Merge pull request #1 from Micro-PHP/v1.0

Asisyas · web-flow · commit 41a74a0db554 · 2022-12-25T03:46:17.000+03:00
v1.0
diff --git a/composer.json b/composer.json
@@ -3,7 +3,7 @@
     "description": "Micro Framework: Security component",
     "type": "library",
     "license": "MIT",
-    "version": "0.1",
+    "version": "1.0",
     "autoload": {
         "psr-4": {
             "Micro\\Plugin\\Security\\": "src/"
diff --git a/src/Business/Provider/SecurityProvider.php b/src/Business/Provider/SecurityProvider.php
@@ -4,7 +4,6 @@
 
 use Micro\Plugin\Security\Business\Token\Decoder\DecoderFactoryInterface;
 use Micro\Plugin\Security\Configuration\Provider\ProviderConfigurationInterface;
-use Micro\Plugin\Security\Exception\TokenExpiredException;
 use Micro\Plugin\Security\Business\Token\Encoder\EncoderFactoryInterface;
 use Micro\Plugin\Security\Token\Token;
 use Micro\Plugin\Security\Token\TokenInterface;
@@ -27,25 +26,14 @@ public function __construct(
     /**
      * {@inheritDoc}
      */
-    public function generateToken(array $sourceData, int $lifetime = null): TokenInterface
+    public function generateToken(array $sourceData): TokenInterface
     {
-        $createdAt = time();
-        $lifetime = $lifetime ?: $this->providerConfiguration->getLifetimeDefault();
-
-        $tokenContainerData = [
-            TokenInterface::TOKEN_PARAM_DATA => $sourceData,
-            TokenInterface::TOKEN_PARAM_LIFETIME  => $lifetime,
-            TokenInterface::TOKEN_PARAM_CREATED_AT => $createdAt,
-        ];
-
         $generatedTokenString = $this->encoderFactory
             ->create($this->providerConfiguration)
-            ->encode($tokenContainerData);
+            ->encode($sourceData);
 
         return $this->createToken(
             $generatedTokenString,
-            $createdAt,
-            $lifetime,
             $sourceData
         );
     }
@@ -60,31 +48,21 @@ public function decodeToken(string $encoded): TokenInterface
             ->decode($encoded);
 
         return $this->createToken(
-            $encoded,
-            createdAt: $decoded[TokenInterface::TOKEN_PARAM_CREATED_AT ],
-            lifetime: $decoded[TokenInterface::TOKEN_PARAM_LIFETIME],
-            tokenData: (array) $decoded[TokenInterface::TOKEN_PARAM_DATA]
+            encoded: $encoded,
+            tokenData: $decoded
         );
     }
 
     /**
      * @param string $encoded
-     * @param int $createdAt
-     * @param int $lifetime
      * @param array $tokenData
      *
      * @return Token
      */
-    protected function createToken(string $encoded, int $createdAt, int $lifetime, array $tokenData): TokenInterface
+    protected function createToken(string $encoded, array $tokenData): TokenInterface
     {
-        if($lifetime > 0 && (time() > $lifetime + $createdAt)) {
-            throw new TokenExpiredException($encoded);
-        }
-
         return new Token(
             source: $encoded,
-            createdAt: $createdAt,
-            lifetime: $lifetime,
             parameters: $tokenData
         );
     }
diff --git a/src/Business/Provider/SecurityProviderInterface.php b/src/Business/Provider/SecurityProviderInterface.php
@@ -3,22 +3,36 @@
 namespace Micro\Plugin\Security\Business\Provider;
 
 
+use DomainException;
+use UnexpectedValueException;
+use Firebase\JWT\BeforeValidException;
+use Firebase\JWT\ExpiredException;
+use Firebase\JWT\SignatureInvalidException;
 use Micro\Plugin\Security\Token\TokenInterface;
+use InvalidArgumentException;
 
 interface SecurityProviderInterface
 {
     /**
      * @param array $sourceData
-     * @param int|null $lifetime
      *
      * @return TokenInterface
      */
-    public function generateToken(array $sourceData, int $lifetime = null): TokenInterface;
+    public function generateToken(array $sourceData): TokenInterface;
 
