d6594beebe
I forgot that PHP’s POST body parsing strips the required trailing [] from names.
297 lines
119 KiB
HTML
297 lines
119 KiB
HTML
<!DOCTYPE html>
|
||
<html lang="en">
|
||
<head>
|
||
<meta charset="UTF-8">
|
||
<title>Code Coverage for /Users/barnabywalters/Documents/Programming/taproot/indieauth/src/Callback/SingleUserPasswordAuthenticationCallback.php</title>
|
||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||
<link href="../phpunit_css/bootstrap.min.css" rel="stylesheet" type="text/css">
|
||
<link href="../phpunit_css/octicons.css" rel="stylesheet" type="text/css">
|
||
<link href="../phpunit_css/style.css" rel="stylesheet" type="text/css">
|
||
<link href="../phpunit_css/custom.css" rel="stylesheet" type="text/css">
|
||
</head>
|
||
<body>
|
||
<header>
|
||
<div class="container-fluid">
|
||
<div class="row">
|
||
<div class="col-md-12">
|
||
<nav aria-label="breadcrumb">
|
||
<ol class="breadcrumb">
|
||
<li class="breadcrumb-item"><a href="../index.html">/Users/barnabywalters/Documents/Programming/taproot/indieauth/src</a></li>
|
||
<li class="breadcrumb-item"><a href="index.html">Callback</a></li>
|
||
<li class="breadcrumb-item active">SingleUserPasswordAuthenticationCallback.php</li>
|
||
|
||
</ol>
|
||
</nav>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</header>
|
||
<div class="container-fluid">
|
||
<div class="table-responsive">
|
||
<table class="table table-bordered">
|
||
<thead>
|
||
<tr>
|
||
<td> </td>
|
||
<td colspan="10"><div align="center"><strong>Code Coverage</strong></div></td>
|
||
</tr>
|
||
<tr>
|
||
<td> </td>
|
||
<td colspan="3"><div align="center"><strong>Classes and Traits</strong></div></td>
|
||
<td colspan="4"><div align="center"><strong>Functions and Methods</strong></div></td>
|
||
<td colspan="3"><div align="center"><strong>Lines</strong></div></td>
|
||
</tr>
|
||
</thead>
|
||
<tbody>
|
||
<tr>
|
||
<td class="success">Total</td>
|
||
<td class="success big"> <div class="progress">
|
||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||
<span class="sr-only">100.00% covered (success)</span>
|
||
</div>
|
||
</div>
|
||
</td>
|
||
<td class="success small"><div align="right">100.00%</div></td>
|
||
<td class="success small"><div align="right">1 / 1</div></td>
|
||
<td class="success big"> <div class="progress">
|
||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||
<span class="sr-only">100.00% covered (success)</span>
|
||
</div>
|
||
</div>
|
||
</td>
|
||
<td class="success small"><div align="right">100.00%</div></td>
|
||
<td class="success small"><div align="right">2 / 2</div></td>
|
||
<td class="success small"><abbr title="Change Risk Anti-Patterns (CRAP) Index">CRAP</abbr></td>
|
||
<td class="success big"> <div class="progress">
|
||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||
<span class="sr-only">100.00% covered (success)</span>
|
||
</div>
|
||
</div>
|
||
</td>
|
||
<td class="success small"><div align="right">100.00%</div></td>
|
||
<td class="success small"><div align="right">29 / 29</div></td>
|
||
</tr>
|
||
|
||
<tr>
|
||
<td class="success"><abbr title="Taproot\IndieAuth\Callback\SingleUserPasswordAuthenticationCallback">SingleUserPasswordAuthenticationCallback</abbr></td>
|
||
<td class="success big"> <div class="progress">
|
||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||
<span class="sr-only">100.00% covered (success)</span>
|
||
</div>
|
||
</div>
|
||
</td>
|
||
<td class="success small"><div align="right">100.00%</div></td>
|
||
<td class="success small"><div align="right">1 / 1</div></td>
|
||
<td class="success big"> <div class="progress">
|
||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||
<span class="sr-only">100.00% covered (success)</span>
|
||
</div>
|
||
</div>
|
||
</td>
|
||
<td class="success small"><div align="right">100.00%</div></td>
|
||
<td class="success small"><div align="right">2 / 2</div></td>
|
||
<td class="success small">9</td>
|
||
<td class="success big"> <div class="progress">
|
||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||
<span class="sr-only">100.00% covered (success)</span>
|
||
</div>
|
||
</div>
|
||
</td>
|
||
<td class="success small"><div align="right">100.00%</div></td>
|
||
<td class="success small"><div align="right">29 / 29</div></td>
|
||
</tr>
|
||
|
||
<tr>
|
||
<td class="success" colspan="4"> <a href="#69"><abbr title="__construct(string $secret, array $user, string $hashedPassword, ?string $formTemplate, ?string $csrfKey, ?int $ttl)">__construct</abbr></a></td>
|
||
<td class="success big"> <div class="progress">
|
||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||
<span class="sr-only">100.00% covered (success)</span>
|
||
</div>
|
||
</div>
|
||
</td>
|
||
<td class="success small"><div align="right">100.00%</div></td>
|
||
<td class="success small"><div align="right">1 / 1</div></td>
|
||
<td class="success small">4</td>
|
||
<td class="success big"> <div class="progress">
|
||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||
<span class="sr-only">100.00% covered (success)</span>
|
||
</div>
|
||
</div>
|
||
</td>
|
||
<td class="success small"><div align="right">100.00%</div></td>
|
||
<td class="success small"><div align="right">13 / 13</div></td>
|
||
</tr>
|
||
|
||
<tr>
|
||
<td class="success" colspan="4"> <a href="#90"><abbr title="__invoke(Psr\Http\Message\ServerRequestInterface $request, string $formAction, ?string $normalizedMeUrl)">__invoke</abbr></a></td>
|
||
<td class="success big"> <div class="progress">
|
||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||
<span class="sr-only">100.00% covered (success)</span>
|
||
</div>
|
||
</div>
|
||
</td>
|
||
<td class="success small"><div align="right">100.00%</div></td>
