RateLimitHandler::generateCacheKey() - Code Metrics - Inspection of "Support request methods selection" - IndraGunawan/api-rate-limit-bundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#12)

unknown

created 2019-07-09 20:34 UTC

RateLimitHandler::generateCacheKey() A

↳ Parent: RateLimitHandler

Complexity

Conditions	3
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	4
CRAP Score	3

Importance

Changes

Metric	Value
dl	0
loc	8
c	0
b	0
f	0
ccs	4
cts	4
cp	1
rs	10
cc	3
nc	2
nop	3
crap	3

<?php

/*
 * This file is part of the ApiRateLimitBundle
 *
 * (c) Indra Gunawan <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Indragunawan\ApiRateLimitBundle\Service;

use Doctrine\Common\Annotations\AnnotationReader;
use Indragunawan\ApiRateLimitBundle\Annotation\ApiRateLimit;
use Psr\Cache\CacheItemPoolInterface;
use ReflectionClass;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;

/**
 * @author Indra Gunawan <[email protected]>
 */
class RateLimitHandler
{
    /**
     * @var CacheItemPoolInterface
     */
    private $cacheItemPool;

    /**
     * @var TokenStorageInterface
     */
    private $tokenStorage;

    /**
     * @var AuthorizationCheckerInterface
     */
    private $authorizationChecker;

    /**
     * @var array
     */
    private $throttleConfig;

    /**
     * @var int
     */
    private $limit;

    /**
     * @var int
     */
    private $remaining;

    /**
     * @var int
     */
    private $reset;

    /**
     * @var
     */
    private $enabled = true;

    /**
     * @var bool
     */
    private $rateLimitExceeded = false;

    /**
     * RateLimitHandler constructor.
     *
     * @param CacheItemPoolInterface $cacheItemPool
     * @param TokenStorageInterface $tokenStorage
     * @param AuthorizationCheckerInterface $authorizationChecker
     * @param array $throttleConfig
     */
    public function __construct(
        CacheItemPoolInterface $cacheItemPool,
        TokenStorageInterface $tokenStorage,
        AuthorizationCheckerInterface $authorizationChecker,
        array $throttleConfig
    ) {
        $this->cacheItemPool = $cacheItemPool;
        $this->tokenStorage = $tokenStorage;
        $this->authorizationChecker = $authorizationChecker;
        $this->throttleConfig = $throttleConfig;
    }

    /**
     * @return bool
     */
    public function isEnabled()
    {
        return $this->enabled;
    }

    /**
     * @return bool
     */
    public function isRateLimitExceeded()
    {
        return $this->rateLimitExceeded;
    }

    /**
     * @return array
     */
    public function getRateLimitInfo(): array
    {
        return [
            'limit'     => $this->limit,
            'remaining' => $this->remaining,
            'reset'     => $this->reset,
        ];
    }

    /**
     * @param string $ip
     * @param string|null $username
     * @param string|null $userRole
     *
     * @return string
     */
    public static function generateCacheKey(string $ip, string $username = null, string $userRole = null): string
    {
        if (!empty($username) && !empty($userRole)) {
            return sprintf('_api_rate_limit_metadata$%s', sha1($userRole . $username));
        }

        return sprintf('_api_rate_limit_metadata$%s', sha1($ip));
    }

    /**
     * @param Request $request
     *
     * @throws \Doctrine\Common\Annotations\AnnotationException
     * @throws \Psr\Cache\InvalidArgumentException
     * @throws \ReflectionException
     */
    public function handle(Request $request)
    {
        $annotationReader = new AnnotationReader();
        /** @var ApiRateLimit $annotation */
        $annotation = $annotationReader->getClassAnnotation(
            new ReflectionClass($request->attributes->get('_api_resource_class')),
            ApiRateLimit::class
        );

        if (null !== $annotation) {
            $this->enabled = $annotation->enabled;
            if(!in_array($request->getMethod(), array_map('strtoupper', $annotation->methods)) &&  !empty($annotation->methods)) {
                // The annotation is ignored as the method is not corresponding
                $annotation = new ApiRateLimit();
            }
        } else {
	    $annotation = new ApiRateLimit();
	}

        list($key, $limit, $period) = $this->getThrottle($request, $annotation);

        if ($this->enabled) {
            $this->decreaseRateLimitRemaining($key, $limit, $period);
        }
    }

