OAuthPlugin::getOAuthParameters() - Code Metrics - Inspection of "Http plug implementation" - gentlero/bitbucket-api - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop ( #41 )

unknown

created 2018-10-31 20:35 UTC

OAuthPlugin::getOAuthParameters() A

↳ Parent: OAuthPlugin

Complexity

Conditions	3
Paths	3

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	12
rs	9.8666
c	0
b	0
f	0
cc	3
nc	3
nop	1

<?php

/**
 * This file is part of the bitbucket-api package.
 *
 * (c) Alexandru G. <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Bitbucket\API\Http\Plugin;

use Http\Client\Common\Plugin;
use JacobKiers\OAuth\SignatureMethod\SignatureMethodInterface;
use JacobKiers\OAuth\Consumer\ConsumerInterface;
use JacobKiers\OAuth\Token\TokenInterface;
use JacobKiers\OAuth as OAuth1;
use Psr\Http\Message\RequestInterface;

/**
 * @author  Alexandru G.    <[email protected]>
 */
class OAuthPlugin implements Plugin
{
    const ENDPOINT_REQUEST_TOKEN    = 'oauth/request_token';
    const ENDPOINT_ACCESS_TOKEN     = 'oauth/access_token';
    const ENDPOINT_AUTHORIZE        = 'oauth/authenticate';

    /**
     * @var array
     */
    protected $config = array(
        'oauth_consumer_key'        => 'anon',
        'oauth_consumer_secret'     => 'anon',
        'oauth_token'               => '',
        'oauth_token_secret'        => '',
        'oauth_signature_method'    => 'HMAC-SHA1',
        'oauth_callback'            => '',
        'oauth_verifier'            => '',
        'oauth_version'             => '1.0',
    );

    /**
     * @var SignatureMethodInterface
     */
    protected $signature;

    /**
     * @var TokenInterface
     */
    protected $token;

    /**
     * @var ConsumerInterface
     */
    protected $consumer;

    public function __construct(
        array $config,
        SignatureMethodInterface $signature = null,
        TokenInterface $token = null,
        ConsumerInterface $consumer = null
    ) {
        $this->config       = array_merge($this->config, $config);
        $this->signature    = (!is_null($signature)) ? $signature : $this->getSigner();
        $this->token        = $this->initToken($token);
        $this->consumer     = $this->initConsumer($consumer);
    }

    public function handleRequest(\Psr\Http\Message\RequestInterface $request, callable $next, callable $first)
    {
        $params = $this->getParametersToSign($request);
        $req    = OAuth1\Request\Request::fromConsumerAndToken(
            $this->consumer,
            $this->token,
            $request->getMethod(),
            (string) $request->getUri(),
            $params
        );

        $req->signRequest($this->signature, $this->consumer, $this->token);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

        $header = explode(':', $req->toHeader(), 2);
        $next($request->withHeader($header[0], $header[1]));
    }

    /**
     * Include OAuth and request body parameters
     *
     * @access protected
     * @param  RequestInterface $request
     * @return array
     *
     * @see http://oauth.net/core/1.0/#sig_norm_param
     */
    protected function getParametersToSign(RequestInterface $request)
    {
        $params = $this->getOAuthParameters($request);

        if (in_array('application/x-www-form-urlencoded', $request->getHeader('Content-Type'), true)) {
            $params = array_merge($params, $this->getContentAsParameters($request));
        }

        return $params;
    }

    /**
     * Include/exclude optional parameters
     *
     * The exclusion/inclusion is based on current request resource
     *
     * @access protected
     * @param  RequestInterface $request
     * @return array
     */
    protected function getOAuthParameters(RequestInterface $request)
    {
        $params = $this->filterOAuthParameters(array('oauth_token', 'oauth_version'));

        if ($this->isEndpointRequested(self::ENDPOINT_REQUEST_TOKEN, $request)) {
            $params = $this->filterOAuthParameters(array('oauth_callback'));
        } elseif ($this->isEndpointRequested(self::ENDPOINT_ACCESS_TOKEN, $request)) {
            $params = $this->filterOAuthParameters(array('oauth_token', 'oauth_verifier'));
        }

        return $params;
    }

    /**
     * White list based filter
     *
     * @access protected
     * @param  string[] $include
     * @return array
     */
    protected function filterOAuthParameters(array $include)
    {
        $final = array();

        foreach ($include as $key => $value) {
            if (!empty($this->config[$value])) {
                $final[$value] = $this->config[$value];
            }
        }

        return $final;
    }

    /**
     * Transform request content to associative array
     *
     * @access protected
     * @param  RequestInterface $request
     * @return array
     */
    protected function getContentAsParameters(RequestInterface $request)
    {
        parse_str($request->getBody()->getContents(), $parts);

        return $parts;
    }

    /**
     * Check if specified endpoint is in current request
     *
     * @param  string           $endpoint
     * @param  RequestInterface $request
     * @return bool
     */
    protected function isEndpointRequested($endpoint, RequestInterface $request)
    {
        return strpos($request->getUri()->getPath(), $endpoint) !== false;
    }