|
||
<td class="success small"><div align="right">1 / 1</div></td>
|
||
<td class="success small">5</td>
|
||
<td class="success big"> <div class="progress">
|
||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||
<span class="sr-only">100.00% covered (success)</span>
|
||
</div>
|
||
</div>
|
||
</td>
|
||
<td class="success small"><div align="right">100.00%</div></td>
|
||
<td class="success small"><div align="right">16 / 16</div></td>
|
||
</tr>
|
||
|
||
|
||
</tbody>
|
||
</table>
|
||
</div>
|
||
<table id="code" class="table table-borderless table-condensed">
|
||
<tbody>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="1" href="#1">1</a></td><td class="col-11 codeLine"><span class="default"><?php </span><span class="keyword">declare</span><span class="keyword">(</span><span class="default">strict_types</span><span class="keyword">=</span><span class="default">1</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="2" href="#2">2</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="3" href="#3">3</a></td><td class="col-11 codeLine"><span class="keyword">namespace</span><span class="default"> </span><span class="default">Taproot</span><span class="default">\</span><span class="default">IndieAuth</span><span class="default">\</span><span class="default">Callback</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="4" href="#4">4</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="5" href="#5">5</a></td><td class="col-11 codeLine"><span class="keyword">use</span><span class="default"> </span><span class="default">BadMethodCallException</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="6" href="#6">6</a></td><td class="col-11 codeLine"><span class="keyword">use</span><span class="default"> </span><span class="default">Dflydev</span><span class="default">\</span><span class="default">FigCookies</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="7" href="#7">7</a></td><td class="col-11 codeLine"><span class="keyword">use</span><span class="default"> </span><span class="default">Nyholm</span><span class="default">\</span><span class="default">Psr7</span><span class="default">\</span><span class="default">Response</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="8" href="#8">8</a></td><td class="col-11 codeLine"><span class="keyword">use</span><span class="default"> </span><span class="default">Psr</span><span class="default">\</span><span class="default">Http</span><span class="default">\</span><span class="default">Message</span><span class="default">\</span><span class="default">ServerRequestInterface</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="9" href="#9">9</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="10" href="#10">10</a></td><td class="col-11 codeLine"><span class="keyword">use</span><span class="default"> </span><span class="keyword">function</span><span class="default"> </span><span class="default">Taproot</span><span class="default">\</span><span class="default">IndieAuth</span><span class="default">\</span><span class="default">renderTemplate</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="11" href="#11">11</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="12" href="#12">12</a></td><td class="col-11 codeLine"><span class="comment">/**</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="13" href="#13">13</a></td><td class="col-11 codeLine"><span class="comment"> * Single User Password Authentication Callback</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="14" href="#14">14</a></td><td class="col-11 codeLine"><span class="comment"> * </span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="15" href="#15">15</a></td><td class="col-11 codeLine"><span class="comment"> * A simple example authentication callback which performs authentication itself rather</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="16" href="#16">16</a></td><td class="col-11 codeLine"><span class="comment"> * than redirecting to an existing authentication flow.</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="17" href="#17">17</a></td><td class="col-11 codeLine"><span class="comment"> * </span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="18" href="#18">18</a></td><td class="col-11 codeLine"><span class="comment"> * In some cases, it may make sense for your IndieAuth server to be able to authenticate</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="19" href="#19">19</a></td><td class="col-11 codeLine"><span class="comment"> * users itself, rather than redirecting them to an existing authentication flow. This</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="20" href="#20">20</a></td><td class="col-11 codeLine"><span class="comment"> * implementation provides a simple single-user password authentication method intended</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="21" href="#21">21</a></td><td class="col-11 codeLine"><span class="comment"> * for bootstrapping and testing purposes.</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="22" href="#22">22</a></td><td class="col-11 codeLine"><span class="comment"> * </span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="23" href="#23">23</a></td><td class="col-11 codeLine"><span class="comment"> * The sign-in form can be customised by making your own template and passing the path to</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="24" href="#24">24</a></td><td class="col-11 codeLine"><span class="comment"> * the constructor.