ClientRegistrationController - Code Metrics - Inspection of "Merge branch 'issue#702' into issue#702_rs" - PROCERGS/login-cidadao - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — issue#702_rs ( ed72a1...cdafcf )

by Guilherme

created 2018-06-14 18:29 UTC

ClientRegistrationController A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	129
Duplicated Lines	0 %

Importance

Changes

Metric	Value
dl	0
loc	129
rs	10
c	0
b	0
f	0
wmc	18

7 Methods

Rating	Name	Size	Complexity
B	handleFormErrors()	23	4
A	getClientOr404()	10	2
A	parseJsonRequest()	6	3
A	checkRegistrationAccessToken()	8	3
A	getClientManager()	3	1
A	getDetailsAction()	13	2
B	registerAction()	26	3

<?php
/**
 * This file is part of the login-cidadao project or it's bundles.
 *
 * (c) Guilherme Donato <guilhermednt on github>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace LoginCidadao\OpenIDBundle\Controller;

use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
use FOS\RestBundle\Context\Context;
use LoginCidadao\OAuthBundle\Entity\Client;
use JMS\Serializer\SerializationContext;
use LoginCidadao\OAuthBundle\Model\ClientInterface;
use LoginCidadao\OpenIDBundle\Manager\ClientManager;
use Symfony\Component\Form\FormError;
use Symfony\Component\HttpFoundation\Request;
use FOS\RestBundle\Controller\FOSRestController;
use FOS\RestBundle\Controller\Annotations as REST;
use LoginCidadao\OpenIDBundle\Entity\ClientMetadata;
use LoginCidadao\OpenIDBundle\Form\ClientMetadataForm;
use LoginCidadao\OpenIDBundle\Exception\DynamicRegistrationException;

/**
 * Class ClientRegistrationController
 * @package LoginCidadao\OpenIDBundle\Controller
 * @codeCoverageIgnore
 */
class ClientRegistrationController extends FOSRestController
{

    /**
     * @REST\Post("/openid/connect/register", name="oidc_dynamic_registration", defaults={"_format"="json"})
     * @REST\View(templateVar="client")
     */
    public function registerAction(Request $request)
    {
        $this->parseJsonRequest($request);
        $clientManager = $this->getClientManager();

        $data = new ClientMetadata();
        $form = $this->createForm(new ClientMetadataForm($clientManager), $data, ['cascade_validation' => true]);

        $form->handleRequest($request);
        if ($form->isValid()) {
            $metadata = $form->getData();
            try {
                $client = $clientManager->register($metadata);
            } catch (UniqueConstraintViolationException $e) {
                $error = new DynamicRegistrationException('Client already exists', 400);

                return $this->view($error->getData(), $error->getCode());
            }

            return $this->view($metadata->fromClient($client), 201);
        } else {
            /** @var FormError[] $errors */
            $errors = $form->getErrors(true);
            $error = $this->handleFormErrors($errors);

            return $this->view($error->getData(), 400);
        }
    }

    /**
     * @REST\Get("/openid/connect/register/{clientId}", name="oidc_get_client_details", defaults={"_format"="json"})
     * @REST\View(templateVar="client")
     */
    public function getDetailsAction(Request $request, $clientId)
    {
        try {
            $client = $this->getClientOr404($clientId);
        } catch (DynamicRegistrationException $e) {
            return $this->view($e->getData(), 400);
        }
        $this->checkRegistrationAccessToken($request, $client);

