Merge branch '3.2RC'3.2

6 files changed, 122 insertions, 27 deletions

diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/AuthorizationCode.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/AuthorizationCode.php
index 8971954c5..b8ad41ffb 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/AuthorizationCode.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/AuthorizationCode.php
@@ -6,16 +6,26 @@ use OAuth2\ResponseType\AuthorizationCode as BaseAuthorizationCode;
 use OAuth2\OpenID\Storage\AuthorizationCodeInterface as AuthorizationCodeStorageInterface;
 
 /**
- *
  * @author Brent Shaffer <bshafs at gmail dot com>
  */
 class AuthorizationCode extends BaseAuthorizationCode implements AuthorizationCodeInterface
 {
+    /**
+     * Constructor
+     *
+     * @param AuthorizationCodeStorageInterface $storage
+     * @param array $config
+     */
     public function __construct(AuthorizationCodeStorageInterface $storage, array $config = array())
     {
         parent::__construct($storage, $config);
     }
 
+    /**
+     * @param $params
+     * @param null $user_id
+     * @return array
+     */
     public function getAuthorizeResponse($params, $user_id = null)
     {
         // build the URL to redirect to
@@ -35,18 +45,14 @@ class AuthorizationCode extends BaseAuthorizationCode implements AuthorizationCo
     /**
      * Handle the creation of the authorization code.
      *
-     * @param $client_id
-     * Client identifier related to the authorization code
-     * @param $user_id
-     * User ID associated with the authorization code
-     * @param $redirect_uri
-     * An absolute URI to which the authorization server will redirect the
-     * user-agent to when the end-user authorization step is completed.
-     * @param $scope
-     * (optional) Scopes to be stored in space-separated string.
-     * @param $id_token
-     * (optional) The OpenID Connect id_token.
+     * @param mixed $client_id - Client identifier related to the authorization code
+     * @param mixed $user_id - User ID associated with the authorization code
+     * @param string $redirect_uri - An absolute URI to which the authorization server will redirect the
+     *                               user-agent to when the end-user authorization step is completed.
+     * @param string $scope - OPTIONAL Scopes to be stored in space-separated string.
+     * @param string $id_token - OPTIONAL The OpenID Connect id_token.
      *
+     * @return string
      * @see http://tools.ietf.org/html/rfc6749#section-4
      * @ingroup oauth2_section_4
      */
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/AuthorizationCodeInterface.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/AuthorizationCodeInterface.php
index ea4779255..eb94ef077 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/AuthorizationCodeInterface.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/AuthorizationCodeInterface.php
@@ -5,7 +5,6 @@ namespace OAuth2\OpenID\ResponseType;
 use OAuth2\ResponseType\AuthorizationCodeInterface as BaseAuthorizationCodeInterface;
 
 /**
- *
  * @author Brent Shaffer <bshafs at gmail dot com>
  */
 interface AuthorizationCodeInterface extends BaseAuthorizationCodeInterface
@@ -13,12 +12,13 @@ interface AuthorizationCodeInterface extends BaseAuthorizationCodeInterface
     /**
      * Handle the creation of the authorization code.
      *
-     * @param $client_id                Client identifier related to the authorization code
-     * @param $user_id                  User ID associated with the authorization code
-     * @param $redirect_uri             An absolute URI to which the authorization server will redirect the
-     *                                  user-agent to when the end-user authorization step is completed.
-     * @param $scope        OPTIONAL    Scopes to be stored in space-separated string.
-     * @param $id_token     OPTIONAL    The OpenID Connect id_token.
+     * @param mixed  $client_id    - Client identifier related to the authorization code
+     * @param mixed  $user_id      - User ID associated with the authorization code
+     * @param string $redirect_uri - An absolute URI to which the authorization server will redirect the
+     *                               user-agent to when the end-user authorization step is completed.
+     * @param string $scope        - OPTIONAL Scopes to be stored in space-separated string.
+     * @param string $id_token     - OPTIONAL The OpenID Connect id_token.
+     * @return string
      *
      * @see http://tools.ietf.org/html/rfc6749#section-4
      * @ingroup oauth2_section_4
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/CodeIdToken.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/CodeIdToken.php
index ac7764d6c..2696ada37 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/CodeIdToken.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/CodeIdToken.php
@@ -4,15 +4,31 @@ namespace OAuth2\OpenID\ResponseType;
 
 class CodeIdToken implements CodeIdTokenInterface
 {
+    /**
+     * @var AuthorizationCodeInterface
+     */
     protected $authCode;
+
+    /**
+     * @var IdTokenInterface
+     */
     protected $idToken;
 
+    /**
+     * @param AuthorizationCodeInterface $authCode
+     * @param IdTokenInterface           $idToken
+     */
     public function __construct(AuthorizationCodeInterface $authCode, IdTokenInterface $idToken)
     {
         $this->authCode = $authCode;
         $this->idToken = $idToken;
     }
 
+    /**
+     * @param array $params
+     * @param mixed $user_id
+     * @return mixed
+     */
     public function getAuthorizeResponse($params, $user_id = null)
     {
         $result = $this->authCode->getAuthorizeResponse($params, $user_id);
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdToken.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdToken.php
index 97777fbf2..55e446074 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdToken.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdToken.php
@@ -6,14 +6,38 @@ use OAuth2\Encryption\EncryptionInterface;
 use OAuth2\Encryption\Jwt;
 use OAuth2\Storage\PublicKeyInterface;
 use OAuth2\OpenID\Storage\UserClaimsInterface;
+use LogicException;
 
 class IdToken implements IdTokenInterface
 {
+    /**
+     * @var UserClaimsInterface
+     */
     protected $userClaimsStorage;
+    /**
+     * @var PublicKeyInterface
+     */
     protected $publicKeyStorage;
+
+    /**
+     * @var array
+     */
     protected $config;
+
+    /**
+     * @var EncryptionInterface
+     */
     protected $encryptionUtil;
 