</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="25" href="#25">25</a></td><td class="col-11 codeLine"><span class="comment"> * </span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="26" href="#26">26</a></td><td class="col-11 codeLine"><span class="comment"> * Minimal usage:</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="27" href="#27">27</a></td><td class="col-11 codeLine"><span class="comment"> * </span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="28" href="#28">28</a></td><td class="col-11 codeLine"><span class="comment"> * ```php</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="29" href="#29">29</a></td><td class="col-11 codeLine"><span class="comment"> * // One-off during app configuration:</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="30" href="#30">30</a></td><td class="col-11 codeLine"><span class="comment"> * YOUR_HASHED_PASSWORD = password_hash('my super strong password', PASSWORD_DEFAULT);</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="31" href="#31">31</a></td><td class="col-11 codeLine"><span class="comment"> * </span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="32" href="#32">32</a></td><td class="col-11 codeLine"><span class="comment"> * // In your app:</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="33" href="#33">33</a></td><td class="col-11 codeLine"><span class="comment"> * use Taproot\IndieAuth;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="34" href="#34">34</a></td><td class="col-11 codeLine"><span class="comment"> * $server = new IndieAuth\Server([</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="35" href="#35">35</a></td><td class="col-11 codeLine"><span class="comment"> * …</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="36" href="#36">36</a></td><td class="col-11 codeLine"><span class="comment"> * 'authenticationHandler' => new IndieAuth\Callback\SingleUserPasswordAuthenticationCallback(</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="37" href="#37">37</a></td><td class="col-11 codeLine"><span class="comment"> * YOUR_SECRET,</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="38" href="#38">38</a></td><td class="col-11 codeLine"><span class="comment"> * ['me' => 'https://me.example.com/'],</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="39" href="#39">39</a></td><td class="col-11 codeLine"><span class="comment"> * YOUR_HASHED_PASSWORD</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="40" href="#40">40</a></td><td class="col-11 codeLine"><span class="comment"> * )</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="41" href="#41">41</a></td><td class="col-11 codeLine"><span class="comment"> * …</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="42" href="#42">42</a></td><td class="col-11 codeLine"><span class="comment"> * ]);</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="43" href="#43">43</a></td><td class="col-11 codeLine"><span class="comment"> * ```</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="44" href="#44">44</a></td><td class="col-11 codeLine"><span class="comment"> * </span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="45" href="#45">45</a></td><td class="col-11 codeLine"><span class="comment"> * See documentation for `__construct()` for information about customising behaviour.</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="46" href="#46">46</a></td><td class="col-11 codeLine"><span class="comment"> */</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="47" href="#47">47</a></td><td class="col-11 codeLine"><span class="keyword">class</span><span class="default"> </span><span class="default">SingleUserPasswordAuthenticationCallback</span><span class="default"> </span><span class="keyword">{</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="48" href="#48">48</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">const</span><span class="default"> </span><span class="default">PASSWORD_FORM_PARAMETER</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">'taproot_indieauth_server_password'</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="49" href="#49">49</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">const</span><span class="default"> </span><span class="default">LOGIN_HASH_COOKIE</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">'taproot_indieauth_server_supauth_hash'</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="50" href="#50">50</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">const</span><span class="default"> </span><span class="default">DEFAULT_COOKIE_TTL</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">60</span><span class="default"> </span><span class="keyword">*</span><span class="default"> </span><span class="default">5</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="51" href="#51">51</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="52" href="#52">52</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">public</span><span class="default"> </span><span class="default">string</span><span class="default"> </span><span class="default">$csrfKey</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="53" href="#53">53</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">public</span><span class="default"> </span><span class="default">string</span><span class="default"> </span><span class="default">$formTemplate</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="54" href="#54">54</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">protected</span><span class="default"> </span><span class="keyword">array</span><span class="default"> </span><span class="default">$user</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="55" href="#55">55</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">protected</span><span class="default"> </span><span class="default">string</span><span class="default"> </span><span