Issues in AuthenticationService.php - New Issues - Inspection of "GraphQL integration" - advanced-learning/silverstripe-oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 8763c1...14778d )

by Conrad

created 2017-11-20 01:50 UTC

src/Services/AuthenticationService.php (2 issues)

Labels

Bug 2

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace AdvancedLearning\Oauth2Server\Services;


use AdvancedLearning\Oauth2Server\Exceptions\AuthenticationException;
use AdvancedLearning\Oauth2Server\Repositories\AccessTokenRepository;
use GuzzleHttp\Psr7\Response;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\ResourceServer;
use Robbie\Psr7\HttpRequestAdapter;
use Robbie\Psr7\HttpResponseAdapter;
use SilverStripe\Control\HTTPRequest;
use SilverStripe\Core\Environment;

class AuthenticationService implements Authenticator
{
    protected $server;

    /**
     * AuthenticationService constructor.
     *
     * @param ResourceServer|null $server Optional resource server.
     */
    public function __construct(ResourceServer $server = null)
    {
        $this->server = $server ?: $this->createServer();
    }

    /**
     * Authenticate the request. Returns modified request (probably not as SS doesn't support
     * request attributes).
     *
     * @param HTTPRequest $request The SilverStripe request object to be authenticated.
     *
     * @return HTTPRequest
     * @throws AuthenticationException
     */
    public function authenticate(HTTPRequest $request): HTTPRequest
    {
        $requestAdapter = new HttpRequestAdapter();
        $responseAdapter = new HttpResponseAdapter();

        $server = $this->getServer();
        $psrRequest = $requestAdapter->toPsr7($request);
        $psrResponse = new Response();

        try {
            $psrRequest = $server->validateAuthenticatedRequest($psrRequest);
        } catch (OAuthServerException $exception) {
            // convert to authentication exception
            throw new AuthenticationException(
                $exception->getMessage(),
                $exception->getCode(),
                $responseAdapter->fromPsr7($exception->generateHttpResponse($psrResponse))

            );
        } catch (\Exception $exception) {
            // convert to authentication exception
            throw new AuthenticationException(
                $exception->getMessage(),
                $exception->getCode(),
                $responseAdapter->fromPsr7(

                    (new OAuthServerException($exception->getMessage(), 0, 'unknown_error', 500))
                        ->generateHttpResponse($psrResponse)
                )
            );
        }
        $request = $requestAdapter->fromPsr7($psrRequest);

        // add the request attributes as custom auth headers
        foreach ($psrRequest->getAttributes() as $attribute => $value) {
            $request->addHeader($attribute, $value);
        }

        return $request;
    }

    /**
     * Override the default ResourceServer.
     *
     * @param ResourceServer $v The new ResourceServer to use.
     *
     * @return $this
     */
    public function setServer(ResourceServer $v): Authenticator
    {
        $this->server = $v;
        return $this;
    }

    /**
     * Get the ResourceServer.
     *
     * @return ResourceServer
     */
    public function getServer(): ResourceServer
    {
        return $this->server;
    }

    /**
     * Create a default ResourceServer. Used if one isn't provided.
     *
     * @return ResourceServer
     */
    protected function createServer(): ResourceServer
    {
        // Init our repositories
        $accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface

        // Path to authorization server's public key
        $publicKeyPath = Environment::getEnv('OAUTH_PUBLIC_KEY_PATH');

        // Setup the authorization server
        return new ResourceServer(
            $accessTokenRepository,
            $publicKeyPath
        );
    }
}


