ClientAssertionJwtSource::load() - Code Metrics - Inspection of "Bug fixed" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — ng ( 941bba...49c420 )

by Florent

created 2018-02-16 15:02 UTC

ClientAssertionJwtSource::load() B

↳ Parent: ClientAssertionJwtSource

Complexity

Conditions	3
Paths	3

Size

Total Lines	24
Code Lines	18

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	24
rs	8.9713
c	0
b	0
f	0
cc	3
eloc	18
nc	3
nop	2

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2018 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Bundle\Component\ClientAuthentication;

use Jose\Bundle\JoseFramework\Helper\ConfigurationHelper;
use OAuth2Framework\Bundle\Component\ClientAuthentication\Compiler\ClientAssertionEncryptedJwtCompilerPass;
use OAuth2Framework\Bundle\Component\ClientAuthentication\Compiler\ClientAssertionJkuSupportCompilerPass;
use OAuth2Framework\Bundle\Component\ClientAuthentication\Compiler\ClientAssertionTrustedIssuerSupportCompilerPass;
use OAuth2Framework\Bundle\Component\Component;
use Symfony\Component\Config\Definition\Builder\ArrayNodeDefinition;
use Symfony\Component\Config\FileLocator;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\DependencyInjection\Loader\PhpFileLoader;

class ClientAssertionJwtSource implements Component
{
    /**
     * @return string
     */
    public function name(): string
    {
        return 'client_assertion_jwt';
    }

    /**
     * {@inheritdoc}
     */
    public function load(array $configs, ContainerBuilder $container)
    {
        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.enabled', $configs['client_authentication']['client_assertion_jwt']['enabled']);
        if (!$configs['client_authentication']['client_assertion_jwt']['enabled']) {
            return;
        }
        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.secret_lifetime', $configs['client_authentication']['client_assertion_jwt']['secret_lifetime']);
        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.signature_algorithms', $configs['client_authentication']['client_assertion_jwt']['signature_algorithms']);
        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.claim_checkers', $configs['client_authentication']['client_assertion_jwt']['claim_checkers']);
        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.header_checkers', $configs['client_authentication']['client_assertion_jwt']['header_checkers']);
        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.jku_support.enabled', $configs['client_authentication']['client_assertion_jwt']['jku_support']['enabled']);
        $loader = new PhpFileLoader($container, new FileLocator(__DIR__.'/../../Resources/config/client_authentication'));
        $loader->load('client_assertion_jwt.php');

        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.encryption.enabled', $configs['client_authentication']['client_assertion_jwt']['encryption']['enabled']);
        if (!$configs['client_authentication']['client_assertion_jwt']['encryption']['enabled']) {
            return;
        }

        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.encryption.required', $configs['client_authentication']['client_assertion_jwt']['encryption']['required']);
        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.encryption.key_set', $configs['client_authentication']['client_assertion_jwt']['encryption']['key_set']);
        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.encryption.key_encryption_algorithms', $configs['client_authentication']['client_assertion_jwt']['encryption']['key_encryption_algorithms']);
        $container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.encryption.content_encryption_algorithms', $configs['client_authentication']['client_assertion_jwt']['encryption']['content_encryption_algorithms']);
    }

