diogo
/
indieauth
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.
indieauth/docs/coverage/functions.php.html

703 lines
316 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Code Coverage for /Users/barnabywalters/Documents/Programming/taproot/indieauth/src/functions.php</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="phpunit_css/bootstrap.min.css" rel="stylesheet" type="text/css">
<link href="phpunit_css/octicons.css" rel="stylesheet" type="text/css">
<link href="phpunit_css/style.css" rel="stylesheet" type="text/css">
<link href="phpunit_css/custom.css" rel="stylesheet" type="text/css">
</head>
<body>
<header>
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<nav aria-label="breadcrumb">
<ol class="breadcrumb">
<li class="breadcrumb-item"><a href="index.html">/Users/barnabywalters/Documents/Programming/taproot/indieauth/src</a></li>
<li class="breadcrumb-item active">functions.php</li>
</ol>
</nav>
</div>
</div>
</div>
</header>
<div class="container-fluid">
<div class="table-responsive">
<table class="table table-bordered">
<thead>
<tr>
<td>&nbsp;</td>
<td colspan="10"><div align="center"><strong>Code Coverage</strong></div></td>
</tr>
<tr>
<td>&nbsp;</td>
<td colspan="3"><div align="center"><strong>Classes and Traits</strong></div></td>
<td colspan="4"><div align="center"><strong>Functions and Methods</strong></div></td>
<td colspan="3"><div align="center"><strong>Lines</strong></div></td>
</tr>
</thead>
<tbody>
<tr>
<td class="">Total</td>
<td class=" big"></td>
<td class=" small"><div align="right">n/a</div></td>
<td class=" small"><div align="right">0&nbsp;/&nbsp;0</div></td>
<td class="warning big"> <div class="progress">
<div class="progress-bar bg-warning" role="progressbar" aria-valuenow="88.89" aria-valuemin="0" aria-valuemax="100" style="width: 88.89%">
<span class="sr-only">88.89% covered (warning)</span>
</div>
</div>
</td>
<td class="warning small"><div align="right">88.89%</div></td>
<td class="warning small"><div align="right">16&nbsp;/&nbsp;18</div></td>
<td class="warning small"><abbr title="Change Risk Anti-Patterns (CRAP) Index">CRAP</abbr></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="97.56" aria-valuemin="0" aria-valuemax="100" style="width: 97.56%">
<span class="sr-only">97.56% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">97.56%</div></td>
<td class="success small"><div align="right">80&nbsp;/&nbsp;82</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#11"><abbr title="generateRandomString(int $numBytes): string">Taproot\IndieAuth\generateRandomString</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">4</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">3&nbsp;/&nbsp;3</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#28"><abbr title="generateRandomPrintableAsciiString(int $length): string">Taproot\IndieAuth\generateRandomPrintableAsciiString</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">2</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">4&nbsp;/&nbsp;4</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#37"><abbr title="generatePKCECodeChallenge(string $plaintext): string">Taproot\IndieAuth\generatePKCECodeChallenge</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">1</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#41"><abbr title="base64_urlencode(string $string): string">Taproot\IndieAuth\base64_urlencode</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">1</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#45"><abbr title="hashAuthorizationRequestParameters(Psr\Http\Message\ServerRequestInterface $request, string $secret, ?string $algo, ?array $hashedParameters, bool $requirePkce): ?string">Taproot\IndieAuth\hashAuthorizationRequestParameters</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">6</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">10&nbsp;/&nbsp;10</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#64"><abbr title="isIndieAuthAuthorizationCodeRedeemingRequest(Psr\Http\Message\ServerRequestInterface $request): bool">Taproot\IndieAuth\isIndieAuthAuthorizationCodeRedeemingRequest</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">3</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">3&nbsp;/&nbsp;3</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#70"><abbr title="isIndieAuthAuthorizationRequest(Psr\Http\Message\ServerRequestInterface $request, array $permittedMethods): bool">Taproot\IndieAuth\isIndieAuthAuthorizationRequest</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">3</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">3&nbsp;/&nbsp;3</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#76"><abbr title="isAuthorizationApprovalRequest(Psr\Http\Message\ServerRequestInterface $request): bool">Taproot\IndieAuth\isAuthorizationApprovalRequest</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">3</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">3&nbsp;/&nbsp;3</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#82"><abbr title="buildQueryString(array $parameters): string">Taproot\IndieAuth\buildQueryString</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">2</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">4&nbsp;/&nbsp;4</div></td>
</tr>
<tr>
<td class="danger" colspan="4"><a href="#90"><abbr title="urlComponentsMatch(string $url1, string $url2, ?array $components): bool">Taproot\IndieAuth\urlComponentsMatch</abbr></a></td>
<td class="danger big"> <div class="progress">
<div class="progress-bar bg-danger" role="progressbar" aria-valuenow="0.00" aria-valuemin="0" aria-valuemax="100" style="width: 0.00%">
<span class="sr-only">0.00% covered (danger)</span>
</div>
</div>
</td>
<td class="danger small"><div align="right">0.00%</div></td>
<td class="danger small"><div align="right">0&nbsp;/&nbsp;1</div></td>
<td class="danger small">4.03</td>
<td class="warning big"> <div class="progress">
<div class="progress-bar bg-warning" role="progressbar" aria-valuenow="87.50" aria-valuemin="0" aria-valuemax="100" style="width: 87.50%">
<span class="sr-only">87.50% covered (warning)</span>
</div>
</div>
</td>
<td class="warning small"><div align="right">87.50%</div></td>
<td class="warning small"><div align="right">7&nbsp;/&nbsp;8</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#114"><abbr title="appendQueryParams(string $uri, array $queryParams): string">Taproot\IndieAuth\appendQueryParams</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">3</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">6&nbsp;/&nbsp;6</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#134"><abbr title="trySetLogger($target, Psr\Log\LoggerInterface $logger)">Taproot\IndieAuth\trySetLogger</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">2</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">3&nbsp;/&nbsp;3</div></td>
</tr>
<tr>
<td class="danger" colspan="4"><a href="#141"><abbr title="renderTemplate(string $template, array $context)">Taproot\IndieAuth\renderTemplate</abbr></a></td>
<td class="danger big"> <div class="progress">
<div class="progress-bar bg-danger" role="progressbar" aria-valuenow="0.00" aria-valuemin="0" aria-valuemax="100" style="width: 0.00%">
<span class="sr-only">0.00% covered (danger)</span>
</div>
</div>
</td>
<td class="danger small"><div align="right">0.00%</div></td>
<td class="danger small"><div align="right">0&nbsp;/&nbsp;1</div></td>
<td class="danger small">1.00</td>
<td class="warning big"> <div class="progress">
<div class="progress-bar bg-warning" role="progressbar" aria-valuenow="88.89" aria-valuemin="0" aria-valuemax="100" style="width: 88.89%">
<span class="sr-only">88.89% covered (warning)</span>
</div>
</div>
</td>
<td class="warning small"><div align="right">88.89%</div></td>
<td class="warning small"><div align="right">8&nbsp;/&nbsp;9</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#166"><abbr title="isClientIdentifier(string $client_id): bool">Taproot\IndieAuth\isClientIdentifier</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">11</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">11&nbsp;/&nbsp;11</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#190"><abbr title="isProfileUrl(string $profile_url): bool">Taproot\IndieAuth\isProfileUrl</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">10</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">10&nbsp;/&nbsp;10</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#209"><abbr title="isValidState(string $state): bool">Taproot\IndieAuth\isValidState</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">1</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#218"><abbr title="isValidCodeChallenge(string $challenge): bool">Taproot\IndieAuth\isValidCodeChallenge</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">1</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
</tr>
<tr>
<td class="success" colspan="4"><a href="#226"><abbr title="isValidScope(string $scope): bool">Taproot\IndieAuth\isValidScope</abbr></a></td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
<td class="success small">1</td>
<td class="success big"> <div class="progress">
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
<span class="sr-only">100.00% covered (success)</span>
</div>
</div>
</td>
<td class="success small"><div align="right">100.00%</div></td>
<td class="success small"><div align="right">1&nbsp;/&nbsp;1</div></td>
</tr>
</tbody>
</table>
</div>
<table id="code" class="table table-borderless table-condensed">
<tbody>
