UserinfoEndpointSignatureSource - Code Metrics - Inspection of "Verification of the algorithms for the userinfo si..." - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( 2eee97...42d85f )

by Florent

created 2017-09-30 12:46 UTC

UserinfoEndpointSignatureSource A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	55
Duplicated Lines	0 %

Coupling/Cohesion

Components	0
Dependencies	8

Importance

Changes

Metric	Value
wmc	5
lcom	0
cbo	8
dl	0
loc	55
rs	10
c	0
b	0
f	0

4 Methods

Rating	Name	Size	Complexity
A	name()	4	1
A	continueLoading()	4	1
A	continueConfiguration()	19	2
A	prepend()	10	1

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2017 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Bundle\Server\DependencyInjection\Source\OpenIdConnect;

use Assert\Assertion;
use Jose\Bundle\JoseFramework\Helper\ConfigurationHelper;
use OAuth2Framework\Bundle\Server\DependencyInjection\Source\ActionableSource;
use Symfony\Component\Config\Definition\Builder\NodeDefinition;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\PropertyAccess\PropertyAccess;

final class UserinfoEndpointSignatureSource extends ActionableSource
{
    /**
     * {@inheritdoc}
     */
    protected function name(): string
    {
        return 'signature';
    }

    /**
     * {@inheritdoc}
     */
    protected function continueLoading(string $path, ContainerBuilder $container, array $config)
    {
        $container->setParameter($path.'.signature_algorithms', $config['signature_algorithms']);
    }

    /**
     * {@inheritdoc}
     */
    protected function continueConfiguration(NodeDefinition $node)
    {
        parent::continueConfiguration($node);
        $node
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
            ->validate()
                ->ifTrue(function ($config) {
                    return true === $config['enabled'] && empty($config['signature_algorithms']);
                })
                ->thenInvalid('You must set at least one signature algorithm.')
            ->end()
            ->children()
                ->arrayNode('signature_algorithms')
                    ->info('Signature algorithm used to sign the user information.')
                    ->useAttributeAsKey('name')
                    ->prototype('scalar')->end()
                    ->treatNullLike([])
                ->end()
            ->end();
    }

    /**
     * {@inheritdoc}
     */
    public function prepend(array $bundleConfig, string $path, ContainerBuilder $container)
    {
        parent::prepend($bundleConfig, $path, $container);
        Assertion::keyExists($bundleConfig['key_set'], 'signature', 'The signature key set must be enabled.');
        $currentPath = $path.'['.$this->name().']';
        $accessor = PropertyAccess::createPropertyAccessor();
        $sourceConfig = $accessor->getValue($bundleConfig, $currentPath);

        ConfigurationHelper::addJWSBuilder($container, 'oauth2_server.userinfo', $sourceConfig['signature_algorithms'], false);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2017 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Bundle\Server\DependencyInjection\Source\OpenIdConnect;
15
16			use Assert\Assertion;
17			use Jose\Bundle\JoseFramework\Helper\ConfigurationHelper;
18			use OAuth2Framework\Bundle\Server\DependencyInjection\Source\ActionableSource;
19			use Symfony\Component\Config\Definition\Builder\NodeDefinition;
20			use Symfony\Component\DependencyInjection\ContainerBuilder;
21			use Symfony\Component\PropertyAccess\PropertyAccess;
22
23			final class UserinfoEndpointSignatureSource extends ActionableSource
24			{
25			/**
26			* {@inheritdoc}
27			*/
28			protected function name(): string
29			{
30			return 'signature';
31			}
32
33			/**
34			* {@inheritdoc}
35			*/
36			protected function continueLoading(string $path, ContainerBuilder $container, array $config)
37			{
38			$container->setParameter($path.'.signature_algorithms', $config['signature_algorithms']);
39			}
40
41			/**
42			* {@inheritdoc}
43			*/
44			protected function continueConfiguration(NodeDefinition $node)
45			{
46			parent::continueConfiguration($node);
47			$node
			0 ignored issues – show Bug introduced 2017-03-31 15:24 UTC by Report Bug Copy Issue Report It seems like you code against a specific sub-type and not the parent class `Symfony\Component\Config...\Builder\NodeDefinition` as the method `children()` does only exist in the following sub-classes of `Symfony\Component\Config...\Builder\NodeDefinition`: `Symfony\Component\Config...der\ArrayNodeDefinition`. Maybe you want to `instanceof` check for one of these explicitly? Let’s take a look at an example: abstract class User { /** @return string / abstract public function getPassword(); } class MyUser extends User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the parent class: abstract class User { /** @return string / abstract public function getPassword(); /* @return string */ abstract public function getDisplayName(); } Loading history...
48			->validate()
49			->ifTrue(function ($config) {
50			return true === $config['enabled'] && empty($config['signature_algorithms']);
51			})
52			->thenInvalid('You must set at least one signature algorithm.')
53			->end()
54			->children()
55			->arrayNode('signature_algorithms')
56			->info('Signature algorithm used to sign the user information.')
57			->useAttributeAsKey('name')
58			->prototype('scalar')->end()
59			->treatNullLike([])
60			->end()
61			->end();
62			}
63
64			/**
65			* {@inheritdoc}
66			*/
67			public function prepend(array $bundleConfig, string $path, ContainerBuilder $container)
68			{
69			parent::prepend($bundleConfig, $path, $container);
70			Assertion::keyExists($bundleConfig['key_set'], 'signature', 'The signature key set must be enabled.');
71			$currentPath = $path.'['.$this->name().']';
72			$accessor = PropertyAccess::createPropertyAccessor();
73			$sourceConfig = $accessor->getValue($bundleConfig, $currentPath);
74
75			ConfigurationHelper::addJWSBuilder($container, 'oauth2_server.userinfo', $sourceConfig['signature_algorithms'], false);
76			}
77			}
78

OAuth2-Framework / oauth2-framework

Push — master ( 2eee97...42d85f )

UserinfoEndpointSignatureSource A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

4 Methods

Available Fixes

Duplication Side-by-Side

Filter issues like