class="default">$hashedPassword</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="56" href="#56">56</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">protected</span><span class="default"> </span><span class="default">string</span><span class="default"> </span><span class="default">$secret</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="57" href="#57">57</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">protected</span><span class="default"> </span><span class="default">int</span><span class="default"> </span><span class="default">$ttl</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="58" href="#58">58</a></td><td class="col-11 codeLine"><span class="default"> </span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="59" href="#59">59</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="comment">/**</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="60" href="#60">60</a></td><td class="col-11 codeLine"><span class="comment"> * Constructor</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="61" href="#61">61</a></td><td class="col-11 codeLine"><span class="comment"> * </span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="62" href="#62">62</a></td><td class="col-11 codeLine"><span class="comment"> * @param string $secret A secret key used to encrypt cookies. Can be the same as the secret passed to IndieAuth\Server.</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="63" href="#63">63</a></td><td class="col-11 codeLine"><span class="comment"> * @param array $user An array representing the user, which will be returned on a successful authentication. MUST include a 'me' key, may also contain a 'profile' key, or other keys at your discretion.</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="64" href="#64">64</a></td><td class="col-11 codeLine"><span class="comment"> * @param string $hashedPassword The password used to authenticate as $user, hashed by `password_hash($pass, PASSWORD_DEFAULT)`</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="65" href="#65">65</a></td><td class="col-11 codeLine"><span class="comment"> * @param string|null $formTemplate The path to a template used to render the sign-in form. Uses default if null.</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="66" href="#66">66</a></td><td class="col-11 codeLine"><span class="comment"> * @param string|null $csrfKey The key under which to fetch a CSRF token from `$request` attributes, and as the CSRF token name in submitted form data. Defaults to the Server default, only change if you’re using a custom CSRF middleware.</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="67" href="#67">67</a></td><td class="col-11 codeLine"><span class="comment"> * @param int|null $ttl The lifetime of the authentication cookie, in seconds. Defaults to five minutes.</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="68" href="#68">68</a></td><td class="col-11 codeLine"><span class="comment"> */</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="69" href="#69">69</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">public</span><span class="default"> </span><span class="keyword">function</span><span class="default"> </span><span class="default">__construct</span><span class="keyword">(</span><span class="default">string</span><span class="default"> </span><span class="default">$secret</span><span class="keyword">,</span><span class="default"> </span><span class="keyword">array</span><span class="default"> </span><span class="default">$user</span><span class="keyword">,</span><span class="default"> </span><span class="default">string</span><span class="default"> </span><span class="default">$hashedPassword</span><span class="keyword">,</span><span class="default"> </span><span class="keyword">?</span><span class="default">string</span><span class="default"> </span><span class="default">$formTemplate</span><span class="keyword">=</span><span class="default">null</span><span class="keyword">,</span><span class="default"> </span><span class="keyword">?</span><span class="default">string</span><span class="default"> </span><span class="default">$csrfKey</span><span class="keyword">=</span><span class="default">null</span><span class="keyword">,</span><span class="default"> </span><span class="keyword">?</span><span class="default">int</span><span class="default"> </span><span class="default">$ttl</span><span class="keyword">=</span><span class="default">null</span><span class="keyword">)</span><span class="default"> </span><span class="keyword">{</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="38 tests cover line 70" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfUserDataHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfSecretIsTooShort</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfHashedPasswordIsInvalid</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="70" href="#70">70</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">if</span><span class="default"> </span><span class="keyword">(</span><span class="default">strlen</span><span class="keyword">(</span><span class="default">$secret</span><span class="keyword">)</span><span class="default"> </span><span class="keyword"><</span><span class="default"> </span><span class="default">64</span><span class="keyword">)</span><span class="default"> </span><span class="keyword">{</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 71" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfSecretIsTooShort</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="71" href="#71">71</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">throw</span><span class="default"> </span><span class="keyword">new</span><span class="default"> </span><span class="default">BadMethodCallException</span><span class="keyword">(</span><span class="default">"\$secret must be a string with a minimum length of 64 characters."