diogo/indieauth
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added auth request parameter validation, tests. Started work on exchange methods

Browse Source
This commit is contained in:
Barnaby Walters
2021-06-10 18:18:49 +02:00
parent e3c3d124bb
commit 9fc7299232
3 changed files with 64 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Storage/FilesystemJsonStorage.php
View File

@@ -55,6 +55,10 @@ class FilesystemJsonStorage implements TokenStorageInterface, LoggerAwareInterfa
public function createAuthCode(array $data): ?Token {
$authCode = generateRandomString(self::TOKEN_LENGTH);
$accessToken = $this->hash($authCode);
if (!array_key_exists('valid_until', $data)) {
$data['valid_until'] = time() + $this->authCodeTtl;
}
if (!$this->put($accessToken, $data)) {
return null;
@@ -82,7 +86,7 @@ class FilesystemJsonStorage implements TokenStorageInterface, LoggerAwareInterfa
if ($data['exchanged_at'] ?? false) { return null; }
// Make sure the auth code isnt expired.
if ($data['valid_until'] ?? 0 < time()) { return null; }
if (($data['valid_until'] ?? 0) < time()) { return null; }echo 'h';
// If the access token is valid, mark it as redeemed and set a new expiry time.
$data['exchanged_at'] = time();