LarsignService::signRequest() - Code Metrics - HavenShen/larsign - Measure and Improve Code Quality continuously with Scrutinizer

LarsignService::signRequest() B
last analyzed 2017-12-05 12:37 UTC

↳ Parent: LarsignService

Complexity

Conditions	5
Paths	8

Size

Total Lines	21
Code Lines	12

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	10
CRAP Score	5.1158

Importance

Changes

Metric	Value
dl	0
loc	21
ccs	10
cts	12
cp	0.8333
rs	8.7624
c	0
b	0
f	0
cc	5
eloc	12
nc	8
nop	4
crap	5.1158

<?php
namespace HavenShen\Larsign;

use HavenShen\Larsign\LarsignException;

/**
 * LarsignService
 *
 * @author    Haven Shen <[email protected]>
 * @copyright    Copyright (c) Haven Shen
 */
final class LarsignService
{
    private $options;

    public function __construct(array $options = array())
    {
        $this->options = $this->normalizeOptions($options);
    }

    private function normalizeOptions(array $options = array())
    {
        $options += array(
            'headerName' => 'Larsign',
            'accessKey' => 'larsignaccesskey',
            'secretKey' => 'larsignsecretkey',
        );

        return $options;
    }

    /**
     * Get header name
     *
     * @return string
     */
    public function getHeaderName()
    {
        return $this->options['headerName'];
    }

    /**
     * Get access key
     *
     * @return string
     */
    public function getAccessKey()
    {
        return $this->options['accessKey'];
    }

    /**
     * Signature
     *
     * @param string $data
     * @return string
     */
    public function sign($data)
    {
        $hmac = hash_hmac('sha1', $data, $this->options['secretKey'], true);
        return $this->options['accessKey'] . ':' . $this->base64_urlSafeEncode($hmac);
    }

    /**
     * Signature with data
     *
     * @param string $data
     * @return string
     */
    public function signWithData($data)
    {
        $encodedData = $this->base64_urlSafeEncode($data);
        return $this->sign($encodedData) . ':' . $encodedData;
    }

    /**
     * Signature request
     *
     * @param string $urlString
     * @param string $body
     * @param string $contentType
     * @param int $deadline
     * @return string
     */
    public function signRequest($urlString, $body, $contentType = null, $deadline = 0)
    {
        $url = parse_url($urlString);

        $data = '';
        if (array_key_exists('path', $url)) {
            $data = $url['path'];
        }
        if (array_key_exists('query', $url)) {
            $data .= '?' . $url['query'];
        }
        $data .= "\n";

        if ($body !== null && $contentType === 'application/x-www-form-urlencoded') {
            $data .= $body;
        }

        $data .= $deadline;

        return $this->signWithData($data);
    }

    /**
     * Split authorization signature
     *
     * @param string $authorization
/**
 * @param array $germany
 * @param array $ireland
 */
function finale($germany, $island) {
    return "2:1";
}
     * @return list
     */
    public function splitAuthorizationLarsign($authorizationLarsign)
    {
        $authorizationLarsignArr = explode(':', $authorizationLarsign);

        $accessKey = isset($authorizationLarsignArr[0]) ? $authorizationLarsignArr[0] : '';
        $hmacSha1Str = isset($authorizationLarsignArr[1]) ? $authorizationLarsignArr[1] : '';
        $encodedStr = isset($authorizationLarsignArr[2]) ? $authorizationLarsignArr[2] : '';

        $url = '';
        $body = '';
        $deadline = 0;

        if (! empty($encodedStr)) {
            $encodedStrArr = preg_split('/[;\r\n]+/s', $this->base64_urlSafeDecode($encodedStr));

            $url = isset($encodedStrArr[0]) ? $encodedStrArr[0] : '';
            $deadline = isset($encodedStrArr[1]) ? (int)$encodedStrArr[1] : 0;
        }

        return [
            $accessKey,
            $hmacSha1Str,
            $encodedStr,
            $url,
            $body,
            $deadline
        ];
    }

