Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use Promises generic types #59

Merged
merged 5 commits into from
Oct 31, 2023
Merged

Use Promises generic types #59

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
4a747f4
Use Promises generic types
Ndiritu Oct 25, 2023
4992980
Disable PHP-HTTP discovery plugin
Ndiritu Oct 25, 2023
26a0d96
Update CHANGELOG and bump version
Ndiritu Oct 30, 2023
46db42c
Merge pull request #58 from microsoft/fix/disable-php-http-discovery
SilasKenneth Oct 30, 2023
3391392
Apply code review feedback
Ndiritu Oct 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,19 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased]

### Added
- Adds CHANGELOG.


### Changed

## [0.9.0] - 2023-10-30

### Added
- Adds CHANGELOG. [#54](https://github.com/microsoft/kiota-authentication-phpleague-php/pull/54)
- Adds Generics to Promise return types. [#59](https://github.com/microsoft/kiota-authentication-phpleague-php/pull/59)

### Changed
- Allow `http` scheme for localhost urls. [#56](https://github.com/microsoft/kiota-authentication-phpleague-php/pull/56)
- Disable PHP-HTTP discovery plugin. [#58](https://github.com/microsoft/kiota-authentication-phpleague-php/pull/58)

## [0.8.3] - 2023-10-05

Expand Down
7 changes: 6 additions & 1 deletion composer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
"php": "^7.4 | ^8.0",
"league/oauth2-client": "^2.6.1",
"php-http/promise": "^1.1.0",
"microsoft/kiota-abstractions": "^0.7.0 || ^0.8.0",
"microsoft/kiota-abstractions": "^0.9.0",
"firebase/php-jwt": "^v6.0.0",
"ramsey/uuid": "^4.2.3",
"ext-openssl": "*",
Expand All @@ -32,5 +32,10 @@
"psr-4": {
"Microsoft\\Kiota\\Authentication\\Test\\": "tests/"
}
},
"config": {
"allow-plugins": {
"php-http/discovery": false
}
}
}
2 changes: 1 addition & 1 deletion src/Constants.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,5 @@

class Constants
{
public const VERSION = "0.8.3";
public const VERSION = "0.9.0";
}
6 changes: 3 additions & 3 deletions src/Oauth/CAEConfigurationTrait.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ trait CAEConfigurationTrait
{
/**
* Should return Promise that resolves with a new TokenRequestContext object to be used for a new token request
* @var null|callable(string $claims): Promise
* @var null|callable(string $claims): Promise<TokenRequestContext>
*/
private $caeRedirectCallback = null;

Expand Down Expand Up @@ -43,7 +43,7 @@ public function isCAEEnabled(): bool
* when this lib is unable to refresh the token using CAE claims.
* If this callback returns a Promise that resolves to a new token request context with the new authentication
* code/assertion then a new token is requested.
* @return null|callable(string $claims): Promise
* @return null|callable(string $claims): Promise<TokenRequestContext>
*/
public function getCAERedirectCallback(): ?callable
{
Expand All @@ -59,7 +59,7 @@ public function setCAEEnabled(bool $caeEnabled): void
}

/**
* @param null|callable(string $claims): Promise $callback
* @param null|callable(string $claims): Promise<TokenRequestContext> $callback
*/
public function setCAERedirectCallback(?callable $callback = null): void
{
Expand Down
2 changes: 1 addition & 1 deletion src/Oauth/TokenRequestContext.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ public function isCAEEnabled(): bool;
* If this callback returns a Promise that resolves to a new token request context with the new authentication
* code/assertion then a new token is requested.
*
* @return null|callable(string $claims): Promise
* @return null|callable(string $claims): Promise<TokenRequestContext>
*/
public function getCAERedirectCallback(): ?callable;
}
16 changes: 10 additions & 6 deletions src/PhpLeagueAccessTokenProvider.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
use Http\Promise\FulfilledPromise;
use Http\Promise\Promise;
use Http\Promise\RejectedPromise;
use InvalidArgumentException;
use League\OAuth2\Client\Provider\AbstractProvider;
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Token\AccessToken;
Expand Down Expand Up @@ -112,24 +113,27 @@ public function __construct(
*/
public function getAuthorizationTokenAsync(string $url, array $additionalAuthenticationContext = []): Promise
{
$span = $this->tracer->spanBuilder('getAuthorizationTokenAsync')
->startSpan();
$span = $this->tracer->spanBuilder('getAuthorizationTokenAsync')->startSpan();
$scope = $span->activate();
$parsedUrl = parse_url($url);
$scheme = $parsedUrl["scheme"] ?? null;
$host = $parsedUrl["host"] ?? '';
try {
if (!$this->getAllowedHostsValidator()->isUrlHostValid($url)) {
$span->setAttribute(self::URL_VALID_KEY, false);
return new FulfilledPromise(null);
}

$isLocalhost = $this->isLocalHostUrl($host);

if (($scheme !== 'https' || !$this->getAllowedHostsValidator()->isUrlHostValid($url))
&& !$isLocalhost) {
if ($scheme !== 'https' && !$isLocalhost) {
$span->setAttribute(self::URL_VALID_KEY, false);
return new FulfilledPromise(null);
throw new InvalidArgumentException("Invalid URL. External URLs MUST use HTTPS and localhost URLs MAY use HTTP.");
}
$span->setAttribute(self::URL_VALID_KEY, true);
$this->scopes = $this->scopes ?: ["{$scheme}://{$host}/.default"];
$span->setAttribute(self::SCOPES_KEY, implode(',', $this->scopes));
$params = array_merge($this->tokenRequestContext->getParams(), ['scope' => implode(' ', $this->scopes)]);
$params = array_merge($this->tokenRequestContext->getParams(), ['scope' => implode(' ', $this->scopes)]);
if ($additionalAuthenticationContext['claims'] ?? false) {
$span->setAttribute(self::CONTAINS_CLAIMS_KEY, true);
$claims = base64_decode(strval($additionalAuthenticationContext['claims']));
Expand Down
4 changes: 3 additions & 1 deletion tests/PhpLeagueAccessTokenProviderTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
use GuzzleHttp\Psr7\Request;
use GuzzleHttp\Psr7\Response;
use Http\Promise\FulfilledPromise;
use InvalidArgumentException;
use League\OAuth2\Client\Token\AccessToken;
use Microsoft\Kiota\Authentication\Oauth\AuthorizationCodeCertificateContext;
use Microsoft\Kiota\Authentication\Oauth\AuthorizationCodeContext;
Expand Down Expand Up @@ -189,7 +190,8 @@ function (Request $request) use ($tokenRequestContext) {

public function testGetAuthTokenWithInsecureUrlDoesntReturnAccessToken(): void
{
$this->assertNull($this->defaultTokenProvider->getAuthorizationTokenAsync('http://example.com')->wait());
$this->expectException(InvalidArgumentException::class);
$this->defaultTokenProvider->getAuthorizationTokenAsync('http://example.com')->wait();
}

public function testGetAccessTokenWithLocalhostStringWithHttpReturnsAccessToken(): void
Expand Down