AuthorizationEndpoint::process() - Code Metrics - Inspection of "WIP" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( c6baf0...a3629e )

by Florent

created 2018-08-04 23:10 UTC

AuthorizationEndpoint::process() C

↳ Parent: AuthorizationEndpoint

Complexity

Conditions	11
Paths	218

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	46
rs	6.2583
c	0
b	0
f	0
cc	11
nc	218
nop	2

How to fix Complexity

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2018 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\AuthorizationEndpoint;

use Http\Message\MessageFactory;
use OAuth2Framework\Component\AuthorizationEndpoint\ConsentScreen\ExtensionManager;
use OAuth2Framework\Component\AuthorizationEndpoint\Exception\OAuth2AuthorizationException;
use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\ParameterCheckerManager;
use OAuth2Framework\Component\AuthorizationEndpoint\UserAccount\UserAccountCheckerManager;
use OAuth2Framework\Component\AuthorizationEndpoint\UserAccount\UserAccountDiscovery;
use OAuth2Framework\Component\Core\Message\OAuth2Message;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;

abstract class AuthorizationEndpoint implements MiddlewareInterface
{
    /**
     * @var UserAccountDiscovery
     */
    protected $userAccountDiscovery;

    /**
     * @var UserAccountCheckerManager
     */
    protected $userAccountCheckerManager;

    /**
     * @var ExtensionManager
     */
    protected $consentScreenExtensionManager;

    /**
     * @var AuthorizationRequestLoader
     */
    protected $authorizationRequestLoader;

    /**
     * @var ParameterCheckerManager
     */
    protected $parameterCheckerManager;

    /**
     * @var MessageFactory
     */
    protected $messageFactory;

    /**
     * AuthorizationEndpoint constructor.
     */
    public function __construct(MessageFactory $messageFactory, AuthorizationRequestLoader $authorizationRequestLoader, ParameterCheckerManager $parameterCheckerManager, UserAccountDiscovery $userAccountDiscovery, UserAccountCheckerManager $userAccountCheckerManager, ExtensionManager $consentScreenExtensionManager)
    {
        $this->messageFactory = $messageFactory;
        $this->authorizationRequestLoader = $authorizationRequestLoader;
        $this->parameterCheckerManager = $parameterCheckerManager;
        $this->userAccountDiscovery = $userAccountDiscovery;
        $this->userAccountCheckerManager = $userAccountCheckerManager;
        $this->consentScreenExtensionManager = $consentScreenExtensionManager;
    }

    abstract protected function redirectToLoginPage(ServerRequestInterface $request, Authorization $authorization): ResponseInterface;

    abstract protected function processConsentScreen(ServerRequestInterface $request, Authorization $authorization): ResponseInterface;

    /**
     * {@inheritdoc}
     */
    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        try {
            $authorization = $this->createAuthorizationFromRequest($request);
            $isFullyAuthenticated = null;
            $userAccount = $this->userAccountDiscovery->find($isFullyAuthenticated);
            if (!\is_bool($isFullyAuthenticated)) {
                $isFullyAuthenticated = false;
            }
            if (null !== $userAccount) {
                $authorization = $authorization->withUserAccount($userAccount, $isFullyAuthenticated);
            }
            $this->userAccountCheckerManager->check($authorization, $userAccount, $isFullyAuthenticated);
            if (null === $userAccount) {
                return $this->redirectToLoginPage($request, $authorization);
            }
            $authorization = $this->consentScreenExtensionManager->processBefore($request, $authorization);

            return $this->processConsentScreen($request, $authorization);
        } catch (OAuth2AuthorizationException $e) {
            throw $e;
        } catch (Exception\ProcessAuthorizationException $e) {
            $authorization = $e->getAuthorization();
            $authorization = $this->consentScreenExtensionManager->processAfter($request, $authorization);
            if (false === $authorization->isAuthorized()) {
                $this->throwRedirectionException($authorization, OAuth2Message::ERROR_ACCESS_DENIED, 'The resource owner denied access to your client.');
            }

