Verifier::verify() - Code Metrics - Inspection of "WIP" - Spomky-Labs/jose - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — v2.0.x ( 7a58b6 )

by Florent

created 2016-01-26 17:09 UTC

Verifier::verify() C

↳ Parent: Verifier

Complexity

Conditions	11
Paths	15

Size

Total Lines	33
Code Lines	19

Duplication

Lines	0
Ratio	0 %

Importance

Changes	9
Bugs	4	Features	1

Metric	Value
c	9
b	4
f	1
dl	0
loc	33
rs	5.2653
cc	11
eloc	19
nc	15
nop	3

How to fix Complexity

<?php

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2015 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace Jose;

use Jose\Algorithm\JWAManagerInterface;
use Jose\Algorithm\Signature\SignatureAlgorithmInterface;
use Jose\Behaviour\HasCheckerManager;
use Jose\Behaviour\HasJWAManager;
use Jose\Behaviour\HasKeyChecker;
use Jose\Checker\CheckerManagerInterface;
use Jose\Object\JWKSetInterface;
use Jose\Object\JWSInterface;
use Jose\Object\SignatureInterface;

/**
 */
final class Verifier implements VerifierInterface
{
    use HasKeyChecker;
    use HasJWAManager;
    use HasCheckerManager;

    /**
     * Loader constructor.
     *
     * @param \Jose\Algorithm\JWAManagerInterface   $jwa_manager
     * @param \Jose\Checker\CheckerManagerInterface $checker_manager
     */
    public function __construct(
        JWAManagerInterface $jwa_manager,
        CheckerManagerInterface $checker_manager)
    {
        $this->setJWAManager($jwa_manager);
        $this->setCheckerManager($checker_manager);
    }

    /**
     * {@inheritdoc}
     *
     * @throws \InvalidArgumentException
     */
    public function verify(JWSInterface $jws, JWKSetInterface $jwk_set, $detached_payload = null)
    {
        if (null !== $detached_payload && !empty($jws->getEncodedPayload())) {
            throw new \InvalidArgumentException('A detached payload is set, but the JWS already has a payload.');
        }
        if (0 === count($jwk_set)) {
            throw new \InvalidArgumentException('No key in the key set.');
        }
        foreach ($jws->getSignatures() as $signature) {
            $input = $signature->getEncodedProtectedHeaders().'.'.(null === $detached_payload ? $jws->getEncodedPayload() : $detached_payload);

            foreach ($jwk_set->getKeys() as $jwk) {
                $algorithm = $this->getAlgorithm($signature);
                if (!$this->checkKeyUsage($jwk, 'verification')) {
                    continue;
                }
                if (!$this->checkKeyAlgorithm($jwk, $algorithm->getAlgorithmName())) {
                    continue;
                }
                try {
                    if (true === $algorithm->verify($jwk, $input, $signature->getSignature())) {
                        return true;
                    }
                } catch (\Exception $e) {
                    //We do nothing, we continue with other keys
                    continue;
                }
            }
        }


        return false;
    }

    /**
     * @param \Jose\Object\SignatureInterface $signature
     *
     * @return \Jose\Algorithm\Signature\SignatureAlgorithmInterface|null
     */
    private function getAlgorithm(SignatureInterface $signature)
    {
        $complete_headers = array_merge(
            $signature->getProtectedHeaders(),
            $signature->getHeaders()
        );
        if (!array_key_exists('alg', $complete_headers)) {
            throw new \InvalidArgumentException('No "alg" parameter set in the header.');
        }

        $algorithm = $this->getJWAManager()->getAlgorithm($complete_headers['alg']);
        if (!$algorithm instanceof SignatureAlgorithmInterface) {
if ($x instanceof DoesNotExist) {
    // Do something.
}
            throw new \RuntimeException(sprintf('The algorithm "%s" is not supported or does not implement SignatureInterface.', $complete_headers['alg']));
        }

