Issues in JWTGenerator.php - Fixed Issues - Inspection of "Bugfix/fix test and cleanup (#3)" - AlexLisenkov/laravel-web-push - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 48c4c4...9a2426 )

by Alex

created 2019-04-30 12:10 UTC

src/JWTGenerator.php (1 issue)

Severity

Unknown 1

<?php

namespace AlexLisenkov\LaravelWebPush;

use AlexLisenkov\LaravelWebPush\Contracts\JWTGeneratorContract;
use Base64Url\Base64Url;
use Illuminate\Contracts\Config\Repository as ConfigRepository;
use Jose\Component\Core\AlgorithmManager;
use Jose\Component\Core\Converter\StandardConverter;
use Jose\Component\Core\JWK;
use Jose\Component\Signature\Algorithm\ES256;
use Jose\Component\Signature\JWS;
use Jose\Component\Signature\JWSBuilder;
use Jose\Component\Signature\Serializer\CompactSerializer;

class JWTGenerator implements JWTGeneratorContract
{
    /**
     * @var int
     */
    private $expires_at;
    /**
     * @var string
     */
    private $audience;
    /**
     * @var ConfigRepository
     */
    private $config_repository;

    public function __construct(ConfigRepository $config_repository)
    {
        $this->config_repository = $config_repository;
    }

    /**
     * @param string $aud
     *
     * @return JWTGeneratorContract
     */
    public function withAudience(string $aud): JWTGeneratorContract
    {
        $this->audience = $aud;

        return $this;
    }

    /**
     * @param int $time
     *
     * @return JWTGeneratorContract
     */
    public function willExpireAt(int $time): JWTGeneratorContract
    {
        $this->expires_at = $time;

        return $this;
    }

    /**
     * @return string
     * @throws \Exception
     */
    public function serialize(): string
    {
        $jsonConverter = new StandardConverter();
        $jwsCompactSerializer = new CompactSerializer($jsonConverter);

        return $jwsCompactSerializer->serialize($this->getJWS(), 0);
    }

    /**
     * @return JWS
     * @throws \Exception
     */
    public function getJWS(): JWS
    {
        $jsonConverter = new StandardConverter();
        $jwsBuilder = new JWSBuilder($jsonConverter, AlgorithmManager::create([new ES256()]));

        return $jwsBuilder
            ->create()
            ->withPayload($this->getPayload())
            ->addSignature($this->getJWK(), $this->getHeader())
            ->build();
    }

    /**
     * @return string
     * @throws \InvalidArgumentException
     */
    public function getPayload(): string
    {
        if (!is_string($this->audience)) {

            throw new \InvalidArgumentException("Audience must be string, " . gettype($this->audience) . " given.");
        }

        if (!$this->getExpiresAt()) {
            $this->willExpireIn($this->getConfigVariable('expiration', Constants::DEFAULT_EXPIRE));
        }

        return json_encode([
            'aud' => $this->audience,
            'exp' => $this->getExpiresAt(),
            'sub' => $this->getConfigVariable('subject', env('APP_URL', 'mailto:[email protected]')),
        ], JSON_UNESCAPED_SLASHES | JSON_NUMERIC_CHECK);
    }

    /**
     * Get ExpiresAt
     *
     * @return int|null
     */
    public function getExpiresAt(): ?int
    {
        return $this->expires_at;
    }

    /**
     * @param int $time
     *
     * @return JWTGeneratorContract
     */
    public function willExpireIn(int $time): JWTGeneratorContract
    {
        $this->expires_at = time() + $time;

        return $this;
    }

    /**
     * @param string $key
     *
     * @param $default
     *
     * @return mixed
     */
    private function getConfigVariable(string $key, $default = null)
    {
        return $this->config_repository->get(Constants::CONFIG_KEY . '.' . $key, $default);
    }

    /**
     * @return JWK
     */
    public function getJWK(): JWK
    {
        $local_server_key = Base64Url::decode($this->getConfigVariable('public_key'));
        $public = $this->unserializePublicKey($local_server_key);

        return JWK::create([
            'kty' => 'EC',
            'crv' => 'P-256',
            'x' => Base64Url::encode($public['x']),
            'y' => Base64Url::encode($public['y']),
            'd' => $this->getConfigVariable('private_key'),
        ]);
    }

    /**
     * @param string $data
     *
     * @return array
     */
    private function unserializePublicKey(string $data): array
    {
        $data = bin2hex($data);
        $first_byte = mb_substr($data, 0, 2, '8bit');

        if ($first_byte !== '04') {
            throw new \InvalidArgumentException('Invalid data: only uncompressed keys are supported.');
        }

        $data = mb_substr($data, 2, null, '8bit');
        $center = mb_strlen($data) / 2;

        return [
            'x' => hex2bin(mb_substr($data, 0, $center, '8bit')),
            'y' => hex2bin(mb_substr($data, $center, null, '8bit')),
        ];
    }

    /**
     * @return array
     */
    public function getHeader(): array
    {
        return [
            'typ' => 'JWT',
            'alg' => 'ES256',
        ];
    }
}