            $responseType = $authorization->getResponseType();

            try {
                $authorization = $responseType->preProcess($authorization);
                $authorization = $responseType->process($authorization);
            } catch (OAuth2Message $e) {
                $this->throwRedirectionException($authorization, $e->getMessage(), $e->getErrorDescription());
            }

            return $this->buildResponse($authorization);
        } catch (Exception\CreateRedirectionException $e) {
            $this->throwRedirectionException($e->getAuthorization(), $e->getMessage(), $e->getDescription());
        } catch (Exception\ShowConsentScreenException $e) {
            return $this->processConsentScreen($request, $e->getAuthorization());
        } catch (Exception\RedirectToLoginPageException $e) {
            return $this->redirectToLoginPage($request, $e->getAuthorization());
        }
    }

    protected function buildResponse(Authorization $authorization): ResponseInterface
    {
        $response = $authorization->getResponseMode()->buildResponse(
            $this->messageFactory->createResponse(),
            $authorization->getRedirectUri(),
            $authorization->getResponseParameters()
        );
        foreach ($authorization->getResponseHeaders() as $k => $v) {
            $response = $response->withHeader($k, $v);
        }

        return $response;
    }

    protected function throwRedirectionException(Authorization $authorization, string $error, string $errorDescription)
    {
        $params = $authorization->getResponseParameters();
        if (null === $authorization->getResponseMode() || null === $authorization->getRedirectUri()) {
            throw new OAuth2Message(400, $error, $errorDescription);
        }
        $params += [
            'response_mode' => $authorization->getResponseMode(),
            'redirect_uri' => $authorization->getRedirectUri(),
        ];

        throw new OAuth2Message(302, $error, $errorDescription, $params);
    }

    public function createAuthorizationFromRequest(ServerRequestInterface $request): Authorization
    {
        $authorization = $this->authorizationRequestLoader->load($request);
        $authorization = $this->parameterCheckerManager->process($authorization);

