From bf2e517a89f9b063f1b46de2c38127855c2e7357 Mon Sep 17 00:00:00 2001
From: Jonathan Daggerhart <jonathan@daggerhart.com>
Date: Mon, 15 Jun 2020 07:14:05 -0400
Subject: [PATCH] removing trailing whitespace

---
 .../openid-connect-generic-client-wrapper.php | 92 +++++++++----------
 includes/openid-connect-generic-client.php    | 42 ++++-----
 .../openid-connect-generic-option-logger.php  | 54 +++++------
 ...openid-connect-generic-option-settings.php | 22 ++---
 .../openid-connect-generic-settings-page.php  | 16 ++--
 5 files changed, 112 insertions(+), 114 deletions(-)

diff --git a/includes/openid-connect-generic-client-wrapper.php b/includes/openid-connect-generic-client-wrapper.php
index 0bf5278..3823a3d 100644
--- a/includes/openid-connect-generic-client-wrapper.php
+++ b/includes/openid-connect-generic-client-wrapper.php
@@ -1,12 +1,12 @@
 <?php
 
 class OpenID_Connect_Generic_Client_Wrapper {
-	
+
 	private $client;
-	
+
 	// settings object
 	private $settings;
-	
+
 	// logger object
 	private $logger;
 
@@ -19,10 +19,9 @@ class OpenID_Connect_Generic_Client_Wrapper {
 	// WP_Error if there was a problem, or false if no error
 	private $error = false;
 
-	
 	/**
 	 * Inject necessary objects and services into the client
-	 * 
+	 *
 	 * @param \OpenID_Connect_Generic_Client $client
 	 * @param \OpenID_Connect_Generic_Option_Settings $settings
 	 * @param \OpenID_Connect_Generic_Option_Logger $logger
@@ -44,7 +43,7 @@ class OpenID_Connect_Generic_Client_Wrapper {
 	 */
 	static public function register( OpenID_Connect_Generic_Client $client, OpenID_Connect_Generic_Option_Settings $settings, OpenID_Connect_Generic_Option_Logger $logger ){
 		$client_wrapper  = new self( $client, $settings, $logger );
-		
+
 		// integrated logout
 		if ( $settings->endpoint_end_session ) {
 			add_filter( 'allowed_redirect_hosts', array( $client_wrapper, 'update_allowed_redirect_hosts' ), 99, 1 );
@@ -72,13 +71,13 @@ class OpenID_Connect_Generic_Client_Wrapper {
 		if ( is_user_logged_in() ) {
 			add_action( 'wp_loaded', array($client_wrapper, 'ensure_tokens_still_fresh'));
 		}
-		
+
 		return $client_wrapper;
 	}
 
 	/**
 	 * Implements WP action - parse_request
-	 * 
+	 *
 	 * @param $query
 	 *
 	 * @return mixed
@@ -96,7 +95,7 @@ class OpenID_Connect_Generic_Client_Wrapper {
 
 	/**
 	 * Get the authentication url from the client
-	 * 
+	 *
 	 * @return string
 	 */
 	function get_authentication_url(){
@@ -144,7 +143,7 @@ class OpenID_Connect_Generic_Client_Wrapper {
 		}
 
 		$token_result = $this->client->request_new_tokens( $refresh_token );
-		
+
 		if ( is_wp_error( $token_result ) ) {
 			wp_logout();
 			$this->error_redirect( $token_result );
@@ -168,10 +167,10 @@ class OpenID_Connect_Generic_Client_Wrapper {
 	 */
 	function error_redirect( $error ) {
 		$this->logger->log( $error );
-		
+
 		// redirect user back to login page
-		wp_redirect(  
-			wp_login_url() . 
+		wp_redirect(
+			wp_login_url() .
 			'?login-error=' . $error->get_error_code() .
 		    '&message=' . urlencode( $error->get_error_message() )
 		);
@@ -186,7 +185,7 @@ class OpenID_Connect_Generic_Client_Wrapper {
 	function get_error(){
 		return $this->error;
 	}
-	
+
 	/**
 	 * Add the end_session endpoint to WP core's whitelist of redirect hosts
 	 *
@@ -266,31 +265,31 @@ class OpenID_Connect_Generic_Client_Wrapper {
 
