Xero::buildUrlAuthorizationQueryString() - Code Metrics - Inspection of "Redirect on Error" - Invoiced/oauth1-xero - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#7)

unknown

created 2019-09-06 15:02 UTC

Xero::buildUrlAuthorizationQueryString() A

↳ Parent: Xero

Complexity

Conditions	5
Paths	5

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	16
rs	9.4222
c	0
b	0
f	0
cc	5
nc	5
nop	0

<?php

namespace Invoiced\OAuth1\Client\Server;

use Exception;
use InvalidArgumentException;
use League\OAuth1\Client\Server\Server;
use GuzzleHttp\Client as GuzzleHttpClient;
use GuzzleHttp\Exception\BadResponseException;
use League\OAuth1\Client\Credentials\TokenCredentials;
use League\OAuth1\Client\Signature\SignatureInterface;
use League\OAuth1\Client\Credentials\ClientCredentials;

class Xero extends Server
{
    /**
     * @var string
     */
    protected $responseType = 'xml';

    /**
     * @var array
     */
    protected $httpClientOptions = [];

    /**
     * @var array
     */
    protected $lastTokenCredentialsResponse;

    /**
     * @var array
     */
    protected $scope = [];

    /**
     * @var bool
     */
    protected $redirectOnError = false;

    /**
     * {@inheritdoc}
     */
    public function __construct($clientCredentials, SignatureInterface $signature = null)
    {
        if (is_array($clientCredentials)) {
            $this->parseConfiguration($clientCredentials);

            $clientCredentials = $this->createClientCredentials($clientCredentials);

            if (!$signature && $clientCredentials instanceof RsaClientCredentials) {
                $signature = new RsaSha1Signature($clientCredentials);
            }
        }

        parent::__construct($clientCredentials, $signature);
    }

    /**
     * Sets the value of the scope parameter used during authorization.
     *
     * @param array $scope Enumerated array where each element is a string
     *                     containing a single privilege value (e.g. 'payroll.employees')
     */
    public function setScope(array $scope)
    {
        $this->scope = $scope;
    }

    /**
     * Sets the redirect on error parameter used during authorization.
     *
     * @param boolean $redirect Boolean to toggle this parameter.
     * @return void
     */
    public function setRedirectOnError(bool $redirect)
    {
        $this->redirectOnError = $redirect;
    }

    /**
     * Gets the current setting for redirect on error.
     *
     * @return boolean
     */
    public function getRedirectOnError()
    {
        return $this->redirectOnError;
    }

    /**
     * Creates a Guzzle HTTP client for the given URL.
     *
     * @return GuzzleHttpClient
     */
    public function createHttpClient()
    {
        return new GuzzleHttpClient($this->httpClientOptions);
    }

    public function urlTemporaryCredentials()
    {
        return 'https://api.xero.com/oauth/RequestToken';
    }

    public function urlAuthorization()
    {
        return 'https://api.xero.com/oauth/Authorize'
            . $this->buildUrlAuthorizationQueryString();
    }

    /**
     * @return string
     */
    protected function buildUrlAuthorizationQueryString()
    {
        if (!$this->scope && !$this->redirectOnError) {

            return '';
        }

        if ($this->scope) {

            $parameters[] = 'scope=' . implode(',', $this->scope);
foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}
        }

        if ($this->redirectOnError) {
            $parameters[] = 'redirectOnError=true';
function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}
        }

        return '?' . implode('&', $parameters);
    }

    public function urlTokenCredentials()
    {
        return 'https://api.xero.com/oauth/AccessToken';
    }

    public function urlUserDetails()
    {
        return $this->notSupportedByXero();
    }

    public function userDetails($data, TokenCredentials $tokenCredentials)
    {
        return $this->notSupportedByXero();
    }

    public function userUid($data, TokenCredentials $tokenCredentials)
    {
        return $this->notSupportedByXero();
    }

    public function userEmail($data, TokenCredentials $tokenCredentials)
    {
        return $this->notSupportedByXero();
    }

    public function userScreenName($data, TokenCredentials $tokenCredentials)
    {
        return $this->notSupportedByXero();
    }

    /**
     * Gets the response of the last access token call. This might
     * be useful for partner applications to retrieve additional
     * OAuth parameters passed in by Xero.
     *
     * @return array|null
     */
    public function getLastTokenCredentialsResponse()
    {
        return $this->lastTokenCredentialsResponse;
    }

    /**
     * Refreshes an access token. Can be used by partner applications.
     *
     * @param TokenCredentials $tokenCredentials
     * @param string           $sessionHandle    Xero session handle
     *
     * @throws \League\OAuth1\Client\Credentials\CredentialsException when the access token cannot be refreshed
     *
     * @return TokenCredentials
     */
    public function refreshToken(TokenCredentials $tokenCredentials, $sessionHandle)
    {
        $client = $this->createHttpClient();
        $url = $this->urlTokenCredentials();