    /**
     * {@inheritdoc}
     */
    public function getNodeDefinition(ArrayNodeDefinition $node, ArrayNodeDefinition $rootNode)
    {
        $node->children()
            ->arrayNode($this->name())
                ->addDefaultsIfNotSet()
                ->canBeEnabled()
                ->info('This method comprises the "client_secret_jwt" and the "private_key_jwt" authentication methods')
                ->validate()
                    ->ifTrue(function ($config) {
                        return $config['enabled'] && empty($config['signature_algorithms']);
                    })
                    ->thenInvalid('At least one signature algorithm must be set.')
                ->end()
                ->children()
                    ->integerNode('secret_lifetime')
                        ->info('Secret lifetime (in seconds; 0 = unlimited) applicable to the "client_secret_jwt" authentication method')
                        ->defaultValue(60 * 60 * 24 * 14)
                        ->min(0)
                    ->end()
                    ->arrayNode('signature_algorithms')
                        ->info('Supported signature algorithms.')
                        ->useAttributeAsKey('name')
                        ->scalarPrototype()->end()
                        ->treatNullLike([])
                    ->end()
                    ->arrayNode('claim_checkers')
                        ->info('Claim checkers for incoming assertions.')
                        ->useAttributeAsKey('name')
                        ->scalarPrototype()->end()
                        ->treatNullLike([])
                    ->end()
                    ->arrayNode('header_checkers')
                        ->info('Header checkers for incoming assertions.')
                        ->useAttributeAsKey('name')
                        ->scalarPrototype()->end()
                        ->treatNullLike([])
                    ->end()
                    ->arrayNode('jku_support')
                        ->info('If enabled, the client configuration parameter "jwks_uri" will be allowed.')
                        ->canBeEnabled()
                    ->end()
                    ->arrayNode('encryption')
                        ->canBeEnabled()
                        ->validate()
                            ->ifTrue(function ($config) {
                                return true === $config['enabled'] && empty($config['key_encryption_algorithms']);
                            })
                            ->thenInvalid('At least one key encryption algorithm must be set.')
                        ->end()
                        ->validate()
                            ->ifTrue(function ($config) {
                                return true === $config['enabled'] && empty($config['content_encryption_algorithms']);
                            })
                            ->thenInvalid('At least one content encryption algorithm must be set.')
                        ->end()
                        ->children()
                            ->booleanNode('required')
                                ->info('When true, all incoming assertions must be encrypted.')
                                ->defaultFalse()
                            ->end()
                            ->scalarNode('key_set')
                                ->info('Private or shared keys used for assertion decryption.')
                                ->isRequired()
                            ->end()
                            ->arrayNode('key_encryption_algorithms')
                                ->info('Supported key encryption algorithms.')
                                ->useAttributeAsKey('name')
                                ->scalarPrototype()->end()
                                ->treatNullLike([])
                            ->end()
                            ->arrayNode('content_encryption_algorithms')
                                ->info('Supported content encryption algorithms.')
                                ->useAttributeAsKey('name')
                                ->scalarPrototype()->end()
                                ->treatNullLike([])
                            ->end()
                        ->end()
                    ->end()
                ->end()
            ->end()
        ->end();
    }

    /**
     * {@inheritdoc}
     */
    public function prepend(ContainerBuilder $container, array $configs): array
    {
        $config = $configs['client_authentication']['client_assertion_jwt'];
        ConfigurationHelper::addJWSVerifier($container, 'client_authentication.client_assertion_jwt', $config['signature_algorithms'], false, []);
        ConfigurationHelper::addHeaderChecker($container, 'client_authentication.client_assertion_jwt', $config['header_checkers'], false, []);
        ConfigurationHelper::addClaimChecker($container, 'client_authentication.client_assertion_jwt', $config['claim_checkers'], false, []);
        if ($config['encryption']['enabled']) {
            ConfigurationHelper::addJWELoader($container, 'client_authentication.client_assertion_jwt.encryption', ['jwe_compact'], $config['encryption']['key_encryption_algorithms'], $config['encryption']['content_encryption_algorithms'], ['DEF'], [] /*FIXME*/, false, []);
            ConfigurationHelper::addKeyset($container, 'client_authentication.client_assertion_jwt.encryption', 'jwkset', ['value' => $config['encryption']['key_set']], false, []);
        }

