diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..49dbaea --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +/vendor/ +/.idea/ +/composer.lock diff --git a/Controller/KeycloakController.php b/Controller/KeycloakController.php index 478d332..9842c26 100644 --- a/Controller/KeycloakController.php +++ b/Controller/KeycloakController.php @@ -9,12 +9,12 @@ class KeycloakController extends AbstractController { - public function connect(ClientRegistry $clientRegistry) + public function connect(ClientRegistry $clientRegistry): RedirectResponse { return $clientRegistry->getClient('keycloak')->redirect(); } - public function connectCheck(Request $request, string $defaultTargetRouteName) + public function connectCheck(Request $request, string $defaultTargetRouteName): RedirectResponse { $loginReferrer = null; if ($request->hasSession()) { @@ -24,12 +24,12 @@ public function connectCheck(Request $request, string $defaultTargetRouteName) return $loginReferrer ? $this->redirect($loginReferrer) : $this->redirectToRoute($defaultTargetRouteName); } - public function logout(Request $request, string $defaultTargetRouteName) + public function logout(Request $request, string $defaultTargetRouteName): RedirectResponse { return new RedirectResponse($this->generateUrl($defaultTargetRouteName)); } - public function account(ClientRegistry $clientRegistry) + public function account(ClientRegistry $clientRegistry): RedirectResponse { return $this->redirect($clientRegistry->getClient('keycloak')->getOAuth2Provider()->getResourceOwnerManageAccountUrl()); } diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php index c8d0643..0b3691c 100644 --- a/DependencyInjection/Configuration.php +++ b/DependencyInjection/Configuration.php @@ -7,7 +7,7 @@ class Configuration implements ConfigurationInterface { - public function getConfigTreeBuilder() + public function getConfigTreeBuilder(): TreeBuilder { $treeBuilder = new TreeBuilder('idci_keycloak_security'); diff --git a/DependencyInjection/IDCIKeycloakSecurityExtension.php b/DependencyInjection/IDCIKeycloakSecurityExtension.php index 406c578..065e328 100644 --- a/DependencyInjection/IDCIKeycloakSecurityExtension.php +++ b/DependencyInjection/IDCIKeycloakSecurityExtension.php @@ -10,7 +10,7 @@ class IDCIKeycloakSecurityExtension extends Extension implements PrependExtensionInterface { - public function load(array $configs, ContainerBuilder $container) + public function load(array $configs, ContainerBuilder $container): void { $configuration = new Configuration(); $config = $this->processConfiguration($configuration, $configs); @@ -23,7 +23,7 @@ public function load(array $configs, ContainerBuilder $container) $container->setParameter('idci_keycloak_security.ssl_verification', $config['ssl_verification']); } - public function prepend(ContainerBuilder $container) + public function prepend(ContainerBuilder $container): void { $bundles = $container->getParameter('kernel.bundles'); @@ -37,7 +37,7 @@ public function prepend(ContainerBuilder $container) $container->prependExtensionConfig('knpu_oauth2_client', $this->generateKeycloakAuthConfiguration($config)); } - protected function generateKeycloakAuthConfiguration(array $config) + protected function generateKeycloakAuthConfiguration(array $config): array { return [ 'clients' => [ diff --git a/EventListener/ExceptionListener.php b/EventListener/ExceptionListener.php index baeced2..f3769f2 100644 --- a/EventListener/ExceptionListener.php +++ b/EventListener/ExceptionListener.php @@ -12,14 +12,14 @@ class ExceptionListener /** * @var UrlGeneratorInterface */ - private $urlGenerator; + private UrlGeneratorInterface $urlGenerator; public function __construct(UrlGeneratorInterface $urlGenerator) { $this->urlGenerator = $urlGenerator; } - public function onKernelException(ExceptionEvent $event) + public function onKernelException(ExceptionEvent $event): void { $exception = $event->getThrowable(); diff --git a/EventListener/LogoutListener.php b/EventListener/LogoutListener.php index b1d1416..17cd17c 100644 --- a/EventListener/LogoutListener.php +++ b/EventListener/LogoutListener.php @@ -35,9 +35,9 @@ public function __construct( $this->defaultTargetRouteName = $defaultTargetRouteName; } - public function onSymfonyComponentSecurityHttpEventLogoutEvent(LogoutEvent $event) + public function onSymfonyComponentSecurityHttpEventLogoutEvent(LogoutEvent $event): void { - if (null === $event->getToken() || null === $event->getToken()->getUser()) { + if (null === $event->getToken()?->getUser()) { return; } diff --git a/IDCIKeycloakSecurityBundle.php b/IDCIKeycloakSecurityBundle.php index b73a856..074b963 100644 --- a/IDCIKeycloakSecurityBundle.php +++ b/IDCIKeycloakSecurityBundle.php @@ -12,7 +12,7 @@ class IDCIKeycloakSecurityBundle extends Bundle /** * @return void */ - public function build(ContainerBuilder $container) + public function build(ContainerBuilder $container): void { parent::build($container); } diff --git a/Provider/KeycloakProvider.php b/Provider/KeycloakProvider.php index 6b43390..05223e3 100644 --- a/Provider/KeycloakProvider.php +++ b/Provider/KeycloakProvider.php @@ -20,12 +20,12 @@ class KeycloakProvider extends AbstractProvider /** * @var string use to identify the "public"" way to call the auth server */ - const MODE_PUBLIC = 'public'; + private const MODE_PUBLIC = 'public'; /** * @var string use to identify the "private"" way to call the auth server */ - const MODE_PRIVATE = 'private'; + private const MODE_PRIVATE = 'private'; public ?string $authServerPublicUrl = null; @@ -58,17 +58,17 @@ public function decryptResponse($response): array * * @return string */ - public function getBaseUrl($mode = self::MODE_PUBLIC) + public function getBaseUrl(string $mode = self::MODE_PUBLIC): ?string { return self::MODE_PRIVATE === $mode ? $this->authServerPrivateUrl : $this->authServerPublicUrl; } - public function getBaseUrlWithRealm($mode) + public function getBaseUrlWithRealm($mode): string { return sprintf('%s/realms/%s', $this->getBaseUrl($mode), $this->realm); } - public function getResourceOwnerManageAccountUrl() + public function getResourceOwnerManageAccountUrl(): string { return sprintf('%s/account', $this->getBaseUrlWithRealm(self::MODE_PUBLIC)); } @@ -103,7 +103,7 @@ public function getBaseApiUrlWithRealm(): string return sprintf('%s/admin/realms/%s', $this->getBaseUrl(self::MODE_PRIVATE), $this->realm); } - public function getLogoutUrl(array $options = []) + public function getLogoutUrl(array $options = []): string { $base = $this->getBaseLogoutUrl(); $params = $this->getAuthorizationParameters($options); @@ -128,12 +128,12 @@ public function getResourceOwner(AccessToken $token): KeycloakResourceOwner return $this->createResourceOwner($response, $token); } - public function getClientId() + public function getClientId(): string { return $this->clientId; } - public function getClientSecret() + public function getClientSecret(): string { return $this->clientSecret; } @@ -148,7 +148,7 @@ protected function getScopeSeparator(): string return ' '; } - protected function checkResponse(ResponseInterface $response, $data) + protected function checkResponse(ResponseInterface $response, $data): void { if (!empty($data['error'])) { $error = sprintf('%s: %s', $data['error'], $data['error_description']); @@ -162,7 +162,7 @@ protected function createResourceOwner(array $response, AccessToken $token): Key return new KeycloakResourceOwner($response, $token); } - protected function getAllowedClientOptions(array $options) + protected function getAllowedClientOptions(array $options): array { return ['timeout', 'proxy', 'verify']; } diff --git