HostedDomainException adjustments

pradtke · pradtke · commit 1299ae06197e · 2018-03-13T15:02:25.000-07:00
- Use static constructor to preserve default constructors
- Don't include user's hd/domain incase it contains XSS'able data
diff --git a/src/Exception/HostedDomainException.php b/src/Exception/HostedDomainException.php
@@ -7,37 +7,9 @@
  */
 class HostedDomainException extends \Exception
 {
-    private $hostedDomainConfigured;
 
-    private $hostedDomainOfUser;
-
-    /**
-     * HostedDomainException constructor.
-     * @param string $hostedDomainConfigured
-     * @param string|null $hostedDomainOfUser
-     */
-    public function __construct($hostedDomainConfigured, $hostedDomainOfUser)
-    {
-        parent::__construct("Hosted domain mismatch '$hostedDomainOfUser' !== '$hostedDomainConfigured'");
-        $this->hostedDomainConfigured = $hostedDomainConfigured;
-        $this->hostedDomainOfUser = $hostedDomainOfUser;
-    }
-
-    /**
-     * The hosted domain configured for this provider.
-     * @return string
-     */
-    public function getHostedDomainConfigured()
-    {
-        return $this->hostedDomainConfigured;
-    }
-
-    /**
-     * The hosted domain of the user. Non G-Suite users do not have hosted domains
-     * @return string|null
-     */
-    public function getHostedDomainOfUser()
+    public static function notMatchingDomain($configuredDomain)
     {
-        return $this->hostedDomainOfUser;
+        return new static("User is not part of domain '$configuredDomain''");
     }
 }
diff --git a/src/Provider/Google.php b/src/Provider/Google.php
@@ -127,10 +127,10 @@ protected function createResourceOwner(array $response, AccessToken $token)
         // Validate hosted domain incase the user edited the initial authorization code grant request
         if ($this->hostedDomain === '*') {
             if (empty($user->getHostedDomain())) {
-                throw new HostedDomainException($this->hostedDomain, $user->getHostedDomain());
+                throw HostedDomainException::notMatchingDomain($this->hostedDomain);
             }
         } elseif (!empty($this->hostedDomain) && $this->hostedDomain !== $user->getHostedDomain()) {
-            throw new HostedDomainException($this->hostedDomain, $user->getHostedDomain());
+            throw HostedDomainException::notMatchingDomain($this->hostedDomain);
         }
 
         return $user;

Original file line number	Diff line number	Diff line change
`@@ -127,10 +127,10 @@ protected function createResourceOwner(array $response, AccessToken $token)`
`127`	`127`	`// Validate hosted domain incase the user edited the initial authorization code grant request`
`128`	`128`	`if ($this->hostedDomain === '*') {`
`129`	`129`	`if (empty($user->getHostedDomain())) {`
`130`		`- throw new HostedDomainException($this->hostedDomain, $user->getHostedDomain());`
	`130`	`+ throw HostedDomainException::notMatchingDomain($this->hostedDomain);`
`131`	`131`	`}`
`132`	`132`	`} elseif (!empty($this->hostedDomain) && $this->hostedDomain !== $user->getHostedDomain()) {`
`133`		`- throw new HostedDomainException($this->hostedDomain, $user->getHostedDomain());`
	`133`	`+ throw HostedDomainException::notMatchingDomain($this->hostedDomain);`
`134`	`134`	`}`
`135`	`135`
`136`	`136`	`return $user;`