SEOPress - Version 5.8.0.5

Version Description

  • FIX Downgrade Google Auth API to prevent errors with hosting using PHP parser
  • FIX "Sorry, you do not have permission to edit the _seopress_robots_primary_cat custom field." error
  • FIX Remove "Inspect URL with Google" tab from Universal SEO metabox if disabled
Download this release

Release Info

Developer rainbowgeek
Plugin Icon 128x128 SEOPress
Version 5.8.0.5
Comparing to
See all releases

Code changes from version 5.8.0.4 to 5.8.0.5

Files changed (56) hide show
  1. assets/js/build/primary-category-select.asset.php +1 -1
  2. assets/js/build/primary-category-select.js +1 -1
  3. assets/js/build/primary-category-select.js.map +1 -0
  4. assets/js/src/primary-category-select.js +15 -6
  5. inc/admin/metaboxes/admin-metaboxes.php +4 -1
  6. inc/functions/options-instant-indexing.php +2 -2
  7. languages/wp-seopress.pot +16 -10
  8. public/gutenberg/primary-category-select.asset.php +1 -0
  9. public/gutenberg/primary-category-select.js +1 -0
  10. readme.txt +7 -2
  11. seopress-functions.php +12 -8
  12. seopress.php +3 -3
  13. src/Actions/Admin/ModuleMetabox.php +2 -2
  14. src/Actions/Api/Metas/AdvancedSettings.php +29 -7
  15. src/Services/Options/ToggleOption.php +4 -0
  16. vendor/composer/installed.json +20 -25
  17. vendor/composer/installed.php +8 -8
  18. vendor/firebase/php-jwt/README.md +30 -98
  19. vendor/firebase/php-jwt/composer.json +2 -7
  20. vendor/firebase/php-jwt/src/CachedKeySet.php +0 -231
  21. vendor/firebase/php-jwt/src/JWK.php +22 -41
  22. vendor/firebase/php-jwt/src/JWT.php +162 -177
  23. vendor/firebase/php-jwt/src/Key.php +15 -20
  24. vendor/google/auth/.php-cs-fixer.dist.php +24 -0
  25. vendor/google/auth/CHANGELOG.md +211 -0
  26. vendor/google/auth/CODE_OF_CONDUCT.md +43 -0
  27. vendor/google/auth/composer.json +4 -4
  28. vendor/google/auth/renovate.json +6 -0
  29. vendor/google/auth/src/AccessToken.php +38 -45
  30. vendor/google/auth/src/ApplicationDefaultCredentials.php +13 -25
  31. vendor/google/auth/src/Cache/Item.php +26 -13
  32. vendor/google/auth/src/Cache/MemoryCacheItemPool.php +15 -14
  33. vendor/google/auth/src/Cache/SysVCacheItemPool.php +24 -32
  34. vendor/google/auth/src/Cache/TypedItem.php +0 -166
  35. vendor/google/auth/src/CacheTrait.php +5 -32
  36. vendor/google/auth/src/Credentials/AppIdentityCredentials.php +15 -23
  37. vendor/google/auth/src/Credentials/GCECredentials.php +12 -13
  38. vendor/google/auth/src/Credentials/IAMCredentials.php +6 -6
  39. vendor/google/auth/src/Credentials/InsecureCredentials.php +5 -3
  40. vendor/google/auth/src/Credentials/ServiceAccountCredentials.php +19 -30
  41. vendor/google/auth/src/Credentials/ServiceAccountJwtAccessCredentials.php +10 -15
  42. vendor/google/auth/src/Credentials/UserRefreshCredentials.php +12 -16
  43. vendor/google/auth/src/CredentialsLoader.php +47 -19
  44. vendor/google/auth/src/FetchAuthTokenCache.php +16 -17
  45. vendor/google/auth/src/FetchAuthTokenInterface.php +5 -5
  46. vendor/google/auth/src/GCECache.php +11 -1
  47. vendor/google/auth/src/HttpHandler/Guzzle5HttpHandler.php +0 -3
  48. vendor/google/auth/src/HttpHandler/Guzzle6HttpHandler.php +2 -2
  49. vendor/google/auth/src/HttpHandler/HttpHandlerFactory.php +0 -1
  50. vendor/google/auth/src/Iam.php +1 -1
  51. vendor/google/auth/src/Middleware/AuthTokenMiddleware.php +4 -11
  52. vendor/google/auth/src/Middleware/ProxyAuthTokenMiddleware.php +3 -10
  53. vendor/google/auth/src/Middleware/ScopedAccessTokenMiddleware.php +13 -3
  54. vendor/google/auth/src/Middleware/SimpleMiddleware.php +2 -2
  55. vendor/google/auth/src/OAuth2.php +75 -205
  56. vendor/google/auth/src/UpdateMetadataInterface.php +2 -2
assets/js/build/primary-category-select.asset.php CHANGED
@@ -1 +1 @@
1
- <?php return array('dependencies' => array('wp-components', 'wp-data', 'wp-element', 'wp-i18n'), 'version' => 'd4454d6cec16e500ca82');
1
+ <?php return array('dependencies' => array('wp-components', 'wp-data', 'wp-element', 'wp-i18n'), 'version' => 'bb30f36e5b37e25c33db');
assets/js/build/primary-category-select.js CHANGED
@@ -1 +1 @@
1
- !function(){"use strict";var e=window.wp.i18n,t=window.wp.element,r=window.wp.data,n=window.wp.components;function o(e){return o="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},o(e)}function a(e,t){(null==t||t>e.length)&&(t=e.length);for(var r=0,n=new Array(t);r<t;r++)n[r]=e[r];return n}function i(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function s(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}function c(e,t){return c=Object.setPrototypeOf?Object.setPrototypeOf.bind():function(e,t){return e.__proto__=t,e},c(e,t)}function l(e,t){if(t&&("object"===o(t)||"function"==typeof t))return t;if(void 0!==t)throw new TypeError("Derived constructors may only return object or undefined");return u(e)}function u(e){if(void 0===e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return e}function p(e){return p=Object.setPrototypeOf?Object.getPrototypeOf.bind():function(e){return e.__proto__||Object.getPrototypeOf(e)},p(e)}var m=function(t){!function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function");e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,writable:!0,configurable:!0}}),Object.defineProperty(e,"prototype",{writable:!1}),t&&c(e,t)}(y,t);var r,o,m,f,d=(m=y,f=function(){if("undefined"==typeof Reflect||!Reflect.construct)return!1;if(Reflect.construct.sham)return!1;if("function"==typeof Proxy)return!0;try{return Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],(function(){}))),!0}catch(e){return!1}}(),function(){var e,t=p(m);if(f){var r=p(this).constructor;e=Reflect.construct(t,arguments,r)}else e=t.apply(this,arguments);return l(this,e)});function y(){var e;return i(this,y),(e=d.apply(this,arguments)).onChange=e.onChange.bind(u(e)),e.updateMetabox=e.updateMetabox.bind(u(e)),e.state={primaryTermId:"none",selectableTerms:[]},e}return r=y,(o=[{key:"componentDidMount",value:function(){var e=this,t=this.props.primaryTermId||"none";this.setState({primaryTermId:t}),this.metaboxField=document.querySelector("#seopress_robots_primary_cat"),this.metaboxField&&this.metaboxField.addEventListener("change",(function(t){e.setState({primaryTermId:t.target.value})}))}},{key:"componentDidUpdate",value:function(e,t){var r=this;if(e.allTerms!==this.props.allTerms||e.selectedTermIds!==this.props.selectedTermIds){var n=this.props.allTerms&&this.props.allTerms.length?this.props.allTerms.filter((function(e){return r.props.selectedTermIds.includes(e.id)})):[],o=this.props.selectedTermIds.length&&this.props.selectedTermIds.includes(parseInt(this.state.primaryTermId))?this.state.primaryTermId:"none";this.setState({selectableTerms:n,primaryTermId:o})}t.primaryTermId===this.state.primaryTermId&&t.selectableTerms===this.state.selectableTerms||this.updateMetabox(this.state.primaryTermId)}},{key:"updateMetabox",value:function(e){if(this.metaboxField){var t=this.getOptions().map((function(t){var r=t.value==e?'selected="selected"':"";return'<option value="'.concat(t.value,'" ').concat(r,">").concat(t.label,"</option>")}));this.metaboxField.value=e,this.metaboxField.innerHTML=t.join("")}}},{key:"getOptions",value:function(){return[{value:"none",label:(0,e.__)("None (will disable this feature)","wp-seopress")}].concat(function(e){if(Array.isArray(e))return a(e)}(t=this.state.selectableTerms.map((function(e){return{value:e.id,label:e.name}})))||function(e){if("undefined"!=typeof Symbol&&null!=e[Symbol.iterator]||null!=e["@@iterator"])return Array.from(e)}(t)||function(e,t){if(e){if("string"==typeof e)return a(e,t);var r=Object.prototype.toString.call(e).slice(8,-1);return"Object"===r&&e.constructor&&(r=e.constructor.name),"Map"===r||"Set"===r?Array.from(e):"Arguments"===r||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(r)?a(e,t):void 0}}(t)||function(){throw new TypeError("Invalid attempt to spread non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}());var t}},{key:"onChange",value:function(e){this.setState({primaryTermId:e})}},{key:"render",value:function(){return!!this.state.selectableTerms.length&&React.createElement(n.SelectControl,{label:(0,e.__)("Select a primary category","wp-seopress"),value:this.state.primaryTermId,options:this.getOptions(),onChange:this.onChange})}}])&&s(r.prototype,o),Object.defineProperty(r,"prototype",{writable:!1}),y}(t.Component),f=(0,r.withSelect)((function(e,t){var r=t.slug,n=e("core").getTaxonomy(r),o=n?e("core/editor").getEditedPostAttribute(n.rest_base):[];return{taxonomy:n,allTerms:e("core").getEntityRecords("taxonomy",r,{per_page:-1})||[],primaryTermId:e("core/editor").getEditedPostAttribute("meta")._seopress_robots_primary_cat||"none",selectedTermIds:o}}))(m);wp.hooks.addFilter("editor.PostTaxonomyType","wpseopress",(function(e){return function(t){return React.createElement(React.Fragment,null,React.createElement(e,t),t.slug&&"category"===t.slug&&React.createElement(n.PanelRow,{className:"seopress-primary-term-picker"},React.createElement(f,t)))}}))}();
1
+ !function(){"use strict";var e=window.wp.i18n,t=window.wp.element,r=window.wp.data,n=window.wp.components;function o(e){return o="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},o(e)}function a(e,t){(null==t||t>e.length)&&(t=e.length);for(var r=0,n=new Array(t);r<t;r++)n[r]=e[r];return n}function i(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function s(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}function l(e,t){return l=Object.setPrototypeOf?Object.setPrototypeOf.bind():function(e,t){return e.__proto__=t,e},l(e,t)}function c(e,t){if(t&&("object"===o(t)||"function"==typeof t))return t;if(void 0!==t)throw new TypeError("Derived constructors may only return object or undefined");return u(e)}function u(e){if(void 0===e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return e}function p(e){return p=Object.setPrototypeOf?Object.getPrototypeOf.bind():function(e){return e.__proto__||Object.getPrototypeOf(e)},p(e)}var m=function(t){!function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function");e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,writable:!0,configurable:!0}}),Object.defineProperty(e,"prototype",{writable:!1}),t&&l(e,t)}(y,t);var r,o,m,f,d=(m=y,f=function(){if("undefined"==typeof Reflect||!Reflect.construct)return!1;if(Reflect.construct.sham)return!1;if("function"==typeof Proxy)return!0;try{return Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],(function(){}))),!0}catch(e){return!1}}(),function(){var e,t=p(m);if(f){var r=p(this).constructor;e=Reflect.construct(t,arguments,r)}else e=t.apply(this,arguments);return c(this,e)});function y(){var e;return i(this,y),(e=d.apply(this,arguments)).onChange=e.onChange.bind(u(e)),e.updateMetabox=e.updateMetabox.bind(u(e)),e.onMetaboxChange=e.onMetaboxChange.bind(u(e)),e.state={primaryTermId:"none",selectableTerms:[]},e}return r=y,(o=[{key:"componentDidMount",value:function(){var e=this.props.primaryTermId||"none";this.setState({primaryTermId:e}),this.metaboxField=document.querySelector("#seopress_robots_primary_cat"),this.metaboxField&&this.metaboxField.addEventListener("change",this.onMetaboxChange)}},{key:"componentWillUnmount",value:function(){this.metaboxField&&this.metaboxField.removeEventListener("change",this.onMetaboxChange)}},{key:"componentDidUpdate",value:function(e,t){var r=this;if(e.allTerms!==this.props.allTerms||e.selectedTermIds!==this.props.selectedTermIds){var n=this.props.allTerms&&this.props.allTerms.length?this.props.allTerms.filter((function(e){return r.props.selectedTermIds.includes(e.id)})):[],o=this.props.selectedTermIds.length&&this.props.selectedTermIds.includes(parseInt(this.state.primaryTermId))?this.state.primaryTermId:"none";this.setState({selectableTerms:n,primaryTermId:o})}t.primaryTermId===this.state.primaryTermId&&t.selectableTerms===this.state.selectableTerms||this.updateMetabox(this.state.primaryTermId)}},{key:"updateMetabox",value:function(e){if(this.metaboxField&&this.state.selectableTerms&&this.state.selectableTerms.length){var t=this.getOptions().map((function(t){var r=t.value==e?'selected="selected"':"";return'<option value="'.concat(t.value,'" ').concat(r,">").concat(t.label,"</option>")}));this.metaboxField.value=e,this.metaboxField.innerHTML=t.join("")}}},{key:"getOptions",value:function(){return[{value:"none",label:(0,e.__)("None (will disable this feature)","wp-seopress")}].concat(function(e){if(Array.isArray(e))return a(e)}(t=this.state.selectableTerms.map((function(e){return{value:e.id,label:e.name}})))||function(e){if("undefined"!=typeof Symbol&&null!=e[Symbol.iterator]||null!=e["@@iterator"])return Array.from(e)}(t)||function(e,t){if(e){if("string"==typeof e)return a(e,t);var r=Object.prototype.toString.call(e).slice(8,-1);return"Object"===r&&e.constructor&&(r=e.constructor.name),"Map"===r||"Set"===r?Array.from(e):"Arguments"===r||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(r)?a(e,t):void 0}}(t)||function(){throw new TypeError("Invalid attempt to spread non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}());var t}},{key:"onChange",value:function(e){this.setState({primaryTermId:e})}},{key:"onMetaboxChange",value:function(e){this.setState({primaryTermId:e.target.value})}},{key:"render",value:function(){return!!this.metaboxField&&!!this.state.selectableTerms.length&&React.createElement(n.SelectControl,{label:(0,e.__)("Select a primary category","wp-seopress"),value:this.state.primaryTermId,options:this.getOptions(),onChange:this.onChange})}}])&&s(r.prototype,o),Object.defineProperty(r,"prototype",{writable:!1}),y}(t.Component),f=(0,r.withSelect)((function(e,t){var r=t.slug,n=e("core").getTaxonomy(r),o=n?e("core/editor").getEditedPostAttribute(n.rest_base):[];return{taxonomy:n,allTerms:e("core").getEntityRecords("taxonomy",r,{per_page:-1,context:"view"})||[],primaryTermId:e("core/editor").getEditedPostAttribute("meta")._seopress_robots_primary_cat||"none",selectedTermIds:o}}))(m);wp.hooks.addFilter("editor.PostTaxonomyType","wpseopress",(function(e){return function(t){return React.createElement(React.Fragment,null,React.createElement(e,t),t.slug&&"category"===t.slug&&React.createElement(n.PanelRow,{className:"seopress-primary-term-picker"},React.createElement(f,t)))}}))}();
assets/js/build/primary-category-select.js.map ADDED
@@ -0,0 +1 @@
 
1
+ {"version":3,"file":"primary-category-select.js","mappings":";;;;;;;;;;AAAA;;;;;;;;;;ACAA;;;;;;;;;;ACAA;;;;;;;;;;ACAA;;;;;;UCAA;UACA;;UAEA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;;UAEA;UACA;;UAEA;UACA;UACA;;;;;WCtBA;WACA;WACA;WACA,eAAe,4BAA4B;WAC3C,eAAe;WACf,iCAAiC,WAAW;WAC5C;WACA;;;;;WCPA;WACA;WACA;WACA;WACA,yCAAyC,wCAAwC;WACjF;WACA;WACA;;;;;WCPA,8CAA8C;;;;;WCA9C;WACA;WACA;WACA,uDAAuD,iBAAiB;WACxE;WACA,gDAAgD,aAAa;WAC7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACNA;AACA;AACA;AACA;;IAEMK;;;;;EACF,sBAAc;IAAA;;IAAA;;IACV,2BAASC,SAAT;IACA,MAAKC,QAAL,GAAgB,MAAKA,QAAL,CAAcC,IAAd,+BAAhB;IACA,MAAKC,aAAL,GAAqB,MAAKA,aAAL,CAAmBD,IAAnB,+BAArB;IACA,MAAKE,KAAL,GAAa;MACTC,aAAa,EAAE,MADN;MAETC,eAAe,EAAE;IAFR,CAAb;IAJU;EAQb;;;;WAED,6BAAoB;MAAA;;MAChB,IAAMD,aAAa,GAAG,KAAKE,KAAL,CAAWF,aAAX,IAA4B,MAAlD;MACA,KAAKG,QAAL,CAAc;QAAEH,aAAa,EAAbA;MAAF,CAAd;MACA,KAAKI,YAAL,GAAoBC,QAAQ,CAACC,aAAT,CAAuB,8BAAvB,CAApB;;MACA,IAAI,KAAKF,YAAT,EAAuB;QACnB,KAAKA,YAAL,CAAkBG,gBAAlB,CAAmC,QAAnC,EAA6C,UAAAC,CAAC,EAAI;UAC9C,MAAI,CAACL,QAAL,CAAc;YAAEH,aAAa,EAAEQ,CAAC,CAACC,MAAF,CAASC;UAA1B,CAAd;QACH,CAFD;MAGH;IACJ;;;WAED,4BAAmBC,SAAnB,EAA8BC,SAA9B,EAAyC;MAAA;;MACrC;MACA,IAAID,SAAS,CAACE,QAAV,KAAuB,KAAKX,KAAL,CAAWW,QAAlC,IAA8CF,SAAS,CAACG,eAAV,KAA8B,KAAKZ,KAAL,CAAWY,eAA3F,EAA4G;QACxG,IAAMb,eAAe,GAAG,KAAKC,KAAL,CAAWW,QAAX,IAAuB,KAAKX,KAAL,CAAWW,QAAX,CAAoBE,MAA3C,GAAoD,KAAKb,KAAL,CAAWW,QAAX,CAAoBG,MAApB,CAA2B,UAAAC,IAAI;UAAA,OAAI,MAAI,CAACf,KAAL,CAAWY,eAAX,CAA2BI,QAA3B,CAAoCD,IAAI,CAACE,EAAzC,CAAJ;QAAA,CAA/B,CAApD,GAAuI,EAA/J;QACA,IAAMnB,aAAa,GAAG,CAAC,KAAKE,KAAL,CAAWY,eAAX,CAA2BC,MAA5B,IAAsC,CAAC,KAAKb,KAAL,CAAWY,eAAX,CAA2BI,QAA3B,CAAoCE,QAAQ,CAAC,KAAKrB,KAAL,CAAWC,aAAZ,CAA5C,CAAvC,GAAiH,MAAjH,GAA0H,KAAKD,KAAL,CAAWC,aAA3J;QACA,KAAKG,QAAL,CAAc;UAAEF,eAAe,EAAfA,eAAF;UAAmBD,aAAa,EAAbA;QAAnB,CAAd;MACH;;MACD,IAAIY,SAAS,CAACZ,aAAV,KAA4B,KAAKD,KAAL,CAAWC,aAAvC,IAAwDY,SAAS,CAACX,eAAV,KAA8B,KAAKF,KAAL,CAAWE,eAArG,EAAsH;QAClH,KAAKH,aAAL,CAAmB,KAAKC,KAAL,CAAWC,aAA9B;MACH;IACJ;;;WAED,uBAAcqB,cAAd,EAA8B;MAC1B,IAAI,KAAKjB,YAAT,EAAuB;QACnB,IAAMkB,OAAO,GAAG,KAAKC,UAAL,GAAkBC,GAAlB,CAAsB,UAAAC,MAAM,EAAI;UAC5C,IAAMC,QAAQ,GAAGD,MAAM,CAACf,KAAP,IAAgBW,cAAhB,GAAiC,qBAAjC,GAAyD,EAA1E;UACA,iCAAyBI,MAAM,CAACf,KAAhC,gBAA0CgB,QAA1C,cAAsDD,MAAM,CAACE,KAA7D;QACH,CAHe,CAAhB;QAIA,KAAKvB,YAAL,CAAkBM,KAAlB,GAA0BW,cAA1B;QACA,KAAKjB,YAAL,CAAkBwB,SAAlB,GAA8BN,OAAO,CAACO,IAAR,CAAa,EAAb,CAA9B;MACH;IACJ;;;WAED,sBAAa;MACT,QACI;QAAEnB,KAAK,EAAE,MAAT;QAAiBiB,KAAK,EAAEtC,mDAAE,CAAC,kCAAD,EAAqC,aAArC;MAA1B,CADJ,4BAEO,KAAKU,KAAL,CAAWE,eAAX,CAA2BuB,GAA3B,CAA+B,UAACP,IAAD;QAAA,OAAW;UAAEP,KAAK,EAAEO,IAAI,CAACE,EAAd;UAAkBQ,KAAK,EAAEV,IAAI,CAACa;QAA9B,CAAX;MAAA,CAA/B,CAFP;IAIH;;;WAED,kBAASC,MAAT,EAAiB;MACb,KAAK5B,QAAL,CAAc;QAAEH,aAAa,EAAE+B;MAAjB,CAAd;IACH;;;WAED,kBAAS;MACL,OAAO,CAAC,CAAC,KAAKhC,KAAL,CAAWE,eAAX,CAA2Bc,MAA7B,iBACH,oBAAC,gEAAD;QACI,KAAK,EAAE1B,mDAAE,CAAC,2BAAD,EAA8B,aAA9B,CADb;QAEI,KAAK,EAAE,KAAKU,KAAL,CAAWC,aAFtB;QAGI,OAAO,EAAE,KAAKuB,UAAL,EAHb;QAII,QAAQ,EAAE,KAAK3B;MAJnB,EADJ;IAQH;;;;EAjEoBN;;AAqEzB,IAAM0C,iBAAiB,GAAGzC,2DAAU,CAAC,UAAC0C,MAAD,QAAsB;EAAA,IAAXC,IAAW,QAAXA,IAAW;EACvD,IAAMC,QAAQ,GAAGF,MAAM,CAAC,MAAD,CAAN,CAAeG,WAAf,CAA2BF,IAA3B,CAAjB;EACA,IAAMpB,eAAe,GAAGqB,QAAQ,GAAGF,MAAM,CAAC,aAAD,CAAN,CAAsBI,sBAAtB,CAA6CF,QAAQ,CAACG,SAAtD,CAAH,GAAsE,EAAtG;EACA,IAAMzB,QAAQ,GAAGoB,MAAM,CAAC,MAAD,CAAN,CAAeM,gBAAf,CAAgC,UAAhC,EAA4CL,IAA5C,EAAkD;IAAEM,QAAQ,EAAE,CAAC;EAAb,CAAlD,KAAuE,EAAxF;EACA,IAAMxC,aAAa,GAAGiC,MAAM,CAAC,aAAD,CAAN,CAAsBI,sBAAtB,CAA6C,MAA7C,EAAqD,8BAArD,KAAwF,MAA9G;EACA,OAAO;IAAEF,QAAQ,EAARA,QAAF;IAAYtB,QAAQ,EAARA,QAAZ;IAAsBb,aAAa,EAAbA,aAAtB;IAAqCc,eAAe,EAAfA;EAArC,CAAP;AACH,CANmC,CAAV,CAMvBpB,UANuB,CAA1B;AASA+C,EAAE,CAACC,KAAH,CAASC,SAAT,CACI,yBADJ,EAEI,YAFJ,EAGI,UAACC,cAAD;EAAA,OAAoB,UAAC1C,KAAD,EAAW;IAC3B,oBACI,uDACI,oBAAC,cAAD,EAAoBA,KAApB,CADJ,EAEKA,KAAK,CAACgC,IAAN,IAAc,eAAehC,KAAK,CAACgC,IAAnC,iBACG,oBAAC,2DAAD;MAAU,SAAS,EAAC;IAApB,gBACI,oBAAC,iBAAD,EAAuBhC,KAAvB,CADJ,CAHR,CADJ;EAUH,CAXD;AAAA,CAHJ,E","sources":["webpack://wp-seopress/external window [\"wp\",\"components\"]","webpack://wp-seopress/external window [\"wp\",\"data\"]","webpack://wp-seopress/external window [\"wp\",\"element\"]","webpack://wp-seopress/external window [\"wp\",\"i18n\"]","webpack://wp-seopress/webpack/bootstrap","webpack://wp-seopress/webpack/runtime/compat get default export","webpack://wp-seopress/webpack/runtime/define property getters","webpack://wp-seopress/webpack/runtime/hasOwnProperty shorthand","webpack://wp-seopress/webpack/runtime/make namespace object","webpack://wp-seopress/./assets/js/src/primary-category-select.js"],"sourcesContent":["module.exports = window[\"wp\"][\"components\"];","module.exports = window[\"wp\"][\"data\"];","module.exports = window[\"wp\"][\"element\"];","module.exports = window[\"wp\"][\"i18n\"];","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\t__webpack_modules__[moduleId](module, module.exports, __webpack_require__);\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","// getDefaultExport function for compatibility with non-harmony modules\n__webpack_require__.n = function(module) {\n\tvar getter = module && module.__esModule ?\n\t\tfunction() { return module['default']; } :\n\t\tfunction() { return module; };\n\t__webpack_require__.d(getter, { a: getter });\n\treturn getter;\n};","// define getter functions for harmony exports\n__webpack_require__.d = function(exports, definition) {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.o = function(obj, prop) { return Object.prototype.hasOwnProperty.call(obj, prop); }","// define __esModule on exports\n__webpack_require__.r = function(exports) {\n\tif(typeof Symbol !== 'undefined' && Symbol.toStringTag) {\n\t\tObject.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });\n\t}\n\tObject.defineProperty(exports, '__esModule', { value: true });\n};","import { __ } from '@wordpress/i18n'\nimport { Component } from '@wordpress/element'\nimport { withSelect } from '@wordpress/data';\nimport { PanelRow, SelectControl } from '@wordpress/components'\n\nclass TermSelect extends Component {\n constructor() {\n super(...arguments);\n this.onChange = this.onChange.bind(this);\n this.updateMetabox = this.updateMetabox.bind(this);\n this.state = {\n primaryTermId: 'none',\n selectableTerms: [],\n }\n }\n\n componentDidMount() {\n const primaryTermId = this.props.primaryTermId || 'none';\n this.setState({ primaryTermId });\n this.metaboxField = document.querySelector('#seopress_robots_primary_cat');\n if (this.metaboxField) {\n this.metaboxField.addEventListener('change', e => {\n this.setState({ primaryTermId: e.target.value });\n });\n }\n }\n\n componentDidUpdate(prevProps, prevState) {\n // If available terms or selected terms have changed, check state.\n if (prevProps.allTerms !== this.props.allTerms || prevProps.selectedTermIds !== this.props.selectedTermIds) {\n const selectableTerms = this.props.allTerms && this.props.allTerms.length ? this.props.allTerms.filter(term => this.props.selectedTermIds.includes(term.id)) : [];\n const primaryTermId = !this.props.selectedTermIds.length || !this.props.selectedTermIds.includes(parseInt(this.state.primaryTermId)) ? 'none' : this.state.primaryTermId;\n this.setState({ selectableTerms, primaryTermId });\n }\n if (prevState.primaryTermId !== this.state.primaryTermId || prevState.selectableTerms !== this.state.selectableTerms) {\n this.updateMetabox(this.state.primaryTermId);\n }\n }\n\n updateMetabox(selectedTermId) {\n if (this.metaboxField) {\n const options = this.getOptions().map(option => {\n const selected = option.value == selectedTermId ? 'selected=\"selected\"' : '';\n return `<option value=\"${option.value}\" ${selected}>${option.label}</option>`;\n });\n this.metaboxField.value = selectedTermId;\n this.metaboxField.innerHTML = options.join('');\n }\n }\n\n getOptions() {\n return [\n { value: 'none', label: __('None (will disable this feature)', 'wp-seopress') },\n ...this.state.selectableTerms.map((term) => ({ value: term.id, label: term.name, }))\n ];\n }\n\n onChange(termId) {\n this.setState({ primaryTermId: termId });\n }\n\n render() {\n return !!this.state.selectableTerms.length && (\n <SelectControl\n label={__('Select a primary category', 'wp-seopress')}\n value={this.state.primaryTermId}\n options={this.getOptions()}\n onChange={this.onChange}\n />\n );\n }\n}\n\n\nconst PrimaryTermSelect = withSelect((select, { slug }) => {\n const taxonomy = select('core').getTaxonomy(slug);\n const selectedTermIds = taxonomy ? select('core/editor').getEditedPostAttribute(taxonomy.rest_base) : [];\n const allTerms = select('core').getEntityRecords('taxonomy', slug, { per_page: -1 }) || [];\n const primaryTermId = select('core/editor').getEditedPostAttribute('meta')['_seopress_robots_primary_cat'] || 'none';\n return { taxonomy, allTerms, primaryTermId, selectedTermIds }\n})(TermSelect);\n\n\nwp.hooks.addFilter(\n 'editor.PostTaxonomyType',\n 'wpseopress',\n (PostTaxonomies) => (props) => {\n return (\n <>\n <PostTaxonomies {...props} />\n {props.slug && 'category' === props.slug &&\n <PanelRow className=\"seopress-primary-term-picker\">\n <PrimaryTermSelect {...props} />\n </PanelRow>\n }\n </>\n );\n }\n)"],"names":["__","Component","withSelect","PanelRow","SelectControl","TermSelect","arguments","onChange","bind","updateMetabox","state","primaryTermId","selectableTerms","props","setState","metaboxField","document","querySelector","addEventListener","e","target","value","prevProps","prevState","allTerms","selectedTermIds","length","filter","term","includes","id","parseInt","selectedTermId","options","getOptions","map","option","selected","label","innerHTML","join","name","termId","PrimaryTermSelect","select","slug","taxonomy","getTaxonomy","getEditedPostAttribute","rest_base","getEntityRecords","per_page","wp","hooks","addFilter","PostTaxonomies"],"sourceRoot":""}
assets/js/src/primary-category-select.js CHANGED
@@ -8,6 +8,7 @@ class TermSelect extends Component {
8
  super(...arguments);
9
  this.onChange = this.onChange.bind(this);
10
  this.updateMetabox = this.updateMetabox.bind(this);
 
11
  this.state = {
12
  primaryTermId: 'none',
13
  selectableTerms: [],
@@ -19,9 +20,13 @@ class TermSelect extends Component {
19
  this.setState({ primaryTermId });
20
  this.metaboxField = document.querySelector('#seopress_robots_primary_cat');
21
  if (this.metaboxField) {
22
- this.metaboxField.addEventListener('change', e => {
23
- this.setState({ primaryTermId: e.target.value });
24
- });
 
 
 
 
25
  }
26
  }
27
 
@@ -38,7 +43,7 @@ class TermSelect extends Component {
38
  }
39
 
40
  updateMetabox(selectedTermId) {
41
- if (this.metaboxField) {
42
  const options = this.getOptions().map(option => {
43
  const selected = option.value == selectedTermId ? 'selected="selected"' : '';
44
  return `<option value="${option.value}" ${selected}>${option.label}</option>`;
@@ -59,8 +64,12 @@ class TermSelect extends Component {
59
  this.setState({ primaryTermId: termId });
60
  }
61
 
 
 
 
 
62
  render() {
63
- return !!this.state.selectableTerms.length && (
64
  <SelectControl
65
  label={__('Select a primary category', 'wp-seopress')}
66
  value={this.state.primaryTermId}
@@ -75,7 +84,7 @@ class TermSelect extends Component {
75
  const PrimaryTermSelect = withSelect((select, { slug }) => {
76
  const taxonomy = select('core').getTaxonomy(slug);
77
  const selectedTermIds = taxonomy ? select('core/editor').getEditedPostAttribute(taxonomy.rest_base) : [];
78
- const allTerms = select('core').getEntityRecords('taxonomy', slug, { per_page: -1 }) || [];
79
  const primaryTermId = select('core/editor').getEditedPostAttribute('meta')['_seopress_robots_primary_cat'] || 'none';
80
  return { taxonomy, allTerms, primaryTermId, selectedTermIds }
81
  })(TermSelect);
8
  super(...arguments);
9
  this.onChange = this.onChange.bind(this);
10
  this.updateMetabox = this.updateMetabox.bind(this);
11
+ this.onMetaboxChange = this.onMetaboxChange.bind(this);
12
  this.state = {
13
  primaryTermId: 'none',
14
  selectableTerms: [],
20
  this.setState({ primaryTermId });
21
  this.metaboxField = document.querySelector('#seopress_robots_primary_cat');
22
  if (this.metaboxField) {
23
+ this.metaboxField.addEventListener('change', this.onMetaboxChange);
24
+ }
25
+ }
26
+
27
+ componentWillUnmount() {
28
+ if (this.metaboxField) {
29
+ this.metaboxField.removeEventListener('change', this.onMetaboxChange);
30
  }
31
  }
32
 
43
  }
44
 
45
  updateMetabox(selectedTermId) {
46
+ if (this.metaboxField && this.state.selectableTerms && this.state.selectableTerms.length) {
47
  const options = this.getOptions().map(option => {
48
  const selected = option.value == selectedTermId ? 'selected="selected"' : '';
49
  return `<option value="${option.value}" ${selected}>${option.label}</option>`;
64
  this.setState({ primaryTermId: termId });
65
  }
66
 
67
+ onMetaboxChange(e) {
68
+ this.setState({ primaryTermId: e.target.value });
69
+ }
70
+
71
  render() {
72
+ return !!this.metaboxField && !!this.state.selectableTerms.length && (
73
  <SelectControl
74
  label={__('Select a primary category', 'wp-seopress')}
75
  value={this.state.primaryTermId}
84
  const PrimaryTermSelect = withSelect((select, { slug }) => {
85
  const taxonomy = select('core').getTaxonomy(slug);
86
  const selectedTermIds = taxonomy ? select('core/editor').getEditedPostAttribute(taxonomy.rest_base) : [];
87
+ const allTerms = select('core').getEntityRecords('taxonomy', slug, { per_page: -1, context: 'view' }) || [];
88
  const primaryTermId = select('core/editor').getEditedPostAttribute('meta')['_seopress_robots_primary_cat'] || 'none';
89
  return { taxonomy, allTerms, primaryTermId, selectedTermIds }
90
  })(TermSelect);
inc/admin/metaboxes/admin-metaboxes.php CHANGED
@@ -242,6 +242,7 @@ function seopress_display_seo_metaboxe()
242
  function seopress_cpt($post)
243
  {
244
  global $typenow;
 
245
  $prefix = defined('SCRIPT_DEBUG') && SCRIPT_DEBUG ? '' : '.min';
246
  wp_nonce_field(plugin_basename(__FILE__), 'seopress_cpt_nonce');
247
 
@@ -267,7 +268,9 @@ function seopress_display_seo_metaboxe()
267
  if (isset($get_current_screen->is_block_editor)) {
268
  if ($get_current_screen->is_block_editor) {
269
  wp_enqueue_script('seopress-block-editor-js', SEOPRESS_ASSETS_DIR . '/js/seopress-block-editor' . $prefix . '.js', ['jquery'], SEOPRESS_VERSION, true);
270
- wp_enqueue_script( 'seopress-primary-category-js', SEOPRESS_ASSETS_DIR . '/js/build/primary-category-select.js', ['wp-hooks'], SEOPRESS_VERSION, true);
 
 
271
  }
272
  }
273
  }
242
  function seopress_cpt($post)
243
  {
244
  global $typenow;
245
+ global $wp_version;
246
  $prefix = defined('SCRIPT_DEBUG') && SCRIPT_DEBUG ? '' : '.min';
247
  wp_nonce_field(plugin_basename(__FILE__), 'seopress_cpt_nonce');
248
 
268
  if (isset($get_current_screen->is_block_editor)) {
269
  if ($get_current_screen->is_block_editor) {
270
  wp_enqueue_script('seopress-block-editor-js', SEOPRESS_ASSETS_DIR . '/js/seopress-block-editor' . $prefix . '.js', ['jquery'], SEOPRESS_VERSION, true);
271
+ if ( version_compare( $wp_version, '5.8', '>=' ) ) {
272
+ wp_enqueue_script( 'seopress-primary-category-js', SEOPRESS_ASSETS_DIR . '/js/build/primary-category-select.js', ['wp-hooks'], SEOPRESS_VERSION, true);
273
+ }
274
  }
275
  }
276
  }
inc/functions/options-instant-indexing.php CHANGED
@@ -134,13 +134,13 @@ function seopress_instant_indexing_fn($is_manual_submission = true, $permalink =
134
  //Prepare the URLS
135
  if ($is_manual_submission === true) {
136
  $urls = preg_split('/\r\n|\r|\n/', $urls);
137
- $x_source_info = 'https://www.seopress.org/5.8.0.4/true';
138
 
139
  $urls = array_slice($urls, 0, 100);
140
  } elseif ($is_manual_submission === false && !empty($permalink)) {
141
  $urls = null;
142
  $urls[] = $permalink;
143
- $x_source_info = 'https://www.seopress.org/5.8.0.4/false';
144
  }
145
 
146
  //Bing API
134
  //Prepare the URLS
135
  if ($is_manual_submission === true) {
136
  $urls = preg_split('/\r\n|\r|\n/', $urls);
137
+ $x_source_info = 'https://www.seopress.org/5.8.0.5/true';
138
 
139
  $urls = array_slice($urls, 0, 100);
140
  } elseif ($is_manual_submission === false && !empty($permalink)) {
141
  $urls = null;
142
  $urls[] = $permalink;
143
+ $x_source_info = 'https://www.seopress.org/5.8.0.5/false';
144
  }
145
 