        $parameters = [
            'oauth_session_handle' => $sessionHandle,
        ];

        $headers = $this->getHeaders($tokenCredentials, 'POST', $url, $parameters);

        try {
            $response = $client->post($url, [
                'headers' => $headers,
                'form_params' => $parameters,
            ]);
        } catch (BadResponseException $e) {
            $this->handleTokenCredentialsBadResponse($e);
        }

        return $this->createTokenCredentials((string) $response->getBody());
    }

    protected function notSupportedByXero()
    {
        throw new Exception("Xero's API does not support retrieving the current user. Please see https://xero.uservoice.com/forums/5528-xero-accounting-api/suggestions/5688571-expose-which-user-connected-the-organization-via-o");
    }

    /**
     * Parse configuration array to set attributes.
     *
     * @param array $configuration
     */
    private function parseConfiguration(array $configuration = [])
    {
        $configToPropertyMap = [
            'http_client' => 'httpClientOptions',
        ];
        foreach ($configToPropertyMap as $config => $property) {
            if (isset($configuration[$config])) {
                $this->$property = $configuration[$config];
            }
        }
    }

    /**
     * Creates a client credentials instance from an array of credentials.
     *
     * @param array $clientCredentials
     *
     * @return ClientCredentials
     */
    protected function createClientCredentials(array $clientCredentials)
    {
        $keys = ['identifier', 'secret'];

        foreach ($keys as $key) {
            if (!isset($clientCredentials[$key])) {
                throw new InvalidArgumentException("Missing client credentials key [$key] from options.");
            }
        }

        if (isset($clientCredentials['rsa_private_key']) && isset($clientCredentials['rsa_public_key'])) {
            $_clientCredentials = new RsaClientCredentials();
            $_clientCredentials->setRsaPrivateKey($clientCredentials['rsa_private_key']);
            $_clientCredentials->setRsaPublicKey($clientCredentials['rsa_public_key']);
        } else {
            $_clientCredentials = new ClientCredentials();
        }

        $_clientCredentials->setIdentifier($clientCredentials['identifier']);
        $_clientCredentials->setSecret($clientCredentials['secret']);

        if (isset($clientCredentials['callback_uri'])) {
            $_clientCredentials->setCallbackUri($clientCredentials['callback_uri']);
        }

        return $_clientCredentials;
    }

    /**
     * Creates token credentials from the body response.
     *
     * @param string $body
     *
     * @return TokenCredentials
     */
    protected function createTokenCredentials($body)
    {
        parse_str($body, $data);
        $this->lastTokenCredentialsResponse = $data;
function aContainsB(array $needle = null, array  $haystack) {
    if (!$needle) {
        return false;
    }

