GithubOAuth::isStateValid() - Code Metrics - Appsco/component-share - Measure and Improve Code Quality continuously with Scrutinizer

GithubOAuth::isStateValid() A
last analyzed 2019-01-14 14:03 UTC

↳ Parent: GithubOAuth

Complexity

Conditions	3
Paths	3

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	14
rs	9.7998
c	0
b	0
f	0
cc	3
nc	3
nop	1

<?php

namespace BWC\Share\Github;

use BWC\Share\Net\HttpClient\HttpClientInterface;
use BWC\Share\Net\HttpStatusCode;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Symfony\Component\HttpKernel\Exception\HttpException;

class GithubOAuth
{
    const STATE_SESSION_KEY = 'github_state';


    /** @var  string */
    protected $clientId;

    /** @var string  */
    protected $secret;

    /** @var \Symfony\Component\HttpFoundation\Session\SessionInterface */
    protected $session;

    /** @var \BWC\Share\Net\HttpClient\HttpClientInterface  */
    protected $httpClient;



    /**
     * @param string $clientId
     * @param string $secret
     * @param SessionInterface $session
     * @param \BWC\Share\Net\HttpClient\HttpClientInterface $httpClient
     */
    public function __construct($clientId, $secret, SessionInterface $session, HttpClientInterface $httpClient)
    {
        $this->clientId = $clientId;
        $this->secret = $secret;
        $this->session = $session;
        $this->httpClient = $httpClient;
    }


    /**
     * @param array $scopes
     * @param null|string $redirectUri
     * @return RedirectResponse
     */
    public function start(array $scopes = null, $redirectUri = null)
    {
        $state = base_convert(sha1(uniqid(mt_rand(), true)), 16, 36);
        $this->session->set(self::STATE_SESSION_KEY, $state);

        $params = array(
            'client_id' => $this->clientId,
            'state' => $state
        );

        if ($redirectUri) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            $params['redirect_uri'] = $redirectUri;
        }
        if ($scopes) {
            $params['scope'] = implode(',', $scopes);
        }

        return new RedirectResponse('https://github.com/login/oauth/authorize?'.http_build_query($params));
    }

    /**
     * @param string $state
     * @return bool
     */
    public function isStateValid($state)
    {
        if (!$state) {
            return false;
        }

        $sessionState = $this->session->get(self::STATE_SESSION_KEY);
        $this->session->remove(self::STATE_SESSION_KEY);
        if ($state != $sessionState) {
            return false;
        }

        return true;
    }

    /**
     * @param string $code
     * @throws \Symfony\Component\HttpKernel\Exception\HttpException
     * @return GithubAccessResponse
     */
    public function getAccessTokenFromCode($code)
    {
        $json = $this->httpClient->post(
            'https://github.com/login/oauth/access_token',
            array(),
            array(
                'client_id' => $this->clientId,
                'client_secret' => $this->secret,
                'code' => $code
            ),
            null,
            array(
                'Accept: application/json'
            )
        );

        if ($this->httpClient->getStatusCode() != HttpStatusCode::OK) {
            throw new HttpException($this->httpClient->getStatusCode(), $this->httpClient->getErrorText() . ' : '. $json);
        }

        /** @var GithubAccessResponse $result */
        $result = GithubAccessResponse::deserialize($json);

        if (!$result) {
            new \LogicException('Unable to parse github response: '.$json);
        }
        if ($result->error) {
            throw new HttpException(HttpStatusCode::INTERNAL_SERVER_ERROR, $result->error.': '.$result->error_description);
        }

        return $result;
    }

} 

1			<?php
2
3			namespace BWC\Share\Github;
4
5			use BWC\Share\Net\HttpClient\HttpClientInterface;
6			use BWC\Share\Net\HttpStatusCode;
7			use Symfony\Component\HttpFoundation\RedirectResponse;
8			use Symfony\Component\HttpFoundation\Session\SessionInterface;
9			use Symfony\Component\HttpKernel\Exception\HttpException;
10
11			class GithubOAuth
12			{
13			const STATE_SESSION_KEY = 'github_state';
14
15
16			/** @var string */
17			protected $clientId;
18
19			/** @var string */
20			protected $secret;
21
22			/** @var \Symfony\Component\HttpFoundation\Session\SessionInterface */
23			protected $session;
24
25			/** @var \BWC\Share\Net\HttpClient\HttpClientInterface */
26			protected $httpClient;
27
28
29
30			/**
31			* @param string $clientId
32			* @param string $secret
33			* @param SessionInterface $session
34			* @param \BWC\Share\Net\HttpClient\HttpClientInterface $httpClient
35			*/
36			public function __construct($clientId, $secret, SessionInterface $session, HttpClientInterface $httpClient)
37			{
38			$this->clientId = $clientId;
39			$this->secret = $secret;
40			$this->session = $session;
41			$this->httpClient = $httpClient;
42			}
43
44
45			/**
46			* @param array $scopes
47			* @param null\|string $redirectUri
48			* @return RedirectResponse
49			*/
50			public function start(array $scopes = null, $redirectUri = null)
51			{
52			$state = base_convert(sha1(uniqid(mt_rand(), true)), 16, 36);
53			$this->session->set(self::STATE_SESSION_KEY, $state);
54
55			$params = array(
56			'client_id' => $this->clientId,
57			'state' => $state
58			);
59
60			if ($redirectUri) {
			0 ignored issues – show Bug Best Practice introduced 2016-06-07 08:08 UTC by Report Bug Copy Issue Report The expression `$redirectUri` of type `null\|string` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
61			$params['redirect_uri'] = $redirectUri;
62			}
63			if ($scopes) {
64			$params['scope'] = implode(',', $scopes);
65			}
66
67			return new RedirectResponse('https://github.com/login/oauth/authorize?'.http_build_query($params));
68			}
69
70			/**
71			* @param string $state
72			* @return bool
73			*/
74			public function isStateValid($state)
75			{
76			if (!$state) {
77			return false;
78			}
79
80			$sessionState = $this->session->get(self::STATE_SESSION_KEY);
81			$this->session->remove(self::STATE_SESSION_KEY);
82			if ($state != $sessionState) {
83			return false;
84			}
85
86			return true;
87			}
88
89			/**
90			* @param string $code
91			* @throws \Symfony\Component\HttpKernel\Exception\HttpException
92			* @return GithubAccessResponse
93			*/
94			public function getAccessTokenFromCode($code)
95			{
96			$json = $this->httpClient->post(
97			'https://github.com/login/oauth/access_token',
98			array(),
99			array(
100			'client_id' => $this->clientId,
101			'client_secret' => $this->secret,
102			'code' => $code
103			),
104			null,
105			array(
106			'Accept: application/json'
107			)
108			);
109
110			if ($this->httpClient->getStatusCode() != HttpStatusCode::OK) {
111			throw new HttpException($this->httpClient->getStatusCode(), $this->httpClient->getErrorText() . ' : '. $json);
112			}
113
114			/** @var GithubAccessResponse $result */
115			$result = GithubAccessResponse::deserialize($json);
116
117			if (!$result) {
118			new \LogicException('Unable to parse github response: '.$json);
119			}
120			if ($result->error) {
121			throw new HttpException(HttpStatusCode::INTERNAL_SERVER_ERROR, $result->error.': '.$result->error_description);
122			}
123
124			return $result;
125			}
126
127			}

Appsco / component-share

GithubOAuth::isStateValid() A last analyzed 2019-01-14 14:03 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

GithubOAuth::isStateValid() A
last analyzed 2019-01-14 14:03 UTC