AuthorizationEndpoint - Code Metrics - Inspection of "Apply fixes from StyleCI" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — master (#63)

by Florent

created 2017-10-03 19:36 UTC

AuthorizationEndpoint A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	158
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	13

Importance

Changes

Metric	Value
wmc	20
lcom	1
cbo	13
dl	0
loc	158
rs	10
c	0
b	0
f	0

6 Methods

Rating	Name	Size	Complexity
A	__construct()	7	1
	redirectToLoginPage()	1	?
	processConsentScreen()	1	?
A	buildResponse()	16	4
A	throwRedirectionException()	17	3
C	process()	51	12

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2017 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\Server\Endpoint\Authorization;

use Interop\Http\Server\RequestHandlerInterface;
use Interop\Http\Server\MiddlewareInterface;
use OAuth2Framework\Component\Server\Endpoint\Authorization\AfterConsentScreen\AfterConsentScreenManager;
use OAuth2Framework\Component\Server\Endpoint\Authorization\BeforeConsentScreen\BeforeConsentScreenManager;
use OAuth2Framework\Component\Server\Endpoint\Authorization\UserAccountDiscovery\UserAccountDiscoveryManager;
use OAuth2Framework\Component\Server\Response\OAuth2Exception;
use OAuth2Framework\Component\Server\Response\OAuth2ResponseFactoryManager;
use OAuth2Framework\Component\Server\ResponseType\ResponseTypeProcessor;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

abstract class AuthorizationEndpoint implements MiddlewareInterface
{
    /**
     * @var UserAccountDiscoveryManager
     */
    private $userAccountDiscoveryManager;

    /**
     * @var BeforeConsentScreenManager
     */
    private $beforeConsentScreenManager;

    /**
     * @var AfterConsentScreenManager
     */
    private $afterConsentScreenManager;

    /**
     * @var AuthorizationFactory
     */
    private $authorizationFactory;

    /**
     * AuthorizationEndpoint constructor.
     *
     * @param AuthorizationFactory        $authorizationFactory
     * @param UserAccountDiscoveryManager $userAccountDiscoveryManager
     * @param BeforeConsentScreenManager  $beforeConsentScreenManager
     * @param AfterConsentScreenManager   $afterConsentScreenManager
     */
    public function __construct(AuthorizationFactory $authorizationFactory, UserAccountDiscoveryManager $userAccountDiscoveryManager, BeforeConsentScreenManager $beforeConsentScreenManager, AfterConsentScreenManager $afterConsentScreenManager)
    {
        $this->authorizationFactory = $authorizationFactory;
        $this->userAccountDiscoveryManager = $userAccountDiscoveryManager;
        $this->beforeConsentScreenManager = $beforeConsentScreenManager;
        $this->afterConsentScreenManager = $afterConsentScreenManager;
    }

    /**
     * @param Authorization          $authorization
     * @param ServerRequestInterface $request
     *
     * @return ResponseInterface
     */
    abstract protected function redirectToLoginPage(Authorization $authorization, ServerRequestInterface $request): ResponseInterface;

    /**
     * @param ServerRequestInterface $request
     * @param Authorization          $authorization
     *
     * @return ResponseInterface
     */
    abstract protected function processConsentScreen(ServerRequestInterface $request, Authorization $authorization): ResponseInterface;

    /**
     * {@inheritdoc}
     */
    public function process(ServerRequestInterface $request, RequestHandlerInterface $requestHandler)
    {
        try {
            $authorization = $this->authorizationFactory->createAuthorizationFromRequest($request);
            $authorization = $this->userAccountDiscoveryManager->find($request, $authorization);

            if (null === $authorization->getUserAccount()) {
                return $this->redirectToLoginPage($authorization, $request);
            }

            $authorization = $this->beforeConsentScreenManager->process($request, $authorization);

            return $this->processConsentScreen($request, $authorization);
        } catch (OAuth2Exception $e) {
            $data = $e->getData();
            if (null !== $e->getAuthorization()) {
                $redirectUri = $e->getAuthorization()->getRedirectUri();
                $responseMode = $e->getAuthorization()->getResponseMode();
                if (null !== $redirectUri && null !== $responseMode) {
                    $data['redirect_uri'] = $redirectUri;
                    $data['response_mode'] = $responseMode;

                    throw new OAuth2Exception(302, $data, $e->getAuthorization(), $e);
                }
            }

            throw $e;
        } catch (Exception\ProcessAuthorizationException $e) {
            $authorization = $e->getAuthorization();
            $authorization = $this->afterConsentScreenManager->process($request, $authorization);
            if ($authorization->isAuthorized() === false) {
                $this->throwRedirectionException($authorization, OAuth2ResponseFactoryManager::ERROR_ACCESS_DENIED, 'The resource owner denied access to your client.');
            }

