Issues in GitLabAuthenticator.php - New Issues - Inspection of "Make PSR-4 compliant" - BurningFlipside/CommonCode - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( ed6c74...ceecfe )

by Patrick

created 2020-06-15 01:11 UTC

Auth/OAuth2/GitLabAuthenticator.php (2 issues)

Labels

Severity

Major 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Flipside\Auth\OAuth2;

class GitLabAuthenticator extends OAuth2Authenticator
{
    protected $app_id;
    protected $app_secret;

    public function __construct($params)
    {
        parent::__construct($params);
        $this->app_id = $params['app_id'];
        $this->app_secret = $params['app_secret'];
    }

    public function getHostName()
    {
        return 'gitlab.com';
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
    }

    public function getAuthorizationUrl()
    {
        return 'https://gitlab.com/oauth/authorize?client_id='.$this->app_id.'&redirect_uri='.urlencode($this->redirect_uri).'&response_type=code';
    }

    public function getAccessTokenUrl()
    {
        return 'https://gitlab.com/oauth/token?client_id='.$this->app_id.'&client_secret='.$this->app_secret.'&grant_type=authorization_code&redirect_uri='.urlencode($this->redirect_uri);
    }

    public function getUserFromToken($token)
    {
        if($token === false)
        {
            $token = \FlipSession::getVar('OAuthToken');
        }
        $resp = \Httpful\Request::get('https://gitlab.com/api/v3/user')->addHeader('Authorization', 'Bearer '.$token->access_token)->send();
        $gitlab_user = $resp->body;
        $user = new \Auth\PendingUser();
        $user->mail = $gitlab_user->email;
        $name = explode(' ', $gitlab_user->name);
        $user->givenName = $name[0];
        $user->sn = $name[1];
        $user->addLoginProvider($this->getHostName());
        return $user;
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
    }
}


1			<?php
2			namespace Flipside\Auth\OAuth2;
3
4			class GitLabAuthenticator extends OAuth2Authenticator
5			{
6			protected $app_id;
7			protected $app_secret;
8
9			public function __construct($params)
10			{
11			parent::__construct($params);
12			$this->app_id = $params['app_id'];
13			$this->app_secret = $params['app_secret'];
14			}
15
16			public function getHostName()
17			{
18			return 'gitlab.com';
			0 ignored issues – show Bug Best Practice introduced 2020-06-15 01:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type of `return 'gitlab.com';` (`string`) is incompatible with the return type of the parent method `Flipside\Auth\Authenticator::getHostName` of type `boolean`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
19			}
20
21			public function getAuthorizationUrl()
22			{
23			return 'https://gitlab.com/oauth/authorize?client_id='.$this->app_id.'&redirect_uri='.urlencode($this->redirect_uri).'&response_type=code';
24			}
25
26			public function getAccessTokenUrl()
27			{
28			return 'https://gitlab.com/oauth/token?client_id='.$this->app_id.'&client_secret='.$this->app_secret.'&grant_type=authorization_code&redirect_uri='.urlencode($this->redirect_uri);
29			}
30
31			public function getUserFromToken($token)
32			{
33			if($token === false)
34			{
35			$token = \FlipSession::getVar('OAuthToken');
36			}
37			$resp = \Httpful\Request::get('https://gitlab.com/api/v3/user')->addHeader('Authorization', 'Bearer '.$token->access_token)->send();
38			$gitlab_user = $resp->body;
39			$user = new \Auth\PendingUser();
40			$user->mail = $gitlab_user->email;
41			$name = explode(' ', $gitlab_user->name);
42			$user->givenName = $name[0];
43			$user->sn = $name[1];
44			$user->addLoginProvider($this->getHostName());
45			return $user;
			0 ignored issues – show Bug Best Practice introduced 2020-06-15 01:15 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type of `return $user;` (`Auth\PendingUser`) is incompatible with the return type declared by the abstract method `Flipside\Auth\OAuth2\OAu...cator::getUserFromToken` of type `Auth\User`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
46			}
47			}
48

BurningFlipside / CommonCode

Push — develop ( ed6c74...ceecfe )

Auth/OAuth2/GitLabAuthenticator.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like