App\Services\Auth\JwtValidator

Complexity

Total Complexity

6

Size/Duplication

Total Lines	46
Duplicated Lines	0 %

Importance

Changes

0

4 Methods

Rating	Name	Duplication	Size	Complexity
A	isExpired()	0	2	1
A	signatureIsValid()	0	16	2
A	__construct()	0	3	1
A	claimsAreValid()	0	5	2

<?php
namespace App\Services\Auth;

use Lcobucci\JWT\Token;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use App\Services\Auth\JwtKeysFetcher;

class JwtValidator {
    
    /**
     * Will fetch and cache JWT keys
     * @var JwtKeysFetcher 
     */
    protected $keyFetcher;
    
    /**
     * A map of valid Issuer->Audience pairs
     * @var array 

@var annotation of property \App\Services\Auth\JwtValidator::$validIssAud does not specify type hint for its items.

     */
    protected $validIssAud;
    
    public function __construct(JwtKeysFetcher $keyFetcher, array $validIssAud) {

Method \App\Services\Auth\JwtValidator::__construct() does not have @param annotation for its traversable parameter $validIssAud.

Missing doc comment for function __construct()

        $this->keyFetcher = $keyFetcher;
        $this->validIssAud = $validIssAud;
    }
    
    public function signatureIsValid(Token $token) {

Method \App\Services\Auth\JwtValidator::signatureIsValid() does not have return type hint nor @return annotation for its return value.

Missing doc comment for function signatureIsValid()

        $kid = $token->getHeader("kid");
        $alg = $token->getHeader("alg");
        $publicKey = $this->keyFetcher->getByKID($kid);
        
        switch ($alg) {
            case "RS256":
                $signer = new Sha256();
                break;
            default:
                $signer = new Sha256();
                break;
        }

        $signatureIsValid = $token->verify($signer, $publicKey);

It seems like $publicKey can also be of type Lcobucci\JWT\Signer\Key; however, parameter $key of Lcobucci\JWT\Token::verify() does only seem to accept string, maybe add an additional type check?

        return $signatureIsValid;
    }
    
    public function isExpired(Token $token) {

Method \App\Services\Auth\JwtValidator::isExpired() does not have return type hint nor @return annotation for its return value.

Missing doc comment for function isExpired()

        return $token->isExpired();
    }
    
    public function claimsAreValid(Token $token) {

Method \App\Services\Auth\JwtValidator::claimsAreValid() does not have return type hint nor @return annotation for its return value.

Missing doc comment for function claimsAreValid()

        $iss = $token->getClaim("iss");
        $aud = $token->getClaim("aud");
        return array_has($this->validIssAud, $iss) && 
                $this->validIssAud[$iss] === $aud;
    }
}