<tr class=" d-flex"><td class="col-1 text-right"><a id="1" href="#1">1</a></td><td class="col-11 codeLine"><span class="default">&lt;?php</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="2" href="#2">2</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="3" href="#3">3</a></td><td class="col-11 codeLine"><span class="keyword">namespace</span><span class="default">&nbsp;</span><span class="default">Taproot\IndieAuth</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="4" href="#4">4</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="5" href="#5">5</a></td><td class="col-11 codeLine"><span class="keyword">use</span><span class="default">&nbsp;</span><span class="default">Exception</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="6" href="#6">6</a></td><td class="col-11 codeLine"><span class="keyword">use</span><span class="default">&nbsp;</span><span class="default">Psr\Http\Message\ServerRequestInterface</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="7" href="#7">7</a></td><td class="col-11 codeLine"><span class="keyword">use</span><span class="default">&nbsp;</span><span class="default">Psr\Log\LoggerAwareInterface</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="8" href="#8">8</a></td><td class="col-11 codeLine"><span class="keyword">use</span><span class="default">&nbsp;</span><span class="default">Psr\Log\LoggerInterface</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="9" href="#9">9</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="10" href="#10">10</a></td><td class="col-11 codeLine"><span class="comment">//&nbsp;From&nbsp;https://github.com/indieweb/indieauth-client-php/blob/main/src/IndieAuth/Client.php,&nbsp;thanks&nbsp;aaronpk.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="11" href="#11">11</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">generateRandomString</span><span class="keyword">(</span><span class="default">int</span><span class="default">&nbsp;</span><span class="default">$numBytes</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">string</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="10 tests cover line 12" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testGenerateRandomString&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="12" href="#12">12</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">if</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">function_exists</span><span class="keyword">(</span><span class="default">'random_bytes'</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="10 tests cover line 13" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testGenerateRandomString&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="13" href="#13">13</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$bytes</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">random_bytes</span><span class="keyword">(</span><span class="default">$numBytes</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="14" href="#14">14</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;We&nbsp;cant&nbsp;easily&nbsp;test&nbsp;the&nbsp;following&nbsp;code.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="15" href="#15">15</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;@codeCoverageIgnoreStart</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="16" href="#16">16</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span><span class="default">&nbsp;</span><span class="keyword">elseif</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">function_exists</span><span class="keyword">(</span><span class="default">'openssl_random_pseudo_bytes'</span><span class="keyword">)</span><span class="keyword">)</span><span class="keyword">{</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="17" href="#17">17</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$bytes</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">openssl_random_pseudo_bytes</span><span class="keyword">(</span><span class="default">$numBytes</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="18" href="#18">18</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span><span class="default">&nbsp;</span><span class="keyword">else</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="19" href="#19">19</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$bytes</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">''</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="20" href="#20">20</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">for</span><span class="keyword">(</span><span class="default">$i</span><span class="keyword">=</span><span class="default">0</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$bytes</span><span class="keyword">=</span><span class="default">''</span><span class="keyword">;</span><span class="default">&nbsp;</span><span class="default">$i</span><span class="default">&nbsp;</span><span class="keyword">&lt;</span><span class="default">&nbsp;</span><span class="default">$numBytes</span><span class="keyword">;</span><span class="default">&nbsp;</span><span class="default">$i</span><span class="default">++</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="21" href="#21">21</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$bytes</span><span class="default">&nbsp;</span><span class="default">.=</span><span class="default">&nbsp;</span><span class="default">chr</span><span class="keyword">(</span><span class="default">mt_rand</span><span class="keyword">(</span><span class="default">0</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">255</span><span class="keyword">)</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="22" href="#22">22</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="23" href="#23">23</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;@codeCoverageIgnoreEnd</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="24" href="#24">24</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="10 tests cover line 25" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testGenerateRandomString&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="25" href="#25">25</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">bin2hex</span><span class="keyword">(</span><span class="default">$bytes</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="26" href="#26">26</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="27" href="#27">27</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="28" href="#28">28</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">generateRandomPrintableAsciiString</span><span class="keyword">(</span><span class="default">int</span><span class="default">&nbsp;</span><span class="default">$length</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">string</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="28 tests cover line 29" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="29" href="#29">29</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$chars</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="keyword">]</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="28 tests cover line 30" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="30" href="#30">30</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">while</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">count</span><span class="keyword">(</span><span class="default">$chars</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">&lt;</span><span class="default">&nbsp;</span><span class="default">$length</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="31" href="#31">31</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;0x21&nbsp;to&nbsp;0x7E&nbsp;is&nbsp;the&nbsp;entire&nbsp;printable&nbsp;ASCII&nbsp;range,&nbsp;not&nbsp;including&nbsp;space&nbsp;(0x20).</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="28 tests cover line 32" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="32" href="#32">32</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$chars</span><span class="keyword">[</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">chr</span><span class="keyword">(</span><span class="default">random_int</span><span class="keyword">(</span><span class="default">0x21</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">0x7E</span><span class="keyword">)</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="33" href="#33">33</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="28 tests cover line 34" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="34" href="#34">34</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">join</span><span class="keyword">(</span><span class="default">''</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$chars</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="35" href="#35">35</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="36" href="#36">36</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="37" href="#37">37</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">generatePKCECodeChallenge</span><span class="keyword">(</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$plaintext</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">string</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="7 tests cover line 38" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsValidCodeChallenge&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="38" href="#38">38</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">base64_urlencode</span><span class="keyword">(</span><span class="default">hash</span><span class="keyword">(</span><span class="default">'sha256'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$plaintext</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">true</span><span class="keyword">)</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="39" href="#39">39</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="40" href="#40">40</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="41" href="#41">41</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">base64_urlencode</span><span class="keyword">(</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$string</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">string</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="7 tests cover line 42" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsValidCodeChallenge&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="42" href="#42">42</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">rtrim</span><span class="keyword">(</span><span class="default">strtr</span><span class="keyword">(</span><span class="default">base64_encode</span><span class="keyword">(</span><span class="default">$string</span><span class="keyword">)</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'+/'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'-_'</span><span class="keyword">)</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'='</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="43" href="#43">43</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="44" href="#44">44</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="45" href="#45">45</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">hashAuthorizationRequestParameters</span><span class="keyword">(</span><span class="default">ServerRequestInterface</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$secret</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">?