    /**
     * Bitbucket supports only HMAC-SHA1 and PlainText signatures.
     *
     * For better security, HMAC-SHA1 is the default one.
     *
     * @return \JacobKiers\OAuth\SignatureMethod\SignatureMethodInterface
     */
    protected function getSigner()
    {
        $signature = 'HmacSha1';

        if ($this->config['oauth_signature_method'] == 'PLAINTEXT') {
            $signature = 'PlainText';
        }

        $class = '\JacobKiers\OAuth\SignatureMethod\\'.$signature;

        return new $class();
    }

    /**
     * @access public
     * @param  TokenInterface|null $token
     * @return TokenInterface
     */
    protected function initToken($token)
    {
        return (!is_null($token)) ?
            $token :
            empty($this->config['oauth_token']) ?
                new OAuth1\Token\NullToken() :
                new OAuth1\Token\Token($this->config['oauth_token'], $this->config['oauth_token_secret'])
            ;
    }

    /**
     * @access public
     * @param  ConsumerInterface|null $consumer
     * @return ConsumerInterface
     */
    protected function initConsumer($consumer)
    {
        return (!is_null($consumer)) ?
            $consumer :
            new OAuth1\Consumer\Consumer(
                $this->config['oauth_consumer_key'],
                $this->config['oauth_consumer_secret']
            )
            ;
    }
}


