These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace AdvancedLearning\Oauth2Server\Controllers; |
||
4 | |||
5 | use AdvancedLearning\Oauth2Server\AuthorizationServer\Generator; |
||
6 | use Exception; |
||
7 | use GuzzleHttp\Psr7\Response; |
||
8 | use League\OAuth2\Server\Exception\OAuthServerException; |
||
9 | use Psr\Http\Message\ResponseInterface; |
||
10 | use Robbie\Psr7\HttpRequestAdapter; |
||
11 | use Robbie\Psr7\HttpResponseAdapter; |
||
12 | use SilverStripe\Control\Controller; |
||
13 | use SilverStripe\Control\HTTP; |
||
14 | use SilverStripe\Control\HTTPResponse; |
||
15 | |||
16 | class AuthoriseController extends Controller |
||
17 | { |
||
18 | /** |
||
19 | * @var Generator |
||
20 | */ |
||
21 | protected $serverGenerator; |
||
22 | |||
23 | /** |
||
24 | * AuthoriseController constructor. If no Authorization Service is passed a default one is created. |
||
25 | * |
||
26 | * @param Generator $serverGenerator |
||
27 | */ |
||
28 | public function __construct(Generator $serverGenerator) |
||
29 | { |
||
30 | $this->serverGenerator = $serverGenerator; |
||
31 | parent::__construct(); |
||
32 | } |
||
33 | |||
34 | /** |
||
35 | * Handles authorisation. |
||
36 | * |
||
37 | * @return HTTPResponse |
||
38 | */ |
||
39 | public function index(): HTTPResponse |
||
40 | { |
||
41 | $body = null; |
||
0 ignored issues
–
show
|
|||
42 | $contentType = $this->getRequest()->getHeader('Content-Type'); |
||
43 | |||
44 | if ($contentType === 'application/json') { |
||
45 | $body = json_decode($this->getRequest()->getBody(), true); |
||
46 | } else { |
||
47 | $body = $this->getRequest()->postVars(); |
||
48 | } |
||
49 | |||
50 | if (empty($body)) { |
||
51 | return $this->getErrorResponse( |
||
52 | 'No parameters could be found in request body. Did you correctly set the Content-Type header?', |
||
53 | 500 |
||
54 | ); |
||
55 | } |
||
56 | |||
57 | // request needs parsed body |
||
58 | $psrRequest = (new HttpRequestAdapter())->toPsr7($this->getRequest()) |
||
59 | ->withParsedBody($body); |
||
60 | $psrResponse = new Response(); |
||
61 | |||
62 | $authServer = $this->serverGenerator->getServer(); |
||
63 | |||
64 | try { |
||
65 | return (new HttpResponseAdapter()) |
||
66 | ->fromPsr7($authServer->respondToAccessTokenRequest($psrRequest, $psrResponse)); |
||
67 | } catch (OAuthServerException $e) { |
||
68 | return $this->convertResponse($e->generateHttpResponse(new Response())); |
||
69 | } catch (Exception $e) { |
||
70 | return $this->getErrorResponse($e->getMessage()); |
||
71 | } |
||
72 | } |
||
73 | |||
74 | protected function getErrorResponse($message, $responseCode = 500) |
||
75 | { |
||
76 | $response = (new OAuthServerException($message, 100, 'server_error', $responseCode)) |
||
77 | ->generateHttpResponse(new Response()); |
||
78 | |||
79 | return $this->convertResponse($response); |
||
80 | } |
||
81 | |||
82 | protected function convertResponse(ResponseInterface $response) |
||
83 | { |
||
84 | return (new HttpResponseAdapter())->fromPsr7($response); |
||
85 | } |
||
86 | } |
||
87 |
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.
Both the
$myVar
assignment in line 1 and the$higher
assignment in line 2 are dead. The first because$myVar
is never used and the second because$higher
is always overwritten for every possible time line.