From b286e0c219864481d0304c135197a925f56a62d4 Mon Sep 17 00:00:00 2001 From: Jonathan Vuillemin Date: Sun, 10 May 2020 14:43:17 +0200 Subject: [PATCH] Added OIDC state support to validation result --- CHANGELOG.md | 5 +++++ doc/message/oidc-resource-link-launch.md | 12 ++++++++---- .../Validator/LtiLaunchRequestValidationResult.php | 11 +++++++++++ src/Launch/Validator/LtiLaunchRequestValidator.php | 4 ++-- src/Security/Jwks/Fetcher/JwksFetcher.php | 2 +- .../LtiLaunchRequestValidationResultTest.php | 10 ++++++++++ 6 files changed, 37 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3464254a..c1f9c77f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,11 @@ CHANGELOG ========= +1.2.0 +----- + +* Added `getOidcState()` method to `LtiLaunchRequestValidationResult` + 1.1.0 ----- diff --git a/doc/message/oidc-resource-link-launch.md b/doc/message/oidc-resource-link-launch.md index 665ddf90..6014fdc5 100644 --- a/doc/message/oidc-resource-link-launch.md +++ b/doc/message/oidc-resource-link-launch.md @@ -212,11 +212,15 @@ if (!$result->hasError()) { echo $result->getRegistration()->getIdentifier(); // And to the LTI message components - echo $result->getLtiMessage()->getVersion(); // '1.3.0' - echo $result->getLtiMessage()->getContext()->getId(); // 'contextId' - echo $result->getLtiMessage()->getClaim('myCustomClaim'); // 'myCustomValue' - echo $result->getLtiMessage()->getUserIdentity(); // given by the platform at OIDC authentication + echo $result->getLtiMessage()->getVersion(); // '1.3.0' + echo $result->getLtiMessage()->getContext()->getId(); // 'contextId' + echo $result->getLtiMessage()->getClaim('myCustomClaim'); // 'myCustomValue' + echo $result->getLtiMessage()->getUserIdentity(); // given by the platform at OIDC authentication + // If needed, you can also access the OIDC state components + echo $result->getOidcState()->getToken()->__toString(); // state JWT + echo $result->getOidcState()->getToken()->getClaim('jti'); // state JWT id + // If needed, you can also access the validation successes foreach ($result->getSuccesses() as $success) { echo $success; diff --git a/src/Launch/Validator/LtiLaunchRequestValidationResult.php b/src/Launch/Validator/LtiLaunchRequestValidationResult.php index da662878..3cb355d1 100644 --- a/src/Launch/Validator/LtiLaunchRequestValidationResult.php +++ b/src/Launch/Validator/LtiLaunchRequestValidationResult.php @@ -23,6 +23,7 @@ namespace OAT\Library\Lti1p3Core\Launch\Validator; use OAT\Library\Lti1p3Core\Message\LtiMessageInterface; +use OAT\Library\Lti1p3Core\Message\MessageInterface; use OAT\Library\Lti1p3Core\Registration\RegistrationInterface; class LtiLaunchRequestValidationResult @@ -33,6 +34,9 @@ class LtiLaunchRequestValidationResult /** @var LtiMessageInterface|null */ private $ltiMessage; + /** @var MessageInterface|null */ + private $oidcState; + /** @var string[] */ private $successes; @@ -42,11 +46,13 @@ class LtiLaunchRequestValidationResult public function __construct( RegistrationInterface $registration = null, LtiMessageInterface $ltiMessage = null, + MessageInterface $oidcState = null, array $successes = [], string $error = null ) { $this->registration = $registration; $this->ltiMessage = $ltiMessage; + $this->oidcState = $oidcState; $this->successes = $successes; $this->error = $error; } @@ -61,6 +67,11 @@ public function getLtiMessage(): ?LtiMessageInterface return $this->ltiMessage; } + public function getOidcState(): ?MessageInterface + { + return $this->oidcState; + } + public function addSuccess(string $success): self { $this->successes[] = $success; diff --git a/src/Launch/Validator/LtiLaunchRequestValidator.php b/src/Launch/Validator/LtiLaunchRequestValidator.php index 3189f99f..84b71196 100644 --- a/src/Launch/Validator/LtiLaunchRequestValidator.php +++ b/src/Launch/Validator/LtiLaunchRequestValidator.php @@ -110,10 +110,10 @@ public function validate(ServerRequestInterface $request): LtiLaunchRequestValid ->validateStateSignature($registration, $oidcState) ->validateStateExpiry($oidcState); - return new LtiLaunchRequestValidationResult($registration, $ltiMessage, $this->successes); + return new LtiLaunchRequestValidationResult($registration, $ltiMessage, $oidcState, $this->successes); } catch (Throwable $exception) { - return new LtiLaunchRequestValidationResult(null, null, $this->successes, $exception->getMessage()); + return new LtiLaunchRequestValidationResult(null, null, null, $this->successes, $exception->getMessage()); } } diff --git a/src/Security/Jwks/Fetcher/JwksFetcher.php b/src/Security/Jwks/Fetcher/JwksFetcher.php index 7ea834ea..d70cb3fa 100644 --- a/src/Security/Jwks/Fetcher/JwksFetcher.php +++ b/src/Security/Jwks/Fetcher/JwksFetcher.php @@ -114,7 +114,7 @@ private function fetchJwksDataFromUrl(string $jwksUrl): ?array $this->logger->error($message); - throw new LtiException($message,$exception->getCode(), $exception); + throw new LtiException($message, $exception->getCode(), $exception); } } diff --git a/tests/Unit/Launch/Validator/LtiLaunchRequestValidationResultTest.php b/tests/Unit/Launch/Validator/LtiLaunchRequestValidationResultTest.php index b8bbd4cd..3069262a 100644 --- a/tests/Unit/Launch/Validator/LtiLaunchRequestValidationResultTest.php +++ b/tests/Unit/Launch/Validator/LtiLaunchRequestValidationResultTest.php @@ -24,6 +24,7 @@ use OAT\Library\Lti1p3Core\Launch\Validator\LtiLaunchRequestValidationResult; use OAT\Library\Lti1p3Core\Message\LtiMessageInterface; +use OAT\Library\Lti1p3Core\Message\MessageInterface; use OAT\Library\Lti1p3Core\Registration\RegistrationInterface; use PHPUnit\Framework\TestCase; @@ -47,6 +48,15 @@ public function testGetLtiMessage(): void $this->assertEquals($ltiMessageMock, $subject->getLtiMessage()); } + public function testGetOidcState(): void + { + $oidcStateMock = $this->createMock(MessageInterface::class); + + $subject = new LtiLaunchRequestValidationResult(null, null, $oidcStateMock); + + $this->assertEquals($oidcStateMock, $subject->getOidcState()); + } + public function testBehavior(): void { $subject = new LtiLaunchRequestValidationResult();