[Web] update stevenmaguire/oauth2-keycloak and firebase/php-jwt

data/web/inc/lib/vendor/stevenmaguire/oauth2-keycloak/.travis.yml

@@ -3,9 +3,12 @@ language: php
 sudo: false
 
 php:
-  - 5.6
-  - 7.0
-  - 7.1
+  - 7.2
+  - 7.3
+  - 7.4
+  - 8.0
+  - 8.1
+  - 8.2
 
 matrix:
   include:

data/web/inc/lib/vendor/stevenmaguire/oauth2-keycloak/README.md

@@ -36,6 +36,7 @@ $provider = new Stevenmaguire\OAuth2\Client\Provider\Keycloak([
     'encryptionAlgorithm'   => 'RS256',                             // optional
     'encryptionKeyPath'     => '../key.pem'                         // optional
     'encryptionKey'         => 'contents_of_key_or_certificate'     // optional
+    'version'               => '20.0.1',                            // optional
 ]);
 
 if (!isset($_GET['code'])) {

data/web/inc/lib/vendor/stevenmaguire/oauth2-keycloak/composer.json

@@ -18,13 +18,14 @@
         "keycloak"
     ],
     "require": {
+        "php": "~7.2 || ~8.0",
         "league/oauth2-client": "^2.0",
-        "firebase/php-jwt": "~4.0|~5.0"
+        "firebase/php-jwt": "^4.0 || ^5.0 || ^6.0"
     },
     "require-dev": {
-        "phpunit/phpunit": "~4.0",
-        "mockery/mockery": "~0.9",
-        "squizlabs/php_codesniffer": "~2.0"
+        "phpunit/phpunit": "~9.6.4",
+        "mockery/mockery": "~1.5.0",
+        "squizlabs/php_codesniffer": "~3.7.0"
     },
     "autoload": {
         "psr-4": {
@@ -40,5 +41,11 @@
         "branch-alias": {
             "dev-master": "1.0.x-dev"
         }
+    },
+    "scripts": {
+        "test": [
+            "@putenv XDEBUG_MODE=coverage",
+            "phpunit --colors=always"
+        ]
     }
-}
+}

data/web/inc/lib/vendor/stevenmaguire/oauth2-keycloak/phpunit.xml.dist

@@ -1,38 +1,33 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phpunit backupGlobals="false"
-         backupStaticAttributes="false"
          bootstrap="vendor/autoload.php"
          colors="true"
-         convertErrorsToExceptions="true"
-         convertNoticesToExceptions="true"
-         convertWarningsToExceptions="true"
          processIsolation="false"
          stopOnFailure="false"
-         syntaxCheck="false"
+         failOnRisky="true"
+         failOnWarning="true"
 >
-    <logging>
-        <log type="coverage-html"
-                target="./build/coverage/html"
-                charset="UTF-8"
-                highlight="false"
-                lowUpperBound="35"
-                highLowerBound="70"/>
-          <log type="coverage-clover"
-                target="./build/coverage/log/coverage.xml"/>
-    </logging>
+    <coverage includeUncoveredFiles="true"
+              pathCoverage="false"
+              ignoreDeprecatedCodeUnits="true"
+              disableCodeCoverageIgnore="true">
+        <include>
+            <directory suffix=".php">src</directory>
+        </include>
+        <exclude>
+            <directory suffix=".php">vendor</directory>
+            <file>src/autoload.php</file>
+        </exclude>
+        <report>
+            <html outputDirectory="./build/coverage/html"
+                  lowUpperBound="35"
+                  highLowerBound="70"/>
+            <clover outputFile="./build/coverage/log/coverage.xml"/>
+        </report>
+    </coverage>
     <testsuites>
         <testsuite name="Package Test Suite">
             <directory suffix=".php">./test/</directory>
         </testsuite>
     </testsuites>
-    <filter>
-        <whitelist>
-            <directory suffix=".php">./</directory>
-            <exclude>
-                <directory suffix=".php">./examples</directory>
-                <directory suffix=".php">./vendor</directory>
-                <directory suffix=".php">./test</directory>
-            </exclude>
-        </whitelist>
-    </filter>
 </phpunit>

data/web/inc/lib/vendor/stevenmaguire/oauth2-keycloak/test/src/Provider/KeycloakTest.php

@@ -23,18 +23,22 @@ namespace Stevenmaguire\OAuth2\Client\Provider
 
 namespace Stevenmaguire\OAuth2\Client\Test\Provider
 {
+    use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
     use League\OAuth2\Client\Tool\QueryBuilderTrait;
     use Mockery as m;
+    use PHPUnit\Framework\TestCase;
+    use Stevenmaguire\OAuth2\Client\Provider\Exception\EncryptionConfigurationException;
+    use Stevenmaguire\OAuth2\Client\Provider\Keycloak;
 
