diff --git a/.env.example b/.env.example index 7d52539c30..3a5465cffd 100644 --- a/.env.example +++ b/.env.example @@ -195,6 +195,15 @@ AUTHENTICATION_GUARD=web AUTHENTICATION_GUARD_HEADER=REMOTE_USER AUTHENTICATION_GUARD_EMAIL= +# +# Firefly III generates a basic keypair for your OAuth tokens. +# If you want, you can overrule the key with your own (secure) value. +# It's also possible to set PASSPORT_PUBLIC_KEY_FILE or PASSPORT_PRIVATE_KEY_FILE +# if you're using Docker secrets or similar solutions for secret management +# +PASSPORT_PRIVATE_KEY= +PASSPORT_PUBLIC_KEY= + # # Extra authentication settings # diff --git a/composer.lock b/composer.lock index ade3a38986..92fc7f8d21 100644 --- a/composer.lock +++ b/composer.lock @@ -470,16 +470,16 @@ }, { "name": "doctrine/dbal", - "version": "3.5.1", + "version": "3.5.2", "source": { "type": "git", "url": "https://github.com/doctrine/dbal.git", - "reference": "f38ee8aaca2d58ee88653cb34a6a3880c23f38a5" + "reference": "63e513cebbbaf96a6795e5c5ee34d205831bfc85" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/doctrine/dbal/zipball/f38ee8aaca2d58ee88653cb34a6a3880c23f38a5", - "reference": "f38ee8aaca2d58ee88653cb34a6a3880c23f38a5", + "url": "https://api.github.com/repos/doctrine/dbal/zipball/63e513cebbbaf96a6795e5c5ee34d205831bfc85", + "reference": "63e513cebbbaf96a6795e5c5ee34d205831bfc85", "shasum": "" }, "require": { @@ -492,16 +492,16 @@ "psr/log": "^1|^2|^3" }, "require-dev": { - "doctrine/coding-standard": "10.0.0", - "jetbrains/phpstorm-stubs": "2022.2", - "phpstan/phpstan": "1.8.10", + "doctrine/coding-standard": "11.0.0", + "jetbrains/phpstorm-stubs": "2022.3", + "phpstan/phpstan": "1.9.2", "phpstan/phpstan-strict-rules": "^1.4", - "phpunit/phpunit": "9.5.25", - "psalm/plugin-phpunit": "0.17.0", + "phpunit/phpunit": "9.5.27", + "psalm/plugin-phpunit": "0.18.4", "squizlabs/php_codesniffer": "3.7.1", "symfony/cache": "^5.4|^6.0", "symfony/console": "^4.4|^5.4|^6.0", - "vimeo/psalm": "4.29.0" + "vimeo/psalm": "4.30.0" }, "suggest": { "symfony/console": "For helpful console commands such as SQL execution and import of files." @@ -561,7 +561,7 @@ ], "support": { "issues": "https://github.com/doctrine/dbal/issues", - "source": "https://github.com/doctrine/dbal/tree/3.5.1" + "source": "https://github.com/doctrine/dbal/tree/3.5.2" }, "funding": [ { @@ -577,7 +577,7 @@ "type": "tidelift" } ], - "time": "2022-10-24T07:26:18+00:00" + "time": "2022-12-19T08:17:34+00:00" }, { "name": "doctrine/deprecations", @@ -1136,16 +1136,16 @@ }, { "name": "firebase/php-jwt", - "version": "v6.3.1", + "version": "v6.3.2", "source": { "type": "git", "url": "https://github.com/firebase/php-jwt.git", - "reference": "ddfaddcb520488b42bca3a75e17e9dd53c3667da" + "reference": "ea7dda77098b96e666c5ef382452f94841e439cd" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/firebase/php-jwt/zipball/ddfaddcb520488b42bca3a75e17e9dd53c3667da", - "reference": "ddfaddcb520488b42bca3a75e17e9dd53c3667da", + "url": "https://api.github.com/repos/firebase/php-jwt/zipball/ea7dda77098b96e666c5ef382452f94841e439cd", + "reference": "ea7dda77098b96e666c5ef382452f94841e439cd", "shasum": "" }, "require": { @@ -1192,9 +1192,9 @@ ], "support": { "issues": "https://github.com/firebase/php-jwt/issues", - "source": "https://github.com/firebase/php-jwt/tree/v6.3.1" + "source": "https://github.com/firebase/php-jwt/tree/v6.3.2" }, - "time": "2022-11-01T21:20:08+00:00" + "time": "2022-12-19T17:10:46+00:00" }, { "name": "fruitcake/php-cors", @@ -1856,16 +1856,16 @@ }, { "name": "laravel/framework", - "version": "v9.44.0", + "version": "v9.45.1", "source": { "type": "git", "url": "https://github.com/laravel/framework.git", - "reference": "60808a7d9acd53461fd69634c08fc7e0a99fbf98" + "reference": "faeb20d3fc61b69790068161ab42bcf2d5faccbc" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/laravel/framework/zipball/60808a7d9acd53461fd69634c08fc7e0a99fbf98", - "reference": "60808a7d9acd53461fd69634c08fc7e0a99fbf98", + "url": "https://api.github.com/repos/laravel/framework/zipball/faeb20d3fc61b69790068161ab42bcf2d5faccbc", + "reference": "faeb20d3fc61b69790068161ab42bcf2d5faccbc", "shasum": "" }, "require": { @@ -1876,7 +1876,7 @@ "ext-openssl": "*", "fruitcake/php-cors": "^1.2", "laravel/serializable-closure": "^1.2.2", - "league/commonmark": "^2.2", + "league/commonmark": "^2.2.1", "league/flysystem": "^3.8.0", "monolog/monolog": "^2.0", "nesbot/carbon": "^2.62.1", @@ -1885,7 +1885,7 @@ "psr/container": "^1.1.1|^2.0.1", "psr/log": "^1.0|^2.0|^3.0", "psr/simple-cache": "^1.0|^2.0|^3.0", - "ramsey/uuid": "^4.2.2", + "ramsey/uuid": "^4.7", "symfony/console": "^6.0.9", "symfony/error-handler": "^6.0", "symfony/finder": "^6.0", @@ -1946,7 +1946,7 @@ "ably/ably-php": "^1.0", "aws/aws-sdk-php": "^3.235.5", "doctrine/dbal": "^2.13.3|^3.1.4", - "fakerphp/faker": "^1.9.2", + "fakerphp/faker": "^1.21", "guzzlehttp/guzzle": "^7.5", "league/flysystem-aws-s3-v3": "^3.0", "league/flysystem-ftp": "^3.0", @@ -1954,7 +1954,7 @@ "league/flysystem-read-only": "^3.3", "league/flysystem-sftp-v3": "^3.0", "mockery/mockery": "^1.5.1", - "orchestra/testbench-core": "^7.11", + "orchestra/testbench-core": "^7.16", "pda/pheanstalk": "^4.0", "phpstan/phpstan": "^1.4.7", "phpunit/phpunit": "^9.5.8", @@ -2038,7 +2038,7 @@ "issues": "https://github.com/laravel/framework/issues", "source": "https://github.com/laravel/framework" }, - "time": "2022-12-15T14:56:36+00:00" + "time": "2022-12-21T19:37:46+00:00" }, { "name": "laravel/passport", @@ -2838,16 +2838,16 @@ }, { "name": "league/flysystem", - "version": "3.11.0", + "version": "3.12.0", "source": { "type": "git", "url": "https://github.com/thephpleague/flysystem.git", - "reference": "7e423e5dd240a60adfab9bde058d7668863b7731" + "reference": "2aef65a47e44f2d6f9938f720f6dd697e7ba7b76" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/flysystem/zipball/7e423e5dd240a60adfab9bde058d7668863b7731", - "reference": "7e423e5dd240a60adfab9bde058d7668863b7731", + "url": "https://api.github.com/repos/thephpleague/flysystem/zipball/2aef65a47e44f2d6f9938f720f6dd697e7ba7b76", + "reference": "2aef65a47e44f2d6f9938f720f6dd697e7ba7b76", "shasum": "" }, "require": { @@ -2909,7 +2909,7 @@ ], "support": { "issues": "https://github.com/thephpleague/flysystem/issues", - "source": "https://github.com/thephpleague/flysystem/tree/3.11.0" + "source": "https://github.com/thephpleague/flysystem/tree/3.12.0" }, "funding": [ { @@ -2925,7 +2925,7 @@ "type": "tidelift" } ], - "time": "2022-12-02T14:39:57+00:00" + "time": "2022-12-20T20:21:10+00:00" }, { "name": "league/fractal", @@ -3664,16 +3664,16 @@ }, { "name": "nunomaduro/collision", - "version": "v6.3.1", + "version": "v6.3.2", "source": { "type": "git", "url": "https://github.com/nunomaduro/collision.git", - "reference": "0f6349c3ed5dd28467087b08fb59384bb458a22b" + "reference": "83699b231e7f277bfa2e823788973bf4082f019a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nunomaduro/collision/zipball/0f6349c3ed5dd28467087b08fb59384bb458a22b", - "reference": "0f6349c3ed5dd28467087b08fb59384bb458a22b", + "url": "https://api.github.com/repos/nunomaduro/collision/zipball/83699b231e7f277bfa2e823788973bf4082f019a", + "reference": "83699b231e7f277bfa2e823788973bf4082f019a", "shasum": "" }, "require": { @@ -3748,20 +3748,20 @@ "type": "patreon" } ], - "time": "2022-09-29T12:29:49+00:00" + "time": "2022-12-23T21:36:49+00:00" }, { "name": "nunomaduro/termwind", - "version": "v1.14.2", + "version": "v1.15.0", "source": { "type": "git", "url": "https://github.com/nunomaduro/termwind.git", - "reference": "9a8218511eb1a0965629ff820dda25985440aefc" + "reference": "594ab862396c16ead000de0c3c38f4a5cbe1938d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nunomaduro/termwind/zipball/9a8218511eb1a0965629ff820dda25985440aefc", - "reference": "9a8218511eb1a0965629ff820dda25985440aefc", + "url": "https://api.github.com/repos/nunomaduro/termwind/zipball/594ab862396c16ead000de0c3c38f4a5cbe1938d", + "reference": "594ab862396c16ead000de0c3c38f4a5cbe1938d", "shasum": "" }, "require": { @@ -3818,7 +3818,7 @@ ], "support": { "issues": "https://github.com/nunomaduro/termwind/issues", - "source": "https://github.com/nunomaduro/termwind/tree/v1.14.2" + "source": "https://github.com/nunomaduro/termwind/tree/v1.15.0" }, "funding": [ { @@ -3834,7 +3834,7 @@ "type": "github" } ], - "time": "2022-10-28T22:51:32+00:00" + "time": "2022-12-20T19:00:15+00:00" }, { "name": "nyholm/psr7", @@ -4161,16 +4161,16 @@ }, { "name": "phpseclib/phpseclib", - "version": "3.0.17", + "version": "3.0.18", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "dbc2307d5c69aeb22db136c52e91130d7f2ca761" + "reference": "f28693d38ba21bb0d9f0c411ee5dae2b178201da" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/dbc2307d5c69aeb22db136c52e91130d7f2ca761", - "reference": "dbc2307d5c69aeb22db136c52e91130d7f2ca761", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/f28693d38ba21bb0d9f0c411ee5dae2b178201da", + "reference": "f28693d38ba21bb0d9f0c411ee5dae2b178201da", "shasum": "" }, "require": { @@ -4251,7 +4251,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.17" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.18" }, "funding": [ { @@ -4267,7 +4267,7 @@ "type": "tidelift" } ], - "time": "2022-10-24T10:51:50+00:00" + "time": "2022-12-17T18:26:50+00:00" }, { "name": "pragmarx/google2fa", @@ -5107,23 +5107,23 @@ }, { "name": "ramsey/uuid", - "version": "4.6.0", + "version": "4.7.0", "source": { "type": "git", "url": "https://github.com/ramsey/uuid.git", - "reference": "ad63bc700e7d021039e30ce464eba384c4a1d40f" + "reference": "5ed9ad582647bbc3864ef78db34bdc1afdcf9b49" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/ramsey/uuid/zipball/ad63bc700e7d021039e30ce464eba384c4a1d40f", - "reference": "ad63bc700e7d021039e30ce464eba384c4a1d40f", + "url": "https://api.github.com/repos/ramsey/uuid/zipball/5ed9ad582647bbc3864ef78db34bdc1afdcf9b49", + "reference": "5ed9ad582647bbc3864ef78db34bdc1afdcf9b49", "shasum": "" }, "require": { "brick/math": "^0.8.8 || ^0.9 || ^0.10", "ext-json": "*", "php": "^8.0", - "ramsey/collection": "^1.0" + "ramsey/collection": "^1.2" }, "replace": { "rhumsaa/uuid": "self.version" @@ -5183,7 +5183,7 @@ ], "support": { "issues": "https://github.com/ramsey/uuid/issues", - "source": "https://github.com/ramsey/uuid/tree/4.6.0" + "source": "https://github.com/ramsey/uuid/tree/4.7.0" }, "funding": [ { @@ -5195,7 +5195,7 @@ "type": "tidelift" } ], - "time": "2022-11-05T23:03:38+00:00" + "time": "2022-12-19T22:30:49+00:00" }, { "name": "rcrowe/twigbridge", @@ -9405,16 +9405,16 @@ }, { "name": "phpunit/php-code-coverage", - "version": "9.2.19", + "version": "9.2.22", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-code-coverage.git", - "reference": "c77b56b63e3d2031bd8997fcec43c1925ae46559" + "reference": "e4bf60d2220b4baaa0572986b5d69870226b06df" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/c77b56b63e3d2031bd8997fcec43c1925ae46559", - "reference": "c77b56b63e3d2031bd8997fcec43c1925ae46559", + "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/e4bf60d2220b4baaa0572986b5d69870226b06df", + "reference": "e4bf60d2220b4baaa0572986b5d69870226b06df", "shasum": "" }, "require": { @@ -9470,7 +9470,7 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/php-code-coverage/issues", - "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.19" + "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.22" }, "funding": [ { @@ -9478,7 +9478,7 @@ "type": "github" } ], - "time": "2022-11-18T07:47:47+00:00" + "time": "2022-12-18T16:40:55+00:00" }, { "name": "phpunit/php-file-iterator", diff --git a/config/passport.php b/config/passport.php new file mode 100644 index 0000000000..d314b51ede --- /dev/null +++ b/config/passport.php @@ -0,0 +1,62 @@ + envNonEmpty('AUTHENTICATION_GUARD', 'web'), + + /* + |-------------------------------------------------------------------------- + | Encryption Keys + |-------------------------------------------------------------------------- + | + | Passport uses encryption keys while generating secure access tokens for + | your application. By default, the keys are stored as local files but + | can be set via environment variables when that is more convenient. + | + */ + + 'private_key' => env('PASSPORT_PRIVATE_KEY'), + + 'public_key' => env('PASSPORT_PUBLIC_KEY'), + + /* + |-------------------------------------------------------------------------- + | Client UUIDs + |-------------------------------------------------------------------------- + | + | By default, Passport uses auto-incrementing primary keys when assigning + | IDs to clients. However, if Passport is installed using the provided + | --uuids switch, this will be set to "true" and UUIDs will be used. + | + */ + + 'client_uuids' => false, + + /* + |-------------------------------------------------------------------------- + | Personal Access Client + |-------------------------------------------------------------------------- + | + | If you enable client hashing, you should set the personal access client + | ID and unhashed secret within your environment file. The values will + | get used while issuing fresh personal access tokens to your users. + | + */ + + 'personal_access_client' => [ + 'id' => env('PASSPORT_PERSONAL_ACCESS_CLIENT_ID'), + 'secret' => env('PASSPORT_PERSONAL_ACCESS_CLIENT_SECRET'), + ], + +];