VerifyApiToken::setCurrentAppKeyForRequest() - Code Metrics - Inspection of "Add Helper class" - ElfSundae/laravel-api - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 25c4d3...1a1372 )

by Elf

created 2017-09-14 16:05 UTC

VerifyApiToken::setCurrentAppKeyForRequest() A

↳ Parent: Project

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes

Metric	Value
cc	1
eloc	2
c	0
b	0
f	0
nc	1
nop	1
dl	0
loc	4
ccs	0
cts	4
cp	0
crap	2
rs	10

<?php

namespace ElfSundae\Laravel\Api\Middleware;

use Closure;
use ElfSundae\Laravel\Api\Token;
use ElfSundae\Laravel\Api\Helper;
use ElfSundae\Laravel\Api\Exceptions\InvalidApiTokenException;

class VerifyApiToken
{
    /**
     * The Token instance.
     *
     * @var \ElfSundae\Laravel\Api\Token
     */
    protected $token;

    /**
     * The URIs that should be excluded from token verification.
     *
     * @var array
     */
    protected $except = [];

    /**
     * Create the middleware.
     *
     * @param  \ElfSundae\Laravel\Api\Token  $token
     */
    public function __construct(Token $token)
    {
        $this->token = $token;
    }

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     *
     * @throws \ElfSundae\Laravel\Api\Exceptions\InvalidApiTokenException
     */
    public function handle($request, Closure $next)
    {
        if ($this->inExceptArray($request) || $this->verifyToken($request)) {
            Helper::setCurrentAppKeyForRequest($request, $this->getKeyFromRequest($request));


            return $next($request);
        }

        throw new InvalidApiTokenException;
    }

    /**
     * Determine if the request has a URI that should be passed through verification.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return bool
     */
    protected function inExceptArray($request)
    {
        foreach ($this->except as $except) {
            if ($except !== '/') {
                $except = trim($except, '/');
            }

            if ($request->is($except)) {
                return true;
            }
        }

        return false;
    }

    /**
     * Verify the api token from request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return bool
     */
    protected function verifyToken($request)
    {
        $time = (int) ($request->input('_time') ?: $request->header('X-API-TIME'));
        $token = $request->input('_token') ?: $request->header('X-API-TOKEN');

        return abs(time() - $time) < (int) config('api.token_duration') &&
            $this->token->verify($token, $this->getKeyFromRequest($request), $time);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
    }

    /**
     * Get the app key from the request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return string
     */
    protected function getKeyFromRequest($request)
    {
        return $request->input('_key') ?: $request->header('X-API-KEY');
    }
}


1			<?php
2
3			namespace ElfSundae\Laravel\Api\Middleware;
4
5			use Closure;
6			use ElfSundae\Laravel\Api\Token;
7			use ElfSundae\Laravel\Api\Helper;
8			use ElfSundae\Laravel\Api\Exceptions\InvalidApiTokenException;
9
10			class VerifyApiToken
11			{
12			/**
13			* The Token instance.
14			*
15			* @var \ElfSundae\Laravel\Api\Token
16			*/
17			protected $token;
18
19			/**
20			* The URIs that should be excluded from token verification.
21			*
22			* @var array
23			*/
24			protected $except = [];
25
26			/**
27			* Create the middleware.
28			*
29			* @param \ElfSundae\Laravel\Api\Token $token
30			*/
31			public function __construct(Token $token)
32			{
33			$this->token = $token;
34			}
35
36			/**
37			* Handle an incoming request.
38			*
39			* @param \Illuminate\Http\Request $request
40			* @param \Closure $next
41			* @return mixed
42			*
43			* @throws \ElfSundae\Laravel\Api\Exceptions\InvalidApiTokenException
44			*/
45			public function handle($request, Closure $next)
46			{
47			if ($this->inExceptArray($request) \|\| $this->verifyToken($request)) {
48			Helper::setCurrentAppKeyForRequest($request, $this->getKeyFromRequest($request));
			0 ignored issues – show Bug introduced 2017-09-14 16:07 UTC by Report Bug Copy Issue Report It seems like `$this->getKeyFromRequest($request)` targeting `ElfSundae\Laravel\Api\Mi...en::getKeyFromRequest()` can also be of type `array`; however, `ElfSundae\Laravel\Api\He...rrentAppKeyForRequest()` does only seem to accept `string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
49
50			return $next($request);
51			}
52
53			throw new InvalidApiTokenException;
54			}
55
56			/**
57			* Determine if the request has a URI that should be passed through verification.
58			*
59			* @param \Illuminate\Http\Request $request
60			* @return bool
61			*/
62			protected function inExceptArray($request)
63			{
64			foreach ($this->except as $except) {
65			if ($except !== '/') {
66			$except = trim($except, '/');
67			}
68
69			if ($request->is($except)) {
70			return true;
71			}
72			}
73
74			return false;
75			}
76
77			/**
78			* Verify the api token from request.
79			*
80			* @param \Illuminate\Http\Request $request
81			* @return bool
82			*/
83			protected function verifyToken($request)
84			{
85			$time = (int) ($request->input('_time') ?: $request->header('X-API-TIME'));
86			$token = $request->input('_token') ?: $request->header('X-API-TOKEN');
87
88			return abs(time() - $time) < (int) config('api.token_duration') &&
89			$this->token->verify($token, $this->getKeyFromRequest($request), $time);
			0 ignored issues – show Bug introduced 2017-09-13 13:22 UTC by Report Bug Copy Issue Report It seems like `$token` defined by `$request->input('_token'...->header('X-API-TOKEN')` on line `86` can also be of type `array`; however, `ElfSundae\Laravel\Api\Token::verify()` does only seem to accept `string`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history... Bug introduced 2017-09-13 13:22 UTC by Report Bug Copy Issue Report It seems like `$this->getKeyFromRequest($request)` targeting `ElfSundae\Laravel\Api\Mi...en::getKeyFromRequest()` can also be of type `array`; however, `ElfSundae\Laravel\Api\Token::verify()` does only seem to accept `string`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
90			}
91
92			/**
93			* Get the app key from the request.
94			*
95			* @param \Illuminate\Http\Request $request
96			* @return string
97			*/
98			protected function getKeyFromRequest($request)
99			{
100			return $request->input('_key') ?: $request->header('X-API-KEY');
101			}
102			}
103

ElfSundae / laravel-api

Push — master ( 25c4d3...1a1372 )

VerifyApiToken::setCurrentAppKeyForRequest() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like