-    class KeycloakTest extends \PHPUnit_Framework_TestCase
+    class KeycloakTest extends TestCase
     {
         use QueryBuilderTrait;
 
         protected $provider;
 
-        protected function setUp()
+        protected function setUp(): void
         {
-            $this->provider = new \Stevenmaguire\OAuth2\Client\Provider\Keycloak([
+            $this->provider = new Keycloak([
                 'authServerUrl' => 'http://mock.url/auth',
                 'realm' => 'mock_realm',
                 'clientId' => 'mock_client_id',
@@ -43,7 +47,7 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
             ]);
         }
 
-        public function tearDown()
+        public function tearDown(): void
         {
             m::close();
             parent::tearDown();
@@ -67,7 +71,7 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
         public function testEncryptionAlgorithm()
         {
             $algorithm = uniqid();
-            $provider = new \Stevenmaguire\OAuth2\Client\Provider\Keycloak([
+            $provider = new Keycloak([
                 'encryptionAlgorithm' => $algorithm,
             ]);
 
@@ -82,7 +86,7 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
         public function testEncryptionKey()
         {
             $key = uniqid();
-            $provider = new \Stevenmaguire\OAuth2\Client\Provider\Keycloak([
+            $provider = new Keycloak([
                 'encryptionKey' => $key,
             ]);
 
@@ -101,7 +105,7 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
             $key = uniqid();
             $mockFileGetContents = $key;
 
-            $provider = new \Stevenmaguire\OAuth2\Client\Provider\Keycloak([
+            $provider = new Keycloak([
                 'encryptionKeyPath' => $path,
             ]);
 
@@ -118,12 +122,14 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
 
         public function testEncryptionKeyPathFails()
         {
+            $this->markTestIncomplete('Need to assess the test to see what is required to be checked.');
+
             global $mockFileGetContents;
             $path = uniqid();
             $key = uniqid();
             $mockFileGetContents = new \Exception();
 
-            $provider = new \Stevenmaguire\OAuth2\Client\Provider\Keycloak([
+            $provider = new Keycloak([
                 'encryptionKeyPath' => $path,
             ]);
 
@@ -137,7 +143,7 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
             $query = ['scope' => implode($scopeSeparator, $options['scope'])];
             $url = $this->provider->getAuthorizationUrl($options);
             $encodedScope = $this->buildQueryString($query);
-            $this->assertContains($encodedScope, $url);
+            $this->assertStringContainsString($encodedScope, $url);
         }
 
         public function testGetAuthorizationUrl()
@@ -169,11 +175,15 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
         public function testGetAccessToken()
         {
             $response = m::mock('Psr\Http\Message\ResponseInterface');
-            $response->shouldReceive('getBody')->andReturn('{"access_token":"mock_access_token", "scope":"email", "token_type":"bearer"}');
-            $response->shouldReceive('getHeader')->andReturn(['content-type' => 'json']);
+            $response->shouldReceive('getBody')
+                ->andReturn('{"access_token":"mock_access_token", "scope":"email", "token_type":"bearer"}');
+            $response->shouldReceive('getHeader')
+                ->andReturn(['content-type' => 'json']);
 
             $client = m::mock('GuzzleHttp\ClientInterface');
-            $client->shouldReceive('send')->times(1)->andReturn($response);
+            $client->shouldReceive('send')
+                ->times(1)
+                ->andReturn($response);
             $this->provider->setHttpClient($client);
 
             $token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']);
@@ -186,18 +196,24 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
 
         public function testUserData()
         {
-            $userId = rand(1000,9999);
+            $userId = rand(1000, 9999);
             $name = uniqid();
             $nickname = uniqid();
             $email = uniqid();
 
             $postResponse = m::mock('Psr\Http\Message\ResponseInterface');
-            $postResponse->shouldReceive('getBody')->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}');
-            $postResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
+            $postResponse->shouldReceive('getBody')
+                ->andReturn(
+                    'access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}'
+                );
+            $postResponse->shouldReceive('getHeader')
+                ->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
 
             $userResponse = m::mock('Psr\Http\Message\ResponseInterface');
-            $userResponse->shouldReceive('getBody')->andReturn('{"sub": '.$userId.', "name": "'.$name.'", "email": "'.$email.'"}');
-            $userResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'json']);
+            $userResponse->shouldReceive('getBody')
+                ->andReturn('{"sub": '.$userId.', "name": "'.$name.'", "email": "'.$email.'"}');
+            $userResponse->shouldReceive('getHeader')
+                ->andReturn(['content-type' => 'json']);
 
