Issues in Server.php - All Issues - Inspection of "Support callable for redirect (#195)" - SocialiteProviders/Manager - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 17ee4a...c5eac5 )

by Atymic

created 2021-05-02 04:51 UTC

src/OAuth1/Server.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace SocialiteProviders\Manager\OAuth1;

use GuzzleHttp\Client;
use GuzzleHttp\Exception\BadResponseException;
use InvalidArgumentException;
use League\OAuth1\Client\Credentials\TemporaryCredentials;
use League\OAuth1\Client\Server\Server as BaseServer;
use SocialiteProviders\Manager\ConfigTrait;

abstract class Server extends BaseServer
{
    use ConfigTrait;

    /**
     * The custom parameters to be sent with the request.
     *
     * @var array
     */
    protected $parameters = [];

    /**
     * The scopes being requested.
     *
     * @var array
     */
    protected $scopes = [];

    /**
     * The separating character for the requested scopes.
     *
     * @var string
     */
    protected $scopeSeparator = ',';

    /**
     * Retrieves token credentials by passing in the temporary credentials,
     * the temporary credentials identifier as passed back by the server
     * and finally the verifier code.
     *
     * @param \League\OAuth1\Client\Credentials\TemporaryCredentials $temporaryCredentials
     * @param string                                                 $temporaryIdentifier
     * @param string                                                 $verifier
     *
     * @return array
     * @throws \InvalidArgumentException
     */
    public function getTokenCredentials(TemporaryCredentials $temporaryCredentials, $temporaryIdentifier, $verifier)
    {
        if ($temporaryIdentifier !== $temporaryCredentials->getIdentifier()) {
            throw new InvalidArgumentException(
                'Temporary identifier passed back by server does not match that of stored temporary credentials.
                Potential man-in-the-middle.'
            );
        }

        $uri = $this->urlTokenCredentials();
        $bodyParameters = ['oauth_verifier' => $verifier];

        $client = $this->createHttpClient();

        $headers = $this->getHeaders($temporaryCredentials, 'POST', $uri, $bodyParameters);

        try {
            if ($client instanceof Client) {
                $response = $client->post($uri, [
                    'headers'     => $headers,
                    'form_params' => $bodyParameters,
                ]);
            } else {
                $response = $client->post($uri, $headers, $bodyParameters)->send();
            }
        } catch (BadResponseException $e) {
            $this->handleTokenCredentialsBadResponse($e);
        }

        return [
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
            'tokenCredentials'        => $this->createTokenCredentials($response->getBody()),
            'credentialsResponseBody' => $response->getBody(),
        ];
    }

    /**
     * Set the scopes of the requested access.
     *
     * @param array $scopes
     *
     * @return $this
     */
    public function scopes(array $scopes)
    {
        $this->scopes = array_unique(array_merge($this->scopes, $scopes));

        return $this;
    }

    /**
     * Set the custom parameters of the request.
     *
     * @param array $parameters
     *
     * @return $this
     */
    public function with(array $parameters)
    {
        $this->parameters = $parameters;

        return $this;
    }

    /**
     * Format the given scopes.
     *
     * @param array  $scopes
     * @param string $scopeSeparator
     *
     * @return string
     */
    protected function formatScopes(array $scopes, $scopeSeparator)
    {
        return implode($scopeSeparator, $scopes);
    }
}


1			<?php
2
3			namespace SocialiteProviders\Manager\OAuth1;
4
5			use GuzzleHttp\Client;
6			use GuzzleHttp\Exception\BadResponseException;
7			use InvalidArgumentException;
8			use League\OAuth1\Client\Credentials\TemporaryCredentials;
9			use League\OAuth1\Client\Server\Server as BaseServer;
10			use SocialiteProviders\Manager\ConfigTrait;
11
12			abstract class Server extends BaseServer
13			{
14			use ConfigTrait;
15
16			/**
17			* The custom parameters to be sent with the request.
18			*
19			* @var array
20			*/
21			protected $parameters = [];
22
23			/**
24			* The scopes being requested.
25			*
26			* @var array
27			*/
28			protected $scopes = [];
29
30			/**
31			* The separating character for the requested scopes.
32			*
33			* @var string
34			*/
35			protected $scopeSeparator = ',';
36
37			/**
38			* Retrieves token credentials by passing in the temporary credentials,
39			* the temporary credentials identifier as passed back by the server
40			* and finally the verifier code.
41			*
42			* @param \League\OAuth1\Client\Credentials\TemporaryCredentials $temporaryCredentials
43			* @param string $temporaryIdentifier
44			* @param string $verifier
45			*
46			* @return array
47			* @throws \InvalidArgumentException
48			*/
49			public function getTokenCredentials(TemporaryCredentials $temporaryCredentials, $temporaryIdentifier, $verifier)
50			{
51			if ($temporaryIdentifier !== $temporaryCredentials->getIdentifier()) {
52			throw new InvalidArgumentException(
53			'Temporary identifier passed back by server does not match that of stored temporary credentials.
54			Potential man-in-the-middle.'
55			);
56			}
57
58			$uri = $this->urlTokenCredentials();
59			$bodyParameters = ['oauth_verifier' => $verifier];
60
61			$client = $this->createHttpClient();
62
63			$headers = $this->getHeaders($temporaryCredentials, 'POST', $uri, $bodyParameters);
64
65			try {
66			if ($client instanceof Client) {
67			$response = $client->post($uri, [
68			'headers' => $headers,
69			'form_params' => $bodyParameters,
70			]);
71			} else {
72			$response = $client->post($uri, $headers, $bodyParameters)->send();
73			}
74			} catch (BadResponseException $e) {
75			$this->handleTokenCredentialsBadResponse($e);
76			}
77
78			return [
			0 ignored issues – show Bug Best Practice introduced 2016-03-28 21:33 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type of `return array('tokenCrede... $response->getBody());` (`array`) is incompatible with the return type of the parent method `League\OAuth1\Client\Ser...er::getTokenCredentials` of type `League\OAuth1\Client\Credentials\TokenCredentials`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
79			'tokenCredentials' => $this->createTokenCredentials($response->getBody()),
80			'credentialsResponseBody' => $response->getBody(),
81			];
82			}
83
84			/**
85			* Set the scopes of the requested access.
86			*
87			* @param array $scopes
88			*
89			* @return $this
90			*/
91			public function scopes(array $scopes)
92			{
93			$this->scopes = array_unique(array_merge($this->scopes, $scopes));
94
95			return $this;
96			}
97
98			/**
99			* Set the custom parameters of the request.
100			*
101			* @param array $parameters
102			*
103			* @return $this
104			*/
105			public function with(array $parameters)
106			{
107			$this->parameters = $parameters;
108
109			return $this;
110			}
111
112			/**
113			* Format the given scopes.
114			*
115			* @param array $scopes
116			* @param string $scopeSeparator
117			*
118			* @return string
119			*/
120			protected function formatScopes(array $scopes, $scopeSeparator)
121			{
122			return implode($scopeSeparator, $scopes);
123			}
124			}
125

SocialiteProviders / Manager

Push — master ( 17ee4a...c5eac5 )

src/OAuth1/Server.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like