            $responseTypeProcessor = ResponseTypeProcessor::create($authorization);

            try {
                $authorization = $responseTypeProcessor->process();
            } catch (OAuth2Exception $e) {
                $this->throwRedirectionException($authorization, $e->getData()['error'], $e->getData()['error_description']);
            }

            return $this->buildResponse($authorization);
        } catch (Exception\CreateRedirectionException $e) {
            $this->throwRedirectionException($e->getAuthorization(), $e->getMessage(), $e->getDescription());
        } catch (Exception\ShowConsentScreenException $e) {
            return $this->processConsentScreen($request, $e->getAuthorization());
        } catch (Exception\RedirectToLoginPageException $e) {
            return $this->redirectToLoginPage($e->getAuthorization(), $request);
        }
    }

    /**
     * @param Authorization $authorization
     *
     * @throws OAuth2Exception
     *
     * @return ResponseInterface
     */
    private function buildResponse(Authorization $authorization): ResponseInterface
    {
        if (null === $authorization->getResponseMode() || null === $authorization->getRedirectUri()) {
            throw new OAuth2Exception(400, ['error' => 'EEE', 'error_description' => 'FFF']);
        }

        $response = $authorization->getResponseMode()->buildResponse(
            $authorization->getRedirectUri(),
            $authorization->getResponseParameters()
        );
        foreach ($authorization->getResponseHeaders() as $k => $v) {
            $response = $response->withHeader($k, $v);
        }

        return $response;
    }

    /**
     * @param Authorization $authorization
     * @param string        $error
     * @param string        $error_description
     *
     * @throws OAuth2Exception
     */
    private function throwRedirectionException(Authorization $authorization, string $error, string $error_description)
    {
        $params = [
            'error' => $error,
            'error_description' => $error_description,
        ];
        $params += $authorization->getResponseParameters();
        if (null === $authorization->getResponseMode() || null === $authorization->getRedirectUri()) {
            throw new OAuth2Exception(400, $params);
        }
        $params += [
            'response_mode' => $authorization->getResponseMode(),
            'redirect_uri' => $authorization->getRedirectUri(),
        ];