</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$algo</span><span class="keyword">=</span><span class="default">null</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">?</span><span class="keyword">array</span><span class="default">&nbsp;</span><span class="default">$hashedParameters</span><span class="keyword">=</span><span class="default">null</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">bool</span><span class="default">&nbsp;</span><span class="default">$requirePkce</span><span class="keyword">=</span><span class="default">true</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="keyword">?</span><span class="default">string</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 46" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersReturnsNullWhenParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersIgnoresExtraParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="46" href="#46">46</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$queryParams</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="default">-&gt;</span><span class="default">getQueryParams</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="47" href="#47">47</a></td><td class="col-11 codeLine"></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 48" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersReturnsNullWhenParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersIgnoresExtraParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="48" href="#48">48</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">if</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">is_null</span><span class="keyword">(</span><span class="default">$hashedParameters</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 49" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersReturnsNullWhenParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersIgnoresExtraParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="49" href="#49">49</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$hashedParameters</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">$requirePkce</span><span class="default">&nbsp;</span><span class="default">or</span><span class="default">&nbsp;</span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$queryParams</span><span class="keyword">[</span><span class="default">'code_challenge'</span><span class="keyword">]</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">?</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">'client_id'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'redirect_uri'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'code_challenge'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'code_challenge_method'</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">'client_id'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'redirect_uri'</span><span class="keyword">]</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="50" href="#50">50</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="51" href="#51">51</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 52" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersReturnsNullWhenParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersIgnoresExtraParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="52" href="#52">52</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$algo</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">$algo</span><span class="default">&nbsp;</span><span class="default">??</span><span class="default">&nbsp;</span><span class="default">'sha256'</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="53" href="#53">53</a></td><td class="col-11 codeLine"></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 54" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersReturnsNullWhenParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersIgnoresExtraParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="54" href="#54">54</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$data</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">''</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 55" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersReturnsNullWhenParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersIgnoresExtraParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="55" href="#55">55</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">foreach</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">$hashedParameters</span><span class="default">&nbsp;</span><span class="keyword">as</span><span class="default">&nbsp;</span><span class="default">$key</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 56" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersReturnsNullWhenParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersIgnoresExtraParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="56" href="#56">56</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">if</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="keyword">!</span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$queryParams</span><span class="keyword">[</span><span class="default">$key</span><span class="keyword">]</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="3 tests cover line 57" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersReturnsNullWhenParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="57" href="#57">57</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">null</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="58" href="#58">58</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="20 tests cover line 59" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersIgnoresExtraParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="59" href="#59">59</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$data</span><span class="default">&nbsp;</span><span class="default">.=</span><span class="default">&nbsp;</span><span class="default">$queryParams</span><span class="keyword">[</span><span class="default">$key</span><span class="keyword">]</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="60" href="#60">60</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="19 tests cover line 61" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testHashAuthorizationRequestParametersIgnoresExtraParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="61" href="#61">61</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">hash_hmac</span><span class="keyword">(</span><span class="default">$algo</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$data</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$secret</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="62" href="#62">62</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="63" href="#63">63</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="64" href="#64">64</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">isIndieAuthAuthorizationCodeRedeemingRequest</span><span class="keyword">(</span><span class="default">ServerRequestInterface</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">bool</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="31 tests cover line 65" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="65" href="#65">65</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">strtolower</span><span class="keyword">(</span><span class="default">$request</span><span class="default">-&gt;</span><span class="default">getMethod</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">==</span><span class="default">&nbsp;</span><span class="default">'post'</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="31 tests cover line 66" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="66" href="#66">66</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;</span><span class="default">array_key_exists</span><span class="keyword">(</span><span class="default">'grant_type'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="default">-&gt;</span><span class="default">getParsedBody</span><span class="keyword">(</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">??