146
  //Bing API
languages/wp-seopress.pot CHANGED
@@ -2,14 +2,14 @@
2
  # This file is distributed under the GPLv2.
3
  msgid ""
4
  msgstr ""
5
- "Project-Id-Version: SEOPress 5.8.0.4\n"
6
  "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-seopress\n"
7
  "Last-Translator: SEOPress Team <contact@seopress.org>\n"
8
  "Language-Team: SEOPress Team <contact@seopress.org>\n"
9
  "MIME-Version: 1.0\n"
10
  "Content-Type: text/plain; charset=UTF-8\n"
11
  "Content-Transfer-Encoding: 8bit\n"
12
- "POT-Creation-Date: 2022-07-06T12:44:39+00:00\n"
13
  "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14
  "X-Generator: WP-CLI 2.6.0\n"
15
  "X-Domain: wp-seopress\n"
@@ -620,7 +620,7 @@ msgstr ""
620
  #: inc/admin/admin-pages/Sitemaps.php:43
621
  #: inc/admin/admin-pages/Social.php:43
622
  #: inc/admin/admin-pages/Titles.php:54
623
- #: seopress-functions.php:714
624
  msgid "Save changes"
625
  msgstr ""
626
 
@@ -1032,7 +1032,7 @@ msgid "Get started"
1032
  msgstr ""
1033
 
1034
  #: inc/admin/blocks/get-started.php:25
1035
- #: seopress-functions.php:505
1036
  msgid "Dismiss"
1037
  msgstr ""
1038
 
@@ -2702,8 +2702,11 @@ msgstr ""
2702
  #: inc/admin/page-builders/elementor/inc/admin/class-document-settings-section.php:286
2703
  #: inc/admin/wizard/admin-wizard.php:714
2704
  #: src/Helpers/Metas/RobotSettings.php:19
 
2705
  #: assets/js/build/primary-category-select.js:1
2706
- #: assets/js/src/primary-category-select.js:53
 
 
2707
  msgid "None (will disable this feature)"
2708
  msgstr ""
2709
 
@@ -3696,8 +3699,11 @@ msgstr ""
3696
  #: inc/admin/metaboxes/admin-metaboxes-form.php:334
3697
  #: inc/admin/page-builders/elementor/inc/admin/class-document-settings-section.php:293
3698
  #: src/Helpers/Metas/RobotSettings.php:109
 
3699
  #: assets/js/build/primary-category-select.js:1
3700
- #: assets/js/src/primary-category-select.js:65
 
 
3701
  msgid "Select a primary category"
3702
  msgstr ""
3703
 
@@ -4137,15 +4143,15 @@ msgstr ""
4137
  msgid "Add video"
4138
  msgstr ""
4139
 
4140
- #: inc/admin/metaboxes/admin-metaboxes.php:280
4141
- #: inc/admin/metaboxes/admin-metaboxes.php:656
4142
  #: inc/admin/metaboxes/admin-term-metaboxes.php:215
4143
  #: inc/admin/page-builders/elementor/inc/admin/class-document-settings-section.php:72
4144
  #: inc/admin/page-builders/elementor/inc/controls/class-content-analysis-control.php:35
4145
  msgid "Analysis in progress..."
4146
  msgstr ""
4147
 
4148
- #: inc/admin/metaboxes/admin-metaboxes.php:637
4149
  #: src/Services/ContentAnalysis/RenderContentAnalysis.php:19
4150
  msgid "Content analysis"
4151
  msgstr ""
@@ -5624,7 +5630,7 @@ msgid "Custom Taxonomies"
5624
  msgstr ""
5625
 
5626
  #. translators: %s: "Custom Post Types" or "Custom Taxonomies" %s: "title" or "description"
5627
- #: seopress-functions.php:332
5628
  msgid "Some <strong>%s</strong> have no <strong>meta %s</strong> set! We strongly encourage you to add one by filling in the fields below."
5629
  msgstr ""
5630
 
2
  # This file is distributed under the GPLv2.
3
  msgid ""
4
  msgstr ""
5
+ "Project-Id-Version: SEOPress 5.8.0.5\n"
6
  "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-seopress\n"
7
  "Last-Translator: SEOPress Team <contact@seopress.org>\n"
8
  "Language-Team: SEOPress Team <contact@seopress.org>\n"
9
  "MIME-Version: 1.0\n"
10
  "Content-Type: text/plain; charset=UTF-8\n"
11
  "Content-Transfer-Encoding: 8bit\n"
12
+ "POT-Creation-Date: 2022-07-08T13:09:11+00:00\n"
13
  "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14
  "X-Generator: WP-CLI 2.6.0\n"
15
  "X-Domain: wp-seopress\n"
620
  #: inc/admin/admin-pages/Sitemaps.php:43
621
  #: inc/admin/admin-pages/Social.php:43
622
  #: inc/admin/admin-pages/Titles.php:54
623
+ #: seopress-functions.php:718
624
  msgid "Save changes"
625
  msgstr ""
626
 
1032
  msgstr ""
1033
 
1034
  #: inc/admin/blocks/get-started.php:25
1035
+ #: seopress-functions.php:509
1036
  msgid "Dismiss"
1037
  msgstr ""
1038
 
2702
  #: inc/admin/page-builders/elementor/inc/admin/class-document-settings-section.php:286
2703
  #: inc/admin/wizard/admin-wizard.php:714
2704
  #: src/Helpers/Metas/RobotSettings.php:19
2705
+ #: app/gutenberg/primary-category-select/primary-category-select.js:75
2706
  #: assets/js/build/primary-category-select.js:1
2707
+ #: assets/js/src/primary-category-select.js:58
2708
+ #: public/gutenberg/primary-category-select.js:1
2709
+ #: assets/js/build/primary-category-select.js:106
2710
  msgid "None (will disable this feature)"
2711
  msgstr ""
2712
 
3699
  #: inc/admin/metaboxes/admin-metaboxes-form.php:334
3700
  #: inc/admin/page-builders/elementor/inc/admin/class-document-settings-section.php:293
3701
  #: src/Helpers/Metas/RobotSettings.php:109
3702
+ #: app/gutenberg/primary-category-select/primary-category-select.js:92
3703
  #: assets/js/build/primary-category-select.js:1
3704
+ #: assets/js/src/primary-category-select.js:74
3705
+ #: public/gutenberg/primary-category-select.js:1
3706
+ #: assets/js/build/primary-category-select.js:118
3707
  msgid "Select a primary category"
3708
  msgstr ""
3709
 
4143
  msgid "Add video"
4144
  msgstr ""
4145
 
4146
+ #: inc/admin/metaboxes/admin-metaboxes.php:283
4147
+ #: inc/admin/metaboxes/admin-metaboxes.php:659
4148
  #: inc/admin/metaboxes/admin-term-metaboxes.php:215
4149
  #: inc/admin/page-builders/elementor/inc/admin/class-document-settings-section.php:72
4150
  #: inc/admin/page-builders/elementor/inc/controls/class-content-analysis-control.php:35
4151
  msgid "Analysis in progress..."
4152
  msgstr ""
4153
 
4154
+ #: inc/admin/metaboxes/admin-metaboxes.php:640
4155
  #: src/Services/ContentAnalysis/RenderContentAnalysis.php:19
4156
  msgid "Content analysis"
4157
  msgstr ""
5630
  msgstr ""
5631
 
5632
  #. translators: %s: "Custom Post Types" or "Custom Taxonomies" %s: "title" or "description"
5633
+ #: seopress-functions.php:336
5634
  msgid "Some <strong>%s</strong> have no <strong>meta %s</strong> set! We strongly encourage you to add one by filling in the fields below."
5635
  msgstr ""
5636
 
public/gutenberg/primary-category-select.asset.php ADDED
@@ -0,0 +1 @@
 
1
+ <?php return array('dependencies' => array('wp-components', 'wp-data', 'wp-element', 'wp-i18n'), 'version' => 'd4454d6cec16e500ca82');
public/gutenberg/primary-category-select.js ADDED
@@ -0,0 +1 @@
 
1
+ !function(){"use strict";var e=window.wp.i18n,t=window.wp.element,r=window.wp.data,n=window.wp.components;function o(e){return o="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},o(e)}function a(e,t){(null==t||t>e.length)&&(t=e.length);for(var r=0,n=new Array(t);r<t;r++)n[r]=e[r];return n}function i(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function s(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}function c(e,t){return c=Object.setPrototypeOf?Object.setPrototypeOf.bind():function(e,t){return e.__proto__=t,e},c(e,t)}function l(e,t){if(t&&("object"===o(t)||"function"==typeof t))return t;if(void 0!==t)throw new TypeError("Derived constructors may only return object or undefined");return u(e)}function u(e){if(void 0===e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return e}function p(e){return p=Object.setPrototypeOf?Object.getPrototypeOf.bind():function(e){return e.__proto__||Object.getPrototypeOf(e)},p(e)}var m=function(t){!function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function");e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,writable:!0,configurable:!0}}),Object.defineProperty(e,"prototype",{writable:!1}),t&&c(e,t)}(y,t);var r,o,m,f,d=(m=y,f=function(){if("undefined"==typeof Reflect||!Reflect.construct)return!1;if(Reflect.construct.sham)return!1;if("function"==typeof Proxy)return!0;try{return Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],(function(){}))),!0}catch(e){return!1}}(),function(){var e,t=p(m);if(f){var r=p(this).constructor;e=Reflect.construct(t,arguments,r)}else e=t.apply(this,arguments);return l(this,e)});function y(){var e;return i(this,y),(e=d.apply(this,arguments)).onChange=e.onChange.bind(u(e)),e.updateMetabox=e.updateMetabox.bind(u(e)),e.state={primaryTermId:"none",selectableTerms:[]},e}return r=y,(o=[{key:"componentDidMount",value:function(){var e=this,t=this.props.primaryTermId||"none";this.setState({primaryTermId:t}),this.metaboxField=document.querySelector("#seopress_robots_primary_cat"),this.metaboxField&&this.metaboxField.addEventListener("change",(function(t){e.setState({primaryTermId:t.target.value})}))}},{key:"componentDidUpdate",value:function(e,t){var r=this;if(e.allTerms!==this.props.allTerms||e.selectedTermIds!==this.props.selectedTermIds){var n=this.props.allTerms&&this.props.allTerms.length?this.props.allTerms.filter((function(e){return r.props.selectedTermIds.includes(e.id)})):[],o=this.props.selectedTermIds.length&&this.props.selectedTermIds.includes(parseInt(this.state.primaryTermId))?this.state.primaryTermId:"none";this.setState({selectableTerms:n,primaryTermId:o})}t.primaryTermId===this.state.primaryTermId&&t.selectableTerms===this.state.selectableTerms||this.updateMetabox(this.state.primaryTermId)}},{key:"updateMetabox",value:function(e){if(this.metaboxField){var t=this.getOptions().map((function(t){var r=t.value==e?'selected="selected"':"";return'<option value="'.concat(t.value,'" ').concat(r,">").concat(t.label,"</option>")}));this.metaboxField.value=e,this.metaboxField.innerHTML=t.join("")}}},{key:"getOptions",value:function(){return[{value:"none",label:(0,e.__)("None (will disable this feature)","wp-seopress")}].concat(function(e){if(Array.isArray(e))return a(e)}(t=this.state.selectableTerms.map((function(e){return{value:e.id,label:e.name}})))||function(e){if("undefined"!=typeof Symbol&&null!=e[Symbol.iterator]||null!=e["@@iterator"])return Array.from(e)}(t)||function(e,t){if(e){if("string"==typeof e)return a(e,t);var r=Object.prototype.toString.call(e).slice(8,-1);return"Object"===r&&e.constructor&&(r=e.constructor.name),"Map"===r||"Set"===r?Array.from(e):"Arguments"===r||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(r)?a(e,t):void 0}}(t)||function(){throw new TypeError("Invalid attempt to spread non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}());var t}},{key:"onChange",value:function(e){this.setState({primaryTermId:e})}},{key:"render",value:function(){return!!this.state.selectableTerms.length&&React.createElement(n.SelectControl,{label:(0,e.__)("Select a primary category","wp-seopress"),value:this.state.primaryTermId,options:this.getOptions(),onChange:this.onChange})}}])&&s(r.prototype,o),Object.defineProperty(r,"prototype",{writable:!1}),y}(t.Component),f=(0,r.withSelect)((function(e,t){var r=t.slug,n=e("core").getTaxonomy(r),o=n?e("core/editor").getEditedPostAttribute(n.rest_base):[];return{taxonomy:n,allTerms:e("core").getEntityRecords("taxonomy",r,{per_page:-1})||[],primaryTermId:e("core/editor").getEditedPostAttribute("meta")._seopress_robots_primary_cat||"none",selectedTermIds:o}}))(m);wp.hooks.addFilter("editor.PostTaxonomyType","wpseopress",(function(e){return function(t){return React.createElement(React.Fragment,null,React.createElement(e,t),t.slug&&"category"===t.slug&&React.createElement(n.PanelRow,{className:"seopress-primary-term-picker"},React.createElement(f,t)))}}))}();
readme.txt CHANGED
@@ -6,11 +6,11 @@ Tags: SEO, schema, xml sitemap, redirection, meta title, open graph, content ana
6
  Requires at least: 4.7+
7
  Tested up to: 6.0
8
  Requires PHP: 7.2
9
- Stable tag: 5.8.0.4
10
  License: GPLv2 or later
11
  License URI: https://www.gnu.org/licenses/gpl-2.0.html
12
 
13
- Rank higher in search engines with SEOPress, a simple, fast and powerful all in one SEO plugin for WordPress. No ads, no footprints, no anonymous data sent, white label.
14
 
15
  == Description ==
16
 
@@ -197,6 +197,7 @@ SEOPress is translated into multiple languages including:
197
  <li>🇨🇳 中文 (Chinese (China)) - professional translation</li>
198
  <li>🇧🇷 Português do Brasil (Portuguese (Brazil)) - professional translation</li>
199
  <li>🇵🇱 Polskie (Polish) - professional translation</li>
 
200
  <li>🇬🇷 Ελληνικά (Greek)</li>
201
  <li>🇧🇬 Български (Bulgarian)</li>
202
  <li>🇮🇩 Bahasa Indonesia (Indonesian)</li>
@@ -362,6 +363,10 @@ You're theme is probably using a deprecated function to handle the title. <a hre
362
  12. Schema metabox
363
 
364
  == Changelog ==
 
 
 
 
365
  = 5.8.0.4 =
366
  * FIX Fatal error in Content Analysis metabox causing jQuery errors (thanks to @polishdreamer)
367
  = 5.8.0.3 =
6
  Requires at least: 4.7+
7
  Tested up to: 6.0
8
  Requires PHP: 7.2
9
+ Stable tag: 5.8.0.5
10
  License: GPLv2 or later
11
  License URI: https://www.gnu.org/licenses/gpl-2.0.html
12
 
13
+ SEOPress, a simple, fast and powerful all in one SEO plugin for WordPress. Rank higher in search engines, fully white label.
14
 
15
  == Description ==
16
 
197
  <li>🇨🇳 中文 (Chinese (China)) - professional translation</li>
198
  <li>🇧🇷 Português do Brasil (Portuguese (Brazil)) - professional translation</li>
199
  <li>🇵🇱 Polskie (Polish) - professional translation</li>
200
+ <li>🇸🇪 Svenska (Swedish) - professional translation</li>
201
  <li>🇬🇷 Ελληνικά (Greek)</li>
202
  <li>🇧🇬 Български (Bulgarian)</li>
203
  <li>🇮🇩 Bahasa Indonesia (Indonesian)</li>
363
  12. Schema metabox
364
 
365
  == Changelog ==
366
+ = 5.8.0.5 =
367
+ * FIX Downgrade Google Auth API to prevent errors with hosting using PHP parser
368
+ * FIX "Sorry, you do not have permission to edit the _seopress_robots_primary_cat custom field." error
369
+ * FIX Remove "Inspect URL with Google" tab from Universal SEO metabox if disabled
370
  = 5.8.0.4 =
371
  * FIX Fatal error in Content Analysis metabox causing jQuery errors (thanks to @polishdreamer)
372
  = 5.8.0.3 =
seopress-functions.php CHANGED
@@ -296,17 +296,21 @@ function seopress_get_empty_templates($type, $metadata, $notice = true) {
296
 
297
  if (!empty($options)) {
298
  if ('cpt' === $type) {
299
- if (!array_key_exists($key, $options['seopress_titles_single_titles'])) {
300
- $cpt_titles_empty[] = $key;
301
- } else {
302
- $data = isset($options['seopress_titles_single_titles'][$key][$metadata]) ? $options['seopress_titles_single_titles'][$key][$metadata] : '';
 
 
303
  }
304
  }
305
  if ('tax' === $type) {
306
- if (!array_key_exists($key, $options['seopress_titles_tax_titles'])) {
307
- $cpt_titles_empty[] = $key;
308
- } else {
309
- $data = isset($options['seopress_titles_tax_titles'][$key][$metadata]) ? $options['seopress_titles_tax_titles'][$key][$metadata] : '';
 
 
310
  }
311
  }
312
  }
296
 
297
  if (!empty($options)) {
298
  if ('cpt' === $type) {
299
+ if (!empty($options['seopress_titles_single_titles'])) {
300
+ if (!array_key_exists($key, $options['seopress_titles_single_titles'])) {
301
+ $cpt_titles_empty[] = $key;
302
+ } else {
303
+ $data = isset($options['seopress_titles_single_titles'][$key][$metadata]) ? $options['seopress_titles_single_titles'][$key][$metadata] : '';
304
+ }
305
  }
306
  }
307
  if ('tax' === $type) {
308
+ if (!empty($options['seopress_titles_tax_titles'])) {
309
+ if (!array_key_exists($key, $options['seopress_titles_tax_titles'])) {
310
+ $cpt_titles_empty[] = $key;
311
+ } else {
312
+ $data = isset($options['seopress_titles_tax_titles'][$key][$metadata]) ? $options['seopress_titles_tax_titles'][$key][$metadata] : '';
313
+ }
314
  }
315
  }
316
  }
seopress.php CHANGED
@@ -4,7 +4,7 @@ Plugin Name: SEOPress
4
  Plugin URI: https://www.seopress.org/
5
  Description: One of the best SEO plugins for WordPress.
6
  Author: SEOPress
7
- Version: 5.8.0.4
8
  Author URI: https://www.seopress.org/
9
  License: GPLv2
10
  Text Domain: wp-seopress
@@ -70,7 +70,7 @@ register_deactivation_hook(__FILE__, 'seopress_deactivation');
70
  ///////////////////////////////////////////////////////////////////////////////////////////////////
71
  //Define
72
  ///////////////////////////////////////////////////////////////////////////////////////////////////
73
- define('SEOPRESS_VERSION', '5.8.0.4');
74
  define('SEOPRESS_AUTHOR', 'Benjamin Denis');
75
  define('SEOPRESS_PLUGIN_DIR_PATH', plugin_dir_path(__FILE__));
76
  define('SEOPRESS_PLUGIN_DIR_URL', plugin_dir_url(__FILE__));
@@ -80,7 +80,7 @@ define('SEOPRESS_TEMPLATE_SITEMAP_DIR', SEOPRESS_TEMPLATE_DIR . '/sitemap');
80
  define('SEOPRESS_TEMPLATE_JSON_SCHEMAS', SEOPRESS_TEMPLATE_DIR . '/json-schemas');
81
 
82
  define('SEOPRESS_DIRURL', plugin_dir_url(__FILE__));
83
- define('SEOPRESS_URL_DIST', SEOPRESS_DIRURL . 'public');
84
  define('SEOPRESS_URL_ASSETS', SEOPRESS_DIRURL . 'assets');
85
  define('SEOPRESS_DIR_LANGUAGES', dirname(plugin_basename(__FILE__)) . '/languages/');
86
 
4
  Plugin URI: https://www.seopress.org/
5
  Description: One of the best SEO plugins for WordPress.
6
  Author: SEOPress
7
+ Version: 5.8.0.5
8
  Author URI: https://www.seopress.org/
9
  License: GPLv2
10
  Text Domain: wp-seopress
70
  ///////////////////////////////////////////////////////////////////////////////////////////////////
71
  //Define
72
  ///////////////////////////////////////////////////////////////////////////////////////////////////
73
+ define('SEOPRESS_VERSION', '5.8.0.5');
74
  define('SEOPRESS_AUTHOR', 'Benjamin Denis');
75
  define('SEOPRESS_PLUGIN_DIR_PATH', plugin_dir_path(__FILE__));
76
  define('SEOPRESS_PLUGIN_DIR_URL', plugin_dir_url(__FILE__));
80
  define('SEOPRESS_TEMPLATE_JSON_SCHEMAS', SEOPRESS_TEMPLATE_DIR . '/json-schemas');
81
 
82
  define('SEOPRESS_DIRURL', plugin_dir_url(__FILE__));
83
+ define('SEOPRESS_URL_PUBLIC', SEOPRESS_DIRURL . 'public');
84
  define('SEOPRESS_URL_ASSETS', SEOPRESS_DIRURL . 'assets');
85
  define('SEOPRESS_DIR_LANGUAGES', dirname(plugin_basename(__FILE__)) . '/languages/');
86
 
src/Actions/Admin/ModuleMetabox.php CHANGED
@@ -52,7 +52,7 @@ class ModuleMetabox implements ExecuteHooks
52
  }
53
 
54
  wp_enqueue_media();
55
- wp_enqueue_script('seopress-metabox', SEOPRESS_URL_DIST . '/metaboxe.js', $dependencies, SEOPRESS_VERSION, true);
56
  $value = wp_create_nonce('seopress_rest');
57
 
58
  $tags = seopress_get_service('TagsToString')->getTagsAvailable([
@@ -79,7 +79,7 @@ class ModuleMetabox implements ExecuteHooks
79
  $roles = ( array ) $user->roles;
80
 
81
  $args = array_merge([
82
- 'SEOPRESS_URL_DIST' => SEOPRESS_URL_DIST,
83
  'SEOPRESS_URL_ASSETS' => SEOPRESS_URL_ASSETS,
84
  'SITENAME' => get_bloginfo('name'),
85
  'SITEURL' => site_url(),
52
  }
53
 
54
  wp_enqueue_media();
55
+ wp_enqueue_script('seopress-metabox', SEOPRESS_URL_PUBLIC . '/metaboxe.js', $dependencies, SEOPRESS_VERSION, true);
56
  $value = wp_create_nonce('seopress_rest');
57
 
58
  $tags = seopress_get_service('TagsToString')->getTagsAvailable([
79
  $roles = ( array ) $user->roles;
80
 
81
  $args = array_merge([
82
+ 'SEOPRESS_URL_PUBLIC' => SEOPRESS_URL_PUBLIC,
83
  'SEOPRESS_URL_ASSETS' => SEOPRESS_URL_ASSETS,
84
  'SITENAME' => get_bloginfo('name'),
85
  'SITEURL' => site_url(),
src/Actions/Api/Metas/AdvancedSettings.php CHANGED
@@ -1,13 +1,35 @@
1
  <?php
 
2
 
3
  if (! defined('ABSPATH')) {
4
  exit;
5
  }
6
 
7
- register_post_meta( 'post', '_seopress_robots_primary_cat',
8
- [
9
- 'show_in_rest' => true,
10
- 'single' => true,
11
- 'type' => 'string',
12
- ]
13
- );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
  <?php
2
+ namespace SEOPress\Actions\Api\Metas;
3
 
4
  if (! defined('ABSPATH')) {
5
  exit;
6
  }
7
 
8
+ use SEOPress\Core\Hooks\ExecuteHooks;
9
+
10
+ class AdvancedSettings implements ExecuteHooks
11
+ {
12
+ public function hooks() {
13
+ register_post_meta( '', '_seopress_robots_primary_cat',
14
+ [
15
+ 'show_in_rest' => true,
16
+ 'single' => true,
17
+ 'type' => 'string',
18
+ 'auth_callback' => [$this, 'meta_auth']
19
+ ]
20
+ );
21
+ }
22
+
23
+ /**
24
+ * Auth callback is required for protected meta keys
25
+ *
26
+ * @param bool $allowed
27
+ * @param string $meta_key
28
+ * @param int $id
29
+ * @return bool $allowed
30
+ */
31
+ public function meta_auth( $allowed, $meta_key, $id ) {
32
+ return current_user_can( 'edit_posts', $id );
33
+ }
34
+ }
35
+
src/Services/Options/ToggleOption.php CHANGED
@@ -50,4 +50,8 @@ class ToggleOption {
50
  public function getToggleGoogleNews(){
51
  return $this->searchOptionByKey('news');
52
  }
 
 
 
 
53
  }
50
  public function getToggleGoogleNews(){
51
  return $this->searchOptionByKey('news');
52
  }
53
+
54
+ public function getToggleInspectUrl(){
55
+ return $this->searchOptionByKey('inspect-url');
56
+ }
57
  }
vendor/composer/installed.json CHANGED
@@ -2,34 +2,29 @@
2
  "packages": [
3
  {
4
  "name": "firebase/php-jwt",
5
- "version": "v6.2.0",
6
- "version_normalized": "6.2.0.0",
7
  "source": {
8
  "type": "git",
9
  "url": "https://github.com/firebase/php-jwt.git",
10
- "reference": "d28e6df83830252650da4623c78aaaf98fb385f3"
11
  },
12
  "dist": {
13
  "type": "zip",
14
- "url": "https://api.github.com/repos/firebase/php-jwt/zipball/d28e6df83830252650da4623c78aaaf98fb385f3",
15
- "reference": "d28e6df83830252650da4623c78aaaf98fb385f3",
16
  "shasum": ""
17
  },
18
  "require": {
19
- "php": "^7.1||^8.0"
20
  },
21
  "require-dev": {
22
- "guzzlehttp/guzzle": "^6.5||^7.4",
23
- "phpspec/prophecy-phpunit": "^1.1",
24
- "phpunit/phpunit": "^7.5||^9.5",
25
- "psr/cache": "^1.0||^2.0",
26
- "psr/http-client": "^1.0",
27
- "psr/http-factory": "^1.0"
28
  },
29
  "suggest": {
30
  "paragonie/sodium_compat": "Support EdDSA (Ed25519) signatures when libsodium is not present"
31
  },
32
- "time": "2022-05-13T20:54:50+00:00",
33
  "type": "library",
34
  "installation-source": "dist",
35
  "autoload": {
@@ -61,7 +56,7 @@
61
  ],
62
  "support": {
63
  "issues": "https://github.com/firebase/php-jwt/issues",
64
- "source": "https://github.com/firebase/php-jwt/tree/v6.2.0"
65
  },
66
  "install-path": "../firebase/php-jwt"
67
  },
@@ -187,25 +182,25 @@
187
  },
188
  {
189
  "name": "google/auth",
190
- "version": "v1.21.1",
191
- "version_normalized": "1.21.1.0",
192
  "source": {
193
  "type": "git",
194
  "url": "https://github.com/googleapis/google-auth-library-php.git",
195
- "reference": "aa3b9ca29258ac6347ce3c8937a2418c5d78f840"
196
  },
197
  "dist": {
198
  "type": "zip",
199
- "url": "https://api.github.com/repos/googleapis/google-auth-library-php/zipball/aa3b9ca29258ac6347ce3c8937a2418c5d78f840",
200
- "reference": "aa3b9ca29258ac6347ce3c8937a2418c5d78f840",
201
  "shasum": ""
202
  },
203
  "require": {
204
- "firebase/php-jwt": "^5.5||^6.0",
205
  "guzzlehttp/guzzle": "^6.2.1|^7.0",
206
  "guzzlehttp/psr7": "^1.7|^2.0",
207
- "php": "^7.1||^8.0",
208
- "psr/cache": "^1.0|^2.0|^3.0",
209
  "psr/http-message": "^1.0"
210
  },
211
  "require-dev": {
@@ -213,14 +208,14 @@
213
  "kelvinmo/simplejwt": "^0.2.5|^0.5.1",
214
  "phpseclib/phpseclib": "^2.0.31",
215
  "phpspec/prophecy-phpunit": "^1.1",
216
- "phpunit/phpunit": "^7.5||^8.5",
217
  "sebastian/comparator": ">=1.2.3",
218
  "squizlabs/php_codesniffer": "^3.5"
219
  },
220
  "suggest": {
221
  "phpseclib/phpseclib": "May be used in place of OpenSSL for signing strings or for token management. Please require version ^2."
222
  },
223
- "time": "2022-05-16T19:34:15+00:00",
224
  "type": "library",
225
  "installation-source": "dist",
226
  "autoload": {
@@ -242,7 +237,7 @@
242
  "support": {
243
  "docs": "https://googleapis.github.io/google-auth-library-php/main/",
244
  "issues": "https://github.com/googleapis/google-auth-library-php/issues",
245
- "source": "https://github.com/googleapis/google-auth-library-php/tree/v1.21.1"
246
  },
247
  "install-path": "../google/auth"
248
  },
2
  "packages": [
3
  {
4
  "name": "firebase/php-jwt",
5
+ "version": "v5.5.1",
6
+ "version_normalized": "5.5.1.0",
7
  "source": {
8
  "type": "git",
9
  "url": "https://github.com/firebase/php-jwt.git",
10
+ "reference": "83b609028194aa042ea33b5af2d41a7427de80e6"
11
  },
12
  "dist": {
13
  "type": "zip",
14
+ "url": "https://api.github.com/repos/firebase/php-jwt/zipball/83b609028194aa042ea33b5af2d41a7427de80e6",
15
+ "reference": "83b609028194aa042ea33b5af2d41a7427de80e6",
16
  "shasum": ""
17
  },
18
  "require": {
19
+ "php": ">=5.3.0"
20
  },
21
  "require-dev": {
22
+ "phpunit/phpunit": ">=4.8 <=9"
 
 
 
 
 
23
  },
24
  "suggest": {
25
  "paragonie/sodium_compat": "Support EdDSA (Ed25519) signatures when libsodium is not present"
26
  },
27
+ "time": "2021-11-08T20:18:51+00:00",
28
  "type": "library",
29
  "installation-source": "dist",
30
  "autoload": {
56
  ],
57
  "support": {
58
  "issues": "https://github.com/firebase/php-jwt/issues",
59
+ "source": "https://github.com/firebase/php-jwt/tree/v5.5.1"
60
  },
61
  "install-path": "../firebase/php-jwt"
62
  },
182
  },
183
  {
184
  "name": "google/auth",
185
+ "version": "v1.19.0",
186
+ "version_normalized": "1.19.0.0",
187
  "source": {
188
  "type": "git",
189
  "url": "https://github.com/googleapis/google-auth-library-php.git",
190
+ "reference": "31e5d24d5fa0eaf6adc7e596292dc4732f4b60c5"
191
  },
192
  "dist": {
193
  "type": "zip",
194
+ "url": "https://api.github.com/repos/googleapis/google-auth-library-php/zipball/31e5d24d5fa0eaf6adc7e596292dc4732f4b60c5",
195
+ "reference": "31e5d24d5fa0eaf6adc7e596292dc4732f4b60c5",
196
  "shasum": ""
197
  },
198
  "require": {
199
+ "firebase/php-jwt": "~5.0",
200
  "guzzlehttp/guzzle": "^6.2.1|^7.0",
201
  "guzzlehttp/psr7": "^1.7|^2.0",
202
+ "php": ">=5.6",
203
+ "psr/cache": "^1.0|^2.0",
204
  "psr/http-message": "^1.0"
205
  },
206
  "require-dev": {
208
  "kelvinmo/simplejwt": "^0.2.5|^0.5.1",
209
  "phpseclib/phpseclib": "^2.0.31",
210
  "phpspec/prophecy-phpunit": "^1.1",
211
+ "phpunit/phpunit": "^5.7||^8.5.13",
212
  "sebastian/comparator": ">=1.2.3",
213
  "squizlabs/php_codesniffer": "^3.5"
214
  },
215
  "suggest": {
216
  "phpseclib/phpseclib": "May be used in place of OpenSSL for signing strings or for token management. Please require version ^2."
217
  },
218
+ "time": "2022-03-24T21:22:45+00:00",
219
  "type": "library",
220
  "installation-source": "dist",
221
  "autoload": {
237
  "support": {
238
  "docs": "https://googleapis.github.io/google-auth-library-php/main/",
239
  "issues": "https://github.com/googleapis/google-auth-library-php/issues",
240
+ "source": "https://github.com/googleapis/google-auth-library-php/tree/v1.19.0"
241
  },
242
  "install-path": "../google/auth"
243
  },
vendor/composer/installed.php CHANGED
@@ -5,18 +5,18 @@
5
  'type' => 'wordpress-plugin',
6
  'install_path' => __DIR__ . '/../../',
7
  'aliases' => array(),
8
- 'reference' => '310d9c980328e339c78bf366a50d8e68d40df13e',
9
  'name' => 'wp-seopress/wp-seopress',
10
  'dev' => false,
11
  ),
12
  'versions' => array(
13
  'firebase/php-jwt' => array(
14
- 'pretty_version' => 'v6.2.0',
15
- 'version' => '6.2.0.0',
16
  'type' => 'library',
17
  'install_path' => __DIR__ . '/../firebase/php-jwt',
18
  'aliases' => array(),
19
- 'reference' => 'd28e6df83830252650da4623c78aaaf98fb385f3',
20
  'dev_requirement' => false,
21
  ),
22
  'google/apiclient' => array(
@@ -38,12 +38,12 @@
38
  'dev_requirement' => false,
39
  ),
40
  'google/auth' => array(
41
- 'pretty_version' => 'v1.21.1',
42
- 'version' => '1.21.1.0',
43
  'type' => 'library',
44
  'install_path' => __DIR__ . '/../google/auth',
45
  'aliases' => array(),
46
- 'reference' => 'aa3b9ca29258ac6347ce3c8937a2418c5d78f840',
47
  'dev_requirement' => false,
48
  ),
49
  'guzzlehttp/guzzle' => array(
@@ -202,7 +202,7 @@
202
  'type' => 'wordpress-plugin',
203
  'install_path' => __DIR__ . '/../../',
204
  'aliases' => array(),
205
- 'reference' => '310d9c980328e339c78bf366a50d8e68d40df13e',
206
  'dev_requirement' => false,
207
  ),
208
  ),
5
  'type' => 'wordpress-plugin',
6
  'install_path' => __DIR__ . '/../../',
7
  'aliases' => array(),
8
+ 'reference' => '1523eaa70848c3e9e7fe4c463b934193152fdbfe',
9
  'name' => 'wp-seopress/wp-seopress',
10
  'dev' => false,
11
  ),
12
  'versions' => array(
13
  'firebase/php-jwt' => array(
14
+ 'pretty_version' => 'v5.5.1',
15
+ 'version' => '5.5.1.0',
16
  'type' => 'library',
17
  'install_path' => __DIR__ . '/../firebase/php-jwt',
18
  'aliases' => array(),
19
+ 'reference' => '83b609028194aa042ea33b5af2d41a7427de80e6',
20
  'dev_requirement' => false,
21
  ),
22
  'google/apiclient' => array(
38
  'dev_requirement' => false,
39
  ),
40
  'google/auth' => array(
41
+ 'pretty_version' => 'v1.19.0',
42
+ 'version' => '1.19.0.0',
43
  'type' => 'library',
44
  'install_path' => __DIR__ . '/../google/auth',
45
  'aliases' => array(),
46
+ 'reference' => '31e5d24d5fa0eaf6adc7e596292dc4732f4b60c5',
47
  'dev_requirement' => false,
48
  ),
49
  'guzzlehttp/guzzle' => array(
202
  'type' => 'wordpress-plugin',
203
  'install_path' => __DIR__ . '/../../',
204
  'aliases' => array(),
205
+ 'reference' => '1523eaa70848c3e9e7fe4c463b934193152fdbfe',
206
  'dev_requirement' => false,
207
  ),
208
  ),
vendor/firebase/php-jwt/README.md CHANGED
@@ -1,4 +1,4 @@
1
- ![Build Status](https://github.com/firebase/php-jwt/actions/workflows/tests.yml/badge.svg)
2
  [![Latest Stable Version](https://poser.pugx.org/firebase/php-jwt/v/stable)](https://packagist.org/packages/firebase/php-jwt)
3
  [![Total Downloads](https://poser.pugx.org/firebase/php-jwt/downloads)](https://packagist.org/packages/firebase/php-jwt)
4
  [![License](https://poser.pugx.org/firebase/php-jwt/license)](https://packagist.org/packages/firebase/php-jwt)
@@ -29,13 +29,13 @@ Example
29
  use Firebase\JWT\JWT;
30
  use Firebase\JWT\Key;
31
 
32
- $key = 'example_key';
33
- $payload = [
34
- 'iss' => 'http://example.org',
35
- 'aud' => 'http://example.com',
36
- 'iat' => 1356999524,
37
- 'nbf' => 1357000000
38
- ];
39
 
40
  /**
41
  * IMPORTANT:
@@ -98,12 +98,12 @@ ehde/zUxo6UvS7UrBQIDAQAB
98
  -----END PUBLIC KEY-----
99
  EOD;
100
 
101
- $payload = [
102
- 'iss' => 'example.org',
103
- 'aud' => 'example.com',
104
- 'iat' => 1356999524,
105
- 'nbf' => 1357000000
106
- ];
107
 
108
  $jwt = JWT::encode($payload, $privateKey, 'RS256');
109
  echo "Encode:\n" . print_r($jwt, true) . "\n";
@@ -139,12 +139,12 @@ $privateKey = openssl_pkey_get_private(
139
  $passphrase
140
  );
141
 
142
- $payload = [
143
- 'iss' => 'example.org',
144
- 'aud' => 'example.com',
145
- 'iat' => 1356999524,
146
- 'nbf' => 1357000000
147
- ];
148
 
149
  $jwt = JWT::encode($payload, $privateKey, 'RS256');
150
  echo "Encode:\n" . print_r($jwt, true) . "\n";
@@ -173,12 +173,12 @@ $privateKey = base64_encode(sodium_crypto_sign_secretkey($keyPair));
173
 
174
  $publicKey = base64_encode(sodium_crypto_sign_publickey($keyPair));
175
 
176
- $payload = [
177
- 'iss' => 'example.org',
178
- 'aud' => 'example.com',
179
- 'iat' => 1356999524,
180
- 'nbf' => 1357000000
181
- ];
182
 