             $client = m::mock('GuzzleHttp\ClientInterface');
             $client->shouldReceive('send')
@@ -218,7 +234,7 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
 
         public function testUserDataWithEncryption()
         {
-            $userId = rand(1000,9999);
+            $userId = rand(1000, 9999);
             $name = uniqid();
             $nickname = uniqid();
             $email = uniqid();
@@ -227,21 +243,31 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
             $key = uniqid();
 
             $postResponse = m::mock('Psr\Http\Message\ResponseInterface');
-            $postResponse->shouldReceive('getBody')->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}');
-            $postResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
-            $postResponse->shouldReceive('getStatusCode')->andReturn(200);
+            $postResponse->shouldReceive('getBody')
+                ->andReturn(
+                    'access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}'
+                );
+            $postResponse->shouldReceive('getHeader')
+                ->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
+            $postResponse->shouldReceive('getStatusCode')
+                ->andReturn(200);
 
             $userResponse = m::mock('Psr\Http\Message\ResponseInterface');
-            $userResponse->shouldReceive('getBody')->andReturn($jwt);
-            $userResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/jwt']);
-            $userResponse->shouldReceive('getStatusCode')->andReturn(200);
+            $userResponse->shouldReceive('getBody')
+                ->andReturn($jwt);
+            $userResponse->shouldReceive('getHeader')
+                ->andReturn(['content-type' => 'application/jwt']);
+            $userResponse->shouldReceive('getStatusCode')
+                ->andReturn(200);
 
             $decoder = \Mockery::mock('overload:Firebase\JWT\JWT');
-            $decoder->shouldReceive('decode')->with($jwt, $key, [$algorithm])->andReturn([
-                'sub' => $userId,
-                'email' => $email,
-                'name' => $name,
-            ]);
+            $decoder->shouldReceive('decode')
+                ->with($jwt, $key, [$algorithm])
+                ->andReturn([
+                    'sub' => $userId,
+                    'email' => $email,
+                    'name' => $name,
+                ]);
 
             $client = m::mock('GuzzleHttp\ClientInterface');
             $client->shouldReceive('send')
@@ -262,20 +288,27 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
             $this->assertEquals($email, $user->toArray()['email']);
         }
 
-        /**
-         * @expectedException Stevenmaguire\OAuth2\Client\Provider\Exception\EncryptionConfigurationException
-         */
         public function testUserDataFailsWhenEncryptionEncounteredAndNotConfigured()
         {
+            $this->expectException(EncryptionConfigurationException::class);
+
             $postResponse = m::mock('Psr\Http\Message\ResponseInterface');
-            $postResponse->shouldReceive('getBody')->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}');
-            $postResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
-            $postResponse->shouldReceive('getStatusCode')->andReturn(200);
+            $postResponse->shouldReceive('getBody')
+                ->andReturn(
+                    'access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}'
+                );
+            $postResponse->shouldReceive('getHeader')
+                ->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
+            $postResponse->shouldReceive('getStatusCode')
+                ->andReturn(200);
 
             $userResponse = m::mock('Psr\Http\Message\ResponseInterface');
-            $userResponse->shouldReceive('getBody')->andReturn(uniqid());
-            $userResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/jwt']);
-            $userResponse->shouldReceive('getStatusCode')->andReturn(200);
+            $userResponse->shouldReceive('getBody')
+                ->andReturn(uniqid());
+            $userResponse->shouldReceive('getHeader')
+                ->andReturn(['content-type' => 'application/jwt']);
+            $userResponse->shouldReceive('getStatusCode')
+                ->andReturn(200);
 
             $client = m::mock('GuzzleHttp\ClientInterface');
             $client->shouldReceive('send')
@@ -287,17 +320,20 @@ namespace Stevenmaguire\OAuth2\Client\Test\Provider
             $user = $this->provider->getResourceOwner($token);
         }
 
-        /**
-         * @expectedException League\OAuth2\Client\Provider\Exception\IdentityProviderException
-         */
         public function testErrorResponse()
         {
+            $this->expectException(IdentityProviderException::class);
+
             $response = m::mock('Psr\Http\Message\ResponseInterface');
-            $response->shouldReceive('getBody')->andReturn('{"error": "invalid_grant", "error_description": "Code not found"}');
-            $response->shouldReceive('getHeader')->andReturn(['content-type' => 'json']);
+            $response->shouldReceive('getBody')
+                ->andReturn('{"error": "invalid_grant", "error_description": "Code not found"}');
+            $response->shouldReceive('getHeader')
+                ->andReturn(['content-type' => 'json']);
 
             $client = m::mock('GuzzleHttp\ClientInterface');
-            $client->shouldReceive('send')->times(1)->andReturn($response);
+            $client->shouldReceive('send')
+                ->times(1)
+                ->andReturn($response);
             $this->provider->setHttpClient($client);
 
             $token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']);