IdTokenSource::continueConfiguration() - Code Metrics - Inspection of "Better OpenID Connect support" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — master (#31)

by Florent

created 2017-04-09 13:26 UTC

IdTokenSource::continueConfiguration() A

↳ Parent: IdTokenSource

Complexity

Conditions	2
Paths	2

Size

Total Lines	63
Code Lines	56

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	63
rs	9.4347
c	0
b	0
f	0
cc	2
eloc	56
nc	2
nop	1

How to fix Long Method

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2017 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Bundle\Server\DependencyInjection\Source\OpenIdConnect;

use Fluent\PhpConfigFileLoader;
use OAuth2Framework\Bundle\Server\DependencyInjection\Source\ArraySource;
use OAuth2Framework\Bundle\Server\DependencyInjection\Source\SourceInterface;
use SpomkyLabs\JoseBundle\Helper\ConfigurationHelper;
use Symfony\Component\Config\Definition\Builder\NodeDefinition;
use Symfony\Component\Config\FileLocator;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\PropertyAccess\PropertyAccess;

final class IdTokenSource extends ArraySource
{
    /**
     * @var SourceInterface[]
     */
    private $subSources = [];

    /**
     * UserinfoSource constructor.
     */
    public function __construct()
    {
        $this->subSources = [
            new IdTokenResponseTypeSource(),
            new IdTokenEncryptionSource(),
        ];
    }

    /**
     * {@inheritdoc}
     */
    public function prepend(array $bundleConfig, string $path, ContainerBuilder $container)
    {
        foreach ($this->subSources as $source) {
            $source->prepend($bundleConfig, $path.'['.$this->name().']', $container);
        }
        $currentPath = $path.'['.$this->name().']';
        $accessor = PropertyAccess::createPropertyAccessor();
        $sourceConfig = $accessor->getValue($bundleConfig, $currentPath);
        $this->updateJoseBundleConfigurationForSigner($container, $sourceConfig);
        $this->updateJoseBundleConfigurationForVerifier($container, $sourceConfig);
        $this->updateJoseBundleConfigurationForChecker($container, $sourceConfig);
        $this->updateJoseBundleConfigurationForJWTLoader($container, $sourceConfig);
    }

    /**
     * {@inheritdoc}
     */
    protected function continueLoading(string $path, ContainerBuilder $container, array $config)
    {
        foreach (['lifetime', 'default_signature_algorithm', 'signature_algorithms', 'claim_checkers', 'header_checkers'] as $k) {
            $container->setParameter($path.'.'.$k, $config[$k]);
        }
        $container->setAlias($path.'.key_set', $config['key_set']);

        foreach ($this->subSources as $source) {
            $source->load($path, $container, $config);
        }
        $loader = new PhpConfigFileLoader($container, new FileLocator(__DIR__.'/../../../Resources/config/openid_connect'));
        $loader->load('userinfo_scope_support.php');
    }

    /**
     * {@inheritdoc}
     */
    protected function name(): string
    {
        return 'id_token';
    }

    protected function continueConfiguration(NodeDefinition $node)
    {
        parent::continueConfiguration($node);
        $node
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
            ->validate()
                ->ifTrue(function ($config) {
                    return empty($config['default_signature_algorithm']);
                })
                ->thenInvalid('The option "default_signature_algorithm" must be set.')
            ->end()
            ->validate()
                ->ifTrue(function ($config) {
                    return empty($config['signature_algorithms']);
                })
                ->thenInvalid('The option "signature_algorithm" must contain at least one signature algorithm.')
            ->end()
            ->validate()
                ->ifTrue(function ($config) {
                    return !in_array($config['default_signature_algorithm'], $config['signature_algorithms']);
                })
                ->thenInvalid('The default signature algorithm must be in the supported signature algorithms.')
            ->end()
            ->validate()
                ->ifTrue(function ($config) {
                    return empty($config['key_set']);
                })
                ->thenInvalid('The option "key_set" must be set.')
            ->end()
            ->children()
                ->scalarNode('default_signature_algorithm')
                    ->info('Signature algorithm used if the client has not defined a preferred one. Recommended value is "RS256".')
                ->end()
                ->scalarNode('key_set')
                    ->info('Key set that contains a suitable signature key for the selected signature algorithms.')
                ->end()
                ->arrayNode('signature_algorithms')
                    ->info('Signature algorithm used to sign the ID Tokens.')
                    ->useAttributeAsKey('name')
                    ->prototype('scalar')->end()
                    ->treatNullLike([])
                ->end()
                ->arrayNode('claim_checkers')
                    ->info('Checkers will verify the JWT claims.')
                    ->useAttributeAsKey('name')
                    ->prototype('scalar')->end()
                    ->treatNullLike(['exp', 'iat', 'nbf'])
                ->end()
                ->arrayNode('header_checkers')
                    ->info('Checkers will verify the JWT headers.')
                    ->useAttributeAsKey('name')
                    ->prototype('scalar')->end()
                    ->treatNullLike(['crit'])
                ->end()
                ->integerNode('lifetime')
                    ->info('Lifetime of the ID Tokens (in seconds). If an access token is issued with the ID Token, the lifetime of the access token is used instead of this value.')
                    ->defaultValue(3600)
                    ->min(1)
                ->end()
            ->end();
        foreach ($this->subSources as $source) {
            $source->addConfiguration($node);
        }
    }