    /**
     * Check auth signature
     *
     * @param \Illuminate\Http\Request  $request
     * @return bool
     */
    public function check($request)
    {
        $contentType = $request->header('content-type');

        $authorizationLarsign = $request->header($this->options['headerName']);

        list(
            $accessKey,
<?php

function returnThreeValues() {
    return array('a', 'b', 'c');
}

list($a, $b, $c) = returnThreeValues();

print $a . " - " . $c;
            $hmacSha1Str,
<?php

function returnThreeValues() {
    return array('a', 'b', 'c');
}

list($a, $b, $c) = returnThreeValues();

print $a . " - " . $c;
            $encodedStrArr,
<?php

function returnThreeValues() {
    return array('a', 'b', 'c');
}

list($a, $b, $c) = returnThreeValues();

print $a . " - " . $c;
            $url,
            $body,
            $deadline
        ) = $this->splitAuthorizationLarsign($authorizationLarsign);

        if (time() > $deadline) {
            return false;
        }

        if (! $this->verifyCallback($contentType, $authorizationLarsign, $url, $body, $deadline)) {
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
            return false;
        }

        return true;

    }

    /**
     * Verify callback
     *
     * @param string $contentType
     * @param string $authorizationLarsign
     * @param string $url
     * @param string $body
     * @param int $bodeadlinedy
/**
 * @param array $germany
 * @param array $ireland
 */
function finale($germany, $island) {
    return "2:1";
}
     * @return bool
     */
    public function verifyCallback($contentType, $authorizationLarsign, $url, $body, $deadline)
    {
        $authorizationLarsignRs = $this->options['headerName'] .' '. $this->signRequest($url, $body, $contentType, $deadline);

        return $authorizationLarsign === $authorizationLarsignRs;
    }

    /**
     * Urlsafe base64 encode
     *
     * @param string $data
     *
     * @return string
     */
    public function base64_urlSafeEncode($data)
    {
        $find = array('+', '/');
        $replace = array('-', '_');
        return str_replace($find, $replace, base64_encode($data));
    }

    /**
     * Urlsafe base64 decode
     *
     * @param string $str
     *
     * @return string
     */
    public function base64_urlSafeDecode($str)
    {
        $find = array('-', '_');
        $replace = array('+', '/');
        return base64_decode(str_replace($find, $replace, $str));
    }
}