        return $authorization;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2018 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Component\AuthorizationEndpoint;
15
16			use Http\Message\MessageFactory;
17			use OAuth2Framework\Component\AuthorizationEndpoint\ConsentScreen\ExtensionManager;
18			use OAuth2Framework\Component\AuthorizationEndpoint\Exception\OAuth2AuthorizationException;
19			use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\ParameterCheckerManager;
20			use OAuth2Framework\Component\AuthorizationEndpoint\UserAccount\UserAccountCheckerManager;
21			use OAuth2Framework\Component\AuthorizationEndpoint\UserAccount\UserAccountDiscovery;
22			use OAuth2Framework\Component\Core\Message\OAuth2Message;
23			use Psr\Http\Message\ResponseInterface;
24			use Psr\Http\Message\ServerRequestInterface;
25			use Psr\Http\Server\MiddlewareInterface;
26			use Psr\Http\Server\RequestHandlerInterface;
27
28			abstract class AuthorizationEndpoint implements MiddlewareInterface
29			{
30			/**
31			* @var UserAccountDiscovery
32			*/
33			protected $userAccountDiscovery;
34
35			/**
36			* @var UserAccountCheckerManager
37			*/
38			protected $userAccountCheckerManager;
39
40			/**
41			* @var ExtensionManager
42			*/
43			protected $consentScreenExtensionManager;
44
45			/**
46			* @var AuthorizationRequestLoader
47			*/
48			protected $authorizationRequestLoader;
49
50			/**
51			* @var ParameterCheckerManager
52			*/
53			protected $parameterCheckerManager;
54
55			/**
56			* @var MessageFactory
57			*/
58			protected $messageFactory;
59
60			/**
61			* AuthorizationEndpoint constructor.
62			*/
63			public function __construct(MessageFactory $messageFactory, AuthorizationRequestLoader $authorizationRequestLoader, ParameterCheckerManager $parameterCheckerManager, UserAccountDiscovery $userAccountDiscovery, UserAccountCheckerManager $userAccountCheckerManager, ExtensionManager $consentScreenExtensionManager)
64			{
65			$this->messageFactory = $messageFactory;
66			$this->authorizationRequestLoader = $authorizationRequestLoader;
67			$this->parameterCheckerManager = $parameterCheckerManager;
68			$this->userAccountDiscovery = $userAccountDiscovery;
69			$this->userAccountCheckerManager = $userAccountCheckerManager;
70			$this->consentScreenExtensionManager = $consentScreenExtensionManager;
71			}
72
73			abstract protected function redirectToLoginPage(ServerRequestInterface $request, Authorization $authorization): ResponseInterface;
74
75			abstract protected function processConsentScreen(ServerRequestInterface $request, Authorization $authorization): ResponseInterface;
76
77			/**
78			* {@inheritdoc}
79			*/
80			public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
81			{
82			try {
83			$authorization = $this->createAuthorizationFromRequest($request);
84			$isFullyAuthenticated = null;
85			$userAccount = $this->userAccountDiscovery->find($isFullyAuthenticated);
86			if (!\is_bool($isFullyAuthenticated)) {
87			$isFullyAuthenticated = false;
88			}
89			if (null !== $userAccount) {
90			$authorization = $authorization->withUserAccount($userAccount, $isFullyAuthenticated);
91			}
92			$this->userAccountCheckerManager->check($authorization, $userAccount, $isFullyAuthenticated);
93			if (null === $userAccount) {
94			return $this->redirectToLoginPage($request, $authorization);
95			}
96			$authorization = $this->consentScreenExtensionManager->processBefore($request, $authorization);
97
98			return $this->processConsentScreen($request, $authorization);
99			} catch (OAuth2AuthorizationException $e) {
100			throw $e;
101			} catch (Exception\ProcessAuthorizationException $e) {
102			$authorization = $e->getAuthorization();
103			$authorization = $this->consentScreenExtensionManager->processAfter($request, $authorization);
104			if (false === $authorization->isAuthorized()) {
105			$this->throwRedirectionException($authorization, OAuth2Message::ERROR_ACCESS_DENIED, 'The resource owner denied access to your client.');
106			}
107
108			$responseType = $authorization->getResponseType();
109
110			try {
111			$authorization = $responseType->preProcess($authorization);
112			$authorization = $responseType->process($authorization);
113			} catch (OAuth2Message $e) {
114			$this->throwRedirectionException($authorization, $e->getMessage(), $e->getErrorDescription());
115			}
116
117			return $this->buildResponse($authorization);
118			} catch (Exception\CreateRedirectionException $e) {
119			$this->throwRedirectionException($e->getAuthorization(), $e->getMessage(), $e->getDescription());
120			} catch (Exception\ShowConsentScreenException $e) {
121			return $this->processConsentScreen($request, $e->getAuthorization());
122			} catch (Exception\RedirectToLoginPageException $e) {
123			return $this->redirectToLoginPage($request, $e->getAuthorization());
124			}
125			}
126
127			protected function buildResponse(Authorization $authorization): ResponseInterface
128			{
129			$response = $authorization->getResponseMode()->buildResponse(
130			$this->messageFactory->createResponse(),
131			$authorization->getRedirectUri(),
132			$authorization->getResponseParameters()
133			);
134			foreach ($authorization->getResponseHeaders() as $k => $v) {
135			$response = $response->withHeader($k, $v);
136			}
137
138			return $response;
139			}
140
141			protected function throwRedirectionException(Authorization $authorization, string $error, string $errorDescription)
142			{
143			$params = $authorization->getResponseParameters();
144			if (null === $authorization->getResponseMode() \|\| null === $authorization->getRedirectUri()) {
145			throw new OAuth2Message(400, $error, $errorDescription);
146			}
147			$params += [
148			'response_mode' => $authorization->getResponseMode(),
149			'redirect_uri' => $authorization->getRedirectUri(),
150			];
151
152			throw new OAuth2Message(302, $error, $errorDescription, $params);
153			}
154
155			public function createAuthorizationFromRequest(ServerRequestInterface $request): Authorization
156			{
157			$authorization = $this->authorizationRequestLoader->load($request);
158			$authorization = $this->parameterCheckerManager->process($authorization);
159
160			return $authorization;
161			}
162			}
163

OAuth2-Framework / oauth2-framework

Push — master ( c6baf0...a3629e )

AuthorizationEndpoint::process() C

Complexity

Size

Duplication

Importance

How to fix Complexity

Long Method

Duplication Side-by-Side

Filter issues like