1		<?php
2
3		namespace AlexLisenkov\LaravelWebPush;
4
5		use AlexLisenkov\LaravelWebPush\Contracts\JWTGeneratorContract;
6		use Base64Url\Base64Url;
7		use Illuminate\Contracts\Config\Repository as ConfigRepository;
8		use Jose\Component\Core\AlgorithmManager;
9		use Jose\Component\Core\Converter\StandardConverter;
10		use Jose\Component\Core\JWK;
11		use Jose\Component\Signature\Algorithm\ES256;
12		use Jose\Component\Signature\JWS;
13		use Jose\Component\Signature\JWSBuilder;
14		use Jose\Component\Signature\Serializer\CompactSerializer;
15
16		class JWTGenerator implements JWTGeneratorContract
17		{
18		/**
19		* @var int
20		*/
21		private $expires_at;
22		/**
23		* @var string
24		*/
25		private $audience;
26		/**
27		* @var ConfigRepository
28		*/
29		private $config_repository;
30
31	16	public function __construct(ConfigRepository $config_repository)
32		{
33	16	$this->config_repository = $config_repository;
34	16	}
35
36		/**
37		* @param string $aud
38		*
39		* @return JWTGeneratorContract
40		*/
41	7	public function withAudience(string $aud): JWTGeneratorContract
42		{
43	7	$this->audience = $aud;
44
45	7	return $this;
46		}
47
48		/**
49		* @param int $time
50		*
51		* @return JWTGeneratorContract
52		*/
53	1	public function willExpireAt(int $time): JWTGeneratorContract
54		{
55	1	$this->expires_at = $time;
56
57	1	return $this;
58		}
59
60		/**
61		* @return string
62		* @throws \Exception
63		*/
64	1	public function serialize(): string
65		{
66	1	$jsonConverter = new StandardConverter();
67	1	$jwsCompactSerializer = new CompactSerializer($jsonConverter);
68
69	1	return $jwsCompactSerializer->serialize($this->getJWS(), 0);
70		}
71
72		/**
73		* @return JWS
74		* @throws \Exception
75		*/
76	3	public function getJWS(): JWS
77		{
78	3	$jsonConverter = new StandardConverter();
79	3	$jwsBuilder = new JWSBuilder($jsonConverter, AlgorithmManager::create([new ES256()]));
80
81		return $jwsBuilder
82	3	->create()
83	3	->withPayload($this->getPayload())
84	3	->addSignature($this->getJWK(), $this->getHeader())
85	3	->build();
86		}
87
88		/**
89		* @return string
90		* @throws \InvalidArgumentException
91		*/
92	8	public function getPayload(): string
93		{
94	8	if (!is_string($this->audience)) {
		0 ignored issues – show introduced 2018-12-09 11:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this The condition `is_string($this->audience)` is always `true`. Loading history...
95	1	throw new \InvalidArgumentException("Audience must be string, " . gettype($this->audience) . " given.");
96		}
97
98	7	if (!$this->getExpiresAt()) {
99	1	$this->willExpireIn($this->getConfigVariable('expiration', Constants::DEFAULT_EXPIRE));
100		}
101
102	7	return json_encode([
103	7	'aud' => $this->audience,
104	7	'exp' => $this->getExpiresAt(),
105	7	'sub' => $this->getConfigVariable('subject', env('APP_URL', 'mailto:[email protected]')),
106	7	], JSON_UNESCAPED_SLASHES \| JSON_NUMERIC_CHECK);
107		}
108
109		/**
110		* Get ExpiresAt
111		*
112		* @return int\|null
113		*/
114	8	public function getExpiresAt(): ?int
115		{
116	8	return $this->expires_at;
117		}
118
119		/**
120		* @param int $time
121		*
122		* @return JWTGeneratorContract
123		*/
124	7	public function willExpireIn(int $time): JWTGeneratorContract
125		{
126	7	$this->expires_at = time() + $time;
127
128	7	return $this;
129		}
130
131		/**
132		* @param string $key
133		*
134		* @param $default
135		*
136		* @return mixed
137		*/
138	13	private function getConfigVariable(string $key, $default = null)
139		{
140	13	return $this->config_repository->get(Constants::CONFIG_KEY . '.' . $key, $default);
141		}
142
143		/**
144		* @return JWK
145		*/
146	9	public function getJWK(): JWK
147		{
148	9	$local_server_key = Base64Url::decode($this->getConfigVariable('public_key'));
149	9	$public = $this->unserializePublicKey($local_server_key);
150
151	8	return JWK::create([
152	8	'kty' => 'EC',
153	8	'crv' => 'P-256',
154	8	'x' => Base64Url::encode($public['x']),
155	8	'y' => Base64Url::encode($public['y']),
156	8	'd' => $this->getConfigVariable('private_key'),
157		]);
158		}
159
160		/**
161		* @param string $data
162		*
163		* @return array
164		*/
165	9	private function unserializePublicKey(string $data): array
166		{
167	9	$data = bin2hex($data);
168	9	$first_byte = mb_substr($data, 0, 2, '8bit');
169
170	9	if ($first_byte !== '04') {
171	1	throw new \InvalidArgumentException('Invalid data: only uncompressed keys are supported.');
172		}
173
174	8	$data = mb_substr($data, 2, null, '8bit');
175	8	$center = mb_strlen($data) / 2;
176
177		return [
178	8	'x' => hex2bin(mb_substr($data, 0, $center, '8bit')),
179	8	'y' => hex2bin(mb_substr($data, $center, null, '8bit')),
180		];
181		}
182
183		/**
184		* @return array
185		*/
186	4	public function getHeader(): array
187		{
188		return [
189	4	'typ' => 'JWT',
190		'alg' => 'ES256',
191		];
192		}
193		}
194

AlexLisenkov / laravel-web-push

Push — master ( 48c4c4...9a2426 )

src/JWTGenerator.php (1 issue)

Severity

Introduced By

Duplication Side-by-Side

Filter issues like