Skip to content

Commit

Permalink
added MD5 support
Browse files Browse the repository at this point in the history
  • Loading branch information
@gaokevin1
gaokevin1 committed Dec 27, 2024
1 parent 25878e9 commit e2ea284
Show file tree
Hide file tree
Showing 5 changed files with 79 additions and 16 deletions.
7 changes: 7 additions & 0 deletions src/SDK/Configuration/SDKConfig.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,13 +47,20 @@ private function fetchJWKSets(): array
{
try {
$url = EndpointsV2::getPublicKeyPath() . '/' . $this->projectId;
<<<<<<< Updated upstream
$response = $this->client->request('GET', $url);
$jwkSets = json_decode($response->getBody(), true);

if (!isset($jwkSets['keys']) || !is_array($jwkSets['keys'])) {
throw new \Exception('Invalid JWK response');
}

=======

// Fetch JWK public key from Descope API
$res = $this->client->request('GET', $url);
$jwkSets = json_decode($res->getBody(), true);
>>>>>>> Stashed changes
return $jwkSets;
} catch (RequestException $e) {
throw new \Exception('Failed to fetch JWK KeySet: ' . $e->getMessage());
Expand Down
31 changes: 16 additions & 15 deletions src/SDK/DescopeSDK.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
use Descope\SDK\Auth\Management\Audit;
use Descope\SDK\EndpointsV1;
use Descope\SDK\EndpointsV2;
use Descope\SDK\Exception\AuthException;

use Descope\SDK\Management\MgmtV1;

Expand Down Expand Up @@ -62,10 +63,10 @@ public function __construct(array $config)
*/
public function verify($sessionToken = null): bool
{
$sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::SESSION_COOKIE_NAME] ?? null;
$sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::$SESSION_COOKIE_NAME] ?? null;

if (!$sessionToken) {
throw new \InvalidArgumentException('Session token is required.');
throw new \InvalidArgumentException('Session token cannot be null or empty.');
}

$verifier = new Verifier($this->config, $this->api);
Expand All @@ -81,10 +82,10 @@ public function verify($sessionToken = null): bool
*/
public function refreshSession($refreshToken = null): array
{
$refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
$refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;

if (empty($refreshToken)) {
throw new AuthException('Refresh token cannot be null or empty.');
throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
}

try {
Expand All @@ -111,11 +112,11 @@ public function refreshSession($refreshToken = null): array
*/
public function verifyAndRefreshSession($sessionToken = null, $refreshToken = null): array
{
$sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::SESSION_COOKIE_NAME] ?? null;
$refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
$sessionToken = $sessionToken ?? $_COOKIE[EndpointsV1::$SESSION_COOKIE_NAME] ?? null;
$refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;

if (empty($sessionToken) || empty($refreshToken)) {
throw new AuthException(400, 'Session or refresh token cannot be null or empty.');
throw new \InvalidArgumentException('Session or refresh token cannot be null or empty.');
}

try {
Expand All @@ -135,10 +136,10 @@ public function verifyAndRefreshSession($sessionToken = null, $refreshToken = nu
*/
public function getClaims($token = null): array
{
$token = $token ?? $_COOKIE[EndpointsV1::SESSION_COOKIE_NAME] ?? null;
$token = $token ?? $_COOKIE[EndpointsV1::$SESSION_COOKIE_NAME] ?? null;

if (!$token) {
throw new \InvalidArgumentException('Token is required.');
throw new \InvalidArgumentException('Session token cannot be null or empty.');
}

$extractor = new Extractor($this->config);
Expand All @@ -154,10 +155,10 @@ public function getClaims($token = null): array
*/
public function getUserDetails(string $refreshToken = null): array
{
$refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
$refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;

if (!$refreshToken) {
throw new \InvalidArgumentException('Refresh token is required.');
throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
}

try {
Expand All @@ -182,10 +183,10 @@ public function getUserDetails(string $refreshToken = null): array
*/
public function logout(string $refreshToken = null): void
{
$refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
$refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;

if (!$refreshToken) {
throw new \InvalidArgumentException('Refresh token is required.');
throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
}

try {
Expand All @@ -212,10 +213,10 @@ public function logout(string $refreshToken = null): void
*/
public function logoutAll(string $refreshToken = null): void
{
$refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::REFRESH_COOKIE_NAME] ?? null;
$refreshToken = $refreshToken ?? $_COOKIE[EndpointsV1::$REFRESH_COOKIE_NAME] ?? null;

if (!$refreshToken) {
throw new \InvalidArgumentException('Refresh token is required.');
throw new \InvalidArgumentException('Refresh token cannot be null or empty.');
}

try {
Expand Down
41 changes: 41 additions & 0 deletions src/SDK/Management/Password/UserPasswordMD5.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
<?php
// phpcs:ignoreFile

declare(strict_types=1);

namespace Descope\SDK\Management\Password;

/**
* Class UserPasswordMD5
*
* Represents a user password hashed using the MD5 hashing scheme.
*
*/
class UserPasswordMD5
{
public string $hash;

/**
* Constructor to initialize MD5 password details.
*
* @param string $hash The MD5 hash in plaintext format.
*/
public function __construct(string $hash)
{
$this->hash = $hash;
}

/**
* Convert object data to an array format.
*
* @return array The password data as an associative array.
*/
public function toArray(): array
{
return [
'md5' => [
'hash' => $this->hash,
],
];
}
}
2 changes: 1 addition & 1 deletion src/SDK/Token/Extractor.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ public function parseToken(string $sessionToken): array

/**
* Validate a JWT using the provided JWK Set.
*/
*/
public function validateJWT(string $sessionToken): array
{
$useRefreshedKey = false;
Expand Down
14 changes: 14 additions & 0 deletions src/tests/Management/UserPwdTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
use Descope\SDK\Management\Password\UserPasswordFirebase;
use Descope\SDK\Management\Password\UserPasswordPbkdf2;
use Descope\SDK\Management\Password\UserPasswordDjango;
use Descope\SDK\Management\Password\UserPasswordMD5;

class UserPwdTest extends TestCase
{
Expand Down Expand Up @@ -81,6 +82,19 @@ public function testUserPasswordDjango()
$this->assertEquals($expectedArray, $userPasswordDjango->toArray());
}

public function testUserPasswordMD5()
{
$md5Hash = 'pbkdf2_sha256$30000$hashvalue';
$userPasswordMD5 = new UserPasswordMD5($md5Hash);
$expectedArray = [
'md5' => [
'hash' => $md5Hash,
],
];

$this->assertEquals($expectedArray, $userPasswordMD5->toArray());
}

public function testUserPasswordWithCleartext()
{
$cleartextPassword = 'mypassword';
Expand Down

0 comments on commit e2ea284

Please sign in to comment.