 		return $request;
 	}
-	
+
 	/**
 	 * Control the authentication and subsequent authorization of the user when
 	 *  returning from the IDP.
 	 */
 	function authentication_request_callback() {
 		$client = $this->client;
-		
+
 		// start the authentication flow
 		$authentication_request = $client->validate_authentication_request( $_GET );
-		
+
 		if ( is_wp_error( $authentication_request ) ){
 			$this->error_redirect( $authentication_request );
 		}
-		
+
 		// retrieve the authentication code from the authentication request
 		$code = $client->get_authentication_code( $authentication_request );
-		
+
 		if ( is_wp_error( $code ) ){
 			$this->error_redirect( $code );
 		}
 
 		// attempting to exchange an authorization code for an authentication token
 		$token_result = $client->request_authentication_token( $code );
-		
+
 		if ( is_wp_error( $token_result ) ) {
 			$this->error_redirect( $token_result );
 		}
@@ -307,7 +306,7 @@ class OpenID_Connect_Generic_Client_Wrapper {
 
 		// ensure the that response contains required information
 		$valid = $client->validate_token_response( $token_response );
-		
+
 		if ( is_wp_error( $valid ) ) {
 			$this->error_redirect( $valid );
 		}
@@ -328,28 +327,28 @@ class OpenID_Connect_Generic_Client_Wrapper {
 		if ( is_wp_error( $id_token_claim ) ){
 			$this->error_redirect( $id_token_claim );
 		}
-		
+
 		// validate our id_token has required values
 		$valid = $client->validate_id_token_claim( $id_token_claim );
-		
+
 		if ( is_wp_error( $valid ) ){
 			$this->error_redirect( $valid );
 		}
-		
+
 		// if userinfo endpoint is set, exchange the token_response for a user_claim
 		if ( !empty( $this->settings->endpoint_userinfo ) && isset( $token_response['access_token'] )) {
 			$user_claim = $client->get_user_claim( $token_response );
 		} else {
 			$user_claim = $id_token_claim;
 		}
-		
+
 		if ( is_wp_error( $user_claim ) ){
 			$this->error_redirect( $user_claim );
 		}
-		
+
 		// validate our user_claim has required values
 		$valid = $client->validate_user_claim( $user_claim, $id_token_claim );
-		
+
 		if ( is_wp_error( $valid ) ){
 			$this->error_redirect( $valid );
 		}
@@ -380,7 +379,7 @@ class OpenID_Connect_Generic_Client_Wrapper {
 
 		// validate the found / created user
 		$valid = $this->validate_user( $user );
-		
+
 		if ( is_wp_error( $valid ) ){
 			$this->error_redirect( $valid );
 		}
@@ -405,13 +404,13 @@ class OpenID_Connect_Generic_Client_Wrapper {
 		else {
 			wp_redirect( home_url() );
 		}
-		
+
 		exit;
 	}
 
 	/**
-	 * Validate the potential WP_User 
-	 * 
+	 * Validate the potential WP_User
+	 *
 	 * @param $user
 	 *
 	 * @return true|\WP_Error
@@ -421,13 +420,13 @@ class OpenID_Connect_Generic_Client_Wrapper {
 		if ( ! is_a( $user, 'WP_User' ) || ! $user->exists() ) {
 			return new WP_Error( 'invalid-user', __( 'Invalid user' ), $user );
 		}
-		
+
 		return true;
 	}
 
 	/**
 	 * Record user meta data, and provide an authorization cookie
-	 * 
+	 *
 	 * @param $user
 	 */
 	function login_user( $user, $token_response, $id_token_claim, $user_claim, $subject_identity ){
@@ -478,8 +477,8 @@ class OpenID_Connect_Generic_Client_Wrapper {
 	}
 
 	/**
-	 * Get the user that has meta data matching a 
-	 * 
+	 * Get the user that has meta data matching a
+	 *
 	 * @param $subject_identity
 	 *
 	 * @return false|\WP_User
@@ -500,7 +499,7 @@ class OpenID_Connect_Generic_Client_Wrapper {
 			$users = $user_query->get_results();
 			return $users[0];
 		}
-		
+
 		return false;
 	}
 
