ushahidi · webong · Mar 29, 2023 · Feb 28, 2023 · Feb 28, 2023 · Feb 28, 2023
diff --git a/.github/workflows/test-and-ship.yml b/.github/workflows/test-and-ship.yml
@@ -18,8 +18,8 @@ jobs:
     strategy:
       matrix:
         php_version:
-          - 7.2
           - 7.3
+          - 7.4
 
     steps:
     - uses: actions/checkout@v3

diff --git a/Dockerfile b/Dockerfile
@@ -3,6 +3,7 @@ FROM ushahidi/php-fpm-nginx:php-7.3
 WORKDIR /var/www
 COPY composer.json ./
 COPY composer.lock ./
+RUN composer self-update --2
 RUN composer install --no-autoloader --no-scripts
 
 COPY . .

diff --git a/Homestead.yaml b/Homestead.yaml
diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php
@@ -2,22 +2,23 @@
 
 namespace App\Exceptions;
 
-use Exception;
+use Throwable;
 use Asm89\Stack\CorsService;
 use Illuminate\Auth\AuthenticationException;
+use Ushahidi\Core\Exception\NotFoundException;
+use Ushahidi\Core\Exception\ValidatorException;
+use Ushahidi\Core\Exception\AuthorizerException;
+use Ushahidi\Core\Exception\ThrottlingException;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Http\Exceptions\HttpResponseException;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
-use League\OAuth2\Server\Exception\OAuthServerException;
 use Symfony\Component\HttpKernel\Exception\HttpException;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
 use Illuminate\Validation\ValidationException as LaravelValidationException;
-use Ushahidi\Core\Exception\AuthorizerException;
-use Ushahidi\Core\Exception\NotFoundException;
-use Ushahidi\Core\Exception\ThrottlingException;
-use Ushahidi\Core\Exception\ValidatorException;
+use Laravel\Passport\Exceptions\OAuthServerException as LaravelOAuthServerException;
+use League\OAuth2\Server\Exception\OAuthServerException as LeagueOAuthServerException;
 
 class Handler extends ExceptionHandler
 {
@@ -32,7 +33,8 @@ class Handler extends ExceptionHandler
         HttpException::class,
         ModelNotFoundException::class,
         LaravelValidationException::class,
-        OAuthServerException::class,
+        LaravelOAuthServerException::class,
+        LeagueOAuthServerException::class,
     ];
 
     /**
@@ -49,14 +51,14 @@ class Handler extends ExceptionHandler
      * Report or log an exception.
      *
      * This is a great spot to send exceptions to Sentry, Bugsnag, etc.
+     * @param \Throwable $exception
      *
-     * @param  \Exception  $exception
      * @return void
      */
-    public function report(Exception $exception)
+    public function report(Throwable $exception)
     {
         if ($this->shouldReport($exception) && app()->bound('sentry')) {
-            app('sentry')->captureException($exception);
+            \Sentry\Laravel\Facade::captureException($exception);
         }
 
         parent::report($exception);
@@ -66,15 +68,17 @@ public function report(Exception $exception)
      * Render an exception into an HTTP response.
      *
      * @param  \Illuminate\Http\Request  $request
-     * @param  \Exception  $exception
+     * @param  \Throwable  $exception
      * @return \Illuminate\Http\Response
      */
-    public function render($request, Exception $exception)
+    public function render($request, Throwable $exception)
     {
         // First handle some special cases
         if ($exception instanceof HttpResponseException) {
             // @todo check if we should still reformat this for json
             return $exception->getResponse();
+        } elseif ($exception instanceof LaravelOAuthServerException) {
+            return $exception->render($request);
         } elseif ($exception instanceof ModelNotFoundException) {
             $exception = new NotFoundHttpException($exception->getMessage(), $exception);
         } elseif ($exception instanceof AuthorizationException) {

diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
@@ -14,13 +14,13 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $middleware = [
+        \App\Http\Middleware\TrustProxies::class,
         \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
         \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
         \App\Http\Middleware\TrimStrings::class,
         // \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
-        \App\Http\Middleware\TrustProxies::class,
         \App\Http\Middleware\AddContentLength::class,
-        \Barryvdh\Cors\HandleCors::class,
+        \Fruitcake\Cors\HandleCors::class,
         \App\Http\Middleware\SetLocale::class,
     ];
 

diff --git a/app/Http/Middleware/TrustProxies.php b/app/Http/Middleware/TrustProxies.php
@@ -15,15 +15,9 @@ class TrustProxies extends Middleware
     protected $proxies = '**';
 
     /**
-     * The current proxy header mappings.
+     * The headers that should be used to detect proxies.
      *
-     * @var array
+     * @var int
      */
-    protected $headers = [
-        Request::HEADER_FORWARDED => 'FORWARDED',
-        Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR',
-        Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST',
-        Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT',
-        Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',
-    ];
+    protected $headers = Request::HEADER_X_FORWARDED_ALL;
 }
diff --git a/app/Passport/ClientRepository.php b/app/Passport/ClientRepository.php
@@ -2,6 +2,7 @@
 
 namespace App\Passport;
 