</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="keyword">]</span><span class="keyword">)</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="31 tests cover line 67" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="67" href="#67">67</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="default">-&gt;</span><span class="default">getParsedBody</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">[</span><span class="default">'grant_type'</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="default">==</span><span class="default">&nbsp;</span><span class="default">'authorization_code'</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="68" href="#68">68</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="69" href="#69">69</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="70" href="#70">70</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">isIndieAuthAuthorizationRequest</span><span class="keyword">(</span><span class="default">ServerRequestInterface</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">array</span><span class="default">&nbsp;</span><span class="default">$permittedMethods</span><span class="keyword">=</span><span class="keyword">[</span><span class="default">'get'</span><span class="keyword">]</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">bool</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="22 tests cover line 71" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="71" href="#71">71</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">in_array</span><span class="keyword">(</span><span class="default">strtolower</span><span class="keyword">(</span><span class="default">$request</span><span class="default">-&gt;</span><span class="default">getMethod</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">)</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">array_map</span><span class="keyword">(</span><span class="default">'strtolower'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$permittedMethods</span><span class="keyword">)</span><span class="keyword">)</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="22 tests cover line 72" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="72" href="#72">72</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;</span><span class="default">array_key_exists</span><span class="keyword">(</span><span class="default">'response_type'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="default">-&gt;</span><span class="default">getQueryParams</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">)</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="22 tests cover line 73" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="73" href="#73">73</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="default">-&gt;</span><span class="default">getQueryParams</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">[</span><span class="default">'response_type'</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="default">==</span><span class="default">&nbsp;</span><span class="default">'code'</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="74" href="#74">74</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="75" href="#75">75</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="76" href="#76">76</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">isAuthorizationApprovalRequest</span><span class="keyword">(</span><span class="default">ServerRequestInterface</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">bool</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="10 tests cover line 77" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="77" href="#77">77</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">strtolower</span><span class="keyword">(</span><span class="default">$request</span><span class="default">-&gt;</span><span class="default">getMethod</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">==</span><span class="default">&nbsp;</span><span class="default">'post'</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="10 tests cover line 78" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="78" href="#78">78</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;</span><span class="default">array_key_exists</span><span class="keyword">(</span><span class="default">'taproot_indieauth_action'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="default">-&gt;</span><span class="default">getParsedBody</span><span class="keyword">(</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">??</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="keyword">]</span><span class="keyword">)</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="10 tests cover line 79" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="79" href="#79">79</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;</span><span class="default">$request</span><span class="default">-&gt;</span><span class="default">getParsedBody</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">[</span><span class="default">Server</span><span class="default">::</span><span class="default">APPROVE_ACTION_KEY</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="default">==</span><span class="default">&nbsp;</span><span class="default">Server</span><span class="default">::</span><span class="default">APPROVE_ACTION_VALUE</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="80" href="#80">80</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="81" href="#81">81</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="82" href="#82">82</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">buildQueryString</span><span class="keyword">(</span><span class="keyword">array</span><span class="default">&nbsp;</span><span class="default">$parameters</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">string</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="19 tests cover line 83" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testBuildQueryString&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testAppendQueryParams&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="83" href="#83">83</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$qs</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="keyword">]</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="19 tests cover line 84" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testBuildQueryString&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testAppendQueryParams&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="84" href="#84">84</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">foreach</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">$parameters</span><span class="default">&nbsp;</span><span class="keyword">as</span><span class="default">&nbsp;</span><span class="default">$k</span><span class="default">&nbsp;</span><span class="default">=&gt;</span><span class="default">&nbsp;</span><span class="default">$v</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="19 tests cover line 85" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testBuildQueryString&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testAppendQueryParams&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="85" href="#85">85</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$qs</span><span class="keyword">[</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">urlencode</span><span class="keyword">(</span><span class="default">$k</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">.</span><span class="default">&nbsp;</span><span class="default">'='</span><span class="default">&nbsp;</span><span class="keyword">.</span><span class="default">&nbsp;</span><span class="default">urlencode</span><span class="keyword">(</span><span class="default">$v</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="86" href="#86">86</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="19 tests cover line 87" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testBuildQueryString&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testAppendQueryParams&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="87" href="#87">87</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">join</span><span class="keyword">(</span><span class="default">'&amp;'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$qs</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="88" href="#88">88</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="89" href="#89">89</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="90" href="#90">90</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">urlComponentsMatch</span><span class="keyword">(</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$url1</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$url2</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">?</span><span class="keyword">array</span><span class="default">&nbsp;</span><span class="default">$components</span><span class="keyword">=</span><span class="default">null</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">bool</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="17 tests cover line 91" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="91" href="#91">91</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$validComponents</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">PHP_URL_HOST</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">PHP_URL_PASS</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">PHP_URL_PATH</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">PHP_URL_PORT</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">PHP_URL_USER</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">PHP_URL_QUERY</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">PHP_URL_SCHEME</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">PHP_URL_FRAGMENT</span><span class="keyword">]</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="17 tests cover line 92" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="92" href="#92">92</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$components</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">$components</span><span class="default">&nbsp;</span><span class="default">??