Authorization::__invoke() - Code Metrics - Inspection of "Add formatScopes() to help ensure cope correctness" - chadicus/slim-oauth2-middleware - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( ac91f0...b7888d )

by Chad

created 2016-11-15 18:07 UTC

Authorization::__invoke() A

↳ Parent: Authorization

Complexity

Conditions	3
Paths	3

Size

Total Lines	12
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	12
rs	9.4285
c	0
b	0
f	0
cc	3
eloc	7
nc	3
nop	3

<?php
namespace Chadicus\Slim\OAuth2\Middleware;

use ArrayAccess;
use Chadicus\Slim\OAuth2\Http\RequestBridge;
use Chadicus\Slim\OAuth2\Http\ResponseBridge;
use Chadicus\Psr\Middleware\MiddlewareInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
use OAuth2;

/**
 * Slim Middleware to handle OAuth2 Authorization.
 */
class Authorization implements MiddlewareInterface
{
    /**
     * OAuth2 Server
     *
     * @var OAuth2\Server
     */
    private $server;

    /**
     * Array of scopes required for authorization.
     *
     * @var array
     */
    private $scopes;

    /**
     * Container for token.
     *
     * @var ArrayAccess
     */
    private $container;

    /**
     * Create a new instance of the Authroization middleware.
     *
     * @param OAuth2\Server $server    The configured OAuth2 server.
     * @param ArrayAccess   $container A container object in which to store the token from the request.
     * @param array         $scopes    Scopes required for authorization. $scopes can be given as an array of arrays. OR
     *                                 logic will use with each grouping.  Example:
     *                                 Given ['superUser', ['basicUser', 'aPermission']], the request will be verified
     *                                 if the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as
     *                                 its scope.
     */
    public function __construct(OAuth2\Server $server, ArrayAccess $container, array $scopes = [])
    {
        $this->server = $server;
        $this->container = $container;
        $this->scopes = $this->formatScopes($scopes);
    }

    /**
     * Execute this middleware.
     *
     * @param  ServerRequestInterface $request  The PSR7 request.
     * @param  ResponseInterface      $response The PSR7 response.
     * @param  callable               $next     The Next middleware.
     *
     * @return ResponseInterface
     */
    public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
    {
        $oauth2Request = RequestBridge::toOAuth2($request);
        foreach ($this->scopes as $scope) {
            if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
                $this->container['token'] = $this->server->getResourceController()->getToken();
                return $next($request, $response);
            }
        }

        return ResponseBridge::fromOAuth2($this->server->getResponse());

    }

    /**
     * Returns a callable function to be used as a authorization middleware with a specified scope.
     *
     * @param array $scopes Scopes require for authorization.
     *
     * @return Authorization
     */
    public function withRequiredScope(array $scopes)
    {
        $clone = clone $this;
        $clone->scopes = $clone->formatScopes($scopes);
        return $clone;
    }

    /**
     * Helper method to ensure given scopes are formatted properly.
     *
     * @param array $scopes Scopes required for authorization.
     *
     * @return array The formatted scopes array.
     */
    private function formatScopes(array $scopes)
    {
        if (empty($scopes)) {
            return [null]; //use at least 1 null scope
        }

        array_walk(
            $scopes,
            function (&$scope) {
                if (is_array($scope)) {
                    $scope = implode(' ', $scope);
                }
            }
        );

        return $scopes;
    }
}


1			<?php
2			namespace Chadicus\Slim\OAuth2\Middleware;
3
4			use ArrayAccess;
5			use Chadicus\Slim\OAuth2\Http\RequestBridge;
6			use Chadicus\Slim\OAuth2\Http\ResponseBridge;
7			use Chadicus\Psr\Middleware\MiddlewareInterface;
8			use Psr\Http\Message\ServerRequestInterface;
9			use Psr\Http\Message\ResponseInterface;
10			use OAuth2;
11
12			/**
13			* Slim Middleware to handle OAuth2 Authorization.
14			*/
15			class Authorization implements MiddlewareInterface
16			{
17			/**
18			* OAuth2 Server
19			*
20			* @var OAuth2\Server
21			*/
22			private $server;
23
24			/**
25			* Array of scopes required for authorization.
26			*
27			* @var array
28			*/
29			private $scopes;
30
31			/**
32			* Container for token.
33			*
34			* @var ArrayAccess
35			*/
36			private $container;
37
38			/**
39			* Create a new instance of the Authroization middleware.
40			*
41			* @param OAuth2\Server $server The configured OAuth2 server.
42			* @param ArrayAccess $container A container object in which to store the token from the request.
43			* @param array $scopes Scopes required for authorization. $scopes can be given as an array of arrays. OR
44			* logic will use with each grouping. Example:
45			* Given ['superUser', ['basicUser', 'aPermission']], the request will be verified
46			* if the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as
47			* its scope.
48			*/
49			public function __construct(OAuth2\Server $server, ArrayAccess $container, array $scopes = [])
50			{
51			$this->server = $server;
52			$this->container = $container;
53			$this->scopes = $this->formatScopes($scopes);
54			}
55
56			/**
57			* Execute this middleware.
58			*
59			* @param ServerRequestInterface $request The PSR7 request.
60			* @param ResponseInterface $response The PSR7 response.
61			* @param callable $next The Next middleware.
62			*
63			* @return ResponseInterface
64			*/
65			public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
66			{
67			$oauth2Request = RequestBridge::toOAuth2($request);
68			foreach ($this->scopes as $scope) {
69			if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
70			$this->container['token'] = $this->server->getResourceController()->getToken();
71			return $next($request, $response);
72			}
73			}
74
75			return ResponseBridge::fromOAuth2($this->server->getResponse());
			0 ignored issues – show Compatibility introduced 2016-05-22 16:53 UTC by Report Bug Copy Issue Report `$this->server->getResponse()` of type `object<OAuth2\ResponseInterface>` is not a sub-type of `object<OAuth2\Response>`. It seems like you assume a concrete implementation of the interface `OAuth2\ResponseInterface` to be always present. This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass. Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type. Loading history...
76			}
77
78			/**
79			* Returns a callable function to be used as a authorization middleware with a specified scope.
80			*
81			* @param array $scopes Scopes require for authorization.
82			*
83			* @return Authorization
84			*/
85			public function withRequiredScope(array $scopes)
86			{
87			$clone = clone $this;
88			$clone->scopes = $clone->formatScopes($scopes);
89			return $clone;
90			}
91
92			/**
93			* Helper method to ensure given scopes are formatted properly.
94			*
95			* @param array $scopes Scopes required for authorization.
96			*
97			* @return array The formatted scopes array.
98			*/
99			private function formatScopes(array $scopes)
100			{
101			if (empty($scopes)) {
102			return [null]; //use at least 1 null scope
103			}
104
105			array_walk(
106			$scopes,
107			function (&$scope) {
108			if (is_array($scope)) {
109			$scope = implode(' ', $scope);
110			}
111			}
112			);
113
114			return $scopes;
115			}
116			}
117

chadicus / slim-oauth2-middleware

Push — master ( ac91f0...b7888d )

Authorization::__invoke() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like