View GitHub Repository Emoji-REST-API

Schedule Inspection
Subscribe

AuthMiddleware::__invoke()   A
last analyzed

↳ Parent: AuthMiddleware

Complexity

Conditions 3
Paths 6

Size

Total Lines 19
Code Lines 11

Duplication

Lines 0
Ratio 0 %

Importance

Changes 13
Bugs 1 Features 2
Metric Value
c 13
b 1
f 2
dl 0
loc 19
rs 9.4285
cc 3
eloc 11
nc 6
nop 3
1 
<?php
2 

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    3
                

                                    
                                                    
                
                
                
/**

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    4
                

                                    
                                                    
                
                
                
 * @author: Raimi Ademola <[email protected]>

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    5
                

                                    
                                                    
                
                
                
 * @copyright: 2016 Andela

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    6
                

                                    
                                                    
                
                
                
 */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    7
                

                                    
                                                    
                
                
                
namespace Demo;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    8
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    9
                

                                    
                                                    
                
                
                
use Exception;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    10
                

                                    
                                                    
                
                
                
use Firebase\JWT\JWT;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    11
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    12
                

                                    
                                                    
                
                
                
class AuthMiddleware

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    13
                

                                    
                                                    
                
                
                
{

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    14
                

                                    
                                                    
                
                
                
    /**

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    15
                

                                    
                                                    
                
                
                
     * Middleware invokable class method.

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    16
                

                                    
                                                    
                
                
                
     *

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    17
                

                                    
                                                    
                
                
                
     * @param \Psr\Http\Message\ServerRequestInterface $request  PSR7 request

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    18
                

                                    
                                                    
                
                
                
     * @param \Psr\Http\Message\ResponseInterface      $response PSR7 response

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    19
                

                                    
                                                    
                
                
                
     * @param callable                                 $next     Next middleware

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    20
                

                                    
                                                    
                
                
                
     *

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    21
                

                                    
                                                    
                
                
                
     * @return \Psr\Http\Message\ResponseInterface

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    22
                

                                    
                                                    
                
                
                
     */

            


            
                                                        
            
                                    
            
            

                
                    23
                

                                    
                                                    
                
                
                
    public function __invoke($request, $response, $next)

            


            
                                                        
            
                                    
            
            

                
                    24
                

                                    
                                                    
                
                
                
    {

            


            
                                                        
            
                                    
            
            

                
                    25
                

                                    
                                                    
                
                
                
       $authHeader = $request->getHeader('HTTP_AUTHORIZATION');

            


            
                                                        
            
                                    
            
            

                
                    26
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    27
                

                                    
                                                    
                
                
                
            try {

            


            
                                                        
            
                                    
            
            

                
                    28
                

                                    
                                                    
                
                
                
                if (!empty($authHeader)) {

            


            
                                                        
            
                                    
            
            

                
                    29
                

                                    
                                                    
                
                
                
                $appSecret    = getenv('APP_SECRET');

            


            
                                                        
            
                                    
            
            

                
                    30
                

                                    
                                                    
                
                
                
                $jwt          = $authHeader[0];   

            


            
                                                        
            
                                    
            
            

                
                    31
                

                                    
                                                    
                
                
                
                $decodedToken = JWT::decode($jwt, $appSecret, ['HS512']);

            


                            

                    
                        
                    
                    
                    
                    
                                                                                                    
                        

                            
                            
0 ignored issues
show
                        


                        

                                                                                        




    

        
            Unused Code
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                                
                            
                        

                                        
$decodedToken is not used, you could remove the assignment.
                                                                                                

                    
                                            

                            

                            

                                
                                    
                                
                            


                            
This check looks for variable assignements that are either overwritten by other
assignments or where the variable is not used subsequently.


$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}





Both the $myVar assignment in line 1 and the $higher assignment in line 2
are dead. The first because $myVar is never used and the second because
$higher is always overwritten for every possible time line.


                        

                                                    

                     Loading history...
                

                    


    




                                                                                    


                    		
                

            
                                                        
            
                                    
            
            

                
                    32
                

                                    
                                                    
                
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    33
                

                                    
                                                    
                
                
                
                return $next($request, $response);

            


            
                                                        
            
                                    
            
            

                
                    34
                

                                    
                                                    
                
                
                
                }

            


            
                                                        
            
                                    
            
            

                
                    35
                

                                    
                                                    
                
                
                

            


            
                                                        
            
                                    
            
            

                
                    36
                

                                    
                                                    
                
                
                
            } catch (Exception $e) {

            


            
                                                        
            
                                    
            
            

                
                    37
                

                                    
                                                    
                
                
                
                return $response->withJson(['message' => 'Token invalid or expired'], 500);

            


            
                                                        
            
                                    
            
            

                
                    38
                

                                    
                                                    
                
                
                
            }

            


            
                                                        
            
                                    
            
            

                
                    39
                

                                    
                                                    
                
                
                
       

            


            
                                                        
            
                                    
            
            

                
                    40
                

                                    
                                                    
                
                
                
        return $response->withJson(['message' => 'User unauthorized due to empty token'], 401);

            


            
                                                        
            
                                    
            
            

                
                    41
                

                                    
                                                    
                
                
                
   }

            


            
                                                        
            
                                    
            
            

                
                    42
                

                                    
                                                    
                
                
                
}

            


            
                                                        
            
                                    
            
            

                
                    43