</span><span class="default">&nbsp;</span><span class="default">$validComponents</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="93" href="#93">93</a></td><td class="col-11 codeLine"></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="17 tests cover line 94" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="94" href="#94">94</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">foreach</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">$components</span><span class="default">&nbsp;</span><span class="keyword">as</span><span class="default">&nbsp;</span><span class="default">$cmp</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="17 tests cover line 95" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="95" href="#95">95</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">if</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="keyword">!</span><span class="default">in_array</span><span class="keyword">(</span><span class="default">$cmp</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$validComponents</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="danger d-flex"><td class="col-1 text-right"><a id="96" href="#96">96</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">throw</span><span class="default">&nbsp;</span><span class="keyword">new</span><span class="default">&nbsp;</span><span class="default">Exception</span><span class="keyword">(</span><span class="string">&quot;</span><span class="string">Invalid&nbsp;parse_url()&nbsp;component&nbsp;passed:&nbsp;</span><span class="string">$cmp</span><span class="string">&quot;</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="97" href="#97">97</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="98" href="#98">98</a></td><td class="col-11 codeLine"></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="17 tests cover line 99" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="99" href="#99">99</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">if</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">parse_url</span><span class="keyword">(</span><span class="default">$url1</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$cmp</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">!==</span><span class="default">&nbsp;</span><span class="default">parse_url</span><span class="keyword">(</span><span class="default">$url2</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$cmp</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="4 tests cover line 100" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="100" href="#100">100</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">false</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="101" href="#101">101</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="102" href="#102">102</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="103" href="#103">103</a></td><td class="col-11 codeLine"></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="13 tests cover line 104" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="104" href="#104">104</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">true</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="105" href="#105">105</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="106" href="#106">106</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="107" href="#107">107</a></td><td class="col-11 codeLine"><span class="comment">/**</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="108" href="#108">108</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;Append&nbsp;Query&nbsp;Parameters</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="109" href="#109">109</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="110" href="#110">110</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;Converts&nbsp;`$queryParams`&nbsp;into&nbsp;a&nbsp;query&nbsp;string,&nbsp;then&nbsp;checks&nbsp;`$uri`&nbsp;for&nbsp;an</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="111" href="#111">111</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;existing&nbsp;query&nbsp;string.&nbsp;Then&nbsp;appends&nbsp;the&nbsp;newly&nbsp;generated&nbsp;query&nbsp;string</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="112" href="#112">112</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;with&nbsp;either&nbsp;?&nbsp;or&nbsp;&amp;&nbsp;as&nbsp;appropriate.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="113" href="#113">113</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*/</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="114" href="#114">114</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">appendQueryParams</span><span class="keyword">(</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$uri</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">array</span><span class="default">&nbsp;</span><span class="default">$queryParams</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">string</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="12 tests cover line 115" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testAppendQueryParams&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="115" href="#115">115</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">if</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="keyword">empty</span><span class="keyword">(</span><span class="default">$queryParams</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="1 test covers line 116" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testAppendQueryParams&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="116" href="#116">116</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">$uri</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="117" href="#117">117</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="118" href="#118">118</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="12 tests cover line 119" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testAppendQueryParams&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="119" href="#119">119</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$queryString</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">buildQueryString</span><span class="keyword">(</span><span class="default">$queryParams</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="12 tests cover line 120" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testAppendQueryParams&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="120" href="#120">120</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$separator</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">parse_url</span><span class="keyword">(</span><span class="default">$uri</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">\PHP_URL_QUERY</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">?</span><span class="default">&nbsp;</span><span class="default">'&amp;'</span><span class="default">&nbsp;</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">'?'</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="12 tests cover line 121" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testAppendQueryParams&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="121" href="#121">121</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$uri</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">rtrim</span><span class="keyword">(</span><span class="default">$uri</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'?&amp;'</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="12 tests cover line 122" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testAppendQueryParams&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="122" href="#122">122</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="string">&quot;</span><span class="string">{</span><span class="string">$uri</span><span class="keyword">}</span><span class="string">{</span><span class="string">$separator</span><span class="keyword">}</span><span class="string">{</span><span class="string">$queryString</span><span class="keyword">}</span><span class="string">&quot;</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="123" href="#123">123</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="124" href="#124">124</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="125" href="#125">125</a></td><td class="col-11 codeLine"><span class="comment">/**</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="126" href="#126">126</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;Try&nbsp;setLogger</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="127" href="#127">127</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="128" href="#128">128</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;If&nbsp;`$target`&nbsp;implements&nbsp;`LoggerAwareInterface`,&nbsp;set&nbsp;its&nbsp;logger</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="129" href="#129">129</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;to&nbsp;`$logger`.&nbsp;Returns&nbsp;`$target`.