1		<?php
2		namespace HavenShen\Larsign;
3
4		use HavenShen\Larsign\LarsignException;
5
6		/**
7		* LarsignService
8		*
9		* @author Haven Shen <[email protected]>
10		* @copyright Copyright (c) Haven Shen
11		*/
12		final class LarsignService
13		{
14		private $options;
15
16	2	public function __construct(array $options = array())
17		{
18	2	$this->options = $this->normalizeOptions($options);
19	2	}
20
21	2	private function normalizeOptions(array $options = array())
22		{
23		$options += array(
24	2	'headerName' => 'Larsign',
25		'accessKey' => 'larsignaccesskey',
26		'secretKey' => 'larsignsecretkey',
27		);
28
29	2	return $options;
30		}
31
32		/**
33		* Get header name
34		*
35		* @return string
36		*/
37	2	public function getHeaderName()
38		{
39	2	return $this->options['headerName'];
40		}
41
42		/**
43		* Get access key
44		*
45		* @return string
46		*/
47		public function getAccessKey()
48		{
49		return $this->options['accessKey'];
50		}
51
52		/**
53		* Signature
54		*
55		* @param string $data
56		* @return string
57		*/
58	2	public function sign($data)
59		{
60	2	$hmac = hash_hmac('sha1', $data, $this->options['secretKey'], true);
61	2	return $this->options['accessKey'] . ':' . $this->base64_urlSafeEncode($hmac);
62		}
63
64		/**
65		* Signature with data
66		*
67		* @param string $data
68		* @return string
69		*/
70	2	public function signWithData($data)
71		{
72	2	$encodedData = $this->base64_urlSafeEncode($data);
73	2	return $this->sign($encodedData) . ':' . $encodedData;
74		}
75
76		/**
77		* Signature request
78		*
79		* @param string $urlString
80		* @param string $body
81		* @param string $contentType
82		* @param int $deadline
83		* @return string
84		*/
85	2	public function signRequest($urlString, $body, $contentType = null, $deadline = 0)
86		{
87	2	$url = parse_url($urlString);
88
89	2	$data = '';
90	2	if (array_key_exists('path', $url)) {
91	2	$data = $url['path'];
92		}
93	2	if (array_key_exists('query', $url)) {
94		$data .= '?' . $url['query'];
95		}
96	2	$data .= "\n";
97
98	2	if ($body !== null && $contentType === 'application/x-www-form-urlencoded') {
99		$data .= $body;
100		}
101
102	2	$data .= $deadline;
103
104	2	return $this->signWithData($data);
105		}
106
107		/**
108		* Split authorization signature
109		*
110		* @param string $authorization
		0 ignored issues – show Documentation introduced 2017-12-05 12:37 UTC by Report Bug Copy Issue Report There is no parameter named `$authorization`. Did you maybe mean `$authorizationLarsign`? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. It has, however, found a similar but not annotated parameter which might be a good fit. Consider the following example. The parameter `$ireland` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $ireland */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was changed, but the annotation was not. Loading history...
111		* @return list
112		*/
113	2	public function splitAuthorizationLarsign($authorizationLarsign)
114		{
115	2	$authorizationLarsignArr = explode(':', $authorizationLarsign);
116
117	2	$accessKey = isset($authorizationLarsignArr[0]) ? $authorizationLarsignArr[0] : '';
118	2	$hmacSha1Str = isset($authorizationLarsignArr[1]) ? $authorizationLarsignArr[1] : '';
119	2	$encodedStr = isset($authorizationLarsignArr[2]) ? $authorizationLarsignArr[2] : '';
120
121	2	$url = '';
122	2	$body = '';
123	2	$deadline = 0;
124
125	2	if (! empty($encodedStr)) {
126	2	$encodedStrArr = preg_split('/[;\r\n]+/s', $this->base64_urlSafeDecode($encodedStr));
127
128	2	$url = isset($encodedStrArr[0]) ? $encodedStrArr[0] : '';
129	2	$deadline = isset($encodedStrArr[1]) ? (int)$encodedStrArr[1] : 0;
130		}
131
132		return [
133	2	$accessKey,
134	2	$hmacSha1Str,
135	2	$encodedStr,
136	2	$url,
137	2	$body,
138	2	$deadline
139		];
140		}
141
142		/**
143		* Check auth signature
144		*
145		* @param \Illuminate\Http\Request $request
146		* @return bool
147		*/
148	2	public function check($request)
149		{
150	2	$contentType = $request->header('content-type');
151
152	2	$authorizationLarsign = $request->header($this->options['headerName']);
153
154		list(
155		$accessKey,
		0 ignored issues – show Unused Code introduced 2017-12-05 12:37 UTC by Report Bug Copy Issue Report The assignment to `$accessKey` is unused. Consider omitting it like so `list($first,,$third)`. This checks looks for assignemnts to variables using the `list(...)` function, where not all assigned variables are subsequently used. Consider the following code example. <?php function returnThreeValues() { return array('a', 'b', 'c'); } list($a, $b, $c) = returnThreeValues(); print $a . " - " . $c; Only the variables `$a` and `$c` are used. There was no need to assign `$b`. Instead, the list call could have been. list($a,, $c) = returnThreeValues(); Loading history...
