AuthorizationEndpoint::process() - Code Metrics - Inspection of "WIP" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( 7f2d83...323120 )

by Florent

created 2018-09-24 19:08 UTC

AuthorizationEndpoint::process() B

↳ Parent: AuthorizationEndpoint

Complexity

Conditions	7
Paths	46

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	71
rs	7.6993
c	0
b	0
f	0
cc	7
nc	46
nop	2

How to fix Long Method

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2018 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\AuthorizationEndpoint;

use Http\Message\MessageFactory;
use OAuth2Framework\Component\AuthorizationEndpoint\AuthorizationRequest\AuthorizationRequest;
use OAuth2Framework\Component\AuthorizationEndpoint\AuthorizationRequest\AuthorizationRequestLoader;
use OAuth2Framework\Component\AuthorizationEndpoint\Extension\ExtensionManager;
use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\ParameterCheckerManager;
use OAuth2Framework\Component\AuthorizationEndpoint\UserAccount\UserAccountCheckerManager;
use OAuth2Framework\Component\AuthorizationEndpoint\UserAccount\UserAccountDiscovery;
use OAuth2Framework\Component\Core\Message\OAuth2Error;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;

abstract class AuthorizationEndpoint implements MiddlewareInterface
{
    protected $messageFactory;

    protected $authorizationRequestLoader;

    protected $parameterCheckerManager;

    protected $userAccountDiscovery;

    protected $userAccountCheckerManager;

    protected $extensionManager;

    public function __construct(MessageFactory $messageFactory, AuthorizationRequestLoader $authorizationRequestLoader, ParameterCheckerManager $parameterCheckerManager, UserAccountDiscovery $userAccountDiscovery, UserAccountCheckerManager $userAccountCheckerManager, ExtensionManager $extensionManager)
    {
        $this->messageFactory = $messageFactory;
        $this->authorizationRequestLoader = $authorizationRequestLoader;
        $this->parameterCheckerManager = $parameterCheckerManager;
        $this->userAccountDiscovery = $userAccountDiscovery;
        $this->userAccountCheckerManager = $userAccountCheckerManager;
        $this->extensionManager = $extensionManager;
    }

    abstract protected function redirectToLoginPage(ServerRequestInterface $request, AuthorizationRequest $authorization): ResponseInterface;

    abstract protected function processConsentScreen(ServerRequestInterface $request, AuthorizationRequest $authorization): ResponseInterface;

    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        try {
            // Loads the request and check the parameters
            $authorization = $this->authorizationRequestLoader->load($request);
            $authorization = $this->parameterCheckerManager->process($authorization);

            //Retrieve the end user account
            $userAccount = $this->userAccountDiscovery->find();
            if (null !== $userAccount) {
                // Process with authenticated user
                $isFullyAuthenticated = $this->userAccountDiscovery->isFullyAuthenticated();
                $authorization->setUserAccount($userAccount, $isFullyAuthenticated);

                //Check the user against the available rules e.g.:
                // * prompt login => redirect to login page
                // * max_age/default_max_age => redirect to login page
                if (!$isFullyAuthenticated) {
                    $this->userAccountCheckerManager->check($authorization);
                }

                if ($authorization->hasPrompt('none')) {
                    //TODO: No interaction. Should verified if the authorization has previously been given
                    $this->throwOAuth2Error($authorization, OAuth2Error::ERROR_INTERACTION_REQUIRED, 'The resource owner consent is required.');
                } else {
                    //Ask for consent
                    $authorization = $this->extensionManager->processBefore($request, $authorization);
                }

                return $this->processConsentScreen($request, $authorization);
            } else {
                // Process with unauthenticated user

                // If prompt = none => no interaction
                if ($authorization->hasPrompt('none')) {
                    //throw error login required
                    $this->throwOAuth2Error($authorization, OAuth2Error::ERROR_LOGIN_REQUIRED, 'The resource owner is not logged in.');
                }

                // Else => user authentication required
                return $this->redirectToLoginPage($request, $authorization);
            }
        } catch (OAuth2Error $e) {
            throw $e;
        } catch (\Exception $e) {
            throw $e;
        }/* catch (Exception\ProcessAuthorizationException $e) {

            $authorization = $e->getAuthorization();
            $authorization = $this->extensionManager->processAfter($request, $authorization);
            if (false === $authorization->isAuthorized()) {
                $this->throwOAuth2Error($authorization, OAuth2Message::ERROR_ACCESS_DENIED, 'The resource owner denied access to your client.');
            }