a/Security/User/KeycloakBearerUser.php b/Security/User/KeycloakBearerUser.php index 725c28f..be3e0cc 100644 --- a/Security/User/KeycloakBearerUser.php +++ b/Security/User/KeycloakBearerUser.php @@ -6,23 +6,23 @@ class KeycloakBearerUser extends OAuthUser { - private ?string $accessToken; + private ?string $accessToken = null; - private ?string $clientId; + private ?string $clientId = null; - private ?string $email; + private ?string $email = null; - private ?string $displayName; + private ?string $displayName = null; - private ?string $firstName; + private ?string $firstName = null; - private ?string $lastName; + private ?string $lastName = null; - private bool $emailVerified; + private bool $emailVerified = false; public function __toString(): string { - return $this->getUsername(); + return $this->getUserIdentifier(); } public function setAccessToken(string $accessToken): self diff --git a/Security/User/KeycloakBearerUserProvider.php b/Security/User/KeycloakBearerUserProvider.php index 1e98a7f..ba6b69e 100644 --- a/Security/User/KeycloakBearerUserProvider.php +++ b/Security/User/KeycloakBearerUserProvider.php @@ -22,6 +22,7 @@ class KeycloakBearerUserProvider extends OAuthUserProvider implements KeycloakBe public function __construct(ClientRegistry $clientRegistry, HttpClientInterface $httpClient, mixed $sslVerification) { + parent::__construct(); $this->clientRegistry = $clientRegistry; $this->httpClient = $httpClient; $this->sslVerification = $sslVerification; diff --git a/Security/User/KeycloakUser.php b/Security/User/KeycloakUser.php index 8d933f5..de3b55c 100644 --- a/Security/User/KeycloakUser.php +++ b/Security/User/KeycloakUser.php @@ -29,10 +29,10 @@ public function __construct( array $roles, AccessToken $accessToken, string $id, - ?string $email, - ?string $displayName, - ?string $firstName, - ?string $lastName, + ?string $email = null, + ?string $displayName = null, + ?string $firstName = null, + ?string $lastName = null, ?string $preferredLanguage = 'en', array $resources = [] ) { diff --git a/Security/User/KeycloakUserProvider.php b/Security/User/KeycloakUserProvider.php index 0fab82c..4bd0dee 100644 --- a/Security/User/KeycloakUserProvider.php +++ b/Security/User/KeycloakUserProvider.php @@ -20,6 +20,7 @@ class KeycloakUserProvider extends OAuthUserProvider implements KeycloakUserProv public function __construct(ClientRegistry $clientRegistry, LoggerInterface $logger) { + parent::__construct(); $this->clientRegistry = $clientRegistry; $this->logger = $logger; } diff --git a/composer.json b/composer.json index 8fc6102..4a457a6 100755 --- a/composer.json +++ b/composer.json @@ -19,23 +19,24 @@ } ], "require": { - "symfony/dependency-injection": "^5.3|^6.0", - "symfony/framework-bundle": "^5.3|^6.0", - "symfony/http-client": "^5.3|^6.0", - "symfony/routing": "^5.3|^6.0", - "symfony/security-bundle": "^5.3|^6.0", - "symfony/http-foundation": "^5.3|^6.0", + "php": ">=8.1", + "symfony/dependency-injection": "^6.4|^7.0", + "symfony/framework-bundle": "^6.4|^7.0", + "symfony/http-client": "^6.4|^7.0", + "symfony/routing": "^6.4|^7.0", + "symfony/security-bundle": "^6.4|^7.0", + "symfony/http-foundation": "^6.4|^7.0", "knpuniversity/oauth2-client-bundle": "^2.0" }, "require-dev": { - "phpunit/phpunit": "^6.0", - "symfony/expression-language": "^5.3|^6.0", - "symfony/finder": "^5.3|^6.0", - "symfony/form": "^5.3|^6.0", - "symfony/stopwatch": "^5.3|^6.0", - "symfony/twig-bundle": "^5.3|^6.0", - "symfony/validator": "^5.3|^6.0", - "symfony/yaml": "^5.3|^6.0" + "phpunit/phpunit": "^10.5", + "symfony/expression-language": "^6.4|^7.0", + "symfony/finder": "^6.4|^7.0", + "symfony/form": "^6.4|^7.0", + "symfony/stopwatch": "^6.4|^7.0", + "symfony/twig-bundle": "^6.4|^7.0", + "symfony/validator": "^6.4|^7.0", + "symfony/yaml": "^6.4|^7.0" }, "autoload": { "psr-4": {