    /**
     * @param string $key
     * @param int $limit
     * @param int $period
     *
     * @throws \Psr\Cache\InvalidArgumentException
     */
    protected function decreaseRateLimitRemaining(string $key, int $limit, int $period)
    {
        $cost = 1;
        $currentTime = gmdate('U');

        $rateLimitInfo = $this->cacheItemPool->getItem($key);
        $rateLimit = $rateLimitInfo->get();
        if ($rateLimitInfo->isHit() && $currentTime <= $rateLimit['reset']) {
            // decrease existing rate limit remaining
            if ($rateLimit['remaining'] - $cost >= 0) {
                $remaining = $rateLimit['remaining'] - $cost;
                $reset = $rateLimit['reset'];
                $ttl = $rateLimit['reset'] - $currentTime;
            } else {
                $this->rateLimitExceeded = true;
                $this->reset = $rateLimit['reset'];
                $this->limit = $limit;
                $this->remaining = 0;

                return;
            }
        } else {
            // add / reset new rate limit remaining
            $remaining = $limit - $cost;
            $reset = $currentTime + $period;
            $ttl = $period;
        }

        $rateLimit = [
            'limit' => $limit,
            'remaining' => $remaining,
            'reset' => $reset,
        ];

        $rateLimitInfo->set($rateLimit);
        $rateLimitInfo->expiresAfter($ttl);

        $this->cacheItemPool->save($rateLimitInfo);

        $this->limit = $limit;
        $this->remaining = $remaining;
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}
        $this->reset = $reset;
    }

    /**
     * @param Request $request
     *
     * @return array
     */
    private function getThrottle(Request $request, ApiRateLimit $annotation)
    {
        if (null !== $token = $this->tokenStorage->getToken()) {
            // no anonymous
            if (is_object($token->getUser())) {
                $rolesConfig = $this->throttleConfig['roles'];
                if (!empty($annotation->throttle['roles'])) {
                    $rolesConfig = $annotation->throttle['roles'];
                }

                foreach ($rolesConfig as $role => $throttle) {
                    if ($this->authorizationChecker->isGranted($role)) {
                        $username = $token->getUsername();
                        $userRole = $role;
                        $limit = $throttle['limit'];
                        $period = $throttle['period'];

                        return [self::generateCacheKey($request->getClientIp(), $username, $userRole), $limit, $period];
                    }
                }
            }
        }

        if (!empty($annotation->throttle['default'])) {
            $limit = $annotation->throttle['default']['limit'];
            $period = $annotation->throttle['default']['period'];
        } else {
            $limit = $this->throttleConfig['default']['limit'];
            $period = $this->throttleConfig['default']['period'];
        }

        return [self::generateCacheKey($request->getClientIp()), $limit, $period];
    }
}


