JwtValidator::signatureIsValid() - Code Metrics - Inspection of "Merge pull request #321 from GCTC-NTGC/feature/loc..." - GCTC-NTGC/TalentCloud - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — dev ( 8f8cd7...5b0430 )

by Tristan

created 2018-09-14 21:50 UTC

JwtValidator::signatureIsValid() A

↳ Parent: JwtValidator

Complexity

Conditions	2
Paths	2

Size

Total Lines	16
Code Lines	12

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	6

Importance

Changes

Metric	Value
eloc	12
dl	0
loc	16
ccs	0
cts	12
cp	0
rs	9.8666
c	0
b	0
f	0
cc	2
nc	2
nop	1
crap	6

<?php
namespace App\Services\Auth;


use Lcobucci\JWT\Token;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use App\Services\Auth\JwtKeysFetcher;

class JwtValidator {

    
    /**
     * Will fetch and cache JWT keys
     * @var JwtKeysFetcher 

     */
    protected $keyFetcher;
    
    /**
     * A map of valid Issuer->Audience pairs
     * @var array 

     */
    protected $validIssAud;
    
    public function __construct(JwtKeysFetcher $keyFetcher, array $validIssAud) {

        $this->keyFetcher = $keyFetcher;
        $this->validIssAud = $validIssAud;
    }
    
    public function signatureIsValid(Token $token) {

        $kid = $token->getHeader("kid");
        $alg = $token->getHeader("alg");
        $publicKey = $this->keyFetcher->getByKID($kid);
        
        switch ($alg) {
            case "RS256":
                $signer = new Sha256();
                break;
            default:
                $signer = new Sha256();
                break;
        }

        $signatureIsValid = $token->verify($signer, $publicKey);
        $signatureIsValid = $token->verify($signer, /** @scrutinizer ignore-type */ $publicKey);
        return $signatureIsValid;
    }
    
    public function isExpired(Token $token) {

        return $token->isExpired();
    }
    
    public function claimsAreValid(Token $token) {

        $iss = $token->getClaim("iss");
        $aud = $token->getClaim("aud");
        return array_has($this->validIssAud, $iss) && 
                $this->validIssAud[$iss] === $aud;
    }
}


GCTC-NTGC / TalentCloud

Push — dev ( 8f8cd7...5b0430 )

JwtValidator::signatureIsValid() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like