GDATASoftwareAG · unglaublicherdude · Jul 10, 2024 · Jun 27, 2024 · Jun 28, 2024 · Jun 28, 2024
diff --git a/.github/workflows/image-retention.yaml b/.github/workflows/image-retention.yaml
@@ -7,6 +7,9 @@ on:
     branches:
       - "*"
       - "!main" # excludes main
+    paths:
+      - "github-actions/cleanup-packages/**"
+      - ".github/workflows/image-retention.yaml"
   workflow_dispatch:
 
 jobs:

diff --git a/php/examples/VaasExample/AuthenticationExamples.php b/php/examples/VaasExample/AuthenticationExamples.php
@@ -2,7 +2,7 @@
 
 namespace VaasExamples;
 
-use VaasSdk\ClientCredentialsGrantAuthenticator;
+use VaasSdk\Authentication\ClientCredentialsGrantAuthenticator;
 use VaasSdk\Exceptions\InvalidSha256Exception;
 use VaasSdk\Exceptions\TimeoutException;
 use VaasSdk\Exceptions\VaasAuthenticationException;

diff --git a/php/examples/VaasExample/GetVerdictByFile.php b/php/examples/VaasExample/GetVerdictByFile.php
@@ -2,15 +2,15 @@
 
 namespace VaasExamples;
 
-use VaasSdk\ClientCredentialsGrantAuthenticator;
+use VaasSdk\Authentication\ClientCredentialsGrantAuthenticator;
 use VaasSdk\Vaas;
 
 include_once("./vendor/autoload.php");
 
 $authenticator = new ClientCredentialsGrantAuthenticator(
     getenv("CLIENT_ID"),
     getenv("CLIENT_SECRET"),
-    getenv("TOKEN_URL") ?? "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
+    getenv("TOKEN_URL") ?: "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
 );
 
 $vaas = new Vaas(

diff --git a/php/examples/VaasExample/GetVerdictByHash.php b/php/examples/VaasExample/GetVerdictByHash.php
@@ -2,18 +2,18 @@
 
 namespace VaasExamples;
 
-use VaasSdk\ClientCredentialsGrantAuthenticator;
+use VaasSdk\Authentication\ClientCredentialsGrantAuthenticator;
 use VaasSdk\Vaas;
 
 include_once("./vendor/autoload.php");
 
 $authenticator = new ClientCredentialsGrantAuthenticator(
     getenv("CLIENT_ID"),
     getenv("CLIENT_SECRET"),
-    getenv("TOKEN_URL") ?? "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
+    getenv("TOKEN_URL") ?: "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
 );
 $vaas = new Vaas(
-    getenv("VAAS_URL") ?? "wss://gateway.production.vaas.gdatasecurity.de"
+    getenv("VAAS_URL") ?: "wss://gateway.production.vaas.gdatasecurity.de"
 );
 $vaas->Connect($authenticator->getToken());
 

diff --git a/php/examples/VaasExample/GetVerdictByUrl.php b/php/examples/VaasExample/GetVerdictByUrl.php
@@ -2,18 +2,18 @@
 
 namespace VaasExamples;
 
-use VaasSdk\ClientCredentialsGrantAuthenticator;
+use VaasSdk\Authentication\ClientCredentialsGrantAuthenticator;
 use VaasSdk\Vaas;
 
 include_once("./vendor/autoload.php");
 
 $authenticator = new ClientCredentialsGrantAuthenticator(
     getenv("CLIENT_ID"),
     getenv("CLIENT_SECRET"),
-    getenv("TOKEN_URL") ?? "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
+    getenv("TOKEN_URL") ?: "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
 );
 $vaas = new Vaas(
-    getenv("VAAS_URL") ?? "wss://gateway.production.vaas.gdatasecurity.de"
+    getenv("VAAS_URL") ?: "wss://gateway.production.vaas.gdatasecurity.de"
 );
 $vaas->Connect($authenticator->getToken());
 

diff --git a/php/phpunit.xml b/php/phpunit.xml
@@ -1,6 +1,7 @@
 <phpunit>
   <testsuites>
     <testsuite name="VaasTesting">
+      <file>tests/vaas/StreamsInLoopTest.php</file>
       <file>tests/vaas/Sha256Test.php</file>
       <file>tests/vaas/VaasTest.php</file>
       <file>tests/vaas/ProtocolTest.php</file>

