diff --git a/src/Plugin/OpenIDConnectClient/OpenIDConnectLoginGovClient.php b/src/Plugin/OpenIDConnectClient/OpenIDConnectLoginGovClient.php
index 1a2a331a6d8fba3eb36adfe39a55736bf8ffabd5..b2a1f417c64c1b6c6cd304498dff0087fb48f0ae 100644
--- a/src/Plugin/OpenIDConnectClient/OpenIDConnectLoginGovClient.php
+++ b/src/Plugin/OpenIDConnectClient/OpenIDConnectLoginGovClient.php
@@ -24,9 +24,10 @@ class OpenIDConnectLoginGovClient extends OpenIDConnectClientBase {
/**
* A list of data fields available on login.gov.
+ *
* @var array
*/
- protected static $userinfo_fields = [
+ protected static $userinfoFields = [
'all_emails' => 'All emails',
'given_name' => 'First name',
'family_name' => 'Last name',
@@ -42,9 +43,10 @@ class OpenIDConnectLoginGovClient extends OpenIDConnectClientBase {
/**
* A list of fields we always request from the site.
+ *
* @var array
*/
- protected static $always_fetch_fields = [
+ protected static $alwaysFetchFields = [
'sub' => 'UUID',
'email' => 'Email',
'ial' => 'Identity Assurance Level',
@@ -53,9 +55,10 @@ class OpenIDConnectLoginGovClient extends OpenIDConnectClientBase {
/**
* A mapping of userinfo fields to the scopes required to receive them.
+ *
* @var array
*/
- protected static $field_to_scope_map = [
+ protected static $fieldToScopeMap = [
'sub' => 'openid',
'email' => 'email',
'all_emails' => 'all_emails',
@@ -161,7 +164,7 @@ class OpenIDConnectLoginGovClient extends OpenIDConnectClientBase {
'#title' => $this->t('User fields'),
'#type' => 'select',
'#multiple' => TRUE,
- '#options' => static::$userinfo_fields,
+ '#options' => static::$userinfoFields,
'#description' => $this->t('List of fields to fetch, which will translate to the required scopes. Some fields require IAL/2 Authentication Assurance Level. See the @login_gov_documentation for more details. The Email and UUID (sub) fields are always fetched.', ['@login_gov_documentation' => Link::fromTextAndUrl($this->t('Login.gov documentation'), Url::fromUri('https://developers.login.gov/attributes/'))->toString()]),
'#default_value' => $this->configuration['userinfo_fields'],
];
@@ -217,7 +220,7 @@ class OpenIDConnectLoginGovClient extends OpenIDConnectClientBase {
'sub' => $this->configuration['client_id'],
'aud' => $endpoints['token'],
'jti' => $this->generateNonce(),
- 'exp' => time() + 300, // Five minutes expiration.
+ 'exp' => time() + 300,
];
// Add the client assertion to the list of options.
$options = [
@@ -250,7 +253,7 @@ class OpenIDConnectLoginGovClient extends OpenIDConnectClientBase {
/**
* Return the private key for signing the JWTs.
*
- * @return string
+ * @return string
* The private key in PEM format.
*/
protected function getPrivateKey(): ?string {
@@ -260,14 +263,15 @@ class OpenIDConnectLoginGovClient extends OpenIDConnectClientBase {
/**
* Generate a one-time use code word, a nonce.
*
- * @param length
+ * @param int $length
* The length of the nonce.
*
* @return string
* The nonce.
+ *
* @todo Save the nonce to verify later.
*/
- protected function generateNonce(int $length=26): string {
+ protected function generateNonce(int $length = 26): string {
return substr(Crypt::randomBytesBase64($length), 0, $length);
}
@@ -310,8 +314,8 @@ class OpenIDConnectLoginGovClient extends OpenIDConnectClientBase {
* {@inheritdoc}
*/
public function getClientScopes(): ?array {
- $fields = static::$always_fetch_fields + ($this->configuration['userinfo_fields'] ?? []);
- return array_values(array_unique(array_intersect_key(static::$field_to_scope_map, $fields)));
+ $fields = static::$alwaysFetchFields + ($this->configuration['userinfo_fields'] ?? []);
+ return array_values(array_unique(array_intersect_key(static::$fieldToScopeMap, $fields)));
}
}