ResourceOwnerPasswordCredentialsFlow::handleAuthorizationRequest() - Code Metrics - Inspection of "grant types" - php-guard/oauth-server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 9a636e...af59f2 )

by Alexandre

created 2018-03-12 15:21 UTC

handleAuthorizationRequest() A

↳ Parent: ResourceOwnerPasswordCredentialsFlow

Complexity

Conditions	1
Paths	1

Size

Total Lines	3
Code Lines	1

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
eloc	1
nc	1
nop	2
dl	0
loc	3
rs	10
c	0
b	0
f	0

<?php
/**
 * Created by PhpStorm.
 * User: GCC-MED
 * Date: 12/03/2018
 * Time: 15:16
 */

namespace OAuth2\Flows;


use OAuth2\Endpoints\AuthorizationEndpoint;
use OAuth2\Endpoints\TokenEndpoint;
use OAuth2\Exceptions\OAuthException;
use OAuth2\GrantTypes\AbstractGrantType;
use OAuth2\GrantTypes\GrantTypeInterface;
use OAuth2\ResponseTypes\ResponseTypeInterface;
use OAuth2\ScopePolicy\Policies\ScopePolicyInterface;
use OAuth2\ScopePolicy\ScopePolicyManager;
use OAuth2\Storages\AccessTokenStorageInterface;
use OAuth2\Storages\RefreshTokenStorageInterface;
use OAuth2\Storages\ResourceOwnerStorageInterface;

class ResourceOwnerPasswordCredentialsFlow extends AbstractGrantType implements FlowInterface
{
    /**
     * @var ResourceOwnerStorageInterface
     */
    private $resourceOwnerStorage;
    /**
     * @var ScopePolicyManager
     */
    private $scopePolicyManager;

    public function __construct(ScopePolicyManager $scopePolicyManager,
                                ResourceOwnerStorageInterface $resourceOwnerStorage,
                                AccessTokenStorageInterface $accessTokenStorage,
                                RefreshTokenStorageInterface $refreshTokenStorage)
    {
        parent::__construct($accessTokenStorage, $refreshTokenStorage);
        $this->resourceOwnerStorage = $resourceOwnerStorage;
        $this->scopePolicyManager = $scopePolicyManager;
    }

    /**
     * @return ResponseTypeInterface[]
     */
    function getResponseTypes(): array

    {
        return [];
    }

    /**
     * @return GrantTypeInterface[]
     */
    function getGrantTypes(): array

    {
        return ['password'];

    }

    function handleAccessTokenRequest(TokenEndpoint $tokenEndpoint, array $requestData): array

    {
        if (empty($requestData['username'])) {
            throw new OAuthException('invalid_request',
                'The request is missing the required parameter username.',
                'https://tools.ietf.org/html/rfc7636#section-4.3');
        }
        if (empty($requestData['password'])) {
            throw new OAuthException('invalid_request',
                'The request is missing the required parameter password.',
                'https://tools.ietf.org/html/rfc7636#section-4.3');
        }

        $scopes = $this->scopePolicyManager->getScopes($tokenEndpoint->getClient(), $requestData['scope'] ?? null);
        $this->scopePolicyManager->verifyScopes($tokenEndpoint->getClient(), $scopes);

        $resourceOwnerIdentifier = $this->resourceOwnerStorage->validateCredentials($requestData['username'], $requestData['password']);
        if (!$resourceOwnerIdentifier) {
            throw new OAuthException('invalid_grant',
                'The provider authorization grant is invalid. Resource owner credentials invalid.',
                'https://tools.ietf.org/html/rfc7636#section-4.3');
        }

        return $this->issueTokens(implode(' ', $scopes), $tokenEndpoint->getClient()->getIdentifier(), $resourceOwnerIdentifier);
    }

    function handleAuthorizationRequest(AuthorizationEndpoint $authorizationEndpoint, array $requestData): array