183
  $jwt = JWT::encode($payload, $privateKey, 'EdDSA');
184
  echo "Encode:\n" . print_r($jwt, true) . "\n";
@@ -198,83 +198,15 @@ use Firebase\JWT\JWT;
198
  // this endpoint: https://www.gstatic.com/iap/verify/public_key-jwk
199
  $jwks = ['keys' => []];
200
 
201
- // JWK::parseKeySet($jwks) returns an associative array of **kid** to Firebase\JWT\Key
202
- // objects. Pass this as the second parameter to JWT::decode.
203
- JWT::decode($payload, JWK::parseKeySet($jwks));
204
- ```
205
-
206
- Using Cached Key Sets
207
- ---------------------
208
-
209
- The `CachedKeySet` class can be used to fetch and cache JWKS (JSON Web Key Sets) from a public URI.
210
- This has the following advantages:
211
-
212
- 1. The results are cached for performance.
213
- 2. If an unrecognized key is requested, the cache is refreshed, to accomodate for key rotation.
214
- 3. If rate limiting is enabled, the JWKS URI will not make more than 10 requests a second.
215
-
216
- ```php
217
- use Firebase\JWT\CachedKeySet;
218
- use Firebase\JWT\JWT;
219
-
220
- // The URI for the JWKS you wish to cache the results from
221
- $jwksUri = 'https://www.gstatic.com/iap/verify/public_key-jwk';
222
-
223
- // Create an HTTP client (can be any PSR-7 compatible HTTP client)
224
- $httpClient = new GuzzleHttp\Client();
225
-
226
- // Create an HTTP request factory (can be any PSR-17 compatible HTTP request factory)
227
- $httpFactory = new GuzzleHttp\Psr\HttpFactory();
228
-
229
- // Create a cache item pool (can be any PSR-6 compatible cache item pool)
230
- $cacheItemPool = Phpfastcache\CacheManager::getInstance('files');
231
-
232
- $keySet = new CachedKeySet(
233
- $jwksUri,
234
- $httpClient,
235
- $httpFactory,
236
- $cacheItemPool,
237
- null, // $expiresAfter int seconds to set the JWKS to expire
238
- true // $rateLimit true to enable rate limit of 10 RPS on lookup of invalid keys
239
- );
240
-
241
- $jwt = 'eyJhbGci...'; // Some JWT signed by a key from the $jwkUri above
242
- $decoded = JWT::decode($jwt, $keySet);
243
- ```
244
-
245
- Miscellaneous
246
- -------------
247
-
248
- #### Casting to array
249
-
250
- The return value of `JWT::decode` is the generic PHP object `stdClass`. If you'd like to handle with arrays
251
- instead, you can do the following:
252
-
253
- ```php
254
- // return type is stdClass
255
- $decoded = JWT::decode($payload, $keys);
256
-
257
- // cast to array
258
- $decoded = json_decode(json_encode($decoded), true);
259
  ```
260
 
261
  Changelog
262
  ---------
263
 
264
- #### 6.1.0 / 2022-03-23
265
-
266
- - Drop support for PHP 5.3, 5.4, 5.5, 5.6, and 7.0
267
- - Add parameter typing and return types where possible
268
-
269
- #### 6.0.0 / 2022-01-24
270
-
271
- - **Backwards-Compatibility Breaking Changes**: See the [Release Notes](https://github.com/firebase/php-jwt/releases/tag/v6.0.0) for more information.
272
- - New Key object to prevent key/algorithm type confusion (#365)
273
- - Add JWK support (#273)
274
- - Add ES256 support (#256)
275
- - Add ES384 support (#324)
276
- - Add Ed25519 support (#343)
277
-
278
  #### 5.0.0 / 2017-06-26
279
  - Support RS384 and RS512.
280
  See [#117](https://github.com/firebase/php-jwt/pull/117). Thanks [@joostfaassen](https://github.com/joostfaassen)!
1
+ [![Build Status](https://travis-ci.org/firebase/php-jwt.png?branch=master)](https://travis-ci.org/firebase/php-jwt)
2
  [![Latest Stable Version](https://poser.pugx.org/firebase/php-jwt/v/stable)](https://packagist.org/packages/firebase/php-jwt)
3
  [![Total Downloads](https://poser.pugx.org/firebase/php-jwt/downloads)](https://packagist.org/packages/firebase/php-jwt)
4
  [![License](https://poser.pugx.org/firebase/php-jwt/license)](https://packagist.org/packages/firebase/php-jwt)
29
  use Firebase\JWT\JWT;
30
  use Firebase\JWT\Key;
31
 
32
+ $key = "example_key";
33
+ $payload = array(
34
+ "iss" => "http://example.org",
35
+ "aud" => "http://example.com",
36
+ "iat" => 1356999524,
37
+ "nbf" => 1357000000
38
+ );
39
 
40
  /**
41
  * IMPORTANT:
98
  -----END PUBLIC KEY-----
99
  EOD;
100
 
101
+ $payload = array(
102
+ "iss" => "example.org",
103
+ "aud" => "example.com",
104
+ "iat" => 1356999524,
105
+ "nbf" => 1357000000
106
+ );
107
 
108
  $jwt = JWT::encode($payload, $privateKey, 'RS256');
109
  echo "Encode:\n" . print_r($jwt, true) . "\n";
139
  $passphrase
140
  );
141
 
142
+ $payload = array(
143
+ "iss" => "example.org",
144
+ "aud" => "example.com",
145
+ "iat" => 1356999524,
146
+ "nbf" => 1357000000
147
+ );
148
 
149
  $jwt = JWT::encode($payload, $privateKey, 'RS256');
150
  echo "Encode:\n" . print_r($jwt, true) . "\n";
173
 
174
  $publicKey = base64_encode(sodium_crypto_sign_publickey($keyPair));
175
 
176
+ $payload = array(
177
+ "iss" => "example.org",
178
+ "aud" => "example.com",
179
+ "iat" => 1356999524,
180
+ "nbf" => 1357000000
181
+ );
182
 
183
  $jwt = JWT::encode($payload, $privateKey, 'EdDSA');
184
  echo "Encode:\n" . print_r($jwt, true) . "\n";
198
  // this endpoint: https://www.gstatic.com/iap/verify/public_key-jwk
199
  $jwks = ['keys' => []];
200
 
201
+ // JWK::parseKeySet($jwks) returns an associative array of **kid** to private
202
+ // key. Pass this as the second parameter to JWT::decode.
203
+ // NOTE: The deprecated $supportedAlgorithm must be supplied when parsing from JWK.
204
+ JWT::decode($payload, JWK::parseKeySet($jwks), $supportedAlgorithm);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
205
  ```
206
 
207
  Changelog
208
  ---------
209
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
210
  #### 5.0.0 / 2017-06-26
211
  - Support RS384 and RS512.
212
  See [#117](https://github.com/firebase/php-jwt/pull/117). Thanks [@joostfaassen](https://github.com/joostfaassen)!
vendor/firebase/php-jwt/composer.json CHANGED
@@ -20,7 +20,7 @@
20
  ],
21
  "license": "BSD-3-Clause",
22
  "require": {
23
- "php": "^7.1||^8.0"
24
  },
25
  "suggest": {
26
  "paragonie/sodium_compat": "Support EdDSA (Ed25519) signatures when libsodium is not present"
@@ -31,11 +31,6 @@
31
  }
32
  },
33
  "require-dev": {
34
- "guzzlehttp/guzzle": "^6.5||^7.4",
35
- "phpspec/prophecy-phpunit": "^1.1",
36
- "phpunit/phpunit": "^7.5||^9.5",
37
- "psr/cache": "^1.0||^2.0",
38
- "psr/http-client": "^1.0",
39
- "psr/http-factory": "^1.0"
40
  }
41
  }
20
  ],
21
  "license": "BSD-3-Clause",
22
  "require": {
23
+ "php": ">=5.3.0"
24
  },
25
  "suggest": {
26
  "paragonie/sodium_compat": "Support EdDSA (Ed25519) signatures when libsodium is not present"
31
  }
32
  },
33
  "require-dev": {
34
+ "phpunit/phpunit": ">=4.8 <=9"
 
 
 
 
 
35
  }
36
  }
vendor/firebase/php-jwt/src/CachedKeySet.php DELETED
@@ -1,231 +0,0 @@
1
- <?php
2
-
3
- namespace Firebase\JWT;
4
-
5
- use ArrayAccess;
6
- use LogicException;
7
- use OutOfBoundsException;
8
- use Psr\Cache\CacheItemInterface;
9
- use Psr\Cache\CacheItemPoolInterface;
10
- use Psr\Http\Client\ClientInterface;
11
- use Psr\Http\Message\RequestFactoryInterface;
12
- use RuntimeException;
13
-
14
- /**
15
- * @implements ArrayAccess<string, Key>
16
- */
17
- class CachedKeySet implements ArrayAccess
18
- {
19
- /**
20
- * @var string
21
- */
22
- private $jwksUri;
23
- /**
24
- * @var ClientInterface
25
- */
26
- private $httpClient;
27
- /**
28
- * @var RequestFactoryInterface
29
- */
30
- private $httpFactory;
31
- /**
32
- * @var CacheItemPoolInterface
33
- */
34
- private $cache;
35
- /**
36
- * @var ?int
37
- */
38
- private $expiresAfter;
39
- /**
40
- * @var ?CacheItemInterface
41
- */
42
- private $cacheItem;
43
- /**
44
- * @var array<string, Key>
45
- */
46
- private $keySet;
47
- /**
48
- * @var string
49
- */
50
- private $cacheKey;
51
- /**
52
- * @var string
53
- */
54
- private $cacheKeyPrefix = 'jwks';
55
- /**
56
- * @var int
57
- */
58
- private $maxKeyLength = 64;
59
- /**
60
- * @var bool
61
- */
62
- private $rateLimit;
63
- /**
64
- * @var string
65
- */
66
- private $rateLimitCacheKey;
67
- /**
68
- * @var int
69
- */
70
- private $maxCallsPerMinute = 10;
71
- /**
72
- * @var string|null
73
- */
74
- private $defaultAlg;
75
-
76
- public function __construct(
77
- string $jwksUri,
78
- ClientInterface $httpClient,
79
- RequestFactoryInterface $httpFactory,
80
- CacheItemPoolInterface $cache,
81
- int $expiresAfter = null,
82
- bool $rateLimit = false,
83
- string $defaultAlg = null
84
- ) {
85
- $this->jwksUri = $jwksUri;
86
- $this->httpClient = $httpClient;
87
- $this->httpFactory = $httpFactory;
88
- $this->cache = $cache;
89
- $this->expiresAfter = $expiresAfter;
90
- $this->rateLimit = $rateLimit;
91
- $this->defaultAlg = $defaultAlg;
92
- $this->setCacheKeys();
93
- }
94
-
95
- /**
96
- * @param string $keyId
97
- * @return Key
98
- */
99
- public function offsetGet($keyId): Key
100
- {
101
- if (!$this->keyIdExists($keyId)) {
102
- throw new OutOfBoundsException('Key ID not found');
103
- }
104
- return $this->keySet[$keyId];
105
- }
106
-
107
- /**
108
- * @param string $keyId
109
- * @return bool
110
- */
111
- public function offsetExists($keyId): bool
112
- {
113
- return $this->keyIdExists($keyId);
114
- }
115
-
116
- /**
117
- * @param string $offset
118
- * @param Key $value
119
- */
120
- public function offsetSet($offset, $value): void
121
- {
122
- throw new LogicException('Method not implemented');
123
- }
124
-
125
- /**
126
- * @param string $offset
127
- */
128
- public function offsetUnset($offset): void
129
- {
130
- throw new LogicException('Method not implemented');
131
- }
132
-
133
- private function keyIdExists(string $keyId): bool
134
- {
135
- $keySetToCache = null;
136
- if (null === $this->keySet) {
137
- $item = $this->getCacheItem();
138
- // Try to load keys from cache
139
- if ($item->isHit()) {
140
- // item found! Return it
141
- $this->keySet = $item->get();
142
- }
143
- }
144
-
145
- if (!isset($this->keySet[$keyId])) {
146
- if ($this->rateLimitExceeded()) {
147
- return false;
148
- }
149
- $request = $this->httpFactory->createRequest('get', $this->jwksUri);
150
- $jwksResponse = $this->httpClient->sendRequest($request);
151
- $jwks = json_decode((string) $jwksResponse->getBody(), true);
152
- $this->keySet = $keySetToCache = JWK::parseKeySet($jwks, $this->defaultAlg);
153
-
154
- if (!isset($this->keySet[$keyId])) {
155
- return false;
156
- }
157
- }
158
-
159
- if ($keySetToCache) {
160
- $item = $this->getCacheItem();
161
- $item->set($keySetToCache);
162
- if ($this->expiresAfter) {
163
- $item->expiresAfter($this->expiresAfter);
164
- }
165
- $this->cache->save($item);
166
- }
167
-
168
- return true;
169
- }
170
-
171
- private function rateLimitExceeded(): bool
172
- {
173
- if (!$this->rateLimit) {
174
- return false;
175
- }
176
-
177
- $cacheItem = $this->cache->getItem($this->rateLimitCacheKey);
178
- if (!$cacheItem->isHit()) {
179
- $cacheItem->expiresAfter(1); // # of calls are cached each minute
180
- }
181
-
182
- $callsPerMinute = (int) $cacheItem->get();
183
- if (++$callsPerMinute > $this->maxCallsPerMinute) {
184
- return true;
185
- }
186
- $cacheItem->set($callsPerMinute);
187
- $this->cache->save($cacheItem);
188
- return false;
189
- }
190
-
191
- private function getCacheItem(): CacheItemInterface
192
- {
193
- if (\is_null($this->cacheItem)) {
194
- $this->cacheItem = $this->cache->getItem($this->cacheKey);
195
- }
196
-
197
- return $this->cacheItem;
198
- }
199
-
200
- private function setCacheKeys(): void
201
- {
202
- if (empty($this->jwksUri)) {
203
- throw new RuntimeException('JWKS URI is empty');
204
- }
205
-
206
- // ensure we do not have illegal characters
207
- $key = preg_replace('|[^a-zA-Z0-9_\.!]|', '', $this->jwksUri);
208
-
209
- // add prefix
210
- $key = $this->cacheKeyPrefix . $key;
211
-
212
- // Hash keys if they exceed $maxKeyLength of 64
213
- if (\strlen($key) > $this->maxKeyLength) {
214
- $key = substr(hash('sha256', $key), 0, $this->maxKeyLength);
215
- }
216
-
217
- $this->cacheKey = $key;
218
-
219
- if ($this->rateLimit) {
220
- // add prefix
221
- $rateLimitKey = $this->cacheKeyPrefix . 'ratelimit' . $key;
222
-
223
- // Hash keys if they exceed $maxKeyLength of 64
224
- if (\strlen($rateLimitKey) > $this->maxKeyLength) {
225
- $rateLimitKey = substr(hash('sha256', $rateLimitKey), 0, $this->maxKeyLength);
226
- }
227
-
228
- $this->rateLimitCacheKey = $rateLimitKey;
229
- }
230
- }
231
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
vendor/firebase/php-jwt/src/JWK.php CHANGED
@@ -23,11 +23,9 @@ class JWK
23
  /**
24
  * Parse a set of JWK keys
25
  *
26
- * @param array<mixed> $jwks The JSON Web Key Set as an associative array
27
- * @param string $defaultAlg The algorithm for the Key object if "alg" is not set in the
28
- * JSON Web Key Set
29
  *
30
- * @return array<string, Key> An associative array of key IDs (kid) to Key objects
31
  *
32
  * @throws InvalidArgumentException Provided JWK Set is empty
33
  * @throws UnexpectedValueException Provided JWK Set was invalid
@@ -35,22 +33,21 @@ class JWK
35
  *
36
  * @uses parseKey
37
  */
38
- public static function parseKeySet(array $jwks, string $defaultAlg = null): array
39
  {
40
- $keys = [];
41
 
42
  if (!isset($jwks['keys'])) {
43
  throw new UnexpectedValueException('"keys" member must exist in the JWK Set');
44
  }
45
-
46
  if (empty($jwks['keys'])) {
47
  throw new InvalidArgumentException('JWK Set did not contain any keys');
48
  }
49
 
50
  foreach ($jwks['keys'] as $k => $v) {
51
  $kid = isset($v['kid']) ? $v['kid'] : $k;
52
- if ($key = self::parseKey($v, $defaultAlg)) {
53
- $keys[(string) $kid] = $key;
54
  }
55
  }
56
 
@@ -64,11 +61,9 @@ class JWK
64
  /**
65
  * Parse a JWK key
66
  *
67
- * @param array<mixed> $jwk An individual JWK
68
- * @param string $defaultAlg The algorithm for the Key object if "alg" is not set in the
69
- * JSON Web Key Set
70
  *
71
- * @return Key The key object for the JWK
72
  *
73
  * @throws InvalidArgumentException Provided JWK is empty
74
  * @throws UnexpectedValueException Provided JWK was invalid
@@ -76,27 +71,15 @@ class JWK
76
  *
77
  * @uses createPemFromModulusAndExponent
78
  */
79
- public static function parseKey(array $jwk, string $defaultAlg = null): ?Key
80
  {
81
  if (empty($jwk)) {
82
  throw new InvalidArgumentException('JWK must not be empty');
83
  }
84
-
85
  if (!isset($jwk['kty'])) {
86
  throw new UnexpectedValueException('JWK must contain a "kty" parameter');
87
  }
88
 
89
- if (!isset($jwk['alg'])) {
90
- if (\is_null($defaultAlg)) {
91
- // The "alg" parameter is optional in a KTY, but an algorithm is required
92
- // for parsing in this library. Use the $defaultAlg parameter when parsing the
93
- // key set in order to prevent this error.
94
- // @see https://datatracker.ietf.org/doc/html/rfc7517#section-4.4
95
- throw new UnexpectedValueException('JWK must contain an "alg" parameter');
96
- }
97
- $jwk['alg'] = $defaultAlg;
98
- }
99
-
100
  switch ($jwk['kty']) {
101
  case 'RSA':
102
  if (!empty($jwk['d'])) {
@@ -113,13 +96,11 @@ class JWK
113
  'OpenSSL error: ' . \openssl_error_string()
114
  );
115
  }
116
- return new Key($publicKey, $jwk['alg']);
117
  default:
118
  // Currently only RSA is supported
119
  break;
120
  }
121
-
122
- return null;
123
  }
124
 
125
  /**
@@ -132,22 +113,22 @@ class JWK
132
  *
133
  * @uses encodeLength
134
  */
135
- private static function createPemFromModulusAndExponent(
136
- string $n,
137
- string $e
138
- ): string {
139
- $mod = JWT::urlsafeB64Decode($n);
140
- $exp = JWT::urlsafeB64Decode($e);
141
 
142
- $modulus = \pack('Ca*a*', 2, self::encodeLength(\strlen($mod)), $mod);
143
- $publicExponent = \pack('Ca*a*', 2, self::encodeLength(\strlen($exp)), $exp);
 
 
144
 
145
  $rsaPublicKey = \pack(
146
  'Ca*a*a*',
147
  48,
148
- self::encodeLength(\strlen($modulus) + \strlen($publicExponent)),
149
- $modulus,
150
- $publicExponent
151
  );
152
 
153
  // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption.
@@ -178,7 +159,7 @@ class JWK
178
  * @param int $length
179
  * @return string
180
  */
181
- private static function encodeLength(int $length): string
182
  {
183
  if ($length <= 0x7F) {
184
  return \chr($length);
23
  /**
24
  * Parse a set of JWK keys
25
  *
26
+ * @param array $jwks The JSON Web Key Set as an associative array
 
 
27
  *
28
+ * @return array An associative array that represents the set of keys
29
  *
30
  * @throws InvalidArgumentException Provided JWK Set is empty
31
  * @throws UnexpectedValueException Provided JWK Set was invalid
33
  *
34
  * @uses parseKey
35
  */
36
+ public static function parseKeySet(array $jwks)
37
  {
38
+ $keys = array();
39
 
40
  if (!isset($jwks['keys'])) {
41
  throw new UnexpectedValueException('"keys" member must exist in the JWK Set');
42
  }
 
43
  if (empty($jwks['keys'])) {
44
  throw new InvalidArgumentException('JWK Set did not contain any keys');
45
  }
46
 
47
  foreach ($jwks['keys'] as $k => $v) {
48
  $kid = isset($v['kid']) ? $v['kid'] : $k;
49
+ if ($key = self::parseKey($v)) {
50
+ $keys[$kid] = $key;
51
  }
52
  }
53
 
61
  /**
62
  * Parse a JWK key
63
  *
64
+ * @param array $jwk An individual JWK
 
 
65
  *
66
+ * @return resource|array An associative array that represents the key
67
  *
68
  * @throws InvalidArgumentException Provided JWK is empty
69
  * @throws UnexpectedValueException Provided JWK was invalid
71
  *
72
  * @uses createPemFromModulusAndExponent
73
  */
74
+ public static function parseKey(array $jwk)
75
  {
76
  if (empty($jwk)) {
77
  throw new InvalidArgumentException('JWK must not be empty');
78
  }
 
79
  if (!isset($jwk['kty'])) {
80
  throw new UnexpectedValueException('JWK must contain a "kty" parameter');
81
  }
82
 
 
 
 
 
 
 
 
 
 
 
 
83
  switch ($jwk['kty']) {
84
  case 'RSA':
85
  if (!empty($jwk['d'])) {
96
  'OpenSSL error: ' . \openssl_error_string()
97
  );
98
  }
99
+ return $publicKey;
100
  default:
101
  // Currently only RSA is supported
102
  break;
103
  }
 
 
104
  }
105
 
106
  /**
113
  *
114
  * @uses encodeLength
115
  */
116
+ private static function createPemFromModulusAndExponent($n, $e)
117
+ {
118
+ $modulus = JWT::urlsafeB64Decode($n);
119
+ $publicExponent = JWT::urlsafeB64Decode($e);
 
 
120
 
121
+ $components = array(
122
+ 'modulus' => \pack('Ca*a*', 2, self::encodeLength(\strlen($modulus)), $modulus),
123
+ 'publicExponent' => \pack('Ca*a*', 2, self::encodeLength(\strlen($publicExponent)), $publicExponent)
124
+ );
125
 
126
  $rsaPublicKey = \pack(
127
  'Ca*a*a*',
128
  48,
129
+ self::encodeLength(\strlen($components['modulus']) + \strlen($components['publicExponent'])),
130
+ $components['modulus'],
131
+ $components['publicExponent']
132
  );
133
 
134
  // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption.
159
  * @param int $length
160
  * @return string
161
  */
162
+ private static function encodeLength($length)
163
  {
164
  if ($length <= 0x7F) {
165
  return \chr($length);
vendor/firebase/php-jwt/src/JWT.php CHANGED
@@ -3,14 +3,12 @@
3
  namespace Firebase\JWT;
4
 
5
  use ArrayAccess;
6
- use DateTime;
7
  use DomainException;
8
  use Exception;
9
  use InvalidArgumentException;
10
  use OpenSSLAsymmetricKey;
11
- use OpenSSLCertificate;
12
- use stdClass;
13
  use UnexpectedValueException;
 
14
 
15
  /**
16
  * JSON Web Token implementation, based on this spec:
@@ -27,57 +25,52 @@ use UnexpectedValueException;
27
  */
28
  class JWT
29
  {
30
- private const ASN1_INTEGER = 0x02;
31
- private const ASN1_SEQUENCE = 0x10;
32
- private const ASN1_BIT_STRING = 0x03;
33
 
34
  /**
35
  * When checking nbf, iat or expiration times,
36
  * we want to provide some extra leeway time to
37
  * account for clock skew.
38
- *
39
- * @var int
40
  */
41
  public static $leeway = 0;
42
 
43
  /**
44
  * Allow the current timestamp to be specified.
45
  * Useful for fixing a value within unit testing.
46
- * Will default to PHP time() value if null.
47
  *
48
- * @var ?int
49
  */
50
  public static $timestamp = null;
51
 
52
- /**
53
- * @var array<string, string[]>
54
- */
55
- public static $supported_algs = [
56
- 'ES384' => ['openssl', 'SHA384'],
57
- 'ES256' => ['openssl', 'SHA256'],
58
- 'HS256' => ['hash_hmac', 'SHA256'],
59
- 'HS384' => ['hash_hmac', 'SHA384'],
60
- 'HS512' => ['hash_hmac', 'SHA512'],
61
- 'RS256' => ['openssl', 'SHA256'],
62
- 'RS384' => ['openssl', 'SHA384'],
63
- 'RS512' => ['openssl', 'SHA512'],
64
- 'EdDSA' => ['sodium_crypto', 'EdDSA'],
65
- ];
66
 
67
  /**
68
  * Decodes a JWT string into a PHP object.
69
  *
70
- * @param string $jwt The JWT
71
- * @param Key|array<string,Key> $keyOrKeyArray The Key or associative array of key IDs (kid) to Key objects.
72
- * If the algorithm used is asymmetric, this is the public key
73
- * Each Key object contains an algorithm and matching key.
74
- * Supported algorithms are 'ES384','ES256', 'HS256', 'HS384',
75
- * 'HS512', 'RS256', 'RS384', and 'RS512'
 
 
76
  *
77
- * @return stdClass The JWT's payload as a PHP object
78
  *
79
- * @throws InvalidArgumentException Provided key/key-array was empty
80
- * @throws DomainException Provided JWT is malformed
81
  * @throws UnexpectedValueException Provided JWT was invalid
82
  * @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed
83
  * @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf'
@@ -87,11 +80,8 @@ class JWT
87
  * @uses jsonDecode
88
  * @uses urlsafeB64Decode
89
  */
90
- public static function decode(
91
- string $jwt,
92
- $keyOrKeyArray
93
- ): stdClass {
94
- // Validate JWT
95
  $timestamp = \is_null(static::$timestamp) ? \time() : static::$timestamp;
96
 
97
  if (empty($keyOrKeyArray)) {
@@ -102,22 +92,15 @@ class JWT
102
  throw new UnexpectedValueException('Wrong number of segments');
103
  }
104
  list($headb64, $bodyb64, $cryptob64) = $tks;
105
- $headerRaw = static::urlsafeB64Decode($headb64);
106
- if (null === ($header = static::jsonDecode($headerRaw))) {
107
  throw new UnexpectedValueException('Invalid header encoding');
108
  }
109
- $payloadRaw = static::urlsafeB64Decode($bodyb64);
110
- if (null === ($payload = static::jsonDecode($payloadRaw))) {
111
  throw new UnexpectedValueException('Invalid claims encoding');
112
  }
113
- if (\is_array($payload)) {
114
- // prevent PHP Fatal Error in edge-cases when payload is empty array
115
- $payload = (object) $payload;
116
- }
117
- if (!$payload instanceof stdClass) {
118
- throw new UnexpectedValueException('Payload must be a JSON object');
119
  }
120
- $sig = static::urlsafeB64Decode($cryptob64);
121
  if (empty($header->alg)) {
122
  throw new UnexpectedValueException('Empty algorithm');
123
  }
@@ -125,18 +108,31 @@ class JWT
125
  throw new UnexpectedValueException('Algorithm not supported');
126
  }
127
 
128
- $key = self::getKey($keyOrKeyArray, property_exists($header, 'kid') ? $header->kid : null);
 
 
 
129
 
130
- // Check the algorithm
131
- if (!self::constantTimeEquals($key->getAlgorithm(), $header->alg)) {
132
- // See issue #351
133
- throw new UnexpectedValueException('Incorrect key for this algorithm');
 
 
 
 
 
 
 
 
 
134
  }
135
  if ($header->alg === 'ES256' || $header->alg === 'ES384') {
136
  // OpenSSL expects an ASN.1 DER sequence for ES256/ES384 signatures
137
  $sig = self::signatureToDER($sig);
138
  }
139
- if (!self::verify("$headb64.$bodyb64", $sig, $key->getKeyMaterial(), $header->alg)) {
 
140
  throw new SignatureInvalidException('Signature verification failed');
141
  }
142
 
@@ -168,35 +164,32 @@ class JWT
168
  /**
169
  * Converts and signs a PHP object or array into a JWT string.
170
  *
171
- * @param array<mixed> $payload PHP array
172
- * @param string|resource|OpenSSLAsymmetricKey|OpenSSLCertificate $key The secret key.
173
- * @param string $alg Supported algorithms are 'ES384','ES256', 'HS256', 'HS384',
174
- * 'HS512', 'RS256', 'RS384', and 'RS512'
175
- * @param string $keyId
176
- * @param array<string, string> $head An array with header elements to attach
 
 
177
  *
178
  * @return string A signed JWT
179
  *
180
  * @uses jsonEncode
181
  * @uses urlsafeB64Encode
182
  */
183
- public static function encode(
184
- array $payload,
185
- $key,
186
- string $alg,
187
- string $keyId = null,
188
- array $head = null
189
- ): string {
190
- $header = ['typ' => 'JWT', 'alg' => $alg];
191
  if ($keyId !== null) {
192
  $header['kid'] = $keyId;
193
  }
194
  if (isset($head) && \is_array($head)) {
195
  $header = \array_merge($head, $header);
196
  }
197
- $segments = [];
198
- $segments[] = static::urlsafeB64Encode((string) static::jsonEncode($header));
199
- $segments[] = static::urlsafeB64Encode((string) static::jsonEncode($payload));
200
  $signing_input = \implode('.', $segments);
201
 
202
  $signature = static::sign($signing_input, $key, $alg);
@@ -208,35 +201,30 @@ class JWT
208
  /**
209
  * Sign a string with a given key and algorithm.
210
  *
211
- * @param string $msg The message to sign
212
- * @param string|resource|OpenSSLAsymmetricKey|OpenSSLCertificate $key The secret key.
213
- * @param string $alg Supported algorithms are 'ES384','ES256', 'HS256', 'HS384',
214
- * 'HS512', 'RS256', 'RS384', and 'RS512'
 
215
  *
216
  * @return string An encrypted message
217
  *
218
  * @throws DomainException Unsupported algorithm or bad key was specified
219
  */
220
- public static function sign(
221
- string $msg,
222
- $key,
223
- string $alg
224
- ): string {
225
  if (empty(static::$supported_algs[$alg])) {
226
  throw new DomainException('Algorithm not supported');
227
  }
228
  list($function, $algorithm) = static::$supported_algs[$alg];
229
  switch ($function) {
230
  case 'hash_hmac':
231
- if (!\is_string($key)) {
232
- throw new InvalidArgumentException('key must be a string when using hmac');
233
- }
234
  return \hash_hmac($algorithm, $msg, $key, true);
235
  case 'openssl':
236
  $signature = '';
237
- $success = \openssl_sign($msg, $signature, $key, $algorithm); // @phpstan-ignore-line
238
  if (!$success) {
239
- throw new DomainException('OpenSSL unable to sign data');
240
  }
241
  if ($alg === 'ES256') {
242
  $signature = self::signatureFromDER($signature, 256);
@@ -245,44 +233,35 @@ class JWT
245
  }
246
  return $signature;
247
  case 'sodium_crypto':
248
- if (!\function_exists('sodium_crypto_sign_detached')) {
249
  throw new DomainException('libsodium is not available');
250
  }
251
- if (!\is_string($key)) {
252
- throw new InvalidArgumentException('key must be a string when using EdDSA');
253
- }
254
  try {
255
  // The last non-empty line is used as the key.
256
  $lines = array_filter(explode("\n", $key));
257
- $key = base64_decode((string) end($lines));
258
  return sodium_crypto_sign_detached($msg, $key);
259
  } catch (Exception $e) {
260
  throw new DomainException($e->getMessage(), 0, $e);
261
  }
262
  }
263
-
264
- throw new DomainException('Algorithm not supported');
265
  }
266
 
267
  /**
268
  * Verify a signature with the message, key and method. Not all methods
269
  * are symmetric, so we must have a separate verify and sign method.
270
  *
271
- * @param string $msg The original message (header and body)
272
- * @param string $signature The original signature
273
- * @param string|resource|OpenSSLAsymmetricKey|OpenSSLCertificate $keyMaterial For HS*, a string key works. for RS*, must be an instance of OpenSSLAsymmetricKey
274
- * @param string $alg The algorithm
275
  *
276
  * @return bool
277
  *
278
  * @throws DomainException Invalid Algorithm, bad key, or OpenSSL failure
279
  */
280
- private static function verify(
281
- string $msg,
282
- string $signature,
283
- $keyMaterial,
284
- string $alg
285
- ): bool {
286
  if (empty(static::$supported_algs[$alg])) {
287
  throw new DomainException('Algorithm not supported');
288
  }
@@ -290,7 +269,7 @@ class JWT
290
  list($function, $algorithm) = static::$supported_algs[$alg];
291
  switch ($function) {
292
  case 'openssl':
293
- $success = \openssl_verify($msg, $signature, $keyMaterial, $algorithm); // @phpstan-ignore-line
294
  if ($success === 1) {
295
  return true;
296
  } elseif ($success === 0) {
@@ -301,27 +280,21 @@ class JWT
301
  'OpenSSL error: ' . \openssl_error_string()
302
  );
303
  case 'sodium_crypto':
304
- if (!\function_exists('sodium_crypto_sign_verify_detached')) {
305
  throw new DomainException('libsodium is not available');
306
  }
307
- if (!\is_string($keyMaterial)) {
308
- throw new InvalidArgumentException('key must be a string when using EdDSA');
309
- }
310
  try {
311
  // The last non-empty line is used as the key.
312
- $lines = array_filter(explode("\n", $keyMaterial));
313
- $key = base64_decode((string) end($lines));
314
  return sodium_crypto_sign_verify_detached($signature, $msg, $key);
315
  } catch (Exception $e) {
316
  throw new DomainException($e->getMessage(), 0, $e);
317
  }
318
  case 'hash_hmac':
319
  default:
320
- if (!\is_string($keyMaterial)) {
321
- throw new InvalidArgumentException('key must be a string when using hmac');
322
- }
323
- $hash = \hash_hmac($algorithm, $msg, $keyMaterial, true);
324
- return self::constantTimeEquals($hash, $signature);
325
  }
326
  }
327
 
@@ -330,16 +303,30 @@ class JWT
330
  *
331
  * @param string $input JSON string
332
  *
333
- * @return mixed The decoded JSON string
334
  *
335
  * @throws DomainException Provided string was invalid JSON
336
  */
337
- public static function jsonDecode(string $input)
338
  {
339
- $obj = \json_decode($input, false, 512, JSON_BIGINT_AS_STRING);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
340
 
341
  if ($errno = \json_last_error()) {
342
- self::handleJsonError($errno);
343
  } elseif ($obj === null && $input !== 'null') {
344
  throw new DomainException('Null result with non-null input');
345
  }
@@ -347,30 +334,22 @@ class JWT
347
  }
348
 
349
  /**
350
- * Encode a PHP array into a JSON string.
351
  *
352
- * @param array<mixed> $input A PHP array
353
  *
354
- * @return string JSON representation of the PHP array
355
  *
356
  * @throws DomainException Provided object could not be encoded to valid JSON
357
  */
358
- public static function jsonEncode(array $input): string
359
  {
360
- if (PHP_VERSION_ID >= 50400) {
361
- $json = \json_encode($input, \JSON_UNESCAPED_SLASHES);
362
- } else {
363
- // PHP 5.3 only
364
- $json = \json_encode($input);
365
- }
366
  if ($errno = \json_last_error()) {
367
- self::handleJsonError($errno);
368
  } elseif ($json === 'null' && $input !== null) {
369
  throw new DomainException('Null result with non-null input');
370
  }
371
- if ($json === false) {
372
- throw new DomainException('Provided object could not be encoded to valid JSON');
373
- }
374
  return $json;
375
  }
376
 
@@ -380,10 +359,8 @@ class JWT
380
  * @param string $input A Base64 encoded string
381
  *
382
  * @return string A decoded string
383
- *
384
- * @throws InvalidArgumentException invalid base64 characters
385
  */
386
- public static function urlsafeB64Decode(string $input): string
387
  {
388
  $remainder = \strlen($input) % 4;
389
  if ($remainder) {
@@ -400,7 +377,7 @@ class JWT
400
  *
401
  * @return string The base64 encode of what you passed in
402
  */
403
- public static function urlsafeB64Encode(string $input): string
404
  {
405
  return \str_replace('=', '', \strtr(\base64_encode($input), '+/', '-_'));
406
  }
@@ -409,53 +386,67 @@ class JWT
409
  /**
410
  * Determine if an algorithm has been provided for each Key
411
  *
412
- * @param Key|ArrayAccess<string,Key>|array<string,Key> $keyOrKeyArray
413
- * @param string|null $kid
414
  *
415
  * @throws UnexpectedValueException
416
  *
417
- * @return Key
418
  */
419
- private static function getKey(
420
- $keyOrKeyArray,
421
- ?string $kid
422
- ): Key {
423
- if ($keyOrKeyArray instanceof Key) {
424
- return $keyOrKeyArray;
 
 
425
  }
426
 
427
- if ($keyOrKeyArray instanceof CachedKeySet) {
428
- // Skip "isset" check, as this will automatically refresh if not set
429
- return $keyOrKeyArray[$kid];
430
  }
431
 
432
- if (empty($kid)) {
433
- throw new UnexpectedValueException('"kid" empty, unable to lookup correct key');
434
- }
435
- if (!isset($keyOrKeyArray[$kid])) {
436
- throw new UnexpectedValueException('"kid" invalid, unable to lookup correct key');
 
 
 
 
 
 
 
 
 
 
437
  }
438
 
439
- return $keyOrKeyArray[$kid];
 
 
 
440
  }
441
 
442
  /**
443
- * @param string $left The string of known length to compare against
444
- * @param string $right The user-supplied string
445
  * @return bool
446
  */
447
- public static function constantTimeEquals(string $left, string $right): bool
448
  {
449
  if (\function_exists('hash_equals')) {
450
  return \hash_equals($left, $right);
451
  }
452
- $len = \min(self::safeStrlen($left), self::safeStrlen($right));
453
 
454
  $status = 0;
455
  for ($i = 0; $i < $len; $i++) {
456
  $status |= (\ord($left[$i]) ^ \ord($right[$i]));
457
  }
458
- $status |= (self::safeStrlen($left) ^ self::safeStrlen($right));
459
 
460
  return ($status === 0);
461
  }
@@ -465,19 +456,17 @@ class JWT
465
  *
466
  * @param int $errno An error number from json_last_error()
467
  *
468
- * @throws DomainException
469
- *
470
  * @return void
471
  */
472
- private static function handleJsonError(int $errno): void
473
  {
474
- $messages = [
475
  JSON_ERROR_DEPTH => 'Maximum stack depth exceeded',
476
  JSON_ERROR_STATE_MISMATCH => 'Invalid or malformed JSON',
477
  JSON_ERROR_CTRL_CHAR => 'Unexpected control character found',
478
  JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON',
479
  JSON_ERROR_UTF8 => 'Malformed UTF-8 characters' //PHP >= 5.3.3
480
- ];
481
  throw new DomainException(
482
  isset($messages[$errno])
483
  ? $messages[$errno]
@@ -492,7 +481,7 @@ class JWT
492
  *
493
  * @return int
494
  */
495
- private static function safeStrlen(string $str): int
496
  {
497
  if (\function_exists('mb_strlen')) {
498
  return \mb_strlen($str, '8bit');
@@ -506,11 +495,10 @@ class JWT
506
  * @param string $sig The ECDSA signature to convert
507
  * @return string The encoded DER object
508
  */
509
- private static function signatureToDER(string $sig): string
510
  {
511
  // Separate the signature into r-value and s-value
512
- $length = max(1, (int) (\strlen($sig) / 2));
513
- list($r, $s) = \str_split($sig, $length > 0 ? $length : 1);
514
 
515
  // Trim leading zeros
516
  $r = \ltrim($r, "\x00");
@@ -537,10 +525,9 @@ class JWT
537
  *
538
  * @param int $type DER tag
539
  * @param string $value the value to encode
540
- *
541
  * @return string the encoded object
542
  */
543
- private static function encodeDER(int $type, string $value): string
544
  {
545
  $tag_header = 0;
546
  if ($type === self::ASN1_SEQUENCE) {
@@ -561,10 +548,9 @@ class JWT
561
  *
562
  * @param string $der binary signature in DER format
563
  * @param int $keySize the number of bits in the key
564
- *
565
  * @return string the signature
566
  */
567
- private static function signatureFromDER(string $der, int $keySize): string
568
  {
569
  // OpenSSL returns the ECDSA signatures as a binary ASN.1 DER SEQUENCE
570
  list($offset, $_) = self::readDER($der);
@@ -589,10 +575,9 @@ class JWT
589
  * @param string $der the binary data in DER format
590
  * @param int $offset the offset of the data stream containing the object
591
  * to decode
592
- *
593
- * @return array{int, string|null} the new offset and the decoded object
594
  */
595
- private static function readDER(string $der, int $offset = 0): array
596
  {
597
  $pos = $offset;
598
  $size = \strlen($der);
@@ -621,6 +606,6 @@ class JWT
621
  $data = null;
622
  }
623
 
624
- return [$pos, $data];
625
  }
626
  }
3
  namespace Firebase\JWT;
4
 
5
  use ArrayAccess;
 
6
  use DomainException;
7
  use Exception;
8
  use InvalidArgumentException;
9
  use OpenSSLAsymmetricKey;
 
 
10
  use UnexpectedValueException;
11
+ use DateTime;
12
 
13
  /**
14
  * JSON Web Token implementation, based on this spec:
25
  */
26
  class JWT
27
  {
28
+ const ASN1_INTEGER = 0x02;
29
+ const ASN1_SEQUENCE = 0x10;
30
+ const ASN1_BIT_STRING = 0x03;
31
 
32
  /**
33
  * When checking nbf, iat or expiration times,
34
  * we want to provide some extra leeway time to
35
  * account for clock skew.
 
