IdTokenSource::updateJoseBundleConfigurationForJWTLoader() - Code Metrics - Inspection of "Verification of the algorithms for the userinfo si..." - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( 2eee97...42d85f )

by Florent

created 2017-09-30 12:46 UTC

IdTokenSource::updateJoseBundleConfigurationForJWTLoader() A

↳ Parent: Project

Complexity

Conditions	2
Paths	2

Size

Total Lines	8
Code Lines	5

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	8
rs	9.4285
c	0
b	0
f	0
cc	2
eloc	5
nc	2
nop	2

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2017 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Bundle\Server\DependencyInjection\Source\OpenIdConnect;

use Assert\Assertion;
use Fluent\PhpConfigFileLoader;
use Jose\Bundle\JoseFramework\Helper\ConfigurationHelper;
use OAuth2Framework\Bundle\Server\DependencyInjection\Source\ArraySource;
use Symfony\Component\Config\Definition\Builder\NodeDefinition;
use Symfony\Component\Config\FileLocator;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\PropertyAccess\PropertyAccess;

final class IdTokenSource extends ArraySource
{
    /**
     * UserinfoSource constructor.
     */
    public function __construct()
    {
        $this->addSubSource(new IdTokenResponseTypeSource());
        $this->addSubSource(new IdTokenEncryptionSource());
    }

    /**
     * {@inheritdoc}
     */
    public function prepend(array $bundleConfig, string $path, ContainerBuilder $container)
    {
        parent::prepend($bundleConfig, $path, $container);
        $currentPath = $path.'['.$this->name().']';
        $accessor = PropertyAccess::createPropertyAccessor();
        $sourceConfig = $accessor->getValue($bundleConfig, $currentPath);
        ConfigurationHelper::addJWSBuilder($container, $this->name(), $sourceConfig['signature_algorithms'], false);
        ConfigurationHelper::addJWSLoader($container, $this->name(), $sourceConfig['signature_algorithms'], [], ['jws_compact'], false);

        Assertion::keyExists($bundleConfig['key_set'], 'signature', 'The signature key set must be enabled.');
        //ConfigurationHelper::addKeyset($container, 'id_token.key_set.signature', 'jwkset', ['value' => $bundleConfig['key_set']['signature']]);

    }

    /**
     * {@inheritdoc}
     */
    protected function continueLoading(string $path, ContainerBuilder $container, array $config)
    {
        foreach (['lifetime', 'default_signature_algorithm', 'signature_algorithms', 'claim_checkers', 'header_checkers'] as $k) {
            $container->setParameter($path.'.'.$k, $config[$k]);
        }
        //$container->setAlias($path.'.key_set', 'jose.key_set.id_token.key_set.signature');


        $loader = new PhpConfigFileLoader($container, new FileLocator(__DIR__.'/../../../Resources/config/openid_connect'));
        $loader->load('userinfo_scope_support.php');
    }

    /**
     * {@inheritdoc}
     */
    protected function name(): string
    {
        return 'id_token';
    }