+use Illuminate\Support\Str;
 use Ramsey\Uuid\Uuid as UUID;
 use Laravel\Passport\Passport;
 use Laravel\Passport\PersonalAccessClient;
@@ -93,16 +94,27 @@ public function personalAccessClient()
      * @param  int  $userId
      * @param  string  $name
      * @param  string  $redirect
+     * @param  string|null  $provider
      * @param  bool  $personalAccess
      * @param  bool  $password
+     * @param  bool  $confidential
+     *
      * @return Client
      */
-    public function create($userId, $name, $redirect, $personalAccess = false, $password = false)
-    {
+    public function create(
+        $userId,
+        $name,
+        $redirect,
+        $provider = null,
+        $personalAccess = false,
+        $password = false,
+        $confidential = true
+    ) {
         $client = (new Client)->forceFill([
             'user_id' => $userId,
             'name' => $name,
-            'secret' => str_random(40),
+            'provider' => $provider,
+            'secret' => ($confidential || $personalAccess) ? Str::random(40) : null,
             'redirect' => $redirect,
             'personal_access_client' => $personalAccess,
             'password_client' => $password,
@@ -135,11 +147,13 @@ public function createPersonalAccessClient($userId, $name, $redirect)
      * @param  int  $userId
      * @param  string  $name
      * @param  string  $redirect
+     * @param  string|null  $provider
+     *
      * @return Client
      */
-    public function createPasswordGrantClient($userId, $name, $redirect)
+    public function createPasswordGrantClient($userId, $name, $redirect, $provider = null)
     {
-        return $this->create($userId, $name, $redirect, false, true);
+        return $this->create($userId, $name, $redirect, $provider, false, true);
     }
 
     /**
@@ -168,7 +182,7 @@ public function update(LaravelPassportClient $client, $name, $redirect)
     public function regenerateSecret(LaravelPassportClient $client)
     {
         $client->forceFill([
-            'secret' => str_random(40),
+            'secret' => Str::random(40),
         ])->save();
 
         return $client;

diff --git a/app/Passport/TokenGuard.php b/app/Passport/TokenGuard.php
@@ -4,22 +4,24 @@
 
 use Exception;
 use Firebase\JWT\JWT;
-use Illuminate\Container\Container;
-use Illuminate\Contracts\Auth\Guard;
-use Illuminate\Contracts\Debug\ExceptionHandler;
-use Illuminate\Contracts\Encryption\Encrypter;
+use App\Auth\GenericUser;
+use Laravel\Passport\Token;
 use Illuminate\Http\Request;
-use Laravel\Passport\ClientRepository as LaravelPassportClientRepository;
 use Laravel\Passport\Passport;
-use Laravel\Passport\Token;
+use Illuminate\Container\Container;
+use Illuminate\Contracts\Auth\Guard;
+use Laravel\Passport\TransientToken;
 use Laravel\Passport\TokenRepository;
+use Nyholm\Psr7\Factory\Psr17Factory;
 //use Illuminate\Contracts\Auth\UserProvider;
-use Laravel\Passport\TransientToken;
-use League\OAuth2\Server\Exception\OAuthServerException;
 use League\OAuth2\Server\ResourceServer;
-use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;
+use Illuminate\Contracts\Encryption\Encrypter;
+use Illuminate\Contracts\Debug\ExceptionHandler;
+use League\OAuth2\Server\Exception\OAuthServerException as LeagueException;
+use Laravel\Passport\Exceptions\OAuthServerException;
 use Ushahidi\Contracts\Repository\Entity\UserRepository;
-use App\Auth\GenericUser;
+use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
+use Laravel\Passport\ClientRepository as LaravelPassportClientRepository;
 
 class TokenGuard //implements Guard
 {
@@ -109,7 +111,9 @@ protected function authenticateViaBearerToken($request)
         // First, we will convert the Symfony request to a PSR-7 implementation which will
         // be compatible with the base OAuth2 library. The Symfony bridge can perform a
         // conversion for us to a Zend Diactoros implementation of the PSR-7 request.
-        $psr = (new DiactorosFactory)->createRequest($request);
+        $psr17Factory = new Psr17Factory();
+        $psrHttpFactory = new PsrHttpFactory($psr17Factory, $psr17Factory, $psr17Factory, $psr17Factory);
+        $psr = $psrHttpFactory->createRequest($request);
 
         try {
             $psr = $this->server->validateAuthenticatedRequest($psr);
@@ -144,7 +148,7 @@ protected function authenticateViaBearerToken($request)
             $user = new GenericUser($user->asArray());
 
             return $token ? $user->withAccessToken($token) : null;
-        } catch (OAuthServerException $e) {
+        } catch (LeagueException $e) {
             // Log the error
             Container::getInstance()->make(
                 ExceptionHandler::class

diff --git a/app/PlatformVerifier/Env.php b/app/PlatformVerifier/Env.php
@@ -2,6 +2,8 @@
 
 namespace App\PlatformVerifier;
 
+use Dotenv\Dotenv;
+
 class Env
 {
     private static $NO_ENV = 'Required environment variables missing and no environment file found.';
@@ -40,8 +42,9 @@ public function verifyRequirements($console = true)
         $success = [];
 
         if ($this->envExists()) {
-            // load DotEnv for this script
-            (new \Dotenv\Dotenv(__DIR__.'/../../'))->load();
+             // load DotEnv for this script
+             $dotenv = Dotenv::createImmutable(__DIR__ . "/../../");
+             $dotenv->load();
         }
 
         $failures = false;

diff --git a/behat.yml.dist b/behat.yml.dist
@@ -7,7 +7,7 @@ default:
     suites:
         default:
             paths:
-                - %paths.base%/tests/Integration
+                - '%paths.base%/tests/Integration'
             contexts:
                 - Ushahidi\Tests\Integration\Bootstrap\FeatureContext
                 - Ushahidi\Tests\Integration\Bootstrap\RestContext:
-Original file line number
+Diff line change
@@ Expand Up / @@ -18,8 +18,8 @@ jobs: @@
         strategy:
           matrix:
             php_version:
-              - 7.2
               - 7.3
+              - 7.4
         steps:
         - uses: actions/checkout@v3
@@ Expand Down @@