        $context = (new Context())->setGroups(["client_metadata"]);
        $view = $this->view($client->getMetadata())->setContext($context);

        return $this->handleView($view);
    }

    /**
     * @param \Symfony\Component\Form\FormError[] $errors
     * @return DynamicRegistrationException
     */
    private function handleFormErrors($errors)
    {
        foreach ($errors as $error) {
            $cause = $error->getCause();
            $value = $cause->getInvalidValue();
            $propertyRegex = '/^data\\.([a-zA-Z0-9_]+).*$/';
            $property = preg_replace($propertyRegex, '$1', $cause->getPropertyPath());

            switch ($property) {
                case 'redirect_uris':
                    return new DynamicRegistrationException(
                        'Invalid redirect URIs: '.$cause->getMessage(),
                        DynamicRegistrationException::ERROR_INVALID_REDIRECT_URI
                    );
                case 'sector_identifier_uri':
                    return new DynamicRegistrationException(
                        "Invalid value for '{$property}': {$cause->getMessage()}",
                        DynamicRegistrationException::ERROR_INVALID_CLIENT_METADATA
                    );
                default:
                    return new DynamicRegistrationException(
                        "Invalid value for '{$property}'='{$value}': {$cause->getMessage()}",
                        DynamicRegistrationException::ERROR_INVALID_CLIENT_METADATA
                    );
            }
        }
    }

    private function parseJsonRequest(Request $request)
    {
        $request->setFormat('json', 'application/json');
        if (0 === strpos($request->headers->get('Content-Type'), 'application/json')) {
            $data = json_decode($request->getContent(), true);
            $request->request->replace(is_array($data) ? $data : []);
        }
    }

    /**
     * @param string $clientId
     * @return ClientInterface
     */
    private function getClientOr404($clientId)
    {
        /** @var ClientInterface|null $client */
        $client = $this->getClientManager()->getClientById($clientId);

        if (!$client instanceof ClientInterface) {
            throw $this->createNotFoundException('Client not found.');
        }

        return $client;
    }

    private function checkRegistrationAccessToken(Request $request, Client $client)
    {
        $raw = $request->get('access_token', $request->headers->get('authorization'));

        $token = str_replace('Bearer ', '', $raw);
        $metadata = $client->getMetadata();
        if (!$token || $metadata->getRegistrationAccessToken() !== $token) {
            throw $this->createAccessDeniedException();
        }
    }

    /**
     * @return ClientManager|object
     */
    private function getClientManager()
    {
        return $this->get('lc.client_manager');
    }
}


