TokenIntrospectionEndpoint::process() - Code Metrics - Inspection of "Encrypted Assertions support in the test" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — ng ( 4e3f89...ea75f5 )

by Florent

created 2018-03-23 11:12 UTC

TokenIntrospectionEndpoint::process() C

↳ Parent: TokenIntrospectionEndpoint

Complexity

Conditions	8
Paths	35

Size

Total Lines	39
Code Lines	27

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	39
rs	5.3846
c	0
b	0
f	0
cc	8
eloc	27
nc	35
nop	2

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2018 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\TokenIntrospectionEndpoint;

use Http\Message\ResponseFactory;
use Psr\Http\Server\RequestHandlerInterface;
use Psr\Http\Server\MiddlewareInterface;
use OAuth2Framework\Component\Core\ResourceServer\ResourceServer;
use OAuth2Framework\Component\Core\Exception\OAuth2Exception;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

class TokenIntrospectionEndpoint implements MiddlewareInterface
{
    /**
     * @var TokenTypeHintManager
     */
    private $tokenTypeHintManager;

    /**
     * @var ResponseFactory
     */
    private $responseFactory;

    /**
     * TokenIntrospectionEndpoint constructor.
     *
     * @param TokenTypeHintManager $tokenTypeHintManager
     * @param ResponseFactory      $responseFactory
     */
    public function __construct(TokenTypeHintManager $tokenTypeHintManager, ResponseFactory $responseFactory)
    {
        $this->tokenTypeHintManager = $tokenTypeHintManager;
        $this->responseFactory = $responseFactory;
    }

    /**
     * {@inheritdoc}
     */
    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        try {
            $resourceServer = $this->getResourceServer($request);
            $token = $this->getToken($request);
            $hints = $this->getTokenTypeHints($request);

            foreach ($hints as $hint) {
                $result = $hint->find($token);
                if (null !== $result) {
                    if (null === $result->getResourceServerId() || $result->getResourceServerId()->getValue() === $resourceServer->getResourceServerId()->getValue()) {
                        $data = $hint->introspect($result);
                        $response = $this->responseFactory->createResponse();
                        $response->getBody()->write(json_encode($data, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
                        $headers = ['Content-Type' => 'application/json; charset=UTF-8', 'Cache-Control' => 'no-cache, no-store, max-age=0, must-revalidate, private', 'Pragma' => 'no-cache'];
                        foreach ($headers as $k => $v) {
                            $response = $response->withHeader($k, $v);
                        }

                        return $response;
                    }
                }
            }
            $responseContent = ['active' => false];
            $responseStatucCode = 200;
        } catch (OAuth2Exception $e) {
            $responseContent = $e->getData();
            $responseStatucCode = $e->getCode();
        }

        $response = $this->responseFactory->createResponse($responseStatucCode);
        $response->getBody()->write(json_encode($responseContent, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
        $headers = ['Content-Type' => 'application/json; charset=UTF-8', 'Cache-Control' => 'no-cache, no-store, max-age=0, must-revalidate, private', 'Pragma' => 'no-cache'];
        foreach ($headers as $k => $v) {
            $response = $response->withHeader($k, $v);
        }

        return $response;
    }

    /**
     * @param ServerRequestInterface $request
     *
     * @throws OAuth2Exception
     *
     * @return ResourceServer
     */
    private function getResourceServer(ServerRequestInterface $request): ResourceServer
    {
        $resourceServer = $request->getAttribute('resource_server');
        if (null === $resourceServer) {
            throw new OAuth2Exception(400, OAuth2Exception::ERROR_INVALID_RESOURCE_SERVER, 'Resource Server authentication failed.');
        }

        return $resourceServer;
    }

    /**
     * @param ServerRequestInterface $request
     *
     * @throws OAuth2Exception
     *
     * @return string
     */
    protected function getToken(ServerRequestInterface $request): string
    {
        $params = $this->getRequestParameters($request);
        if (!array_key_exists('token', $params)) {
            throw new OAuth2Exception(400, OAuth2Exception::ERROR_INVALID_REQUEST, 'The parameter "token" is missing.');
        }

        return $params['token'];
    }

    /**
     * @param ServerRequestInterface $request
     *
     * @throws OAuth2Exception
     *
     * @return TokenTypeHint[]
     */
    protected function getTokenTypeHints(ServerRequestInterface $request): array
    {
        $params = $this->getRequestParameters($request);
        $tokenTypeHints = $this->tokenTypeHintManager->getTokenTypeHints();

        if (array_key_exists('token_type_hint', $params)) {
            $tokenTypeHint = $params['token_type_hint'];
            if (!array_key_exists($params['token_type_hint'], $tokenTypeHints)) {
                throw new OAuth2Exception(400, 'unsupported_token_type', sprintf('The token type hint "%s" is not supported. Please use one of the following values: %s.', $params['token_type_hint'], implode(', ', array_keys($tokenTypeHints))));
            }