     /**
      * @param string $encoded
      *
      * @return TokenInterface
+     *
+     * @throws InvalidArgumentException     Provided key/key-array was empty or malformed
+     * @throws DomainException              Provided JWT is malformed
+     * @throws UnexpectedValueException     Provided JWT was invalid
+     * @throws SignatureInvalidException    Provided JWT was invalid because the signature verification failed
+     * @throws BeforeValidException         Provided JWT is trying to be used before it's eligible as defined by 'nbf'
+     * @throws BeforeValidException         Provided JWT is trying to be used before it's been created as defined by 'iat'
+     * @throws ExpiredException             Provided JWT has since expired, as defined by the 'exp' claim
+     *
      */
     public function decodeToken(string $encoded): TokenInterface;
 }
diff --git a/src/Business/Token/Configuration/TokenConfiguration.php b/src/Business/Token/Configuration/TokenConfiguration.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace Micro\Plugin\Security\Business\Token\Context;
+namespace Micro\Plugin\Security\Business\Token\Configuration;
 
 class TokenConfiguration
 {
diff --git a/src/Business/Token/Decoder/DecoderInterface.php b/src/Business/Token/Decoder/DecoderInterface.php
@@ -2,14 +2,26 @@
 
 namespace Micro\Plugin\Security\Business\Token\Decoder;
 
-use Micro\Plugin\Security\Token\TokenInterface;
+use DomainException;
+use UnexpectedValueException;
+use Firebase\JWT\BeforeValidException;
+use Firebase\JWT\ExpiredException;
+use Firebase\JWT\SignatureInvalidException;
 
 interface DecoderInterface
 {
     /**
      * @param string $encodedToken
      *
      * @return array
+     *
+     * @throws InvalidArgumentException     Provided key/key-array was empty or malformed
+     * @throws DomainException              Provided JWT is malformed
+     * @throws UnexpectedValueException     Provided JWT was invalid
+     * @throws SignatureInvalidException    Provided JWT was invalid because the signature verification failed
+     * @throws BeforeValidException         Provided JWT is trying to be used before it's eligible as defined by 'nbf'
+     * @throws BeforeValidException         Provided JWT is trying to be used before it's been created as defined by 'iat'
+     * @throws ExpiredException             Provided JWT has since expired, as defined by the 'exp' claim
      */
     public function decode(string $encodedToken): array;
 }
diff --git a/src/Configuration/Provider/ProviderConfiguration.php b/src/Configuration/Provider/ProviderConfiguration.php
@@ -27,7 +27,7 @@ public function getEncryptionAlgorithm(): string
     public function getSecretKey(): string
     {
         $result = $this->get(self::CFG_PROVIDER_SECRET_KEY);
-        if(!$result && $this->getEncryptionAlgorithm() === self::HS256) {
+        if(!$result && $this->getEncryptionAlgorithm() === self::ALGO_DEFAULT) {
             return self::SECRET_DEFAULT;
         }
 
@@ -40,7 +40,7 @@ public function getSecretKey(): string
     public function getPublicKey(): string
     {
         $result = $this->get(self::CFG_PROVIDER_PUB_KEY);
-        if(!$result && $this->getEncryptionAlgorithm() === self::HS256) {
+        if(!$result && $this->getEncryptionAlgorithm() === self::ALGO_DEFAULT) {
             return $this->getSecretKey();
         }
 
diff --git a/src/Configuration/Provider/ProviderConfigurationInterface.php b/src/Configuration/Provider/ProviderConfigurationInterface.php
@@ -4,14 +4,12 @@
 
 interface ProviderConfigurationInterface
 {
-    const ALGO_EDDSA = 'EdDSA';
-    const ALGO_RS256 = 'RS256';
-    const HS256 = 'HS256';
-
-    const ALGO_DEFAULT = self::HS256;
+    const ALGO_DEFAULT = 'HS256';
     const SECRET_DEFAULT = 'default_secret_phrase';
 
     /**
+     * Supported algorithms are 'ES384','ES256', 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', and 'RS512'
+     *
      * @return string
      */
     public function getEncryptionAlgorithm(): string;
diff --git a/src/Configuration/SecurityPluginConfigurationInterface.php b/src/Configuration/SecurityPluginConfigurationInterface.php
@@ -9,15 +9,10 @@ interface SecurityPluginConfigurationInterface
 
     const PROVIDER_DEFAULT = 'default';
 
-    /**
-     * @return array<string>
-     */
-    public function getProviderList(): array;
-
     /**
      * @param string $providerName
      *
      * @return ProviderConfigurationInterface
      */
-    public function getProviderConfiguration(string $providerName): ProviderConfigurationInterface;
+    public function getProviderConfiguration(string $providerName = self::PROVIDER_DEFAULT): ProviderConfigurationInterface;
 }
diff --git a/src/Exception/TokenExpiredException.php b/src/Exception/TokenExpiredException.php
@@ -4,7 +4,7 @@
 
 class TokenExpiredException extends SecurityException
 {
-    public function __construct(string $token) {
-        parent::__construct(sprintf('Token "%s" was expired.', $token));
+    public function __construct(string $token, \Throwable $throwable = null) {
+        parent::__construct(sprintf('Token "%s" was expired.', $token), 0, $throwable);
     }
 }
diff --git a/src/Facade/SecurityFacade.php b/src/Facade/SecurityFacade.php
@@ -11,21 +11,20 @@ class SecurityFacade implements SecurityFacadeInterface
 
     public function __construct(private readonly SecurityProviderFactoryInterface $securityProviderFactory)
     {
-
     }
 
