JWTAuthProvider::__construct() - Code Metrics - Inspection of "Fix JWT auth across all realms" - WyriHaximus/Ratchet - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — thruway-0.4 ( d7e4bd...f36ec7 )

by Cees-Jan

created 2017-04-10 12:29 UTC

JWTAuthProvider::__construct() B

↳ Parent: JWTAuthProvider

Complexity

Conditions	6
Paths	6

Size

Total Lines	27
Code Lines	15

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	6
eloc	15
nc	6
nop	2
dl	0
loc	27
rs	8.439
c	0
b	0
f	0

<?php

/*
 * This file is part of Ratchet.
 *
 ** (c) 2016 Cees-Jan Kiewiet
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace WyriHaximus\Ratchet\Security;

use Cake\Core\Configure;
use Lcobucci\JWT\Signer\Hmac\Sha256;
use React\EventLoop\LoopInterface;
use React\Promise\PromiseInterface;
use Thruway\Authentication\AbstractAuthProviderClient;
use function React\Promise\resolve;
use Lcobucci\JWT\Parser;

/**
 * Class WampCraAuthProvider
 *
 * @package Thruway\Authentication
 */
final class JWTAuthProvider extends AbstractAuthProviderClient
{
    private $activeRealms = [];

    public function __construct(array $authRealms, LoopInterface $loop = null)
    {
        parent::__construct($authRealms, $loop);

        $realmSalt = Configure::read('WyriHaximus.Ratchet.realm_salt');
        $authKeySalt = Configure::read('WyriHaximus.Ratchet.realm_auth_key_salt');
        foreach (Configure::read('WyriHaximus.Ratchet.realms') as $realm => $options) {
            if (!isset($options['auth'])) {
                continue;
            }

            if (!$options['auth']) {
                continue;
            }

            if (!isset($options['auth_key'])) {
                continue;
            }

            if (empty($options['auth_key'])) {
                continue;
            }

            $hash = hash('sha512', $realmSalt . $realm . $realmSalt);
            $this->activeRealms[$hash] = $authKeySalt . $options['auth_key'] . $authKeySalt;
        }
    }

    /**
     * @return string
     */
    public function getMethodName()
    {
        return 'jwt';
    }

    /**
     * Process authenticate
     *
     * @param mixed $signature
     * @param mixed $extra
     * @return PromiseInterface
     */
    public function processAuthenticate($signature, $extra = null)
    {
        $this->getRealm();
class User
{
    private $email;

    public function getEmail()
    {
        return $this->email;
    }

    public function setEmail($email)
    {
        $this->email = $email;
    }
}
        $token = (new Parser())->parse($signature);

        $iss = $token->getClaim('iss');
        $iss = base64_decode($iss);
        if (!isset($this->activeRealms[$iss])) {
            return resolve(["FAILURE"]);
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
        }

        if ($token->verify(new Sha256(), $this->activeRealms[$iss])) {
            return resolve(["SUCCESS", ['authId' => $token->getClaim('authId')]]);
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
        }

        return resolve(["FAILURE"]);
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
    }
}