        throw new OAuth2Exception(302, $params);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2017 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Component\Server\Endpoint\Authorization;
15
16			use Interop\Http\Server\RequestHandlerInterface;
17			use Interop\Http\Server\MiddlewareInterface;
18			use OAuth2Framework\Component\Server\Endpoint\Authorization\AfterConsentScreen\AfterConsentScreenManager;
19			use OAuth2Framework\Component\Server\Endpoint\Authorization\BeforeConsentScreen\BeforeConsentScreenManager;
20			use OAuth2Framework\Component\Server\Endpoint\Authorization\UserAccountDiscovery\UserAccountDiscoveryManager;
21			use OAuth2Framework\Component\Server\Response\OAuth2Exception;
22			use OAuth2Framework\Component\Server\Response\OAuth2ResponseFactoryManager;
23			use OAuth2Framework\Component\Server\ResponseType\ResponseTypeProcessor;
24			use Psr\Http\Message\ResponseInterface;
25			use Psr\Http\Message\ServerRequestInterface;
26
27			abstract class AuthorizationEndpoint implements MiddlewareInterface
28			{
29			/**
30			* @var UserAccountDiscoveryManager
31			*/
32			private $userAccountDiscoveryManager;
33
34			/**
35			* @var BeforeConsentScreenManager
36			*/
37			private $beforeConsentScreenManager;
38
39			/**
40			* @var AfterConsentScreenManager
41			*/
42			private $afterConsentScreenManager;
43
44			/**
45			* @var AuthorizationFactory
46			*/
47			private $authorizationFactory;
48
49			/**
50			* AuthorizationEndpoint constructor.
51			*
52			* @param AuthorizationFactory $authorizationFactory
53			* @param UserAccountDiscoveryManager $userAccountDiscoveryManager
54			* @param BeforeConsentScreenManager $beforeConsentScreenManager
55			* @param AfterConsentScreenManager $afterConsentScreenManager
56			*/
57			public function __construct(AuthorizationFactory $authorizationFactory, UserAccountDiscoveryManager $userAccountDiscoveryManager, BeforeConsentScreenManager $beforeConsentScreenManager, AfterConsentScreenManager $afterConsentScreenManager)
58			{
59			$this->authorizationFactory = $authorizationFactory;
60			$this->userAccountDiscoveryManager = $userAccountDiscoveryManager;
61			$this->beforeConsentScreenManager = $beforeConsentScreenManager;
62			$this->afterConsentScreenManager = $afterConsentScreenManager;
63			}
64
65			/**
66			* @param Authorization $authorization
67			* @param ServerRequestInterface $request
68			*
69			* @return ResponseInterface
70			*/
71			abstract protected function redirectToLoginPage(Authorization $authorization, ServerRequestInterface $request): ResponseInterface;
72
73			/**
74			* @param ServerRequestInterface $request
75			* @param Authorization $authorization
76			*
77			* @return ResponseInterface
78			*/
79			abstract protected function processConsentScreen(ServerRequestInterface $request, Authorization $authorization): ResponseInterface;
80
81			/**
82			* {@inheritdoc}
83			*/
84			public function process(ServerRequestInterface $request, RequestHandlerInterface $requestHandler)
85			{
86			try {
87			$authorization = $this->authorizationFactory->createAuthorizationFromRequest($request);
88			$authorization = $this->userAccountDiscoveryManager->find($request, $authorization);
89
90			if (null === $authorization->getUserAccount()) {
91			return $this->redirectToLoginPage($authorization, $request);
92			}
93
94			$authorization = $this->beforeConsentScreenManager->process($request, $authorization);
95
96			return $this->processConsentScreen($request, $authorization);
97			} catch (OAuth2Exception $e) {
98			$data = $e->getData();
99			if (null !== $e->getAuthorization()) {
100			$redirectUri = $e->getAuthorization()->getRedirectUri();
101			$responseMode = $e->getAuthorization()->getResponseMode();
102			if (null !== $redirectUri && null !== $responseMode) {
103			$data['redirect_uri'] = $redirectUri;
104			$data['response_mode'] = $responseMode;
105
106			throw new OAuth2Exception(302, $data, $e->getAuthorization(), $e);
107			}
108			}
109
110			throw $e;
111			} catch (Exception\ProcessAuthorizationException $e) {
112			$authorization = $e->getAuthorization();
113			$authorization = $this->afterConsentScreenManager->process($request, $authorization);
114			if ($authorization->isAuthorized() === false) {
115			$this->throwRedirectionException($authorization, OAuth2ResponseFactoryManager::ERROR_ACCESS_DENIED, 'The resource owner denied access to your client.');
116			}
117
118			$responseTypeProcessor = ResponseTypeProcessor::create($authorization);
119
120			try {
121			$authorization = $responseTypeProcessor->process();
122			} catch (OAuth2Exception $e) {
123			$this->throwRedirectionException($authorization, $e->getData()['error'], $e->getData()['error_description']);
124			}
125
126			return $this->buildResponse($authorization);
127			} catch (Exception\CreateRedirectionException $e) {
128			$this->throwRedirectionException($e->getAuthorization(), $e->getMessage(), $e->getDescription());
129			} catch (Exception\ShowConsentScreenException $e) {
130			return $this->processConsentScreen($request, $e->getAuthorization());
131			} catch (Exception\RedirectToLoginPageException $e) {
132			return $this->redirectToLoginPage($e->getAuthorization(), $request);
133			}
134			}
135
136			/**
137			* @param Authorization $authorization
138			*
139			* @throws OAuth2Exception
140			*
141			* @return ResponseInterface
142			*/
143			private function buildResponse(Authorization $authorization): ResponseInterface
144			{
145			if (null === $authorization->getResponseMode() \|\| null === $authorization->getRedirectUri()) {
146			throw new OAuth2Exception(400, ['error' => 'EEE', 'error_description' => 'FFF']);
147			}
148
149			$response = $authorization->getResponseMode()->buildResponse(
150			$authorization->getRedirectUri(),
151			$authorization->getResponseParameters()
152			);
153			foreach ($authorization->getResponseHeaders() as $k => $v) {
154			$response = $response->withHeader($k, $v);
155			}
156
157			return $response;
158			}
159
160			/**
161			* @param Authorization $authorization
162			* @param string $error
163			* @param string $error_description
164			*
165			* @throws OAuth2Exception
166			*/
167			private function throwRedirectionException(Authorization $authorization, string $error, string $error_description)
168			{
169			$params = [
170			'error' => $error,
171			'error_description' => $error_description,
172			];
173			$params += $authorization->getResponseParameters();
174			if (null === $authorization->getResponseMode() \|\| null === $authorization->getRedirectUri()) {
175			throw new OAuth2Exception(400, $params);
176			}
177			$params += [
178			'response_mode' => $authorization->getResponseMode(),
179			'redirect_uri' => $authorization->getRedirectUri(),
180			];
181
182			throw new OAuth2Exception(302, $params);
183			}
184			}
185

OAuth2-Framework / oauth2-framework

Pull Request — master (#63)

AuthorizationEndpoint A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

6 Methods

Duplication Side-by-Side

Filter issues like