From db9a25c3cf1e751190523b6b2dc0b9c4c0ed747f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= <1005065+DeepDiver1975@users.noreply.github.com> Date: Wed, 28 Sep 2022 09:03:49 +0200 Subject: [PATCH] chore: code cleanup of back-channel PR #302 --- src/OpenIDConnectClient.php | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/src/OpenIDConnectClient.php b/src/OpenIDConnectClient.php index 2485184c..e96316df 100644 --- a/src/OpenIDConnectClient.php +++ b/src/OpenIDConnectClient.php @@ -378,7 +378,6 @@ public function authenticate() { // Success! return true; - } throw new OpenIDConnectClientException ('Unable to verify JWT claims'); @@ -479,8 +478,8 @@ public function signOut($idToken, $redirect) { * back-channel logout flows. * * This function should be evaluated as a boolean check - * in your route that receives the POST request for back- - * channel logout executed from the OP. + * in your route that receives the POST request for back-channel + * logout executed from the OP. * * @return bool * @throws OpenIDConnectClientException @@ -506,18 +505,15 @@ public function verifyLogoutToken() } // Verify Logout Token Claims - if ($this->verifyLogoutTokenClaims($claims, $logout_token)) { - $this->logoutToken = $logout_token; + if ($this->verifyLogoutTokenClaims($claims)) { $this->verifiedClaims = $claims; return true; } - else { - return false; - } - } - else { - throw new OpenIDConnectClientException('Back-channel logout: There was no logout_token in the request'); + + return false; } + + throw new OpenIDConnectClientException('Back-channel logout: There was no logout_token in the request'); } /** @@ -526,6 +522,7 @@ public function verifyLogoutToken() * * @param object $claims * @return bool + * @throws OpenIDConnectClientException */ public function verifyLogoutTokenClaims($claims) { @@ -572,11 +569,11 @@ public function verifyLogoutTokenClaims($claims) return false; } // Validate the iat. At this point we can return true if it is ok - if (isset($claims->iat) && ((gettype($claims->iat) === 'integer') && ($claims->iat <= time() + $this->leeway))) { + if (isset($claims->iat) && ((is_int($claims->iat)) && ($claims->iat <= time() + $this->leeway))) { return true; - } else { - return false; } + + return false; } /** @@ -770,6 +767,7 @@ protected function generateRandString() { * Start Here * @return void * @throws OpenIDConnectClientException + * @throws \Exception */ private function requestAuthorization() {