+    /**
+     * Constructor
+     *
+     * @param UserClaimsInterface $userClaimsStorage
+     * @param PublicKeyInterface $publicKeyStorage
+     * @param array $config
+     * @param EncryptionInterface $encryptionUtil
+     * @throws LogicException
+     */
     public function __construct(UserClaimsInterface $userClaimsStorage, PublicKeyInterface $publicKeyStorage, array $config = array(), EncryptionInterface $encryptionUtil = null)
     {
         $this->userClaimsStorage = $userClaimsStorage;
@@ -24,13 +48,18 @@ class IdToken implements IdTokenInterface
         $this->encryptionUtil = $encryptionUtil;
 
         if (!isset($config['issuer'])) {
-            throw new \LogicException('config parameter "issuer" must be set');
+            throw new LogicException('config parameter "issuer" must be set');
         }
         $this->config = array_merge(array(
             'id_lifetime' => 3600,
         ), $config);
     }
 
+    /**
+     * @param array $params
+     * @param null $userInfo
+     * @return array|mixed
+     */
     public function getAuthorizeResponse($params, $userInfo = null)
     {
         // build the URL to redirect to
@@ -50,6 +79,16 @@ class IdToken implements IdTokenInterface
         return array($params['redirect_uri'], $result);
     }
 
+    /**
+     * Create id token
+     *
+     * @param string $client_id
+     * @param mixed  $userInfo
+     * @param mixed  $nonce
+     * @param mixed  $userClaims
+     * @param mixed  $access_token
+     * @return mixed|string
+     */
     public function createIdToken($client_id, $userInfo, $nonce = null, $userClaims = null, $access_token = null)
     {
         // pull auth_time from user info if supplied
@@ -79,6 +118,11 @@ class IdToken implements IdTokenInterface
         return $this->encodeToken($token, $client_id);
     }
 
+    /**
+     * @param $access_token
+     * @param null $client_id
+     * @return mixed|string
+     */
     protected function createAtHash($access_token, $client_id = null)
     {
         // maps HS256 and RS256 to sha256, etc.
@@ -90,6 +134,11 @@ class IdToken implements IdTokenInterface
         return $this->encryptionUtil->urlSafeB64Encode($at_hash);
     }
 
+    /**
+     * @param array $token
+     * @param null $client_id
+     * @return mixed|string
+     */
     protected function encodeToken(array $token, $client_id = null)
     {
         $private_key = $this->publicKeyStorage->getPrivateKey($client_id);
@@ -98,6 +147,11 @@ class IdToken implements IdTokenInterface
         return $this->encryptionUtil->encode($token, $private_key, $algorithm);
     }
 
+    /**
+     * @param $userInfo
+     * @return array
+     * @throws LogicException
+     */
     private function getUserIdAndAuthTime($userInfo)
     {
         $auth_time = null;
@@ -105,7 +159,7 @@ class IdToken implements IdTokenInterface
         // support an array for user_id / auth_time
         if (is_array($userInfo)) {
             if (!isset($userInfo['user_id'])) {
-                throw new \LogicException('if $user_id argument is an array, user_id index must be set');
+                throw new LogicException('if $user_id argument is an array, user_id index must be set');
             }
 
             $auth_time = isset($userInfo['auth_time']) ? $userInfo['auth_time'] : null;
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdTokenInterface.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdTokenInterface.php
index 0bd2f8391..226a3bcbb 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdTokenInterface.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdTokenInterface.php
@@ -15,12 +15,13 @@ interface IdTokenInterface extends ResponseTypeInterface
      * If the Implicit Flow is used, the token and id_token are generated and
      * returned together.
      *
-     * @param string $client_id    The client id.
-     * @param string $user_id      The user id.
-     * @param string $nonce        OPTIONAL The nonce.
-     * @param string $userClaims   OPTIONAL Claims about the user.
-     * @param string $access_token OPTIONAL The access token, if known.
-     *
+     * @param string $client_id        - The client id.
+     * @param mixed  $userInfo         - User info
+     * @param string $nonce            - OPTIONAL The nonce.
+     * @param string $userClaims       - OPTIONAL Claims about the user.
+     * @param string $access_token     - OPTIONAL The access token, if known.
+
+     * @internal param string $user_id - The user id.
      * @return string The ID Token represented as a JSON Web Token (JWT).
      *
      * @see http://openid.net/specs/openid-connect-core-1_0.html#IDToken
diff --git a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdTokenToken.php b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdTokenToken.php
index f0c59799b..94c51ae4d 100644
--- a/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdTokenToken.php
+++ b/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdTokenToken.php
@@ -6,15 +6,33 @@ use OAuth2\ResponseType\AccessTokenInterface;
 
 class IdTokenToken implements IdTokenTokenInterface
 {
+    /**
+     * @var AccessTokenInterface
+     */
     protected $accessToken;
+
+    /**
+     * @var IdTokenInterface
+     */
     protected $idToken;
 
+    /**
+     * Constructor
+     *
+     * @param AccessTokenInterface $accessToken
+     * @param IdTokenInterface $idToken
+     */
     public function __construct(AccessTokenInterface $accessToken, IdTokenInterface $idToken)
     {
         $this->accessToken = $accessToken;
         $this->idToken = $idToken;
     }
 
+    /**
+     * @param array $params
+     * @param mixed $user_id
+     * @return mixed
+     */
     public function getAuthorizeResponse($params, $user_id = null)
     {
         $result = $this->accessToken->getAuthorizeResponse($params, $user_id);