🤖 Rector and PHPCS fixes
This commit is contained in:
splitbrain
GitHub
parent
6fdb83b6d2
commit
cf927d0791
|
|
@ -6,22 +6,25 @@ use dokuwiki\Action\Exception\ActionAbort;
|
|||
use dokuwiki\Action\Exception\ActionException;
|
||||
use dokuwiki\JWT;
|
||||
|
||||
class Authtoken extends AbstractUserAction {
|
||||
|
||||
class Authtoken extends AbstractUserAction
|
||||
{
|
||||
/** @inheritdoc */
|
||||
public function minimumPermission() {
|
||||
public function minimumPermission()
|
||||
{
|
||||
return AUTH_NONE;
|
||||
}
|
||||
|
||||
/** @inheritdoc */
|
||||
public function checkPreconditions() {
|
||||
public function checkPreconditions()
|
||||
{
|
||||
parent::checkPreconditions();
|
||||
|
||||
if(!checkSecurityToken()) throw new ActionException('profile');
|
||||
if (!checkSecurityToken()) throw new ActionException('profile');
|
||||
}
|
||||
|
||||
/** @inheritdoc */
|
||||
public function preProcess() {
|
||||
public function preProcess()
|
||||
{
|
||||
global $INPUT;
|
||||
parent::preProcess();
|
||||
$token = JWT::fromUser($INPUT->server->str('REMOTE_USER'));
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ namespace dokuwiki;
|
|||
*/
|
||||
class JWT
|
||||
{
|
||||
|
||||
protected $user;
|
||||
protected $issued;
|
||||
protected $secret;
|
||||
|
|
@ -56,7 +55,7 @@ class JWT
|
|||
$header = json_decode(base64_decode($header), true, 512, JSON_THROW_ON_ERROR);
|
||||
$payload = json_decode(base64_decode($payload), true, 512, JSON_THROW_ON_ERROR);
|
||||
} catch (\Exception $e) {
|
||||
throw new \Exception('Invalid JWT');
|
||||
throw new \Exception('Invalid JWT', $e->getCode(), $e);
|
||||
}
|
||||
|
||||
if (!$header || !$payload || !$signature) {
|
||||
|
|
@ -82,7 +81,7 @@ class JWT
|
|||
throw new \Exception('JWT not found, maybe it expired?');
|
||||
}
|
||||
|
||||
if(file_get_contents($file) !== $token) {
|
||||
if (file_get_contents($file) !== $token) {
|
||||
throw new \Exception('JWT invalid, maybe it expired?');
|
||||
}
|
||||
|
||||
|
|
@ -126,12 +125,14 @@ class JWT
|
|||
'typ' => 'JWT',
|
||||
];
|
||||
$header = base64_encode(json_encode($header));
|
||||
|
||||
$payload = [
|
||||
'iss' => 'dokuwiki',
|
||||
'sub' => $this->user,
|
||||
'iat' => $this->issued,
|
||||
];
|
||||
$payload = base64_encode(json_encode($payload));
|
||||
$payload = base64_encode(json_encode($payload, JSON_THROW_ON_ERROR));
|
||||
|
||||
$signature = hash_hmac('sha256', "$header.$payload", self::getSecret(), true);
|
||||
$signature = base64_encode($signature);
|
||||
return "$header.$payload.$signature";
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ namespace dokuwiki\Remote;
|
|||
*/
|
||||
class JsonRpcServer
|
||||
{
|
||||
|
||||
protected $remote;
|
||||
|
||||
/**
|
||||
|
|
@ -16,7 +15,7 @@ class JsonRpcServer
|
|||
public function __construct()
|
||||
{
|
||||
$this->remote = new Api();
|
||||
$this->remote->setFileTransformation(array($this, 'toFile'));
|
||||
$this->remote->setFileTransformation([$this, 'toFile']);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -94,5 +93,4 @@ class JsonRpcServer
|
|||
{
|
||||
return base64_encode($data);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
22
inc/auth.php
22
inc/auth.php
|
|
@ -10,6 +10,7 @@
|
|||
* @author Andreas Gohr <andi@splitbrain.org>
|
||||
*/
|
||||
|
||||
use dokuwiki\JWT;
|
||||
use phpseclib\Crypt\AES;
|
||||
use dokuwiki\Utf8\PhpString;
|
||||
use dokuwiki\Extension\AuthPlugin;
|
||||
|
|
@ -91,7 +92,7 @@ function auth_setup()
|
|||
$INPUT->set('p', stripctl($INPUT->str('p')));
|
||||
}
|
||||
|
||||
if(!auth_tokenlogin()) {
|
||||
if (!auth_tokenlogin()) {
|
||||
$ok = null;
|
||||
|
||||
if ($auth instanceof AuthPlugin && $auth->canDo('external')) {
|
||||
|
|
@ -173,29 +174,30 @@ function auth_loadACL()
|
|||
*
|
||||
* @return bool true if token login succeeded
|
||||
*/
|
||||
function auth_tokenlogin() {
|
||||
function auth_tokenlogin()
|
||||
{
|
||||
global $USERINFO;
|
||||
global $INPUT;
|
||||
/** @var DokuWiki_Auth_Plugin $auth */
|
||||
global $auth;
|
||||
if(!$auth) return false;
|
||||
if (!$auth) return false;
|
||||
|
||||
// see if header has token
|
||||
$header = '';
|
||||
if(function_exists('getallheaders')) {
|
||||
if (function_exists('getallheaders')) {
|
||||
// Authorization headers are not in $_SERVER for mod_php
|
||||
$headers = array_change_key_case(getallheaders());
|
||||
if(isset($headers['authorization'])) $header = $headers['authorization'];
|
||||
if (isset($headers['authorization'])) $header = $headers['authorization'];
|
||||
} else {
|
||||
$header = $INPUT->server->str('HTTP_AUTHORIZATION');
|
||||
}
|
||||
if(!$header) return false;
|
||||
list($type, $token) = sexplode(' ', $header, 2);
|
||||
if($type !== 'Bearer') return false;
|
||||
if (!$header) return false;
|
||||
[$type, $token] = sexplode(' ', $header, 2);
|
||||
if ($type !== 'Bearer') return false;
|
||||
|
||||
// check token
|
||||
try {
|
||||
$authtoken = \dokuwiki\JWT::validate($token);
|
||||
$authtoken = JWT::validate($token);
|
||||
} catch (Exception $e) {
|
||||
msg(hsc($e->getMessage()), -1);
|
||||
return false;
|
||||
|
|
@ -204,7 +206,7 @@ function auth_tokenlogin() {
|
|||
// fetch user info from backend
|
||||
$user = $authtoken->getUser();
|
||||
$USERINFO = $auth->getUserData($user);
|
||||
if(!$USERINFO) return false;
|
||||
if (!$USERINFO) return false;
|
||||
|
||||
// the code is correct, set up user
|
||||
$INPUT->server->set('REMOTE_USER', $user);
|
||||
|
|
|
|||
|
|
@ -28,4 +28,4 @@ try {
|
|||
];
|
||||
}
|
||||
|
||||
echo json_encode($result);
|
||||
echo json_encode($result, JSON_THROW_ON_ERROR);
|
||||
|
|
|
|||
Loading…
Reference in New Issue