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="130" href="#130">130</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="131" href="#131">131</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@psalm-suppress&nbsp;MissingReturnType</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="132" href="#132">132</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@psalm-suppress&nbsp;MissingParamType</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="133" href="#133">133</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*/</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="134" href="#134">134</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">trySetLogger</span><span class="keyword">(</span><span class="default">$target</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">LoggerInterface</span><span class="default">&nbsp;</span><span class="default">$logger</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="32 tests cover line 135" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="135" href="#135">135</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">if</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">$target</span><span class="default">&nbsp;</span><span class="keyword">instanceof</span><span class="default">&nbsp;</span><span class="default">LoggerAwareInterface</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="32 tests cover line 136" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="136" href="#136">136</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$target</span><span class="default">-&gt;</span><span class="default">setLogger</span><span class="keyword">(</span><span class="default">$logger</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="137" href="#137">137</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="32 tests cover line 138" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfCodeParameterIsMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatAuthCodeWithoutPkceCannotBeExchangedWithCodeVerifierBothExchangeEndpoints&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="138" href="#138">138</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">$target</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="139" href="#139">139</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="140" href="#140">140</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="141" href="#141">141</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">renderTemplate</span><span class="keyword">(</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$template</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">array</span><span class="default">&nbsp;</span><span class="default">$context</span><span class="keyword">=</span><span class="keyword">[</span><span class="keyword">]</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="11 tests cover line 142" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="142" href="#142">142</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$render</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="keyword">function</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">$__template</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$__templateData</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="11 tests cover line 143" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="143" href="#143">143</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">$render</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="keyword">function</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">$template</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$data</span><span class="keyword">)</span><span class="keyword">{</span></td></tr>
<tr class="danger d-flex"><td class="col-1 text-right"><a id="144" href="#144">144</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">renderTemplate</span><span class="keyword">(</span><span class="default">$template</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$data</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="145" href="#145">145</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="11 tests cover line 146" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="146" href="#146">146</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">ob_start</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="11 tests cover line 147" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="147" href="#147">147</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">extract</span><span class="keyword">(</span><span class="default">$__templateData</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="11 tests cover line 148" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="148" href="#148">148</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">unset</span><span class="keyword">(</span><span class="default">$__templateData</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="11 tests cover line 149" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="149" href="#149">149</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">include</span><span class="default">&nbsp;</span><span class="default">$__template</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="11 tests cover line 150" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="150" href="#150">150</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">ob_get_clean</span><span class="keyword">(</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="151" href="#151">151</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">}</span><span class="keyword">;</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="11 tests cover line 152" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\SingleUserPasswordAuthenticationCallbackTest::testShowsAuthenticationFormOnUnauthenticatedRequest&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="152" href="#152">152</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">$render</span><span class="keyword">(</span><span class="default">$template</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">$context</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="153" href="#153">153</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="154" href="#154">154</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="155" href="#155">155</a></td><td class="col-11 codeLine"><span class="comment">//&nbsp;IndieAuth/OAuth2-related&nbsp;Validation&nbsp;Functions</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="156" href="#156">156</a></td><td class="col-11 codeLine"><span class="comment">//&nbsp;Mostly&nbsp;taken&nbsp;or&nbsp;adapted&nbsp;by&nbsp;https://github.com/Zegnat/php-mindee/&nbsp;&nbsp;thanks&nbsp;Zegnat!</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="157" href="#157">157</a></td><td class="col-11 codeLine"><span class="comment">//&nbsp;Code&nbsp;was&nbsp;not&nbsp;licensed&nbsp;at&nbsp;time&nbsp;of&nbsp;writing,&nbsp;permission&nbsp;granted&nbsp;here&nbsp;https://chat.indieweb.org/dev/2021-06-10/1623327498355700</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="158" href="#158">158</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="159" href="#159">159</a></td><td class="col-11 codeLine"><span class="comment">/**</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="160" href="#160">160</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;Check&nbsp;if&nbsp;a&nbsp;provided&nbsp;string&nbsp;matches&nbsp;the&nbsp;IndieAuth&nbsp;criteria&nbsp;for&nbsp;a&nbsp;Client&nbsp;Identifier.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="161" href="#161">161</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@see&nbsp;https://indieauth.spec.indieweb.org/#client-identifier</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="162" href="#162">162</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="163" href="#163">163</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@param&nbsp;string&nbsp;$client_id&nbsp;The&nbsp;client&nbsp;ID&nbsp;provided&nbsp;by&nbsp;the&nbsp;OAuth&nbsp;Client</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="164" href="#164">164</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@return&nbsp;bool&nbsp;true&nbsp;if&nbsp;the&nbsp;value&nbsp;is&nbsp;allowed&nbsp;by&nbsp;IndieAuth</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="165" href="#165">165</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*/</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="166" href="#166">166</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">isClientIdentifier</span><span class="keyword">(</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$client_id</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">bool</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 167" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="167" href="#167">167</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">$url_components</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">parse_url</span><span class="keyword">(</span><span class="default">$client_id</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;Clients&nbsp;are&nbsp;identified&nbsp;by&nbsp;a&nbsp;URL.</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 168" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="168" href="#168">168</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">in_array</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'scheme'</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="default">??</span><span class="default">&nbsp;</span><span class="default">''</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">'http'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'https'</span><span class="keyword">]</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;Client&nbsp;identifier&nbsp;URLs&nbsp;MUST&nbsp;have&nbsp;either&nbsp;an&nbsp;https&nbsp;or&nbsp;http&nbsp;scheme,</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 169" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="169" href="#169">169</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">0</span><span class="default">&nbsp;</span><span class="keyword">&lt;</span><span class="default">&nbsp;</span><span class="default">strlen</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'path'</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="default">??