</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="72" href="#72">72</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">}</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="37 tests cover line 73" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfUserDataHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfHashedPasswordIsInvalid</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="73" href="#73">73</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">$this</span><span class="default">-></span><span class="default">secret</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">$secret</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="74" href="#74">74</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="37 tests cover line 75" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfUserDataHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfHashedPasswordIsInvalid</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="75" href="#75">75</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">$this</span><span class="default">-></span><span class="default">ttl</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">$ttl</span><span class="default"> </span><span class="default">??</span><span class="default"> </span><span class="default">self</span><span class="default">::</span><span class="default">DEFAULT_COOKIE_TTL</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="76" href="#76">76</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="37 tests cover line 77" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfUserDataHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfHashedPasswordIsInvalid</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="77" href="#77">77</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">if</span><span class="default"> </span><span class="keyword">(</span><span class="keyword">!</span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$user</span><span class="keyword">[</span><span class="default">'me'</span><span class="keyword">]</span><span class="keyword">)</span><span class="keyword">)</span><span class="default"> </span><span class="keyword">{</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 78" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfUserDataHasNoMeKey</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="78" href="#78">78</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">throw</span><span class="default"> </span><span class="keyword">new</span><span class="default"> </span><span class="default">BadMethodCallException</span><span class="keyword">(</span><span class="default">'The $user array MUST contain a “me” key, the value which must be the user’s canonical URL as a string.'</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="79" href="#79">79</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">}</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="80" href="#80">80</a></td><td class="col-11 codeLine"><span class="default"> </span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="36 tests cover line 81" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfHashedPasswordIsInvalid</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="81" href="#81">81</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">if</span><span class="default"> </span><span class="keyword">(</span><span class="default">is_null</span><span class="keyword">(</span><span class="default">password_get_info</span><span class="keyword">(</span><span class="default">$hashedPassword</span><span class="keyword">)</span><span class="keyword">[</span><span class="default">'algo'</span><span class="keyword">]</span><span class="keyword">)</span><span class="keyword">)</span><span class="default"> </span><span class="keyword">{</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 82" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testThrowsExceptionIfHashedPasswordIsInvalid</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="82" href="#82">82</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">throw</span><span class="default"> </span><span class="keyword">new</span><span class="default"> </span><span class="default">BadMethodCallException</span><span class="keyword">(</span><span class="default">'The provided $hashedPassword was not a valid hash created by the password_hash() function.'</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="83" href="#83">83</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">}</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="35 tests cover line 84" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="84" href="#84">84</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">$this</span><span class="default">-></span><span class="default">user</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">$user</span><span class="keyword">;</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="35 tests cover line 85" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="85" href="#85">85</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">$this</span><span class="default">-></span><span class="default">hashedPassword</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">$hashedPassword</span><span class="keyword">;</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="35 tests cover line 86" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="86" href="#86">86</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">$this</span><span class="default">-></span><span class="default">formTemplate</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">$formTemplate</span><span class="default"> </span><span class="default">??