        return [];
    }

    /**
     * {@inheritdoc}
     */
    public function build(ContainerBuilder $container)
    {
        $container->addCompilerPass(new ClientAssertionTrustedIssuerSupportCompilerPass());
        $container->addCompilerPass(new ClientAssertionJkuSupportCompilerPass());
        $container->addCompilerPass(new ClientAssertionEncryptedJwtCompilerPass());
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2018 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Bundle\Component\ClientAuthentication;
15
16			use Jose\Bundle\JoseFramework\Helper\ConfigurationHelper;
17			use OAuth2Framework\Bundle\Component\ClientAuthentication\Compiler\ClientAssertionEncryptedJwtCompilerPass;
18			use OAuth2Framework\Bundle\Component\ClientAuthentication\Compiler\ClientAssertionJkuSupportCompilerPass;
19			use OAuth2Framework\Bundle\Component\ClientAuthentication\Compiler\ClientAssertionTrustedIssuerSupportCompilerPass;
20			use OAuth2Framework\Bundle\Component\Component;
21			use Symfony\Component\Config\Definition\Builder\ArrayNodeDefinition;
22			use Symfony\Component\Config\FileLocator;
23			use Symfony\Component\DependencyInjection\ContainerBuilder;
24			use Symfony\Component\DependencyInjection\Loader\PhpFileLoader;
25
26			class ClientAssertionJwtSource implements Component
27			{
28			/**
29			* @return string
30			*/
31			public function name(): string
32			{
33			return 'client_assertion_jwt';
34			}
35
36			/**
37			* {@inheritdoc}
38			*/
39			public function load(array $configs, ContainerBuilder $container)
40			{
41			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.enabled', $configs['client_authentication']['client_assertion_jwt']['enabled']);
42			if (!$configs['client_authentication']['client_assertion_jwt']['enabled']) {
43			return;
44			}
45			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.secret_lifetime', $configs['client_authentication']['client_assertion_jwt']['secret_lifetime']);
46			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.signature_algorithms', $configs['client_authentication']['client_assertion_jwt']['signature_algorithms']);
47			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.claim_checkers', $configs['client_authentication']['client_assertion_jwt']['claim_checkers']);
48			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.header_checkers', $configs['client_authentication']['client_assertion_jwt']['header_checkers']);
49			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.jku_support.enabled', $configs['client_authentication']['client_assertion_jwt']['jku_support']['enabled']);
50			$loader = new PhpFileLoader($container, new FileLocator(__DIR__.'/../../Resources/config/client_authentication'));
51			$loader->load('client_assertion_jwt.php');
52
53			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.encryption.enabled', $configs['client_authentication']['client_assertion_jwt']['encryption']['enabled']);
54			if (!$configs['client_authentication']['client_assertion_jwt']['encryption']['enabled']) {
55			return;
56			}
57
58			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.encryption.required', $configs['client_authentication']['client_assertion_jwt']['encryption']['required']);
59			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.encryption.key_set', $configs['client_authentication']['client_assertion_jwt']['encryption']['key_set']);
60			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.encryption.key_encryption_algorithms', $configs['client_authentication']['client_assertion_jwt']['encryption']['key_encryption_algorithms']);
61			$container->setParameter('oauth2_server.client_authentication.client_assertion_jwt.encryption.content_encryption_algorithms', $configs['client_authentication']['client_assertion_jwt']['encryption']['content_encryption_algorithms']);
62			}
63
64			/**
65			* {@inheritdoc}
66			*/
67			public function getNodeDefinition(ArrayNodeDefinition $node, ArrayNodeDefinition $rootNode)
68			{
69			$node->children()
70			->arrayNode($this->name())
71			->addDefaultsIfNotSet()
72			->canBeEnabled()
73			->info('This method comprises the "client_secret_jwt" and the "private_key_jwt" authentication methods')
74			->validate()
