Authorization::__invoke() - Code Metrics - Inspection of "Slim3" - chadicus/slim-oauth2-middleware - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — master (#17)

by Chad

created 2016-05-22 17:25 UTC

Authorization::__invoke() B

↳ Parent: Authorization

Complexity

Conditions	5
Paths	10

Size

Total Lines	22
Code Lines	12

Duplication

Lines	0
Ratio	0 %

Importance

Changes	2
Bugs	0	Features	1

Metric	Value
c	2
b	0
f	1
dl	0
loc	22
rs	8.6737
cc	5
eloc	12
nc	10
nop	3

<?php
namespace Chadicus\Slim\OAuth2\Middleware;

use ArrayAccess;
use Chadicus\Slim\OAuth2\Http\RequestBridge;
use Chadicus\Slim\OAuth2\Http\ResponseBridge;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
use OAuth2;
use Slim;

/**
 * Slim Middleware to handle OAuth2 Authorization.
 */
class Authorization implements MiddlewareInterface
{
    /**
     * OAuth2 Server
     *
     * @var OAuth2\Server
     */
    private $server;

    /**
     * Array of scopes required for authorization.
     *
     * @var array
     */
    private $scopes;

    /**
     * Container for token.
     *
     * @var ArrayAccess
     */
    private $container;

    /**
     * Create a new instance of the Authroization middleware.
     *
     * @param OAuth2\Server $server    The configured OAuth2 server.
     * @param ArrayAccess   $container A container object in which to store the token from the request.
     * @param array         $scopes    Scopes required for authorization. $scopes can be given as an array of arrays. OR
     *                                 logic will use with each grouping.  Example:
     *                                 Given ['superUser', ['basicUser', 'aPermission']], the request will be verified
     *                                 if the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as
     *                                 its scope.
     */
    public function __construct(OAuth2\Server $server, ArrayAccess $container, array $scopes = [])
    {
        $this->server = $server;
        $this->container = $container;
        $this->scopes = $scopes;
    }

    /**
     * Execute this middleware.
     *
     * @param  ServerRequestInterface $request  The PSR7 request.
     * @param  ResponseInterface      $response The PSR7 response.
     * @param  callable               $next     The Next middleware.
     *
     * @return Slim\Http\Response
     */
    public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
    {
        $oauth2Request = RequestBridge::toOAuth2($request);

        $scopes = $this->scopes;
        if (empty($scopes)) {
            $scopes = [null]; //use at least 1 null scope
        }

        foreach ($scopes as $scope) {
            if (is_array($scope)) {
                $scope = implode(' ', $scope);
            }

            if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
                $this->container['token'] = $this->server->getResourceController()->getToken();
                return $next($request, $response);
            }
        }

        return ResponseBridge::fromOAuth2($this->server->getResponse());

    }

    /**
     * Returns a callable function to be used as a authorization middleware with a specified scope.
     *
     * @param array $scopes Scopes require for authorization.
     *
     * @return Authorization
     */
    public function withRequiredScope(array $scopes)
    {
        $clone = clone $this;
        $clone->scopes = $scopes;
        return $clone;
    }
}


1			<?php
2			namespace Chadicus\Slim\OAuth2\Middleware;
3
4			use ArrayAccess;
5			use Chadicus\Slim\OAuth2\Http\RequestBridge;
6			use Chadicus\Slim\OAuth2\Http\ResponseBridge;
7			use Psr\Http\Message\ServerRequestInterface;
8			use Psr\Http\Message\ResponseInterface;
9			use OAuth2;
10			use Slim;
11
12			/**
13			* Slim Middleware to handle OAuth2 Authorization.
14			*/
15			class Authorization implements MiddlewareInterface
16			{
17			/**
18			* OAuth2 Server
19			*
20			* @var OAuth2\Server
21			*/
22			private $server;
23
24			/**
25			* Array of scopes required for authorization.
26			*
27			* @var array
28			*/
29			private $scopes;
30
31			/**
32			* Container for token.
33			*
34			* @var ArrayAccess
35			*/
36			private $container;
37
38			/**
39			* Create a new instance of the Authroization middleware.
40			*
41			* @param OAuth2\Server $server The configured OAuth2 server.
42			* @param ArrayAccess $container A container object in which to store the token from the request.
43			* @param array $scopes Scopes required for authorization. $scopes can be given as an array of arrays. OR
44			* logic will use with each grouping. Example:
45			* Given ['superUser', ['basicUser', 'aPermission']], the request will be verified
46			* if the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as
47			* its scope.
48			*/
49			public function __construct(OAuth2\Server $server, ArrayAccess $container, array $scopes = [])
50			{
51			$this->server = $server;
52			$this->container = $container;
53			$this->scopes = $scopes;
54			}
55
56			/**
57			* Execute this middleware.
58			*
59			* @param ServerRequestInterface $request The PSR7 request.
60			* @param ResponseInterface $response The PSR7 response.
61			* @param callable $next The Next middleware.
62			*
63			* @return Slim\Http\Response
64			*/
65			public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
66			{
67			$oauth2Request = RequestBridge::toOAuth2($request);
68
69			$scopes = $this->scopes;
70			if (empty($scopes)) {
71			$scopes = [null]; //use at least 1 null scope
72			}
73
74			foreach ($scopes as $scope) {
75			if (is_array($scope)) {
76			$scope = implode(' ', $scope);
77			}
78
79			if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
80			$this->container['token'] = $this->server->getResourceController()->getToken();
81			return $next($request, $response);
82			}
83			}
84
85			return ResponseBridge::fromOAuth2($this->server->getResponse());
			0 ignored issues – show Compatibility introduced 2016-05-22 16:53 UTC by Report Bug Copy Issue Report `$this->server->getResponse()` of type `object<OAuth2\ResponseInterface>` is not a sub-type of `object<OAuth2\Response>`. It seems like you assume a concrete implementation of the interface `OAuth2\ResponseInterface` to be always present. This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type. Loading history...
86			}
87
88			/**
89			* Returns a callable function to be used as a authorization middleware with a specified scope.
90			*
91			* @param array $scopes Scopes require for authorization.
92			*
93			* @return Authorization
94			*/
95			public function withRequiredScope(array $scopes)
96			{
97			$clone = clone $this;
98			$clone->scopes = $scopes;
99			return $clone;
100			}
101			}
102

chadicus / slim-oauth2-middleware

Pull Request — master (#17)

Authorization::__invoke() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like