AllowCorsRequests::logRequest() - Code Metrics - Inspection of "Added configuration support to the request macros,..." - akalongman/laravel-lodash - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#4)

by Neo

created 2019-04-01 18:53 UTC

AllowCorsRequests::logRequest() A

↳ Parent: AllowCorsRequests

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes

Metric	Value
cc	1
nc	1
nop	2
dl	0
loc	4
ccs	0
cts	3
cp	0
crap	2
rs	10
c	0
b	0
f	0

<?php
/*
 * This file is part of the Laravel Lodash package.
 *
 * (c) Avtandil Kikabidze aka LONGMAN <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */
declare(strict_types=1);

namespace Longman\LaravelLodash\Middlewares;

use Closure;
use Illuminate\Http\Request;
use Psr\Log\LoggerInterface;
use Symfony\Component\HttpFoundation\Response;

class AllowCorsRequests
{
    protected $logger;

    public function __construct(LoggerInterface $logger)
    {
        $this->logger = $logger;
    }

    public function handle(Request $request, Closure $next)
    {
        if (! $request->headers->has('Origin')) {
            return $next($request);
        }

        $origin = $request->headers->get('Origin', '');
        $host = $this->parseUrl($origin);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}
        if (empty($host)) {

            $this->logRequest('Origin is invalid', [
                'origin' => $origin,
                'parsed' => $host,
            ]);

            return $this->response($request, 'Origin is invalid', Response::HTTP_BAD_REQUEST);
        }

        $allowed_origins = config('lodash.cors.allow_origins', []);
        $current_app = $this->parseUrl(config('app.url', ''));
        if (! empty($host)) {
            $allowed_origins[] = $current_app;
        }

        $found = false;
        foreach ($allowed_origins as $allowed_origin) {
            if ($host === $allowed_origin || ends_with($host, '.' . $allowed_origin)) {

                $found = true;
                break;
            }
        }

        if (! $found) {

            $this->logRequest('Origin is not allowed', [
                'origin' => $origin,
                'parsed' => $host,
            ]);

            return $this->response($request, 'Origin is not allowed', Response::HTTP_METHOD_NOT_ALLOWED);
        }

        if ($request->method() === Request::METHOD_OPTIONS) {
            $allowed_headers = config('lodash.cors.allow_headers', []);
            $allowed_methods = config('lodash.cors.allow_methods', []);

            $response = $this->response($request, 'Allowed', Response::HTTP_OK);

            $response->headers->set('Access-Control-Allow-Origin', $origin);
            $response->headers->set('Access-Control-Allow-Credentials', 'true');

            $response->headers->set('Access-Control-Allow-Methods', implode(',', $allowed_methods));
            $response->headers->set('Access-Control-Allow-Headers', implode(',', $allowed_headers));
            $response->headers->set('Access-Control-Max-Age', '1728000');

            return $response;
        }

        /** @var \Illuminate\Http\Response $response */
        $response = $next($request);

        $response->headers->set('Access-Control-Allow-Origin', $origin);
        $response->headers->set('Access-Control-Allow-Credentials', 'true');

        return $response;
    }

    protected function logRequest(string $message, array $context = []): void
    {
        $this->logger->warning($message, $context);
    }

    protected function parseUrl(string $url): string
    {
        $host = (string) parse_url($url, PHP_URL_HOST);

        if (starts_with($host, 'www.')) {

            $host = str_replace('www.', '', $host);
        }

        if (strpos($host, ':') !== false) {
            $host = strtok($host, ':');
        }

        return $host;
    }

    protected function response(Request $request, string $message, int $code): Response
    {
        if ($request->wantsJson()) {
            return response()->json(['message' => $message], $code);
class A
{
    public function foo() { }
}

class B extends A
{
    public function bar() { }
}

/**
 * @param A|B $x
 */
function someFunction($x)
{
    $x->foo(); // This call is fine as the method exists in A and B.
    $x->bar(); // This method only exists in B and might cause an error.
}
        }