 
36
  */
37
  public static $leeway = 0;
38
 
39
  /**
40
  * Allow the current timestamp to be specified.
41
  * Useful for fixing a value within unit testing.
 
42
  *
43
+ * Will default to PHP time() value if null.
44
  */
45
  public static $timestamp = null;
46
 
47
+ public static $supported_algs = array(
48
+ 'ES384' => array('openssl', 'SHA384'),
49
+ 'ES256' => array('openssl', 'SHA256'),
50
+ 'HS256' => array('hash_hmac', 'SHA256'),
51
+ 'HS384' => array('hash_hmac', 'SHA384'),
52
+ 'HS512' => array('hash_hmac', 'SHA512'),
53
+ 'RS256' => array('openssl', 'SHA256'),
54
+ 'RS384' => array('openssl', 'SHA384'),
55
+ 'RS512' => array('openssl', 'SHA512'),
56
+ 'EdDSA' => array('sodium_crypto', 'EdDSA'),
57
+ );
 
 
 
58
 
59
  /**
60
  * Decodes a JWT string into a PHP object.
61
  *
62
+ * @param string $jwt The JWT
63
+ * @param Key|array<Key>|mixed $keyOrKeyArray The Key or array of Key objects.
64
+ * If the algorithm used is asymmetric, this is the public key
65
+ * Each Key object contains an algorithm and matching key.
66
+ * Supported algorithms are 'ES384','ES256', 'HS256', 'HS384',
67
+ * 'HS512', 'RS256', 'RS384', and 'RS512'
68
+ * @param array $allowed_algs [DEPRECATED] List of supported verification algorithms. Only
69
+ * should be used for backwards compatibility.
70
  *
71
+ * @return object The JWT's payload as a PHP object
72
  *
73
+ * @throws InvalidArgumentException Provided JWT was empty
 
74
  * @throws UnexpectedValueException Provided JWT was invalid
75
  * @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed
76
  * @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf'
80
  * @uses jsonDecode
81
  * @uses urlsafeB64Decode
82
  */
83
+ public static function decode($jwt, $keyOrKeyArray, array $allowed_algs = array())
84
+ {
 
 
 
85
  $timestamp = \is_null(static::$timestamp) ? \time() : static::$timestamp;
86
 
87
  if (empty($keyOrKeyArray)) {
92
  throw new UnexpectedValueException('Wrong number of segments');
93
  }
94
  list($headb64, $bodyb64, $cryptob64) = $tks;
95
+ if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) {
 
96
  throw new UnexpectedValueException('Invalid header encoding');
97
  }
98
+ if (null === $payload = static::jsonDecode(static::urlsafeB64Decode($bodyb64))) {
 
99
  throw new UnexpectedValueException('Invalid claims encoding');
100
  }
101
+ if (false === ($sig = static::urlsafeB64Decode($cryptob64))) {
102
+ throw new UnexpectedValueException('Invalid signature encoding');
 
 
 
 
103
  }
 
104
  if (empty($header->alg)) {
105
  throw new UnexpectedValueException('Empty algorithm');
106
  }
108
  throw new UnexpectedValueException('Algorithm not supported');
109
  }
110
 
111
+ list($keyMaterial, $algorithm) = self::getKeyMaterialAndAlgorithm(
112
+ $keyOrKeyArray,
113
+ empty($header->kid) ? null : $header->kid
114
+ );
115
 
116
+ if (empty($algorithm)) {
117
+ // Use deprecated "allowed_algs" to determine if the algorithm is supported.
118
+ // This opens up the possibility of an attack in some implementations.
119
+ // @see https://github.com/firebase/php-jwt/issues/351
120
+ if (!\in_array($header->alg, $allowed_algs)) {
121
+ throw new UnexpectedValueException('Algorithm not allowed');
122
+ }
123
+ } else {
124
+ // Check the algorithm
125
+ if (!self::constantTimeEquals($algorithm, $header->alg)) {
126
+ // See issue #351
127
+ throw new UnexpectedValueException('Incorrect key for this algorithm');
128
+ }
129
  }
130
  if ($header->alg === 'ES256' || $header->alg === 'ES384') {
131
  // OpenSSL expects an ASN.1 DER sequence for ES256/ES384 signatures
132
  $sig = self::signatureToDER($sig);
133
  }
134
+
135
+ if (!static::verify("$headb64.$bodyb64", $sig, $keyMaterial, $header->alg)) {
136
  throw new SignatureInvalidException('Signature verification failed');
137
  }
138
 
164
  /**
165
  * Converts and signs a PHP object or array into a JWT string.
166
  *
167
+ * @param object|array $payload PHP object or array
168
+ * @param string|resource $key The secret key.
169
+ * If the algorithm used is asymmetric, this is the private key
170
+ * @param string $alg The signing algorithm.
171
+ * Supported algorithms are 'ES384','ES256', 'HS256', 'HS384',
172
+ * 'HS512', 'RS256', 'RS384', and 'RS512'
173
+ * @param mixed $keyId
174
+ * @param array $head An array with header elements to attach
175
  *
176
  * @return string A signed JWT
177
  *
178
  * @uses jsonEncode
179
  * @uses urlsafeB64Encode
180
  */
181
+ public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null)
182
+ {
183
+ $header = array('typ' => 'JWT', 'alg' => $alg);
 
 
 
 
 
184
  if ($keyId !== null) {
185
  $header['kid'] = $keyId;
186
  }
187
  if (isset($head) && \is_array($head)) {
188
  $header = \array_merge($head, $header);
189
  }
190
+ $segments = array();
191
+ $segments[] = static::urlsafeB64Encode(static::jsonEncode($header));
192
+ $segments[] = static::urlsafeB64Encode(static::jsonEncode($payload));
193
  $signing_input = \implode('.', $segments);
194
 
195
  $signature = static::sign($signing_input, $key, $alg);
201
  /**
202
  * Sign a string with a given key and algorithm.
203
  *
204
+ * @param string $msg The message to sign
205
+ * @param string|resource $key The secret key
206
+ * @param string $alg The signing algorithm.
207
+ * Supported algorithms are 'ES384','ES256', 'HS256', 'HS384',
208
+ * 'HS512', 'RS256', 'RS384', and 'RS512'
209
  *
210
  * @return string An encrypted message
211
  *
212
  * @throws DomainException Unsupported algorithm or bad key was specified
213
  */
214
+ public static function sign($msg, $key, $alg = 'HS256')
215
+ {
 
 
 
216
  if (empty(static::$supported_algs[$alg])) {
217
  throw new DomainException('Algorithm not supported');
218
  }
219
  list($function, $algorithm) = static::$supported_algs[$alg];
220
  switch ($function) {
221
  case 'hash_hmac':
 
 
 
222
  return \hash_hmac($algorithm, $msg, $key, true);
223
  case 'openssl':
224
  $signature = '';
225
+ $success = \openssl_sign($msg, $signature, $key, $algorithm);
226
  if (!$success) {
227
+ throw new DomainException("OpenSSL unable to sign data");
228
  }
229
  if ($alg === 'ES256') {
230
  $signature = self::signatureFromDER($signature, 256);
233
  }
234
  return $signature;
235
  case 'sodium_crypto':
236
+ if (!function_exists('sodium_crypto_sign_detached')) {
237
  throw new DomainException('libsodium is not available');
238
  }
 
 
 
239
  try {
240
  // The last non-empty line is used as the key.
241
  $lines = array_filter(explode("\n", $key));
242
+ $key = base64_decode(end($lines));
243
  return sodium_crypto_sign_detached($msg, $key);
244
  } catch (Exception $e) {
245
  throw new DomainException($e->getMessage(), 0, $e);
246
  }
247
  }
 
 
248
  }
249
 
250
  /**
251
  * Verify a signature with the message, key and method. Not all methods
252
  * are symmetric, so we must have a separate verify and sign method.
253
  *
254
+ * @param string $msg The original message (header and body)
255
+ * @param string $signature The original signature
256
+ * @param string|resource $key For HS*, a string key works. for RS*, must be a resource of an openssl public key
257
+ * @param string $alg The algorithm
258
  *
259
  * @return bool
260
  *
261
  * @throws DomainException Invalid Algorithm, bad key, or OpenSSL failure
262
  */
263
+ private static function verify($msg, $signature, $key, $alg)
264
+ {
 
 
 
 
265
  if (empty(static::$supported_algs[$alg])) {
266
  throw new DomainException('Algorithm not supported');
267
  }
269
  list($function, $algorithm) = static::$supported_algs[$alg];
270
  switch ($function) {
271
  case 'openssl':
272
+ $success = \openssl_verify($msg, $signature, $key, $algorithm);
273
  if ($success === 1) {
274
  return true;
275
  } elseif ($success === 0) {
280
  'OpenSSL error: ' . \openssl_error_string()
281
  );
282
  case 'sodium_crypto':
283
+ if (!function_exists('sodium_crypto_sign_verify_detached')) {
284
  throw new DomainException('libsodium is not available');
285
  }
 
 
 
286
  try {
287
  // The last non-empty line is used as the key.
288
+ $lines = array_filter(explode("\n", $key));
289
+ $key = base64_decode(end($lines));
290
  return sodium_crypto_sign_verify_detached($signature, $msg, $key);
291
  } catch (Exception $e) {
292
  throw new DomainException($e->getMessage(), 0, $e);
293
  }
294
  case 'hash_hmac':
295
  default:
296
+ $hash = \hash_hmac($algorithm, $msg, $key, true);
297
+ return self::constantTimeEquals($signature, $hash);
 
 
 
298
  }
299
  }
300
 
303
  *
304
  * @param string $input JSON string
305
  *
306
+ * @return object Object representation of JSON string
307
  *
308
  * @throws DomainException Provided string was invalid JSON
309
  */
310
+ public static function jsonDecode($input)
311
  {
312
+ if (\version_compare(PHP_VERSION, '5.4.0', '>=') && !(\defined('JSON_C_VERSION') && PHP_INT_SIZE > 4)) {
313
+ /** In PHP >=5.4.0, json_decode() accepts an options parameter, that allows you
314
+ * to specify that large ints (like Steam Transaction IDs) should be treated as
315
+ * strings, rather than the PHP default behaviour of converting them to floats.
316
+ */
317
+ $obj = \json_decode($input, false, 512, JSON_BIGINT_AS_STRING);
318
+ } else {
319
+ /** Not all servers will support that, however, so for older versions we must
320
+ * manually detect large ints in the JSON string and quote them (thus converting
321
+ *them to strings) before decoding, hence the preg_replace() call.
322
+ */
323
+ $max_int_length = \strlen((string) PHP_INT_MAX) - 1;
324
+ $json_without_bigints = \preg_replace('/:\s*(-?\d{'.$max_int_length.',})/', ': "$1"', $input);
325
+ $obj = \json_decode($json_without_bigints);
326
+ }
327
 
328
  if ($errno = \json_last_error()) {
329
+ static::handleJsonError($errno);
330
  } elseif ($obj === null && $input !== 'null') {
331
  throw new DomainException('Null result with non-null input');
332
  }
334
  }
335
 
336
  /**
337
+ * Encode a PHP object into a JSON string.
338
  *
339
+ * @param object|array $input A PHP object or array
340
  *
341
+ * @return string JSON representation of the PHP object or array
342
  *
343
  * @throws DomainException Provided object could not be encoded to valid JSON
344
  */
345
+ public static function jsonEncode($input)
346
  {
347
+ $json = \json_encode($input);
 
 
 
 
 
348
  if ($errno = \json_last_error()) {
349
+ static::handleJsonError($errno);
350
  } elseif ($json === 'null' && $input !== null) {
351
  throw new DomainException('Null result with non-null input');
352
  }
 
 
 
353
  return $json;
354
  }
355
 
359
  * @param string $input A Base64 encoded string
360
  *
361
  * @return string A decoded string
 
 
362
  */
363
+ public static function urlsafeB64Decode($input)
364
  {
365
  $remainder = \strlen($input) % 4;
366
  if ($remainder) {
377
  *
378
  * @return string The base64 encode of what you passed in
379
  */
380
+ public static function urlsafeB64Encode($input)
381
  {
382
  return \str_replace('=', '', \strtr(\base64_encode($input), '+/', '-_'));
383
  }
386
  /**
387
  * Determine if an algorithm has been provided for each Key
388
  *
389
+ * @param Key|array<Key>|mixed $keyOrKeyArray
390
+ * @param string|null $kid
391
  *
392
  * @throws UnexpectedValueException
393
  *
394
+ * @return array containing the keyMaterial and algorithm
395
  */
396
+ private static function getKeyMaterialAndAlgorithm($keyOrKeyArray, $kid = null)
397
+ {
398
+ if (
399
+ is_string($keyOrKeyArray)
400
+ || is_resource($keyOrKeyArray)
401
+ || $keyOrKeyArray instanceof OpenSSLAsymmetricKey
402
+ ) {
403
+ return array($keyOrKeyArray, null);
404
  }
405
 
406
+ if ($keyOrKeyArray instanceof Key) {
407
+ return array($keyOrKeyArray->getKeyMaterial(), $keyOrKeyArray->getAlgorithm());
 
408
  }
409
 
410
+ if (is_array($keyOrKeyArray) || $keyOrKeyArray instanceof ArrayAccess) {
411
+ if (!isset($kid)) {
412
+ throw new UnexpectedValueException('"kid" empty, unable to lookup correct key');
413
+ }
414
+ if (!isset($keyOrKeyArray[$kid])) {
415
+ throw new UnexpectedValueException('"kid" invalid, unable to lookup correct key');
416
+ }
417
+
418
+ $key = $keyOrKeyArray[$kid];
419
+
420
+ if ($key instanceof Key) {
421
+ return array($key->getKeyMaterial(), $key->getAlgorithm());
422
+ }
423
+
424
+ return array($key, null);
425
  }
426
 
427
+ throw new UnexpectedValueException(
428
+ '$keyOrKeyArray must be a string|resource key, an array of string|resource keys, '
429
+ . 'an instance of Firebase\JWT\Key key or an array of Firebase\JWT\Key keys'
430
+ );
431
  }
432
 
433
  /**
434
+ * @param string $left
435
+ * @param string $right
436
  * @return bool
437
  */
438
+ public static function constantTimeEquals($left, $right)
439
  {
440
  if (\function_exists('hash_equals')) {
441
  return \hash_equals($left, $right);
442
  }
443
+ $len = \min(static::safeStrlen($left), static::safeStrlen($right));
444
 
445
  $status = 0;
446
  for ($i = 0; $i < $len; $i++) {
447
  $status |= (\ord($left[$i]) ^ \ord($right[$i]));
448
  }
449
+ $status |= (static::safeStrlen($left) ^ static::safeStrlen($right));
450
 
451
  return ($status === 0);
452
  }
456
  *
457
  * @param int $errno An error number from json_last_error()
458
  *
 
 
459
  * @return void
460
  */
461
+ private static function handleJsonError($errno)
462
  {
463
+ $messages = array(
464
  JSON_ERROR_DEPTH => 'Maximum stack depth exceeded',
465
  JSON_ERROR_STATE_MISMATCH => 'Invalid or malformed JSON',
466
  JSON_ERROR_CTRL_CHAR => 'Unexpected control character found',
467
  JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON',
468
  JSON_ERROR_UTF8 => 'Malformed UTF-8 characters' //PHP >= 5.3.3
469
+ );
470
  throw new DomainException(
471
  isset($messages[$errno])
472
  ? $messages[$errno]
481
  *
482
  * @return int
483
  */
484
+ private static function safeStrlen($str)
485
  {
486
  if (\function_exists('mb_strlen')) {
487
  return \mb_strlen($str, '8bit');
495
  * @param string $sig The ECDSA signature to convert
496
  * @return string The encoded DER object
497
  */
498
+ private static function signatureToDER($sig)
499
  {
500
  // Separate the signature into r-value and s-value
501
+ list($r, $s) = \str_split($sig, (int) (\strlen($sig) / 2));
 
502
 
503
  // Trim leading zeros
504
  $r = \ltrim($r, "\x00");
525
  *
526
  * @param int $type DER tag
527
  * @param string $value the value to encode
 
528
  * @return string the encoded object
529
  */
530
+ private static function encodeDER($type, $value)
531
  {
532
  $tag_header = 0;
533
  if ($type === self::ASN1_SEQUENCE) {
548
  *
549
  * @param string $der binary signature in DER format
550
  * @param int $keySize the number of bits in the key
 
551
  * @return string the signature
552
  */
553
+ private static function signatureFromDER($der, $keySize)
554
  {
555
  // OpenSSL returns the ECDSA signatures as a binary ASN.1 DER SEQUENCE
556
  list($offset, $_) = self::readDER($der);
575
  * @param string $der the binary data in DER format
576
  * @param int $offset the offset of the data stream containing the object
577
  * to decode
578
+ * @return array [$offset, $data] the new offset and the decoded object
 
579
  */
580
+ private static function readDER($der, $offset = 0)
581
  {
582
  $pos = $offset;
583
  $size = \strlen($der);
606
  $data = null;
607
  }
608
 
609
+ return array($pos, $data);
610
  }
611
  }
vendor/firebase/php-jwt/src/Key.php CHANGED
@@ -4,42 +4,37 @@ namespace Firebase\JWT;
4
 
5
  use InvalidArgumentException;
6
  use OpenSSLAsymmetricKey;
7
- use OpenSSLCertificate;
8
- use TypeError;
9
 
10
  class Key
11
  {
12
- /** @var string|resource|OpenSSLAsymmetricKey|OpenSSLCertificate */
13
- private $keyMaterial;
14
- /** @var string */
15
  private $algorithm;
16
 
 
 
 
17
  /**
18
- * @param string|resource|OpenSSLAsymmetricKey|OpenSSLCertificate $keyMaterial
19
  * @param string $algorithm
20
  */
21
- public function __construct(
22
- $keyMaterial,
23
- string $algorithm
24
- ) {
25
  if (
26
- !\is_string($keyMaterial)
 
27
  && !$keyMaterial instanceof OpenSSLAsymmetricKey
28
- && !$keyMaterial instanceof OpenSSLCertificate
29
- && !\is_resource($keyMaterial)
30
  ) {
31
- throw new TypeError('Key material must be a string, resource, or OpenSSLAsymmetricKey');
32
  }
33
 
34
  if (empty($keyMaterial)) {
35
- throw new InvalidArgumentException('Key material must not be empty');
36
  }
37
 
38
- if (empty($algorithm)) {
39
- throw new InvalidArgumentException('Algorithm must not be empty');
40
  }
41
 
42
- // TODO: Remove in PHP 8.0 in favor of class constructor property promotion
43
  $this->keyMaterial = $keyMaterial;
44
  $this->algorithm = $algorithm;
45
  }
@@ -49,13 +44,13 @@ class Key
49
  *
50
  * @return string
51
  */
52
- public function getAlgorithm(): string
53
  {
54
  return $this->algorithm;
55
  }
56
 
57
  /**
58
- * @return string|resource|OpenSSLAsymmetricKey|OpenSSLCertificate
59
  */
60
  public function getKeyMaterial()
61
  {
4
 
5
  use InvalidArgumentException;
6
  use OpenSSLAsymmetricKey;
 
 
7
 
8
  class Key
9
  {
10
+ /** @var string $algorithm */
 
 
11
  private $algorithm;
12
 
13
+ /** @var string|resource|OpenSSLAsymmetricKey $keyMaterial */
14
+ private $keyMaterial;
15
+
16
  /**
17
+ * @param string|resource|OpenSSLAsymmetricKey $keyMaterial
18
  * @param string $algorithm
19
  */
20
+ public function __construct($keyMaterial, $algorithm)
21
+ {
 
 
22
  if (
23
+ !is_string($keyMaterial)
24
+ && !is_resource($keyMaterial)
25
  && !$keyMaterial instanceof OpenSSLAsymmetricKey
 
 
26
  ) {
27
+ throw new InvalidArgumentException('Type error: $keyMaterial must be a string, resource, or OpenSSLAsymmetricKey');
28
  }
29
 
30
  if (empty($keyMaterial)) {
31
+ throw new InvalidArgumentException('Type error: $keyMaterial must not be empty');
32
  }
33
 
34
+ if (!is_string($algorithm)|| empty($keyMaterial)) {
35
+ throw new InvalidArgumentException('Type error: $algorithm must be a string');
36
  }
37
 
 
38
  $this->keyMaterial = $keyMaterial;
39
  $this->algorithm = $algorithm;
40
  }
44
  *
45
  * @return string
46
  */
47
+ public function getAlgorithm()
48
  {
49
  return $this->algorithm;
50
  }
51
 
52
  /**
53
+ * @return string|resource|OpenSSLAsymmetricKey
54
  */
55
  public function getKeyMaterial()
56
  {
vendor/google/auth/.php-cs-fixer.dist.php ADDED
@@ -0,0 +1,24 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ return (new PhpCsFixer\Config())
4
+ ->setRules([
5
+ '@PSR2' => true,
6
+ 'concat_space' => ['spacing' => 'one'],
7
+ 'no_unused_imports' => true,
8
+ 'ordered_imports' => true,
9
+ 'new_with_braces' => true,
10
+ 'method_argument_space' => false,
11
+ 'whitespace_after_comma_in_array' => true,
12
+ 'method_argument_space' => [
13
+ 'keep_multiple_spaces_after_comma' => true, // for wordpress constants
14
+ 'on_multiline' => 'ignore', // consider removing this someday
15
+ ],
16
+ 'return_type_declaration' => [
17
+ 'space_before' => 'none'
18
+ ],
19
+ ])
20
+ ->setFinder(
21
+ PhpCsFixer\Finder::create()
22
+ ->in(__DIR__)
23
+ )
24
+ ;
vendor/google/auth/CHANGELOG.md ADDED
@@ -0,0 +1,211 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ ## 1.18.0 (08/24/2021)
2
+
3
+ * [feat]: Add support for guzzlehttp/psr7 v2 (#357)
4
+
5
+ ## 1.17.0 (08/17/2021)
6
+
7
+ * [fix]: consistently use useSelfSignedJwt method in ServiceAccountJwtAccessCredentials (#351)
8
+ * [feat]: add loading and executing of default client cert source (#353)
9
+ * [feat]: add support for proxy-authorization header (#347)
10
+
11
+ ## 1.16.0 (06/22/2021)
12
+
13
+ * [feat]: allow ServiceAccountJwtAccessCredentials to sign scopes (#341)
14
+ * [feat]: allow psr/cache:2.0 (#344)
15
+
16
+ ## 1.15.2 (06/21/2021)
17
+
18
+ * [fix]: ensure cached tokens are used for GCECredentials::signBlob (#340)
19
+ * [fix]: adds check for getClientName (#336)
20
+
21
+ ## 1.15.1 (04/21/2021)
22
+
23
+ * [fix]: update minimum phpseclib for vulnerability fix (#331)
24
+
25
+ ## 1.15.0 (02/05/2021)
26
+
27
+ * [feat]: support for PHP 8.0: updated dependencies and tests (#318, #319)
28
+
29
+ ## 1.14.3 (10/16/2020)
30
+
31
+ * [fix]: add expires_at to GCECredentials (#314)
32
+
33
+ ## 1.14.2 (10/14/2020)
34
+
35
+ * [fix]: Better FetchAuthTokenCache and getLastReceivedToken (#311)
36
+
37
+ ## 1.14.1 (10/05/2020)
38
+
39
+ * [fix]: variable typo (#310)
40
+
41
+ ## 1.14.0 (10/02/2020)
42
+
43
+ * [feat]: Add support for default scopes (#306)
44
+
45
+ ## 1.13.0 (9/18/2020)
46
+
47
+ * [feat]: Add service account identity support to GCECredentials (#304)
48
+
49
+ ## 1.12.0 (8/31/2020)
50
+
51
+ * [feat]: Add QuotaProject option to getMiddleware (#296)
52
+ * [feat]: Add caching for calls to GCECredentials::onGce (#301)
53
+ * [feat]: Add updateMetadata function to token cache (#298)
54
+ * [fix]: Use quota_project_id instead of quota_project (#299)
55
+
56
+ ## 1.11.1 (7/27/2020)
57
+
58
+ * [fix]: catch ConnectException in GCE check (#294)
59
+ * [docs]: Adds [reference docs](https://googleapis.github.io/google-auth-library-php/main)
60
+
61
+ ## 1.11.0 (7/22/2020)
62
+
63
+ * [feat]: Check cache expiration (#291)
64
+ * [fix]: OAuth2 cache key when audience is set (#291)
65
+
66
+ ## 1.10.0 (7/8/2020)
67
+
68
+ * [feat]: Add support for Guzzle 7 (#256)
69
+ * [fix]: Remove SDK warning (#283)
70
+ * [chore]: Switch to github pages deploy action (#284)
71
+
72
+ ## 1.9.0 (5/14/2020)
73
+
74
+ * [feat] Add quotaProject param for extensible client options support (#277)
75
+ * [feat] Add signingKeyId param for jwt signing (#270)
76
+ * [docs] Misc documentation improvements (#268, #278, #273)
77
+ * [chore] Switch from Travis to Github Actions (#273)
78
+
79
+ ## 1.8.0 (3/26/2020)
80
+
81
+ * [feat] Add option to throw exception in AccessToken::verify(). (#265)
82
+ * [feat] Add support for x-goog-user-project. (#254)
83
+ * [feat] Add option to specify issuer in AccessToken::verify(). (#267)
84
+ * [feat] Add getProjectId to credentials types where project IDs can be determined. (#230)
85
+
86
+ ## 1.7.1 (02/12/2020)
87
+
88
+ * [fix] Invalid character in iap cert cache key (#263)
89
+ * [fix] Typo in exception for package name (#262)
90
+
91
+ ## 1.7.0 (02/11/2020)
92
+
93
+ * [feat] Add ID token to auth token methods. (#248)
94
+ * [feat] Add support for ES256 in `AccessToken::verify`. (#255)
95
+ * [fix] Let namespace match the file structure. (#258)
96
+ * [fix] Construct RuntimeException. (#257)
97
+ * [tests] Update tests for PHP 7.4 compatibility. (#253)
98
+ * [chore] Add a couple more things to `.gitattributes`. (#252)
99
+
100
+ ## 1.6.1 (10/29/2019)
101
+
102
+ * [fix] Handle DST correctly for cache item expirations. (#246)
103
+
104
+ ## 1.6.0 (10/01/2019)
105
+
106
+ * [feat] Add utility for verifying and revoking access tokens. (#243)
107
+ * [docs] Fix README console terminology. (#242)
108
+ * [feat] Support custom scopes with GCECredentials. (#239)
109
+ * [fix] Fix phpseclib existence check. (#237)
110
+
111
+ ## 1.5.2 (07/22/2019)
112
+
113
+ * [fix] Move loadItems call out of `SysVCacheItemPool` constructor. (#229)
114
+ * [fix] Add `Metadata-Flavor` header to initial GCE metadata call. (#232)
115
+
116
+ ## 1.5.1 (04/16/2019)
117
+
118
+ * [fix] Moved `getClientName()` from `Google\Auth\FetchAuthTokenInterface`
119
+ to `Google\Auth\SignBlobInterface`, and removed `getClientName()` from
120
+ `InsecureCredentials` and `UserRefreshCredentials`. (#223)
121
+
122
+ ## 1.5.0 (04/15/2019)
123
+
124
+ ### Changes
125
+
126
+ * Add support for signing strings with a Credentials instance. (#221)
127
+ * [Docs] Describe the arrays returned by fetchAuthToken. (#216)
128
+ * [Testing] Fix failing tests (#217)
129
+ * Update GitHub issue templates (#214, #213)
130
+
131
+ ## 1.4.0 (09/17/2018)
132
+
133
+ ### Changes
134
+
135
+ * Add support for insecure credentials (#208)
136
+
137
+ ## 1.3.3 (08/27/2018)
138
+
139
+ ### Changes
140
+
141
+ * Add retry and increase timeout for GCE credentials (#195)
142
+ * [Docs] Fix spelling (#204)
143
+ * Update token url (#206)
144
+
145
+ ## 1.3.2 (07/23/2018)
146
+
147
+ ### Changes
148
+
149
+ * Only emits a warning for gcloud credentials (#202)
150
+
151
+ ## 1.3.1 (07/19/2018)
152
+
153
+ ### Changes
154
+
155
+ * Added a warning for 3 legged OAuth credentials (#199)
156
+ * [Code cleanup] Removed useless else after return (#193)
157
+
158
+ ## 1.3.0 (06/04/2018)
159
+
160
+ ### Changes
161
+
162
+ * Fixes usage of deprecated env var for GAE Flex (#189)
163
+ * fix - guzzlehttp/psr7 dependency version definition (#190)
164
+ * Added SystemV shared memory based CacheItemPool (#191)
165
+
166
+ ## 1.2.1 (24/01/2018)
167
+
168
+ ### Changes
169
+
170
+ * Fixes array merging bug in Guzzle5HttpHandler (#186)
171
+ * Fixes constructor argument bug in Subscriber & Middleware (#184)
172
+
173
+ ## 1.2.0 (6/12/2017)
174
+
175
+ ### Changes
176
+
177
+ * Adds async method to HTTP handlers (#176)
178
+ * Misc bug fixes and improvements (#177, #175, #178)
179
+
180
+ ## 1.1.0 (10/10/2017)
181
+
182
+ ### Changes
183
+
184
+ * Supports additional claims in JWT tokens (#171)
185
+ * Adds makeHttpClient for creating authorized Guzzle clients (#162)
186
+ * Misc bug fixes/improvements (#168, #161, #167, #170, #143)
187
+
188
+ ## 1.0.1 (31/07/2017)
189
+
190
+ ### Changes
191
+
192
+ * Adds support for Firebase 5.0 (#159)
193
+
194
+ ## 1.0.0 (12/06/2017)
195
+
196
+ ### Changes
197
+
198
+ * Adds hashing and shortening to enforce max key length ([@bshaffer])
199
+ * Fix for better PSR-6 compliance - verifies a hit before getting the cache item ([@bshaffer])
200
+ * README fixes ([@bshaffer])
201
+ * Change authorization header key to lowercase ([@stanley-cheung])
202
+
203
+ ## 0.4.0 (23/04/2015)
204
+
205
+ ### Changes
206
+
207
+ * Export callback function to update auth metadata ([@stanley-cheung][])
208
+ * Adds an implementation of User Refresh Token auth ([@stanley-cheung][])
209
+
210
+ [@bshaffer]: https://github.com/bshaffer
211
+ [@stanley-cheung]: https://github.com/stanley-cheung
vendor/google/auth/CODE_OF_CONDUCT.md ADDED
@@ -0,0 +1,43 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ # Contributor Code of Conduct
2
+
3
+ As contributors and maintainers of this project,
4
+ and in the interest of fostering an open and welcoming community,
5
+ we pledge to respect all people who contribute through reporting issues,
6
+ posting feature requests, updating documentation,
7
+ submitting pull requests or patches, and other activities.
8
+
9
+ We are committed to making participation in this project
10
+ a harassment-free experience for everyone,
11
+ regardless of level of experience, gender, gender identity and expression,
12
+ sexual orientation, disability, personal appearance,
13
+ body size, race, ethnicity, age, religion, or nationality.
14
+
15
+ Examples of unacceptable behavior by participants include:
16
+
17
+ * The use of sexualized language or imagery
18
+ * Personal attacks
19
+ * Trolling or insulting/derogatory comments
20
+ * Public or private harassment
21
+ * Publishing other's private information,
22
+ such as physical or electronic
23
+ addresses, without explicit permission
24
+ * Other unethical or unprofessional conduct.
25
+
26
+ Project maintainers have the right and responsibility to remove, edit, or reject
27
+ comments, commits, code, wiki edits, issues, and other contributions
28
+ that are not aligned to this Code of Conduct.
29
+ By adopting this Code of Conduct,
30
+ project maintainers commit themselves to fairly and consistently
31
+ applying these principles to every aspect of managing this project.
32
+ Project maintainers who do not follow or enforce the Code of Conduct
33
+ may be permanently removed from the project team.
34
+
35
+ This code of conduct applies both within project spaces and in public spaces
36
+ when an individual is representing the project or its community.
37
+
38
+ Instances of abusive, harassing, or otherwise unacceptable behavior
39
+ may be reported by opening an issue
40
+ or contacting one or more of the project maintainers.
41
+
42
+ This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.2.0,
43
+ available at [http://contributor-covenant.org/version/1/2/0/](http://contributor-covenant.org/version/1/2/0/)
vendor/google/auth/composer.json CHANGED
@@ -9,17 +9,17 @@
9
  "docs": "https://googleapis.github.io/google-auth-library-php/main/"
10
  },
11
  "require": {
12
- "php": "^7.1||^8.0",
13
- "firebase/php-jwt": "^5.5||^6.0",
14
  "guzzlehttp/guzzle": "^6.2.1|^7.0",
15
  "guzzlehttp/psr7": "^1.7|^2.0",
16
  "psr/http-message": "^1.0",
17
- "psr/cache": "^1.0|^2.0|^3.0"
18
  },
19
  "require-dev": {
20
  "guzzlehttp/promises": "0.1.1|^1.3",
21
  "squizlabs/php_codesniffer": "^3.5",
22
- "phpunit/phpunit": "^7.5||^8.5",
23
  "phpspec/prophecy-phpunit": "^1.1",
24
  "sebastian/comparator": ">=1.2.3",
25
  "phpseclib/phpseclib": "^2.0.31",
9
  "docs": "https://googleapis.github.io/google-auth-library-php/main/"
10
  },
11
  "require": {
12
+ "php": ">=5.6",
13
+ "firebase/php-jwt": "~5.0",
14
  "guzzlehttp/guzzle": "^6.2.1|^7.0",
15
  "guzzlehttp/psr7": "^1.7|^2.0",
16
  "psr/http-message": "^1.0",
17
+ "psr/cache": "^1.0|^2.0"
18
  },
19
  "require-dev": {
20
  "guzzlehttp/promises": "0.1.1|^1.3",
21
  "squizlabs/php_codesniffer": "^3.5",
22
+ "phpunit/phpunit": "^5.7||^8.5.13",
23
  "phpspec/prophecy-phpunit": "^1.1",
24
  "sebastian/comparator": ">=1.2.3",
25
  "phpseclib/phpseclib": "^2.0.31",
vendor/google/auth/renovate.json ADDED
@@ -0,0 +1,6 @@
 
 
 
 
 