1			<?php
2
3			namespace AdvancedLearning\Oauth2Server\Services;
4
5
6			use AdvancedLearning\Oauth2Server\Exceptions\AuthenticationException;
7			use AdvancedLearning\Oauth2Server\Repositories\AccessTokenRepository;
8			use GuzzleHttp\Psr7\Response;
9			use League\OAuth2\Server\Exception\OAuthServerException;
10			use League\OAuth2\Server\ResourceServer;
11			use Robbie\Psr7\HttpRequestAdapter;
12			use Robbie\Psr7\HttpResponseAdapter;
13			use SilverStripe\Control\HTTPRequest;
14			use SilverStripe\Core\Environment;
15
16			class AuthenticationService implements Authenticator
17			{
18			protected $server;
19
20			/**
21			* AuthenticationService constructor.
22			*
23			* @param ResourceServer\|null $server Optional resource server.
24			*/
25			public function __construct(ResourceServer $server = null)
26			{
27			$this->server = $server ?: $this->createServer();
28			}
29
30			/**
31			* Authenticate the request. Returns modified request (probably not as SS doesn't support
32			* request attributes).
33			*
34			* @param HTTPRequest $request The SilverStripe request object to be authenticated.
35			*
36			* @return HTTPRequest
37			* @throws AuthenticationException
38			*/
39			public function authenticate(HTTPRequest $request): HTTPRequest
40			{
41			$requestAdapter = new HttpRequestAdapter();
42			$responseAdapter = new HttpResponseAdapter();
43
44			$server = $this->getServer();
45			$psrRequest = $requestAdapter->toPsr7($request);
46			$psrResponse = new Response();
47
48			try {
49			$psrRequest = $server->validateAuthenticatedRequest($psrRequest);
50			} catch (OAuthServerException $exception) {
51			// convert to authentication exception
52			throw new AuthenticationException(
53			$exception->getMessage(),
54			$exception->getCode(),
55			$responseAdapter->fromPsr7($exception->generateHttpResponse($psrResponse))
			0 ignored issues – show Bug introduced 2017-11-20 01:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$responseAdapter->fromPs...Response($psrResponse))` targeting `Robbie\Psr7\HttpResponseAdapter::fromPsr7()` can also be of type `object<SilverStripe\Control\HTTPRequest>`; however, `AdvancedLearning\Oauth2S...xception::__construct()` does only seem to accept `object<SilverStripe\Control\HTTPResponse>`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
56			);
57			} catch (\Exception $exception) {
58			// convert to authentication exception
59			throw new AuthenticationException(
60			$exception->getMessage(),
61			$exception->getCode(),
62			$responseAdapter->fromPsr7(
			0 ignored issues – show Bug introduced 2017-11-20 01:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `$responseAdapter->fromPs...Response($psrResponse))` targeting `Robbie\Psr7\HttpResponseAdapter::fromPsr7()` can also be of type `object<SilverStripe\Control\HTTPRequest>`; however, `AdvancedLearning\Oauth2S...xception::__construct()` does only seem to accept `object<SilverStripe\Control\HTTPResponse>`, maybe add an additional type check? This check looks at variables that are passed out again to other methods. If the outgoing method call has stricter type requirements than the method itself, an issue is raised. An additional type check may prevent trouble. Loading history...
63			(new OAuthServerException($exception->getMessage(), 0, 'unknown_error', 500))
64			->generateHttpResponse($psrResponse)
65			)
66			);
67			}
68			$request = $requestAdapter->fromPsr7($psrRequest);
69
70			// add the request attributes as custom auth headers
71			foreach ($psrRequest->getAttributes() as $attribute => $value) {
72			$request->addHeader($attribute, $value);
73			}
74
75			return $request;
76			}
77
78			/**
79			* Override the default ResourceServer.
80			*
81			* @param ResourceServer $v The new ResourceServer to use.
82			*
83			* @return $this
84			*/
85			public function setServer(ResourceServer $v): Authenticator
86			{
87			$this->server = $v;
88			return $this;
89			}
90
91			/**
92			* Get the ResourceServer.
93			*
94			* @return ResourceServer
95			*/
96			public function getServer(): ResourceServer
97			{
98			return $this->server;
99			}
100
101			/**
102			* Create a default ResourceServer. Used if one isn't provided.
103			*
104			* @return ResourceServer
105			*/
106			protected function createServer(): ResourceServer
107			{
108			// Init our repositories
109			$accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface
110
111			// Path to authorization server's public key
112			$publicKeyPath = Environment::getEnv('OAUTH_PUBLIC_KEY_PATH');
113
114			// Setup the authorization server
115			return new ResourceServer(
116			$accessTokenRepository,
117			$publicKeyPath
118			);
119			}
120			}
121

advanced-learning / silverstripe-oauth2-server

Push — master ( 8763c1...14778d )

src/Services/AuthenticationService.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like