1		<?php
2
3		/*
4		* This file is part of the ApiRateLimitBundle
5		*
6		* (c) Indra Gunawan <[email protected]>
7		*
8		* For the full copyright and license information, please view the LICENSE
9		* file that was distributed with this source code.
10		*/
11
12		namespace Indragunawan\ApiRateLimitBundle\Service;
13
14		use Doctrine\Common\Annotations\AnnotationReader;
15		use Indragunawan\ApiRateLimitBundle\Annotation\ApiRateLimit;
16		use Psr\Cache\CacheItemPoolInterface;
17		use ReflectionClass;
18		use Symfony\Component\HttpFoundation\Request;
19		use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
20		use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
21
22		/**
23		* @author Indra Gunawan <[email protected]>
24		*/
25		class RateLimitHandler
26		{
27		/**
28		* @var CacheItemPoolInterface
29		*/
30		private $cacheItemPool;
31
32		/**
33		* @var TokenStorageInterface
34		*/
35		private $tokenStorage;
36
37		/**
38		* @var AuthorizationCheckerInterface
39		*/
40		private $authorizationChecker;
41
42		/**
43		* @var array
44		*/
45		private $throttleConfig;
46
47		/**
48		* @var int
49		*/
50		private $limit;
51
52		/**
53		* @var int
54		*/
55		private $remaining;
56
57		/**
58		* @var int
59		*/
60		private $reset;
61
62		/**
63		* @var
64		*/
65		private $enabled = true;
66
67		/**
68		* @var bool
69		*/
70		private $rateLimitExceeded = false;
71
72		/**
73		* RateLimitHandler constructor.
74		*
75		* @param CacheItemPoolInterface $cacheItemPool
76		* @param TokenStorageInterface $tokenStorage
77		* @param AuthorizationCheckerInterface $authorizationChecker
78		* @param array $throttleConfig
79		*/
80	8	public function __construct(
81		CacheItemPoolInterface $cacheItemPool,
82		TokenStorageInterface $tokenStorage,
83		AuthorizationCheckerInterface $authorizationChecker,
84		array $throttleConfig
85		) {
86	8	$this->cacheItemPool = $cacheItemPool;
87	8	$this->tokenStorage = $tokenStorage;
88	8	$this->authorizationChecker = $authorizationChecker;
89	8	$this->throttleConfig = $throttleConfig;
90	8	}
91
92		/**
93		* @return bool
94		*/
95	8	public function isEnabled()
96		{
97	8	return $this->enabled;
98		}
99
100		/**
101		* @return bool
102		*/
103	5	public function isRateLimitExceeded()
104		{
105	5	return $this->rateLimitExceeded;
106		}
107
108		/**
109		* @return array
110		*/
111	7	public function getRateLimitInfo(): array
112		{
113		return [
114	7	'limit' => $this->limit,
115	7	'remaining' => $this->remaining,
116	7	'reset' => $this->reset,
117		];
118		}
119
120		/**
121		* @param string $ip
122		* @param string\|null $username
123		* @param string\|null $userRole
124		*
125		* @return string
126		*/
127	8	public static function generateCacheKey(string $ip, string $username = null, string $userRole = null): string
128		{
129	8	if (!empty($username) && !empty($userRole)) {
130	2	return sprintf('_api_rate_limit_metadata$%s', sha1($userRole . $username));
131		}
132
133	6	return sprintf('_api_rate_limit_metadata$%s', sha1($ip));
134		}
135
136		/**
137		* @param Request $request
138		*
139		* @throws \Doctrine\Common\Annotations\AnnotationException
140		* @throws \Psr\Cache\InvalidArgumentException
141		* @throws \ReflectionException
142		*/
143	8	public function handle(Request $request)
144		{
145	8	$annotationReader = new AnnotationReader();
146		/** @var ApiRateLimit $annotation */
147	8	$annotation = $annotationReader->getClassAnnotation(
148	8	new ReflectionClass($request->attributes->get('_api_resource_class')),
149	8	ApiRateLimit::class
150		);
151
152	8	if (null !== $annotation) {
153	8	$this->enabled = $annotation->enabled;
154	8	if(!in_array($request->getMethod(), array_map('strtoupper', $annotation->methods)) && !empty($annotation->methods)) {
155		// The annotation is ignored as the method is not corresponding
156	8	$annotation = new ApiRateLimit();
157		}
158		} else {
159		$annotation = new ApiRateLimit();
160		}
161