 
1
+ {
2
+ "extends": [
3
+ "config:base",
4
+ ":preserveSemverRanges"
5
+ ]
6
+ }
vendor/google/auth/src/AccessToken.php CHANGED
@@ -21,7 +21,6 @@ use DateTime;
21
  use Exception;
22
  use Firebase\JWT\ExpiredException;
23
  use Firebase\JWT\JWT;
24
- use Firebase\JWT\Key;
25
  use Firebase\JWT\SignatureInvalidException;
26
  use Google\Auth\Cache\MemoryCacheItemPool;
27
  use Google\Auth\HttpHandler\HttpClientCache;
@@ -83,22 +82,20 @@ class AccessToken
83
  * accepted. By default, the id token must have been issued to this OAuth2 client.
84
  *
85
  * @param string $token The JSON Web Token to be verified.
86
- * @param array<mixed> $options [optional] {
87
- * Configuration options.
88
- * @type string $audience The indended recipient of the token.
89
- * @type string $issuer The intended issuer of the token.
90
- * @type string $cacheKey The cache key of the cached certs. Defaults to
91
  * the sha1 of $certsLocation if provided, otherwise is set to
92
  * "federated_signon_certs_v3".
93
- * @type string $certsLocation The location (remote or local) from which
94
  * to retrieve certificates, if not cached. This value should only be
95
  * provided in limited circumstances in which you are sure of the
96
  * behavior.
97
- * @type bool $throwException Whether the function should throw an
98
  * exception if the verification fails. This is useful for
99
  * determining the reason verification failed.
100
- * }
101
- * @return array<mixed>|false the token payload, if successful, or false if not.
102
  * @throws InvalidArgumentException If certs could not be retrieved from a local file.
103
  * @throws InvalidArgumentException If received certs are in an invalid format.
104
  * @throws InvalidArgumentException If the cert alg is not supported.
@@ -137,10 +134,12 @@ class AccessToken
137
  return $this->verifyRs256($token, $certs, $audience, $issuer);
138
  }
139
  return $this->verifyEs256($token, $certs, $audience, $issuer);
140
- } catch (ExpiredException $e) { // firebase/php-jwt 5+
141
- } catch (SignatureInvalidException $e) { // firebase/php-jwt 5+
 
 
142
  } catch (InvalidTokenException $e) { // simplejwt
143
- } catch (DomainException $e) { // @phpstan-ignore-line
144
  } catch (InvalidArgumentException $e) {
145
  } catch (UnexpectedValueException $e) {
146
  }
@@ -156,7 +155,7 @@ class AccessToken
156
  * Identifies the expected algorithm to verify by looking at the "alg" key
157
  * of the provided certs.
158
  *
159
- * @param array<mixed> $certs Certificate array according to the JWK spec (see
160
  * https://tools.ietf.org/html/rfc7517).
161
  * @return string The expected algorithm, such as "ES256" or "RS256".
162
  */
@@ -184,13 +183,13 @@ class AccessToken
184
  * Verifies an ES256-signed JWT.
185
  *
186
  * @param string $token The JSON Web Token to be verified.
187
- * @param array<mixed> $certs Certificate array according to the JWK spec (see
188
  * https://tools.ietf.org/html/rfc7517).
189
  * @param string|null $audience If set, returns false if the provided
190
  * audience does not match the "aud" claim on the JWT.
191
  * @param string|null $issuer If set, returns false if the provided
192
  * issuer does not match the "iss" claim on the JWT.
193
- * @return array<mixed> the token payload, if successful, or false if not.
194
  */
195
  private function verifyEs256($token, array $certs, $audience = null, $issuer = null)
196
  {
@@ -205,8 +204,8 @@ class AccessToken
205
  $jwt = $this->callSimpleJwtDecode([$token, $jwkset, 'ES256']);
206
  $payload = $jwt->getClaims();
207
 
208
- if ($audience) {
209
- if (!isset($payload['aud']) || $payload['aud'] != $audience) {
210
  throw new UnexpectedValueException('Audience does not match');
211
  }
212
  }
@@ -224,13 +223,13 @@ class AccessToken
224
  * Verifies an RS256-signed JWT.
225
  *
226
  * @param string $token The JSON Web Token to be verified.
227
- * @param array<mixed> $certs Certificate array according to the JWK spec (see
228
  * https://tools.ietf.org/html/rfc7517).
229
  * @param string|null $audience If set, returns false if the provided
230
  * audience does not match the "aud" claim on the JWT.
231
  * @param string|null $issuer If set, returns false if the provided
232
  * issuer does not match the "iss" claim on the JWT.
233
- * @return array<mixed> the token payload, if successful, or false if not.
234
  */
235
  private function verifyRs256($token, array $certs, $audience = null, $issuer = null)
236
  {
@@ -258,16 +257,17 @@ class AccessToken
258
  ]);
259
 
260
  // create an array of key IDs to certs for the JWT library
261
- $keys[$cert['kid']] = new Key($rsa->getPublicKey(), 'RS256');
262
  }
263
 
264
  $payload = $this->callJwtStatic('decode', [
265
  $token,
266
  $keys,
 
267
  ]);
268
 
269
- if ($audience) {
270
- if (!property_exists($payload, 'aud') || $payload->aud != $audience) {
271
  throw new UnexpectedValueException('Audience does not match');
272
  }
273
  }
@@ -286,8 +286,8 @@ class AccessToken
286
  * Revoke an OAuth2 access token or refresh token. This method will revoke the current access
287
  * token, if a token isn't provided.
288
  *
289
- * @param string|array<mixed> $token The token (access token or a refresh token) that should be revoked.
290
- * @param array<mixed> $options [optional] Configuration options.
291
  * @return bool Returns True if the revocation was successful, otherwise False.
292
  */
293
  public function revoke($token, array $options = [])
@@ -320,14 +320,14 @@ class AccessToken
320
  *
321
  * @param string $location The location from which to retrieve certs.
322
  * @param string $cacheKey The key under which to cache the retrieved certs.
323
- * @param array<mixed> $options [optional] Configuration options.
324
- * @return array<mixed>
325
  * @throws InvalidArgumentException If received certs are in an invalid format.
326
  */
327
  private function getCerts($location, $cacheKey, array $options = [])
328
  {
329
  $cacheItem = $this->cache->getItem($cacheKey);
330
- $certs = $cacheItem ? $cacheItem->get() : null; // @phpstan-ignore-line
331
 
332
  $gotNewCerts = false;
333
  if (!$certs) {
@@ -361,9 +361,9 @@ class AccessToken
361
  /**
362
  * Retrieve and cache a certificates file.
363
  *
364
- * @param string $url location
365
- * @param array<mixed> $options [optional] Configuration options.
366
- * @return array<mixed> certificates
367
  * @throws InvalidArgumentException If certs could not be retrieved from a local file.
368
  * @throws RuntimeException If certs could not be retrieved from a remote location.
369
  */
@@ -378,7 +378,7 @@ class AccessToken
378
  ));
379
  }
380
 
381
- return json_decode((string) file_get_contents($url), true);
382
  }
383
 
384
  $httpHandler = $this->httpHandler;
@@ -394,9 +394,6 @@ class AccessToken
394
  ), $response->getStatusCode());
395
  }
396
 
397
- /**
398
- * @return void
399
- */
400
  private function checkAndInitializePhpsec()
401
  {
402
  // @codeCoverageIgnoreStart
@@ -408,13 +405,10 @@ class AccessToken
408
  $this->setPhpsecConstants();
409
  }
410
 
411
- /**
412
- * @return void
413
- */
414
  private function checkSimpleJwt()
415
  {
416
  // @codeCoverageIgnoreStart
417
- if (!class_exists(SimpleJwt::class)) {
418
  throw new RuntimeException('Please require kelvinmo/simplejwt ^0.2 to use this utility.');
419
  }
420
  // @codeCoverageIgnoreEnd
@@ -428,8 +422,6 @@ class AccessToken
428
  * @see phpseclib/Math/BigInteger
429
  * @see https://github.com/GoogleCloudPlatform/getting-started-php/issues/85
430
  * @codeCoverageIgnore
431
- *
432
- * @return void
433
  */
434
  private function setPhpsecConstants()
435
  {
@@ -447,23 +439,24 @@ class AccessToken
447
  * Provide a hook to mock calls to the JWT static methods.
448
  *
449
  * @param string $method
450
- * @param array<mixed> $args
451
  * @return mixed
452
  */
453
  protected function callJwtStatic($method, array $args = [])
454
  {
455
- return call_user_func_array([JWT::class, $method], $args); // @phpstan-ignore-line
 
456
  }
457
 
458
  /**
459
  * Provide a hook to mock calls to the JWT static methods.
460
  *
461
- * @param array<mixed> $args
462
  * @return mixed
463
  */
464
  protected function callSimpleJwtDecode(array $args = [])
465
  {
466
- return call_user_func_array([SimpleJwt::class, 'decode'], $args);
467
  }
468
 
469
  /**
21
  use Exception;
22
  use Firebase\JWT\ExpiredException;
23
  use Firebase\JWT\JWT;
 
24
  use Firebase\JWT\SignatureInvalidException;
25
  use Google\Auth\Cache\MemoryCacheItemPool;
26
  use Google\Auth\HttpHandler\HttpClientCache;
82
  * accepted. By default, the id token must have been issued to this OAuth2 client.
83
  *
84
  * @param string $token The JSON Web Token to be verified.
85
+ * @param array $options [optional] Configuration options.
86
+ * @param string $options.audience The indended recipient of the token.
87
+ * @param string $options.issuer The intended issuer of the token.
88
+ * @param string $options.cacheKey The cache key of the cached certs. Defaults to
 
89
  * the sha1 of $certsLocation if provided, otherwise is set to
90
  * "federated_signon_certs_v3".
91
+ * @param string $options.certsLocation The location (remote or local) from which
92
  * to retrieve certificates, if not cached. This value should only be
93
  * provided in limited circumstances in which you are sure of the
94
  * behavior.
95
+ * @param bool $options.throwException Whether the function should throw an
96
  * exception if the verification fails. This is useful for
97
  * determining the reason verification failed.
98
+ * @return array|bool the token payload, if successful, or false if not.
 
99
  * @throws InvalidArgumentException If certs could not be retrieved from a local file.
100
  * @throws InvalidArgumentException If received certs are in an invalid format.
101
  * @throws InvalidArgumentException If the cert alg is not supported.
134
  return $this->verifyRs256($token, $certs, $audience, $issuer);
135
  }
136
  return $this->verifyEs256($token, $certs, $audience, $issuer);
137
+ } catch (ExpiredException $e) { // firebase/php-jwt 3+
138
+ } catch (\ExpiredException $e) { // firebase/php-jwt 2
139
+ } catch (SignatureInvalidException $e) { // firebase/php-jwt 3+
140
+ } catch (\SignatureInvalidException $e) { // firebase/php-jwt 2
141
  } catch (InvalidTokenException $e) { // simplejwt
142
+ } catch (DomainException $e) {
143
  } catch (InvalidArgumentException $e) {
144
  } catch (UnexpectedValueException $e) {
145
  }
155
  * Identifies the expected algorithm to verify by looking at the "alg" key
156
  * of the provided certs.
157
  *
158
+ * @param array $certs Certificate array according to the JWK spec (see
159
  * https://tools.ietf.org/html/rfc7517).
160
  * @return string The expected algorithm, such as "ES256" or "RS256".
161
  */
183
  * Verifies an ES256-signed JWT.
184
  *
185
  * @param string $token The JSON Web Token to be verified.
186
+ * @param array $certs Certificate array according to the JWK spec (see
187
  * https://tools.ietf.org/html/rfc7517).
188
  * @param string|null $audience If set, returns false if the provided
189
  * audience does not match the "aud" claim on the JWT.
190
  * @param string|null $issuer If set, returns false if the provided
191
  * issuer does not match the "iss" claim on the JWT.
192
+ * @return array|bool the token payload, if successful, or false if not.
193
  */
194
  private function verifyEs256($token, array $certs, $audience = null, $issuer = null)
195
  {
204
  $jwt = $this->callSimpleJwtDecode([$token, $jwkset, 'ES256']);
205
  $payload = $jwt->getClaims();
206
 
207
+ if (isset($payload['aud'])) {
208
+ if ($audience && $payload['aud'] != $audience) {
209
  throw new UnexpectedValueException('Audience does not match');
210
  }
211
  }
223
  * Verifies an RS256-signed JWT.
224
  *
225
  * @param string $token The JSON Web Token to be verified.
226
+ * @param array $certs Certificate array according to the JWK spec (see
227
  * https://tools.ietf.org/html/rfc7517).
228
  * @param string|null $audience If set, returns false if the provided
229
  * audience does not match the "aud" claim on the JWT.
230
  * @param string|null $issuer If set, returns false if the provided
231
  * issuer does not match the "iss" claim on the JWT.
232
+ * @return array|bool the token payload, if successful, or false if not.
233
  */
234
  private function verifyRs256($token, array $certs, $audience = null, $issuer = null)
235
  {
257
  ]);
258
 
259
  // create an array of key IDs to certs for the JWT library
260
+ $keys[$cert['kid']] = $rsa->getPublicKey();
261
  }
262
 
263
  $payload = $this->callJwtStatic('decode', [
264
  $token,
265
  $keys,
266
+ ['RS256']
267
  ]);
268
 
269
+ if (property_exists($payload, 'aud')) {
270
+ if ($audience && $payload->aud != $audience) {
271
  throw new UnexpectedValueException('Audience does not match');
272
  }
273
  }
286
  * Revoke an OAuth2 access token or refresh token. This method will revoke the current access
287
  * token, if a token isn't provided.
288
  *
289
+ * @param string|array $token The token (access token or a refresh token) that should be revoked.
290
+ * @param array $options [optional] Configuration options.
291
  * @return bool Returns True if the revocation was successful, otherwise False.
292
  */
293
  public function revoke($token, array $options = [])
320
  *
321
  * @param string $location The location from which to retrieve certs.
322
  * @param string $cacheKey The key under which to cache the retrieved certs.
323
+ * @param array $options [optional] Configuration options.
324
+ * @return array
325
  * @throws InvalidArgumentException If received certs are in an invalid format.
326
  */
327
  private function getCerts($location, $cacheKey, array $options = [])
328
  {
329
  $cacheItem = $this->cache->getItem($cacheKey);
330
+ $certs = $cacheItem ? $cacheItem->get() : null;
331
 
332
  $gotNewCerts = false;
333
  if (!$certs) {
361
  /**
362
  * Retrieve and cache a certificates file.
363
  *
364
+ * @param $url string location
365
+ * @param array $options [optional] Configuration options.
366
+ * @return array certificates
367
  * @throws InvalidArgumentException If certs could not be retrieved from a local file.
368
  * @throws RuntimeException If certs could not be retrieved from a remote location.
369
  */
378
  ));
379
  }
380
 
381
+ return json_decode(file_get_contents($url), true);
382
  }
383
 
384
  $httpHandler = $this->httpHandler;
394
  ), $response->getStatusCode());
395
  }
396
 
 
 
 
397
  private function checkAndInitializePhpsec()
398
  {
399
  // @codeCoverageIgnoreStart
405
  $this->setPhpsecConstants();
406
  }
407
 
 
 
 
408
  private function checkSimpleJwt()
409
  {
410
  // @codeCoverageIgnoreStart
411
+ if (!class_exists('SimpleJWT\JWT')) {
412
  throw new RuntimeException('Please require kelvinmo/simplejwt ^0.2 to use this utility.');
413
  }
414
  // @codeCoverageIgnoreEnd
422
  * @see phpseclib/Math/BigInteger
423
  * @see https://github.com/GoogleCloudPlatform/getting-started-php/issues/85
424
  * @codeCoverageIgnore
 
 
425
  */
426
  private function setPhpsecConstants()
427
  {
439
  * Provide a hook to mock calls to the JWT static methods.
440
  *
441
  * @param string $method
442
+ * @param array $args
443
  * @return mixed
444
  */
445
  protected function callJwtStatic($method, array $args = [])
446
  {
447
+ $class = 'Firebase\JWT\JWT';
448
+ return call_user_func_array([$class, $method], $args);
449
  }
450
 
451
  /**
452
  * Provide a hook to mock calls to the JWT static methods.
453
  *
454
+ * @param array $args
455
  * @return mixed
456
  */
457
  protected function callSimpleJwtDecode(array $args = [])
458
  {
459
+ return call_user_func_array(['SimpleJWT\JWT', 'decode'], $args);
460
  }
461
 
462
  /**
vendor/google/auth/src/ApplicationDefaultCredentials.php CHANGED
@@ -70,24 +70,22 @@ use Psr\Cache\CacheItemPoolInterface;
70
  class ApplicationDefaultCredentials
71
  {
72
  /**
73
- * @deprecated
74
- *
75
  * Obtains an AuthTokenSubscriber that uses the default FetchAuthTokenInterface
76
  * implementation to use in this environment.
77
  *
78
  * If supplied, $scope is used to in creating the credentials instance if
79
  * this does not fallback to the compute engine defaults.
80
  *
81
- * @param string|string[] $scope the scope of the access request, expressed
82
  * either as an Array or as a space-delimited String.
83
  * @param callable $httpHandler callback which delivers psr7 request
84
- * @param array<mixed> $cacheConfig configuration for the cache when it's present
85
  * @param CacheItemPoolInterface $cache A cache implementation, may be
86
  * provided if you have one already available for use.
87
  * @return AuthTokenSubscriber
88
  * @throws DomainException if no implementation can be obtained.
89
  */
90
- public static function getSubscriber(// @phpstan-ignore-line
91
  $scope = null,
92
  callable $httpHandler = null,
93
  array $cacheConfig = null,
@@ -95,7 +93,6 @@ class ApplicationDefaultCredentials
95
  ) {
96
  $creds = self::getCredentials($scope, $httpHandler, $cacheConfig, $cache);
97
 
98
- /** @phpstan-ignore-next-line */
99
  return new AuthTokenSubscriber($creds, $httpHandler);
100
  }
101
 
@@ -106,10 +103,10 @@ class ApplicationDefaultCredentials
106
  * If supplied, $scope is used to in creating the credentials instance if
107
  * this does not fallback to the compute engine defaults.
108
  *
109
- * @param string|string[] $scope the scope of the access request, expressed
110
  * either as an Array or as a space-delimited String.
111
  * @param callable $httpHandler callback which delivers psr7 request
112
- * @param array<mixed> $cacheConfig configuration for the cache when it's present
113
  * @param CacheItemPoolInterface $cache A cache implementation, may be
114
  * provided if you have one already available for use.
115
  * @param string $quotaProject specifies a project to bill for access
@@ -133,19 +130,19 @@ class ApplicationDefaultCredentials
133
  * Obtains the default FetchAuthTokenInterface implementation to use
134
  * in this environment.
135
  *
136
- * @param string|string[] $scope the scope of the access request, expressed
137
  * either as an Array or as a space-delimited String.
138
  * @param callable $httpHandler callback which delivers psr7 request
139
- * @param array<mixed> $cacheConfig configuration for the cache when it's present
140
  * @param CacheItemPoolInterface $cache A cache implementation, may be
141
  * provided if you have one already available for use.
142
  * @param string $quotaProject specifies a project to bill for access
143
  * charges associated with the request.
144
- * @param string|string[] $defaultScope The default scope to use if no
145
  * user-defined scopes exist, expressed either as an Array or as a
146
  * space-delimited string.
147
  *
148
- * @return FetchAuthTokenInterface
149
  * @throws DomainException if no implementation can be obtained.
150
  */
151
  public static function getCredentials(
@@ -204,7 +201,7 @@ class ApplicationDefaultCredentials
204
  *
205
  * @param string $targetAudience The audience for the ID token.
206
  * @param callable $httpHandler callback which delivers psr7 request
207
- * @param array<mixed> $cacheConfig configuration for the cache when it's present
208
  * @param CacheItemPoolInterface $cache A cache implementation, may be
209
  * provided if you have one already available for use.
210
  * @return AuthTokenMiddleware
@@ -231,7 +228,7 @@ class ApplicationDefaultCredentials
231
  *
232
  * @param string $targetAudience The audience for the ID token.
233
  * @param callable $httpHandler callback which delivers psr7 request
234
- * @param array<mixed> $cacheConfig configuration for the cache when it's present
235
  * @param CacheItemPoolInterface $cache A cache implementation, may be
236
  * provided if you have one already available for use.
237
  * @return ProxyAuthTokenMiddleware
@@ -255,10 +252,10 @@ class ApplicationDefaultCredentials
255
  *
256
  * @param string $targetAudience The audience for the ID token.
257
  * @param callable $httpHandler callback which delivers psr7 request
258
- * @param array<mixed> $cacheConfig configuration for the cache when it's present
259
  * @param CacheItemPoolInterface $cache A cache implementation, may be
260
  * provided if you have one already available for use.
261
- * @return FetchAuthTokenInterface
262
  * @throws DomainException if no implementation can be obtained.
263
  * @throws InvalidArgumentException if JSON "type" key is invalid
264
  */
@@ -308,9 +305,6 @@ class ApplicationDefaultCredentials
308
  return $creds;
309
  }
310
 
311
- /**
312
- * @return string
313
- */
314
  private static function notFound()
315
  {
316
  $msg = 'Could not load the default credentials. Browse to ';
@@ -321,12 +315,6 @@ class ApplicationDefaultCredentials
321
  return $msg;
322
  }
323
 
324
- /**
325
- * @param callable $httpHandler
326
- * @param array<mixed> $cacheConfig
327
- * @param CacheItemPoolInterface $cache
328
- * @return bool
329
- */
330
  private static function onGce(
331
  callable $httpHandler = null,
332
  array $cacheConfig = null,
70
  class ApplicationDefaultCredentials
71
  {
72
  /**
 
 
73
  * Obtains an AuthTokenSubscriber that uses the default FetchAuthTokenInterface
74
  * implementation to use in this environment.
75
  *
76
  * If supplied, $scope is used to in creating the credentials instance if
77
  * this does not fallback to the compute engine defaults.
78
  *
79
+ * @param string|array scope the scope of the access request, expressed
80
  * either as an Array or as a space-delimited String.
81
  * @param callable $httpHandler callback which delivers psr7 request
82
+ * @param array $cacheConfig configuration for the cache when it's present
83
  * @param CacheItemPoolInterface $cache A cache implementation, may be
84
  * provided if you have one already available for use.
85
  * @return AuthTokenSubscriber
86
  * @throws DomainException if no implementation can be obtained.
87
  */
88
+ public static function getSubscriber(
89
  $scope = null,
90
  callable $httpHandler = null,
91
  array $cacheConfig = null,
93
  ) {
94
  $creds = self::getCredentials($scope, $httpHandler, $cacheConfig, $cache);
95
 
 
96
  return new AuthTokenSubscriber($creds, $httpHandler);
97
  }
98
 
103
  * If supplied, $scope is used to in creating the credentials instance if
104
  * this does not fallback to the compute engine defaults.
105
  *
106
+ * @param string|array scope the scope of the access request, expressed
107
  * either as an Array or as a space-delimited String.
108
  * @param callable $httpHandler callback which delivers psr7 request
109
+ * @param array $cacheConfig configuration for the cache when it's present
110
  * @param CacheItemPoolInterface $cache A cache implementation, may be
111
  * provided if you have one already available for use.
112
  * @param string $quotaProject specifies a project to bill for access
130
  * Obtains the default FetchAuthTokenInterface implementation to use
131
  * in this environment.
132
  *
133
+ * @param string|array $scope the scope of the access request, expressed
134
  * either as an Array or as a space-delimited String.
135
  * @param callable $httpHandler callback which delivers psr7 request
136
+ * @param array $cacheConfig configuration for the cache when it's present
137
  * @param CacheItemPoolInterface $cache A cache implementation, may be
138
  * provided if you have one already available for use.
139
  * @param string $quotaProject specifies a project to bill for access
140
  * charges associated with the request.
141
+ * @param string|array $defaultScope The default scope to use if no
142
  * user-defined scopes exist, expressed either as an Array or as a
143
  * space-delimited string.
144
  *
145
+ * @return CredentialsLoader
146
  * @throws DomainException if no implementation can be obtained.
147
  */
148
  public static function getCredentials(
201
  *
202
  * @param string $targetAudience The audience for the ID token.
203
  * @param callable $httpHandler callback which delivers psr7 request
204
+ * @param array $cacheConfig configuration for the cache when it's present
205
  * @param CacheItemPoolInterface $cache A cache implementation, may be
206
  * provided if you have one already available for use.
207
  * @return AuthTokenMiddleware
228
  *
229
  * @param string $targetAudience The audience for the ID token.
230
  * @param callable $httpHandler callback which delivers psr7 request
231
+ * @param array $cacheConfig configuration for the cache when it's present
232
  * @param CacheItemPoolInterface $cache A cache implementation, may be
233
  * provided if you have one already available for use.
234
  * @return ProxyAuthTokenMiddleware
252
  *
253
  * @param string $targetAudience The audience for the ID token.
254
  * @param callable $httpHandler callback which delivers psr7 request
255
+ * @param array $cacheConfig configuration for the cache when it's present
256
  * @param CacheItemPoolInterface $cache A cache implementation, may be
257
  * provided if you have one already available for use.
258
+ * @return CredentialsLoader
259
  * @throws DomainException if no implementation can be obtained.
260
  * @throws InvalidArgumentException if JSON "type" key is invalid
261
  */
305
  return $creds;
306
  }
307
 
 
 
 
308
  private static function notFound()
309
  {
310
  $msg = 'Could not load the default credentials. Browse to ';
315
  return $msg;
316
  }
317
 
 
 
 
 
 
 
318
  private static function onGce(
319
  callable $httpHandler = null,
320
  array $cacheConfig = null,
vendor/google/auth/src/Cache/Item.php CHANGED
@@ -17,11 +17,7 @@
17
 
18
  namespace Google\Auth\Cache;
19
 
20
- use DateTime;
21
- use DateTimeInterface;
22
- use DateTimeZone;
23
  use Psr\Cache\CacheItemInterface;
24
- use TypeError;
25
 
26
  /**
27
  * A cache item.
@@ -39,7 +35,7 @@ final class Item implements CacheItemInterface
39
  private $value;
40
 
41
  /**
42
- * @var DateTimeInterface|null
43
  */
44
  private $expiration;
45
 
@@ -110,13 +106,18 @@ final class Item implements CacheItemInterface
110
  return $this;
111
  }
112
 
 
 
 
 
113
  $error = sprintf(
114
- 'Argument 1 passed to %s::expiresAt() must implement interface DateTimeInterface, %s given',
115
  get_class($this),
 
116
  gettype($expiration)
117
  );
118
 
119
- throw new TypeError($error);
120
  }
121
 
122
  /**
@@ -135,12 +136,27 @@ final class Item implements CacheItemInterface
135
  'instance of DateInterval or of the type integer, %s given';
136
  $error = sprintf($message, get_class($this), gettype($time));
137
 
138
- throw new TypeError($error);
139
  }
140
 
141
  return $this;
142
  }
143
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
144
  /**
145
  * Determines if an expiration is valid based on the rules defined by PSR6.
146
  *
@@ -153,18 +169,15 @@ final class Item implements CacheItemInterface
153
  return true;
154
  }
155
 
156
- if ($expiration instanceof DateTimeInterface) {
157
  return true;
158
  }
159
 
160
  return false;
161
  }
162
 
163
- /**
164
- * @return DateTime
165
- */
166
  protected function currentTime()
167
  {
168
- return new DateTime('now', new DateTimeZone('UTC'));
169
  }
170
  }
17
 
18
  namespace Google\Auth\Cache;
19
 
 
 
 
20
  use Psr\Cache\CacheItemInterface;
 
21
 
22
  /**
23
  * A cache item.
35
  private $value;
36
 
37
  /**
38
+ * @var \DateTime|null
39
  */
40
  private $expiration;
41
 
106
  return $this;
107
  }
108
 
109
+ $implementationMessage = interface_exists('DateTimeInterface')
110
+ ? 'implement interface DateTimeInterface'
111
+ : 'be an instance of DateTime';
112
+
113
  $error = sprintf(
114
+ 'Argument 1 passed to %s::expiresAt() must %s, %s given',
115
  get_class($this),
116
+ $implementationMessage,
117
  gettype($expiration)
118
  );
119
 
120
+ $this->handleError($error);
121
  }
122
 
123
  /**
136
  'instance of DateInterval or of the type integer, %s given';
137
  $error = sprintf($message, get_class($this), gettype($time));
138
 
139
+ $this->handleError($error);
140
  }
141
 
142
  return $this;
143
  }
144
 
145
+ /**
146
+ * Handles an error.
147
+ *
148
+ * @param string $error
149
+ * @throws \TypeError
150
+ */
151
+ private function handleError($error)
152
+ {
153
+ if (class_exists('TypeError')) {
154
+ throw new \TypeError($error);
155
+ }
156
+
157
+ trigger_error($error, E_USER_ERROR);
158
+ }
159
+
160
  /**
161
  * Determines if an expiration is valid based on the rules defined by PSR6.
162
  *
169
  return true;
170
  }
171
 
172
+ if ($expiration instanceof \DateTimeInterface) {
173
  return true;
174
  }
175
 
176
  return false;
177
  }
178
 
 
 
 
179
  protected function currentTime()
180
  {
181
+ return new \DateTime('now', new \DateTimeZone('UTC'));
182
  }
183
  }
vendor/google/auth/src/Cache/MemoryCacheItemPool.php CHANGED
@@ -38,28 +38,29 @@ final class MemoryCacheItemPool implements CacheItemPoolInterface
38
  /**
39
  * {@inheritdoc}
40
  *
41
- * @return CacheItemInterface The corresponding Cache Item.
 
42
  */
43
- public function getItem($key): CacheItemInterface
44
  {
45
- return current($this->getItems([$key])); // @phpstan-ignore-line
46
  }
47
 
48
  /**
49
  * {@inheritdoc}
50
  *
51
- * @return iterable<CacheItemInterface>
52
  * A traversable collection of Cache Items keyed by the cache keys of
53
  * each item. A Cache item will be returned for each key, even if that
54
  * key is not found. However, if no keys are specified then an empty
55
  * traversable MUST be returned instead.
56
  */
57
- public function getItems(array $keys = []): iterable
58
  {
59
  $items = [];
60
- $itemClass = \PHP_VERSION_ID >= 80000 ? TypedItem::class : Item::class;
61
  foreach ($keys as $key) {
62
- $items[$key] = $this->hasItem($key) ? clone $this->items[$key] : new $itemClass($key);
63
  }
64
 
65
  return $items;
@@ -71,7 +72,7 @@ final class MemoryCacheItemPool implements CacheItemPoolInterface
71
  * @return bool
72
  * True if item exists in the cache, false otherwise.
73
  */
74
- public function hasItem($key): bool
75
  {
76
  $this->isValidKey($key);
77
 
@@ -84,7 +85,7 @@ final class MemoryCacheItemPool implements CacheItemPoolInterface
84
  * @return bool
85
  * True if the pool was successfully cleared. False if there was an error.
86
  */
87
- public function clear(): bool
88
  {
89
  $this->items = [];
90
  $this->deferredItems = [];
@@ -98,7 +99,7 @@ final class MemoryCacheItemPool implements CacheItemPoolInterface
98
  * @return bool
99
  * True if the item was successfully removed. False if there was an error.
100
  */
101
- public function deleteItem($key): bool
102
  {
103
  return $this->deleteItems([$key]);
104
  }
@@ -109,7 +110,7 @@ final class MemoryCacheItemPool implements CacheItemPoolInterface
109
  * @return bool
110
  * True if the items were successfully removed. False if there was an error.
111
  */
112
- public function deleteItems(array $keys): bool
113
  {
114
  array_walk($keys, [$this, 'isValidKey']);
115
 
@@ -126,7 +127,7 @@ final class MemoryCacheItemPool implements CacheItemPoolInterface
126
  * @return bool
127
  * True if the item was successfully persisted. False if there was an error.
128
  */
129
- public function save(CacheItemInterface $item): bool
130
  {
131
  $this->items[$item->getKey()] = $item;
132
 
@@ -139,7 +140,7 @@ final class MemoryCacheItemPool implements CacheItemPoolInterface
139
  * @return bool
140
  * False if the item could not be queued or if a commit was attempted and failed. True otherwise.
141
  */
142
- public function saveDeferred(CacheItemInterface $item): bool
143
  {
144
  $this->deferredItems[$item->getKey()] = $item;
145
 
@@ -152,7 +153,7 @@ final class MemoryCacheItemPool implements CacheItemPoolInterface
152
  * @return bool
153
  * True if all not-yet-saved items were successfully saved or there were none. False otherwise.
154
  */
155
- public function commit(): bool
156
  {
157
  foreach ($this->deferredItems as $item) {
158
  $this->save($item);
38
  /**
39
  * {@inheritdoc}
40
  *
41
+ * @return CacheItemInterface
42
+ * The corresponding Cache Item.
43
  */
44
+ public function getItem($key)
45
  {
46
+ return current($this->getItems([$key]));
47
  }
48
 
49
  /**
50
  * {@inheritdoc}
51
  *
52
+ * @return array
53
  * A traversable collection of Cache Items keyed by the cache keys of
54
  * each item. A Cache item will be returned for each key, even if that
55
  * key is not found. However, if no keys are specified then an empty
56
  * traversable MUST be returned instead.
57
  */
58
+ public function getItems(array $keys = [])
59
  {
60
  $items = [];
61
+
62
  foreach ($keys as $key) {
63
+ $items[$key] = $this->hasItem($key) ? clone $this->items[$key] : new Item($key);
64
  }
65
 
66
  return $items;
72
  * @return bool
73
  * True if item exists in the cache, false otherwise.
74
  */
75
+ public function hasItem($key)
76
  {
77
  $this->isValidKey($key);
78
 
85
  * @return bool
86
  * True if the pool was successfully cleared. False if there was an error.
87
  */
88
+ public function clear()
89
  {
90
  $this->items = [];
91
  $this->deferredItems = [];
99
  * @return bool
100
  * True if the item was successfully removed. False if there was an error.
101
  */
102
+ public function deleteItem($key)
103
  {
104
  return $this->deleteItems([$key]);
105
  }
110
  * @return bool
111
  * True if the items were successfully removed. False if there was an error.
112
  */
113
+ public function deleteItems(array $keys)
114
  {
115
  array_walk($keys, [$this, 'isValidKey']);
116
 
127
  * @return bool
128
  * True if the item was successfully persisted. False if there was an error.
129
  */
130
+ public function save(CacheItemInterface $item)
131
  {
132
  $this->items[$item->getKey()] = $item;
133
 
140
  * @return bool
141
  * False if the item could not be queued or if a commit was attempted and failed. True otherwise.
142
  */
143
+ public function saveDeferred(CacheItemInterface $item)
144
  {
145
  $this->deferredItems[$item->getKey()] = $item;
146
 
153
  * @return bool
154
  * True if all not-yet-saved items were successfully saved or there were none. False otherwise.
155
  */
156
+ public function commit()
157
  {
158
  foreach ($this->deferredItems as $item) {
159
  $this->save($item);
vendor/google/auth/src/Cache/SysVCacheItemPool.php CHANGED
@@ -36,9 +36,7 @@ class SysVCacheItemPool implements CacheItemPoolInterface
36
 
37
  const DEFAULT_PERM = 0600;
38
 
39
- /**
40
- * @var int
41
- */
42
  private $sysvKey;
43
 
44
  /**
@@ -52,11 +50,11 @@ class SysVCacheItemPool implements CacheItemPoolInterface
52
  private $deferredItems;
53
 
54
  /**
55
- * @var array<mixed>
56
  */
57
  private $options;
58
 
59
- /**
60
  * @var bool
61
  */
62
  private $hasLoadedItems = false;
@@ -64,15 +62,15 @@ class SysVCacheItemPool implements CacheItemPoolInterface
64
  /**
65
  * Create a SystemV shared memory based CacheItemPool.
66
  *
67
- * @param array<mixed> $options {
68
- * [optional] Configuration options.
69
- *
70
- * @type int $variableKey The variable key for getting the data from the shared memory. **Defaults to** 1.
71
- * @type string $proj The project identifier for ftok. This needs to be a one character string.
72
- * **Defaults to** 'A'.
73
- * @type int $memsize The memory size in bytes for shm_attach. **Defaults to** 10000.
74
- * @type int $perm The permission for shm_attach. **Defaults to** 0600.
75
- * }
76
  */
77
  public function __construct($options = [])
78
  {
@@ -92,29 +90,23 @@ class SysVCacheItemPool implements CacheItemPoolInterface
92
  $this->sysvKey = ftok(__FILE__, $this->options['proj']);
93
  }
94
 
95
- /**
96
- * @param mixed $key
97
- * @return CacheItemInterface
98
- */
99
- public function getItem($key): CacheItemInterface
100
  {
101
  $this->loadItems();
102
- return current($this->getItems([$key])); // @phpstan-ignore-line
103
  }
104
 
105
  /**
106
- * @param array<mixed> $keys
107
- * @return iterable<CacheItemInterface>
108
  */
109
- public function getItems(array $keys = []): iterable
110
  {
111
  $this->loadItems();
112
  $items = [];
113
- $itemClass = \PHP_VERSION_ID >= 80000 ? TypedItem::class : Item::class;
114
  foreach ($keys as $key) {
115
  $items[$key] = $this->hasItem($key) ?
116
  clone $this->items[$key] :
117
- new $itemClass($key);
118
  }
119
  return $items;
120
  }
@@ -122,7 +114,7 @@ class SysVCacheItemPool implements CacheItemPoolInterface
122
  /**
123
  * {@inheritdoc}
124
  */
125
- public function hasItem($key): bool
126
  {
127
  $this->loadItems();
128
  return isset($this->items[$key]) && $this->items[$key]->isHit();
@@ -131,7 +123,7 @@ class SysVCacheItemPool implements CacheItemPoolInterface
131
  /**
132
  * {@inheritdoc}
133
  */
134
- public function clear(): bool
135
  {
136
  $this->items = [];
137
  $this->deferredItems = [];
@@ -141,7 +133,7 @@ class SysVCacheItemPool implements CacheItemPoolInterface
141
  /**
142
  * {@inheritdoc}
143
  */
144
- public function deleteItem($key): bool
145
  {
146
  return $this->deleteItems([$key]);
147
  }
@@ -149,7 +141,7 @@ class SysVCacheItemPool implements CacheItemPoolInterface
149
  /**
150
  * {@inheritdoc}
151
  */
152
- public function deleteItems(array $keys): bool
153
  {
154
  if (!$this->hasLoadedItems) {
155
  $this->loadItems();
@@ -164,7 +156,7 @@ class SysVCacheItemPool implements CacheItemPoolInterface
164
  /**
165
  * {@inheritdoc}
166
  */
167
- public function save(CacheItemInterface $item): bool
168
  {
169
  if (!$this->hasLoadedItems) {
170
  $this->loadItems();
@@ -177,7 +169,7 @@ class SysVCacheItemPool implements CacheItemPoolInterface
177
  /**
178
  * {@inheritdoc}
179
  */
180
- public function saveDeferred(CacheItemInterface $item): bool
181
  {
182
  $this->deferredItems[$item->getKey()] = $item;
183
  return true;
@@ -186,7 +178,7 @@ class SysVCacheItemPool implements CacheItemPoolInterface
186
  /**
187
  * {@inheritdoc}
188
  */
189
- public function commit(): bool
190
  {
191
  foreach ($this->deferredItems as $item) {
192
  if ($this->save($item) === false) {
36
 
