EncryptedSubjectIdentifier - Code Metrics - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

EncryptedSubjectIdentifier A
last analyzed 2020-09-21 22:19 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	47
Duplicated Lines	0 %

Importance

Changes	2
Bugs	1	Features	0

Metric	Value
eloc	20
c	2
b	1
f	0
dl	0
loc	47
rs	10
wmc	6

3 Methods

Rating	Name	Size	Complexity
A	__construct()	7	2
A	getPublicIdFromSubjectIdentifier()	13	3
A	calculateSubjectIdentifier()	8	1

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2019 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\OpenIdConnect\UserInfo\Pairwise;

use Base64Url\Base64Url;
use OAuth2Framework\Component\Core\UserAccount\UserAccount;

final class EncryptedSubjectIdentifier implements PairwiseSubjectIdentifierAlgorithm
{
    /**
     * @var string
     */
    private $pairwiseEncryptionKey;

    /**
     * @var string
     */
    private $algorithm;

    /**
     * EncryptedSubjectIdentifier constructor.
     */
    public function __construct(string $pairwiseEncryptionKey, string $algorithm)
    {
        if (!\in_array($algorithm, openssl_get_cipher_methods(), true)) {
            throw new \InvalidArgumentException(\Safe\sprintf('The algorithm "%s" is not supported.', $algorithm));
        }
        $this->pairwiseEncryptionKey = $pairwiseEncryptionKey;
        $this->algorithm = $algorithm;
    }

    public function calculateSubjectIdentifier(UserAccount $userAccount, string $sectorIdentifierHost): string
    {
        $prepared = \Safe\sprintf('%s:%s', $sectorIdentifierHost, $userAccount->getUserAccountId()->getValue());
        $iv = hash('sha512', $userAccount->getUserAccountId()->getValue(), true);
        $ivSize = \Safe\openssl_cipher_iv_length($this->algorithm);
        $iv = mb_substr($iv, 0, $ivSize, '8bit');

        return Base64Url::encode($iv).':'.Base64Url::encode(\Safe\openssl_encrypt($prepared, $this->algorithm, $this->pairwiseEncryptionKey, OPENSSL_RAW_DATA, $iv));
    }

    public function getPublicIdFromSubjectIdentifier(string $subjectIdentifier): ?string
    {
        $data = explode(':', $subjectIdentifier);
        if (2 !== \count($data)) {
            return null;
        }
        $decoded = \Safe\openssl_decrypt(Base64Url::decode($data[1]), $this->algorithm, $this->pairwiseEncryptionKey, OPENSSL_RAW_DATA, Base64Url::decode($data[0]));
        $parts = explode(':', $decoded);
        if (3 !== \count($parts)) {
            return null;
        }

        return $parts[1];
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2019 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Component\OpenIdConnect\UserInfo\Pairwise;
15
16			use Base64Url\Base64Url;
17			use OAuth2Framework\Component\Core\UserAccount\UserAccount;
18
19			final class EncryptedSubjectIdentifier implements PairwiseSubjectIdentifierAlgorithm
20			{
21			/**
22			* @var string
23			*/
24			private $pairwiseEncryptionKey;
25
26			/**
27			* @var string
28			*/
29			private $algorithm;
30
31			/**
32			* EncryptedSubjectIdentifier constructor.
33			*/
34			public function __construct(string $pairwiseEncryptionKey, string $algorithm)
35			{
36			if (!\in_array($algorithm, openssl_get_cipher_methods(), true)) {
37			throw new \InvalidArgumentException(\Safe\sprintf('The algorithm "%s" is not supported.', $algorithm));
38			}
39			$this->pairwiseEncryptionKey = $pairwiseEncryptionKey;
40			$this->algorithm = $algorithm;
41			}
42
43			public function calculateSubjectIdentifier(UserAccount $userAccount, string $sectorIdentifierHost): string
44			{
45			$prepared = \Safe\sprintf('%s:%s', $sectorIdentifierHost, $userAccount->getUserAccountId()->getValue());
46			$iv = hash('sha512', $userAccount->getUserAccountId()->getValue(), true);
47			$ivSize = \Safe\openssl_cipher_iv_length($this->algorithm);
48			$iv = mb_substr($iv, 0, $ivSize, '8bit');
49
50			return Base64Url::encode($iv).':'.Base64Url::encode(\Safe\openssl_encrypt($prepared, $this->algorithm, $this->pairwiseEncryptionKey, OPENSSL_RAW_DATA, $iv));
51			}
52
53			public function getPublicIdFromSubjectIdentifier(string $subjectIdentifier): ?string
54			{
55			$data = explode(':', $subjectIdentifier);
56			if (2 !== \count($data)) {
57			return null;
58			}
59			$decoded = \Safe\openssl_decrypt(Base64Url::decode($data[1]), $this->algorithm, $this->pairwiseEncryptionKey, OPENSSL_RAW_DATA, Base64Url::decode($data[0]));
60			$parts = explode(':', $decoded);
61			if (3 !== \count($parts)) {
62			return null;
63			}
64
65			return $parts[1];
66			}
67			}
68

OAuth2-Framework / oauth2-framework

EncryptedSubjectIdentifier A last analyzed 2020-09-21 22:19 UTC

Complexity

Size/Duplication

Importance

3 Methods

Duplication Side-by-Side

Filter issues like

EncryptedSubjectIdentifier A
last analyzed 2020-09-21 22:19 UTC