ClientAuthenticationMiddleware - Code Metrics - Inspection of "Tests added and bugs fixed" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — ng ( ada769...ebc492 )

by Florent

created 2018-01-07 23:30 UTC

ClientAuthenticationMiddleware A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	40
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	4

Importance

Changes

Metric	Value
wmc	4
lcom	1
cbo	4
dl	0
loc	40
rs	10
c	0
b	0
f	0

2 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	5	1
A	process()	0	12	3

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2018 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\Server\TokenEndpoint;

use Interop\Http\Server\RequestHandlerInterface;
use Interop\Http\Server\MiddlewareInterface;
use OAuth2Framework\Component\Server\Core\Client\ClientRepository;
use OAuth2Framework\Component\Server\TokenEndpoint\AuthenticationMethod\AuthenticationMethodManager;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

final class ClientAuthenticationMiddleware implements MiddlewareInterface
{
    /**
     * @var AuthenticationMethodManager
     */
    private $authenticationMethodManager;

    /**
     * @var ClientRepository
     */
    private $clientRepository;

    /**
     * ClientAuthenticationMiddleware constructor.
     *
     * @param ClientRepository            $clientRepository
     * @param AuthenticationMethodManager $authenticationMethodManager
     */
    public function __construct(ClientRepository $clientRepository, AuthenticationMethodManager $authenticationMethodManager)
    {
        $this->clientRepository = $clientRepository;
        $this->authenticationMethodManager = $authenticationMethodManager;
    }

    /**
     * {@inheritdoc}
     */
    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        $clientId = $this->authenticationMethodManager->findClientIdAndCredentials($request, $authentication_method, $client_credentials);
        if (null !== $clientId) {
            $client = $this->clientRepository->find($clientId);
            if ($this->authenticationMethodManager->isClientAuthenticated($request, $client, $authentication_method, $client_credentials)) {
/** @return stdClass|null */
function mayReturnNull() { }

function doesNotAcceptNull(stdClass $x) { }

// With potential error.
function withoutCheck() {
    $x = mayReturnNull();
    doesNotAcceptNull($x); // Potential error here.
}

// Safe - Alternative 1
function withCheck1() {
    $x = mayReturnNull();
    if ( ! $x instanceof stdClass) {
        throw new \LogicException('$x must be defined.');
    }
    doesNotAcceptNull($x);
}

// Safe - Alternative 2
function withCheck2() {
    $x = mayReturnNull();
    if ($x instanceof stdClass) {
        doesNotAcceptNull($x);
    }
}
                $request = $request->withAttribute('client', $client);
            }
        }

        return $handler->handle($request);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2018 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Component\Server\TokenEndpoint;
15
16			use Interop\Http\Server\RequestHandlerInterface;
17			use Interop\Http\Server\MiddlewareInterface;
18			use OAuth2Framework\Component\Server\Core\Client\ClientRepository;
19			use OAuth2Framework\Component\Server\TokenEndpoint\AuthenticationMethod\AuthenticationMethodManager;
20			use Psr\Http\Message\ResponseInterface;
21			use Psr\Http\Message\ServerRequestInterface;
22
23			final class ClientAuthenticationMiddleware implements MiddlewareInterface
24			{
25			/**
26			* @var AuthenticationMethodManager
27			*/
28			private $authenticationMethodManager;
29
30			/**
31			* @var ClientRepository
32			*/
33			private $clientRepository;
34
35			/**
36			* ClientAuthenticationMiddleware constructor.
37			*
38			* @param ClientRepository $clientRepository
39			* @param AuthenticationMethodManager $authenticationMethodManager
40			*/
41			public function __construct(ClientRepository $clientRepository, AuthenticationMethodManager $authenticationMethodManager)
42			{
43			$this->clientRepository = $clientRepository;
44			$this->authenticationMethodManager = $authenticationMethodManager;
45			}
46
47			/**
48			* {@inheritdoc}
49			*/
50			public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
51			{
52			$clientId = $this->authenticationMethodManager->findClientIdAndCredentials($request, $authentication_method, $client_credentials);
53			if (null !== $clientId) {
54			$client = $this->clientRepository->find($clientId);
55			if ($this->authenticationMethodManager->isClientAuthenticated($request, $client, $authentication_method, $client_credentials)) {
			0 ignored issues – show Bug introduced 2018-01-07 23:38 UTC by Report Bug Copy Issue Report It seems like `$client` defined by `$this->clientRepository->find($clientId)` on line `54` can be `null`; however, `OAuth2Framework\Componen...isClientAuthenticated()` does not accept `null`, maybe add an additional type check? Unless you are absolutely sure that the expression can never be null because of other conditions, we strongly recommend to add an additional type check to your code: /** @return stdClass\|null / function mayReturnNull() { } function doesNotAcceptNull(stdClass $x) { } // With potential error. function withoutCheck() { $x = mayReturnNull(); doesNotAcceptNull($x); // Potential error here. } // Safe - Alternative 1 function withCheck1() { $x = mayReturnNull(); if ( ! $x instanceof stdClass) { throw new \LogicException('$x must be defined.'); } doesNotAcceptNull($x); } // Safe - Alternative 2 function withCheck2() { $x = mayReturnNull(); if ($x instanceof stdClass) { doesNotAcceptNull($x); } } Loading history... Bug introduced 2018-01-07 23:38 UTC by Report Bug Copy Issue Report It seems like `$authentication_method` can be `null`; however, `isClientAuthenticated()` does not accept `null`, maybe add an additional type check? Unless you are absolutely sure that the expression can never be null because of other conditions, we strongly recommend to add an additional type check to your code: /* @return stdClass\|null */ function mayReturnNull() { } function doesNotAcceptNull(stdClass $x) { } // With potential error. function withoutCheck() { $x = mayReturnNull(); doesNotAcceptNull($x); // Potential error here. } // Safe - Alternative 1 function withCheck1() { $x = mayReturnNull(); if ( ! $x instanceof stdClass) { throw new \LogicException('$x must be defined.'); } doesNotAcceptNull($x); } // Safe - Alternative 2 function withCheck2() { $x = mayReturnNull(); if ($x instanceof stdClass) { doesNotAcceptNull($x); } } Loading history...
56			$request = $request->withAttribute('client', $client);
57			}
58			}
59
60			return $handler->handle($request);
61			}
62			}
63

OAuth2-Framework / oauth2-framework

Push — ng ( ada769...ebc492 )

ClientAuthenticationMiddleware A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

2 Methods

Duplication Side-by-Side

Filter issues like