Documented config parameter

2021-06-18 00:48:05 +02:00 · 2021-06-18 00:48:05 +02:00 · a2d8223650
commit a2d8223650
parent 1af270b42f
2 changed files with 25 additions and 5 deletions
--- a/docs/classes/Taproot-IndieAuth-Server.html
+++ b/docs/classes/Taproot-IndieAuth-Server.html
@ -832,7 +832,7 @@ documentation for both handling methods for further documentation about them.</p
    <aside class="phpdocumentor-element-found-in">
    <abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
    :
-    <span class="phpdocumentor-element-found-in__line">193</span>
+    <span class="phpdocumentor-element-found-in__line">201</span>
 </aside>

        <p class="phpdocumentor-summary">Constructor</p>
@ -911,6 +911,18 @@ Returning <code class="prettyprint">null</code> will result in a standard <code
 <li>
 <code class="prettyprint">logger</code>: An instance of <code class="prettyprint">LoggerInterface</code>. Will be used for internal logging, and will also be set
 as the logger for any objects passed in config which implement <code class="prettyprint">LoggerAwareInterface</code>.</li>
+<li>
+<code class="prettyprint">requirePKCE</code>: bool, default true. Setting this to <code class="prettyprint">false</code> allows requests which don’t provide PKCE
+parameters (code_challenge, code_challenge_method, code_verifier), under the following conditions:
+<ul>
+<li>If any of the PKCE parameters are present in an authorization code request, all must be present
+and valid.</li>
+<li>If an authorization code request lacks PKCE parameters, the created auth code can only be exchanged
+by an exchange request without parameters.</li>
+<li>If authorization codes are stored without PKCE parameters, and then <code class="prettyprint">requirePKCE</code> is set to <code class="prettyprint">true</code>,
+these old authorization codes will no longer be redeemable.</li>
+</ul>
+</li>
 </ul>
 </section>

@ -949,7 +961,7 @@ as the logger for any objects passed in config which implement <code class="pret
    <aside class="phpdocumentor-element-found-in">
    <abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
    :
-    <span class="phpdocumentor-element-found-in__line">291</span>
+    <span class="phpdocumentor-element-found-in__line">299</span>
 </aside>

    
@ -981,7 +993,7 @@ as the logger for any objects passed in config which implement <code class="pret
    <aside class="phpdocumentor-element-found-in">
    <abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
    :
-    <span class="phpdocumentor-element-found-in__line">330</span>
+    <span class="phpdocumentor-element-found-in__line">338</span>
 </aside>

        <p class="phpdocumentor-summary">Handle Authorization Endpoint Request</p>
@ -1056,7 +1068,7 @@ error behaviour, one way to do so is to subclass <code class="prettyprint">Serve
    <aside class="phpdocumentor-element-found-in">
    <abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
    :
-    <span class="phpdocumentor-element-found-in__line">712</span>
+    <span class="phpdocumentor-element-found-in__line">720</span>
 </aside>

        <p class="phpdocumentor-summary">Handle Token Endpoint Request</p>
@ -1112,7 +1124,7 @@ error behaviour, one way to do so is to subclass <code class="prettyprint">Serve
    <aside class="phpdocumentor-element-found-in">
    <abbr class="phpdocumentor-element-found-in__file" title="src/Server.php"><a href="files/src-server.html"><abbr title="src/Server.php">Server.php</abbr></a></abbr>
    :
-    <span class="phpdocumentor-element-found-in__line">816</span>
+    <span class="phpdocumentor-element-found-in__line">824</span>
 </aside>

        <p class="phpdocumentor-summary">Handle Exception</p>
--- a/src/Server.php
+++ b/src/Server.php
@ -186,6 +186,14 @@ class Server {
 	 *   Returning `null` will result in a standard `invalid_request` error being returned.
 	 * * `logger`: An instance of `LoggerInterface`. Will be used for internal logging, and will also be set
 	 *   as the logger for any objects passed in config which implement `LoggerAwareInterface`.
+	 * * `requirePKCE`: bool, default true. Setting this to `false` allows requests which don’t provide PKCE
+	 *   parameters (code_challenge, code_challenge_method, code_verifier), under the following conditions:
+	 *     * If any of the PKCE parameters are present in an authorization code request, all must be present
+	 *       and valid.
+	 *     * If an authorization code request lacks PKCE parameters, the created auth code can only be exchanged
+	 *       by an exchange request without parameters.
+	 *     * If authorization codes are stored without PKCE parameters, and then `requirePKCE` is set to `true`,
+	 *       these old authorization codes will no longer be redeemable.
 	 * 
 	 * @param array $config An array of configuration variables
 	 * @return self