@@ -592,7 +591,7 @@ class OpenID_Connect_Generic_Client_Wrapper {
 				$string .= substr( $format, $i, $match[ 1 ] - $i );
 				if ( ! isset( $user_claim[ $key ] ) ) {
 					if ( $error_on_missing_key ) {
-                                                return new WP_Error( 'incomplete-user-claim', __( 'User claim incomplete' ), 
+                                                return new WP_Error( 'incomplete-user-claim', __( 'User claim incomplete' ),
 								    array('message'=>'Unable to find key: '.$key.' in user_claim',
 									  'hint'=>'Verify OpenID Scope includes a scope with the attributes you need',
 									  'user_claim'=>$user_claim,
@@ -638,7 +637,7 @@ class OpenID_Connect_Generic_Client_Wrapper {
 
 	/**
 	 * Create a new user from details in a user_claim
-	 * 
+	 *
 	 * @param $subject_identity
 	 * @param $user_claim
 	 *
@@ -738,14 +737,14 @@ class OpenID_Connect_Generic_Client_Wrapper {
 			}
 		}
 
-		// allow other plugins / themes to determine authorization 
+		// allow other plugins / themes to determine authorization
 		// of new accounts based on the returned user claim
 		$create_user = apply_filters( 'openid-connect-generic-user-creation-test', true, $user_claim );
 
 		if ( ! $create_user ) {
 			return new WP_Error( 'cannot-authorize', __( 'Can not authorize.' ), $create_user );
 		}
-		
+
 		$user_data = array(
 			'user_login' => $username,
 			'user_pass' => wp_generate_password( 32, true, true ),
@@ -776,26 +775,25 @@ class OpenID_Connect_Generic_Client_Wrapper {
 
 		// allow plugins / themes to take action on new user creation
 		do_action( 'openid-connect-generic-user-create', $user, $user_claim );
-		
+
 		return $user;
 	}
-	
-	
+
 	/**
 	 * Update an existing user with OpenID Connect meta data
-	 * 
+	 *
 	 * @param $uid
 	 * @param $subject_identity
 	 *
 	 * @return \WP_Error | \WP_User
 	 */
 	function update_existing_user( $uid, $subject_identity ) {
-		// add the OpenID Connect meta data 
+		// add the OpenID Connect meta data
 		update_user_meta( $uid, 'openid-connect-generic-subject-identity', (string) $subject_identity );
-		
+
 		// allow plugins / themes to take action on user update
 		do_action( 'openid-connect-generic-user-update', $uid );
-		
+
 		// return our updated user
 		return get_user_by( 'id', $uid );
 	}
diff --git a/includes/openid-connect-generic-client.php b/includes/openid-connect-generic-client.php
index aa635fd..100d3a1 100644
--- a/includes/openid-connect-generic-client.php
+++ b/includes/openid-connect-generic-client.php
@@ -67,9 +67,9 @@ class OpenID_Connect_Generic_Client {
 
 	/**
 	 * Validate the request for login authentication
-	 * 
+	 *
 	 * @param $request
-	 * 
+	 *
 	 * @return array|\WP_Error
 	 */
 	function validate_authentication_request( $request ){
@@ -111,7 +111,7 @@ class OpenID_Connect_Generic_Client {
 	 * Using the authorization_code, request an authentication token from the idp
 	 *
 	 * @param $code - authorization_code
-	 * 
+	 *
 	 * @return array|\WP_Error
 	 */
 	function request_authentication_token( $code ) {
@@ -142,7 +142,7 @@ class OpenID_Connect_Generic_Client {
 		if ( is_wp_error( $response ) ){
 			$response->add( 'request_authentication_token' , __( 'Request for authentication token failed.' ) );
 		}
-		
+
 		return $response;
 	}
 
@@ -203,12 +203,12 @@ class OpenID_Connect_Generic_Client {
 		return $token_response;
 	}
 
-	
+
 	/**
 	 * Exchange an access_token for a user_claim from the userinfo endpoint
 	 *
 	 * @param $access_token
-	 * 
+	 *
 	 * @return array|\WP_Error
 	 */
 	function request_userinfo( $access_token ) {
@@ -240,7 +240,7 @@ class OpenID_Connect_Generic_Client {
 		if ( is_wp_error( $response ) ){
 			$response->add( 'request_userinfo' , __( 'Request for userinfo failed.' ) );
 		}
-		
+
 		return $response;
 	}
 