</span><span class="default">&nbsp;</span><span class="default">''</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;contain&nbsp;a&nbsp;path&nbsp;component,</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 170" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="170" href="#170">170</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="default">strpos</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'path'</span><span class="keyword">]</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'/./'</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;NOT&nbsp;contain&nbsp;single-dot</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 171" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="171" href="#171">171</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="default">strpos</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'path'</span><span class="keyword">]</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'/../'</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;or&nbsp;double-dot&nbsp;path&nbsp;segments,</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 172" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="172" href="#172">172</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'fragment'</span><span class="keyword">]</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;NOT&nbsp;contain&nbsp;a&nbsp;fragment&nbsp;component,</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 173" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="173" href="#173">173</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'user'</span><span class="keyword">]</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;NOT&nbsp;contain&nbsp;a&nbsp;username</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 174" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="174" href="#174">174</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'pass'</span><span class="keyword">]</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;or&nbsp;password&nbsp;component,</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="175" href="#175">175</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">(</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 176" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="176" href="#176">176</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="default">filter_var</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'host'</span><span class="keyword">]</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">FILTER_VALIDATE_IP</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">||</span><span class="default">&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;NOT&nbsp;be&nbsp;an&nbsp;IP&nbsp;address</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 177" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="177" href="#177">177</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'host'</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="default">??</span><span class="default">&nbsp;</span><span class="default">null</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">==</span><span class="default">&nbsp;</span><span class="default">'127.0.0.1'</span><span class="default">&nbsp;</span><span class="default">||</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;except&nbsp;for&nbsp;127.0.0.1</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="21 tests cover line 178" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsClientIentifier&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="178" href="#178">178</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'host'</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="default">??</span><span class="default">&nbsp;</span><span class="default">null</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">==</span><span class="default">&nbsp;</span><span class="default">'[::1]'</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;or&nbsp;[::1]</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="179" href="#179">179</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">)</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="180" href="#180">180</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="181" href="#181">181</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="182" href="#182">182</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="183" href="#183">183</a></td><td class="col-11 codeLine"><span class="comment">/**</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="184" href="#184">184</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;Check&nbsp;if&nbsp;a&nbsp;provided&nbsp;string&nbsp;matches&nbsp;the&nbsp;IndieAuth&nbsp;criteria&nbsp;for&nbsp;a&nbsp;User&nbsp;Profile&nbsp;URL.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="185" href="#185">185</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@see&nbsp;https://indieauth.spec.indieweb.org/#user-profile-url</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="186" href="#186">186</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="187" href="#187">187</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@param&nbsp;string&nbsp;$profile_url&nbsp;The&nbsp;profile&nbsp;URL&nbsp;provided&nbsp;by&nbsp;the&nbsp;IndieAuth&nbsp;Client&nbsp;as&nbsp;me</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="188" href="#188">188</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@return&nbsp;bool&nbsp;true&nbsp;if&nbsp;the&nbsp;value&nbsp;is&nbsp;allowed&nbsp;by&nbsp;IndieAuth</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="189" href="#189">189</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*/</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="190" href="#190">190</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">isProfileUrl</span><span class="keyword">(</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$profile_url</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">bool</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 191" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsProfileUrl&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="191" href="#191">191</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="keyword">(</span><span class="default">$url_components</span><span class="default">&nbsp;</span><span class="keyword">=</span><span class="default">&nbsp;</span><span class="default">parse_url</span><span class="keyword">(</span><span class="default">$profile_url</span><span class="keyword">)</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;Users&nbsp;are&nbsp;identified&nbsp;by&nbsp;a&nbsp;URL.</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 192" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsProfileUrl&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="192" href="#192">192</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">in_array</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'scheme'</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="default">??</span><span class="default">&nbsp;</span><span class="default">''</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">'http'</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'https'</span><span class="keyword">]</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;Profile&nbsp;URLs&nbsp;MUST&nbsp;have&nbsp;either&nbsp;an&nbsp;https&nbsp;or&nbsp;http&nbsp;scheme,</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 193" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsProfileUrl&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="193" href="#193">193</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">0</span><span class="default">&nbsp;</span><span class="keyword">&lt;</span><span class="default">&nbsp;</span><span class="default">strlen</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'path'</span><span class="keyword">]</span><span class="default">&nbsp;</span><span class="default">??</span><span class="default">&nbsp;</span><span class="default">''</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;contain&nbsp;a&nbsp;path&nbsp;component,</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 194" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsProfileUrl&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="194" href="#194">194</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="default">strpos</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'path'</span><span class="keyword">]</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'/./'</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;NOT&nbsp;contain&nbsp;single-dot</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 195" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsProfileUrl&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="195" href="#195">195</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="default">strpos</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'path'</span><span class="keyword">]</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">'/../'</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;or&nbsp;double-dot&nbsp;path&nbsp;segments,</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 196" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsProfileUrl&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="196" href="#196">196</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'fragment'</span><span class="keyword">]</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;NOT&nbsp;contain&nbsp;a&nbsp;fragment&nbsp;component,</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 197" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsProfileUrl&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="197" href="#197">197</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'user'</span><span class="keyword">]</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;NOT&nbsp;contain&nbsp;a&nbsp;username</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 198" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsProfileUrl&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="198" href="#198">198</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'pass'</span><span class="keyword">]</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;or&nbsp;password&nbsp;component,</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 199" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsProfileUrl&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="199" href="#199">199</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="keyword">isset</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'port'</span><span class="keyword">]</span><span class="keyword">)</span><span class="default">&nbsp;</span><span class="default">&amp;&amp;</span><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;NOT&nbsp;contain&nbsp;a&nbsp;port,</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="2 tests cover line 200" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsProfileUrl&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="200" href="#200">200</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">===</span><span class="default">&nbsp;</span><span class="default">filter_var</span><span class="keyword">(</span><span class="default">$url_components</span><span class="keyword">[</span><span class="default">'host'</span><span class="keyword">]</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">FILTER_VALIDATE_IP</span><span class="keyword">)</span><span class="default">&nbsp;&nbsp;&nbsp;</span><span class="comment">//&nbsp;MUST&nbsp;NOT&nbsp;be&nbsp;an&nbsp;IP&nbsp;address.