</span><span class="default"> </span><span class="default">__DIR__</span><span class="default"> </span><span class="keyword">.</span><span class="default"> </span><span class="default">'/../../templates/single_user_password_authentication_form.html.php'</span><span class="keyword">;</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="35 tests cover line 87" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="87" href="#87">87</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">$this</span><span class="default">-></span><span class="default">csrfKey</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">$csrfKey</span><span class="default"> </span><span class="default">??</span><span class="default"> </span><span class="default">\</span><span class="default">Taproot</span><span class="default">\</span><span class="default">IndieAuth</span><span class="default">\</span><span class="default">Server</span><span class="default">::</span><span class="default">DEFAULT_CSRF_KEY</span><span class="keyword">;</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="35 tests cover line 88" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="88" href="#88">88</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">}</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="89" href="#89">89</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="90" href="#90">90</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">public</span><span class="default"> </span><span class="keyword">function</span><span class="default"> </span><span class="default">__invoke</span><span class="keyword">(</span><span class="default">ServerRequestInterface</span><span class="default"> </span><span class="default">$request</span><span class="keyword">,</span><span class="default"> </span><span class="default">string</span><span class="default"> </span><span class="default">$formAction</span><span class="keyword">,</span><span class="default"> </span><span class="keyword">?</span><span class="default">string</span><span class="default"> </span><span class="default">$normalizedMeUrl</span><span class="keyword">=</span><span class="default">null</span><span class="keyword">)</span><span class="default"> </span><span class="keyword">{</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="91" href="#91">91</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="comment">// If the request is logged in, return authentication data.</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="3 tests cover line 92" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="92" href="#92">92</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">$cookies</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">$request</span><span class="default">-></span><span class="default">getCookieParams</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="93" href="#93">93</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">if</span><span class="default"> </span><span class="keyword">(</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="3 tests cover line 94" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="94" href="#94">94</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$cookies</span><span class="keyword">[</span><span class="default">self</span><span class="default">::</span><span class="default">LOGIN_HASH_COOKIE</span><span class="keyword">]</span><span class="keyword">)</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="3 tests cover line 95" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="95" href="#95">95</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">&&</span><span class="default"> </span><span class="default">hash_equals</span><span class="keyword">(</span><span class="default">hash_hmac</span><span class="keyword">(</span><span class="default">'SHA256'</span><span class="keyword">,</span><span class="default"> </span><span class="default">json_encode</span><span class="keyword">(</span><span class="default">$this</span><span class="default">-></span><span class="default">user</span><span class="keyword">)</span><span class="keyword">,</span><span class="default"> </span><span class="default">$this</span><span class="default">-></span><span class="default">secret</span><span class="keyword">)</span><span class="keyword">,</span><span class="default"> </span><span class="default">$cookies</span><span class="keyword">[</span><span class="default">self</span><span class="default">::</span><span class="default">LOGIN_HASH_COOKIE</span><span class="keyword">]</span><span class="keyword">)</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="96" href="#96">96</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">)</span><span class="default"> </span><span class="keyword">{</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 97" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsUserDataOnResponseWithValidHashCookie</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="97" href="#97">97</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">return</span><span class="default"> </span><span class="default">$this</span><span class="default">-></span><span class="default">user</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="98" href="#98">98</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">}</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="99" href="#99">99</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="100" href="#100">100</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="comment">// If the request is a form submission with a matching password, return a redirect to the indieauth</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="101" href="#101">101</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="comment">// flow, setting a cookie.