    {
        throw new \BadMethodCallException();
    }

    function getDefaultResponseMode(): string

    {
        throw new \BadMethodCallException();
    }

    function getUnsupportedResponseModes(): array

    {
        throw new \BadMethodCallException();
    }
}

1			<?php
2			/**
3			* Created by PhpStorm.
4			* User: GCC-MED
5			* Date: 12/03/2018
6			* Time: 15:16
7			*/
8
9			namespace OAuth2\Flows;
10
11
12			use OAuth2\Endpoints\AuthorizationEndpoint;
13			use OAuth2\Endpoints\TokenEndpoint;
14			use OAuth2\Exceptions\OAuthException;
15			use OAuth2\GrantTypes\AbstractGrantType;
16			use OAuth2\GrantTypes\GrantTypeInterface;
17			use OAuth2\ResponseTypes\ResponseTypeInterface;
18			use OAuth2\ScopePolicy\Policies\ScopePolicyInterface;
19			use OAuth2\ScopePolicy\ScopePolicyManager;
20			use OAuth2\Storages\AccessTokenStorageInterface;
21			use OAuth2\Storages\RefreshTokenStorageInterface;
22			use OAuth2\Storages\ResourceOwnerStorageInterface;
23
24			class ResourceOwnerPasswordCredentialsFlow extends AbstractGrantType implements FlowInterface
25			{
26			/**
27			* @var ResourceOwnerStorageInterface
28			*/
29			private $resourceOwnerStorage;
30			/**
31			* @var ScopePolicyManager
32			*/
33			private $scopePolicyManager;
34
35			public function __construct(ScopePolicyManager $scopePolicyManager,
36			ResourceOwnerStorageInterface $resourceOwnerStorage,
37			AccessTokenStorageInterface $accessTokenStorage,
38			RefreshTokenStorageInterface $refreshTokenStorage)
39			{
40			parent::__construct($accessTokenStorage, $refreshTokenStorage);
41			$this->resourceOwnerStorage = $resourceOwnerStorage;
42			$this->scopePolicyManager = $scopePolicyManager;
43			}
44
45			/**
46			* @return ResponseTypeInterface[]
47			*/
48			function getResponseTypes(): array
			0 ignored issues – show Best Practice introduced 2018-03-12 15:25 UTC by Report Bug Copy Issue Report It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
49			{
50			return [];
51			}
52
53			/**
54			* @return GrantTypeInterface[]
55			*/
56			function getGrantTypes(): array
			0 ignored issues – show Best Practice introduced 2018-03-12 15:25 UTC by Report Bug Copy Issue Report It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
57			{
58			return ['password'];
			0 ignored issues – show Bug Best Practice introduced 2018-03-12 15:25 UTC by Report Bug Copy Issue Report The expression `return array('password')` returns the type `array<integer,string>` which is incompatible with the documented return type `OAuth2\GrantTypes\GrantTypeInterface[]`. Loading history...
59			}
60
61			function handleAccessTokenRequest(TokenEndpoint $tokenEndpoint, array $requestData): array
			0 ignored issues – show Best Practice introduced 2018-03-08 21:31 UTC by Report Bug Copy Issue Report It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
62			{
63			if (empty($requestData['username'])) {
64			throw new OAuthException('invalid_request',
65			'The request is missing the required parameter username.',
66			'https://tools.ietf.org/html/rfc7636#section-4.3');
67			}
68			if (empty($requestData['password'])) {
69			throw new OAuthException('invalid_request',
70			'The request is missing the required parameter password.',
71			'https://tools.ietf.org/html/rfc7636#section-4.3');
72			}
73
74			$scopes = $this->scopePolicyManager->getScopes($tokenEndpoint->getClient(), $requestData['scope'] ?? null);
75			$this->scopePolicyManager->verifyScopes($tokenEndpoint->getClient(), $scopes);
76
77			$resourceOwnerIdentifier = $this->resourceOwnerStorage->validateCredentials($requestData['username'], $requestData['password']);
78			if (!$resourceOwnerIdentifier) {
79			throw new OAuthException('invalid_grant',
80			'The provider authorization grant is invalid. Resource owner credentials invalid.',
81			'https://tools.ietf.org/html/rfc7636#section-4.3');
82			}
83
84			return $this->issueTokens(implode(' ', $scopes), $tokenEndpoint->getClient()->getIdentifier(), $resourceOwnerIdentifier);
85			}
86
87			function handleAuthorizationRequest(AuthorizationEndpoint $authorizationEndpoint, array $requestData): array
			0 ignored issues – show Best Practice introduced 2018-03-12 15:25 UTC by Report Bug Copy Issue Report It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
88			{
89			throw new \BadMethodCallException();
90			}
91
92			function getDefaultResponseMode(): string
			0 ignored issues – show Best Practice introduced 2018-03-04 18:03 UTC by Report Bug Copy Issue Report It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
93			{
94			throw new \BadMethodCallException();
95			}
96
97			function getUnsupportedResponseModes(): array
			0 ignored issues – show Best Practice introduced 2018-03-04 18:03 UTC by Report Bug Copy Issue Report It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
98			{
99			throw new \BadMethodCallException();
100			}
101			}

php-guard / oauth-server

Push — master ( 9a636e...af59f2 )

handleAuthorizationRequest() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like