        return response($message, $code);
    }
}


1		<?php
2		/*
3		* This file is part of the Laravel Lodash package.
4		*
5		* (c) Avtandil Kikabidze aka LONGMAN <[email protected]>
6		*
7		* For the full copyright and license information, please view the LICENSE
8		* file that was distributed with this source code.
9		*/
10		declare(strict_types=1);
11
12		namespace Longman\LaravelLodash\Middlewares;
13
14		use Closure;
15		use Illuminate\Http\Request;
16		use Psr\Log\LoggerInterface;
17		use Symfony\Component\HttpFoundation\Response;
18
19		class AllowCorsRequests
20		{
21		protected $logger;
22
23		public function __construct(LoggerInterface $logger)
24		{
25		$this->logger = $logger;
26		}
27
28		public function handle(Request $request, Closure $next)
29		{
30		if (! $request->headers->has('Origin')) {
31		return $next($request);
32		}
33
34		$origin = $request->headers->get('Origin', '');
35		$host = $this->parseUrl($origin);
		0 ignored issues – show Bug introduced 2018-09-20 09:16 UTC by Report Bug Copy Issue Report It seems like `$origin` defined by `$request->headers->get('Origin', '')` on line `34` can also be of type `array<integer,string>` or `null`; however, `Longman\LaravelLodash\Mi...orsRequests::parseUrl()` does only seem to accept `string`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
36	View Code Duplication	if (empty($host)) {
		0 ignored issues – show Duplication introduced 2018-03-22 12:31 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
37		$this->logRequest('Origin is invalid', [
38		'origin' => $origin,
39		'parsed' => $host,
40		]);
41
42		return $this->response($request, 'Origin is invalid', Response::HTTP_BAD_REQUEST);
43		}
44
45		$allowed_origins = config('lodash.cors.allow_origins', []);
46		$current_app = $this->parseUrl(config('app.url', ''));
47		if (! empty($host)) {
48		$allowed_origins[] = $current_app;
49		}
50
51		$found = false;
52		foreach ($allowed_origins as $allowed_origin) {
53		if ($host === $allowed_origin \|\| ends_with($host, '.' . $allowed_origin)) {
		0 ignored issues – show Deprecated Code introduced 2019-03-22 12:08 UTC by Report Bug Copy Issue Report The function `ends_with()` has been deprecated with message: Str::endsWith() should be used directly instead. Will be removed in Laravel 5.9. This function has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead. Loading history...
54		$found = true;
55		break;
56		}
57		}
58
59	View Code Duplication	if (! $found) {
		0 ignored issues – show Duplication introduced 2018-03-22 12:31 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
60		$this->logRequest('Origin is not allowed', [
61		'origin' => $origin,
62		'parsed' => $host,
63		]);
64
65		return $this->response($request, 'Origin is not allowed', Response::HTTP_METHOD_NOT_ALLOWED);
66		}
67
68		if ($request->method() === Request::METHOD_OPTIONS) {
69		$allowed_headers = config('lodash.cors.allow_headers', []);
70		$allowed_methods = config('lodash.cors.allow_methods', []);
71
72		$response = $this->response($request, 'Allowed', Response::HTTP_OK);
73
74		$response->headers->set('Access-Control-Allow-Origin', $origin);
75		$response->headers->set('Access-Control-Allow-Credentials', 'true');
76
77		$response->headers->set('Access-Control-Allow-Methods', implode(',', $allowed_methods));
78		$response->headers->set('Access-Control-Allow-Headers', implode(',', $allowed_headers));
79		$response->headers->set('Access-Control-Max-Age', '1728000');
80
81		return $response;
82		}
83
84		/** @var \Illuminate\Http\Response $response */
85		$response = $next($request);
86
87		$response->headers->set('Access-Control-Allow-Origin', $origin);
88		$response->headers->set('Access-Control-Allow-Credentials', 'true');
89
90		return $response;
91		}
92
93		protected function logRequest(string $message, array $context = []): void
94		{
95		$this->logger->warning($message, $context);
96		}
97
98		protected function parseUrl(string $url): string
99		{
100		$host = (string) parse_url($url, PHP_URL_HOST);
101
102		if (starts_with($host, 'www.')) {
		0 ignored issues – show Deprecated Code introduced 2019-03-22 12:08 UTC by Report Bug Copy Issue Report The function `starts_with()` has been deprecated with message: Str::startsWith() should be used directly instead. Will be removed in Laravel 5.9. This function has been deprecated. The supplier of the file has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead. Loading history...
103		$host = str_replace('www.', '', $host);
104		}
105
106		if (strpos($host, ':') !== false) {
107		$host = strtok($host, ':');
108		}
109
110		return $host;
111		}
112
113		protected function response(Request $request, string $message, int $code): Response
114		{
115		if ($request->wantsJson()) {
116		return response()->json(['message' => $message], $code);
		0 ignored issues – show Bug introduced 2018-10-10 09:22 UTC by Report Bug Copy Issue Report The method `json` does only exist in `Illuminate\Contracts\Routing\ResponseFactory`, but not in `Illuminate\Http\Response`. It seems like the method you are trying to call exists only in some of the possible types. Let’s take a look at an example: class A { public function foo() { } } class B extends A { public function bar() { } } /** * @param A\|B $x / function someFunction($x) { $x->foo(); // This call is fine as the method exists in A and B. $x->bar(); // This method only exists in B and might cause an error. } Available Fixes Add an additional type-check: /* * @param A\|B $x / function someFunction($x) { $x->foo(); if ($x instanceof B) { $x->bar(); } } Only allow a single type to be passed if the variable comes from a parameter: function someFunction(B $x) { /* ... */ } Loading history...
117		}
118
119		return response($message, $code);
120		}
121		}
122

akalongman / laravel-lodash

Pull Request — master (#4)

AllowCorsRequests::logRequest() A

Complexity

Size

Duplication

Code Coverage

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like