/** * Descending listener sort callback. * * @param \Xpl\Event\Listener a * @param \Xpl\Event\Listener b * @return int Sort result */ PHP_METHOD(Xpl_Event_Manager, sortListenersDesc) { zval *a, *b, *_0, *_1, *_2; ZEPHIR_MM_GROW(); zephir_fetch_params(1, 2, 0, &a, &b); ZEPHIR_INIT_VAR(_0); ZEPHIR_OBS_VAR(_1); zephir_read_property(&_1, a, SL("priority"), PH_NOISY_CC); ZEPHIR_OBS_VAR(_2); zephir_read_property(&_2, b, SL("priority"), PH_NOISY_CC); if (ZEPHIR_LE(_1, _2)) { ZVAL_LONG(_0, 1); } else { ZVAL_LONG(_0, -1); } RETURN_CCTOR(_0); }
/** * Validates the data from the decoded JWT. * * @return boolean TRUE if the JWT request is valid and can be decoded. Otherwise, FALSE is returned. * * @see OAuth2\GrantType\GrantTypeInterface::getTokenData() */ PHP_METHOD(OAuth2_GrantType_JwtBearer, validateRequest) { zend_bool _14, _21; zephir_fcall_cache_entry *_9 = NULL, *_12 = NULL; zval *_6; int ZEPHIR_LAST_CALL_STATUS; zval *request, *response, *undecodedJWT = NULL, *jwt = NULL, *notBefore, *jti = NULL, *key = NULL, *_0 = NULL, *_1 = NULL, *_2 = NULL, *_3 = NULL, *_4, *_5 = NULL, *_7, *_8 = NULL, *_10, *_11 = NULL, *_13 = NULL, *_15, *_16, *_17, *_18, *_19, *_20, *_22, *_23, *_24, *_25, *_26, *_27, *_28; ZEPHIR_MM_GROW(); zephir_fetch_params(1, 2, 0, &request, &response); if (!(zephir_instance_of_ev(request, oauth2_requestinterface_ce TSRMLS_CC))) { ZEPHIR_THROW_EXCEPTION_DEBUG_STR(spl_ce_InvalidArgumentException, "Parameter 'request' must be an instance of 'OAuth2\\RequestInterface'", "", 0); return; } if (!(zephir_instance_of_ev(response, oauth2_responseinterface_ce TSRMLS_CC))) { ZEPHIR_THROW_EXCEPTION_DEBUG_STR(spl_ce_InvalidArgumentException, "Parameter 'response' must be an instance of 'OAuth2\\ResponseInterface'", "", 0); return; } ZEPHIR_INIT_VAR(_1); ZVAL_STRING(_1, "assertion", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(&_0, request, "request", NULL, _1); zephir_check_temp_parameter(_1); zephir_check_call_status(); if (!(zephir_is_true(_0))) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_VAR(_2); ZVAL_STRING(_2, "invalid_request", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_VAR(_3); ZVAL_STRING(_3, "Missing parameters: \"assertion\" required", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } ZEPHIR_INIT_NVAR(_1); ZVAL_STRING(_1, "assertion", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(&undecodedJWT, request, "request", NULL, _1); zephir_check_temp_parameter(_1); zephir_check_call_status(); _4 = zephir_fetch_nproperty_this(this_ptr, SL("jwtUtil"), PH_NOISY_CC); ZEPHIR_INIT_NVAR(_1); ZVAL_STRING(_1, "assertion", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(&_5, request, "request", NULL, _1); zephir_check_temp_parameter(_1); zephir_check_call_status(); ZEPHIR_INIT_NVAR(_1); ZVAL_NULL(_1); ZEPHIR_INIT_NVAR(_2); ZVAL_BOOL(_2, 0); ZEPHIR_CALL_METHOD(&jwt, _4, "decode", NULL, _5, _1, _2); zephir_check_call_status(); if (!(zephir_is_true(jwt))) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_request", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "JWT is malformed", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } ZEPHIR_INIT_NVAR(_1); ZEPHIR_INIT_VAR(_6); array_init_size(_6, 12); zephir_array_update_string(&_6, SL("scope"), &ZEPHIR_GLOBAL(global_null), PH_COPY | PH_SEPARATE); zephir_array_update_string(&_6, SL("iss"), &ZEPHIR_GLOBAL(global_null), PH_COPY | PH_SEPARATE); zephir_array_update_string(&_6, SL("sub"), &ZEPHIR_GLOBAL(global_null), PH_COPY | PH_SEPARATE); zephir_array_update_string(&_6, SL("aud"), &ZEPHIR_GLOBAL(global_null), PH_COPY | PH_SEPARATE); zephir_array_update_string(&_6, SL("exp"), &ZEPHIR_GLOBAL(global_null), PH_COPY | PH_SEPARATE); zephir_array_update_string(&_6, SL("nbf"), &ZEPHIR_GLOBAL(global_null), PH_COPY | PH_SEPARATE); zephir_array_update_string(&_6, SL("iat"), &ZEPHIR_GLOBAL(global_null), PH_COPY | PH_SEPARATE); zephir_array_update_string(&_6, SL("jti"), &ZEPHIR_GLOBAL(global_null), PH_COPY | PH_SEPARATE); zephir_array_update_string(&_6, SL("typ"), &ZEPHIR_GLOBAL(global_null), PH_COPY | PH_SEPARATE); zephir_fast_array_merge(_1, &(_6), &(jwt) TSRMLS_CC); ZEPHIR_CPY_WRT(jwt, _1); if (!(zephir_array_isset_string(jwt, SS("iss")))) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "Invalid issuer (iss) provided", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } if (!(zephir_array_isset_string(jwt, SS("sub")))) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "Invalid subject (sub) provided", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } if (!