@@ -293,18 +293,18 @@ class OpenID_Connect_Generic_Client {
 	function validate_token_response( $token_response ){
 		// we need to ensure 2 specific items exist with the token response in order
 		// to proceed with confidence:  id_token and token_type == 'Bearer'
-		if ( ! isset( $token_response['id_token'] ) || 
+		if ( ! isset( $token_response['id_token'] ) ||
 		     ! isset( $token_response['token_type'] ) || strcasecmp( $token_response['token_type'], 'Bearer' )
 		) {
 			return new WP_Error( 'invalid-token-response', 'Invalid token response', $token_response );
 		}
-		
+
 		return true;
 	}
 
 	/**
 	 * Extract the id_token_claim from the token_response
-	 * 
+	 *
 	 * @param $token_response
 	 *
 	 * @return array|\WP_Error
@@ -333,13 +333,13 @@ class OpenID_Connect_Generic_Client {
 			)
 			, true
 		);
-		
+
 		return $id_token_claim;
 	}
 
 	/**
 	 * Ensure the id_token_claim contains the required values
-	 * 
+	 *
 	 * @param $id_token_claim
 	 *
 	 * @return bool|\WP_Error
@@ -348,20 +348,20 @@ class OpenID_Connect_Generic_Client {
 		if ( ! is_array( $id_token_claim ) ) {
 			return new WP_Error( 'bad-id-token-claim', __( 'Bad ID token claim' ), $id_token_claim );
 		}
-		
+
 		// make sure we can find our identification data and that it has a value
 		if ( ! isset( $id_token_claim['sub'] ) || empty( $id_token_claim['sub'] ) ) {
 			return new WP_Error( 'no-subject-identity', __( 'No subject identity' ), $id_token_claim );
 		}
-		
+
 		return true;
 	}
 
 	/**
 	 * Attempt to exchange the access_token for a user_claim
-	 * 
+	 *
 	 * @param $token_response
-	 * 
+	 *
 	 * @return array|mixed|object|\WP_Error
 	 */
 	function get_user_claim( $token_response ){
@@ -377,11 +377,11 @@ class OpenID_Connect_Generic_Client {
 
 		return $user_claim;
 	}
-	
+
 	/**
 	 * Make sure the user_claim has all required values, and that the subject
 	 * identity matches of the id_token matches that of the user_claim.
-	 * 
+	 *
 	 * @param $user_claim
 	 * @param $id_token_claim
 	 *
@@ -409,17 +409,17 @@ class OpenID_Connect_Generic_Client {
 
 		// allow for other plugins to alter the login success
 		$login_user = apply_filters( 'openid-connect-generic-user-login-test', true, $user_claim );
-		
+
 		if ( ! $login_user ) {
 			return new WP_Error( 'unauthorized', __( 'Unauthorized access' ), $login_user );
 		}
-		
+
 		return true;
 	}
 
 	/**
 	 * Retrieve the subject identity from the id_token
-	 * 
+	 *
 	 * @param $id_token_claim array
 	 *
 	 * @return mixed
diff --git a/includes/openid-connect-generic-option-logger.php b/includes/openid-connect-generic-option-logger.php
index 96ce655..3ea7b1d 100644
--- a/includes/openid-connect-generic-option-logger.php
+++ b/includes/openid-connect-generic-option-logger.php
@@ -3,25 +3,25 @@
  * Simple class for logging messages to the options table
  */
 class OpenID_Connect_Generic_Option_Logger {
-	
+
 	// wp option name/key
 	private $option_name;
-	
+
 	// default message type
 	private $default_message_type;
-	
+
 	// the number of items to keep in the log
 	private $log_limit;
-	
-	// whether or not the 
+
+	// whether or not the
 	private $logging_enabled;
-	
+
 	// internal cache of logs
 	private $logs;
 
 	/**
 	 * Setup the logger according to the needs of the instance
-	 * 
+	 *
 	 * @param string $option_name
 	 * @param string $default_message_type
 	 * @param bool|TRUE $logging_enabled
@@ -36,7 +36,7 @@ class OpenID_Connect_Generic_Option_Logger {
 