37
  const DEFAULT_PERM = 0600;
38
 
39
+ /** @var int */
 
 
40
  private $sysvKey;
41
 
42
  /**
50
  private $deferredItems;
51
 
52
  /**
53
+ * @var array
54
  */
55
  private $options;
56
 
57
+ /*
58
  * @var bool
59
  */
60
  private $hasLoadedItems = false;
62
  /**
63
  * Create a SystemV shared memory based CacheItemPool.
64
  *
65
+ * @param array $options [optional] Configuration options.
66
+ * @param int $options.variableKey The variable key for getting the data from
67
+ * the shared memory. **Defaults to** 1.
68
+ * @param $options.proj string The project identifier for ftok. This needs to
69
+ * be a one character string. **Defaults to** 'A'.
70
+ * @param $options.memsize int The memory size in bytes for shm_attach.
71
+ * **Defaults to** 10000.
72
+ * @param $options.perm int The permission for shm_attach. **Defaults to**
73
+ * 0600.
74
  */
75
  public function __construct($options = [])
76
  {
90
  $this->sysvKey = ftok(__FILE__, $this->options['proj']);
91
  }
92
 
93
+ public function getItem($key)
 
 
 
 
94
  {
95
  $this->loadItems();
96
+ return current($this->getItems([$key]));
97
  }
98
 
99
  /**
100
+ * {@inheritdoc}
 
101
  */
102
+ public function getItems(array $keys = [])
103
  {
104
  $this->loadItems();
105
  $items = [];
 
106
  foreach ($keys as $key) {
107
  $items[$key] = $this->hasItem($key) ?
108
  clone $this->items[$key] :
109
+ new Item($key);
110
  }
111
  return $items;
112
  }
114
  /**
115
  * {@inheritdoc}
116
  */
117
+ public function hasItem($key)
118
  {
119
  $this->loadItems();
120
  return isset($this->items[$key]) && $this->items[$key]->isHit();
123
  /**
124
  * {@inheritdoc}
125
  */
126
+ public function clear()
127
  {
128
  $this->items = [];
129
  $this->deferredItems = [];
133
  /**
134
  * {@inheritdoc}
135
  */
136
+ public function deleteItem($key)
137
  {
138
  return $this->deleteItems([$key]);
139
  }
141
  /**
142
  * {@inheritdoc}
143
  */
144
+ public function deleteItems(array $keys)
145
  {
146
  if (!$this->hasLoadedItems) {
147
  $this->loadItems();
156
  /**
157
  * {@inheritdoc}
158
  */
159
+ public function save(CacheItemInterface $item)
160
  {
161
  if (!$this->hasLoadedItems) {
162
  $this->loadItems();
169
  /**
170
  * {@inheritdoc}
171
  */
172
+ public function saveDeferred(CacheItemInterface $item)
173
  {
174
  $this->deferredItems[$item->getKey()] = $item;
175
  return true;
178
  /**
179
  * {@inheritdoc}
180
  */
181
+ public function commit()
182
  {
183
  foreach ($this->deferredItems as $item) {
184
  if ($this->save($item) === false) {
vendor/google/auth/src/Cache/TypedItem.php DELETED
@@ -1,166 +0,0 @@
1
- <?php
2
- /*
3
- * Copyright 2022 Google Inc.
4
- *
5
- * Licensed under the Apache License, Version 2.0 (the "License");
6
- * you may not use this file except in compliance with the License.
7
- * You may obtain a copy of the License at
8
- *
9
- * http://www.apache.org/licenses/LICENSE-2.0
10
- *
11
- * Unless required by applicable law or agreed to in writing, software
12
- * distributed under the License is distributed on an "AS IS" BASIS,
13
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
- * See the License for the specific language governing permissions and
15
- * limitations under the License.
16
- */
17
-
18
- namespace Google\Auth\Cache;
19
-
20
- use Psr\Cache\CacheItemInterface;
21
-
22
- /**
23
- * A cache item.
24
- */
25
- final class TypedItem implements CacheItemInterface
26
- {
27
- /**
28
- * @var mixed
29
- */
30
- private mixed $value;
31
-
32
- /**
33
- * @var \DateTimeInterface|null
34
- */
35
- private ?\DateTimeInterface $expiration;
36
-
37
- /**
38
- * @var bool
39
- */
40
- private bool $isHit = false;
41
-
42
- /**
43
- * @param string $key
44
- */
45
- public function __construct(
46
- private string $key
47
- ) {
48
- $this->key = $key;
49
- $this->expiration = null;
50
- }
51
-
52
- /**
53
- * {@inheritdoc}
54
- */
55
- public function getKey(): string
56
- {
57
- return $this->key;
58
- }
59
-
60
- /**
61
- * {@inheritdoc}
62
- */
63
- public function get(): mixed
64
- {
65
- return $this->isHit() ? $this->value : null;
66
- }
67
-
68
- /**
69
- * {@inheritdoc}
70
- */
71
- public function isHit(): bool
72
- {
73
- if (!$this->isHit) {
74
- return false;
75
- }
76
-
77
- if ($this->expiration === null) {
78
- return true;
79
- }
80
-
81
- return $this->currentTime()->getTimestamp() < $this->expiration->getTimestamp();
82
- }
83
-
84
- /**
85
- * {@inheritdoc}
86
- */
87
- public function set(mixed $value): static
88
- {
89
- $this->isHit = true;
90
- $this->value = $value;
91
-
92
- return $this;
93
- }
94
-
95
- /**
96
- * {@inheritdoc}
97
- */
98
- public function expiresAt($expiration): static
99
- {
100
- if ($this->isValidExpiration($expiration)) {
101
- $this->expiration = $expiration;
102
-
103
- return $this;
104
- }
105
-
106
- $error = sprintf(
107
- 'Argument 1 passed to %s::expiresAt() must implement interface DateTimeInterface, %s given',
108
- get_class($this),
109
- gettype($expiration)
110
- );
111
-
112
- throw new \TypeError($error);
113
- }
114
-
115
- /**
116
- * {@inheritdoc}
117
- */
118
- public function expiresAfter($time): static
119
- {
120
- if (is_int($time)) {
121
- $this->expiration = $this->currentTime()->add(new \DateInterval("PT{$time}S"));
122
- } elseif ($time instanceof \DateInterval) {
123
- $this->expiration = $this->currentTime()->add($time);
124
- } elseif ($time === null) {
125
- $this->expiration = $time;
126
- } else {
127
- $message = 'Argument 1 passed to %s::expiresAfter() must be an ' .
128
- 'instance of DateInterval or of the type integer, %s given';
129
- $error = sprintf($message, get_class($this), gettype($time));
130
-
131
- throw new \TypeError($error);
132
- }
133
-
134
- return $this;
135
- }
136
-
137
- /**
138
- * Determines if an expiration is valid based on the rules defined by PSR6.
139
- *
140
- * @param mixed $expiration
141
- * @return bool
142
- */
143
- private function isValidExpiration($expiration)
144
- {
145
- if ($expiration === null) {
146
- return true;
147
- }
148
-
149
- // We test for two types here due to the fact the DateTimeInterface
150
- // was not introduced until PHP 5.5. Checking for the DateTime type as
151
- // well allows us to support 5.4.
152
- if ($expiration instanceof \DateTimeInterface) {
153
- return true;
154
- }
155
-
156
- return false;
157
- }
158
-
159
- /**
160
- * @return \DateTime
161
- */
162
- protected function currentTime()
163
- {
164
- return new \DateTime('now', new \DateTimeZone('UTC'));
165
- }
166
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
vendor/google/auth/src/CacheTrait.php CHANGED
@@ -17,42 +17,23 @@
17
 
18
  namespace Google\Auth;
19
 
20
- use Psr\Cache\CacheItemPoolInterface;
21
-
22
  trait CacheTrait
23
  {
24
- /**
25
- * @var int
26
- */
27
  private $maxKeyLength = 64;
28
 
29
- /**
30
- * @var array<mixed>
31
- */
32
- private $cacheConfig;
33
-
34
- /**
35
- * @var ?CacheItemPoolInterface
36
- */
37
- private $cache;
38
-
39
  /**
40
  * Gets the cached value if it is present in the cache when that is
41
  * available.
42
- *
43
- * @param mixed $k
44
- *
45
- * @return mixed
46
  */
47
  private function getCachedValue($k)
48
  {
49
  if (is_null($this->cache)) {
50
- return null;
51
  }
52
 
53
  $key = $this->getFullCacheKey($k);
54
  if (is_null($key)) {
55
- return null;
56
  }
57
 
58
  $cacheItem = $this->cache->getItem($key);
@@ -63,20 +44,16 @@ trait CacheTrait
63
 
64
  /**
65
  * Saves the value in the cache when that is available.
66
- *
67
- * @param mixed $k
68
- * @param mixed $v
69
- * @return mixed
70
  */
71
  private function setCachedValue($k, $v)
72
  {
73
  if (is_null($this->cache)) {
74
- return null;
75
  }
76
 
77
  $key = $this->getFullCacheKey($k);
78
  if (is_null($key)) {
79
- return null;
80
  }
81
 
82
  $cacheItem = $this->cache->getItem($key);
@@ -85,14 +62,10 @@ trait CacheTrait
85
  return $this->cache->save($cacheItem);
86
  }
87
 
88
- /**
89
- * @param null|string $key
90
- * @return null|string
91
- */
92
  private function getFullCacheKey($key)
93
  {
94
  if (is_null($key)) {
95
- return null;
96
  }
97
 
98
  $key = $this->cacheConfig['prefix'] . $key;
17
 
18
  namespace Google\Auth;
19
 
 
 
20
  trait CacheTrait
21
  {
 
 
 
22
  private $maxKeyLength = 64;
23
 
 
 
 
 
 
 
 
 
 
 
24
  /**
25
  * Gets the cached value if it is present in the cache when that is
26
  * available.
 
 
 
 
27
  */
28
  private function getCachedValue($k)
29
  {
30
  if (is_null($this->cache)) {
31
+ return;
32
  }
33
 
34
  $key = $this->getFullCacheKey($k);
35
  if (is_null($key)) {
36
+ return;
37
  }
38
 
39
  $cacheItem = $this->cache->getItem($key);
44
 
45
  /**
46
  * Saves the value in the cache when that is available.
 
 
 
 
47
  */
48
  private function setCachedValue($k, $v)
49
  {
50
  if (is_null($this->cache)) {
51
+ return;
52
  }
53
 
54
  $key = $this->getFullCacheKey($k);
55
  if (is_null($key)) {
56
+ return;
57
  }
58
 
59
  $cacheItem = $this->cache->getItem($key);
62
  return $this->cache->save($cacheItem);
63
  }
64
 
 
 
 
 
65
  private function getFullCacheKey($key)
66
  {
67
  if (is_null($key)) {
68
+ return;
69
  }
70
 
71
  $key = $this->cacheConfig['prefix'] . $key;
vendor/google/auth/src/Credentials/AppIdentityCredentials.php CHANGED
@@ -28,8 +28,6 @@ use Google\Auth\ProjectIdProviderInterface;
28
  use Google\Auth\SignBlobInterface;
29
 
30
  /**
31
- * @deprecated
32
- *
33
  * AppIdentityCredentials supports authorization on Google App Engine.
34
  *
35
  * It can be used to authorize requests using the AuthTokenMiddleware or
@@ -63,14 +61,14 @@ class AppIdentityCredentials extends CredentialsLoader implements
63
  /**
64
  * Result of fetchAuthToken.
65
  *
66
- * @var array<mixed>
67
  */
68
  protected $lastReceivedToken;
69
 
70
  /**
71
  * Array of OAuth2 scopes to be requested.
72
  *
73
- * @var string[]
74
  */
75
  private $scope;
76
 
@@ -80,11 +78,11 @@ class AppIdentityCredentials extends CredentialsLoader implements
80
  private $clientName;
81
 
82
  /**
83
- * @param string|string[] $scope One or more scopes.
84
  */
85
- public function __construct($scope = [])
86
  {
87
- $this->scope = is_array($scope) ? $scope : explode(' ', (string) $scope);
88
  }
89
 
90
  /**
@@ -117,12 +115,10 @@ class AppIdentityCredentials extends CredentialsLoader implements
117
  * the GuzzleHttp\ClientInterface instance passed in will not be used.
118
  *
119
  * @param callable $httpHandler callback which delivers psr7 request
120
- * @return array<mixed> {
121
- * A set of auth related metadata, containing the following
122
- *
123
- * @type string $access_token
124
- * @type string $expiration_time
125
- * }
126
  */
127
  public function fetchAuthToken(callable $httpHandler = null)
128
  {
@@ -132,8 +128,10 @@ class AppIdentityCredentials extends CredentialsLoader implements
132
  return [];
133
  }
134
 
135
- /** @phpstan-ignore-next-line */
136
- $token = AppIdentityService::getAccessToken($this->scope);
 
 
137
  $this->lastReceivedToken = $token;
138
 
139
  return $token;
@@ -152,7 +150,6 @@ class AppIdentityCredentials extends CredentialsLoader implements
152
  {
153
  $this->checkAppEngineContext();
154
 
155
- /** @phpstan-ignore-next-line */
156
  return base64_encode(AppIdentityService::signForApp($stringToSign)['signature']);
157
  }
158
 
@@ -164,7 +161,7 @@ class AppIdentityCredentials extends CredentialsLoader implements
164
  * @param callable $httpHandler Not used by this type.
165
  * @return string|null
166
  */
167
- public function getProjectId(callable $httpHandler = null)
168
  {
169
  try {
170
  $this->checkAppEngineContext();
@@ -172,7 +169,6 @@ class AppIdentityCredentials extends CredentialsLoader implements
172
  return null;
173
  }
174
 
175
- /** @phpstan-ignore-next-line */
176
  return AppIdentityService::getApplicationId();
177
  }
178
 
@@ -190,7 +186,6 @@ class AppIdentityCredentials extends CredentialsLoader implements
190
  $this->checkAppEngineContext();
191
 
192
  if (!$this->clientName) {
193
- /** @phpstan-ignore-next-line */
194
  $this->clientName = AppIdentityService::getServiceAccountName();
195
  }
196
 
@@ -198,7 +193,7 @@ class AppIdentityCredentials extends CredentialsLoader implements
198
  }
199
 
200
  /**
201
- * @return array{access_token:string,expires_at:int}|null
202
  */
203
  public function getLastReceivedToken()
204
  {
@@ -223,9 +218,6 @@ class AppIdentityCredentials extends CredentialsLoader implements
223
  return '';
224
  }
225
 
226
- /**
227
- * @return void
228
- */
229
  private function checkAppEngineContext()
230
  {
231
  if (!self::onAppEngine() || !class_exists('google\appengine\api\app_identity\AppIdentityService')) {
28
  use Google\Auth\SignBlobInterface;
29
 
30
  /**
 
 
31
  * AppIdentityCredentials supports authorization on Google App Engine.
32
  *
33
  * It can be used to authorize requests using the AuthTokenMiddleware or
61
  /**
62
  * Result of fetchAuthToken.
63
  *
64
+ * @var array
65
  */
66
  protected $lastReceivedToken;
67
 
68
  /**
69
  * Array of OAuth2 scopes to be requested.
70
  *
71
+ * @var array
72
  */
73
  private $scope;
74
 
78
  private $clientName;
79
 
80
  /**
81
+ * @param array $scope One or more scopes.
82
  */
83
+ public function __construct($scope = array())
84
  {
85
+ $this->scope = $scope;
86
  }
87
 
88
  /**
115
  * the GuzzleHttp\ClientInterface instance passed in will not be used.
116
  *
117
  * @param callable $httpHandler callback which delivers psr7 request
118
+ * @return array A set of auth related metadata, containing the following
119
+ * keys:
120
+ * - access_token (string)
121
+ * - expiration_time (string)
 
 
122
  */
123
  public function fetchAuthToken(callable $httpHandler = null)
124
  {
128
  return [];
129
  }
130
 
131
+ // AppIdentityService expects an array when multiple scopes are supplied
132
+ $scope = is_array($this->scope) ? $this->scope : explode(' ', $this->scope);
133
+
134
+ $token = AppIdentityService::getAccessToken($scope);
135
  $this->lastReceivedToken = $token;
136
 
137
  return $token;
150
  {
151
  $this->checkAppEngineContext();
152
 
 
153
  return base64_encode(AppIdentityService::signForApp($stringToSign)['signature']);
154
  }
155
 
161
  * @param callable $httpHandler Not used by this type.
162
  * @return string|null
163
  */
164
+ public function getProjectId(callable $httpHander = null)
165
  {
166
  try {
167
  $this->checkAppEngineContext();
169
  return null;
170
  }
171
 
 
172
  return AppIdentityService::getApplicationId();
173
  }
174
 
186
  $this->checkAppEngineContext();
187
 
188
  if (!$this->clientName) {
 
189
  $this->clientName = AppIdentityService::getServiceAccountName();
190
  }
191
 
193
  }
194
 
195
  /**
196
+ * @return array|null
197
  */
198
  public function getLastReceivedToken()
199
  {
218
  return '';
219
  }
220
 
 
 
 
221
  private function checkAppEngineContext()
222
  {
223
  if (!self::onAppEngine() || !class_exists('google\appengine\api\app_identity\AppIdentityService')) {
vendor/google/auth/src/Credentials/GCECredentials.php CHANGED
@@ -126,8 +126,6 @@ class GCECredentials extends CredentialsLoader implements
126
 
127
  /**
128
  * Result of fetchAuthToken.
129
- *
130
- * @var array<mixed>
131
  */
132
  protected $lastReceivedToken;
133
 
@@ -168,7 +166,7 @@ class GCECredentials extends CredentialsLoader implements
168
 
169
  /**
170
  * @param Iam $iam [optional] An IAM instance.
171
- * @param string|string[] $scope [optional] the scope of the access request,
172
  * expressed either as an array or as a space-delimited string.
173
  * @param string $targetAudience [optional] The audience for the ID token.
174
  * @param string $quotaProject [optional] Specifies a project to bill for access
@@ -299,7 +297,7 @@ class GCECredentials extends CredentialsLoader implements
299
  */
300
  public static function onAppEngineFlexible()
301
  {
302
- return substr((string) getenv('GAE_INSTANCE'), 0, 4) === 'aef-';
303
  }
304
 
305
  /**
@@ -353,14 +351,15 @@ class GCECredentials extends CredentialsLoader implements
353
  *
354
  * @param callable $httpHandler callback which delivers psr7 request
355
  *
356
- * @return array<mixed> {
357
- * A set of auth related metadata, based on the token type.
 
 
 
 
 
 
358
  *
359
- * @type string $access_token for access tokens
360
- * @type int $expires_in for access tokens
361
- * @type string $token_type for access tokens
362
- * @type string $id_token for ID tokens
363
- * }
364
  * @throws \Exception
365
  */
366
  public function fetchAuthToken(callable $httpHandler = null)
@@ -373,7 +372,7 @@ class GCECredentials extends CredentialsLoader implements
373
  $this->hasCheckedOnGce = true;
374
  }
375
  if (!$this->isOnGce) {
376
- return []; // return an empty array with no access token
377
  }
378
 
379
  $response = $this->getFromMetadata($httpHandler, $this->tokenUri);
@@ -403,7 +402,7 @@ class GCECredentials extends CredentialsLoader implements
403
  }
404
 
405
  /**
406
- * @return array{access_token:string,expires_at:int}|null
407
  */
408
  public function getLastReceivedToken()
409
  {
126
 
127
  /**
128
  * Result of fetchAuthToken.
 
 
129
  */
130
  protected $lastReceivedToken;
131
 
166
 
167
  /**
168
  * @param Iam $iam [optional] An IAM instance.
169
+ * @param string|array $scope [optional] the scope of the access request,
170
  * expressed either as an array or as a space-delimited string.
171
  * @param string $targetAudience [optional] The audience for the ID token.
172
  * @param string $quotaProject [optional] Specifies a project to bill for access
297
  */
298
  public static function onAppEngineFlexible()
299
  {
300
+ return substr(getenv('GAE_INSTANCE'), 0, 4) === 'aef-';
301
  }
302
 
303
  /**
351
  *
352
  * @param callable $httpHandler callback which delivers psr7 request
353
  *
354
+ * @return array A set of auth related metadata, based on the token type.
355
+ *
356
+ * Access tokens have the following keys:
357
+ * - access_token (string)
358
+ * - expires_in (int)
359
+ * - token_type (string)
360
+ * ID tokens have the following keys:
361
+ * - id_token (string)
362
  *
 
 
 
 
 
363
  * @throws \Exception
364
  */
365
  public function fetchAuthToken(callable $httpHandler = null)
372
  $this->hasCheckedOnGce = true;
373
  }
374
  if (!$this->isOnGce) {
375
+ return array(); // return an empty array with no access token
376
  }
377
 
378
  $response = $this->getFromMetadata($httpHandler, $this->tokenUri);
402
  }
403
 
404
  /**
405
+ * @return array|null
406
  */
407
  public function getLastReceivedToken()
408
  {
vendor/google/auth/src/Credentials/IAMCredentials.php CHANGED
@@ -36,8 +36,8 @@ class IAMCredentials
36
  private $token;
37
 
38
  /**
39
- * @param string $selector the IAM selector
40
- * @param string $token the IAM token
41
  */
42
  public function __construct($selector, $token)
43
  {
@@ -59,23 +59,23 @@ class IAMCredentials
59
  /**
60
  * export a callback function which updates runtime metadata.
61
  *
62
- * @return callable updateMetadata function
63
  */
64
  public function getUpdateMetadataFunc()
65
  {
66
- return [$this, 'updateMetadata'];
67
  }
68
 
69
  /**
70
  * Updates metadata with the appropriate header metadata.
71
  *
72
- * @param array<mixed> $metadata metadata hashmap
73
  * @param string $unusedAuthUri optional auth uri
74
  * @param callable $httpHandler callback which delivers psr7 request
75
  * Note: this param is unused here, only included here for
76
  * consistency with other credentials class
77
  *
78
- * @return array<mixed> updated metadata hashmap
79
  */
80
  public function updateMetadata(
81
  $metadata,
36
  private $token;
37
 
38
  /**
39
+ * @param $selector string the IAM selector
40
+ * @param $token string the IAM token
41
  */
42
  public function __construct($selector, $token)
43
  {
59
  /**
60
  * export a callback function which updates runtime metadata.
61
  *
62
+ * @return array updateMetadata function
63
  */
64
  public function getUpdateMetadataFunc()
65
  {
66
+ return array($this, 'updateMetadata');
67
  }
68
 
69
  /**
70
  * Updates metadata with the appropriate header metadata.
71
  *
72
+ * @param array $metadata metadata hashmap
73
  * @param string $unusedAuthUri optional auth uri
74
  * @param callable $httpHandler callback which delivers psr7 request
75
  * Note: this param is unused here, only included here for
76
  * consistency with other credentials class
77
  *
78
+ * @return array updated metadata hashmap
79
  */
80
  public function updateMetadata(
81
  $metadata,
vendor/google/auth/src/Credentials/InsecureCredentials.php CHANGED
@@ -27,7 +27,7 @@ use Google\Auth\FetchAuthTokenInterface;
27
  class InsecureCredentials implements FetchAuthTokenInterface
28
  {
29
  /**
30
- * @var array{access_token:string}
31
  */
32
  private $token = [
33
  'access_token' => ''
@@ -37,7 +37,9 @@ class InsecureCredentials implements FetchAuthTokenInterface
37
  * Fetches the auth token. In this case it returns an empty string.
38
  *
39
  * @param callable $httpHandler
40
- * @return array{access_token:string} A set of auth related metadata
 
 
41
  */
42
  public function fetchAuthToken(callable $httpHandler = null)
43
  {
@@ -59,7 +61,7 @@ class InsecureCredentials implements FetchAuthTokenInterface
59
  * Fetches the last received token. In this case, it returns the same empty string
60
  * auth token.
61
  *
62
- * @return array{access_token:string}
63
  */
64
  public function getLastReceivedToken()
65
  {
27
  class InsecureCredentials implements FetchAuthTokenInterface
28
  {
29
  /**
30
+ * @var array
31
  */
32
  private $token = [
33
  'access_token' => ''
37
  * Fetches the auth token. In this case it returns an empty string.
38
  *
39
  * @param callable $httpHandler
40
+ * @return array A set of auth related metadata, containing the following
41
+ * keys:
42
+ * - access_token (string)
43
  */
44
  public function fetchAuthToken(callable $httpHandler = null)
45
  {
61
  * Fetches the last received token. In this case, it returns the same empty string
62
  * auth token.
63
  *
64
+ * @return array
65
  */
66
  public function getLastReceivedToken()
67
  {
vendor/google/auth/src/Credentials/ServiceAccountCredentials.php CHANGED
@@ -79,22 +79,22 @@ class ServiceAccountCredentials extends CredentialsLoader implements
79
  */
80
  protected $quotaProject;
81
 
82
- /**
83
  * @var string|null
84
  */
85
  protected $projectId;
86
 
87
- /**
88
- * @var array<mixed>|null
89
  */
90
  private $lastReceivedJwtAccessToken;
91
 
92
- /**
93
  * @var bool
94
  */
95
  private $useJwtAccessWithScope = false;
96
 
97
- /**
98
  * @var ServiceAccountJwtAccessCredentials|null
99
  */
100
  private $jwtAccessCredentials;
@@ -102,9 +102,9 @@ class ServiceAccountCredentials extends CredentialsLoader implements
102
  /**
103
  * Create a new ServiceAccountCredentials.
104
  *
105
- * @param string|string[]|null $scope the scope of the access request, expressed
106
  * either as an Array or as a space-delimited String.
107
- * @param string|array<mixed> $jsonKey JSON credential file path or JSON credentials
108
  * as an associative array
109
  * @param string $sub an email address account to impersonate, in situations when
110
  * the service account has been delegated domain wide access.
@@ -121,7 +121,7 @@ class ServiceAccountCredentials extends CredentialsLoader implements
121
  throw new \InvalidArgumentException('file does not exist');
122
  }
123
  $jsonKeyStream = file_get_contents($jsonKey);
124
- if (!$jsonKey = json_decode((string) $jsonKeyStream, true)) {
125
  throw new \LogicException('invalid json for auth config');
126
  }
127
  }
@@ -169,8 +169,6 @@ class ServiceAccountCredentials extends CredentialsLoader implements
169
  * even when only scopes are supplied. Otherwise,
170
  * ServiceAccountJwtAccessCredentials is only called when no scopes and an
171
  * authUrl (audience) is suppled.
172
- *
173
- * @return void
174
  */
175
  public function useJwtAccessWithScope()
176
  {
@@ -180,13 +178,11 @@ class ServiceAccountCredentials extends CredentialsLoader implements
180
  /**
181
  * @param callable $httpHandler
182
  *
183
- * @return array<mixed> {
184
- * A set of auth related metadata, containing the following
185
- *
186
- * @type string $access_token
187
- * @type int $expires_in
188
- * @type string $token_type
189
- * }
190
  */
191
  public function fetchAuthToken(callable $httpHandler = null)
192
  {
@@ -219,7 +215,7 @@ class ServiceAccountCredentials extends CredentialsLoader implements
219
  }
220
 
221
  /**
222
- * @return array<mixed>
223
  */
224
  public function getLastReceivedToken()
225
  {
@@ -246,10 +242,10 @@ class ServiceAccountCredentials extends CredentialsLoader implements
246
  /**
247
  * Updates metadata with the authorization token.
248
  *
249
- * @param array<mixed> $metadata metadata hashmap
250
  * @param string $authUri optional auth uri
251
  * @param callable $httpHandler callback which delivers psr7 request
252
- * @return array<mixed> updated metadata hashmap
253
  */
254
  public function updateMetadata(
255
  $metadata,
@@ -277,17 +273,14 @@ class ServiceAccountCredentials extends CredentialsLoader implements
277
  return $updatedMetadata;
278
  }
279
 
280
- /**
281
- * @return ServiceAccountJwtAccessCredentials
282
- */
283
  private function createJwtAccessCredentials()
284
  {
285
  if (!$this->jwtAccessCredentials) {
286
  // Create credentials for self-signing a JWT (JwtAccess)
287
- $credJson = [
288
  'private_key' => $this->auth->getSigningKey(),
289
  'client_email' => $this->auth->getIssuer(),
290
- ];
291
  $this->jwtAccessCredentials = new ServiceAccountJwtAccessCredentials(
292
  $credJson,
293
  $this->auth->getScope()
@@ -300,7 +293,6 @@ class ServiceAccountCredentials extends CredentialsLoader implements
300
  /**
301
  * @param string $sub an email address account to impersonate, in situations when
302
  * the service account has been delegated domain wide access.
303
- * @return void
304
  */
305
  public function setSub($sub)
306
  {
@@ -330,16 +322,13 @@ class ServiceAccountCredentials extends CredentialsLoader implements
330
  return $this->quotaProject;
331
  }
332
 
333
- /**
334
- * @return bool
335
- */
336
  private function useSelfSignedJwt()
337
  {
338
  // If claims are set, this call is for "id_tokens"
339
  if ($this->auth->getAdditionalClaims()) {
340
  return false;
341
  }
342
-
343
  // When true, ServiceAccountCredentials will always use JwtAccess for access tokens
344
  if ($this->useJwtAccessWithScope) {
345
  return true;
79
  */
80
  protected $quotaProject;
81
 
82
+ /*
83
  * @var string|null
84
  */
85
  protected $projectId;
86
 
87
+ /*
88
+ * @var array|null
89
  */
90
  private $lastReceivedJwtAccessToken;
91
 
92
+ /*
93
  * @var bool
94
  */
95
  private $useJwtAccessWithScope = false;
96
 
97
+ /*
98
  * @var ServiceAccountJwtAccessCredentials|null
99
  */
100
  private $jwtAccessCredentials;
102
  /**
103
  * Create a new ServiceAccountCredentials.
104
  *
105
+ * @param string|array $scope the scope of the access request, expressed
106
  * either as an Array or as a space-delimited String.
107
+ * @param string|array $jsonKey JSON credential file path or JSON credentials
108
  * as an associative array
109
  * @param string $sub an email address account to impersonate, in situations when
110
  * the service account has been delegated domain wide access.
121
  throw new \InvalidArgumentException('file does not exist');
122
  }
123
  $jsonKeyStream = file_get_contents($jsonKey);
124
+ if (!$jsonKey = json_decode($jsonKeyStream, true)) {
125
  throw new \LogicException('invalid json for auth config');
126
  }
127
  }
169
  * even when only scopes are supplied. Otherwise,
170
  * ServiceAccountJwtAccessCredentials is only called when no scopes and an
171
  * authUrl (audience) is suppled.
 
 
172
  */
173
  public function useJwtAccessWithScope()
174
  {
178
  /**
179
  * @param callable $httpHandler
180
  *
181
+ * @return array A set of auth related metadata, containing the following
182
+ * keys:
183
+ * - access_token (string)
184
+ * - expires_in (int)
185
+ * - token_type (string)
 
 
186
  */
187
  public function fetchAuthToken(callable $httpHandler = null)
188
  {
215
  }
216
 
217
  /**
218
+ * @return array
219
  */
220
  public function getLastReceivedToken()
221
  {
242
  /**
243
  * Updates metadata with the authorization token.
244
  *
245
+ * @param array $metadata metadata hashmap
246
  * @param string $authUri optional auth uri
247
  * @param callable $httpHandler callback which delivers psr7 request
248
+ * @return array updated metadata hashmap
249
  */
250
  public function updateMetadata(
251
  $metadata,
273
  return $updatedMetadata;
274
  }
275
 
 
 
 
276
  private function createJwtAccessCredentials()
277
  {
278
  if (!$this->jwtAccessCredentials) {
279
  // Create credentials for self-signing a JWT (JwtAccess)
280
+ $credJson = array(
281
  'private_key' => $this->auth->getSigningKey(),
282
  'client_email' => $this->auth->getIssuer(),
283
+ );
284
  $this->jwtAccessCredentials = new ServiceAccountJwtAccessCredentials(
285
  $credJson,
286
  $this->auth->getScope()
293
  /**
294
  * @param string $sub an email address account to impersonate, in situations when
295
  * the service account has been delegated domain wide access.
 