(zephir_array_isset_string(jwt, SS("exp")))) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "Expiration (exp) time must be present", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } zephir_array_fetch_string(&_7, jwt, SL("exp"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 115 TSRMLS_CC); ZEPHIR_CALL_FUNCTION(&_8, "ctype_digit", &_9, _7); zephir_check_call_status(); if (zephir_is_true(_8)) { zephir_array_fetch_string(&_10, jwt, SL("exp"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 116 TSRMLS_CC); ZEPHIR_CALL_FUNCTION(&_11, "time", &_12); zephir_check_call_status(); if (ZEPHIR_LE(_10, _11)) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "JWT has expired", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } } else { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "Expiration (exp) time must be a unix time stamp", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } ZEPHIR_OBS_VAR(notBefore); zephir_array_fetch_string(¬Before, jwt, SL("nbf"), PH_NOISY, "oauth2/granttype/jwtbearer.zep", 126 TSRMLS_CC); if (zephir_is_true(notBefore)) { ZEPHIR_CALL_FUNCTION(&_11, "ctype_digit", &_9, notBefore); zephir_check_call_status(); if (zephir_is_true(_11)) { ZEPHIR_CALL_FUNCTION(&_13, "time", &_12); zephir_check_call_status(); if (ZEPHIR_GT(notBefore, _13)) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "JWT cannot be used before the Not Before (nbf) time", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } } else { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "Not Before (nbf) time must be a unix time stamp", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } } _14 = !zephir_array_isset_string(jwt, SS("aud")); if (!(_14)) { zephir_array_fetch_string(&_10, jwt, SL("aud"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 140 TSRMLS_CC); _15 = zephir_fetch_nproperty_this(this_ptr, SL("audience"), PH_NOISY_CC); _14 = !ZEPHIR_IS_EQUAL(_10, _15); } if (_14) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "Invalid audience (aud)", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } if (zephir_array_isset_string(jwt, SS("jti"))) { _16 = zephir_fetch_nproperty_this(this_ptr, SL("storage"), PH_NOISY_CC); zephir_array_fetch_string(&_10, jwt, SL("iss"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 148 TSRMLS_CC); zephir_array_fetch_string(&_17, jwt, SL("sub"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 148 TSRMLS_CC); zephir_array_fetch_string(&_18, jwt, SL("aud"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 148 TSRMLS_CC); zephir_array_fetch_string(&_19, jwt, SL("exp"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 148 TSRMLS_CC); zephir_array_fetch_string(&_20, jwt, SL("jti"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 148 TSRMLS_CC); ZEPHIR_CALL_METHOD(&jti, _16, "getjti", NULL, _10, _17, _18, _19, _20); zephir_check_call_status(); _21 = zephir_is_true(jti); if (_21) { zephir_array_fetch_string(&_22, jti, SL("expires"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 151 TSRMLS_CC); ZEPHIR_CALL_FUNCTION(&_11, "time", &_12); zephir_check_call_status(); _21 = ZEPHIR_GT(_22, _11); } if (_21) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "JSON Token Identifier (jti) has already been used", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } else { _23 = zephir_fetch_nproperty_this(this_ptr, SL("storage"), PH_NOISY_CC); zephir_array_fetch_string(&_24, jwt, SL("iss"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 155 TSRMLS_CC); zephir_array_fetch_string(&_25, jwt, SL("sub"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 155 TSRMLS_CC); zephir_array_fetch_string(&_26, jwt, SL("aud"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 155 TSRMLS_CC); zephir_array_fetch_string(&_27, jwt, SL("exp"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 155 TSRMLS_CC); zephir_array_fetch_string(&_28, jwt, SL("jti"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 155 TSRMLS_CC); ZEPHIR_CALL_METHOD(NULL, _23, "setjti", NULL, _24, _25, _26, _27, _28); zephir_check_call_status(); } } _16 = zephir_fetch_nproperty_this(this_ptr, SL("storage"), PH_NOISY_CC); zephir_array_fetch_string(&_10, jwt, SL("iss"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 161 TSRMLS_CC); zephir_array_fetch_string(&_17, jwt, SL("sub"), PH_NOISY | PH_READONLY, "oauth2/granttype/jwtbearer.zep", 161 TSRMLS_CC); ZEPHIR_CALL_METHOD(&key, _16, "getclientkey", NULL, _10, _17); zephir_check_call_status(); if (!(zephir_is_true(key))) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "Invalid issuer (iss) or subject (sub) provided", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } _16 = zephir_fetch_nproperty_this(this_ptr, SL("jwtUtil"), PH_NOISY_CC); ZEPHIR_INIT_NVAR(_1); ZVAL_BOOL(_1, 1); ZEPHIR_CALL_METHOD(&_11, _16, "decode", NULL, undecodedJWT, key, _1); zephir_check_call_status(); if (!(zephir_is_true(_11))) { ZEPHIR_INIT_NVAR(_1); ZVAL_LONG(_1, 400); ZEPHIR_INIT_NVAR(_2); ZVAL_STRING(_2, "invalid_grant", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_INIT_NVAR(_3); ZVAL_STRING(_3, "JWT failed signature verification", ZEPHIR_TEMP_PARAM_COPY); ZEPHIR_CALL_METHOD(NULL, response, "seterror", NULL, _1, _2, _3); zephir_check_temp_parameter(_2); zephir_check_temp_parameter(_3); zephir_check_call_status(); RETURN_MM_BOOL(0); } zephir_update_property_this(this_ptr, SL("jwt"), jwt TSRMLS_CC); RETURN_MM_BOOL(1); }