1			<?php
2
3			/**
4			* This file is part of the bitbucket-api package.
5			*
6			* (c) Alexandru G. <[email protected]>
7			*
8			* For the full copyright and license information, please view the LICENSE
9			* file that was distributed with this source code.
10			*/
11
12			namespace Bitbucket\API\Http\Plugin;
13
14			use Http\Client\Common\Plugin;
15			use JacobKiers\OAuth\SignatureMethod\SignatureMethodInterface;
16			use JacobKiers\OAuth\Consumer\ConsumerInterface;
17			use JacobKiers\OAuth\Token\TokenInterface;
18			use JacobKiers\OAuth as OAuth1;
19			use Psr\Http\Message\RequestInterface;
20
21			/**
22			* @author Alexandru G. <[email protected]>
23			*/
24			class OAuthPlugin implements Plugin
25			{
26			const ENDPOINT_REQUEST_TOKEN = 'oauth/request_token';
27			const ENDPOINT_ACCESS_TOKEN = 'oauth/access_token';
28			const ENDPOINT_AUTHORIZE = 'oauth/authenticate';
29
30			/**
31			* @var array
32			*/
33			protected $config = array(
34			'oauth_consumer_key' => 'anon',
35			'oauth_consumer_secret' => 'anon',
36			'oauth_token' => '',
37			'oauth_token_secret' => '',
38			'oauth_signature_method' => 'HMAC-SHA1',
39			'oauth_callback' => '',
40			'oauth_verifier' => '',
41			'oauth_version' => '1.0',
42			);
43
44			/**
45			* @var SignatureMethodInterface
46			*/
47			protected $signature;
48
49			/**
50			* @var TokenInterface
51			*/
52			protected $token;
53
54			/**
55			* @var ConsumerInterface
56			*/
57			protected $consumer;
58
59			public function __construct(
60			array $config,
61			SignatureMethodInterface $signature = null,
62			TokenInterface $token = null,
63			ConsumerInterface $consumer = null
64			) {
65			$this->config = array_merge($this->config, $config);
66			$this->signature = (!is_null($signature)) ? $signature : $this->getSigner();
67			$this->token = $this->initToken($token);
68			$this->consumer = $this->initConsumer($consumer);
69			}
70
71			public function handleRequest(\Psr\Http\Message\RequestInterface $request, callable $next, callable $first)
72			{
73			$params = $this->getParametersToSign($request);
74			$req = OAuth1\Request\Request::fromConsumerAndToken(
75			$this->consumer,
76			$this->token,
77			$request->getMethod(),
78			(string) $request->getUri(),
79			$params
80			);
81
82			$req->signRequest($this->signature, $this->consumer, $this->token);
			0 ignored issues – show Documentation introduced 2015-12-05 07:39 UTC by Report Bug Copy Issue Report `$this->signature` is of type `object<JacobKiers\OAuth\...gnatureMethodInterface>`, but the function expects a `string`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
83
84			$header = explode(':', $req->toHeader(), 2);
85			$next($request->withHeader($header[0], $header[1]));
86			}
87
88			/**
89			* Include OAuth and request body parameters
90			*
91			* @access protected
92			* @param RequestInterface $request
93			* @return array
94			*
95			* @see http://oauth.net/core/1.0/#sig_norm_param
96			*/
97			protected function getParametersToSign(RequestInterface $request)
98			{
99			$params = $this->getOAuthParameters($request);
100
101			if (in_array('application/x-www-form-urlencoded', $request->getHeader('Content-Type'), true)) {
102			$params = array_merge($params, $this->getContentAsParameters($request));
103			}
104
105			return $params;
106			}
107
108			/**
109			* Include/exclude optional parameters
110			*
111			* The exclusion/inclusion is based on current request resource
112			*
113			* @access protected
114			* @param RequestInterface $request
115			* @return array
116			*/
117			protected function getOAuthParameters(RequestInterface $request)
118			{
119			$params = $this->filterOAuthParameters(array('oauth_token', 'oauth_version'));
120
121			if ($this->isEndpointRequested(self::ENDPOINT_REQUEST_TOKEN, $request)) {
122			$params = $this->filterOAuthParameters(array('oauth_callback'));
123			} elseif ($this->isEndpointRequested(self::ENDPOINT_ACCESS_TOKEN, $request)) {
124			$params = $this->filterOAuthParameters(array('oauth_token', 'oauth_verifier'));
125			}
126
127			return $params;
128			}
129
130			/**
131			* White list based filter
132			*
133			* @access protected
134			* @param string[] $include
135			* @return array
136			*/
137			protected function filterOAuthParameters(array $include)
138			{
139			$final = array();
140
141			foreach ($include as $key => $value) {
142			if (!empty($this->config[$value])) {
143			$final[$value] = $this->config[$value];
144			}
145			}
146
147			return $final;
148			}
149
150			/**
151			* Transform request content to associative array
152			*
153			* @access protected
154			* @param RequestInterface $request
155			* @return array
156			*/
157			protected function getContentAsParameters(RequestInterface $request)
158			{
159			parse_str($request->getBody()->getContents(), $parts);
160
161			return $parts;
162			}
163
164			/**
165			* Check if specified endpoint is in current request
166			*
167			* @param string $endpoint
168			* @param RequestInterface $request
169			* @return bool
170			*/
171			protected function isEndpointRequested($endpoint, RequestInterface $request)
172			{
173			return strpos($request->getUri()->getPath(), $endpoint) !== false;
174			}
175
176			/**
177			* Bitbucket supports only HMAC-SHA1 and PlainText signatures.
178			*
179			* For better security, HMAC-SHA1 is the default one.
180			*
181			* @return \JacobKiers\OAuth\SignatureMethod\SignatureMethodInterface
182			*/
183			protected function getSigner()
184			{
185			$signature = 'HmacSha1';
186
187			if ($this->config['oauth_signature_method'] == 'PLAINTEXT') {
188			$signature = 'PlainText';
189			}
190
191			$class = '\JacobKiers\OAuth\SignatureMethod\\'.$signature;
192
193			return new $class();
194			}
195
196			/**
197			* @access public
198			* @param TokenInterface\|null $token
199			* @return TokenInterface
200			*/
201			protected function initToken($token)
202			{
203			return (!is_null($token)) ?
204			$token :
205			empty($this->config['oauth_token']) ?
206			new OAuth1\Token\NullToken() :
207			new OAuth1\Token\Token($this->config['oauth_token'], $this->config['oauth_token_secret'])
208			;
209			}
210
211			/**
212			* @access public
213			* @param ConsumerInterface\|null $consumer
214			* @return ConsumerInterface
215			*/
216			protected function initConsumer($consumer)
217			{
218			return (!is_null($consumer)) ?
219			$consumer :
220			new OAuth1\Consumer\Consumer(
221			$this->config['oauth_consumer_key'],
222			$this->config['oauth_consumer_secret']
223			)
224			;
225			}
226			}
227

gentlero / bitbucket-api

Notification Setup Error

Pull Request — develop ( #41 )

OAuthPlugin::getOAuthParameters() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like