            $responseType = $authorization->getResponseType();

            try {
                $authorization = $responseType->preProcess($authorization);
                $authorization = $responseType->process($authorization);
            } catch (OAuth2Message $e) {
                $this->throwOAuth2Error($authorization, $e->getMessage(), $e->getErrorDescription());
            }

            return $this->buildResponse($authorization);
        } catch (Exception\CreateRedirectionException $e) {
            $this->throwOAuth2Error($e->getAuthorization(), $e->getMessage(), $e->getDescription());
        } catch (Exception\ShowConsentScreenException $e) {
            return $this->processConsentScreen($request, $e->getAuthorization());
        } catch (Exception\RedirectToLoginPageException $e) {
            return $this->redirectToLoginPage($request, $e->getAuthorization());
        }*/
    }

    protected function buildResponse(AuthorizationRequest $authorization): ResponseInterface
    {
        $response = $authorization->getResponseMode()->buildResponse(
            $this->messageFactory->createResponse(),
            $authorization->getRedirectUri(),
            $authorization->getResponseParameters()
        );
        foreach ($authorization->getResponseHeaders() as $k => $v) {
            $response = $response->withHeader($k, $v);
        }

        return $response;
    }

    protected function throwOAuth2Error(AuthorizationRequest $authorization, string $error, string $errorDescription)
    {
        $params = $authorization->getResponseParameters();
        if (null === $authorization->getResponseMode() || null === $authorization->getRedirectUri()) {
            throw new OAuth2Error(400, $error, $errorDescription);
        }
        $params += [
            'response_mode' => $authorization->getResponseMode(),
            'redirect_uri' => $authorization->getRedirectUri(),
        ];

