
 {
     /**
      * Return code challenge method.
-     *
      */
     public function getMethod(): string
     {
@@ -31,8 +30,6 @@ public function getMethod(): string
 
     /**
      * Verify the code challenge.
-     *
-     *
      */
     public function verifyCodeChallenge(string $codeVerifier, string $codeChallenge): bool
     {

src/CryptKey.php

@@ -41,11 +41,8 @@ class CryptKey implements CryptKeyInterface
 
     protected string $keyPath;
 
-    protected ?string $passPhrase = null;
-
-    public function __construct(string $keyPath, ?string $passPhrase = null, bool $keyPermissionsCheck = true)
+    public function __construct(string $keyPath, protected ?string $passPhrase = null, bool $keyPermissionsCheck = true)
     {
-        $this->passPhrase = $passPhrase;
 
         if (strpos($keyPath, self::FILE_PREFIX) !== 0 && $this->isValidKey($keyPath, $this->passPhrase ?? '')) {
             $this->keyContents = $keyPath;
@@ -103,8 +100,6 @@ public function getKeyContents(): string
 
     /**
      * Validate key contents.
-     *
-     *
      */
     private function isValidKey(string $contents, string $passPhrase): bool
     {

src/CryptTrait.php

@@ -28,9 +28,7 @@ trait CryptTrait
     /**
      * Encrypt data with encryptionKey.
      *
-     *
      * @throws LogicException
-     *
      */
     protected function encrypt(string $unencryptedData): string
     {
@@ -52,9 +50,7 @@ protected function encrypt(string $unencryptedData): string
     /**
      * Decrypt data with encryptionKey.
      *
-     *
      * @throws LogicException
-     *
      */
     protected function decrypt(string $encryptedData): string
     {

src/Entities/ClientEntityInterface.php

@@ -16,28 +16,24 @@ interface ClientEntityInterface
 {
     /**
      * Get the client's identifier.
-     *
      */
     public function getIdentifier(): string;
 
     /**
      * Get the client's name.
-     *
      */
     public function getName(): string;
 
     /**
-     * Returns the registered redirect URI (as a string).
-     *
-     * Alternatively return an indexed array of redirect URIs.
+     * Returns the registered redirect URI (as a string). Alternatively return
+     * an indexed array of redirect URIs.
      *
      * @return string|string[]
      */
     public function getRedirectUri(): string|array;
 
     /**
      * Returns true if the client is confidential.
-     *
      */
     public function isConfidential(): bool;
 }

src/Entities/RefreshTokenEntityInterface.php

@@ -18,7 +18,6 @@ interface RefreshTokenEntityInterface
 {
     /**
      * Get the token's identifier.
-     *
      */
     public function getIdentifier(): string;
 

src/Entities/ScopeEntityInterface.php

@@ -18,7 +18,6 @@ interface ScopeEntityInterface extends JsonSerializable
 {
     /**
      * Get the scope's identifier.
-     *
      */
     public function getIdentifier(): string;
 }

src/Entities/TokenInterface.php

@@ -18,7 +18,6 @@ interface TokenInterface
 {
     /**
      * Get the token's identifier.
-     *
      */
     public function getIdentifier(): string;
 
@@ -29,7 +28,6 @@ public function setIdentifier(mixed $identifier): void;
 
     /**
      * Get the token's expiry date time.
-     *
      */
     public function getExpiryDateTime(): DateTimeImmutable;
 

src/Entities/Traits/AccessTokenTrait.php

@@ -56,7 +56,6 @@ public function initJwtConfiguration(): void
 
     /**
      * Generate a JWT from the access token
-     *
      */
     private function convertToJWT(): Token
     {
@@ -75,6 +74,8 @@ private function convertToJWT(): Token
 
     /**
      * Generate a string representation from the access token
+     *
+     * TODO: Want to remove this function.
      */
     public function __toString(): string
     {

src/Entities/Traits/ClientTrait.php

@@ -34,9 +34,8 @@ public function getName(): string
     }
 
     /**
-     * Returns the registered redirect URI (as a string).
-     *
-     * Alternatively return an indexed array of redirect URIs.
+     * Returns the registered redirect URI (as a string). Alternatively return
+     * an indexed array of redirect URIs.
      *
      * @return string|string[]
      */
@@ -47,7 +46,6 @@ public function getRedirectUri(): string|array
 
     /**
      * Returns true if the client is confidential.
-     *
      */
     public function isConfidential(): bool
     {

src/Entities/Traits/ScopeTrait.php

@@ -16,7 +16,6 @@ trait ScopeTrait
 {
     /**
      * Serialize the object to the scopes string identifier when using json_encode().
-     *
      */
     public function jsonSerialize(): string
     {

src/Entities/Traits/TokenEntityTrait.php

@@ -33,7 +33,6 @@ trait TokenEntityTrait
 
     /**
      * Associate a scope with the token.
-     *
      */
     public function addScope(ScopeEntityInterface $scope): void
     {
@@ -78,7 +77,6 @@ public function setUserIdentifier(string|int|null $identifier): void
 
     /**
      * Get the token user's identifier.
-     *
      */
     public function getUserIdentifier(): string|int|null
     {

src/Entities/UserEntityInterface.php

@@ -16,7 +16,6 @@ interface UserEntityInterface
 {
     /**
      * Return the user's identifier.
-     *
      */
     public function getIdentifier(): mixed;
 }