            $hint = $tokenTypeHints[$tokenTypeHint];
            unset($tokenTypeHints[$tokenTypeHint]);
            $tokenTypeHints = [$tokenTypeHint => $hint] + $tokenTypeHints;
        }

        return $tokenTypeHints;
    }

    /**
     * @param ServerRequestInterface $request
     *
     * @return array
     */
    protected function getRequestParameters(ServerRequestInterface $request): array
    {
        $parameters = $request->getParsedBody() ?? [];

        return array_intersect_key($parameters, array_flip(['token', 'token_type_hint']));
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2018 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Component\TokenIntrospectionEndpoint;
15
16			use Http\Message\ResponseFactory;
17			use Psr\Http\Server\RequestHandlerInterface;
18			use Psr\Http\Server\MiddlewareInterface;
19			use OAuth2Framework\Component\Core\ResourceServer\ResourceServer;
20			use OAuth2Framework\Component\Core\Exception\OAuth2Exception;
21			use Psr\Http\Message\ResponseInterface;
22			use Psr\Http\Message\ServerRequestInterface;
23
24			class TokenIntrospectionEndpoint implements MiddlewareInterface
25			{
26			/**
27			* @var TokenTypeHintManager
28			*/
29			private $tokenTypeHintManager;
30
31			/**
32			* @var ResponseFactory
33			*/
34			private $responseFactory;
35
36			/**
37			* TokenIntrospectionEndpoint constructor.
38			*
39			* @param TokenTypeHintManager $tokenTypeHintManager
40			* @param ResponseFactory $responseFactory
41			*/
42			public function __construct(TokenTypeHintManager $tokenTypeHintManager, ResponseFactory $responseFactory)
43			{
44			$this->tokenTypeHintManager = $tokenTypeHintManager;
45			$this->responseFactory = $responseFactory;
46			}
47
48			/**
49			* {@inheritdoc}
50			*/
51			public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
52			{
53			try {
54			$resourceServer = $this->getResourceServer($request);
55			$token = $this->getToken($request);
56			$hints = $this->getTokenTypeHints($request);
57
58			foreach ($hints as $hint) {
59			$result = $hint->find($token);
60			if (null !== $result) {
61			if (null === $result->getResourceServerId() \|\| $result->getResourceServerId()->getValue() === $resourceServer->getResourceServerId()->getValue()) {
62			$data = $hint->introspect($result);
63			$response = $this->responseFactory->createResponse();
64			$response->getBody()->write(json_encode($data, JSON_UNESCAPED_UNICODE \| JSON_UNESCAPED_SLASHES));
65			$headers = ['Content-Type' => 'application/json; charset=UTF-8', 'Cache-Control' => 'no-cache, no-store, max-age=0, must-revalidate, private', 'Pragma' => 'no-cache'];
66			foreach ($headers as $k => $v) {
67			$response = $response->withHeader($k, $v);
68			}
69
70			return $response;
71			}
72			}
73			}
74			$responseContent = ['active' => false];
75			$responseStatucCode = 200;
76			} catch (OAuth2Exception $e) {
77			$responseContent = $e->getData();
78			$responseStatucCode = $e->getCode();
79			}
80
81			$response = $this->responseFactory->createResponse($responseStatucCode);
82			$response->getBody()->write(json_encode($responseContent, JSON_UNESCAPED_UNICODE \| JSON_UNESCAPED_SLASHES));
83			$headers = ['Content-Type' => 'application/json; charset=UTF-8', 'Cache-Control' => 'no-cache, no-store, max-age=0, must-revalidate, private', 'Pragma' => 'no-cache'];
84			foreach ($headers as $k => $v) {
85			$response = $response->withHeader($k, $v);
86			}
87
88			return $response;
89			}
90
91			/**
92			* @param ServerRequestInterface $request
93			*
94			* @throws OAuth2Exception
95			*
96			* @return ResourceServer
97			*/
98			private function getResourceServer(ServerRequestInterface $request): ResourceServer
99			{
100			$resourceServer = $request->getAttribute('resource_server');
101			if (null === $resourceServer) {
102			throw new OAuth2Exception(400, OAuth2Exception::ERROR_INVALID_RESOURCE_SERVER, 'Resource Server authentication failed.');
103			}
104
105			return $resourceServer;
106			}
107
108			/**
109			* @param ServerRequestInterface $request
110			*
111			* @throws OAuth2Exception
112			*
113			* @return string
114			*/
115			protected function getToken(ServerRequestInterface $request): string
116			{
117			$params = $this->getRequestParameters($request);
118			if (!array_key_exists('token', $params)) {
119			throw new OAuth2Exception(400, OAuth2Exception::ERROR_INVALID_REQUEST, 'The parameter "token" is missing.');
120			}
121
122			return $params['token'];
123			}
124
125			/**
126			* @param ServerRequestInterface $request
127			*
128			* @throws OAuth2Exception
129			*
130			* @return TokenTypeHint[]
131			*/
132			protected function getTokenTypeHints(ServerRequestInterface $request): array
133			{
134			$params = $this->getRequestParameters($request);
135			$tokenTypeHints = $this->tokenTypeHintManager->getTokenTypeHints();
136
137			if (array_key_exists('token_type_hint', $params)) {
138			$tokenTypeHint = $params['token_type_hint'];
139			if (!array_key_exists($params['token_type_hint'], $tokenTypeHints)) {
140			throw new OAuth2Exception(400, 'unsupported_token_type', sprintf('The token type hint "%s" is not supported. Please use one of the following values: %s.', $params['token_type_hint'], implode(', ', array_keys($tokenTypeHints))));
141			}
142
143			$hint = $tokenTypeHints[$tokenTypeHint];
144			unset($tokenTypeHints[$tokenTypeHint]);
145			$tokenTypeHints = [$tokenTypeHint => $hint] + $tokenTypeHints;
146			}
147
148			return $tokenTypeHints;
149			}
150
151			/**
152			* @param ServerRequestInterface $request
153			*
154			* @return array
155			*/
156			protected function getRequestParameters(ServerRequestInterface $request): array
157			{
158			$parameters = $request->getParsedBody() ?? [];
159
160			return array_intersect_key($parameters, array_flip(['token', 'token_type_hint']));
161			}
162			}
163

OAuth2-Framework / oauth2-framework

Push — ng ( 4e3f89...ea75f5 )

TokenIntrospectionEndpoint::process() C

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like