Issues in Authorization.php - New Issues - Inspection of "Slim3" - chadicus/slim-oauth2-middleware - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — master (#17)

by Chad

created 2016-05-22 16:40 UTC

src/Authorization.php (4 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Chadicus\Slim\OAuth2\Middleware;

use Chadicus\Slim\OAuth2\Http\RequestBridge;
use Chadicus\Slim\OAuth2\Http\ResponseBridge;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
use OAuth2;
use Slim;

/**
 * Slim Middleware to handle OAuth2 Authorization.
 */
class Authorization implements MiddlewareInterface
{
    /**
     * Slim App
     *
     * @var Slim\App
     */
    private $slim;

    /**
     * OAuth2 Server
     *
     * @var OAuth2\Server
     */
    private $server;

    /**
     * Array of scopes required for authorization.
     *
     * @var array
     */
    private $scopes;

    /**
     * Create a new instance of the Authroization middleware
     *
     * @param Slim\App      $slim   The slim framework application instance.
     * @param OAuth2\Server $server The configured OAuth2 server.
     * @param array         $scopes Scopes required for authorization. $scopes can be given as an array of arrays. OR
     *                              logic will use with each grouping.  Example:
     *                              Given ['superUser', ['basicUser', 'aPermission']], the request will be verified if
     *                              the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as its
     *                              scope.
     */
    public function __construct(Slim\App $slim, OAuth2\Server $server, array $scopes = [])
    {
        $this->slim = $slim;
        $this->server = $server;
        $this->scopes = $scopes;
    }

    /**
     * Execute this middleware.
     *
     * @param  ServerRequestInterface $request  PSR7 request

     * @param  ResponseInterface      $response PSR7 response

     * @param  callable               $next     Next middleware

     *
     * @return ResponseInterface
     */
    public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
    {
        $oauth2Request = RequestBridge::toOAuth2($request);

        $scopes = $this->scopes;
        if (empty($scopes)) {
            $scopes = [null]; //use at least 1 null scope
        }

        foreach ($scopes as $scope) {
            if (is_array($scope)) {
                $scope = implode(' ', $scope);
            }

            if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
                $this->slim->getContainer()->token = $this->server->getResourceController()->getToken();
                return $next($request, $response);
            }
        }

        return ResponseBridge::fromOAuth2($this->server->getResponse());
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
    }

    /**
     * Returns a callable function to be used as a authorization middleware with a specified scope.
     *
     * @param array $scopes Scopes require for authorization.
     *
     * @return Authorization
     */
    public function withRequiredScope(array $scopes)
    {
        $clone = clone $this;
        $clone->scopes = $scopes;
        return $clone;
    }
}


1			<?php
2			namespace Chadicus\Slim\OAuth2\Middleware;
3
4			use Chadicus\Slim\OAuth2\Http\RequestBridge;
5			use Chadicus\Slim\OAuth2\Http\ResponseBridge;
6			use Psr\Http\Message\ServerRequestInterface;
7			use Psr\Http\Message\ResponseInterface;
8			use OAuth2;
9			use Slim;
10
11			/**
12			* Slim Middleware to handle OAuth2 Authorization.
13			*/
14			class Authorization implements MiddlewareInterface
15			{
16			/**
17			* Slim App
18			*
19			* @var Slim\App
20			*/
21			private $slim;
22
23			/**
24			* OAuth2 Server
25			*
26			* @var OAuth2\Server
27			*/
28			private $server;
29
30			/**
31			* Array of scopes required for authorization.
32			*
33			* @var array
34			*/
35			private $scopes;
36
37			/**
38			* Create a new instance of the Authroization middleware
39			*
40			* @param Slim\App $slim The slim framework application instance.
41			* @param OAuth2\Server $server The configured OAuth2 server.
42			* @param array $scopes Scopes required for authorization. $scopes can be given as an array of arrays. OR
43			* logic will use with each grouping. Example:
44			* Given ['superUser', ['basicUser', 'aPermission']], the request will be verified if
45			* the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as its
46			* scope.
47			*/
48			public function __construct(Slim\App $slim, OAuth2\Server $server, array $scopes = [])
49			{
50			$this->slim = $slim;
51			$this->server = $server;
52			$this->scopes = $scopes;
53			}
54
55			/**
56			* Execute this middleware.
57			*
58			* @param ServerRequestInterface $request PSR7 request
			0 ignored issues – show Coding Style Documentation introduced 2016-05-22 16:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this Parameter comment must end with a full stop Loading history...
59			* @param ResponseInterface $response PSR7 response
			0 ignored issues – show Coding Style Documentation introduced 2016-05-22 16:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this Parameter comment must end with a full stop Loading history...
60			* @param callable $next Next middleware
			0 ignored issues – show Coding Style Documentation introduced 2016-05-22 16:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this Parameter comment must end with a full stop Loading history...
61			*
62			* @return ResponseInterface
63			*/
64			public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
65			{
66			$oauth2Request = RequestBridge::toOAuth2($request);
67
68			$scopes = $this->scopes;
69			if (empty($scopes)) {
70			$scopes = [null]; //use at least 1 null scope
71			}
72
73			foreach ($scopes as $scope) {
74			if (is_array($scope)) {
75			$scope = implode(' ', $scope);
76			}
77
78			if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
79			$this->slim->getContainer()->token = $this->server->getResourceController()->getToken();
80			return $next($request, $response);
81			}
82			}
83
84			return ResponseBridge::fromOAuth2($this->server->getResponse());
			0 ignored issues – show Bug Best Practice introduced 2016-05-22 16:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type of `return \Chadicus\Slim\OA...server->getResponse());` (`Slim\Http\Response`) is incompatible with the return type declared by the interface `Chadicus\Slim\OAuth2\Mid...wareInterface::__invoke` of type `Psr\Http\Message\ResponseInterface`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
85			}
86
87			/**
88			* Returns a callable function to be used as a authorization middleware with a specified scope.
89			*
90			* @param array $scopes Scopes require for authorization.
91			*
92			* @return Authorization
93			*/
94			public function withRequiredScope(array $scopes)
95			{
96			$clone = clone $this;
97			$clone->scopes = $scopes;
98			return $clone;
99			}
100			}
101

chadicus / slim-oauth2-middleware

Pull Request — master (#17)

src/Authorization.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like