1			<?php
2			/**
3			* This file is part of the login-cidadao project or it's bundles.
4			*
5			* (c) Guilherme Donato <guilhermednt on github>
6			*
7			* For the full copyright and license information, please view the LICENSE
8			* file that was distributed with this source code.
9			*/
10
11			namespace LoginCidadao\OpenIDBundle\Controller;
12
13			use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
14			use FOS\RestBundle\Context\Context;
15			use LoginCidadao\OAuthBundle\Entity\Client;
16			use JMS\Serializer\SerializationContext;
17			use LoginCidadao\OAuthBundle\Model\ClientInterface;
18			use LoginCidadao\OpenIDBundle\Manager\ClientManager;
19			use Symfony\Component\Form\FormError;
20			use Symfony\Component\HttpFoundation\Request;
21			use FOS\RestBundle\Controller\FOSRestController;
22			use FOS\RestBundle\Controller\Annotations as REST;
23			use LoginCidadao\OpenIDBundle\Entity\ClientMetadata;
24			use LoginCidadao\OpenIDBundle\Form\ClientMetadataForm;
25			use LoginCidadao\OpenIDBundle\Exception\DynamicRegistrationException;
26
27			/**
28			* Class ClientRegistrationController
29			* @package LoginCidadao\OpenIDBundle\Controller
30			* @codeCoverageIgnore
31			*/
32			class ClientRegistrationController extends FOSRestController
33			{
34
35			/**
36			* @REST\Post("/openid/connect/register", name="oidc_dynamic_registration", defaults={"_format"="json"})
37			* @REST\View(templateVar="client")
38			*/
39			public function registerAction(Request $request)
40			{
41			$this->parseJsonRequest($request);
42			$clientManager = $this->getClientManager();
43
44			$data = new ClientMetadata();
45			$form = $this->createForm(new ClientMetadataForm($clientManager), $data, ['cascade_validation' => true]);
46
47			$form->handleRequest($request);
48			if ($form->isValid()) {
49			$metadata = $form->getData();
50			try {
51			$client = $clientManager->register($metadata);
52			} catch (UniqueConstraintViolationException $e) {
53			$error = new DynamicRegistrationException('Client already exists', 400);
54
55			return $this->view($error->getData(), $error->getCode());
56			}
57
58			return $this->view($metadata->fromClient($client), 201);
59			} else {
60			/** @var FormError[] $errors */
61			$errors = $form->getErrors(true);
62			$error = $this->handleFormErrors($errors);
63
64			return $this->view($error->getData(), 400);
65			}
66			}
67
68			/**
69			* @REST\Get("/openid/connect/register/{clientId}", name="oidc_get_client_details", defaults={"_format"="json"})
70			* @REST\View(templateVar="client")
71			*/
72			public function getDetailsAction(Request $request, $clientId)
73			{
74			try {
75			$client = $this->getClientOr404($clientId);
76			} catch (DynamicRegistrationException $e) {
77			return $this->view($e->getData(), 400);
78			}
79			$this->checkRegistrationAccessToken($request, $client);
80
81			$context = (new Context())->setGroups(["client_metadata"]);
82			$view = $this->view($client->getMetadata())->setContext($context);
83
84			return $this->handleView($view);
85			}
86
87			/**
88			* @param \Symfony\Component\Form\FormError[] $errors
89			* @return DynamicRegistrationException
90			*/
91			private function handleFormErrors($errors)
92			{
93			foreach ($errors as $error) {
94			$cause = $error->getCause();
95			$value = $cause->getInvalidValue();
96			$propertyRegex = '/^data\\.([a-zA-Z0-9_]+).*$/';
97			$property = preg_replace($propertyRegex, '$1', $cause->getPropertyPath());
98
99			switch ($property) {
100			case 'redirect_uris':
101			return new DynamicRegistrationException(
102			'Invalid redirect URIs: '.$cause->getMessage(),
103			DynamicRegistrationException::ERROR_INVALID_REDIRECT_URI
104			);
105			case 'sector_identifier_uri':
106			return new DynamicRegistrationException(
107			"Invalid value for '{$property}': {$cause->getMessage()}",
108			DynamicRegistrationException::ERROR_INVALID_CLIENT_METADATA
109			);
110			default:
111			return new DynamicRegistrationException(
112			"Invalid value for '{$property}'='{$value}': {$cause->getMessage()}",
113			DynamicRegistrationException::ERROR_INVALID_CLIENT_METADATA
114			);
115			}
116			}
117			}
118
119			private function parseJsonRequest(Request $request)
120			{
121			$request->setFormat('json', 'application/json');
122			if (0 === strpos($request->headers->get('Content-Type'), 'application/json')) {
123			$data = json_decode($request->getContent(), true);
124			$request->request->replace(is_array($data) ? $data : []);
125			}
126			}
127
128			/**
129			* @param string $clientId
130			* @return ClientInterface
131			*/
132			private function getClientOr404($clientId)
133			{
134			/** @var ClientInterface\|null $client */
135			$client = $this->getClientManager()->getClientById($clientId);
136
137			if (!$client instanceof ClientInterface) {
138			throw $this->createNotFoundException('Client not found.');
139			}
140
141			return $client;
142			}
143
144			private function checkRegistrationAccessToken(Request $request, Client $client)
145			{
146			$raw = $request->get('access_token', $request->headers->get('authorization'));
147
148			$token = str_replace('Bearer ', '', $raw);
149			$metadata = $client->getMetadata();
150			if (!$token \|\| $metadata->getRegistrationAccessToken() !== $token) {
151			throw $this->createAccessDeniedException();
152			}
153			}
154
155			/**
156			* @return ClientManager\|object
157			*/
158			private function getClientManager()
159			{
160			return $this->get('lc.client_manager');
161			}
162			}
163

PROCERGS / login-cidadao

Push — issue#702_rs ( ed72a1...cdafcf )

ClientRegistrationController A

Complexity

Size/Duplication

Importance

7 Methods

Duplication Side-by-Side

Filter issues like