TokenValidator - Code Metrics - Inspection of "Add HMAC implementation" - chadicus/hmac-middleware-php - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#4)

by Chad

created 2017-09-20 00:29 UTC

TokenValidator A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	27
Duplicated Lines	0 %

Coupling/Cohesion

Components	0
Dependencies	3

Importance

Changes

Metric	Value
wmc	2
lcom	0
cbo	3
dl	0
loc	27
rs	10
c	0
b	0
f	0

1 Method

Rating	Name	Duplication	Size	Complexity
A	validate()	0	13	2

<?php

namespace Chadicus\Hmac;

use Psr\Http\Message\ServerRequestInterface;

/**
 * Interface for validating token data.
 */
final class TokenValidator implements TokenValidatorInterface
{
    /**
     * Validates the given token against the private key and incoming request.
     *
     * @param string                 $privateKey The private API key.
     * @param Token                  $token      The token extracted from the request.
     * @param ServerRequestInterface $request    The incoming PSR-7 request.
     *
     * @return boolean
     *
     * @throws AuthenticationException 401 Thrown hash is not valid.
     */
    public function validate(string $privateKey, Token $token, ServerRequestInterface $request) : bool
    {
        $method = $request->getMethod();
        $uri = (string)$request->getUri();
        $base64 = base64_encode((string)$request->getBody());
        $data = "{$privateKey}{$method}{$uri}{$token->getTimeStamp()}{$token->getNonce()}{$base64}";

        if (hash('sha256', $data) !== $token->getSignature()) {
            throw new AuthenticationException(401, 'Invalid Hash');
        }

        return true;
    }
}


1			<?php
2
3			namespace Chadicus\Hmac;
4
5			use Psr\Http\Message\ServerRequestInterface;
6
7			/**
8			* Interface for validating token data.
9			*/
10			final class TokenValidator implements TokenValidatorInterface
11			{
12			/**
13			* Validates the given token against the private key and incoming request.
14			*
15			* @param string $privateKey The private API key.
16			* @param Token $token The token extracted from the request.
17			* @param ServerRequestInterface $request The incoming PSR-7 request.
18			*
19			* @return boolean
20			*
21			* @throws AuthenticationException 401 Thrown hash is not valid.
22			*/
23			public function validate(string $privateKey, Token $token, ServerRequestInterface $request) : bool
24			{
25			$method = $request->getMethod();
26			$uri = (string)$request->getUri();
27			$base64 = base64_encode((string)$request->getBody());
28			$data = "{$privateKey}{$method}{$uri}{$token->getTimeStamp()}{$token->getNonce()}{$base64}";
29
30			if (hash('sha256', $data) !== $token->getSignature()) {
31			throw new AuthenticationException(401, 'Invalid Hash');
32			}
33
34			return true;
35			}
36			}
37

chadicus / hmac-middleware-php

Pull Request — master (#4)

TokenValidator A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

1 Method

Duplication Side-by-Side

Filter issues like