    /**
     * @param ContainerBuilder $container
     * @param array            $sourceConfig
     */
    private function updateJoseBundleConfigurationForSigner(ContainerBuilder $container, array $sourceConfig)
    {
        ConfigurationHelper::addSigner($container, $this->name(), $sourceConfig['signature_algorithms'], false, false);
    }

    /**
     * @param ContainerBuilder $container
     * @param array            $sourceConfig
     */
    private function updateJoseBundleConfigurationForVerifier(ContainerBuilder $container, array $sourceConfig)
    {
        ConfigurationHelper::addVerifier($container, $this->name(), $sourceConfig['signature_algorithms'], false);
    }

    /**
     * @param ContainerBuilder $container
     * @param array            $sourceConfig
     */
    private function updateJoseBundleConfigurationForChecker(ContainerBuilder $container, array $sourceConfig)
    {
        ConfigurationHelper::addChecker($container, $this->name(), $sourceConfig['header_checkers'], $sourceConfig['claim_checkers'], false);
    }

    /**
     * @param ContainerBuilder $container
     * @param array            $sourceConfig
     */
    private function updateJoseBundleConfigurationForJWTLoader(ContainerBuilder $container, array $sourceConfig)
    {
        $decrypter = null;
        if (true === $sourceConfig['encryption']['enabled']) {
            $decrypter = sprintf('jose.decrypter.%s', $this->name());
        }
        ConfigurationHelper::addJWTLoader($container, $this->name(), sprintf('jose.verifier.%s', $this->name()), sprintf('jose.checker.%s', $this->name()), $decrypter, false);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2017 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Bundle\Server\DependencyInjection\Source\OpenIdConnect;
15
16			use Fluent\PhpConfigFileLoader;
17			use OAuth2Framework\Bundle\Server\DependencyInjection\Source\ArraySource;
18			use OAuth2Framework\Bundle\Server\DependencyInjection\Source\SourceInterface;
19			use SpomkyLabs\JoseBundle\Helper\ConfigurationHelper;
20			use Symfony\Component\Config\Definition\Builder\NodeDefinition;
21			use Symfony\Component\Config\FileLocator;
22			use Symfony\Component\DependencyInjection\ContainerBuilder;
23			use Symfony\Component\PropertyAccess\PropertyAccess;
24
25			final class IdTokenSource extends ArraySource
26			{
27			/**
28			* @var SourceInterface[]
29			*/
30			private $subSources = [];
31
32			/**
33			* UserinfoSource constructor.
34			*/
35			public function __construct()
36			{
37			$this->subSources = [
38			new IdTokenResponseTypeSource(),
39			new IdTokenEncryptionSource(),
40			];
41			}
42
43			/**
44			* {@inheritdoc}
45			*/
46			public function prepend(array $bundleConfig, string $path, ContainerBuilder $container)
47			{
48			foreach ($this->subSources as $source) {
49			$source->prepend($bundleConfig, $path.'['.$this->name().']', $container);
50			}
51			$currentPath = $path.'['.$this->name().']';
52			$accessor = PropertyAccess::createPropertyAccessor();
53			$sourceConfig = $accessor->getValue($bundleConfig, $currentPath);
54			$this->updateJoseBundleConfigurationForSigner($container, $sourceConfig);
55			$this->updateJoseBundleConfigurationForVerifier($container, $sourceConfig);
56			$this->updateJoseBundleConfigurationForChecker($container, $sourceConfig);
57			$this->updateJoseBundleConfigurationForJWTLoader($container, $sourceConfig);
58			}
59
60			/**
61			* {@inheritdoc}
62			*/
63			protected function continueLoading(string $path, ContainerBuilder $container, array $config)
64			{
65			foreach (['lifetime', 'default_signature_algorithm', 'signature_algorithms', 'claim_checkers', 'header_checkers'] as $k) {
66			$container->setParameter($path.'.'.$k, $config[$k]);
67			}
68			$container->setAlias($path.'.key_set', $config['key_set']);
69
70			foreach ($this->subSources as $source) {
71			$source->load($path, $container, $config);
72			}
73			$loader = new PhpConfigFileLoader($container, new FileLocator(__DIR__.'/../../../Resources/config/openid_connect'));
74			$loader->load('userinfo_scope_support.php');
75			}
76
77			/**
78			* {@inheritdoc}
79			*/
80			protected function name(): string
81			{
82			return 'id_token';
83			}
84
85			protected function continueConfiguration(NodeDefinition $node)
86			{
87			parent::continueConfiguration($node);
88			$node