75			->ifTrue(function ($config) {
76			return $config['enabled'] && empty($config['signature_algorithms']);
77			})
78			->thenInvalid('At least one signature algorithm must be set.')
79			->end()
80			->children()
81			->integerNode('secret_lifetime')
82			->info('Secret lifetime (in seconds; 0 = unlimited) applicable to the "client_secret_jwt" authentication method')
83			->defaultValue(60 * 60 * 24 * 14)
84			->min(0)
85			->end()
86			->arrayNode('signature_algorithms')
87			->info('Supported signature algorithms.')
88			->useAttributeAsKey('name')
89			->scalarPrototype()->end()
90			->treatNullLike([])
91			->end()
92			->arrayNode('claim_checkers')
93			->info('Claim checkers for incoming assertions.')
94			->useAttributeAsKey('name')
95			->scalarPrototype()->end()
96			->treatNullLike([])
97			->end()
98			->arrayNode('header_checkers')
99			->info('Header checkers for incoming assertions.')
100			->useAttributeAsKey('name')
101			->scalarPrototype()->end()
102			->treatNullLike([])
103			->end()
104			->arrayNode('jku_support')
105			->info('If enabled, the client configuration parameter "jwks_uri" will be allowed.')
106			->canBeEnabled()
107			->end()
108			->arrayNode('encryption')
109			->canBeEnabled()
110			->validate()
111			->ifTrue(function ($config) {
112			return true === $config['enabled'] && empty($config['key_encryption_algorithms']);
113			})
114			->thenInvalid('At least one key encryption algorithm must be set.')
115			->end()
116			->validate()
117			->ifTrue(function ($config) {
118			return true === $config['enabled'] && empty($config['content_encryption_algorithms']);
119			})
120			->thenInvalid('At least one content encryption algorithm must be set.')
121			->end()
122			->children()
123			->booleanNode('required')
124			->info('When true, all incoming assertions must be encrypted.')
125			->defaultFalse()
126			->end()
127			->scalarNode('key_set')
128			->info('Private or shared keys used for assertion decryption.')
129			->isRequired()
130			->end()
131			->arrayNode('key_encryption_algorithms')
132			->info('Supported key encryption algorithms.')
133			->useAttributeAsKey('name')
134			->scalarPrototype()->end()
135			->treatNullLike([])
136			->end()
137			->arrayNode('content_encryption_algorithms')
138			->info('Supported content encryption algorithms.')
139			->useAttributeAsKey('name')
140			->scalarPrototype()->end()
141			->treatNullLike([])
142			->end()
143			->end()
144			->end()
145			->end()
146			->end()
147			->end();
148			}
149
150			/**
151			* {@inheritdoc}
152			*/
153			public function prepend(ContainerBuilder $container, array $configs): array
154			{
155			$config = $configs['client_authentication']['client_assertion_jwt'];
156			ConfigurationHelper::addJWSVerifier($container, 'client_authentication.client_assertion_jwt', $config['signature_algorithms'], false, []);
157			ConfigurationHelper::addHeaderChecker($container, 'client_authentication.client_assertion_jwt', $config['header_checkers'], false, []);
158			ConfigurationHelper::addClaimChecker($container, 'client_authentication.client_assertion_jwt', $config['claim_checkers'], false, []);
159			if ($config['encryption']['enabled']) {
160			ConfigurationHelper::addJWELoader($container, 'client_authentication.client_assertion_jwt.encryption', ['jwe_compact'], $config['encryption']['key_encryption_algorithms'], $config['encryption']['content_encryption_algorithms'], ['DEF'], [] /FIXME/, false, []);
161			ConfigurationHelper::addKeyset($container, 'client_authentication.client_assertion_jwt.encryption', 'jwkset', ['value' => $config['encryption']['key_set']], false, []);
162			}
163
164			return [];
165			}
166
167			/**
168			* {@inheritdoc}
169			*/
170			public function build(ContainerBuilder $container)
171			{
172			$container->addCompilerPass(new ClientAssertionTrustedIssuerSupportCompilerPass());
173			$container->addCompilerPass(new ClientAssertionJkuSupportCompilerPass());
174			$container->addCompilerPass(new ClientAssertionEncryptedJwtCompilerPass());
175			}
176			}
177

OAuth2-Framework / oauth2-framework

Push — ng ( 941bba...49c420 )

ClientAssertionJwtSource::load() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like