162	8	list($key, $limit, $period) = $this->getThrottle($request, $annotation);
163
164	8	if ($this->enabled) {
165	7	$this->decreaseRateLimitRemaining($key, $limit, $period);
166		}
167	8	}
168
169		/**
170		* @param string $key
171		* @param int $limit
172		* @param int $period
173		*
174		* @throws \Psr\Cache\InvalidArgumentException
175		*/
176	7	protected function decreaseRateLimitRemaining(string $key, int $limit, int $period)
177		{
178	7	$cost = 1;
179	7	$currentTime = gmdate('U');
180
181	7	$rateLimitInfo = $this->cacheItemPool->getItem($key);
182	7	$rateLimit = $rateLimitInfo->get();
183	7	if ($rateLimitInfo->isHit() && $currentTime <= $rateLimit['reset']) {
184		// decrease existing rate limit remaining
185	2	if ($rateLimit['remaining'] - $cost >= 0) {
186	1	$remaining = $rateLimit['remaining'] - $cost;
187	1	$reset = $rateLimit['reset'];
188	1	$ttl = $rateLimit['reset'] - $currentTime;
189		} else {
190	1	$this->rateLimitExceeded = true;
191	1	$this->reset = $rateLimit['reset'];
192	1	$this->limit = $limit;
193	1	$this->remaining = 0;
194
195	2	return;
196		}
197		} else {
198		// add / reset new rate limit remaining
199	5	$remaining = $limit - $cost;
200	5	$reset = $currentTime + $period;
201	5	$ttl = $period;
202		}
203
204		$rateLimit = [
205	6	'limit' => $limit,
206	6	'remaining' => $remaining,
207	6	'reset' => $reset,
208		];
209
210	6	$rateLimitInfo->set($rateLimit);
211	6	$rateLimitInfo->expiresAfter($ttl);
212
213	6	$this->cacheItemPool->save($rateLimitInfo);
214
215	6	$this->limit = $limit;
216	6	$this->remaining = $remaining;
		0 ignored issues – show Documentation Bug introduced 2017-06-14 03:06 UTC by Report Bug Copy Issue Report It seems like `$remaining` can also be of type `double`. However, the property `$remaining` is declared as type `integer`. Maybe add an additional type check? Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable `$accountId` that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the `id` property of an instance of the `Account` class. This class holds a proper account, so the id value must no longer be false. Either this assignment is in error or a type check should be added for that assignment. class Id { public $id; public function __construct($id) { $this->id = $id; } } class Account { /** @var Id $id */ public $id; } $account_id = false; if (starsAreRight()) { $account_id = new Id(42); } $account = new Account(); if ($account instanceof Id) { $account->id = $account_id; } Loading history...
217	6	$this->reset = $reset;
218	6	}
219
220		/**
221		* @param Request $request
222		*
223		* @return array
224		*/
225	8	private function getThrottle(Request $request, ApiRateLimit $annotation)
226		{
227	8	if (null !== $token = $this->tokenStorage->getToken()) {
228		// no anonymous
229	2	if (is_object($token->getUser())) {
230	2	$rolesConfig = $this->throttleConfig['roles'];
231	2	if (!empty($annotation->throttle['roles'])) {
232	1	$rolesConfig = $annotation->throttle['roles'];
233		}
234
235	2	foreach ($rolesConfig as $role => $throttle) {
236	2	if ($this->authorizationChecker->isGranted($role)) {
237	2	$username = $token->getUsername();
238	2	$userRole = $role;
239	2	$limit = $throttle['limit'];
240	2	$period = $throttle['period'];
241
242	2	return [self::generateCacheKey($request->getClientIp(), $username, $userRole), $limit, $period];
243		}
244		}
245		}
246		}
247
248	6	if (!empty($annotation->throttle['default'])) {
249	1	$limit = $annotation->throttle['default']['limit'];
250	1	$period = $annotation->throttle['default']['period'];
251		} else {
252	5	$limit = $this->throttleConfig['default']['limit'];
253	5	$period = $this->throttleConfig['default']['period'];
254		}
255
256	6	return [self::generateCacheKey($request->getClientIp()), $limit, $period];
257		}
258		}
259

IndraGunawan / api-rate-limit-bundle

Pull Request — master (#12)

RateLimitHandler::generateCacheKey() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like