 	/**
 	 * Subscribe logger to a set of filters
-	 * 
+	 *
 	 * @param $filter_names
 	 * @param int $priority
 	 */
@@ -44,7 +44,7 @@ class OpenID_Connect_Generic_Option_Logger {
 		if ( ! is_array( $filter_names ) ) {
 			$filter_names = array( $filter_names );
 		}
-		
+
 		foreach ( $filter_names as $filter ){
 			add_filter( $filter, array( $this, 'log_hook' ), $priority );
 		}
@@ -52,7 +52,7 @@ class OpenID_Connect_Generic_Option_Logger {
 
 	/**
 	 * Subscribe logger to a set of actions
-	 * 
+	 *
 	 * @param $action_names
 	 * @param $priority
 	 */
@@ -67,8 +67,8 @@ class OpenID_Connect_Generic_Option_Logger {
 	}
 
 	/**
-	 * Log the data 
-	 * 
+	 * Log the data
+	 *
 	 * @param null $arg1
 	 * @return null
 	 */
@@ -76,10 +76,10 @@ class OpenID_Connect_Generic_Option_Logger {
 		$this->log( func_get_args(), current_filter() );
 		return $arg1;
 	}
-	
+
 	/**
 	 * Save an array of data to the logs
-	 * 
+	 *
 	 * @param $data mixed
 	 * @return bool
 	 */
@@ -90,13 +90,13 @@ class OpenID_Connect_Generic_Option_Logger {
 			$logs = $this->upkeep_logs( $logs );
 			return $this->save_logs( $logs );
 		}
-		
+
 		return false;
 	}
 
 	/**
 	 * Retrieve all log messages
-	 * 
+	 *
 	 * @return array
 	 */
 	public function get_logs() {
@@ -109,7 +109,7 @@ class OpenID_Connect_Generic_Option_Logger {
 
 	/**
 	 * Get the name of the option where this log is stored
-	 * 
+	 *
 	 * @return string
 	 */
 	public function get_option_name(){
@@ -128,7 +128,7 @@ class OpenID_Connect_Generic_Option_Logger {
 		// determine the type of message
 		if ( empty( $type ) ) {
 			$this->default_message_type;
-			
+
 			if ( is_array( $data ) && isset( $data['type'] ) ){
 				$type = $data['type'];
 			}
@@ -148,7 +148,7 @@ class OpenID_Connect_Generic_Option_Logger {
 
 		return $message;
 	}
-	
+
 	/**
 	 * Keep our log count under the limit
 	 *
@@ -161,14 +161,14 @@ class OpenID_Connect_Generic_Option_Logger {
 		if ( $items_to_remove > 0 ){
 			// keep only the last $log_limit messages from the end
 			$logs = array_slice( $logs, ( $items_to_remove * -1) );
-		} 
-		
+		}
+
 		return $logs;
 	}
 
 	/**
 	 * Save the log messages
-	 * 
+	 *
 	 * @param $logs
 	 * @return bool
 	 */
@@ -187,7 +187,7 @@ class OpenID_Connect_Generic_Option_Logger {
 
 	/**
 	 * Get a simple html table of all the logs
-	 * 
+	 *
 	 * @param array $logs
 	 * @return string
 	 */
@@ -196,9 +196,9 @@ class OpenID_Connect_Generic_Option_Logger {
 			$logs = $this->get_logs();
 		}
 		$logs = array_reverse( $logs );
-		
+
 		ini_set( 'xdebug.var_display_max_depth', -1 );
-		
+
 		ob_start();
 		?>
 		<style type="text/css">
@@ -232,7 +232,7 @@ class OpenID_Connect_Generic_Option_Logger {
 							<?php print $log['uri']; ?>
 						</div>
 					</td>
-					
+
 					<td class="col-data"><pre><?php var_dump( $log['data'] ); ?></pre></td>
 				</tr>
 			<?php } ?>
@@ -240,7 +240,7 @@ class OpenID_Connect_Generic_Option_Logger {
 		</table>
 		<?php
 		$output = ob_get_clean();
-		
+
 		return $output;
 	}
 }
diff --git a/includes/openid-connect-generic-option-settings.php b/includes/openid-connect-generic-option-settings.php
index b88e0f9..7b9b9a0 100644
--- a/includes/openid-connect-generic-option-settings.php
+++ b/includes/openid-connect-generic-option-settings.php
@@ -3,13 +3,13 @@
  * Class OpenId_Connect_Generic_Option_Settings
  */
 class OpenID_Connect_Generic_Option_Settings {
-	
+
 	// wp option name/key
 	private $option_name;
-	
+
 	// stored option values array
 	private $values;
-	
+
 	// default plugin settings values
 	private $default_settings;
 
