TokenParser::unverifiedPayload() - Code Metrics - Inspection of "Provide unverified payload" - cgauge/laravel-cognito-provider - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#7)

by Marco Aurélio

created 2022-03-04 12:32 UTC

TokenParser::unverifiedPayload() A

↳ Parent: TokenParser

Complexity

Conditions	1
Paths	1

Size

Total Lines	5
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	3
CRAP Score	1

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	1
eloc	2
c	1
b	0
f	0
nc	1
nop	1
dl	0
loc	5
ccs	3
cts	3
cp	1
crap	1
rs	10

<?php declare(strict_types=1);

namespace CustomerGauge\Cognito;

use Jose\Component\Checker\ClaimCheckerManager;
use Jose\Component\Checker\ExpirationTimeChecker;
use Jose\Component\Checker\IssuerChecker;
use Jose\Component\Core\AlgorithmManager;
use Jose\Component\Core\JWKSet;
use Jose\Component\Signature\Algorithm\RS256;
use Jose\Component\Signature\JWS;
use Jose\Component\Signature\JWSLoader;
use Jose\Component\Signature\JWSVerifier;
use Jose\Component\Signature\Serializer\CompactSerializer;
use Jose\Component\Signature\Serializer\JWSSerializerManager;

final class TokenParser
{
    private $keyResolver;

    public function __construct(KeyResolver $keyResolver)
    {
        $this->keyResolver = $keyResolver;
    }
    
    /**
     * This public method is useful for parsing the token from PHPUnit. It is not intended for production use.
     */
    public function unverifiedPayload(string $token): array
    {
        $jws = $this->loadAndVerifyWithKeySet($token);

        return json_decode($jws->getPayload(), true);
        return json_decode(/** @scrutinizer ignore-type */ $jws->getPayload(), true);
    }

    public function parse(string $token)
    {
        $payload = $this->unverifiedPayload($token);

        $claimCheckerManager = new ClaimCheckerManager([
            new IssuerChecker([$this->keyResolver->issuer()->toString()]),
            new ExpirationTimeChecker,
        ]);

        $claimCheckerManager->check($payload);

        return $payload;
    }

    private function loadAndVerifyWithKeySet(string $token): JWS
    {
        $jwsVerifier = new JWSVerifier(new AlgorithmManager([new RS256()]));

        $serializerManager = new JWSSerializerManager([new CompactSerializer()]);

        $jwsLoader = new JWSLoader($serializerManager, $jwsVerifier, null);

        $jwkset = JWKSet::createFromJson($this->keyResolver->jwkset());

        return $jwsLoader->loadAndVerifyWithKeySet($token, $jwkset, $signature);
    }
}


cgauge / laravel-cognito-provider

Pull Request — master (#7)

TokenParser::unverifiedPayload() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like