JWTController - Code Metrics - WyriHaximus/Ratchet - Measure and Improve Code Quality continuously with Scrutinizer

JWTController A
last analyzed 2019-12-03 11:44 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	44
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	6

Importance

Changes

Metric	Value
wmc	5
lcom	1
cbo	6
dl	0
loc	44
rs	10
c	0
b	0
f	0

2 Methods

Rating	Name	Duplication	Size	Complexity
A	initialize()	0	6	1
A	token()	0	31	4

<?php

namespace WyriHaximus\Ratchet\Controller;

use Cake\Controller\Controller;
use Cake\Core\Configure;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Signer\Hmac\Sha256;
use function igorw\get_in;
use WyriHaximus\Annotations\ChildProcess;

class JWTController extends Controller
{
    public function initialize()
    {
        $this->loadComponent('RequestHandler');
        $this->loadComponent('Auth');
        $this->Auth->allow(['token']);
    }

    /**
     * @ChildProcess()
     */
    public function token()
    {
        $realm = $this->getRequest()->getQuery('realm');
        $realms = Configure::read('WyriHaximus.Ratchet.realms');
        if (!isset($realms[$realm])) {
            throw new \InvalidArgumentException('Unknown realm');
        }
        if (!isset($realms[$realm]['auth_key'])) {
            throw new \InvalidArgumentException('Unknown realm');
        }

        $user = $this->Auth->user();

        $realmSalt = Configure::read('WyriHaximus.Ratchet.realm_salt');
        $authKeySalt = Configure::read('WyriHaximus.Ratchet.realm_auth_key_salt');
        $hashedRealm = hash('sha512', $realmSalt . $realm . $realmSalt);
        $hashedRealm = base64_encode($hashedRealm);
        $token = (new Builder())

            ->setIssuer($hashedRealm)
            ->setAudience($hashedRealm)
            ->setId(bin2hex(random_bytes(mt_rand(256, 512))), true)
            ->setIssuedAt(time())
            ->setNotBefore(time() - 13)
            ->setExpiration(time() + 13)
            ->set('authid', $user === null ? 0 : get_in($user, ['id'], 0))
            ->sign(new Sha256(), $authKeySalt . $realms[$realm]['auth_key'] . $authKeySalt)
            ->getToken();

        $this->set('token', (string)$token);
        $this->set('_serialize', ['token']);
    }
}


1			<?php
2
3			namespace WyriHaximus\Ratchet\Controller;
4
5			use Cake\Controller\Controller;
6			use Cake\Core\Configure;
7			use Lcobucci\JWT\Builder;
8			use Lcobucci\JWT\Signer\Hmac\Sha256;
9			use function igorw\get_in;
10			use WyriHaximus\Annotations\ChildProcess;
11
12			class JWTController extends Controller
13			{
14			public function initialize()
15			{
16			$this->loadComponent('RequestHandler');
17			$this->loadComponent('Auth');
18			$this->Auth->allow(['token']);
19			}
20
21			/**
22			* @ChildProcess()
23			*/
24			public function token()
25			{
26			$realm = $this->getRequest()->getQuery('realm');
27			$realms = Configure::read('WyriHaximus.Ratchet.realms');
28			if (!isset($realms[$realm])) {
29			throw new \InvalidArgumentException('Unknown realm');
30			}
31			if (!isset($realms[$realm]['auth_key'])) {
32			throw new \InvalidArgumentException('Unknown realm');
33			}
34
35			$user = $this->Auth->user();
36
37			$realmSalt = Configure::read('WyriHaximus.Ratchet.realm_salt');
38			$authKeySalt = Configure::read('WyriHaximus.Ratchet.realm_auth_key_salt');
39			$hashedRealm = hash('sha512', $realmSalt . $realm . $realmSalt);
40			$hashedRealm = base64_encode($hashedRealm);
41			$token = (new Builder())
			0 ignored issues – show Deprecated Code introduced 2019-05-24 18:50 UTC by Report Bug Copy Issue Report The method `Lcobucci\JWT\Builder::setIssuer()` has been deprecated with message: This method will be removed on v4 This method has been deprecated. The supplier of the class has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead. Loading history... Deprecated Code introduced 2019-05-24 18:50 UTC by Report Bug Copy Issue Report The method `Lcobucci\JWT\Builder::setAudience()` has been deprecated with message: This method will be removed on v4 This method has been deprecated. The supplier of the class has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead. Loading history...
42			->setIssuer($hashedRealm)
43			->setAudience($hashedRealm)
44			->setId(bin2hex(random_bytes(mt_rand(256, 512))), true)
45			->setIssuedAt(time())
46			->setNotBefore(time() - 13)
47			->setExpiration(time() + 13)
48			->set('authid', $user === null ? 0 : get_in($user, ['id'], 0))
49			->sign(new Sha256(), $authKeySalt . $realms[$realm]['auth_key'] . $authKeySalt)
50			->getToken();
51
52			$this->set('token', (string)$token);
53			$this->set('_serialize', ['token']);
54			}
55			}
56

WyriHaximus / Ratchet

GitHub Access Token became invalid

JWTController A last analyzed 2019-12-03 11:44 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Importance

2 Methods

Duplication Side-by-Side

Filter issues like

JWTController A
last analyzed 2019-12-03 11:44 UTC