1			<?php
2
3			/*
4			* This file is part of Ratchet.
5			*
6			** (c) 2016 Cees-Jan Kiewiet
7			*
8			* For the full copyright and license information, please view the LICENSE
9			* file that was distributed with this source code.
10			*/
11
12			namespace WyriHaximus\Ratchet\Security;
13
14			use Cake\Core\Configure;
15			use Lcobucci\JWT\Signer\Hmac\Sha256;
16			use React\EventLoop\LoopInterface;
17			use React\Promise\PromiseInterface;
18			use Thruway\Authentication\AbstractAuthProviderClient;
19			use function React\Promise\resolve;
20			use Lcobucci\JWT\Parser;
21
22			/**
23			* Class WampCraAuthProvider
24			*
25			* @package Thruway\Authentication
26			*/
27			final class JWTAuthProvider extends AbstractAuthProviderClient
28			{
29			private $activeRealms = [];
30
31			public function __construct(array $authRealms, LoopInterface $loop = null)
32			{
33			parent::__construct($authRealms, $loop);
34
35			$realmSalt = Configure::read('WyriHaximus.Ratchet.realm_salt');
36			$authKeySalt = Configure::read('WyriHaximus.Ratchet.realm_auth_key_salt');
37			foreach (Configure::read('WyriHaximus.Ratchet.realms') as $realm => $options) {
38			if (!isset($options['auth'])) {
39			continue;
40			}
41
42			if (!$options['auth']) {
43			continue;
44			}
45
46			if (!isset($options['auth_key'])) {
47			continue;
48			}
49
50			if (empty($options['auth_key'])) {
51			continue;
52			}
53
54			$hash = hash('sha512', $realmSalt . $realm . $realmSalt);
55			$this->activeRealms[$hash] = $authKeySalt . $options['auth_key'] . $authKeySalt;
56			}
57			}
58
59			/**
60			* @return string
61			*/
62			public function getMethodName()
63			{
64			return 'jwt';
65			}
66
67			/**
68			* Process authenticate
69			*
70			* @param mixed $signature
71			* @param mixed $extra
72			* @return PromiseInterface
73			*/
74			public function processAuthenticate($signature, $extra = null)
75			{
76			$this->getRealm();
			0 ignored issues – show Unused Code introduced 2017-04-10 12:36 UTC by Report Bug Copy Issue Report The call to the method `WyriHaximus\Ratchet\Secu...uthProvider::getRealm()` seems un-needed as the method has no side-effects. PHP Analyzer performs a side-effects analysis of your code. A side-effect is basically anything that might be visible after the scope of the method is left. Let’s take a look at an example: class User { private $email; public function getEmail() { return $this->email; } public function setEmail($email) { $this->email = $email; } } If we look at the `getEmail()` method, we can see that it has no side-effect. Whether you call this method or not, no future calls to other methods are affected by this. As such code as the following is useless: $user = new User(); $user->getEmail(); // This line could safely be removed as it has no effect. On the hand, if we look at the `setEmail()`, this method _has_ side-effects. In the following case, we could not remove the method call: $user = new User(); $user->setEmail('email@domain'); // This line has a side-effect (it changes an // instance variable). Loading history...
77			$token = (new Parser())->parse($signature);
78
79			$iss = $token->getClaim('iss');
80			$iss = base64_decode($iss);
81			if (!isset($this->activeRealms[$iss])) {
82			return resolve(["FAILURE"]);
			0 ignored issues – show Bug Best Practice introduced 2017-02-06 20:09 UTC by Report Bug Copy Issue Report The return type of `return \React\Promise\resolve(array('FAILURE'));` (`React\Promise\ExtendedPromiseInterface`) is incompatible with the return type of the parent method `Thruway\Authentication\A...nt::processAuthenticate` of type `string[]`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
83			}
84
85			if ($token->verify(new Sha256(), $this->activeRealms[$iss])) {
86			return resolve(["SUCCESS", ['authId' => $token->getClaim('authId')]]);
			0 ignored issues – show Bug Best Practice introduced 2017-02-11 19:08 UTC by Report Bug Copy Issue Report The return type of `return \React\Promise\re...>getClaim('authId'))));` (`React\Promise\ExtendedPromiseInterface`) is incompatible with the return type of the parent method `Thruway\Authentication\A...nt::processAuthenticate` of type `string[]`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
87			}
88
89			return resolve(["FAILURE"]);
			0 ignored issues – show Bug Best Practice introduced 2017-04-10 12:36 UTC by Report Bug Copy Issue Report The return type of `return \React\Promise\resolve(array('FAILURE'));` (`React\Promise\ExtendedPromiseInterface`) is incompatible with the return type of the parent method `Thruway\Authentication\A...nt::processAuthenticate` of type `string[]`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
90			}
91			}
92

WyriHaximus / Ratchet

GitHub Access Token became invalid

Push — thruway-0.4 ( d7e4bd...f36ec7 )

JWTAuthProvider::__construct() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like