        throw new OAuth2Error(303, $error, $errorDescription, $params);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2018 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Component\AuthorizationEndpoint;
15
16			use Http\Message\MessageFactory;
17			use OAuth2Framework\Component\AuthorizationEndpoint\AuthorizationRequest\AuthorizationRequest;
18			use OAuth2Framework\Component\AuthorizationEndpoint\AuthorizationRequest\AuthorizationRequestLoader;
19			use OAuth2Framework\Component\AuthorizationEndpoint\Extension\ExtensionManager;
20			use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\ParameterCheckerManager;
21			use OAuth2Framework\Component\AuthorizationEndpoint\UserAccount\UserAccountCheckerManager;
22			use OAuth2Framework\Component\AuthorizationEndpoint\UserAccount\UserAccountDiscovery;
23			use OAuth2Framework\Component\Core\Message\OAuth2Error;
24			use Psr\Http\Message\ResponseInterface;
25			use Psr\Http\Message\ServerRequestInterface;
26			use Psr\Http\Server\MiddlewareInterface;
27			use Psr\Http\Server\RequestHandlerInterface;
28
29			abstract class AuthorizationEndpoint implements MiddlewareInterface
30			{
31			protected $messageFactory;
32
33			protected $authorizationRequestLoader;
34
35			protected $parameterCheckerManager;
36
37			protected $userAccountDiscovery;
38
39			protected $userAccountCheckerManager;
40
41			protected $extensionManager;
42
43			public function __construct(MessageFactory $messageFactory, AuthorizationRequestLoader $authorizationRequestLoader, ParameterCheckerManager $parameterCheckerManager, UserAccountDiscovery $userAccountDiscovery, UserAccountCheckerManager $userAccountCheckerManager, ExtensionManager $extensionManager)
44			{
45			$this->messageFactory = $messageFactory;
46			$this->authorizationRequestLoader = $authorizationRequestLoader;
47			$this->parameterCheckerManager = $parameterCheckerManager;
48			$this->userAccountDiscovery = $userAccountDiscovery;
49			$this->userAccountCheckerManager = $userAccountCheckerManager;
50			$this->extensionManager = $extensionManager;
51			}
52
53			abstract protected function redirectToLoginPage(ServerRequestInterface $request, AuthorizationRequest $authorization): ResponseInterface;
54
55			abstract protected function processConsentScreen(ServerRequestInterface $request, AuthorizationRequest $authorization): ResponseInterface;
56
57			public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
58			{
59			try {
60			// Loads the request and check the parameters
61			$authorization = $this->authorizationRequestLoader->load($request);
62			$authorization = $this->parameterCheckerManager->process($authorization);
63
64			//Retrieve the end user account
65			$userAccount = $this->userAccountDiscovery->find();
66			if (null !== $userAccount) {
67			// Process with authenticated user
68			$isFullyAuthenticated = $this->userAccountDiscovery->isFullyAuthenticated();
69			$authorization->setUserAccount($userAccount, $isFullyAuthenticated);
70
71			//Check the user against the available rules e.g.:
72			// * prompt login => redirect to login page
73			// * max_age/default_max_age => redirect to login page
74			if (!$isFullyAuthenticated) {
75			$this->userAccountCheckerManager->check($authorization);
76			}
77
78			if ($authorization->hasPrompt('none')) {
79			//TODO: No interaction. Should verified if the authorization has previously been given
80			$this->throwOAuth2Error($authorization, OAuth2Error::ERROR_INTERACTION_REQUIRED, 'The resource owner consent is required.');
81			} else {
82			//Ask for consent
83			$authorization = $this->extensionManager->processBefore($request, $authorization);
84			}
85
86			return $this->processConsentScreen($request, $authorization);
87			} else {
88			// Process with unauthenticated user
89
90			// If prompt = none => no interaction
91			if ($authorization->hasPrompt('none')) {
92			//throw error login required
93			$this->throwOAuth2Error($authorization, OAuth2Error::ERROR_LOGIN_REQUIRED, 'The resource owner is not logged in.');
94			}
95
96			// Else => user authentication required
97			return $this->redirectToLoginPage($request, $authorization);
98			}
99			} catch (OAuth2Error $e) {
100			throw $e;
101			} catch (\Exception $e) {
102			throw $e;
103			}/* catch (Exception\ProcessAuthorizationException $e) {
			0 ignored issues – show Unused Code Comprehensibility introduced 2018-09-24 19:13 UTC by Report Bug Copy Issue Report `61%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
104			$authorization = $e->getAuthorization();
105			$authorization = $this->extensionManager->processAfter($request, $authorization);
106			if (false === $authorization->isAuthorized()) {
107			$this->throwOAuth2Error($authorization, OAuth2Message::ERROR_ACCESS_DENIED, 'The resource owner denied access to your client.');
108			}
109
110			$responseType = $authorization->getResponseType();
111
112			try {
113			$authorization = $responseType->preProcess($authorization);
114			$authorization = $responseType->process($authorization);
115			} catch (OAuth2Message $e) {
116			$this->throwOAuth2Error($authorization, $e->getMessage(), $e->getErrorDescription());
117			}
118
119			return $this->buildResponse($authorization);
120			} catch (Exception\CreateRedirectionException $e) {
121			$this->throwOAuth2Error($e->getAuthorization(), $e->getMessage(), $e->getDescription());
122			} catch (Exception\ShowConsentScreenException $e) {
123			return $this->processConsentScreen($request, $e->getAuthorization());
124			} catch (Exception\RedirectToLoginPageException $e) {
125			return $this->redirectToLoginPage($request, $e->getAuthorization());
126			}*/
127			}
128
129			protected function buildResponse(AuthorizationRequest $authorization): ResponseInterface
130			{
131			$response = $authorization->getResponseMode()->buildResponse(
132			$this->messageFactory->createResponse(),
133			$authorization->getRedirectUri(),
134			$authorization->getResponseParameters()
135			);
136			foreach ($authorization->getResponseHeaders() as $k => $v) {
137			$response = $response->withHeader($k, $v);
138			}
139
140			return $response;
141			}
142
143			protected function throwOAuth2Error(AuthorizationRequest $authorization, string $error, string $errorDescription)
144			{
145			$params = $authorization->getResponseParameters();
146			if (null === $authorization->getResponseMode() \|\| null === $authorization->getRedirectUri()) {
147			throw new OAuth2Error(400, $error, $errorDescription);
148			}
149			$params += [
150			'response_mode' => $authorization->getResponseMode(),
151			'redirect_uri' => $authorization->getRedirectUri(),
152			];
153
154			throw new OAuth2Error(303, $error, $errorDescription, $params);
155			}
156			}
157

OAuth2-Framework / oauth2-framework

Push — master ( 7f2d83...323120 )

AuthorizationEndpoint::process() B

Complexity

Size

Duplication

Importance

How to fix Long Method

Long Method

Duplication Side-by-Side

Filter issues like