1 files changed, 60 insertions, 74 deletions

diff --git a/vendor/sabre/http/lib/Auth/AWS.php b/vendor/sabre/http/lib/Auth/AWS.php
index 5e176646a..ffda3cf15 100644
--- a/vendor/sabre/http/lib/Auth/AWS.php
+++ b/vendor/sabre/http/lib/Auth/AWS.php
@@ -1,11 +1,13 @@
 <?php
 
+declare(strict_types=1);
+
 namespace Sabre\HTTP\Auth;
 
-use Sabre\HTTP\Util;
+use Sabre\HTTP;
 
 /**
- * HTTP AWS Authentication handler
+ * HTTP AWS Authentication handler.
  *
  * Use this class to leverage amazon's AWS authentication header
  *
@@ -13,24 +15,24 @@ use Sabre\HTTP\Util;
  * @author Evert Pot (http://evertpot.com/)
  * @license http://sabre.io/license/ Modified BSD License
  */
-class AWS extends AbstractAuth {
-
+class AWS extends AbstractAuth
+{
     /**
-     * The signature supplied by the HTTP client
+     * The signature supplied by the HTTP client.
      *
      * @var string
      */
     private $signature = null;
 
     /**
-     * The accesskey supplied by the HTTP client
+     * The accesskey supplied by the HTTP client.
      *
      * @var string
      */
     private $accessKey = null;
 
     /**
-     * An error code, if any
+     * An error code, if any.
      *
      * This value will be filled with one of the ERR_* constants
      *
@@ -45,47 +47,45 @@ class AWS extends AbstractAuth {
     const ERR_INVALIDSIGNATURE = 5;
 
     /**
-     * Gathers all information from the headers
+     * Gathers all information from the headers.
      *
      * This method needs to be called prior to anything else.
-     *
-     * @return bool
      */
-    function init() {
-
+    public function init(): bool
+    {
         $authHeader = $this->request->getHeader('Authorization');
+
+        if (null === $authHeader) {
+            $this->errorCode = self::ERR_NOAWSHEADER;
+
+            return false;
+        }
         $authHeader = explode(' ', $authHeader);
 
-        if ($authHeader[0] != 'AWS' || !isset($authHeader[1])) {
+        if ('AWS' !== $authHeader[0] || !isset($authHeader[1])) {
             $this->errorCode = self::ERR_NOAWSHEADER;
-             return false;
+
+            return false;
         }
 
         list($this->accessKey, $this->signature) = explode(':', $authHeader[1]);
 
         return true;
-
     }
 
     /**
-     * Returns the username for the request
-     *
-     * @return string
+     * Returns the username for the request.
      */
-    function getAccessKey() {
-
+    public function getAccessKey(): string
+    {
         return $this->accessKey;
-
     }
 
     /**
-     * Validates the signature based on the secretKey
-     *
-     * @param string $secretKey
-     * @return bool
+     * Validates the signature based on the secretKey.
      */
-    function validate($secretKey) {
-
+    public function validate(string $secretKey): bool
+    {
         $contentMD5 = $this->request->getHeader('Content-MD5');
 
         if ($contentMD5) {
@@ -93,57 +93,53 @@ class AWS extends AbstractAuth {
             $body = $this->request->getBody();
             $this->request->setBody($body);
 
-            if ($contentMD5 != base64_encode(md5($body, true))) {
+            if ($contentMD5 !== base64_encode(md5((string) $body, true))) {
                 // content-md5 header did not match md5 signature of body
                 $this->errorCode = self::ERR_MD5CHECKSUMWRONG;
+
                 return false;
             }
-
         }
 
-        if (!$requestDate = $this->request->getHeader('x-amz-date'))
+        if (!$requestDate = $this->request->getHeader('x-amz-date')) {
             $requestDate = $this->request->getHeader('Date');
+        }
 
-        if (!$this->validateRFC2616Date($requestDate))
+        if (!$this->validateRFC2616Date((string) $requestDate)) {
             return false;
+        }
 
         $amzHeaders = $this->getAmzHeaders();
 