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="201" href="#201">201</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="202" href="#202">202</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="203" href="#203">203</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="204" href="#204">204</a></td><td class="col-11 codeLine"><span class="comment">/**</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="205" href="#205">205</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;OAuth&nbsp;2.0&nbsp;limits&nbsp;what&nbsp;values&nbsp;are&nbsp;valid&nbsp;for&nbsp;state.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="206" href="#206">206</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;We&nbsp;check&nbsp;this&nbsp;first,&nbsp;because&nbsp;if&nbsp;valid,&nbsp;we&nbsp;want&nbsp;to&nbsp;send&nbsp;it&nbsp;along&nbsp;with&nbsp;other&nbsp;errors.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="207" href="#207">207</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@see&nbsp;https://tools.ietf.org/html/rfc6749#appendix-A.5</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="208" href="#208">208</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*/</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="209" href="#209">209</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">isValidState</span><span class="keyword">(</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$state</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">bool</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="18 tests cover line 210" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsValidState&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testRequestsMissingBothPkceParametersReturnsError&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatRequestsWithoutPkceWorkCorrectlyWithBothExchangeFlows&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testBackCompatNonPkceRequestMustLackBothPkceParameters&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="210" href="#210">210</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">!==</span><span class="default">&nbsp;</span><span class="default">filter_var</span><span class="keyword">(</span><span class="default">$state</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">FILTER_VALIDATE_REGEXP</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">'options'</span><span class="default">&nbsp;</span><span class="default">=&gt;</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">'regexp'</span><span class="default">&nbsp;</span><span class="default">=&gt;</span><span class="default">&nbsp;</span><span class="default">'/^[\x20-\x7E]*$/'</span><span class="keyword">]</span><span class="keyword">]</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="211" href="#211">211</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="212" href="#212">212</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="213" href="#213">213</a></td><td class="col-11 codeLine"><span class="comment">/**</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="214" href="#214">214</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;IndieAuth&nbsp;requires&nbsp;PKCE.&nbsp;This&nbsp;implementation&nbsp;supports&nbsp;only&nbsp;S256&nbsp;for&nbsp;hashing.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="215" href="#215">215</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="216" href="#216">216</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@see&nbsp;https://indieauth.spec.indieweb.org/#authorization-request</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="217" href="#217">217</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*/</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="218" href="#218">218</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">isValidCodeChallenge</span><span class="keyword">(</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$challenge</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">bool</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="15 tests cover line 219" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsValidCodeChallenge&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testAuthorizationEndpointReturnsErrorOnMissingParameter&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="219" href="#219">219</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">!==</span><span class="default">&nbsp;</span><span class="default">filter_var</span><span class="keyword">(</span><span class="default">$challenge</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">FILTER_VALIDATE_REGEXP</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">'options'</span><span class="default">&nbsp;</span><span class="default">=&gt;</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">'regexp'</span><span class="default">&nbsp;</span><span class="default">=&gt;</span><span class="default">&nbsp;</span><span class="default">'/^[A-Za-z0-9_-]+$/'</span><span class="keyword">]</span><span class="keyword">]</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="220" href="#220">220</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="221" href="#221">221</a></td><td class="col-11 codeLine"></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="222" href="#222">222</a></td><td class="col-11 codeLine"><span class="comment">/**</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="223" href="#223">223</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;OAuth&nbsp;2.0&nbsp;limits&nbsp;what&nbsp;values&nbsp;are&nbsp;valid&nbsp;for&nbsp;scope.</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="224" href="#224">224</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*&nbsp;@see&nbsp;https://tools.ietf.org/html/rfc6749#section-3.3</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="225" href="#225">225</a></td><td class="col-11 codeLine"><span class="comment">&nbsp;*/</span></td></tr>
<tr class=" d-flex"><td class="col-1 text-right"><a id="226" href="#226">226</a></td><td class="col-11 codeLine"><span class="keyword">function</span><span class="default">&nbsp;</span><span class="default">isValidScope</span><span class="keyword">(</span><span class="default">string</span><span class="default">&nbsp;</span><span class="default">$scope</span><span class="keyword">)</span><span class="keyword">:</span><span class="default">&nbsp;</span><span class="default">bool</span><span class="default">&nbsp;</span><span class="keyword">{</span></td></tr>
<tr class="covered-by-large-tests popin d-flex"><td data-title="3 tests cover line 227" data-content="&lt;ul&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\FunctionTest::testIsValidScope&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects&lt;/li&gt;&lt;li class=&quot;covered-by-large-tests&quot;&gt;Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly&lt;/li&gt;&lt;/ul&gt;" data-placement="top" data-html="true" class="col-1 text-right"><a id="227" href="#227">227</a></td><td class="col-11 codeLine"><span class="default">&nbsp;&nbsp;&nbsp;&nbsp;</span><span class="keyword">return</span><span class="default">&nbsp;</span><span class="default">false</span><span class="default">&nbsp;</span><span class="default">!==</span><span class="default">&nbsp;</span><span class="default">filter_var</span><span class="keyword">(</span><span class="default">$scope</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="default">FILTER_VALIDATE_REGEXP</span><span class="keyword">,</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">'options'</span><span class="default">&nbsp;</span><span class="default">=&gt;</span><span class="default">&nbsp;</span><span class="keyword">[</span><span class="default">'regexp'</span><span class="default">&nbsp;</span><span class="default">=&gt;</span><span class="default">&nbsp;</span><span class="default">'/^([\x21\x23-\x5B\x5D-\x7E]+(&nbsp;[\x21\x23-\x5B\x5D-\x7E]+)*)?$/'</span><span class="keyword">]</span><span class="keyword">]</span><span class="keyword">)</span><span class="keyword">;</span></td></tr>
<tr class="warning d-flex"><td class="col-1 text-right"><a id="228" href="#228">228</a></td><td class="col-11 codeLine"><span class="keyword">}</span></td></tr>
</tbody>
</table>
<footer>
<hr/>
<h4>Legend</h4>
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
<p>
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 8.0.7</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 24 11:32:05 UTC 2021.</small>
</p>
<a title="Back to the top" id="toplink" href="#">
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
</a>
</footer>
</div>
<script src="phpunit_js/jquery.min.js" type="text/javascript"></script>
<script src="phpunit_js/popper.min.js" type="text/javascript"></script>
<script src="phpunit_js/bootstrap.min.js" type="text/javascript"></script>
<script src="phpunit_js/file.js" type="text/javascript"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink