OidConnectGuard - Code Metrics - Inspection of "/localized_urls: Localized pages work" - GCTC-NTGC/TalentCloud - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — dev (#321)

by Tristan

created 2018-09-14 19:33 UTC

OidConnectGuard A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	181
Duplicated Lines	0 %

Test Coverage

Coverage

Importance

Changes

Metric	Value
wmc	23
eloc	63
dl	0
loc	181
ccs	0
cts	67
cp	0
rs	10
c	0
b	0
f	0

10 Methods

Rating	Name	Size	Complexity
A	guest()	2	1
A	setUser()	3	1
A	id()	4	2
A	__construct()	12	1
A	check()	2	1
A	getProvider()	3	1
A	validate()	10	4
A	setProvider()	3	1
A	authenticate()	7	2
B	user()	51	9

<?php


namespace App\Services\Auth;

use Illuminate\Http\Request;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Contracts\Auth\UserProvider;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Auth\AuthenticationException;
use App\Services\Auth\JwtValidator;
use App\Services\Auth\RequestTokenParser;
use App\Services\Auth\Contracts\TokenRefresher;
use App\Exceptions\Auth\TokenStorageException;
use App\Exceptions\Auth\TokenRequestException;

class OidConnectGuard implements Guard {


    protected $request;
    protected $provider;
    protected $requestTokenParser;
    protected $jwtValidator;
    protected $tokenRefresher;

    protected $user;

    /**
     * Set to true when user() has already ran once.
     * @var bool

     */
    protected $userAlreadyAttempted;

    /**
     * Create a new authentication guard.
     *
     *
     * @param UserProvider $provider

     * @param RequestTokenParser $requestTokenParser

     * @param JwtValidator $jwtValidator

     * @param TokenRefresher $tokenRefresher

     * @param Request $request

     */
    public function __construct(UserProvider $provider,
            RequestTokenParser $requestTokenParser,

            JwtValidator $jwtValidator,

            TokenRefresher $tokenRefresher,

            Request $request) {

        $this->request = $request;
        $this->provider = $provider;
        $this->requestTokenParser = $requestTokenParser;
        $this->jwtValidator = $jwtValidator;
        $this->tokenRefresher = $tokenRefresher;
        $this->user = NULL;

        $this->userAlreadyAttempted = false;
    }

    /**
     * Determine if the current user is authenticated.
     *
     * @return bool
     */
    public function check() {
        return !is_null($this->user());
    }

    /**
     * Determine if the current user is a guest.
     *
     * @return bool
     */
    public function guest() {
        return !$this->check();
    }

    /**
     * Get the ID for the currently authenticated user.
     *
     * @return int|null
     */
    public function id()
    {
        if ($this->user()) {
            return $this->user()->getAuthIdentifier();
        }
    }

    /**
     * Set the current user.
     *
     * @param  \Illuminate\Contracts\Auth\Authenticatable  $user

     * @return void

     */
    public function setUser(Authenticatable $user)
    {
        $this->user = $user;
    }

    public function user() {

        // If we've already retrieved the user for the current request we can just
        // return it back immediately. We do not want to fetch the user data on
        // every call to this method because that would be tremendously slow.
        if (! is_null($this->user) || $this->userAlreadyAttempted) {
            return $this->user;
        }

        $this->userAlreadyAttempted = true;
        $user = null;

        try {
            $idToken = $this->requestTokenParser->parse($this->request);
        } catch (AuthenticationException $exception) {
            //Return a null user is enough, swallow the exception here
            debugbar()->warning($exception->getMessage());
            return $user;
        }

        if (!$this->jwtValidator->claimsAreValid($idToken) ||
                !$this->jwtValidator->signatureIsValid($idToken)) {

            debugbar()->warning("Bearer token exists but is not valid");
            return $user;
        }

        //At this point, token is definitely valid
        if ($this->jwtValidator->isExpired($idToken)) {
            debugbar()->info("Id token expired");

            $iss = $idToken->getClaim("iss");
            $sub = $idToken->getClaim("sub");
            try {
                $idToken = $this->tokenRefresher->refreshIDToken($iss, $sub);
                debugbar()->info("Refreshed id token");

            } catch (TokenStorageException $storageException) {
                debugbar()->warning($storageException->getMessage());
                return $user;
            } catch (TokenRequestException $requestException) {
                debugBar()->warning($requestException->getMessage());
                return $user;
            }
            $this->requestTokenParser->save($idToken);
        }

        $credentials = $idToken->getClaims();

        $user = $this->provider->retrieveByCredentials($credentials);

        $this->user = $user;
        return $user;
    }

    public function validate(array $credentials = array()): bool {

        debugbar()->info("in Guard.validate()");
        if (empty($credentials['id_token'])) {
            return false;
        }
        $token = $this->requestTokenParser->parseFromString($credentials['id_token']);


        return $this->jwtValidator->claimsAreValid($idToken) &&

            !$this->jwtValidator->isExpired($idToken) &&
            $this->jwtValidator->signatureIsValid($idToken);
    }

    /**
     * Get the user provider used by the guard.
     *
     * @return \Illuminate\Contracts\Auth\UserProvider
     */
    public function getProvider()
    {
        return $this->provider;
    }

    /**
     * Set the user provider used by the guard.
     *
     * @param  \Illuminate\Contracts\Auth\UserProvider  $provider

     * @return void

     */
    public function setProvider(UserProvider $provider)
    {
        $this->provider = $provider;
    }

    /**
     * Determine if the current user is authenticated.
     *
     * @return \Illuminate\Contracts\Auth\Authenticatable
     *
     * @throws \Illuminate\Auth\AuthenticationException
     */
    public function authenticate()
    {
        if (! is_null($user = $this->user())) {
            return $user;
        }

        throw new AuthenticationException;
    }
}


1			<?php
2
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing file doc comment Loading history...
3			namespace App\Services\Auth;
4
5			use Illuminate\Http\Request;
6			use Illuminate\Contracts\Auth\Guard;
7			use Illuminate\Contracts\Auth\UserProvider;
8			use Illuminate\Contracts\Auth\Authenticatable;
9			use Illuminate\Auth\AuthenticationException;
10			use App\Services\Auth\JwtValidator;
11			use App\Services\Auth\RequestTokenParser;
12			use App\Services\Auth\Contracts\TokenRefresher;
13			use App\Exceptions\Auth\TokenStorageException;
14			use App\Exceptions\Auth\TokenRequestException;
15
16			class OidConnectGuard implements Guard {
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing doc comment for class OidConnectGuard Loading history... Coding Style introduced 2018-08-28 01:31 UTC by Report Bug Copy Issue Report Opening brace of a class must be on the line after the definition Loading history...
17
18			protected $request;
19			protected $provider;
20			protected $requestTokenParser;
21			protected $jwtValidator;
22			protected $tokenRefresher;
23
24			protected $user;
25
26			/**
27			* Set to true when user() has already ran once.
28			* @var bool
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report There must be exactly one blank line before the tags in a doc comment Loading history...
29			*/
30			protected $userAlreadyAttempted;
31
32			/**
33			* Create a new authentication guard.
34			*
35			*
36			* @param UserProvider $provider
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Expected 7 spaces after parameter type; 1 found Loading history... Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing parameter comment Loading history... Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report There must be exactly one blank line before the tags in a doc comment Loading history...
37			* @param RequestTokenParser $requestTokenParser
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing parameter comment Loading history...
38			* @param JwtValidator $jwtValidator
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing parameter comment Loading history... Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Expected 7 spaces after parameter type; 1 found Loading history...
39			* @param TokenRefresher $tokenRefresher
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Expected 5 spaces after parameter type; 1 found Loading history... Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing parameter comment Loading history...
40			* @param Request $request
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Expected 12 spaces after parameter type; 1 found Loading history... Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing parameter comment Loading history...
41			*/
42			public function __construct(UserProvider $provider,
43			RequestTokenParser $requestTokenParser,
			0 ignored issues – show Coding Style introduced 2018-08-28 01:31 UTC by Report Bug Copy Issue Report Multi-line function declaration not indented correctly; expected 8 spaces but found 12 Loading history...
44			JwtValidator $jwtValidator,
			0 ignored issues – show Coding Style introduced 2018-08-28 01:31 UTC by Report Bug Copy Issue Report Multi-line function declaration not indented correctly; expected 8 spaces but found 12 Loading history...
45			TokenRefresher $tokenRefresher,
			0 ignored issues – show Coding Style introduced 2018-08-28 01:31 UTC by Report Bug Copy Issue Report Multi-line function declaration not indented correctly; expected 8 spaces but found 12 Loading history...
46			Request $request) {
			0 ignored issues – show Coding Style introduced 2018-08-28 01:31 UTC by Report Bug Copy Issue Report Multi-line function declaration not indented correctly; expected 8 spaces but found 12 Loading history... Coding Style introduced 2018-08-28 01:31 UTC by Report Bug Copy Issue Report The closing parenthesis of a multi-line function declaration must be on a new line Loading history...
47			$this->request = $request;
48			$this->provider = $provider;
49			$this->requestTokenParser = $requestTokenParser;
50			$this->jwtValidator = $jwtValidator;
51			$this->tokenRefresher = $tokenRefresher;
52			$this->user = NULL;
			0 ignored issues – show Coding Style introduced 2018-08-28 01:31 UTC by Report Bug Copy Issue Report `TRUE`, `FALSE` and `NULL` must be lowercase; expected `null`, but found `NULL`. Loading history...
53			$this->userAlreadyAttempted = false;
54			}
55
56			/**
57			* Determine if the current user is authenticated.
58			*
59			* @return bool
60			*/
61			public function check() {
62			return !is_null($this->user());
63			}
64
65			/**
66			* Determine if the current user is a guest.
67			*
68			* @return bool
69			*/
70			public function guest() {
71			return !$this->check();
72			}
73
74			/**
75			* Get the ID for the currently authenticated user.
76			*
77			* @return int\|null
78			*/
79			public function id()
80			{
81			if ($this->user()) {
82			return $this->user()->getAuthIdentifier();
83			}
84			}
85
86			/**
87			* Set the current user.
88			*
89			* @param \Illuminate\Contracts\Auth\Authenticatable $user
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Expected 1 spaces after parameter type; 2 found Loading history... Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing parameter comment Loading history...
90			* @return void
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Tag cannot be grouped with parameter tags in a doc comment Loading history...
91			*/
92			public function setUser(Authenticatable $user)
93			{
94			$this->user = $user;
95			}
96
97			public function user() {
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing doc comment for function user() Loading history...
98			// If we've already retrieved the user for the current request we can just
99			// return it back immediately. We do not want to fetch the user data on
100			// every call to this method because that would be tremendously slow.
101			if (! is_null($this->user) \|\| $this->userAlreadyAttempted) {
102			return $this->user;
103			}
104
105			$this->userAlreadyAttempted = true;
106			$user = null;
107
108			try {
109			$idToken = $this->requestTokenParser->parse($this->request);
110			} catch (AuthenticationException $exception) {
111			//Return a null user is enough, swallow the exception here
112			debugbar()->warning($exception->getMessage());
113			return $user;
114			}
115
116			if (!$this->jwtValidator->claimsAreValid($idToken) \|\|
117			!$this->jwtValidator->signatureIsValid($idToken)) {
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Each line in a multi-line IF statement must begin with a boolean operator Loading history... Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Closing parenthesis of a multi-line IF statement must be on a new line Loading history... Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Multi-line IF statement not indented correctly; expected 12 spaces but found 16 Loading history...
118			debugbar()->warning("Bearer token exists but is not valid");
119			return $user;
120			}
121
122			//At this point, token is definitely valid
123			if ($this->jwtValidator->isExpired($idToken)) {
124			debugbar()->info("Id token expired");
125
126			$iss = $idToken->getClaim("iss");
127			$sub = $idToken->getClaim("sub");
128			try {
129			$idToken = $this->tokenRefresher->refreshIDToken($iss, $sub);
130			debugbar()->info("Refreshed id token");
131
132			} catch (TokenStorageException $storageException) {
133			debugbar()->warning($storageException->getMessage());
134			return $user;
135			} catch (TokenRequestException $requestException) {
136			debugBar()->warning($requestException->getMessage());
137			return $user;
138			}
139			$this->requestTokenParser->save($idToken);
140			}
141
142			$credentials = $idToken->getClaims();
143
144			$user = $this->provider->retrieveByCredentials($credentials);
145
146			$this->user = $user;
147			return $user;
148			}
149
150			public function validate(array $credentials = array()): bool {
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing doc comment for function validate() Loading history...
151			debugbar()->info("in Guard.validate()");
152			if (empty($credentials['id_token'])) {
153			return false;
154			}
155			$token = $this->requestTokenParser->parseFromString($credentials['id_token']);
			0 ignored issues – show Unused Code introduced 2018-08-24 15:45 UTC by Report Bug Copy Issue Report The assignment to `$token` is dead and can be removed. Loading history...
156
157			return $this->jwtValidator->claimsAreValid($idToken) &&
			0 ignored issues – show Comprehensibility Best Practice introduced 2018-08-24 15:45 UTC by Report Bug Copy Issue Report The variable `$idToken` seems to be never defined. Loading history...
158			!$this->jwtValidator->isExpired($idToken) &&
159			$this->jwtValidator->signatureIsValid($idToken);
160			}
161
162			/**
163			* Get the user provider used by the guard.
164			*
165			* @return \Illuminate\Contracts\Auth\UserProvider
166			*/
167			public function getProvider()
168			{
169			return $this->provider;
170			}
171
172			/**
173			* Set the user provider used by the guard.
174			*
175			* @param \Illuminate\Contracts\Auth\UserProvider $provider
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Expected 1 spaces after parameter type; 2 found Loading history... Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Missing parameter comment Loading history...
176			* @return void
			0 ignored issues – show Coding Style introduced 2018-08-25 20:46 UTC by Report Bug Copy Issue Report Tag cannot be grouped with parameter tags in a doc comment Loading history...
177			*/
178			public function setProvider(UserProvider $provider)
179			{
180			$this->provider = $provider;
181			}
182
183			/**
184			* Determine if the current user is authenticated.
185			*
186			* @return \Illuminate\Contracts\Auth\Authenticatable
187			*
188			* @throws \Illuminate\Auth\AuthenticationException
189			*/
190			public function authenticate()
191			{
192			if (! is_null($user = $this->user())) {
193			return $user;
194			}
195
196			throw new AuthenticationException;
197			}
198			}
199

GCTC-NTGC / TalentCloud

Pull Request — dev (#321)

OidConnectGuard A

Complexity

Size/Duplication

Test Coverage

Importance

10 Methods

Duplication Side-by-Side

Filter issues like