         $signature = base64_encode(
             $this->hmacsha1($secretKey,
-                $this->request->getMethod() . "\n" .
-                $contentMD5 . "\n" .
-                $this->request->getHeader('Content-type') . "\n" .
-                $requestDate . "\n" .
-                $amzHeaders .
+                $this->request->getMethod()."\n".
+                $contentMD5."\n".
+                $this->request->getHeader('Content-type')."\n".
+                $requestDate."\n".
+                $amzHeaders.
                 $this->request->getUrl()
             )
         );
 
-        if ($this->signature != $signature) {
-
+        if ($this->signature !== $signature) {
             $this->errorCode = self::ERR_INVALIDSIGNATURE;
-            return false;
 
+            return false;
         }
 
         return true;
-
     }
 
-
     /**
-     * Returns an HTTP 401 header, forcing login
+     * Returns an HTTP 401 header, forcing login.
      *
      * This should be called when username and password are incorrect, or not supplied at all
-     *
-     * @return void
      */
-    function requireLogin() {
-
+    public function requireLogin()
+    {
         $this->response->addHeader('WWW-Authenticate', 'AWS');
         $this->response->setStatus(401);
-
     }
 
     /**
@@ -154,17 +150,15 @@ class AWS extends AbstractAuth {
      *
      * This function also makes sure the Date header is within 15 minutes of the operating
      * system date, to prevent replay attacks.
-     *
-     * @param string $dateHeader
-     * @return bool
      */
-    protected function validateRFC2616Date($dateHeader) {
-
-        $date = Util::parseHTTPDate($dateHeader);
+    protected function validateRFC2616Date(string $dateHeader): bool
+    {
+        $date = HTTP\parseDate($dateHeader);
 
         // Unknown format
         if (!$date) {
             $this->errorCode = self::ERR_INVALIDDATEFORMAT;
+
             return false;
         }
 
@@ -174,47 +168,40 @@ class AWS extends AbstractAuth {
         // We allow 15 minutes around the current date/time
         if ($date > $max || $date < $min) {
             $this->errorCode = self::ERR_REQUESTTIMESKEWED;
+
             return false;
         }
 
-        return $date;
-
+        return true;
     }
 
     /**
-     * Returns a list of AMZ headers
-     *
-     * @return string
+     * Returns a list of AMZ headers.
      */
-    protected function getAmzHeaders() {
-
+    protected function getAmzHeaders(): string
+    {
         $amzHeaders = [];
         $headers = $this->request->getHeaders();
         foreach ($headers as $headerName => $headerValue) {
-            if (strpos(strtolower($headerName), 'x-amz-') === 0) {
-                $amzHeaders[strtolower($headerName)] = str_replace(["\r\n"], [' '], $headerValue[0]) . "\n";
+            if (0 === strpos(strtolower($headerName), 'x-amz-')) {
+                $amzHeaders[strtolower($headerName)] = str_replace(["\r\n"], [' '], $headerValue[0])."\n";
             }
         }
         ksort($amzHeaders);
 
         $headerStr = '';
         foreach ($amzHeaders as $h => $v) {
-            $headerStr .= $h . ':' . $v;
+            $headerStr .= $h.':'.$v;
         }
 
         return $headerStr;
-
     }
 
     /**
-     * Generates an HMAC-SHA1 signature
-     *
-     * @param string $key
-     * @param string $message
-     * @return string
+     * Generates an HMAC-SHA1 signature.
      */
-    private function hmacsha1($key, $message) {
-
+    private function hmacsha1(string $key, string $message): string
+    {
         if (function_exists('hash_hmac')) {
             return hash_hmac('sha1', $message, $key, true);
         }
@@ -226,9 +213,8 @@ class AWS extends AbstractAuth {
         $key = str_pad($key, $blocksize, chr(0x00));
         $ipad = str_repeat(chr(0x36), $blocksize);
         $opad = str_repeat(chr(0x5c), $blocksize);
-        $hmac = pack('H*', sha1(($key ^ $opad) . pack('H*', sha1(($key ^ $ipad) . $message))));
-        return $hmac;
+        $hmac = pack('H*', sha1(($key ^ $opad).pack('H*', sha1(($key ^ $ipad).$message))));
 
+        return $hmac;
     }
-
 }