296
  */
297
  public function setSub($sub)
298
  {
322
  return $this->quotaProject;
323
  }
324
 
 
 
 
325
  private function useSelfSignedJwt()
326
  {
327
  // If claims are set, this call is for "id_tokens"
328
  if ($this->auth->getAdditionalClaims()) {
329
  return false;
330
  }
331
+
332
  // When true, ServiceAccountCredentials will always use JwtAccess for access tokens
333
  if ($this->useJwtAccessWithScope) {
334
  return true;
vendor/google/auth/src/Credentials/ServiceAccountJwtAccessCredentials.php CHANGED
@@ -49,22 +49,15 @@ class ServiceAccountJwtAccessCredentials extends CredentialsLoader implements
49
 
50
  /**
51
  * The quota project associated with the JSON credentials
52
- *
53
- * @var string
54
  */
55
  protected $quotaProject;
56
 
57
- /**
58
- * @var string
59
- */
60
- public $projectId;
61
-
62
  /**
63
  * Create a new ServiceAccountJwtAccessCredentials.
64
  *
65
- * @param string|array<mixed> $jsonKey JSON credential file path or JSON credentials
66
  * as an associative array
67
- * @param string|string[] $scope the scope of the access request, expressed
68
  * either as an Array or as a space-delimited String.
69
  */
70
  public function __construct($jsonKey, $scope = null)
@@ -74,7 +67,7 @@ class ServiceAccountJwtAccessCredentials extends CredentialsLoader implements
74
  throw new \InvalidArgumentException('file does not exist');
75
  }
76
  $jsonKeyStream = file_get_contents($jsonKey);
77
- if (!$jsonKey = json_decode((string) $jsonKeyStream, true)) {
78
  throw new \LogicException('invalid json for auth config');
79
  }
80
  }
@@ -107,10 +100,10 @@ class ServiceAccountJwtAccessCredentials extends CredentialsLoader implements
107
  /**
108
  * Updates metadata with the authorization token.
109
  *
110
- * @param array<mixed> $metadata metadata hashmap
111
  * @param string $authUri optional auth uri
112
  * @param callable $httpHandler callback which delivers psr7 request
113
- * @return array<mixed> updated metadata hashmap
114
  */
115
  public function updateMetadata(
116
  $metadata,
@@ -132,7 +125,9 @@ class ServiceAccountJwtAccessCredentials extends CredentialsLoader implements
132
  *
133
  * @param callable $httpHandler
134
  *
135
- * @return null|array{access_token:string} A set of auth related metadata
 
 
136
  */
137
  public function fetchAuthToken(callable $httpHandler = null)
138
  {
@@ -153,7 +148,7 @@ class ServiceAccountJwtAccessCredentials extends CredentialsLoader implements
153
  // Set the self-signed access token in OAuth2 for getLastReceivedToken
154
  $this->auth->setAccessToken($access_token);
155
 
156
- return ['access_token' => $access_token];
157
  }
158
 
159
  /**
@@ -165,7 +160,7 @@ class ServiceAccountJwtAccessCredentials extends CredentialsLoader implements
165
  }
166
 
167
  /**
168
- * @return array<mixed>
169
  */
170
  public function getLastReceivedToken()
171
  {
49
 
50
  /**
51
  * The quota project associated with the JSON credentials
 
 
52
  */
53
  protected $quotaProject;
54
 
 
 
 
 
 
55
  /**
56
  * Create a new ServiceAccountJwtAccessCredentials.
57
  *
58
+ * @param string|array $jsonKey JSON credential file path or JSON credentials
59
  * as an associative array
60
+ * @param string|array $scope the scope of the access request, expressed
61
  * either as an Array or as a space-delimited String.
62
  */
63
  public function __construct($jsonKey, $scope = null)
67
  throw new \InvalidArgumentException('file does not exist');
68
  }
69
  $jsonKeyStream = file_get_contents($jsonKey);
70
+ if (!$jsonKey = json_decode($jsonKeyStream, true)) {
71
  throw new \LogicException('invalid json for auth config');
72
  }
73
  }
100
  /**
101
  * Updates metadata with the authorization token.
102
  *
103
+ * @param array $metadata metadata hashmap
104
  * @param string $authUri optional auth uri
105
  * @param callable $httpHandler callback which delivers psr7 request
106
+ * @return array updated metadata hashmap
107
  */
108
  public function updateMetadata(
109
  $metadata,
125
  *
126
  * @param callable $httpHandler
127
  *
128
+ * @return array|void A set of auth related metadata, containing the
129
+ * following keys:
130
+ * - access_token (string)
131
  */
132
  public function fetchAuthToken(callable $httpHandler = null)
133
  {
148
  // Set the self-signed access token in OAuth2 for getLastReceivedToken
149
  $this->auth->setAccessToken($access_token);
150
 
151
+ return array('access_token' => $access_token);
152
  }
153
 
154
  /**
160
  }
161
 
162
  /**
163
+ * @return array
164
  */
165
  public function getLastReceivedToken()
166
  {
vendor/google/auth/src/Credentials/UserRefreshCredentials.php CHANGED
@@ -43,17 +43,15 @@ class UserRefreshCredentials extends CredentialsLoader implements GetQuotaProjec
43
 
44
  /**
45
  * The quota project associated with the JSON credentials
46
- *
47
- * @var string
48
  */
49
  protected $quotaProject;
50
 
51
  /**
52
  * Create a new UserRefreshCredentials.
53
  *
54
- * @param string|string[] $scope the scope of the access request, expressed
55
  * either as an Array or as a space-delimited String.
56
- * @param string|array<mixed> $jsonKey JSON credential file path or JSON credentials
57
  * as an associative array
58
  */
59
  public function __construct(
@@ -64,8 +62,8 @@ class UserRefreshCredentials extends CredentialsLoader implements GetQuotaProjec
64
  if (!file_exists($jsonKey)) {
65
  throw new \InvalidArgumentException('file does not exist');
66
  }
67
- $json = file_get_contents($jsonKey);
68
- if (!$jsonKey = json_decode((string) $json, true)) {
69
  throw new \LogicException('invalid json for auth config');
70
  }
71
  }
@@ -99,15 +97,13 @@ class UserRefreshCredentials extends CredentialsLoader implements GetQuotaProjec
99
  /**
100
  * @param callable $httpHandler
101
  *
102
- * @return array<mixed> {
103
- * A set of auth related metadata, containing the following
104
- *
105
- * @type string $access_token
106
- * @type int $expires_in
107
- * @type string $scope
108
- * @type string $token_type
109
- * @type string $id_token
110
- * }
111
  */
112
  public function fetchAuthToken(callable $httpHandler = null)
113
  {
@@ -123,7 +119,7 @@ class UserRefreshCredentials extends CredentialsLoader implements GetQuotaProjec
123
  }
124
 
125
  /**
126
- * @return array<mixed>
127
  */
128
  public function getLastReceivedToken()
129
  {
43
 
44
  /**
45
  * The quota project associated with the JSON credentials
 
 
46
  */
47
  protected $quotaProject;
48
 
49
  /**
50
  * Create a new UserRefreshCredentials.
51
  *
52
+ * @param string|array $scope the scope of the access request, expressed
53
  * either as an Array or as a space-delimited String.
54
+ * @param string|array $jsonKey JSON credential file path or JSON credentials
55
  * as an associative array
56
  */
57
  public function __construct(
62
  if (!file_exists($jsonKey)) {
63
  throw new \InvalidArgumentException('file does not exist');
64
  }
65
+ $jsonKeyStream = file_get_contents($jsonKey);
66
+ if (!$jsonKey = json_decode($jsonKeyStream, true)) {
67
  throw new \LogicException('invalid json for auth config');
68
  }
69
  }
97
  /**
98
  * @param callable $httpHandler
99
  *
100
+ * @return array A set of auth related metadata, containing the following
101
+ * keys:
102
+ * - access_token (string)
103
+ * - expires_in (int)
104
+ * - scope (string)
105
+ * - token_type (string)
106
+ * - id_token (string)
 
 
107
  */
108
  public function fetchAuthToken(callable $httpHandler = null)
109
  {
119
  }
120
 
121
  /**
122
+ * @return array
123
  */
124
  public function getLastReceivedToken()
125
  {
vendor/google/auth/src/CredentialsLoader.php CHANGED
@@ -20,6 +20,7 @@ namespace Google\Auth;
20
  use Google\Auth\Credentials\InsecureCredentials;
21
  use Google\Auth\Credentials\ServiceAccountCredentials;
22
  use Google\Auth\Credentials\UserRefreshCredentials;
 
23
  use RuntimeException;
24
  use UnexpectedValueException;
25
 
@@ -59,6 +60,24 @@ abstract class CredentialsLoader implements
59
  return strtoupper(substr(PHP_OS, 0, 3)) === 'WIN';
60
  }
61
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
62
  /**
63
  * Load a JSON key from the path specified in the environment.
64
  *
@@ -66,20 +85,20 @@ abstract class CredentialsLoader implements
66
  * variable GOOGLE_APPLICATION_CREDENTIALS. Return null if
67
  * GOOGLE_APPLICATION_CREDENTIALS is not specified.
68
  *
69
- * @return array<mixed>|null JSON key | null
70
  */
71
  public static function fromEnv()
72
  {
73
  $path = getenv(self::ENV_VAR);
74
  if (empty($path)) {
75
- return null;
76
  }
77
  if (!file_exists($path)) {
78
  $cause = 'file ' . $path . ' does not exist';
79
  throw new \DomainException(self::unableToReadEnv($cause));
80
  }
81
  $jsonKey = file_get_contents($path);
82
- return json_decode((string) $jsonKey, true);
83
  }
84
 
85
  /**
@@ -92,7 +111,7 @@ abstract class CredentialsLoader implements
92
  *
93
  * If the file does not exist, this returns null.
94
  *
95
- * @return array<mixed>|null JSON key | null
96
  */
97
  public static function fromWellKnownFile()
98
  {
@@ -104,19 +123,19 @@ abstract class CredentialsLoader implements
104
  $path[] = self::WELL_KNOWN_PATH;
105
  $path = implode(DIRECTORY_SEPARATOR, $path);
106
  if (!file_exists($path)) {
107
- return null;
108
  }
109
  $jsonKey = file_get_contents($path);
110
- return json_decode((string) $jsonKey, true);
111
  }
112
 
113
  /**
114
  * Create a new Credentials instance.
115
  *
116
- * @param string|string[] $scope the scope of the access request, expressed
117
  * either as an Array or as a space-delimited String.
118
- * @param array<mixed> $jsonKey the JSON credentials.
119
- * @param string|string[] $defaultScope The default scope to use if no
120
  * user-defined scopes exist, expressed either as an Array or as a
121
  * space-delimited string.
122
  *
@@ -148,7 +167,7 @@ abstract class CredentialsLoader implements
148
  * Create an authorized HTTP Client from an instance of FetchAuthTokenInterface.
149
  *
150
  * @param FetchAuthTokenInterface $fetcher is used to fetch the auth token
151
- * @param array<mixed> $httpClientOptions (optional) Array of request options to apply.
152
  * @param callable $httpHandler (optional) http client to fetch the token.
153
  * @param callable $tokenCallback (optional) function to be called when a new token is fetched.
154
  * @return \GuzzleHttp\Client
@@ -159,6 +178,18 @@ abstract class CredentialsLoader implements
159
  callable $httpHandler = null,
160
  callable $tokenCallback = null
161
  ) {
 
 
 
 
 
 
 
 
 
 
 
 
162
  $middleware = new Middleware\AuthTokenMiddleware(
163
  $fetcher,
164
  $httpHandler,
@@ -186,21 +217,21 @@ abstract class CredentialsLoader implements
186
  /**
187
  * export a callback function which updates runtime metadata.
188
  *
189
- * @return callable updateMetadata function
190
  * @deprecated
191
  */
192
  public function getUpdateMetadataFunc()
193
  {
194
- return [$this, 'updateMetadata'];
195
  }
196
 
197
  /**
198
  * Updates metadata with the authorization token.
199
  *
200
- * @param array<mixed> $metadata metadata hashmap
201
  * @param string $authUri optional auth uri
202
  * @param callable $httpHandler callback which delivers psr7 request
203
- * @return array<mixed> updated metadata hashmap
204
  */
205
  public function updateMetadata(
206
  $metadata,
@@ -216,7 +247,7 @@ abstract class CredentialsLoader implements
216
  return $metadata;
217
  }
218
  $metadata_copy = $metadata;
219
- $metadata_copy[self::AUTH_METADATA_KEY] = ['Bearer ' . $result['access_token']];
220
 
221
  return $metadata_copy;
222
  }
@@ -257,9 +288,6 @@ abstract class CredentialsLoader implements
257
  return filter_var(getenv(self::MTLS_CERT_ENV_VAR), FILTER_VALIDATE_BOOLEAN);
258
  }
259
 
260
- /**
261
- * @return array{cert_provider_command:string[]}|null
262
- */
263
  private static function loadDefaultClientCertSourceFile()
264
  {
265
  $rootEnv = self::isOnWindows() ? 'APPDATA' : 'HOME';
@@ -268,7 +296,7 @@ abstract class CredentialsLoader implements
268
  return null;
269
  }
270
  $jsonKey = file_get_contents($path);
271
- $clientCertSourceJson = json_decode((string) $jsonKey, true);
272
  if (!$clientCertSourceJson) {
273
  throw new UnexpectedValueException('Invalid client cert source JSON');
274
  }
20
  use Google\Auth\Credentials\InsecureCredentials;
21
  use Google\Auth\Credentials\ServiceAccountCredentials;
22
  use Google\Auth\Credentials\UserRefreshCredentials;
23
+ use GuzzleHttp\ClientInterface;
24
  use RuntimeException;
25
  use UnexpectedValueException;
26
 
60
  return strtoupper(substr(PHP_OS, 0, 3)) === 'WIN';
61
  }
62
 
63
+ /**
64
+ * Returns the currently available major Guzzle version.
65
+ *
66
+ * @return int
67
+ */
68
+ private static function getGuzzleMajorVersion()
69
+ {
70
+ if (defined('GuzzleHttp\ClientInterface::MAJOR_VERSION')) {
71
+ return ClientInterface::MAJOR_VERSION;
72
+ }
73
+
74
+ if (defined('GuzzleHttp\ClientInterface::VERSION')) {
75
+ return (int) substr(ClientInterface::VERSION, 0, 1);
76
+ }
77
+
78
+ throw new \Exception('Version not supported');
79
+ }
80
+
81
  /**
82
  * Load a JSON key from the path specified in the environment.
83
  *
85
  * variable GOOGLE_APPLICATION_CREDENTIALS. Return null if
86
  * GOOGLE_APPLICATION_CREDENTIALS is not specified.
87
  *
88
+ * @return array|null JSON key | null
89
  */
90
  public static function fromEnv()
91
  {
92
  $path = getenv(self::ENV_VAR);
93
  if (empty($path)) {
94
+ return;
95
  }
96
  if (!file_exists($path)) {
97
  $cause = 'file ' . $path . ' does not exist';
98
  throw new \DomainException(self::unableToReadEnv($cause));
99
  }
100
  $jsonKey = file_get_contents($path);
101
+ return json_decode($jsonKey, true);
102
  }
103
 
104
  /**
111
  *
112
  * If the file does not exist, this returns null.
113
  *
114
+ * @return array|null JSON key | null
115
  */
116
  public static function fromWellKnownFile()
117
  {
123
  $path[] = self::WELL_KNOWN_PATH;
124
  $path = implode(DIRECTORY_SEPARATOR, $path);
125
  if (!file_exists($path)) {
126
+ return;
127
  }
128
  $jsonKey = file_get_contents($path);
129
+ return json_decode($jsonKey, true);
130
  }
131
 
132
  /**
133
  * Create a new Credentials instance.
134
  *
135
+ * @param string|array $scope the scope of the access request, expressed
136
  * either as an Array or as a space-delimited String.
137
+ * @param array $jsonKey the JSON credentials.
138
+ * @param string|array $defaultScope The default scope to use if no
139
  * user-defined scopes exist, expressed either as an Array or as a
140
  * space-delimited string.
141
  *
167
  * Create an authorized HTTP Client from an instance of FetchAuthTokenInterface.
168
  *
169
  * @param FetchAuthTokenInterface $fetcher is used to fetch the auth token
170
+ * @param array $httpClientOptions (optional) Array of request options to apply.
171
  * @param callable $httpHandler (optional) http client to fetch the token.
172
  * @param callable $tokenCallback (optional) function to be called when a new token is fetched.
173
  * @return \GuzzleHttp\Client
178
  callable $httpHandler = null,
179
  callable $tokenCallback = null
180
  ) {
181
+ if (self::getGuzzleMajorVersion() === 5) {
182
+ $client = new \GuzzleHttp\Client($httpClientOptions);
183
+ $client->setDefaultOption('auth', 'google_auth');
184
+ $subscriber = new Subscriber\AuthTokenSubscriber(
185
+ $fetcher,
186
+ $httpHandler,
187
+ $tokenCallback
188
+ );
189
+ $client->getEmitter()->attach($subscriber);
190
+ return $client;
191
+ }
192
+
193
  $middleware = new Middleware\AuthTokenMiddleware(
194
  $fetcher,
195
  $httpHandler,
217
  /**
218
  * export a callback function which updates runtime metadata.
219
  *
220
+ * @return array updateMetadata function
221
  * @deprecated
222
  */
223
  public function getUpdateMetadataFunc()
224
  {
225
+ return array($this, 'updateMetadata');
226
  }
227
 
228
  /**
229
  * Updates metadata with the authorization token.
230
  *
231
+ * @param array $metadata metadata hashmap
232
  * @param string $authUri optional auth uri
233
  * @param callable $httpHandler callback which delivers psr7 request
234
+ * @return array updated metadata hashmap
235
  */
236
  public function updateMetadata(
237
  $metadata,
247
  return $metadata;
248
  }
249
  $metadata_copy = $metadata;
250
+ $metadata_copy[self::AUTH_METADATA_KEY] = array('Bearer ' . $result['access_token']);
251
 
252
  return $metadata_copy;
253
  }
288
  return filter_var(getenv(self::MTLS_CERT_ENV_VAR), FILTER_VALIDATE_BOOLEAN);
289
  }
290
 
 
 
 
291
  private static function loadDefaultClientCertSourceFile()
292
  {
293
  $rootEnv = self::isOnWindows() ? 'APPDATA' : 'HOME';
296
  return null;
297
  }
298
  $jsonKey = file_get_contents($path);
299
+ $clientCertSourceJson = json_decode($jsonKey, true);
300
  if (!$clientCertSourceJson) {
301
  throw new UnexpectedValueException('Invalid client cert source JSON');
302
  }
vendor/google/auth/src/FetchAuthTokenCache.php CHANGED
@@ -37,9 +37,19 @@ class FetchAuthTokenCache implements
37
  */
38
  private $fetcher;
39
 
 
 
 
 
 
 
 
 
 
 
40
  /**
41
  * @param FetchAuthTokenInterface $fetcher A credentials fetcher
42
- * @param array<mixed> $cacheConfig Configuration for the cache
43
  * @param CacheItemPoolInterface $cache
44
  */
45
  public function __construct(
@@ -62,7 +72,7 @@ class FetchAuthTokenCache implements
62
  * from the supplied fetcher.
63
  *
64
  * @param callable $httpHandler callback which delivers psr7 request
65
- * @return array<mixed> the response
66
  * @throws \Exception
67
  */
68
  public function fetchAuthToken(callable $httpHandler = null)
@@ -87,7 +97,7 @@ class FetchAuthTokenCache implements
87
  }
88
 
89
  /**
90
- * @return array<mixed>|null
91
  */
92
  public function getLastReceivedToken()
93
  {
@@ -108,7 +118,7 @@ class FetchAuthTokenCache implements
108
  'Google\Auth\SignBlobInterface'
109
  );
110
  }
111
-
112
  return $this->fetcher->getClientName($httpHandler);
113
  }
114
 
@@ -154,8 +164,6 @@ class FetchAuthTokenCache implements
154
  if ($this->fetcher instanceof GetQuotaProjectInterface) {
155
  return $this->fetcher->getQuotaProject();
156
  }
157
-
158
- return null;
159
  }
160
 
161
  /*
@@ -181,10 +189,10 @@ class FetchAuthTokenCache implements
181
  /**
182
  * Updates metadata with the authorization token.
183
  *
184
- * @param array<mixed> $metadata metadata hashmap
185
  * @param string $authUri optional auth uri
186
  * @param callable $httpHandler callback which delivers psr7 request
187
- * @return array<mixed> updated metadata hashmap
188
  * @throws \RuntimeException If the fetcher does not implement
189
  * `Google\Auth\UpdateMetadataInterface`.
190
  */
@@ -225,10 +233,6 @@ class FetchAuthTokenCache implements
225
  return $newMetadata;
226
  }
227
 
228
- /**
229
- * @param string|null $authUri
230
- * @return array<mixed>|null
231
- */
232
  private function fetchAuthTokenFromCache($authUri = null)
233
  {
234
  // Use the cached value if its available.
@@ -259,11 +263,6 @@ class FetchAuthTokenCache implements
259
  return null;
260
  }
261
 
262
- /**
263
- * @param array<mixed> $authToken
264
- * @param string|null $authUri
265
- * @return void
266
- */
267
  private function saveAuthTokenInCache($authToken, $authUri = null)
268
  {
269
  if (isset($authToken['access_token']) ||
37
  */
38
  private $fetcher;
39
 
40
+ /**
41
+ * @var array
42
+ */
43
+ private $cacheConfig;
44
+
45
+ /**
46
+ * @var CacheItemPoolInterface
47
+ */
48
+ private $cache;
49
+
50
  /**
51
  * @param FetchAuthTokenInterface $fetcher A credentials fetcher
52
+ * @param array $cacheConfig Configuration for the cache
53
  * @param CacheItemPoolInterface $cache
54
  */
55
  public function __construct(
72
  * from the supplied fetcher.
73
  *
74
  * @param callable $httpHandler callback which delivers psr7 request
75
+ * @return array the response
76
  * @throws \Exception
77
  */
78
  public function fetchAuthToken(callable $httpHandler = null)
97
  }
98
 
99
  /**
100
+ * @return array|null
101
  */
102
  public function getLastReceivedToken()
103
  {
118
  'Google\Auth\SignBlobInterface'
119
  );
120
  }
121
+
122
  return $this->fetcher->getClientName($httpHandler);
123
  }
124
 
164
  if ($this->fetcher instanceof GetQuotaProjectInterface) {
165
  return $this->fetcher->getQuotaProject();
166
  }
 
 
167
  }
168
 
169
  /*
189
  /**
190
  * Updates metadata with the authorization token.
191
  *
192
+ * @param array $metadata metadata hashmap
193
  * @param string $authUri optional auth uri
194
  * @param callable $httpHandler callback which delivers psr7 request
195
+ * @return array updated metadata hashmap
196
  * @throws \RuntimeException If the fetcher does not implement
197
  * `Google\Auth\UpdateMetadataInterface`.
198
  */
233
  return $newMetadata;
234
  }
235
 
 
 
 
 
236
  private function fetchAuthTokenFromCache($authUri = null)
237
  {
238
  // Use the cached value if its available.
263
  return null;
264
  }
265
 
 
 
 
 
 
266
  private function saveAuthTokenInCache($authToken, $authUri = null)
267
  {
268
  if (isset($authToken['access_token']) ||
vendor/google/auth/src/FetchAuthTokenInterface.php CHANGED
@@ -26,7 +26,7 @@ interface FetchAuthTokenInterface
26
  * Fetches the auth tokens based on the current state.
27
  *
28
  * @param callable $httpHandler callback which delivers psr7 request
29
- * @return array<mixed> a hash of auth tokens
30
  */
31
  public function fetchAuthToken(callable $httpHandler = null);
32
 
@@ -43,11 +43,11 @@ interface FetchAuthTokenInterface
43
  * Returns an associative array with the token and
44
  * expiration time.
45
  *
46
- * @return null|array<mixed> {
47
- * The last received access token.
48
  *
49
- * @type string $access_token The access token string.
50
- * @type int $expires_at The time the token expires as a UNIX timestamp.
51
  * }
52
  */
53
  public function getLastReceivedToken();
26
  * Fetches the auth tokens based on the current state.
27
  *
28
  * @param callable $httpHandler callback which delivers psr7 request
29
+ * @return array a hash of auth tokens
30
  */
31
  public function fetchAuthToken(callable $httpHandler = null);
32
 
43
  * Returns an associative array with the token and
44
  * expiration time.
45
  *
46
+ * @return null|array {
47
+ * The last received access token.
48
  *
49
+ * @var string $access_token The access token string.
50
+ * @var int $expires_at The time the token expires as a UNIX timestamp.
51
  * }
52
  */
53
  public function getLastReceivedToken();
vendor/google/auth/src/GCECache.php CHANGED
@@ -42,7 +42,17 @@ class GCECache
42
  use CacheTrait;
43
 
44
  /**
45
- * @param array<mixed> $cacheConfig Configuration for the cache
 
 
 
 
 
 
 
 
 
 
46
  * @param CacheItemPoolInterface $cache
47
  */
48
  public function __construct(
42
  use CacheTrait;
43
 
44
  /**
45
+ * @var array
46
+ */
47
+ private $cacheConfig;
48
+
49
+ /**
50
+ * @var CacheItemPoolInterface
51
+ */
52
+ private $cache;
53
+
54
+ /**
55
+ * @param array $cacheConfig Configuration for the cache
56
  * @param CacheItemPoolInterface $cache
57
  */
58
  public function __construct(
vendor/google/auth/src/HttpHandler/Guzzle5HttpHandler.php CHANGED
@@ -25,9 +25,6 @@ use GuzzleHttp\Psr7\Response;
25
  use Psr\Http\Message\RequestInterface;
26
  use Psr\Http\Message\ResponseInterface;
27
 
28
- /**
29
- * @deprecated
30
- */
31
  class Guzzle5HttpHandler
32
  {
33
  /**
25
  use Psr\Http\Message\RequestInterface;
26
  use Psr\Http\Message\ResponseInterface;
27
 
 
 
 
28
  class Guzzle5HttpHandler
29
  {
30
  /**
vendor/google/auth/src/HttpHandler/Guzzle6HttpHandler.php CHANGED
@@ -39,7 +39,7 @@ class Guzzle6HttpHandler
39
  * Accepts a PSR-7 request and an array of options and returns a PSR-7 response.
40
  *
41
  * @param RequestInterface $request
42
- * @param array<mixed> $options
43
  * @return ResponseInterface
44
  */
45
  public function __invoke(RequestInterface $request, array $options = [])
@@ -51,7 +51,7 @@ class Guzzle6HttpHandler
51
  * Accepts a PSR-7 request and an array of options and returns a PromiseInterface
52
  *
53
  * @param RequestInterface $request
54
- * @param array<mixed> $options
55
  *
56
  * @return \GuzzleHttp\Promise\PromiseInterface
57
  */
39
  * Accepts a PSR-7 request and an array of options and returns a PSR-7 response.
40
  *
41
  * @param RequestInterface $request
42
+ * @param array $options
43
  * @return ResponseInterface
44
  */
45
  public function __invoke(RequestInterface $request, array $options = [])
51
  * Accepts a PSR-7 request and an array of options and returns a PromiseInterface
52
  *
53
  * @param RequestInterface $request
54
+ * @param array $options
55
  *
56
  * @return \GuzzleHttp\Promise\PromiseInterface
57
  */
vendor/google/auth/src/HttpHandler/HttpHandlerFactory.php CHANGED
@@ -36,7 +36,6 @@ class HttpHandlerFactory
36
  if (defined('GuzzleHttp\ClientInterface::MAJOR_VERSION')) {
37
  $version = ClientInterface::MAJOR_VERSION;
38
  } elseif (defined('GuzzleHttp\ClientInterface::VERSION')) {
39
- /** @phpstan-ignore-next-line */
40
  $version = (int) substr(ClientInterface::VERSION, 0, 1);
41
  }
42
 
36
  if (defined('GuzzleHttp\ClientInterface::MAJOR_VERSION')) {
37
  $version = ClientInterface::MAJOR_VERSION;
38
  } elseif (defined('GuzzleHttp\ClientInterface::VERSION')) {
 
39
  $version = (int) substr(ClientInterface::VERSION, 0, 1);
40
  }
41
 
vendor/google/auth/src/Iam.php CHANGED
@@ -57,7 +57,7 @@ class Iam
57
  * @param string $email The service account email.
58
  * @param string $accessToken An access token from the service account.
59
  * @param string $stringToSign The string to be signed.
60
- * @param array<string> $delegates [optional] A list of service account emails to
61
  * add to the delegate chain. If omitted, the value of `$email` will
62
  * be used.
63
  * @return string The signed string, base64-encoded.
57
  * @param string $email The service account email.
58
  * @param string $accessToken An access token from the service account.
59
  * @param string $stringToSign The string to be signed.
60
+ * @param array $delegates [optional] A list of service account emails to
61
  * add to the delegate chain. If omitted, the value of `$email` will
62
  * be used.
63
  * @return string The signed string, base64-encoded.
vendor/google/auth/src/Middleware/AuthTokenMiddleware.php CHANGED
@@ -35,7 +35,7 @@ use Psr\Http\Message\RequestInterface;
35
  class AuthTokenMiddleware
36
  {
37
  /**
38
- * @var callable
39
  */
40
  private $httpHandler;
41
 
@@ -45,7 +45,7 @@ class AuthTokenMiddleware
45
  private $fetcher;
46
 
47
  /**
48
- * @var ?callable
49
  */
50
  private $tokenCallback;
51
 
@@ -115,11 +115,11 @@ class AuthTokenMiddleware
115
  /**
116
  * Call fetcher to fetch the token.
117
  *
118
- * @return string|null
119
  */
120
  private function fetchToken()
121
  {
122
- $auth_tokens = (array) $this->fetcher->fetchAuthToken($this->httpHandler);
123
 
124
  if (array_key_exists('access_token', $auth_tokens)) {
125
  // notify the callback if applicable
@@ -137,19 +137,12 @@ class AuthTokenMiddleware
137
  if (array_key_exists('id_token', $auth_tokens)) {
138
  return $auth_tokens['id_token'];
139
  }
140
-
141
- return null;
142
  }
143
 
144
- /**
145
- * @return string|null
146
- */
147
  private function getQuotaProject()
148
  {
149
  if ($this->fetcher instanceof GetQuotaProjectInterface) {
150
  return $this->fetcher->getQuotaProject();
151
  }
152
-
153
- return null;
154
  }
155
  }
35
  class AuthTokenMiddleware
36
  {
37
  /**
38
+ * @var callback
39
  */
40
  private $httpHandler;
41
 
45
  private $fetcher;
46
 
47
  /**
48
+ * @var callable
49
  */
50
  private $tokenCallback;
51
 
115
  /**
116
  * Call fetcher to fetch the token.
117
  *
118
+ * @return string
119
  */
120
  private function fetchToken()
121
  {
122
+ $auth_tokens = $this->fetcher->fetchAuthToken($this->httpHandler);
123
 
124
  if (array_key_exists('access_token', $auth_tokens)) {
125
  // notify the callback if applicable
137
  if (array_key_exists('id_token', $auth_tokens)) {
138
  return $auth_tokens['id_token'];
139
  }
 
 
140
  }
141
 
 
 
 
142
  private function getQuotaProject()
143
  {
144
  if ($this->fetcher instanceof GetQuotaProjectInterface) {
145
  return $this->fetcher->getQuotaProject();
146
  }
 
 
147
  }
148
  }
vendor/google/auth/src/Middleware/ProxyAuthTokenMiddleware.php CHANGED
@@ -35,7 +35,7 @@ use Psr\Http\Message\RequestInterface;
35
  class ProxyAuthTokenMiddleware
36
  {
37
  /**
38
- * @var callable
39
  */
40
  private $httpHandler;
41
 
@@ -45,7 +45,7 @@ class ProxyAuthTokenMiddleware
45
  private $fetcher;
46
 
47
  /**
48
- * @var ?callable
49
  */
50
  private $tokenCallback;
51
 
@@ -115,7 +115,7 @@ class ProxyAuthTokenMiddleware
115
  /**
116
  * Call fetcher to fetch the token.
117
  *
118
- * @return string|null
119
  */
120
  private function fetchToken()
121
  {
@@ -137,19 +137,12 @@ class ProxyAuthTokenMiddleware
137
  if (array_key_exists('id_token', $auth_tokens)) {
138
  return $auth_tokens['id_token'];
139
  }
140
-
141
- return null;
142
  }
143
 
144
- /**
145
- * @return string|null;
146
- */
147
  private function getQuotaProject()
148
  {
149
  if ($this->fetcher instanceof GetQuotaProjectInterface) {
150
  return $this->fetcher->getQuotaProject();
151
  }
152
-
153
- return null;
154
  }
155
  }
35
  class ProxyAuthTokenMiddleware
36
  {
37
  /**
38
+ * @var callback
39
  */
40
  private $httpHandler;
41
 
45
  private $fetcher;
46
 
47
  /**
48
+ * @var callable
49
  */
50
  private $tokenCallback;
51
 
115
  /**
116
  * Call fetcher to fetch the token.
117
  *
118
+ * @return string
119
  */
120
  private function fetchToken()
121
  {
137
  if (array_key_exists('id_token', $auth_tokens)) {
138
  return $auth_tokens['id_token'];
139
  }
 
 
140
  }
141
 
 
 
 
142
  private function getQuotaProject()
143
  {
144
  if ($this->fetcher instanceof GetQuotaProjectInterface) {
145
  return $this->fetcher->getQuotaProject();
146
  }
 
 
147
  }
148
  }
vendor/google/auth/src/Middleware/ScopedAccessTokenMiddleware.php CHANGED
@@ -39,13 +39,23 @@ class ScopedAccessTokenMiddleware
39
 
40
  const DEFAULT_CACHE_LIFETIME = 1500;
41
 
 
 
 
 
 
 
 
 
 
 
42
  /**
43
  * @var callable
44
  */
45
  private $tokenFunc;
46
 
47
  /**
48
- * @var array<string>|string
49
  */
50
  private $scopes;
51
 
@@ -53,8 +63,8 @@ class ScopedAccessTokenMiddleware
53
  * Creates a new ScopedAccessTokenMiddleware.
54
  *
55
  * @param callable $tokenFunc a token generator function
56
- * @param array<string>|string $scopes the token authentication scopes
57
- * @param array<mixed> $cacheConfig configuration for the cache when it's present
58
  * @param CacheItemPoolInterface $cache an implementation of CacheItemPoolInterface
59
  */
60
  public function __construct(
39
 
40
  const DEFAULT_CACHE_LIFETIME = 1500;
41
 
42
+ /**
43
+ * @var CacheItemPoolInterface
44
+ */
45
+ private $cache;
46
+
47
+ /**
48
+ * @var array configuration
49
+ */
50
+ private $cacheConfig;
51
+
52
  /**
53
  * @var callable
54
  */
55
  private $tokenFunc;
56
 
57
  /**
58
+ * @var array|string
59
  */
60
  private $scopes;
61
 
63
  * Creates a new ScopedAccessTokenMiddleware.
64
  *
65
  * @param callable $tokenFunc a token generator function
66
+ * @param array|string $scopes the token authentication scopes
67
+ * @param array $cacheConfig configuration for the cache when it's present
68
  * @param CacheItemPoolInterface $cache an implementation of CacheItemPoolInterface
69
  */
70
  public function __construct(
vendor/google/auth/src/Middleware/SimpleMiddleware.php CHANGED
@@ -29,7 +29,7 @@ use Psr\Http\Message\RequestInterface;
29
  class SimpleMiddleware
30
  {
31
  /**
32
- * @var array<mixed>
33
  */
34
  private $config;
35
 
@@ -39,7 +39,7 @@ class SimpleMiddleware
39
  * The configuration array expects one option
40
  * - key: required, otherwise InvalidArgumentException is thrown
41
  *
42
- * @param array<mixed> $config Configuration array
43
  */
44
  public function __construct(array $config)
45
  {
29
  class SimpleMiddleware
30
  {
31
  /**
32
+ * @var array
33
  */
34
  private $config;
35
 
39
  * The configuration array expects one option
40
  * - key: required, otherwise InvalidArgumentException is thrown
41
  *
42
+ * @param array $config Configuration array
43
  */
44
  public function __construct(array $config)
45
  {
vendor/google/auth/src/OAuth2.php CHANGED
@@ -18,7 +18,6 @@
18
  namespace Google\Auth;
19
 
20
  use Firebase\JWT\JWT;
21
- use Firebase\JWT\Key;
22
  use Google\Auth\HttpHandler\HttpClientCache;
23
  use Google\Auth\HttpHandler\HttpHandlerFactory;
24
  use GuzzleHttp\Psr7\Query;
@@ -44,34 +43,32 @@ class OAuth2 implements FetchAuthTokenInterface
44
 
45
  /**
46
  * TODO: determine known methods from the keys of JWT::methods.
47
- *
48
- * @var array<string>
49
  */
50
- public static $knownSigningAlgorithms = [
51
  'HS256',
52
  'HS512',
53
  'HS384',
54
  'RS256',
55
- ];
56
 
57
  /**
58
  * The well known grant types.
59
  *
60
- * @var array<string>
61
  */
62
- public static $knownGrantTypes = [
63
  'authorization_code',
64
  'refresh_token',
65
  'password',
66
  'client_credentials',
67
- ];
68
 
69
  /**
70
  * - authorizationUri
71
  * The authorization server's HTTP endpoint capable of
72
  * authenticating the end-user and obtaining authorization.
73
  *
74
- * @var ?UriInterface
75
  */
76
  private $authorizationUri;
77
 
@@ -87,7 +84,7 @@ class OAuth2 implements FetchAuthTokenInterface
87
  /**
88
  * The redirection URI used in the initial request.
89
  *
90
- * @var ?string
91
  */
92
  private $redirectUri;
93
 
@@ -110,14 +107,14 @@ class OAuth2 implements FetchAuthTokenInterface
110
  /**
111
  * The resource owner's username.
112
  *
113
- * @var ?string
114
  */
115
  private $username;
116
 
117
  /**
118
  * The resource owner's password.
119
  *
120
- * @var ?string
121
  */
122
  private $password;
123
 
@@ -125,7 +122,7 @@ class OAuth2 implements FetchAuthTokenInterface
125
  * The scope of the access request, expressed either as an Array or as a
126
  * space-delimited string.
127
  *
128
- * @var ?array<string>
129
  */
130
  private $scope;
131
 
@@ -141,14 +138,14 @@ class OAuth2 implements FetchAuthTokenInterface
141
  *
142
  * Only used by the authorization code access grant type.
143
  *
144
- * @var ?string
145
  */
146
  private $code;
147
 
148
  /**
149
  * The issuer ID when using assertion profile.
150
  *
151
- * @var ?string
152
  */
153
  private $issuer;
154
 
@@ -176,7 +173,7 @@ class OAuth2 implements FetchAuthTokenInterface
176
  /**
177
  * The signing key when using assertion profile.
178
  *
179
- * @var ?string
180
  */
181
  private $signingKey;
182
 
@@ -190,14 +187,14 @@ class OAuth2 implements FetchAuthTokenInterface
190
  /**
191
  * The signing algorithm when using an assertion profile.
192
  *
193
- * @var ?string
194
  */
195
  private $signingAlgorithm;
196
 
197
  /**
198
  * The refresh token associated with the access token to be refreshed.
199
  *
200
- * @var ?string
201
  */
202
  private $refreshToken;
203
 
@@ -218,7 +215,7 @@ class OAuth2 implements FetchAuthTokenInterface
218
  /**
219
  * The lifetime in seconds of the current access token.
220
  *
221
- * @var ?int
222
  */
223
  private $expiresIn;
224
 
@@ -226,7 +223,7 @@ class OAuth2 implements FetchAuthTokenInterface
226
  * The expiration time of the access token as a number of seconds since the
227
  * unix epoch.
228
  *
229
- * @var ?int
230
  */
231
  private $expiresAt;
232
 
@@ -234,30 +231,26 @@ class OAuth2 implements FetchAuthTokenInterface
234
  * The issue time of the access token as a number of seconds since the unix
235
  * epoch.
236
  *
237
- * @var ?int
238
  */
239
  private $issuedAt;
240
 
241
  /**
242
  * The current grant type.
243
  *
244
- * @var ?string
245
  */
246
  private $grantType;
247
 
248
  /**
249
  * When using an extension grant type, this is the set of parameters used by
250
  * that extension.
251
- *
252
- * @var array<mixed>
253
  */
254
  private $extensionParams;
255
 
256
  /**
257
  * When using the toJwt function, these claims will be added to the JWT
258
  * payload.
259
- *
260
- * @var array<mixed>
261
  */
262
  private $additionalClaims;
263
 
@@ -327,7 +320,7 @@ class OAuth2 implements FetchAuthTokenInterface
327
  * When using an extension grant type, this is the set of parameters used
328
  * by that extension.
329
  *
330
- * @param array<mixed> $config Configuration array
331
  */
332
  public function __construct(array $config)
333
  {
@@ -381,24 +374,23 @@ class OAuth2 implements FetchAuthTokenInterface
381
  * - otherwise returns the payload in the idtoken as a PHP object.
382
  *
383
  * The behavior of this method varies depending on the version of
384
- * `firebase/php-jwt` you are using. In versions 6.0 and above, you cannot
385
- * provide multiple $allowed_algs, and instead must provide an array of Key
386
- * objects as the $publicKey.
 