@@ -22,38 +22,38 @@ class OpenID_Connect_Generic_Option_Settings {
 		$this->option_name = $option_name;
 		$this->default_settings = $default_settings;
 		$this->values = get_option( $this->option_name, $this->default_settings );
-		
+
 		if ( $granular_defaults ) {
 			$this->values = array_replace_recursive( $this->default_settings, $this->values );
 		}
 	}
-	
+
 	function __get( $key ){
 		if ( isset( $this->values[ $key ] ) ) {
 			return $this->values[ $key ];
 		}
 	}
-	
+
 	function __set( $key, $value ){
 		$this->values[ $key ] = $value;
 	}
-	
+
 	function __isset( $key ){
 		return isset( $this->values[ $key ] );
 	}
-	
+
 	function __unset( $key ){
 		unset( $this->values[ $key ]);
 	}
-	
+
 	function get_values(){
 		return $this->values;
 	}
-	
+
 	function get_option_name() {
 		return $this->option_name;
 	}
-	
+
 	function save(){
 		update_option( $this->option_name, $this->values );
 	}
diff --git a/includes/openid-connect-generic-settings-page.php b/includes/openid-connect-generic-settings-page.php
index 00c8f15..5178521 100644
--- a/includes/openid-connect-generic-settings-page.php
+++ b/includes/openid-connect-generic-settings-page.php
@@ -27,10 +27,10 @@ class OpenID_Connect_Generic_Settings_Page {
 		$this->settings             = $settings;
 		$this->logger               = $logger;
 		$this->settings_field_group = $this->settings->get_option_name() . '-group';
-		
+
 		/*
 		 * Simple settings fields simply have:
-		 * 
+		 *
 		 * - title
 		 * - description
 		 * - type ( checkbox | text | select )
@@ -225,7 +225,7 @@ class OpenID_Connect_Generic_Settings_Page {
 
 		// register our settings
 		add_action( 'admin_init', array( $settings_page, 'admin_init' ) );
-		
+
 		return $settings_page;
 	}
 
@@ -262,7 +262,7 @@ class OpenID_Connect_Generic_Settings_Page {
 			array( $this, 'user_settings_description' ),
 			$this->options_page_name
 		);
-		
+
 		add_settings_section( 'authorization_settings',
 			__( 'Authorization Settings' ),
 			array( $this, 'authorization_settings_description' ),
@@ -322,7 +322,7 @@ class OpenID_Connect_Generic_Settings_Page {
 		foreach ( $this->settings_fields as $key => $field ) {
 			if ( isset( $input[ $key ] ) ) {
 				$options[ $key ] = sanitize_text_field( trim( $input[ $key ] ) );
-			} 
+			}
 			else {
 				$options[ $key ] = '';
 			}
@@ -349,7 +349,7 @@ class OpenID_Connect_Generic_Settings_Page {
 				settings_fields( $this->settings_field_group );
 				do_settings_sections( $this->options_page_name );
 				submit_button();
-				
+
 				// simple debug to view settings array
 				if ( isset( $_GET['debug'] ) ) {
 					var_dump( $this->settings->get_values() );
@@ -452,11 +452,11 @@ class OpenID_Connect_Generic_Settings_Page {
 	public function client_settings_description() {
 		_e( 'Enter your OpenID Connect identity provider settings' );
 	}
-	
+
 	public function user_settings_description() {
 		_e( 'Modify the interaction between OpenID Connect and WordPress users' );
 	}
-	
+
 	public function authorization_settings_description() {
 		_e( 'Control the authorization mechanics of the site' );
 	}