Specification::doHMACSignature() - Code Metrics - Inspection of "AuthenticatorTest now checks the actual message se..." - 1ma/Psr7Hmac - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 31e51a...da5e51 )

by Marcel

created 2016-05-29 13:58 UTC

Specification::doHMACSignature() A

↳ Parent: Project

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
c	1
b	0
f	0
dl	0
loc	4
ccs	2
cts	2
cp	1
rs	10
cc	1
eloc	2
nc	1
nop	2
crap	1

<?php

namespace UMA\Psr\Http\Message\HMAC;

final class Specification
{
    /**
     * Name of the HTTP header that will hold the authentication
     * credentials (i.e. the HMAC signature). Must conform to RFC7235.
     *
     * @see http://tools.ietf.org/html/rfc7235#section-4.2
     */
    const AUTH_HEADER = 'Authorization';

    /**
     * Authentication credentials prefix. Its purpose is telling the
     * message receiver which kind of data the authentication header is holding.
     *
     * @example Authorization: HMAC-SHA256 y0SLRAxCrIrQhPyKh5XJj1t4AjWcMF6r1X7Nsg4kiJY=
     */
    const AUTH_PREFIX = 'HMAC-SHA256';

    /**
     * Hash algorithm used in conjunction with the HMAC function.
     */
    const HASH_ALGORITHM = 'sha256';

    /**
     * Name of the HTTP header that holds the list of signed headers.
     *
     * When verifying the authenticity on an HTTP message, any header
     * not included in that list must be stripped from the message
     * before attempting to serialize it.
     *
     * An HTTP message without the Signed-Headers header cannot
     * pass the HMAC verification.
     *
     * An HTTP message with a Signed-Headers header that is not covered
     * by the HMAC signature will neither pass the HMAC verification.
     *
     * The list itself consists of an alphanumerically sorted sequence of header names
     * concatenated by commas. A valid Signed-Headers header must include its own
     * header name, so at the very least it will be the only header in the list.
     *
     * As per RFC 7230 Section 3.2 commas are not legal characters in a header name,
     * hence there cannot be any ambiguity when parsing the header value.
     *
     * @example Signed-Headers: Api-Key,Content-Type,Host,Signed-Headers
     * @example Signed-Headers: Signed-Headers
     */
    const SIGN_HEADER = 'Signed-Headers';
}


1			<?php
2
3			namespace UMA\Psr\Http\Message\HMAC;
4
5			final class Specification
6			{
7			/**
8			* Name of the HTTP header that will hold the authentication
9			* credentials (i.e. the HMAC signature). Must conform to RFC7235.
10			*
11			* @see http://tools.ietf.org/html/rfc7235#section-4.2
12			*/
13			const AUTH_HEADER = 'Authorization';
14
15			/**
16			* Authentication credentials prefix. Its purpose is telling the
17			* message receiver which kind of data the authentication header is holding.
18			*
19			* @example Authorization: HMAC-SHA256 y0SLRAxCrIrQhPyKh5XJj1t4AjWcMF6r1X7Nsg4kiJY=
20			*/
21			const AUTH_PREFIX = 'HMAC-SHA256';
22
23			/**
24			* Hash algorithm used in conjunction with the HMAC function.
25			*/
26			const HASH_ALGORITHM = 'sha256';
27
28			/**
29			* Name of the HTTP header that holds the list of signed headers.
30			*
31			* When verifying the authenticity on an HTTP message, any header
32			* not included in that list must be stripped from the message
33			* before attempting to serialize it.
34			*
35			* An HTTP message without the Signed-Headers header cannot
36			* pass the HMAC verification.
37			*
38			* An HTTP message with a Signed-Headers header that is not covered
39			* by the HMAC signature will neither pass the HMAC verification.
40			*
41			* The list itself consists of an alphanumerically sorted sequence of header names
42			* concatenated by commas. A valid Signed-Headers header must include its own
43			* header name, so at the very least it will be the only header in the list.
44			*
45			* As per RFC 7230 Section 3.2 commas are not legal characters in a header name,
46			* hence there cannot be any ambiguity when parsing the header value.
47			*
48			* @example Signed-Headers: Api-Key,Content-Type,Host,Signed-Headers
49			* @example Signed-Headers: Signed-Headers
50			*/
51			const SIGN_HEADER = 'Signed-Headers';
52			}
53

1ma / Psr7Hmac

Push — master ( 31e51a...da5e51 )

Specification::doHMACSignature() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like