			0 ignored issues – show Bug introduced 2017-04-09 13:29 UTC by Report Bug Copy Issue Report It seems like you code against a specific sub-type and not the parent class `Symfony\Component\Config...\Builder\NodeDefinition` as the method `children()` does only exist in the following sub-classes of `Symfony\Component\Config...\Builder\NodeDefinition`: `Symfony\Component\Config...der\ArrayNodeDefinition`. Maybe you want to `instanceof` check for one of these explicitly? Let’s take a look at an example: abstract class User { /** @return string / abstract public function getPassword(); } class MyUser extends User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the parent class: abstract class User { /** @return string / abstract public function getPassword(); /* @return string */ abstract public function getDisplayName(); } Loading history...
89			->validate()
90			->ifTrue(function ($config) {
91			return empty($config['default_signature_algorithm']);
92			})
93			->thenInvalid('The option "default_signature_algorithm" must be set.')
94			->end()
95			->validate()
96			->ifTrue(function ($config) {
97			return empty($config['signature_algorithms']);
98			})
99			->thenInvalid('The option "signature_algorithm" must contain at least one signature algorithm.')
100			->end()
101			->validate()
102			->ifTrue(function ($config) {
103			return !in_array($config['default_signature_algorithm'], $config['signature_algorithms']);
104			})
105			->thenInvalid('The default signature algorithm must be in the supported signature algorithms.')
106			->end()
107			->validate()
108			->ifTrue(function ($config) {
109			return empty($config['key_set']);
110			})
111			->thenInvalid('The option "key_set" must be set.')
112			->end()
113			->children()
114			->scalarNode('default_signature_algorithm')
115			->info('Signature algorithm used if the client has not defined a preferred one. Recommended value is "RS256".')
116			->end()
117			->scalarNode('key_set')
118			->info('Key set that contains a suitable signature key for the selected signature algorithms.')
119			->end()
120			->arrayNode('signature_algorithms')
121			->info('Signature algorithm used to sign the ID Tokens.')
122			->useAttributeAsKey('name')
123			->prototype('scalar')->end()
124			->treatNullLike([])
125			->end()
126			->arrayNode('claim_checkers')
127			->info('Checkers will verify the JWT claims.')
128			->useAttributeAsKey('name')
129			->prototype('scalar')->end()
130			->treatNullLike(['exp', 'iat', 'nbf'])
131			->end()
132			->arrayNode('header_checkers')
133			->info('Checkers will verify the JWT headers.')
134			->useAttributeAsKey('name')
135			->prototype('scalar')->end()
136			->treatNullLike(['crit'])
137			->end()
138			->integerNode('lifetime')
139			->info('Lifetime of the ID Tokens (in seconds). If an access token is issued with the ID Token, the lifetime of the access token is used instead of this value.')
140			->defaultValue(3600)
141			->min(1)
142			->end()
143			->end();
144			foreach ($this->subSources as $source) {
145			$source->addConfiguration($node);
146			}
147			}
148
149			/**
150			* @param ContainerBuilder $container
151			* @param array $sourceConfig
152			*/
153			private function updateJoseBundleConfigurationForSigner(ContainerBuilder $container, array $sourceConfig)
154			{
155			ConfigurationHelper::addSigner($container, $this->name(), $sourceConfig['signature_algorithms'], false, false);
156			}
157
158			/**
159			* @param ContainerBuilder $container
160			* @param array $sourceConfig
161			*/
162			private function updateJoseBundleConfigurationForVerifier(ContainerBuilder $container, array $sourceConfig)
163			{
164			ConfigurationHelper::addVerifier($container, $this->name(), $sourceConfig['signature_algorithms'], false);
165			}
166
167			/**
168			* @param ContainerBuilder $container
169			* @param array $sourceConfig
170			*/
171			private function updateJoseBundleConfigurationForChecker(ContainerBuilder $container, array $sourceConfig)
172			{
173			ConfigurationHelper::addChecker($container, $this->name(), $sourceConfig['header_checkers'], $sourceConfig['claim_checkers'], false);
174			}
175
176			/**
177			* @param ContainerBuilder $container
178			* @param array $sourceConfig
179			*/
180			private function updateJoseBundleConfigurationForJWTLoader(ContainerBuilder $container, array $sourceConfig)
181			{
182			$decrypter = null;
183			if (true === $sourceConfig['encryption']['enabled']) {
184			$decrypter = sprintf('jose.decrypter.%s', $this->name());
185			}
186			ConfigurationHelper::addJWTLoader($container, $this->name(), sprintf('jose.verifier.%s', $this->name()), sprintf('jose.checker.%s', $this->name()), $decrypter, false);
187			}
188			}
189

OAuth2-Framework / oauth2-framework

Pull Request — master (#31)

IdTokenSource::continueConfiguration() A

Complexity

Size

Duplication

Importance

How to fix Long Method

Long Method

Available Fixes

Duplication Side-by-Side

Filter issues like