</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 102" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="102" href="#102">102</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">if</span><span class="default"> </span><span class="keyword">(</span><span class="default">$request</span><span class="default">-></span><span class="default">getMethod</span><span class="keyword">(</span><span class="keyword">)</span><span class="default"> </span><span class="default">==</span><span class="default"> </span><span class="default">'POST'</span><span class="default"> </span><span class="default">&&</span><span class="default"> </span><span class="default">password_verify</span><span class="keyword">(</span><span class="default">$request</span><span class="default">-></span><span class="default">getParsedBody</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">[</span><span class="default">self</span><span class="default">::</span><span class="default">PASSWORD_FORM_PARAMETER</span><span class="keyword">]</span><span class="default"> </span><span class="default">??</span><span class="default"> </span><span class="default">''</span><span class="keyword">,</span><span class="default"> </span><span class="default">$this</span><span class="default">-></span><span class="default">hashedPassword</span><span class="keyword">)</span><span class="keyword">)</span><span class="default"> </span><span class="keyword">{</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 103" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="103" href="#103">103</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">$response</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="keyword">new</span><span class="default"> </span><span class="default">Response</span><span class="keyword">(</span><span class="default">302</span><span class="keyword">,</span><span class="default"> </span><span class="keyword">[</span><span class="default">'Location'</span><span class="default"> </span><span class="default">=></span><span class="default"> </span><span class="default">$formAction</span><span class="keyword">]</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="104" href="#104">104</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="105" href="#105">105</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="comment">// Set the user data hash cookie.</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 106" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="106" href="#106">106</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">$response</span><span class="default"> </span><span class="keyword">=</span><span class="default"> </span><span class="default">FigCookies</span><span class="default">\</span><span class="default">FigResponseCookies</span><span class="default">::</span><span class="default">set</span><span class="keyword">(</span><span class="default">$response</span><span class="keyword">,</span><span class="default"> </span><span class="default">FigCookies</span><span class="default">\</span><span class="default">SetCookie</span><span class="default">::</span><span class="default">create</span><span class="keyword">(</span><span class="default">self</span><span class="default">::</span><span class="default">LOGIN_HASH_COOKIE</span><span class="keyword">)</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 107" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="107" href="#107">107</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">-></span><span class="default">withValue</span><span class="keyword">(</span><span class="default">hash_hmac</span><span class="keyword">(</span><span class="default">'SHA256'</span><span class="keyword">,</span><span class="default"> </span><span class="default">json_encode</span><span class="keyword">(</span><span class="default">$this</span><span class="default">-></span><span class="default">user</span><span class="keyword">)</span><span class="keyword">,</span><span class="default"> </span><span class="default">$this</span><span class="default">-></span><span class="default">secret</span><span class="keyword">)</span><span class="keyword">)</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 108" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="108" href="#108">108</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">-></span><span class="default">withMaxAge</span><span class="keyword">(</span><span class="default">$this</span><span class="default">-></span><span class="default">ttl</span><span class="keyword">)</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 109" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="109" href="#109">109</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">-></span><span class="default">withSecure</span><span class="keyword">(</span><span class="default">$request</span><span class="default">-></span><span class="default">getUri</span><span class="keyword">(</span><span class="keyword">)</span><span class="default">-></span><span class="default">getScheme</span><span class="keyword">(</span><span class="keyword">)</span><span class="default"> </span><span class="default">==</span><span class="default"> </span><span class="default">'https'</span><span class="keyword">)</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 110" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="110" href="#110">110</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">-></span><span class="default">withDomain</span><span class="keyword">(</span><span class="default">$request</span><span class="default">-></span><span class="default">getUri</span><span