        return $algorithm;
    }
}


1			<?php
2
3			/*
4			* The MIT License (MIT)
5			*
6			* Copyright (c) 2014-2015 Spomky-Labs
7			*
8			* This software may be modified and distributed under the terms
9			* of the MIT license. See the LICENSE file for details.
10			*/
11
12			namespace Jose;
13
14			use Jose\Algorithm\JWAManagerInterface;
15			use Jose\Algorithm\Signature\SignatureAlgorithmInterface;
16			use Jose\Behaviour\HasCheckerManager;
17			use Jose\Behaviour\HasJWAManager;
18			use Jose\Behaviour\HasKeyChecker;
19			use Jose\Checker\CheckerManagerInterface;
20			use Jose\Object\JWKSetInterface;
21			use Jose\Object\JWSInterface;
22			use Jose\Object\SignatureInterface;
23
24			/**
25			*/
26			final class Verifier implements VerifierInterface
27			{
28			use HasKeyChecker;
29			use HasJWAManager;
30			use HasCheckerManager;
31
32			/**
33			* Loader constructor.
34			*
35			* @param \Jose\Algorithm\JWAManagerInterface $jwa_manager
36			* @param \Jose\Checker\CheckerManagerInterface $checker_manager
37			*/
38			public function __construct(
39			JWAManagerInterface $jwa_manager,
40			CheckerManagerInterface $checker_manager)
41			{
42			$this->setJWAManager($jwa_manager);
43			$this->setCheckerManager($checker_manager);
44			}
45
46			/**
47			* {@inheritdoc}
48			*
49			* @throws \InvalidArgumentException
50			*/
51			public function verify(JWSInterface $jws, JWKSetInterface $jwk_set, $detached_payload = null)
52			{
53			if (null !== $detached_payload && !empty($jws->getEncodedPayload())) {
54			throw new \InvalidArgumentException('A detached payload is set, but the JWS already has a payload.');
55			}
56			if (0 === count($jwk_set)) {
57			throw new \InvalidArgumentException('No key in the key set.');
58			}
59			foreach ($jws->getSignatures() as $signature) {
60			$input = $signature->getEncodedProtectedHeaders().'.'.(null === $detached_payload ? $jws->getEncodedPayload() : $detached_payload);
61
62			foreach ($jwk_set->getKeys() as $jwk) {
63			$algorithm = $this->getAlgorithm($signature);
64			if (!$this->checkKeyUsage($jwk, 'verification')) {
65			continue;
66			}
67			if (!$this->checkKeyAlgorithm($jwk, $algorithm->getAlgorithmName())) {
68			continue;
69			}
70			try {
71			if (true === $algorithm->verify($jwk, $input, $signature->getSignature())) {
72			return true;
73			}
74			} catch (\Exception $e) {
75			//We do nothing, we continue with other keys
76			continue;
77			}
78			}
79			}
80
81
82			return false;
83			}
84
85			/**
86			* @param \Jose\Object\SignatureInterface $signature
87			*
88			* @return \Jose\Algorithm\Signature\SignatureAlgorithmInterface\|null
89			*/
90			private function getAlgorithm(SignatureInterface $signature)
91			{
92			$complete_headers = array_merge(
93			$signature->getProtectedHeaders(),
94			$signature->getHeaders()
95			);
96			if (!array_key_exists('alg', $complete_headers)) {
97			throw new \InvalidArgumentException('No "alg" parameter set in the header.');
98			}
99
100			$algorithm = $this->getJWAManager()->getAlgorithm($complete_headers['alg']);
101			if (!$algorithm instanceof SignatureAlgorithmInterface) {
			0 ignored issues – show Bug introduced 2016-01-26 17:34 UTC by Report Bug Copy Issue Report The class `Jose\Algorithm\Signature...atureAlgorithmInterface` does not exist. Did you forget a USE statement, or did you not list all dependencies? This error could be the result of: 1. Missing dependencies PHP Analyzer uses your `composer.json` file (if available) to determine the dependencies of your project and to determine all the available classes and functions. It expects the `composer.json` to be in the root folder of your repository. Are you sure this class is defined by one of your dependencies, or did you maybe not list a dependency in either the `require` or `require-dev` section? 2. Missing use statement PHP does not complain about undefined classes in `ìnstanceof` checks. For example, the following PHP code will work perfectly fine: if ($x instanceof DoesNotExist) { // Do something. } If you have not tested against this specific condition, such errors might go unnoticed. Loading history...
102			throw new \RuntimeException(sprintf('The algorithm "%s" is not supported or does not implement SignatureInterface.', $complete_headers['alg']));
103			}
104
105			return $algorithm;
106			}
107			}
108

Spomky-Labs / jose

Push — v2.0.x ( 7a58b6 )

Verifier::verify() C

Complexity

Size

Duplication

Importance

How to fix Complexity

Long Method

1. Missing dependencies

2. Missing use statement

Duplication Side-by-Side

Filter issues like