These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace AdvancedLearning\Oauth2Server\Services; |
||
4 | |||
5 | |||
6 | use AdvancedLearning\Oauth2Server\Exceptions\AuthenticationException; |
||
7 | use AdvancedLearning\Oauth2Server\Repositories\AccessTokenRepository; |
||
8 | use GuzzleHttp\Psr7\Response; |
||
9 | use League\OAuth2\Server\Exception\OAuthServerException; |
||
10 | use League\OAuth2\Server\ResourceServer; |
||
11 | use Robbie\Psr7\HttpRequestAdapter; |
||
12 | use Robbie\Psr7\HttpResponseAdapter; |
||
13 | use SilverStripe\Control\HTTPRequest; |
||
14 | use SilverStripe\Core\Environment; |
||
15 | |||
16 | class AuthenticationService implements Authenticator |
||
17 | { |
||
18 | protected $server; |
||
19 | |||
20 | /** |
||
21 | * AuthenticationService constructor. |
||
22 | * |
||
23 | * @param ResourceServer|null $server Optional resource server. |
||
24 | */ |
||
25 | public function __construct(ResourceServer $server = null) |
||
26 | { |
||
27 | $this->server = $server ?: $this->createServer(); |
||
28 | } |
||
29 | |||
30 | /** |
||
31 | * Authenticate the request. Returns modified request (probably not as SS doesn't support |
||
32 | * request attributes). |
||
33 | * |
||
34 | * @param HTTPRequest $request The SilverStripe request object to be authenticated. |
||
35 | * |
||
36 | * @return HTTPRequest |
||
37 | * @throws AuthenticationException |
||
38 | */ |
||
39 | public function authenticate(HTTPRequest $request): HTTPRequest |
||
40 | { |
||
41 | $requestAdapter = new HttpRequestAdapter(); |
||
42 | $responseAdapter = new HttpResponseAdapter(); |
||
43 | |||
44 | $server = $this->getServer(); |
||
45 | $psrRequest = $requestAdapter->toPsr7($request); |
||
46 | $psrResponse = new Response(); |
||
47 | |||
48 | try { |
||
49 | $psrRequest = $server->validateAuthenticatedRequest($psrRequest); |
||
50 | } catch (OAuthServerException $exception) { |
||
51 | // convert to authentication exception |
||
52 | throw new AuthenticationException( |
||
53 | $exception->getMessage(), |
||
54 | $exception->getCode(), |
||
55 | $responseAdapter->fromPsr7($exception->generateHttpResponse($psrResponse)) |
||
0 ignored issues
–
show
|
|||
56 | ); |
||
57 | } catch (\Exception $exception) { |
||
58 | // convert to authentication exception |
||
59 | throw new AuthenticationException( |
||
60 | $exception->getMessage(), |
||
61 | $exception->getCode(), |
||
62 | $responseAdapter->fromPsr7( |
||
0 ignored issues
–
show
It seems like
$responseAdapter->fromPs...Response($psrResponse)) targeting Robbie\Psr7\HttpResponseAdapter::fromPsr7() can also be of type object<SilverStripe\Control\HTTPRequest> ; however, AdvancedLearning\Oauth2S...xception::__construct() does only seem to accept object<SilverStripe\Control\HTTPResponse> , maybe add an additional type check?
This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble.
Loading history...
|
|||
63 | (new OAuthServerException($exception->getMessage(), 0, 'unknown_error', 500)) |
||
64 | ->generateHttpResponse($psrResponse) |
||
65 | ) |
||
66 | ); |
||
67 | } |
||
68 | $request = $requestAdapter->fromPsr7($psrRequest); |
||
69 | |||
70 | // add the request attributes as custom auth headers |
||
71 | foreach ($psrRequest->getAttributes() as $attribute => $value) { |
||
72 | $request->addHeader($attribute, $value); |
||
73 | } |
||
74 | |||
75 | return $request; |
||
76 | } |
||
77 | |||
78 | /** |
||
79 | * Override the default ResourceServer. |
||
80 | * |
||
81 | * @param ResourceServer $v The new ResourceServer to use. |
||
82 | * |
||
83 | * @return $this |
||
84 | */ |
||
85 | public function setServer(ResourceServer $v): Authenticator |
||
86 | { |
||
87 | $this->server = $v; |
||
88 | return $this; |
||
89 | } |
||
90 | |||
91 | /** |
||
92 | * Get the ResourceServer. |
||
93 | * |
||
94 | * @return ResourceServer |
||
95 | */ |
||
96 | public function getServer(): ResourceServer |
||
97 | { |
||
98 | return $this->server; |
||
99 | } |
||
100 | |||
101 | /** |
||
102 | * Create a default ResourceServer. Used if one isn't provided. |
||
103 | * |
||
104 | * @return ResourceServer |
||
105 | */ |
||
106 | protected function createServer(): ResourceServer |
||
107 | { |
||
108 | // Init our repositories |
||
109 | $accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface |
||
110 | |||
111 | // Path to authorization server's public key |
||
112 | $publicKeyPath = Environment::getEnv('OAUTH_PUBLIC_KEY_PATH'); |
||
113 | |||
114 | // Setup the authorization server |
||
115 | return new ResourceServer( |
||
116 | $accessTokenRepository, |
||
117 | $publicKeyPath |
||
118 | ); |
||
119 | } |
||
120 | } |
||
121 |
This check looks at variables that are passed out again to other methods.
If the outgoing method call has stricter type requirements than the method itself, an issue is raised.
An additional type check may prevent trouble.