OAuth2SecurityFactory::create() - Code Metrics - Inspection of "Firewall and annotation support" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( 8d4434...bd8ce1 )

by Florent

created 2017-10-03 19:36 UTC

OAuth2SecurityFactory::create() A

↳ Parent: OAuth2SecurityFactory

Complexity

Conditions	1
Paths	1

Size

Total Lines	19
Code Lines	12

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	19
rs	9.4285
c	0
b	0
f	0
cc	1
eloc	12
nc	1
nop	5

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2017 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Bundle\Server\Security\Factory;

use OAuth2Framework\Bundle\Server\Security\Authentication\Provider\OAuth2Provider;
use OAuth2Framework\Bundle\Server\Security\EntryPoint\OAuth2EntryPoint;
use OAuth2Framework\Bundle\Server\Security\Firewall\OAuth2Listener;
use Symfony\Component\DependencyInjection\ChildDefinition;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\DependencyInjection\Reference;
use Symfony\Component\Config\Definition\Builder\NodeDefinition;
use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\SecurityFactoryInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;

final class OAuth2SecurityFactory implements SecurityFactoryInterface
{
    public function create(ContainerBuilder $container, $id, $config, $userProvider, $defaultEntryPoint)
    {
        $providerId = 'security.authentication.provider.oauth2.'.$id;
        $container
            ->setDefinition($providerId, new ChildDefinition(OAuth2Provider::class))
            ->setAutowired(true)
        ;

        $listenerId = 'security.authentication.listener.oauth2.'.$id;
        $listener = $container
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
            ->setDefinition($listenerId, new ChildDefinition(OAuth2Listener::class))
            ->setArguments([
                new Reference(TokenStorageInterface::class),
                new Reference('security.authentication.manager')
            ])
        ;

        return array($providerId, $listenerId, OAuth2EntryPoint::class);
    }

    /**
     * {@inheritdoc}
     */
    public function getPosition()
    {
        return 'pre_auth';
    }

    /**
     * {@inheritdoc}
     */
    public function getKey()
    {
        return 'oauth2';
    }

    /**
     * {@inheritdoc}
     */
    public function addConfiguration(NodeDefinition $node)
    {
        $node
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
            ->children()
                ->scalarNode('access_token_handler_manager')
                    ->info('The access token handler manager has to retrieve access tokens on demand. Access token can be find from a database, the introspection or any other method.')
                    ->isRequired()
                ->end()
            ->end();
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2017 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Bundle\Server\Security\Factory;
15
16			use OAuth2Framework\Bundle\Server\Security\Authentication\Provider\OAuth2Provider;
17			use OAuth2Framework\Bundle\Server\Security\EntryPoint\OAuth2EntryPoint;
18			use OAuth2Framework\Bundle\Server\Security\Firewall\OAuth2Listener;
19			use Symfony\Component\DependencyInjection\ChildDefinition;
20			use Symfony\Component\DependencyInjection\ContainerBuilder;
21			use Symfony\Component\DependencyInjection\Reference;
22			use Symfony\Component\Config\Definition\Builder\NodeDefinition;
23			use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\SecurityFactoryInterface;
24			use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
25
26			final class OAuth2SecurityFactory implements SecurityFactoryInterface
27			{
28			public function create(ContainerBuilder $container, $id, $config, $userProvider, $defaultEntryPoint)
29			{
30			$providerId = 'security.authentication.provider.oauth2.'.$id;
31			$container
32			->setDefinition($providerId, new ChildDefinition(OAuth2Provider::class))
33			->setAutowired(true)
34			;
35
36			$listenerId = 'security.authentication.listener.oauth2.'.$id;
37			$listener = $container
			0 ignored issues – show Unused Code introduced 2017-10-03 19:40 UTC by Report Bug Copy Issue Report `$listener` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
38			->setDefinition($listenerId, new ChildDefinition(OAuth2Listener::class))
39			->setArguments([
40			new Reference(TokenStorageInterface::class),
41			new Reference('security.authentication.manager')
42			])
43			;
44
45			return array($providerId, $listenerId, OAuth2EntryPoint::class);
46			}
47
48			/**
49			* {@inheritdoc}
50			*/
51			public function getPosition()
52			{
53			return 'pre_auth';
54			}
55
56			/**
57			* {@inheritdoc}
58			*/
59			public function getKey()
60			{
61			return 'oauth2';
62			}
63
64			/**
65			* {@inheritdoc}
66			*/
67			public function addConfiguration(NodeDefinition $node)
68			{
69			$node
			0 ignored issues – show Bug introduced 2017-03-31 15:24 UTC by Report Bug Copy Issue Report It seems like you code against a specific sub-type and not the parent class `Symfony\Component\Config...\Builder\NodeDefinition` as the method `children()` does only exist in the following sub-classes of `Symfony\Component\Config...\Builder\NodeDefinition`: `Symfony\Component\Config...der\ArrayNodeDefinition`. Maybe you want to `instanceof` check for one of these explicitly? Let’s take a look at an example: abstract class User { /** @return string / abstract public function getPassword(); } class MyUser extends User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the parent class: abstract class User { /** @return string / abstract public function getPassword(); /* @return string */ abstract public function getDisplayName(); } Loading history...
70			->children()
71			->scalarNode('access_token_handler_manager')
72			->info('The access token handler manager has to retrieve access tokens on demand. Access token can be find from a database, the introspection or any other method.')
73			->isRequired()
74			->end()
75			->end();
76			}
77			}
78

OAuth2-Framework / oauth2-framework

Push — master ( 8d4434...bd8ce1 )

OAuth2SecurityFactory::create() A

Complexity

Size

Duplication

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like