     /**
      * {@inheritDoc}
      */
-    public function generateToken(array $parameters, string $providerName = null, int $lifeTime = null): TokenInterface
+    public function generateToken(array $parameters, string $providerName = null): TokenInterface
     {
         if(!$providerName) {
             $providerName = SecurityPluginConfigurationInterface::PROVIDER_DEFAULT;
         }
 
         return $this->securityProviderFactory
             ->create($providerName)
-            ->generateToken($parameters, $lifeTime);
+            ->generateToken($parameters);
     }
 
     /**
diff --git a/src/Facade/SecurityFacadeInterface.php b/src/Facade/SecurityFacadeInterface.php
@@ -2,24 +2,26 @@
 
 namespace Micro\Plugin\Security\Facade;
 
+use Firebase\JWT\ExpiredException;
 use Micro\Plugin\Security\Token\TokenInterface;
 
 interface SecurityFacadeInterface
 {
     /**
-     * @param array $content
+     * @param array $parameters
      * @param string|null $providerName
-     * @param int|null $lifeTime
      *
      * @return TokenInterface
      */
-    public function generateToken(array $content, string $providerName = null, int $lifeTime = null): TokenInterface;
+    public function generateToken(array $parameters, string $providerName = null): TokenInterface;
 
     /**
      * @param string $encoded
      * @param string|null $providerName
      *
      * @return TokenInterface
+     *
+     * @throws ExpiredException
      */
     public function decodeToken(string $encoded, string $providerName = null): TokenInterface;
 }
diff --git a/src/SecurityPlugin.php b/src/SecurityPlugin.php
@@ -3,7 +3,9 @@
 namespace Micro\Plugin\Security;
 
 use Micro\Component\DependencyInjection\Container;
-use Micro\Framework\Kernel\Plugin\AbstractPlugin;
+use Micro\Framework\Kernel\Plugin\ConfigurableInterface;
+use Micro\Framework\Kernel\Plugin\DependencyProviderInterface;
+use Micro\Framework\Kernel\Plugin\PluginConfigurationTrait;
 use Micro\Plugin\Security\Business\Provider\SecurityProviderFactory;
 use Micro\Plugin\Security\Business\Provider\SecurityProviderFactoryInterface;
 use Micro\Plugin\Security\Business\Token\Decoder\DecoderFactoryInterface;
@@ -17,8 +19,10 @@
 /**
  * @method SecurityPluginConfigurationInterface configuration()
  */
-class SecurityPlugin extends AbstractPlugin
+class SecurityPlugin implements DependencyProviderInterface, ConfigurableInterface
 {
+    use PluginConfigurationTrait;
+
     /**
      * {@inheritDoc}
      */
diff --git a/src/SecurityPluginConfiguration.php b/src/SecurityPluginConfiguration.php
@@ -2,41 +2,18 @@
 
 namespace Micro\Plugin\Security;
 
-use Micro\Framework\Kernel\Configuration\Exception\InvalidConfigurationException;
 use Micro\Framework\Kernel\Configuration\PluginConfiguration;
 use Micro\Plugin\Security\Configuration\Provider\ProviderConfiguration;
 use Micro\Plugin\Security\Configuration\Provider\ProviderConfigurationInterface;
 use Micro\Plugin\Security\Configuration\SecurityPluginConfigurationInterface;
 