diff --git a/php/src/vaas/Authentication/ClientCredentialsGrantAuthenticator.php b/php/src/vaas/Authentication/ClientCredentialsGrantAuthenticator.php
@@ -0,0 +1,20 @@
+<?php
+
+namespace VaasSdk\Authentication;
+
+class ClientCredentialsGrantAuthenticator
+{
+    private OAuth2TokenReceiver $_tokenReceiver;
+    public function __construct(
+        string $clientId,
+        string $clientSecret,
+        string $tokenEndpoint = "https://account.gdata.de/realms/vaas-production/protocol/openid-connect/token"
+    ) {
+        $this->_tokenReceiver = new OAuth2TokenReceiver($tokenEndpoint, $clientId, $clientSecret);
+    }
+
+    public function getToken(): string
+    {
+        return $this->_tokenReceiver->GetToken();
+    }
+}
diff --git a/php/src/vaas/Authentication/OAuth2TokenReceiver.php b/php/src/vaas/Authentication/OAuth2TokenReceiver.php
@@ -0,0 +1,69 @@
+<?php
+
+namespace VaasSdk\Authentication;
+
+use Amp\Http\Client\Form;
+use Amp\Http\Client\HttpClient;
+use Amp\Http\Client\HttpClientBuilder;
+use Amp\Http\Client\Request;
+use Amp\TimeoutCancellation;
+use Exception;
+use VaasSdk\Exceptions\VaasAuthenticationException;
+
+class OAuth2TokenReceiver {
+    private string $_tokenEndpoint;
+    private string $_clientId;
+    private string $_clientSecret;
+    private string $_username;
+    private string $_password;
+    private string $_grantType;
+    private Form $_formParams;
+    private HttpClient $_browser;
+    private int $_receiveTokenTimeout = 30;
+
+    public function __construct(
+        string $tokenEndpoint, string $clientId, string $clientSecret = "",
+        string $username = "", string $password = "")
+    {
+        $this->_browser = HttpClientBuilder::buildDefault();
+        $this->_tokenEndpoint = $tokenEndpoint;
+        $this->_clientId = $clientId;
+        $this->_clientSecret = $clientSecret;
+        $this->_username = $username;
+        $this->_password = $password;
+        $this->_grantType = $this->_clientSecret == "" ? "password" : "client_credentials";
+
+        $this->_formParams = new Form();
+        $this->_formParams->addField('client_id', $this->_clientId);
+        $this->_formParams->addField('grant_type', $this->_grantType);
+
+        switch($this->_grantType) {
+            case "password":
+                $this->_formParams->addField('username', $this->_username);
+                $this->_formParams->addField('password', $this->_password);
+                break;
+            case "client_credentials":
+                $this->_formParams->addField('client_secret', $this->_clientSecret);
+                break;
+            default:
+                throw new VaasAuthenticationException("Invalid grant type");
+        }
+    }
+
+    public function getToken() {
+        try {
+            $request = new Request($this->_tokenEndpoint, 'POST');
+            $request->addHeader('Content-Type', 'application/x-www-form-urlencoded');
+            $request->setBody($this->_formParams);
+            $response = $this->_browser->request($request, new TimeoutCancellation($this->_receiveTokenTimeout));
+            if ($response->getStatus() != 200) {
+                throw new VaasAuthenticationException($response->getReason(), $response->getStatus());
+            }
+        } catch (Exception $e) {
+            throw new VaasAuthenticationException($e->getMessage(), $e->getCode());
+        }
+        $body = $response->getBody()->buffer();
+        $response_body = json_decode($body);
+        return $response_body->access_token;
+    }
+}
diff --git a/php/src/vaas/Authentication/ResourceOwnerPasswordGrantAuthenticator.php b/php/src/vaas/Authentication/ResourceOwnerPasswordGrantAuthenticator.php
@@ -0,0 +1,21 @@
+<?php
+
+namespace VaasSdk\Authentication;
+
+use VaasSdk\Authentication\OAuth2TokenReceiver;
+use VaasSdk\Exceptions\VaasAuthenticationException;
+
+class ResourceOwnerPasswordGrantAuthenticator {
+    private OAuth2TokenReceiver $_tokenReceiver;
+
+    public function __construct($clientId, $userName, $password, $tokenEndpoint) {
+        $this->_tokenReceiver = new OAuth2TokenReceiver($tokenEndpoint, $clientId, "", $userName, $password);
+    }
+
+    /**
+     * @throws VaasAuthenticationException
+     */
+    public function getToken() {
+        return $this->_tokenReceiver->GetToken();
+    }
+}
diff --git a/php/src/vaas/ClientCredentialsGrantAuthenticator.php b/php/src/vaas/ClientCredentialsGrantAuthenticator.php
diff --git a/php/src/vaas/ResourceOwnerPasswordGrantAuthenticator.php b/php/src/vaas/ResourceOwnerPasswordGrantAuthenticator.php