387
  *
388
- * @param string|Key|Key[] $publicKey The public key to use to authenticate the token
389
- * @param string|array<string> $allowed_algs algorithm or array of supported verification algorithms.
390
- * Providing more than one algorithm will throw an exception.
391
  * @throws \DomainException if the token is missing an audience.
392
  * @throws \DomainException if the audience does not match the one set in
393
  * the OAuth2 class instance.
394
  * @throws \UnexpectedValueException If the token is invalid
395
- * @throws \InvalidArgumentException If more than one value for allowed_algs is supplied
396
- * @throws \Firebase\JWT\SignatureInvalidException If the signature is invalid.
397
- * @throws \Firebase\JWT\BeforeValidException If the token is not yet valid.
398
- * @throws \Firebase\JWT\ExpiredException If the token has expired.
399
  * @return null|object
400
  */
401
- public function verifyIdToken($publicKey = null, $allowed_algs = [])
402
  {
403
  $idToken = $this->getIdToken();
404
  if (is_null($idToken)) {
@@ -419,7 +411,7 @@ class OAuth2 implements FetchAuthTokenInterface
419
  /**
420
  * Obtains the encoded jwt from the instance data.
421
  *
422
- * @param array<mixed> $config array optional configuration parameters
423
  * @return string
424
  */
425
  public function toJwt(array $config = [])
@@ -463,7 +455,7 @@ class OAuth2 implements FetchAuthTokenInterface
463
  }
464
  $assertion += $this->getAdditionalClaims();
465
 
466
- return JWT::encode(
467
  $assertion,
468
  $this->getSigningKey(),
469
  $this->getSigningAlgorithm(),
@@ -484,7 +476,7 @@ class OAuth2 implements FetchAuthTokenInterface
484
  }
485
 
486
  $grantType = $this->getGrantType();
487
- $params = ['grant_type' => $grantType];
488
  switch ($grantType) {
489
  case 'authorization_code':
490
  $params['code'] = $this->getCode();
@@ -533,7 +525,7 @@ class OAuth2 implements FetchAuthTokenInterface
533
  * Fetches the auth tokens based on the current state.
534
  *
535
  * @param callable $httpHandler callback which delivers psr7 request
536
- * @return array<mixed> the response
537
  */
538
  public function fetchAuthToken(callable $httpHandler = null)
539
  {
@@ -553,7 +545,7 @@ class OAuth2 implements FetchAuthTokenInterface
553
  *
554
  * The key is derived from the scopes.
555
  *
556
- * @return ?string a key that may be used to cache the auth token.
557
  */
558
  public function getCacheKey()
559
  {
@@ -573,7 +565,7 @@ class OAuth2 implements FetchAuthTokenInterface
573
  * Parses the fetched tokens.
574
  *
575
  * @param ResponseInterface $resp the response.
576
- * @return array<mixed> the tokens parsed from the response body.
577
  * @throws \Exception
578
  */
579
  public function parseTokenResponse(ResponseInterface $resp)
@@ -582,7 +574,7 @@ class OAuth2 implements FetchAuthTokenInterface
582
  if ($resp->hasHeader('Content-Type') &&
583
  $resp->getHeaderLine('Content-Type') == 'application/x-www-form-urlencoded'
584
  ) {
585
- $res = [];
586
  parse_str($body, $res);
587
 
588
  return $res;
@@ -608,7 +600,7 @@ class OAuth2 implements FetchAuthTokenInterface
608
  * ]);
609
  * ```
610
  *
611
- * @param array<mixed> $config
612
  * The configuration parameters related to the token.
613
  *
614
  * - refresh_token
@@ -629,7 +621,6 @@ class OAuth2 implements FetchAuthTokenInterface
629
  *
630
  * - issued_at
631
  * The timestamp that the token was issued at.
632
- * @return void
633
  */
634
  public function updateToken(array $config)
635
  {
@@ -663,7 +654,7 @@ class OAuth2 implements FetchAuthTokenInterface
663
  /**
664
  * Builds the authorization Uri that the user should be redirected to.
665
  *
666
- * @param array<mixed> $config configuration options that customize the return url
667
  * @return UriInterface the authorization Url.
668
  * @throws InvalidArgumentException
669
  */
@@ -721,7 +712,6 @@ class OAuth2 implements FetchAuthTokenInterface
721
  * the end-user and obtaining authorization.
722
  *
723
  * @param string $uri
724
- * @return void
725
  */
726
  public function setAuthorizationUri($uri)
727
  {
@@ -732,7 +722,7 @@ class OAuth2 implements FetchAuthTokenInterface
732
  * Gets the authorization server's HTTP endpoint capable of authenticating
733
  * the end-user and obtaining authorization.
734
  *
735
- * @return ?UriInterface
736
  */
737
  public function getAuthorizationUri()
738
  {
@@ -743,7 +733,7 @@ class OAuth2 implements FetchAuthTokenInterface
743
  * Gets the authorization server's HTTP endpoint capable of issuing tokens
744
  * and refreshing expired tokens.
745
  *
746
- * @return ?UriInterface
747
  */
748
  public function getTokenCredentialUri()
749
  {
@@ -755,7 +745,6 @@ class OAuth2 implements FetchAuthTokenInterface
755
  * and refreshing expired tokens.
756
  *
757
  * @param string $uri
758
- * @return void
759
  */
760
  public function setTokenCredentialUri($uri)
761
  {
@@ -765,7 +754,7 @@ class OAuth2 implements FetchAuthTokenInterface
765
  /**
766
  * Gets the redirection URI used in the initial request.
767
  *
768
- * @return ?string
769
  */
770
  public function getRedirectUri()
771
  {
@@ -775,8 +764,7 @@ class OAuth2 implements FetchAuthTokenInterface
775
  /**
776
  * Sets the redirection URI used in the initial request.
777
  *
778
- * @param ?string $uri
779
- * @return void
780
  */
781
  public function setRedirectUri($uri)
782
  {
@@ -801,7 +789,7 @@ class OAuth2 implements FetchAuthTokenInterface
801
  /**
802
  * Gets the scope of the access requests as a space-delimited String.
803
  *
804
- * @return ?string
805
  */
806
  public function getScope()
807
  {
@@ -816,8 +804,7 @@ class OAuth2 implements FetchAuthTokenInterface
816
  * Sets the scope of the access request, expressed either as an Array or as
817
  * a space-delimited String.
818
  *
819
- * @param string|array<string>|null $scope
820
- * @return void
821
  * @throws InvalidArgumentException
822
  */
823
  public function setScope($scope)
@@ -846,7 +833,7 @@ class OAuth2 implements FetchAuthTokenInterface
846
  /**
847
  * Gets the current grant type.
848
  *
849
- * @return ?string
850
  */
851
  public function getGrantType()
852
  {
@@ -878,8 +865,7 @@ class OAuth2 implements FetchAuthTokenInterface
878
  /**
879
  * Sets the current grant type.
880
  *
881
- * @param string $grantType
882
- * @return void
883
  * @throws InvalidArgumentException
884
  */
885
  public function setGrantType($grantType)
@@ -911,7 +897,6 @@ class OAuth2 implements FetchAuthTokenInterface
911
  * Sets an arbitrary string designed to allow the client to maintain state.
912
  *
913
  * @param string $state
914
- * @return void
915
  */
916
  public function setState($state)
917
  {
@@ -920,8 +905,6 @@ class OAuth2 implements FetchAuthTokenInterface
920
 
921
  /**
922
  * Gets the authorization code issued to this client.
923
- *
924
- * @return string
925
  */
926
  public function getCode()
927
  {
@@ -932,7 +915,6 @@ class OAuth2 implements FetchAuthTokenInterface
932
  * Sets the authorization code issued to this client.
933
  *
934
  * @param string $code
935
- * @return void
936
  */
937
  public function setCode($code)
938
  {
@@ -941,8 +923,6 @@ class OAuth2 implements FetchAuthTokenInterface
941
 
942
  /**
943
  * Gets the resource owner's username.
944
- *
945
- * @return string
946
  */
947
  public function getUsername()
948
  {
@@ -953,7 +933,6 @@ class OAuth2 implements FetchAuthTokenInterface
953
  * Sets the resource owner's username.
954
  *
955
  * @param string $username
956
- * @return void
957
  */
958
  public function setUsername($username)
959
  {
@@ -962,8 +941,6 @@ class OAuth2 implements FetchAuthTokenInterface
962
 
963
  /**
964
  * Gets the resource owner's password.
965
- *
966
- * @return string
967
  */
968
  public function getPassword()
969
  {
@@ -973,8 +950,7 @@ class OAuth2 implements FetchAuthTokenInterface
973
  /**
974
  * Sets the resource owner's password.
975
  *
976
- * @param string $password
977
- * @return void
978
  */
979
  public function setPassword($password)
980
  {
@@ -984,8 +960,6 @@ class OAuth2 implements FetchAuthTokenInterface
984
  /**
985
  * Sets a unique identifier issued to the client to identify itself to the
986
  * authorization server.
987
- *
988
- * @return string
989
  */
990
  public function getClientId()
991
  {
@@ -996,8 +970,7 @@ class OAuth2 implements FetchAuthTokenInterface
996
  * Sets a unique identifier issued to the client to identify itself to the
997
  * authorization server.
998
  *
999
- * @param string $clientId
1000
- * @return void
1001
  */
1002
  public function setClientId($clientId)
1003
  {
@@ -1007,8 +980,6 @@ class OAuth2 implements FetchAuthTokenInterface
1007
  /**
1008
  * Gets a shared symmetric secret issued by the authorization server, which
1009
  * is used to authenticate the client.
1010
- *
1011
- * @return string
1012
  */
1013
  public function getClientSecret()
1014
  {
@@ -1019,8 +990,7 @@ class OAuth2 implements FetchAuthTokenInterface
1019
  * Sets a shared symmetric secret issued by the authorization server, which
1020
  * is used to authenticate the client.
1021
  *
1022
- * @param string $clientSecret
1023
- * @return void
1024
  */
1025
  public function setClientSecret($clientSecret)
1026
  {
@@ -1029,8 +999,6 @@ class OAuth2 implements FetchAuthTokenInterface
1029
 
1030
  /**
1031
  * Gets the Issuer ID when using assertion profile.
1032
- *
1033
- * @return ?string
1034
  */
1035
  public function getIssuer()
1036
  {
@@ -1041,7 +1009,6 @@ class OAuth2 implements FetchAuthTokenInterface
1041
  * Sets the Issuer ID when using assertion profile.
1042
  *
1043
  * @param string $issuer
1044
- * @return void
1045
  */
1046
  public function setIssuer($issuer)
1047
  {
@@ -1050,8 +1017,6 @@ class OAuth2 implements FetchAuthTokenInterface
1050
 
1051
  /**
1052
  * Gets the target sub when issuing assertions.
1053
- *
1054
- * @return ?string
1055
  */
1056
  public function getSub()
1057
  {
@@ -1062,7 +1027,6 @@ class OAuth2 implements FetchAuthTokenInterface
1062
  * Sets the target sub when issuing assertions.
1063
  *
1064
  * @param string $sub
1065
- * @return void
1066
  */
1067
  public function setSub($sub)
1068
  {
@@ -1071,8 +1035,6 @@ class OAuth2 implements FetchAuthTokenInterface
1071
 
1072
  /**
1073
  * Gets the target audience when issuing assertions.
1074
- *
1075
- * @return ?string
1076
  */
1077
  public function getAudience()
1078
  {
@@ -1083,7 +1045,6 @@ class OAuth2 implements FetchAuthTokenInterface
1083
  * Sets the target audience when issuing assertions.
1084
  *
1085
  * @param string $audience
1086
- * @return void
1087
  */
1088
  public function setAudience($audience)
1089
  {
@@ -1092,8 +1053,6 @@ class OAuth2 implements FetchAuthTokenInterface
1092
 
1093
  /**
1094
  * Gets the signing key when using an assertion profile.
1095
- *
1096
- * @return ?string
1097
  */
1098
  public function getSigningKey()
1099
  {
@@ -1104,7 +1063,6 @@ class OAuth2 implements FetchAuthTokenInterface
1104
  * Sets the signing key when using an assertion profile.
1105
  *
1106
  * @param string $signingKey
1107
- * @return void
1108
  */
1109
  public function setSigningKey($signingKey)
1110
  {
@@ -1114,7 +1072,7 @@ class OAuth2 implements FetchAuthTokenInterface
1114
  /**
1115
  * Gets the signing key id when using an assertion profile.
1116
  *
1117
- * @return ?string
1118
  */
1119
  public function getSigningKeyId()
1120
  {
@@ -1125,7 +1083,6 @@ class OAuth2 implements FetchAuthTokenInterface
1125
  * Sets the signing key id when using an assertion profile.
1126
  *
1127
  * @param string $signingKeyId
1128
- * @return void
1129
  */
1130
  public function setSigningKeyId($signingKeyId)
1131
  {
@@ -1135,7 +1092,7 @@ class OAuth2 implements FetchAuthTokenInterface
1135
  /**
1136
  * Gets the signing algorithm when using an assertion profile.
1137
  *
1138
- * @return ?string
1139
  */
1140
  public function getSigningAlgorithm()
1141
  {
@@ -1145,8 +1102,7 @@ class OAuth2 implements FetchAuthTokenInterface
1145
  /**
1146
  * Sets the signing algorithm when using an assertion profile.
1147
  *
1148
- * @param ?string $signingAlgorithm
1149
- * @return void
1150
  */
1151
  public function setSigningAlgorithm($signingAlgorithm)
1152
  {
@@ -1162,8 +1118,6 @@ class OAuth2 implements FetchAuthTokenInterface
1162
  /**
1163
  * Gets the set of parameters used by extension when using an extension
1164
  * grant type.
1165
- *
1166
- * @return array<mixed>
1167
  */
1168
  public function getExtensionParams()
1169
  {
@@ -1174,8 +1128,7 @@ class OAuth2 implements FetchAuthTokenInterface
1174
  * Sets the set of parameters used by extension when using an extension
1175
  * grant type.
1176
  *
1177
- * @param array<mixed> $extensionParams
1178
- * @return void
1179
  */
1180
  public function setExtensionParams($extensionParams)
1181
  {
@@ -1184,8 +1137,6 @@ class OAuth2 implements FetchAuthTokenInterface
1184
 
1185
  /**
1186
  * Gets the number of seconds assertions are valid for.
1187
- *
1188
- * @return int
1189
  */
1190
  public function getExpiry()
1191
  {
@@ -1196,7 +1147,6 @@ class OAuth2 implements FetchAuthTokenInterface
1196
  * Sets the number of seconds assertions are valid for.
1197
  *
1198
  * @param int $expiry
1199
- * @return void
1200
  */
1201
  public function setExpiry($expiry)
1202
  {
@@ -1205,8 +1155,6 @@ class OAuth2 implements FetchAuthTokenInterface
1205
 
1206
  /**
1207
  * Gets the lifetime of the access token in seconds.
1208
- *
1209
- * @return int
1210
  */
1211
  public function getExpiresIn()
1212
  {
@@ -1216,8 +1164,7 @@ class OAuth2 implements FetchAuthTokenInterface
1216
  /**
1217
  * Sets the lifetime of the access token in seconds.
1218
  *
1219
- * @param ?int $expiresIn
1220
- * @return void
1221
  */
1222
  public function setExpiresIn($expiresIn)
1223
  {
@@ -1233,7 +1180,7 @@ class OAuth2 implements FetchAuthTokenInterface
1233
  /**
1234
  * Gets the time the current access token expires at.
1235
  *
1236
- * @return ?int
1237
  */
1238
  public function getExpiresAt()
1239
  {
@@ -1265,7 +1212,6 @@ class OAuth2 implements FetchAuthTokenInterface
1265
  * Sets the time the current access token expires at.
1266
  *
1267
  * @param int $expiresAt
1268
- * @return void
1269
  */
1270
  public function setExpiresAt($expiresAt)
1271
  {
@@ -1274,8 +1220,6 @@ class OAuth2 implements FetchAuthTokenInterface
1274
 
1275
  /**
1276
  * Gets the time the current access token was issued at.
1277
- *
1278
- * @return ?int
1279
  */
1280
  public function getIssuedAt()
1281
  {
@@ -1286,7 +1230,6 @@ class OAuth2 implements FetchAuthTokenInterface
1286
  * Sets the time the current access token was issued at.
1287
  *
1288
  * @param int $issuedAt
1289
- * @return void
1290
  */
1291
  public function setIssuedAt($issuedAt)
1292
  {
@@ -1295,8 +1238,6 @@ class OAuth2 implements FetchAuthTokenInterface
1295
 
1296
  /**
1297
  * Gets the current access token.
1298
- *
1299
- * @return ?string
1300
  */
1301
  public function getAccessToken()
1302
  {
@@ -1307,7 +1248,6 @@ class OAuth2 implements FetchAuthTokenInterface
1307
  * Sets the current access token.
1308
  *
1309
  * @param string $accessToken
1310
- * @return void
1311
  */
1312
  public function setAccessToken($accessToken)
1313
  {
@@ -1316,8 +1256,6 @@ class OAuth2 implements FetchAuthTokenInterface
1316
 
1317
  /**
1318
  * Gets the current ID token.
1319
- *
1320
- * @return ?string
1321
  */
1322
  public function getIdToken()
1323
  {
@@ -1327,8 +1265,7 @@ class OAuth2 implements FetchAuthTokenInterface
1327
  /**
1328
  * Sets the current ID token.
1329
  *
1330
- * @param string $idToken
1331
- * @return void
1332
  */
1333
  public function setIdToken($idToken)
1334
  {
@@ -1337,8 +1274,6 @@ class OAuth2 implements FetchAuthTokenInterface
1337
 
1338
  /**
1339
  * Gets the refresh token associated with the current access token.
1340
- *
1341
- * @return ?string
1342
  */
1343
  public function getRefreshToken()
1344
  {
@@ -1348,8 +1283,7 @@ class OAuth2 implements FetchAuthTokenInterface
1348
  /**
1349
  * Sets the refresh token associated with the current access token.
1350
  *
1351
- * @param string $refreshToken
1352
- * @return void
1353
  */
1354
  public function setRefreshToken($refreshToken)
1355
  {
@@ -1359,8 +1293,7 @@ class OAuth2 implements FetchAuthTokenInterface
1359
  /**
1360
  * Sets additional claims to be included in the JWT token
1361
  *
1362
- * @param array<mixed> $additionalClaims
1363
- * @return void
1364
  */
1365
  public function setAdditionalClaims(array $additionalClaims)
1366
  {
@@ -1370,7 +1303,7 @@ class OAuth2 implements FetchAuthTokenInterface
1370
  /**
1371
  * Gets the additional claims to be included in the JWT token.
1372
  *
1373
- * @return array<mixed>
1374
  */
1375
  public function getAdditionalClaims()
1376
  {
@@ -1380,7 +1313,7 @@ class OAuth2 implements FetchAuthTokenInterface
1380
  /**
1381
  * The expiration of the last received token.
1382
  *
1383
- * @return array<mixed>|null
1384
  */
1385
  public function getLastReceivedToken()
1386
  {
@@ -1429,13 +1362,13 @@ class OAuth2 implements FetchAuthTokenInterface
1429
  /**
1430
  * @todo handle uri as array
1431
  *
1432
- * @param ?string $uri
1433
  * @return null|UriInterface
1434
  */
1435
  private function coerceUri($uri)
1436
  {
1437
  if (is_null($uri)) {
1438
- return null;
1439
  }
1440
 
1441
  return Utils::uriFor($uri);
@@ -1443,86 +1376,23 @@ class OAuth2 implements FetchAuthTokenInterface
1443
 
1444
  /**
1445
  * @param string $idToken
1446
- * @param Key|Key[]|string|string[] $publicKey
1447
- * @param string|string[] $allowedAlgs
1448
  * @return object
1449
  */
1450
  private function jwtDecode($idToken, $publicKey, $allowedAlgs)
1451
  {
1452
- $keys = $this->getFirebaseJwtKeys($publicKey, $allowedAlgs);
1453
-
1454
- // Default exception if none are caught. We are using the same exception
1455
- // class and message from firebase/php-jwt to preserve backwards
1456
- // compatibility.
1457
- $e = new \InvalidArgumentException('Key may not be empty');
1458
- foreach ($keys as $key) {
1459
- try {
1460
- return JWT::decode($idToken, $key);
1461
- } catch (\Exception $e) {
1462
- // try next alg
1463
- }
1464
- }
1465
- throw $e;
1466
  }
1467
 
1468
- /**
1469
- * @param Key|Key[]|string|string[] $publicKey
1470
- * @param string|string[] $allowedAlgs
1471
- * @return Key[]
1472
- */
1473
- private function getFirebaseJwtKeys($publicKey, $allowedAlgs)
1474
  {
1475
- // If $publicKey is instance of Key, return it
1476
- if ($publicKey instanceof Key) {
1477
- return [$publicKey];
1478
- }
1479
-
1480
- // If $allowedAlgs is empty, $publicKey must be Key or Key[].
1481
- if (empty($allowedAlgs)) {
1482
- $keys = [];
1483
- foreach ((array) $publicKey as $kid => $pubKey) {
1484
- if (!$pubKey instanceof Key) {
1485
- throw new \InvalidArgumentException(sprintf(
1486
- 'When allowed algorithms is empty, the public key must'
1487
- . 'be an instance of %s or an array of %s objects',
1488
- Key::class,
1489
- Key::class
1490
- ));
1491
- }
1492
- $keys[$kid] = $pubKey;
1493
- }
1494
- return $keys;
1495
- }
1496
-
1497
- $allowedAlg = null;
1498
- if (is_string($allowedAlgs)) {
1499
- $allowedAlg = $allowedAlg;
1500
- } elseif (is_array($allowedAlgs)) {
1501
- if (count($allowedAlgs) > 1) {
1502
- throw new \InvalidArgumentException(
1503
- 'To have multiple allowed algorithms, You must provide an'
1504
- . ' array of Firebase\JWT\Key objects.'
1505
- . ' See https://github.com/firebase/php-jwt for more information.');
1506
- }
1507
- $allowedAlg = array_pop($allowedAlgs);
1508
- } else {
1509
- throw new \InvalidArgumentException('allowed algorithms must be a string or array.');
1510
- }
1511
-
1512
- if (is_array($publicKey)) {
1513
- // When publicKey is greater than 1, create keys with the single alg.
1514
- $keys = [];
1515
- foreach ($publicKey as $kid => $pubKey) {
1516
- if ($pubKey instanceof Key) {
1517
- $keys[$kid] = $pubKey;
1518
- } else {
1519
- $keys[$kid] = new Key($pubKey, $allowedAlg);
1520
- }
1521
- }
1522
- return $keys;
1523
- }
1524
-
1525
- return [new Key($publicKey, $allowedAlg)];
1526
  }
1527
 
1528
  /**
@@ -1540,8 +1410,8 @@ class OAuth2 implements FetchAuthTokenInterface
1540
  }
1541
 
1542
  /**
1543
- * @param array<mixed> $params
1544
- * @return array<mixed>
1545
  */
1546
  private function addClientCredentials(&$params)
1547
  {
18
  namespace Google\Auth;
19
 
20
  use Firebase\JWT\JWT;
 
21
  use Google\Auth\HttpHandler\HttpClientCache;
22
  use Google\Auth\HttpHandler\HttpHandlerFactory;
23
  use GuzzleHttp\Psr7\Query;
43
 
44
  /**
45
  * TODO: determine known methods from the keys of JWT::methods.
 
 
46
  */
47
+ public static $knownSigningAlgorithms = array(
48
  'HS256',
49
  'HS512',
50
  'HS384',
51
  'RS256',
52
+ );
53
 
54
  /**
55
  * The well known grant types.
56
  *
57
+ * @var array
58
  */
59
+ public static $knownGrantTypes = array(
60
  'authorization_code',
61
  'refresh_token',
62
  'password',
63
  'client_credentials',
64
+ );
65
 
66
  /**
67
  * - authorizationUri
68
  * The authorization server's HTTP endpoint capable of
69
  * authenticating the end-user and obtaining authorization.
70
  *
71
+ * @var UriInterface
72
  */
73
  private $authorizationUri;
74
 
84
  /**
85
  * The redirection URI used in the initial request.
86
  *
87
+ * @var string
88
  */
89
  private $redirectUri;
90
 
107
  /**
108
  * The resource owner's username.
109
  *
110
+ * @var string
111
  */
112
  private $username;
113
 
114
  /**
115
  * The resource owner's password.
116
  *
117
+ * @var string
118
  */
119
  private $password;
120
 
122
  * The scope of the access request, expressed either as an Array or as a
123
  * space-delimited string.
124
  *
125
+ * @var array
126
  */
127
  private $scope;
128
 
138
  *
139
  * Only used by the authorization code access grant type.
140
  *
141
+ * @var string
142
  */
143
  private $code;
144
 
145
  /**
146
  * The issuer ID when using assertion profile.
147
  *
148
+ * @var string
149
  */
150
  private $issuer;
151
 
173
  /**
174
  * The signing key when using assertion profile.
175
  *
176
+ * @var string
177
  */
178
  private $signingKey;
179
 
187
  /**
188
  * The signing algorithm when using an assertion profile.
189
  *
190
+ * @var string
191
  */
192
  private $signingAlgorithm;
193
 
194
  /**
195
  * The refresh token associated with the access token to be refreshed.
196
  *
197
+ * @var string
198
  */
199
  private $refreshToken;
200
 
215
  /**
216
  * The lifetime in seconds of the current access token.
217
  *
218
+ * @var int
219
  */
220
  private $expiresIn;
221
 
223
  * The expiration time of the access token as a number of seconds since the
224
  * unix epoch.
225
  *
226
+ * @var int
227
  */
228
  private $expiresAt;
229
 
231
  * The issue time of the access token as a number of seconds since the unix
232
  * epoch.
233
  *
234
+ * @var int
235
  */
236
  private $issuedAt;
237
 
238
  /**
239
  * The current grant type.
240
  *
241
+ * @var string
242
  */
243
  private $grantType;
244
 
245
  /**
246
  * When using an extension grant type, this is the set of parameters used by
247
  * that extension.
 
 
248
  */
249
  private $extensionParams;
250
 
251
  /**
252
  * When using the toJwt function, these claims will be added to the JWT
253
  * payload.
 
 
254
  */
255
  private $additionalClaims;
256
 
320
  * When using an extension grant type, this is the set of parameters used
321
  * by that extension.
322
  *
323
+ * @param array $config Configuration array
324
  */
325
  public function __construct(array $config)
326
  {
374
  * - otherwise returns the payload in the idtoken as a PHP object.
375
  *
376
  * The behavior of this method varies depending on the version of
377
+ * `firebase/php-jwt` you are using. In versions lower than 3.0.0, if
378
+ * `$publicKey` is null, the key is decoded without being verified. In
379
+ * newer versions, if a public key is not given, this method will throw an
380
+ * `\InvalidArgumentException`.
381
  *
382
+ * @param string $publicKey The public key to use to authenticate the token
383
+ * @param array $allowed_algs List of supported verification algorithms
 
384
  * @throws \DomainException if the token is missing an audience.
385
  * @throws \DomainException if the audience does not match the one set in
386
  * the OAuth2 class instance.
387
  * @throws \UnexpectedValueException If the token is invalid
388
+ * @throws SignatureInvalidException If the signature is invalid.
389
+ * @throws BeforeValidException If the token is not yet valid.
390
+ * @throws ExpiredException If the token has expired.
 
391
  * @return null|object
392
  */
393
+ public function verifyIdToken($publicKey = null, $allowed_algs = array())
394
  {
395
  $idToken = $this->getIdToken();
396
  if (is_null($idToken)) {
411
  /**
412
  * Obtains the encoded jwt from the instance data.
413
  *
414
+ * @param array $config array optional configuration parameters
415
  * @return string
416
  */
417
  public function toJwt(array $config = [])
455
  }
456
  $assertion += $this->getAdditionalClaims();
457
 
458
+ return $this->jwtEncode(
459
  $assertion,
460
  $this->getSigningKey(),
461
  $this->getSigningAlgorithm(),
476
  }
477
 
478
  $grantType = $this->getGrantType();
479
+ $params = array('grant_type' => $grantType);
480
  switch ($grantType) {
481
  case 'authorization_code':
482
  $params['code'] = $this->getCode();
525
  * Fetches the auth tokens based on the current state.
526
  *
527
  * @param callable $httpHandler callback which delivers psr7 request
528
+ * @return array the response
529
  */
530
  public function fetchAuthToken(callable $httpHandler = null)
531
  {
545
  *
546
  * The key is derived from the scopes.
547
  *
548
+ * @return string a key that may be used to cache the auth token.
549
  */
550
  public function getCacheKey()
551
  {
565
  * Parses the fetched tokens.
566
  *
567
  * @param ResponseInterface $resp the response.
568
+ * @return array the tokens parsed from the response body.
569
  * @throws \Exception
570
  */
571
  public function parseTokenResponse(ResponseInterface $resp)
574
  if ($resp->hasHeader('Content-Type') &&
575
  $resp->getHeaderLine('Content-Type') == 'application/x-www-form-urlencoded'
576
  ) {
577
+ $res = array();
578
  parse_str($body, $res);
579
 
580
  return $res;
600
  * ]);
601
  * ```
602
  *
603
+ * @param array $config
604
  * The configuration parameters related to the token.
605
  *
606
  * - refresh_token
621
  *
622
  * - issued_at
623
  * The timestamp that the token was issued at.
 
624
  */
625
  public function updateToken(array $config)
626
  {
654
  /**
655
  * Builds the authorization Uri that the user should be redirected to.
656
  *
657
+ * @param array $config configuration options that customize the return url
658
  * @return UriInterface the authorization Url.
659
  * @throws InvalidArgumentException
660
  */
712
  * the end-user and obtaining authorization.
713
  *
714
  * @param string $uri
 
715
  */
716
  public function setAuthorizationUri($uri)
717
  {
722
  * Gets the authorization server's HTTP endpoint capable of authenticating
723
  * the end-user and obtaining authorization.
724
  *
725
+ * @return UriInterface
726
  */
727
  public function getAuthorizationUri()
728
  {
733
  * Gets the authorization server's HTTP endpoint capable of issuing tokens
734
  * and refreshing expired tokens.
735
  *
736
+ * @return string
737
  */
738
  public function getTokenCredentialUri()
739
  {
745
  * and refreshing expired tokens.
746
  *
747
  * @param string $uri
 
748
  */
749
  public function setTokenCredentialUri($uri)
750
  {
754
  /**
755
  * Gets the redirection URI used in the initial request.
756
  *
757
+ * @return string
758
  */
759
  public function getRedirectUri()
760
  {
764
  /**
765
  * Sets the redirection URI used in the initial request.
766
  *
767
+ * @param string $uri
 
768
  */
769
  public function setRedirectUri($uri)
770
  {
789
  /**
790
  * Gets the scope of the access requests as a space-delimited String.
791
  *
792
+ * @return string
793
  */
794
  public function getScope()
795
  {
804
  * Sets the scope of the access request, expressed either as an Array or as
805
  * a space-delimited String.
806
  *
807
+ * @param string|array $scope
 
808
  * @throws InvalidArgumentException
809
  */
810
  public function setScope($scope)
833
  /**
834
  * Gets the current grant type.
835
  *
836
+ * @return string
837
  */
838
  public function getGrantType()
839
  {
865
  /**
866
  * Sets the current grant type.
867
  *
868
+ * @param $grantType
 
869
  * @throws InvalidArgumentException
870
  */
871
  public function setGrantType($grantType)
897
  * Sets an arbitrary string designed to allow the client to maintain state.
898
  *
899
  * @param string $state
 
900
  */
901
  public function setState($state)
902
  {
905
 
906
  /**
907
  * Gets the authorization code issued to this client.
 
 
908
  */
909
  public function getCode()
910
  {
915
  * Sets the authorization code issued to this client.
916
  *
917
  * @param string $code
 
918
  */
919
  public function setCode($code)
920
  {
923
 
924
  /**
925
  * Gets the resource owner's username.
 
 
926
  */
927
  public function getUsername()
928
  {
933
  * Sets the resource owner's username.
934
  *
935
  * @param string $username
 
936
  */
937
  public function setUsername($username)
938
  {
941
 
942
  /**
943
  * Gets the resource owner's password.
 
 
944
  */
945
  public function getPassword()
946
  {
950
  /**
951
  * Sets the resource owner's password.
952
  *
953
+ * @param $password
 
954
  */
955
  public function setPassword($password)
956
  {
960
  /**
961
  * Sets a unique identifier issued to the client to identify itself to the
962
  * authorization server.
 
 
963
  */
964
  public function getClientId()
965
  {
970
  * Sets a unique identifier issued to the client to identify itself to the
971
  * authorization server.
972
  *
973
+ * @param $clientId
 
974
  */
975
  public function setClientId($clientId)
976
  {
980
  /**
981
  * Gets a shared symmetric secret issued by the authorization server, which
982
  * is used to authenticate the client.
 
 
983
  */
984
  public function getClientSecret()
985
  {
990
  * Sets a shared symmetric secret issued by the authorization server, which
991
  * is used to authenticate the client.
992
  *
993
+ * @param $clientSecret
 
994
  */
995
  public function setClientSecret($clientSecret)
996
  {
999
 
1000
  /**
1001
  * Gets the Issuer ID when using assertion profile.
 
 
1002
  */
1003
  public function getIssuer()
1004
  {
1009
  * Sets the Issuer ID when using assertion profile.
1010
  *
1011
  * @param string $issuer
 
1012
  */
1013
  public function setIssuer($issuer)
1014
  {
1017
 
1018
  /**
1019
  * Gets the target sub when issuing assertions.
 
 
1020
  */
1021
  public function getSub()
1022
  {
1027
  * Sets the target sub when issuing assertions.
1028
  *
1029
  * @param string $sub
 
1030
  */
1031
  public function setSub($sub)
1032
  {
1035
 
1036
  /**
1037
  * Gets the target audience when issuing assertions.
 
 
1038
  */
1039
  public function getAudience()
1040
  {
1045
  * Sets the target audience when issuing assertions.
1046
  *
1047
  * @param string $audience
 
1048
  */
1049
  public function setAudience($audience)
1050
  {
1053
 
1054
  /**
1055
  * Gets the signing key when using an assertion profile.
 
 
1056
  */
1057
  public function getSigningKey()
1058
  {
1063
  * Sets the signing key when using an assertion profile.
1064
  *
1065
  * @param string $signingKey
 
1066
  */
1067
  public function setSigningKey($signingKey)
1068
  {
1072
  /**
1073
  * Gets the signing key id when using an assertion profile.
1074
  *
1075
+ * @return string
1076
  */
1077
  public function getSigningKeyId()
1078
  {
1083
  * Sets the signing key id when using an assertion profile.
1084
  *
1085
  * @param string $signingKeyId
 
1086
  */
1087
  public function setSigningKeyId($signingKeyId)
1088
  {
1092
  /**
1093
  * Gets the signing algorithm when using an assertion profile.
1094
  *
1095
+ * @return string
1096
  */
1097
  public function getSigningAlgorithm()
1098
  {
1102
  /**
1103
  * Sets the signing algorithm when using an assertion profile.
1104
  *
1105
+ * @param string $signingAlgorithm
 
1106
  */
1107
  public function setSigningAlgorithm($signingAlgorithm)
1108
  {
1118
  /**
1119
  * Gets the set of parameters used by extension when using an extension
1120
  * grant type.
 
 
1121
  */
1122
  public function getExtensionParams()
1123
  {
1128
  * Sets the set of parameters used by extension when using an extension
1129
  * grant type.
1130
  *
1131
+ * @param $extensionParams
 
1132
  */
1133
  public function setExtensionParams($extensionParams)
1134
  {
1137
 
1138
  /**
1139
  * Gets the number of seconds assertions are valid for.
 
 
1140
  */
1141
  public function getExpiry()
1142
  {
1147
  * Sets the number of seconds assertions are valid for.
1148
  *
1149
  * @param int $expiry
 
1150
  */
1151
  public function setExpiry($expiry)
1152
  {
1155
 
1156
  /**
1157
  * Gets the lifetime of the access token in seconds.
 
 
1158
  */
1159
  public function getExpiresIn()
1160
  {
1164
  /**
1165
  * Sets the lifetime of the access token in seconds.
1166
  *
1167
+ * @param int $expiresIn
 
1168
  */
1169
  public function setExpiresIn($expiresIn)
1170
  {
1180
  /**
1181
  * Gets the time the current access token expires at.
1182
  *
1183
+ * @return int
1184
  */
1185
  public function getExpiresAt()
1186
  {
1212
  * Sets the time the current access token expires at.
1213
  *
1214
  * @param int $expiresAt
 
1215
  */
1216
  public function setExpiresAt($expiresAt)
1217
  {
1220
 
1221
  /**
1222
  * Gets the time the current access token was issued at.
 
 
1223
  */
1224
  public function getIssuedAt()
1225
  {
1230
  * Sets the time the current access token was issued at.
1231
  *
1232
  * @param int $issuedAt
 
1233
  */
1234
  public function setIssuedAt($issuedAt)
1235
  {
1238
 
1239
  /**
1240
  * Gets the current access token.
 
 
1241
  */
1242
  public function getAccessToken()
1243
  {
1248
  * Sets the current access token.
1249
  *
1250
  * @param string $accessToken
 
1251
  */
1252
  public function setAccessToken($accessToken)
1253
  {
1256
 
1257
  /**
1258
  * Gets the current ID token.
 
 
1259
  */
1260
  public function getIdToken()
1261
  {
1265
  /**
1266
  * Sets the current ID token.
1267
  *
1268
+ * @param $idToken
 
1269
  */
1270
  public function setIdToken($idToken)
1271
  {
1274
 
1275
  /**
1276
  * Gets the refresh token associated with the current access token.
 
 
1277
  */
1278
  public function getRefreshToken()
1279
  {
1283
  /**
1284
  * Sets the refresh token associated with the current access token.
1285
  *
1286
+ * @param $refreshToken
 
1287
  */
1288
  public function setRefreshToken($refreshToken)
1289
  {
1293
  /**
1294
  * Sets additional claims to be included in the JWT token
1295
  *
1296
+ * @param array $additionalClaims
 
1297
  */
1298
  public function setAdditionalClaims(array $additionalClaims)
1299
  {
1303
  /**
1304
  * Gets the additional claims to be included in the JWT token.
1305
  *
1306
+ * @return array
1307
  */
1308
  public function getAdditionalClaims()
1309
  {
1313
  /**
1314
  * The expiration of the last received token.
1315
  *
1316
+ * @return array|null
1317
  */
1318
  public function getLastReceivedToken()
1319
  {
1362
  /**
1363
  * @todo handle uri as array
1364
  *
1365
+ * @param string $uri
1366
  * @return null|UriInterface
1367
  */
1368
  private function coerceUri($uri)
1369
  {
1370
  if (is_null($uri)) {
1371
+ return;
1372
  }
1373
 
1374
  return Utils::uriFor($uri);
1376
 
1377
  /**
1378
  * @param string $idToken
1379
+ * @param string|array|null $publicKey
1380
+ * @param array $allowedAlgs
1381
  * @return object
1382
  */
1383
  private function jwtDecode($idToken, $publicKey, $allowedAlgs)
1384
  {
1385
+ return JWT::decode($idToken, $publicKey, $allowedAlgs);
 
 
 
 
 
 
 
 
 
 
 
 
 
1386
  }
1387
 
1388
+ private function jwtEncode($assertion, $signingKey, $signingAlgorithm, $signingKeyId = null)
 
 
 
 
 
1389
  {
1390
+ return JWT::encode(
1391
+ $assertion,
1392
+ $signingKey,
1393
+ $signingAlgorithm,
1394
+ $signingKeyId
1395
+ );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1396
  }
1397
 
1398
  /**
1410
  }
1411
 
1412
  /**
1413
+ * @param array $params
1414
+ * @return array
1415
  */
1416
  private function addClientCredentials(&$params)
1417
  {
vendor/google/auth/src/UpdateMetadataInterface.php CHANGED
@@ -28,10 +28,10 @@ interface UpdateMetadataInterface
28
  /**
29
  * Updates metadata with the authorization token.
30
  *
31
- * @param array<mixed> $metadata metadata hashmap
32
  * @param string $authUri optional auth uri
33
  * @param callable $httpHandler callback which delivers psr7 request
34
- * @return array<mixed> updated metadata hashmap
35
  */
36
  public function updateMetadata(
37
  $metadata,
28
  /**
29
  * Updates metadata with the authorization token.
30
  *
31
+ * @param array $metadata metadata hashmap
32
  * @param string $authUri optional auth uri
33
  * @param callable $httpHandler callback which delivers psr7 request
34
+ * @return array updated metadata hashmap
35
  */
36
  public function updateMetadata(
37
  $metadata,