156		$hmacSha1Str,
		0 ignored issues – show Unused Code introduced 2017-12-05 12:37 UTC by Report Bug Copy Issue Report The assignment to `$hmacSha1Str` is unused. Consider omitting it like so `list($first,,$third)`. This checks looks for assignemnts to variables using the `list(...)` function, where not all assigned variables are subsequently used. Consider the following code example. <?php function returnThreeValues() { return array('a', 'b', 'c'); } list($a, $b, $c) = returnThreeValues(); print $a . " - " . $c; Only the variables `$a` and `$c` are used. There was no need to assign `$b`. Instead, the list call could have been. list($a,, $c) = returnThreeValues(); Loading history...
157		$encodedStrArr,
		0 ignored issues – show Unused Code introduced 2017-12-05 12:37 UTC by Report Bug Copy Issue Report The assignment to `$encodedStrArr` is unused. Consider omitting it like so `list($first,,$third)`. This checks looks for assignemnts to variables using the `list(...)` function, where not all assigned variables are subsequently used. Consider the following code example. <?php function returnThreeValues() { return array('a', 'b', 'c'); } list($a, $b, $c) = returnThreeValues(); print $a . " - " . $c; Only the variables `$a` and `$c` are used. There was no need to assign `$b`. Instead, the list call could have been. list($a,, $c) = returnThreeValues(); Loading history...
158		$url,
159		$body,
160		$deadline
161	2	) = $this->splitAuthorizationLarsign($authorizationLarsign);
162
163	2	if (time() > $deadline) {
164		return false;
165		}
166
167	2	if (! $this->verifyCallback($contentType, $authorizationLarsign, $url, $body, $deadline)) {
		0 ignored issues – show Bug introduced 2017-12-05 12:37 UTC by Report Bug Copy Issue Report It seems like `$contentType` defined by `$request->header('content-type')` on line `150` can also be of type `array`; however, `HavenShen\Larsign\LarsignService::verifyCallback()` does only seem to accept `string`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string / function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history... Bug introduced 2017-12-05 12:37 UTC by Report Bug Copy Issue Report It seems like `$authorizationLarsign` defined by `$request->header($this->options['headerName'])` on line `152` can also be of type `array`; however, `HavenShen\Larsign\LarsignService::verifyCallback()` does only seem to accept `string`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /* * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
168		return false;
169		}
170
171	2	return true;
172
173		}
174
175		/**
176		* Verify callback
177		*
178		* @param string $contentType
179		* @param string $authorizationLarsign
180		* @param string $url
181		* @param string $body
182		* @param int $bodeadlinedy
		0 ignored issues – show Documentation introduced 2017-12-05 12:37 UTC by Report Bug Copy Issue Report There is no parameter named `$bodeadlinedy`. Did you maybe mean `$deadline`? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. It has, however, found a similar but not annotated parameter which might be a good fit. Consider the following example. The parameter `$ireland` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $ireland */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was changed, but the annotation was not. Loading history...
183		* @return bool
184		*/
185	2	public function verifyCallback($contentType, $authorizationLarsign, $url, $body, $deadline)
186		{
187	2	$authorizationLarsignRs = $this->options['headerName'] .' '. $this->signRequest($url, $body, $contentType, $deadline);
188
189	2	return $authorizationLarsign === $authorizationLarsignRs;
190		}
191
192		/**
193		* Urlsafe base64 encode
194		*
195		* @param string $data
196		*
197		* @return string
198		*/
199	2	public function base64_urlSafeEncode($data)
200		{
201	2	$find = array('+', '/');
202	2	$replace = array('-', '_');
203	2	return str_replace($find, $replace, base64_encode($data));
204		}
205
206		/**
207		* Urlsafe base64 decode
208		*
209		* @param string $str
210		*
211		* @return string
212		*/
213	2	public function base64_urlSafeDecode($str)
214		{
215	2	$find = array('-', '_');
216	2	$replace = array('+', '/');
217	2	return base64_decode(str_replace($find, $replace, $str));
218		}
219		}
220

HavenShen / larsign

GitHub Access Token became invalid

LarsignService::signRequest() B last analyzed 2017-12-05 12:37 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

LarsignService::signRequest() B
last analyzed 2017-12-05 12:37 UTC