friendship ended with social-app. php is my new best friend
veryroundbird.house
1<?php
2/**
3 * Trait OAuthOptionsTrait
4 *
5 * @created 29.01.2018
6 * @author smiley <smiley@chillerlan.net>
7 * @copyright 2018 smiley
8 * @license MIT
9 */
10declare(strict_types=1);
11
12namespace chillerlan\OAuth;
13
14use chillerlan\OAuth\Storage\OAuthStorageException;
15use chillerlan\Utilities\{Directory, File};
16use function max, min, preg_match, sprintf, trim;
17
18/**
19 * The settings for the OAuth provider
20 *
21 * @property string $key
22 * @property string $secret
23 * @property string $callbackURL
24 * @property bool $useStorageEncryption
25 * @property string $storageEncryptionKey
26 * @property bool $tokenAutoRefresh
27 * @property bool $sessionStart
28 * @property bool $sessionStop
29 * @property string $sessionStorageVar
30 * @property string $fileStoragePath
31 * @property int $pkceVerifierLength
32 */
33trait OAuthOptionsTrait{
34
35 /**
36 * The application key (or client-id) given by your provider
37 */
38 protected string $key = '';
39
40 /**
41 * The application secret given by your provider
42 */
43 protected string $secret = '';
44
45 /**
46 * The (main) callback URL associated with your application
47 */
48 protected string $callbackURL = '';
49
50 /**
51 * Whether to use encryption for the file storage
52 *
53 * @see \chillerlan\OAuth\Storage\FileStorage
54 */
55 protected bool $useStorageEncryption = false;
56
57 /**
58 * The encryption key (hexadecimal) to use
59 *
60 * @see \sodium_crypto_secretbox_keygen()
61 * @see \chillerlan\OAuth\Storage\FileStorage
62 */
63 protected string $storageEncryptionKey = '';
64
65 /**
66 * Whether to automatically refresh access tokens (OAuth2)
67 *
68 * @see \chillerlan\OAuth\Core\TokenRefresh::refreshAccessToken()
69 */
70 protected bool $tokenAutoRefresh = true;
71
72 /**
73 * Whether to start the session when session storage is used
74 *
75 * Note: this will only start a session if there is no active session present
76 *
77 * @see \session_status()
78 * @see \chillerlan\OAuth\Storage\SessionStorage
79 */
80 protected bool $sessionStart = true;
81
82 /**
83 * Whether to end the session when session storage is used
84 *
85 * Note: this is set to `false` by default to not interfere with other session managers
86 *
87 * @see \session_status()
88 * @see \chillerlan\OAuth\Storage\SessionStorage
89 */
90 protected bool $sessionStop = false;
91
92 /**
93 * The session key for the storage array
94 *
95 * @see \chillerlan\OAuth\Storage\SessionStorage
96 */
97 protected string $sessionStorageVar = 'chillerlan-oauth-storage';
98
99 /**
100 * The file storage root path (requires permissions 0777)
101 *
102 * @see \is_writable()
103 * @see \chillerlan\OAuth\Storage\FileStorage
104 */
105 protected string $fileStoragePath = '';
106
107 /**
108 * The length of the PKCE challenge verifier (43-128 characters)
109 *
110 * @link https://datatracker.ietf.org/doc/html/rfc7636#section-4.1
111 */
112 protected int $pkceVerifierLength = 128;
113
114 /**
115 * sets an encryption key
116 */
117 protected function set_storageEncryptionKey(string $storageEncryptionKey):void{
118
119 if(!preg_match('/^[a-f\d]{64}$/i', $storageEncryptionKey)){
120 throw new OAuthStorageException('invalid encryption key');
121 }
122
123 $this->storageEncryptionKey = $storageEncryptionKey;
124 }
125
126 /**
127 * sets and verifies the file storage path
128 */
129 protected function set_fileStoragePath(string $fileStoragePath):void{
130 $path = File::realpath(trim($fileStoragePath));
131
132 if(!Directory::isWritable($path) || !Directory::isReadable($path)){
133 throw new OAuthStorageException(sprintf('invalid storage path "%s"', $fileStoragePath));
134 }
135
136 $this->fileStoragePath = $path;
137 }
138
139 /**
140 * clamps the PKCE verifier length between 43 and 128
141 */
142 protected function set_pkceVerifierLength(int $pkceVerifierLength):void{
143 $this->pkceVerifierLength = max(43, min(128, $pkceVerifierLength));
144 }
145
146}