diogo/indieauth
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Created default authorization and authentication callbacks

Browse Source 
* Created corresponding templates
* Changed how Server configuration works
* Ensured that rauthorization approval requests verify their indieauth parameters
* Wrote first passing test for Server, fixed a variety of small errors along the way
This commit is contained in:
Barnaby Walters
2021-06-07 20:32:02 +02:00
parent 4d3a025296
commit b2c4f8eee5
11 changed files with 382 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/functions.php
View File

@@ -21,6 +21,21 @@ function generateRandomString($numBytes) {
return bin2hex($bytes);
}
function hashAuthorizationRequestParameters(ServerRequestInterface $request, string $secret, ?string $algo=null, ?array $hashedParameters=null): ?string {
$hashedParameters = $hashedParameters ?? ['client_id', 'redirect_uri', 'code_challenge', 'code_challenge_method'];
$algo = $algo ?? 'sha256';
$queryParams = $request->getQueryParams();
$data = '';
foreach ($hashedParameters as $key) {
if (!array_key_exists($key, $queryParams)) {
return null;
}
$data .= $queryParams[$key];
}
return hash_hmac($algo, $data, $secret);
}
function isIndieAuthAuthorizationCodeRedeemingRequest(ServerRequestInterface $request) {
return strtolower($request->getMethod()) == 'post'
&& array_key_exists('grant_type', $request->getParsedBody())