    return array_intersect($haystack, $needle) == $haystack;
}

        return parent::createTokenCredentials($body);
    }
}


1			<?php
2
3			namespace Invoiced\OAuth1\Client\Server;
4
5			use Exception;
6			use InvalidArgumentException;
7			use League\OAuth1\Client\Server\Server;
8			use GuzzleHttp\Client as GuzzleHttpClient;
9			use GuzzleHttp\Exception\BadResponseException;
10			use League\OAuth1\Client\Credentials\TokenCredentials;
11			use League\OAuth1\Client\Signature\SignatureInterface;
12			use League\OAuth1\Client\Credentials\ClientCredentials;
13
14			class Xero extends Server
15			{
16			/**
17			* @var string
18			*/
19			protected $responseType = 'xml';
20
21			/**
22			* @var array
23			*/
24			protected $httpClientOptions = [];
25
26			/**
27			* @var array
28			*/
29			protected $lastTokenCredentialsResponse;
30
31			/**
32			* @var array
33			*/
34			protected $scope = [];
35
36			/**
37			* @var bool
38			*/
39			protected $redirectOnError = false;
40
41			/**
42			* {@inheritdoc}
43			*/
44			public function __construct($clientCredentials, SignatureInterface $signature = null)
45			{
46			if (is_array($clientCredentials)) {
47			$this->parseConfiguration($clientCredentials);
48
49			$clientCredentials = $this->createClientCredentials($clientCredentials);
50
51			if (!$signature && $clientCredentials instanceof RsaClientCredentials) {
52			$signature = new RsaSha1Signature($clientCredentials);
53			}
54			}
55
56			parent::__construct($clientCredentials, $signature);
57			}
58
59			/**
60			* Sets the value of the scope parameter used during authorization.
61			*
62			* @param array $scope Enumerated array where each element is a string
63			* containing a single privilege value (e.g. 'payroll.employees')
64			*/
65			public function setScope(array $scope)
66			{
67			$this->scope = $scope;
68			}
69
70			/**
71			* Sets the redirect on error parameter used during authorization.
72			*
73			* @param boolean $redirect Boolean to toggle this parameter.
74			* @return void
75			*/
76			public function setRedirectOnError(bool $redirect)
77			{
78			$this->redirectOnError = $redirect;
79			}
80
81			/**
82			* Gets the current setting for redirect on error.
83			*
84			* @return boolean
85			*/
86			public function getRedirectOnError()
87			{
88			return $this->redirectOnError;
89			}
90
91			/**
92			* Creates a Guzzle HTTP client for the given URL.
93			*
94			* @return GuzzleHttpClient
95			*/
96			public function createHttpClient()
97			{
98			return new GuzzleHttpClient($this->httpClientOptions);
99			}
100
101			public function urlTemporaryCredentials()
102			{
103			return 'https://api.xero.com/oauth/RequestToken';
104			}
105
106			public function urlAuthorization()
107			{
108			return 'https://api.xero.com/oauth/Authorize'
109			. $this->buildUrlAuthorizationQueryString();
110			}
111
112			/**
113			* @return string
114			*/
115			protected function buildUrlAuthorizationQueryString()
116			{
117			if (!$this->scope && !$this->redirectOnError) {
			0 ignored issues – show Bug Best Practice introduced 2019-09-06 14:53 UTC by Report Bug Copy Issue Report The expression `$this->scope` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
118			return '';
119			}
120
121			if ($this->scope) {
			0 ignored issues – show Bug Best Practice introduced 2019-09-06 14:53 UTC by Report Bug Copy Issue Report The expression `$this->scope` of type `array` is implicitly converted to a boolean; are you sure this is intended? If so, consider using `! empty($expr)` instead to make it clear that you intend to check for an array without elements. This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent. Consider making the comparison explicit by using `empty(..)` or `! empty(...)` instead. Loading history...
122			$parameters[] = 'scope=' . implode(',', $this->scope);
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-09-06 14:53 UTC by Report Bug Copy Issue Report `$parameters` was never initialized. Although not strictly required by PHP, it is generally a good practice to add `$parameters = array();` before regardless. Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) { $myArray['foo'] = $item->getFoo(); if ($item->hasBar()) { $myArray['bar'] = $item->getBar(); } // do something with $myArray } As you can see in this example, the array `$myArray` is initialized the first time when the foreach loop is entered. You can also see that the value of the `bar` key is only written conditionally; thus, its value might result from a previous iteration. This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization `$myArray = array()` either outside or inside the foreach loop. Loading history...
123			}
124
125			if ($this->redirectOnError) {
126			$parameters[] = 'redirectOnError=true';
			0 ignored issues – show Bug introduced 2019-09-06 14:53 UTC by Report Bug Copy Issue Report The variable `$parameters` does not seem to be defined for all execution paths leading up to this point. If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } // $x is potentially undefined here. echo $x; } In the above example, the variable `$x` is defined if you pass “foo” or “bar” as argument for `$a`. However, since the `switch` statement has no default case statement, if you pass any other value, the variable `$x` would be undefined. Available Fixes Check for existence of the variable explicitly: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } if (isset($x)) { // Make sure it's always set. echo $x; } } Define a default value for the variable: function myFunction($a) { $x = ''; // Set a default which gets overridden for certain paths. switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; } echo $x; } Add a value for the missing path: function myFunction($a) { switch ($a) { case 'foo': $x = 1; break; case 'bar': $x = 2; break; // We add support for the missing case. default: $x = ''; break; } echo $x; } Loading history...