class="keyword">(</span><span class="keyword">)</span><span class="default">-></span><span class="default">getHost</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">)</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="111" href="#111">111</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="112" href="#112">112</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 113" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testReturnsCookieRedirectOnAuthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="113" href="#113">113</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">return</span><span class="default"> </span><span class="default">$response</span><span class="keyword">;</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="114" href="#114">114</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">}</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="115" href="#115">115</a></td><td class="col-11 codeLine"></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="116" href="#116">116</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="comment">// Otherwise, return a response containing the password form.</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 117" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="117" href="#117">117</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">return</span><span class="default"> </span><span class="keyword">new</span><span class="default"> </span><span class="default">Response</span><span class="keyword">(</span><span class="default">200</span><span class="keyword">,</span><span class="default"> </span><span class="keyword">[</span><span class="default">'content-type'</span><span class="default"> </span><span class="default">=></span><span class="default"> </span><span class="default">'text/html'</span><span class="keyword">]</span><span class="keyword">,</span><span class="default"> </span><span class="default">renderTemplate</span><span class="keyword">(</span><span class="default">$this</span><span class="default">-></span><span class="default">formTemplate</span><span class="keyword">,</span><span class="default"> </span><span class="keyword">[</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 118" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="118" href="#118">118</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">'formAction'</span><span class="default"> </span><span class="default">=></span><span class="default"> </span><span class="default">$formAction</span><span class="keyword">,</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 119" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="119" href="#119">119</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">'request'</span><span class="default"> </span><span class="default">=></span><span class="default"> </span><span class="default">$request</span><span class="keyword">,</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 120" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="120" href="#120">120</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="default">'csrfFormElement'</span><span class="default"> </span><span class="default">=></span><span class="default"> </span><span class="default">'<input type="hidden" name="'</span><span class="default"> </span><span class="keyword">.</span><span class="default"> </span><span class="default">htmlentities</span><span class="keyword">(</span><span class="default">$this</span><span class="default">-></span><span class="default">csrfKey</span><span class="keyword">)</span><span class="default"> </span><span class="keyword">.</span><span class="default"> </span><span class="default">'" value="'</span><span class="default"> </span><span class="keyword">.</span><span class="default"> </span><span class="default">htmlentities</span><span class="keyword">(</span><span class="default">$request</span><span class="default">-></span><span class="default">getAttribute</span><span class="keyword">(</span><span class="default">$this</span><span class="default">-></span><span class="default">csrfKey</span><span class="keyword">)</span><span class="keyword">)</span><span class="default"> </span><span class="keyword">.</span><span class="default"> </span><span class="default">'" />'</span></td></tr>
|
||
<tr class=" d-flex"><td class="col-1 text-right"><a id="121" href="#121">121</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">]</span><span class="keyword">)</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
|
||
<tr class="warning d-flex"><td class="col-1 text-right"><a id="122" href="#122">122</a></td><td class="col-11 codeLine"><span class="default"> </span><span class="keyword">}</span></td></tr>
|
||
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 123" data-content="<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li></ul>" data-placement="top" data-html="true" class="col-1 text-right"><a id="123" href="#123">123</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
|
||
|
||
</tbody>
|
||
</table>
|
||
|
||
|
||
<footer>
|
||
<hr/>
|
||
<h4>Legend</h4>
|
||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||
<p>
|
||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:43:22 UTC 2021.</small>
|
||
</p>
|
||
<a title="Back to the top" id="toplink" href="#">
|
||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||
</a>
|
||
</footer>
|
||
</div>
|
||
<script src="../phpunit_js/jquery.min.js" type="text/javascript"></script>
|
||
<script src="../phpunit_js/popper.min.js" type="text/javascript"></script>
|
||
<script src="../phpunit_js/bootstrap.min.js" type="text/javascript"></script>
|
||
<script src="../phpunit_js/file.js" type="text/javascript"></script>
|
||
</body>
|
||
</html>
|