 class SecurityPluginConfiguration extends PluginConfiguration implements SecurityPluginConfigurationInterface
 {
-    const CFG_PROVIDER_LIST = 'SECURITY_TOKEN_PROVIDER_LIST';
-
     /**
      * {@inheritDoc}
      */
-    public function getProviderList(): array
+    public function getProviderConfiguration(string $providerName = self::PROVIDER_DEFAULT): ProviderConfigurationInterface
     {
-        $list = $this->configuration->get(self::CFG_PROVIDER_LIST, [self::PROVIDER_DEFAULT], false);
-
-        return $this->explodeStringToArray($list);
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getProviderConfiguration(string $providerName): ProviderConfigurationInterface
-    {
-        if(!in_array($providerName, $this->getProviderList())) {
-            throw new InvalidConfigurationException(
-                printf('Security provider "%s" is defined in the configuration "%s". Available providers: [%s] ',
-                    $providerName,
-                    self::CFG_PROVIDER_LIST,
-                    implode(', ', $this->getProviderList())
-                )
-            );
-        }
-
         return new ProviderConfiguration($this->configuration, $providerName);
     }
 }
diff --git a/src/Token/Token.php b/src/Token/Token.php
@@ -6,14 +6,10 @@ class Token implements TokenInterface
 {
     /**
      * @param string $source
-     * @param int $createdAt
-     * @param int $lifetime
      * @param array $parameters
      */
     public function __construct(
         private readonly string $source,
-        private readonly int $createdAt,
-        private readonly int $lifetime,
         private readonly array $parameters
     )
     {
@@ -22,25 +18,17 @@ public function __construct(
     /**
      * {@inheritDoc}
      */
-    public function getCreatedAt(): int
-    {
-        return $this->createdAt;
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public function getLifetime(): int
+    public function getParameters(): array
     {
-        return $this->lifetime;
+        return $this->parameters;
     }
 
     /**
      * {@inheritDoc}
      */
-    public function getParameters(): array
+    public function getParameter(string $parameterName, mixed $default): mixed
     {
-        return $this->parameters;
+        return $this->parameters[$parameterName] ?? $default;
     }
 
     /**
diff --git a/src/Token/TokenInterface.php b/src/Token/TokenInterface.php

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`<?php`
`2`	`2`
`3`		`-namespace Micro\Plugin\Security\Business\Token\Context;`
	`3`	`+namespace Micro\Plugin\Security\Business\Token\Configuration;`
`4`	`4`
`5`	`5`	`class TokenConfiguration`
`6`	`6`	`{`
Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ public function getEncryptionAlgorithm(): string`
`27`	`27`	`public function getSecretKey(): string`
`28`	`28`	`{`
`29`	`29`	`$result = $this->get(self::CFG_PROVIDER_SECRET_KEY);`
`30`		`- if(!$result && $this->getEncryptionAlgorithm() === self::HS256) {`
	`30`	`+ if(!$result && $this->getEncryptionAlgorithm() === self::ALGO_DEFAULT) {`
`31`	`31`	`return self::SECRET_DEFAULT;`
`32`	`32`	`}`
`33`	`33`
`@@ -40,7 +40,7 @@ public function getSecretKey(): string`
`40`	`40`	`public function getPublicKey(): string`
`41`	`41`	`{`
`42`	`42`	`$result = $this->get(self::CFG_PROVIDER_PUB_KEY);`
`43`		`- if(!$result && $this->getEncryptionAlgorithm() === self::HS256) {`
	`43`	`+ if(!$result && $this->getEncryptionAlgorithm() === self::ALGO_DEFAULT) {`
`44`	`44`	`return $this->getSecretKey();`
`45`	`45`	`}`
`46`	`46`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@`
`4`	`4`
`5`	`5`	`class TokenExpiredException extends SecurityException`
`6`	`6`	`{`
`7`		`- public function __construct(string $token) {`
`8`		`- parent::__construct(sprintf('Token "%s" was expired.', $token));`
	`7`	`+ public function __construct(string $token, \Throwable $throwable = null) {`
	`8`	`+ parent::__construct(sprintf('Token "%s" was expired.', $token), 0, $throwable);`
`9`	`9`	`}`
`10`	`10`	`}`
Original file line number	Diff line number	Diff line change
`@@ -11,21 +11,20 @@ class SecurityFacade implements SecurityFacadeInterface`
`11`	`11`
`12`	`12`	`public function __construct(private readonly SecurityProviderFactoryInterface $securityProviderFactory)`
`13`	`13`	`{`
`14`		`-`
`15`	`14`	`}`
`16`	`15`
`17`	`16`	`/**`
`18`	`17`	`* {@inheritDoc}`
`19`	`18`	`*/`
`20`		`- public function generateToken(array $parameters, string $providerName = null, int $lifeTime = null): TokenInterface`
	`19`	`+ public function generateToken(array $parameters, string $providerName = null): TokenInterface`
`21`	`20`	`{`
`22`	`21`	`if(!$providerName) {`
`23`	`22`	`$providerName = SecurityPluginConfigurationInterface::PROVIDER_DEFAULT;`
`24`	`23`	`}`
`25`	`24`
`26`	`25`	`return $this->securityProviderFactory`
`27`	`26`	`->create($providerName)`
`28`		`- ->generateToken($parameters, $lifeTime);`
	`27`	`+ ->generateToken($parameters);`
`29`	`28`	`}`
`30`	`29`
`31`	`30`	`/**`