    protected function continueConfiguration(NodeDefinition $node)
    {
        parent::continueConfiguration($node);
        $node
            ->validate()
                ->ifTrue(function ($config) {
                    return empty($config['default_signature_algorithm']);
                })
                ->thenInvalid('The option "default_signature_algorithm" must be set.')
            ->end()
            ->validate()
                ->ifTrue(function ($config) {
                    return empty($config['signature_algorithms']);
                })
                ->thenInvalid('The option "signature_algorithm" must contain at least one signature algorithm.')
            ->end()
            ->validate()
                ->ifTrue(function ($config) {
                    return !in_array($config['default_signature_algorithm'], $config['signature_algorithms']);
                })
                ->thenInvalid('The default signature algorithm must be in the supported signature algorithms.')
            ->end()
            ->children()
                ->scalarNode('default_signature_algorithm')
                    ->info('Signature algorithm used if the client has not defined a preferred one. Recommended value is "RS256".')
                ->end()
                ->arrayNode('signature_algorithms')
                    ->info('Signature algorithm used to sign the ID Tokens.')
                    ->useAttributeAsKey('name')
                    ->prototype('scalar')->end()
                    ->treatNullLike([])
                ->end()
                ->arrayNode('claim_checkers')
                    ->info('Checkers will verify the JWT claims.')
                    ->useAttributeAsKey('name')
                    ->prototype('scalar')->end()
                    ->treatNullLike(['exp', 'iat', 'nbf'])
                ->end()
                ->arrayNode('header_checkers')
                    ->info('Checkers will verify the JWT headers.')
                    ->useAttributeAsKey('name')
                    ->prototype('scalar')->end()
                    ->treatNullLike(['crit'])
                ->end()
                ->integerNode('lifetime')
                    ->info('Lifetime of the ID Tokens (in seconds). If an access token is issued with the ID Token, the lifetime of the access token is used instead of this value.')
                    ->defaultValue(3600)
                    ->min(1)
                ->end()
            ->end();
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2017 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Bundle\Server\DependencyInjection\Source\OpenIdConnect;
15
16			use Assert\Assertion;
17			use Fluent\PhpConfigFileLoader;
18			use Jose\Bundle\JoseFramework\Helper\ConfigurationHelper;
19			use OAuth2Framework\Bundle\Server\DependencyInjection\Source\ArraySource;
20			use Symfony\Component\Config\Definition\Builder\NodeDefinition;
21			use Symfony\Component\Config\FileLocator;
22			use Symfony\Component\DependencyInjection\ContainerBuilder;
23			use Symfony\Component\PropertyAccess\PropertyAccess;
24
25			final class IdTokenSource extends ArraySource
26			{
27			/**
28			* UserinfoSource constructor.
29			*/
30			public function __construct()
31			{
32			$this->addSubSource(new IdTokenResponseTypeSource());
33			$this->addSubSource(new IdTokenEncryptionSource());
34			}
35
36			/**
37			* {@inheritdoc}
38			*/
39			public function prepend(array $bundleConfig, string $path, ContainerBuilder $container)
40			{
41			parent::prepend($bundleConfig, $path, $container);
42			$currentPath = $path.'['.$this->name().']';
43			$accessor = PropertyAccess::createPropertyAccessor();
44			$sourceConfig = $accessor->getValue($bundleConfig, $currentPath);
45			ConfigurationHelper::addJWSBuilder($container, $this->name(), $sourceConfig['signature_algorithms'], false);
46			ConfigurationHelper::addJWSLoader($container, $this->name(), $sourceConfig['signature_algorithms'], [], ['jws_compact'], false);
47
48			Assertion::keyExists($bundleConfig['key_set'], 'signature', 'The signature key set must be enabled.');
49			//ConfigurationHelper::addKeyset($container, 'id_token.key_set.signature', 'jwkset', ['value' => $bundleConfig['key_set']['signature']]);
			0 ignored issues – show Unused Code Comprehensibility introduced 2017-09-30 12:55 UTC by Report Bug Copy Issue Report `75%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
50			}
51
52			/**
53			* {@inheritdoc}
54			*/
55			protected function continueLoading(string $path, ContainerBuilder $container, array $config)
56			{
57			foreach (['lifetime', 'default_signature_algorithm', 'signature_algorithms', 'claim_checkers', 'header_checkers'] as $k) {
58			$container->setParameter($path.'.'.$k, $config[$k]);
59			}
60			//$container->setAlias($path.'.key_set', 'jose.key_set.id_token.key_set.signature');
			0 ignored issues – show Unused Code Comprehensibility introduced 2017-09-30 12:55 UTC by Report Bug Copy Issue Report `75%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
61
62			$loader = new PhpConfigFileLoader($container, new FileLocator(__DIR__.'/../../../Resources/config/openid_connect'));
63			$loader->load('userinfo_scope_support.php');
64			}
65
66			/**
67			* {@inheritdoc}
68			*/
69			protected function name(): string
70			{
71			return 'id_token';
72			}
73
74			protected function continueConfiguration(NodeDefinition $node)
75			{
76			parent::continueConfiguration($node);
77			$node
78			->validate()
79			->ifTrue(function ($config) {
80			return empty($config['default_signature_algorithm']);
81			})
82			->thenInvalid('The option "default_signature_algorithm" must be set.')
83			->end()
84			->validate()
85			->ifTrue(function ($config) {
86			return empty($config['signature_algorithms']);
87			})
88			->thenInvalid('The option "signature_algorithm" must contain at least one signature algorithm.')
89			->end()
90			->validate()
91			->ifTrue(function ($config) {
92			return !in_array($config['default_signature_algorithm'], $config['signature_algorithms']);
93			})
94			->thenInvalid('The default signature algorithm must be in the supported signature algorithms.')
95			->end()
96			->children()
97			->scalarNode('default_signature_algorithm')
98			->info('Signature algorithm used if the client has not defined a preferred one. Recommended value is "RS256".')
99			->end()
100			->arrayNode('signature_algorithms')
101			->info('Signature algorithm used to sign the ID Tokens.')
102			->useAttributeAsKey('name')
103			->prototype('scalar')->end()
104			->treatNullLike([])
105			->end()
106			->arrayNode('claim_checkers')
107			->info('Checkers will verify the JWT claims.')
108			->useAttributeAsKey('name')
109			->prototype('scalar')->end()
110			->treatNullLike(['exp', 'iat', 'nbf'])
111			->end()
112			->arrayNode('header_checkers')
113			->info('Checkers will verify the JWT headers.')
114			->useAttributeAsKey('name')
115			->prototype('scalar')->end()
116			->treatNullLike(['crit'])
117			->end()
118			->integerNode('lifetime')
119			->info('Lifetime of the ID Tokens (in seconds). If an access token is issued with the ID Token, the lifetime of the access token is used instead of this value.')
120			->defaultValue(3600)
121			->min(1)
122			->end()
123			->end();
124			}
125			}
126

OAuth2-Framework / oauth2-framework

Push — master ( 2eee97...42d85f )

IdTokenSource::updateJoseBundleConfigurationForJWTLoader() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like