127			}
128
129			return '?' . implode('&', $parameters);
130			}
131
132			public function urlTokenCredentials()
133			{
134			return 'https://api.xero.com/oauth/AccessToken';
135			}
136
137			public function urlUserDetails()
138			{
139			return $this->notSupportedByXero();
140			}
141
142			public function userDetails($data, TokenCredentials $tokenCredentials)
143			{
144			return $this->notSupportedByXero();
145			}
146
147			public function userUid($data, TokenCredentials $tokenCredentials)
148			{
149			return $this->notSupportedByXero();
150			}
151
152			public function userEmail($data, TokenCredentials $tokenCredentials)
153			{
154			return $this->notSupportedByXero();
155			}
156
157			public function userScreenName($data, TokenCredentials $tokenCredentials)
158			{
159			return $this->notSupportedByXero();
160			}
161
162			/**
163			* Gets the response of the last access token call. This might
164			* be useful for partner applications to retrieve additional
165			* OAuth parameters passed in by Xero.
166			*
167			* @return array\|null
168			*/
169			public function getLastTokenCredentialsResponse()
170			{
171			return $this->lastTokenCredentialsResponse;
172			}
173
174			/**
175			* Refreshes an access token. Can be used by partner applications.
176			*
177			* @param TokenCredentials $tokenCredentials
178			* @param string $sessionHandle Xero session handle
179			*
180			* @throws \League\OAuth1\Client\Credentials\CredentialsException when the access token cannot be refreshed
181			*
182			* @return TokenCredentials
183			*/
184			public function refreshToken(TokenCredentials $tokenCredentials, $sessionHandle)
185			{
186			$client = $this->createHttpClient();
187			$url = $this->urlTokenCredentials();
188
189			$parameters = [
190			'oauth_session_handle' => $sessionHandle,
191			];
192
193			$headers = $this->getHeaders($tokenCredentials, 'POST', $url, $parameters);
194
195			try {
196			$response = $client->post($url, [
197			'headers' => $headers,
198			'form_params' => $parameters,
199			]);
200			} catch (BadResponseException $e) {
201			$this->handleTokenCredentialsBadResponse($e);
202			}
203
204			return $this->createTokenCredentials((string) $response->getBody());
205			}
206
207			protected function notSupportedByXero()
208			{
209			throw new Exception("Xero's API does not support retrieving the current user. Please see https://xero.uservoice.com/forums/5528-xero-accounting-api/suggestions/5688571-expose-which-user-connected-the-organization-via-o");
210			}
211
212			/**
213			* Parse configuration array to set attributes.
214			*
215			* @param array $configuration
216			*/
217			private function parseConfiguration(array $configuration = [])
218			{
219			$configToPropertyMap = [
220			'http_client' => 'httpClientOptions',
221			];
222			foreach ($configToPropertyMap as $config => $property) {
223			if (isset($configuration[$config])) {
224			$this->$property = $configuration[$config];
225			}
226			}
227			}
228
229			/**
230			* Creates a client credentials instance from an array of credentials.
231			*
232			* @param array $clientCredentials
233			*
234			* @return ClientCredentials
235			*/
236			protected function createClientCredentials(array $clientCredentials)
237			{
238			$keys = ['identifier', 'secret'];
239
240			foreach ($keys as $key) {
241			if (!isset($clientCredentials[$key])) {
242			throw new InvalidArgumentException("Missing client credentials key [$key] from options.");
243			}
244			}
245
246			if (isset($clientCredentials['rsa_private_key']) && isset($clientCredentials['rsa_public_key'])) {
247			$_clientCredentials = new RsaClientCredentials();
248			$_clientCredentials->setRsaPrivateKey($clientCredentials['rsa_private_key']);
249			$_clientCredentials->setRsaPublicKey($clientCredentials['rsa_public_key']);
250			} else {
251			$_clientCredentials = new ClientCredentials();
252			}
253
254			$_clientCredentials->setIdentifier($clientCredentials['identifier']);
255			$_clientCredentials->setSecret($clientCredentials['secret']);
256
257			if (isset($clientCredentials['callback_uri'])) {
258			$_clientCredentials->setCallbackUri($clientCredentials['callback_uri']);
259			}
260
261			return $_clientCredentials;
262			}
263
264			/**
265			* Creates token credentials from the body response.
266			*
267			* @param string $body
268			*
269			* @return TokenCredentials
270			*/
271			protected function createTokenCredentials($body)
272			{
273			parse_str($body, $data);
274			$this->lastTokenCredentialsResponse = $data;
			0 ignored issues – show Documentation Bug introduced 2016-12-15 20:35 UTC by Report Bug Copy Issue Report It seems like `$data` can be `null`. However, the property `$lastTokenCredentialsResponse` is declared as `array`. Maybe change the type of the property to `array\|null` or add a type check? Our type inference engine has found an assignment of a scalar value (like a string, an integer or null) to a property which is an array. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property. To type hint that a parameter can be either an array or null, you can set a type hint of array and a default value of null. The PHP interpreter will then accept both an array or null for that parameter. function aContainsB(array $needle = null, array $haystack) { if (!$needle) { return false; } return array_intersect($haystack, $needle) == $haystack; } The function can be called with either null or an array for the parameter `$needle` but will only accept an array as `$haystack`. Loading history...
275
276			return parent::createTokenCredentials($body);
277			}
278			}
279

Invoiced / oauth1-xero

Pull Request — master (#7)

Xero::buildUrlAuthorizationQueryString() A

Complexity

Size

Duplication

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like