UserInfo - Code Metrics - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

UserInfo A
last analyzed 2020-09-21 22:19 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	160
Duplicated Lines	0 %

Importance

Changes	7
Bugs	1	Features	0

Metric	Value
eloc	58
c	7
b	1
f	0
dl	0
loc	160
rs	10
wmc	28

10 Methods

Rating	Name	Size	Complexity
A	__construct()	5	1
A	getPairwiseSubjectIdentifierAlgorithm()	3	1
A	calculateSubjectIdentifier()	16	4
A	getClaimValues()	6	2
A	getClaimsFromClaimScope()	15	4
A	getUserinfo()	14	1
A	isPairwiseSubjectIdentifierSupported()	3	1
A	enablePairwiseSubject()	3	1
A	getSectorIdentifierHost()	14	4
B	getUserClaim()	24	9

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2019 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\OpenIdConnect\UserInfo;

use OAuth2Framework\Component\Core\Client\Client;
use OAuth2Framework\Component\Core\UserAccount\UserAccount;
use OAuth2Framework\Component\OpenIdConnect\UserInfo\Claim\ClaimManager;
use OAuth2Framework\Component\OpenIdConnect\UserInfo\Claim\ClaimSourceManager;
use OAuth2Framework\Component\OpenIdConnect\UserInfo\Pairwise\PairwiseSubjectIdentifierAlgorithm;
use OAuth2Framework\Component\OpenIdConnect\UserInfo\ScopeSupport\UserInfoScopeSupportManager;

class UserInfo
{
    /**
     * @var null|PairwiseSubjectIdentifierAlgorithm
     */
    private $pairwiseAlgorithm;

    /**
     * @var UserInfoScopeSupportManager
     */
    private $userinfoScopeSupportManager;

    /**
     * @var ClaimSourceManager
     */
    private $claimSourceManager;

    /**
     * @var ClaimManager
     */
    private $claimManager;

    /**
     * UserInfo constructor.
     */
    public function __construct(UserInfoScopeSupportManager $userinfoScopeSupportManager, ClaimManager $claimManager, ClaimSourceManager $claimSourceManager)
    {
        $this->userinfoScopeSupportManager = $userinfoScopeSupportManager;
        $this->claimManager = $claimManager;
        $this->claimSourceManager = $claimSourceManager;
    }

    public function getUserinfo(Client $client, UserAccount $userAccount, string $redirectUri, array $requestedClaims, ?string $scope, ?string $claimsLocales): array
    {
        $requestedClaims = array_merge(
            $this->getClaimsFromClaimScope($scope),
            $requestedClaims
        );
        $claims = $this->getClaimValues($userAccount, $requestedClaims, $claimsLocales);
        /*$claims = array_merge(
            $claims,
            $this->claimSourceManager->getUserInfo($userAccount, $scope, [])
        );*/
        $claims['sub'] = $this->calculateSubjectIdentifier($client, $userAccount, $redirectUri);

        return $claims;
    }

    public function enablePairwiseSubject(PairwiseSubjectIdentifierAlgorithm $pairwiseAlgorithm): void
    {
        $this->pairwiseAlgorithm = $pairwiseAlgorithm;
    }

    public function isPairwiseSubjectIdentifierSupported(): bool
    {
        return null !== $this->pairwiseAlgorithm;
    }

    public function getPairwiseSubjectIdentifierAlgorithm(): ?PairwiseSubjectIdentifierAlgorithm
    {
        return $this->pairwiseAlgorithm;
    }

    private function getClaimsFromClaimScope(?string $scope): array
    {
        $result = [];
        $scope = $scope ?? '';

        foreach (explode(' ', $scope) as $scp) {
            if ($this->userinfoScopeSupportManager->has($scp)) {
                $scope_claims = $this->userinfoScopeSupportManager->get($scp)->getAssociatedClaims();
                foreach ($scope_claims as $scope_claim) {
                    $result[$scope_claim] = null;
                }
            }
        }

        return $result;
    }

    private function getClaimValues(UserAccount $userAccount, array $requestedClaims, ?string $claimsLocales): array
    {
        $result = [];

        $claimsLocales = null === $claimsLocales ? [] : array_unique(explode(' ', $claimsLocales));

        return $this->claimManager->getUserInfo($userAccount, $requestedClaims, $claimsLocales);
        /*foreach ($requestedClaims as $claim => $config) {
            foreach ($claimsLocales as $claims_locale) {
                $claim_locale = $this->computeClaimWithLocale($claim, $claims_locale);
                $claim_value = $this->getUserClaim($userAccount, $claim_locale, $config);
                if (null !== $claim_value) {
                    $result[$claim_locale] = $claim_value;

                    break;
                }
            }
        }*/
    }

    /**
     * @return null|mixed
     */
    private function getUserClaim(UserAccount $userAccount, string $claimName, ?array $config)

    {
        // FIXME: "acr" claim support has to be added.
        if ($userAccount->has($claimName)) {
            $claim = $userAccount->get($claimName);
            switch (true) {
                case \is_array($config) && \array_key_exists('value', $config):
                    if ($claim === $config['value']) {
                        return $claim;
                    }

                    break;
                case \is_array($config) && \array_key_exists('values', $config) && \is_array($config['values']):
                    if (\in_array($claim, $config['values'], true)) {
                        return $claim;
                    }

                    break;
                default:
                    return $claim;
            }
        }

        return null;
    }

    private function calculateSubjectIdentifier(Client $client, UserAccount $userAccount, string $redirectUri): string
    {
        $sub = $userAccount->getUserAccountId()->getValue();
        if (null === $this->pairwiseAlgorithm) {
            return $sub;
        }
        if ($client->has('subject_type') && ('pairwise' === $client->get('subject_type'))) {
            $sectorIdentifierHost = $this->getSectorIdentifierHost($client, $redirectUri);

            return $this->pairwiseAlgorithm->calculateSubjectIdentifier(
                $userAccount,
                $sectorIdentifierHost
            );
        }

        return $sub;
    }

    private function getSectorIdentifierHost(Client $client, string $redirectUri): string
    {
        $uri = $redirectUri;

        if (true === $client->has('sector_identifier_uri')) {
            $uri = $client->get('sector_identifier_uri');
        }

        $data = \Safe\parse_url($uri);
        $data = \Safe\parse_url(/** @scrutinizer ignore-type */ $uri);
        if (!\is_array($data) || !\array_key_exists('host', $data)) {

            throw new \InvalidArgumentException(\Safe\sprintf('Invalid Sector Identifier Uri "%s".', $uri));
        }

        return $data['host'];
    }
}


OAuth2-Framework / oauth2-framework

UserInfo A last analyzed 2020-09-21 22:19 UTC

Complexity

Size/Duplication

Importance

10 Methods

Duplication Side-by-Side

Filter issues like

UserInfo A
last analyzed 2020-09-21 22:19 UTC