2121class GoogleAuthorizer extends Authorizer
2222{
2323 use CredentialFieldsCheckTrait;
24-
25- /**
26- * @var RepositoryInterface
27- */
28- private $ user_repository
29-
30- /**
31- * @var Google_Client
32- */
33- private $ google_client
34-
35- /**
36- * @var string
37- */
38- private $ client_id
39-
40- /**
41- * @var array
42- */
43- private $ user_profile
24+ private RepositoryInterface $ user_repository
25+ private Google_Client $ google_client
26+ private string $ client_id
27+ private array $ user_profile
4428
4529 /**
4630 * GoogleAuthorizer constructor.
4731 *
48- * @param RepositoryInterface $user_repository
49- * @param Google_Client $google_client
50- * @param $client_id
32+ * @param RepositoryInterface $user_repository
33+ * @param Google_Client $google_client
34+ * @param string $client_id
5135 * @param ExceptionHandlerInterface|null $exception_handler
5236 */
53- public function __construct (RepositoryInterface $ user_repositoryGoogle_Client $ google_client$ client_idExceptionHandlerInterface $ exception_handlernull )
54- {
37+ public function __construct (
38+ RepositoryInterface $ user_repository
39+ Google_Client $ google_client
40+ string $ client_id
41+ ExceptionHandlerInterface $ exception_handlernull
42+ ) {
5543 $ this user_repository = $ user_repository
5644 $ this google_client = $ google_client
5745 $ this client_id = $ client_id
@@ -65,16 +53,15 @@ public function __construct(RepositoryInterface $user_repository, Google_Client
6553 *
6654 * {@inheritdoc}
6755 */
68- public function verifyCredentials (array $ credentials
56+ public function verifyCredentials (array $ credentials: ? AuthenticatedUserInterface
6957 {
70- $ this verifyRequiredFields ($ credentials'token ' , 'username ' ]);
71-
58+ $ this verifyRequiredFields ($ credentials'token ' ]);
7259 $ token$ credentials'token ' ];
73- $ username$ credentials'username ' ];
7460
7561 $ payload$ this google_client ->verifyIdToken ($ token
62+ $ username$ payload'email ' ] ?? $ credentials'username ' ];
7663
77- $ this verifyGoogleProfile ($ payload$ username
64+ $ this verifyGoogleProfile ($ payload$ credentials [ ' username ' ] ?? null );
7865 $ this user_profile = $ payload
7966
8067 $ user$ this user_repository ->findByUsername ($ username
@@ -86,16 +73,16 @@ public function verifyCredentials(array $credentials)
8673 /**
8774 * @return array
8875 */
89- public function getUserProfile ()
76+ public function getUserProfile (): array
9077 {
9178 return $ this user_profile ;
9279 }
9380
9481 /**
95- * @param array $payload
96- * @param string $username
82+ * @param array $payload
83+ * @param string|null $username
9784 */
98- private function verifyGoogleProfile (array $ payload$ username
85+ private function verifyGoogleProfile (array $ payload? string $ username: void
9986 {
10087 if ($ this client_id !== $ payload'aud ' ]) {
10188 throw new RuntimeException ('Unrecognized google_client ' );
@@ -105,15 +92,15 @@ private function verifyGoogleProfile(array $payload, $username)
10592 throw new RuntimeException ('Wrong issuer ' );
10693 }
10794
108- if ($ username$ payload'email ' ]) {
95+ if ($ username&& $ username !== $ payload'email ' ]) {
10996 throw new RuntimeException ('Email is not verified by Google ' );
11097 }
11198 }
11299
113100 /**
114101 * @param AuthenticatedUserInterface|null $user
115102 */
116- private function verifyUser (AuthenticatedUserInterface $ usernull )
103+ private function verifyUser (AuthenticatedUserInterface $ usernull ): void
117104 {
118105 if (!$ user$ usercanAuthenticate ()) {
119106 throw new UserNotFoundException ();
@@ -123,7 +110,7 @@ private function verifyUser(AuthenticatedUserInterface $user = null)
123110 /**
124111 * @return array
125112 */
126- private function getDomains ()
113+ private function getDomains (): array
127114 {
128115 return ['accounts.google.com ' , 'https://accounts.google.com ' ];
129116 }
0 commit comments