Completed
Push — master ( ac91f0...b7888d )
by Chad
01:44
created

Authorization::formatScopes()   A

Complexity

Conditions 3
Paths 2

Size

Total Lines 17
Code Lines 9

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
dl 0
loc 17
rs 9.4285
c 0
b 0
f 0
cc 3
eloc 9
nc 2
nop 1
1
<?php
2
namespace Chadicus\Slim\OAuth2\Middleware;
3
4
use ArrayAccess;
5
use Chadicus\Slim\OAuth2\Http\RequestBridge;
6
use Chadicus\Slim\OAuth2\Http\ResponseBridge;
7
use Chadicus\Psr\Middleware\MiddlewareInterface;
8
use Psr\Http\Message\ServerRequestInterface;
9
use Psr\Http\Message\ResponseInterface;
10
use OAuth2;
11
12
/**
13
 * Slim Middleware to handle OAuth2 Authorization.
14
 */
15
class Authorization implements MiddlewareInterface
16
{
17
    /**
18
     * OAuth2 Server
19
     *
20
     * @var OAuth2\Server
21
     */
22
    private $server;
23
24
    /**
25
     * Array of scopes required for authorization.
26
     *
27
     * @var array
28
     */
29
    private $scopes;
30
31
    /**
32
     * Container for token.
33
     *
34
     * @var ArrayAccess
35
     */
36
    private $container;
37
38
    /**
39
     * Create a new instance of the Authroization middleware.
40
     *
41
     * @param OAuth2\Server $server    The configured OAuth2 server.
42
     * @param ArrayAccess   $container A container object in which to store the token from the request.
43
     * @param array         $scopes    Scopes required for authorization. $scopes can be given as an array of arrays. OR
44
     *                                 logic will use with each grouping.  Example:
45
     *                                 Given ['superUser', ['basicUser', 'aPermission']], the request will be verified
46
     *                                 if the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as
47
     *                                 its scope.
48
     */
49
    public function __construct(OAuth2\Server $server, ArrayAccess $container, array $scopes = [])
50
    {
51
        $this->server = $server;
52
        $this->container = $container;
53
        $this->scopes = $this->formatScopes($scopes);
54
    }
55
56
    /**
57
     * Execute this middleware.
58
     *
59
     * @param  ServerRequestInterface $request  The PSR7 request.
60
     * @param  ResponseInterface      $response The PSR7 response.
61
     * @param  callable               $next     The Next middleware.
62
     *
63
     * @return ResponseInterface
64
     */
65
    public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
66
    {
67
        $oauth2Request = RequestBridge::toOAuth2($request);
68
        foreach ($this->scopes as $scope) {
69
            if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
70
                $this->container['token'] = $this->server->getResourceController()->getToken();
71
                return $next($request, $response);
72
            }
73
        }
74
75
        return ResponseBridge::fromOAuth2($this->server->getResponse());
0 ignored issues
show
Compatibility introduced by chadicus
$this->server->getResponse() of type object<OAuth2\ResponseInterface> is not a sub-type of object<OAuth2\Response>. It seems like you assume a concrete implementation of the interface OAuth2\ResponseInterface to be always present.

This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass.

Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type.

Loading history...
76
    }
77
78
    /**
79
     * Returns a callable function to be used as a authorization middleware with a specified scope.
80
     *
81
     * @param array $scopes Scopes require for authorization.
82
     *
83
     * @return Authorization
84
     */
85
    public function withRequiredScope(array $scopes)
86
    {
87
        $clone = clone $this;
88
        $clone->scopes = $clone->formatScopes($scopes);
89
        return $clone;
90
    }
91
92
    /**
93
     * Helper method to ensure given scopes are formatted properly.
94
     *
95
     * @param array $scopes Scopes required for authorization.
96
     *
97
     * @return array The formatted scopes array.
98
     */
99
    private function formatScopes(array $scopes)
100
    {
101
        if (empty($scopes)) {
102
            return [null]; //use at least 1 null scope
103
        }
104
105
        array_walk(
106
            $scopes,
107
            function (&$scope) {
108
                if (is_array($scope)) {
109
                    $scope = implode(' ', $scope);
110
                }
111
            }
112
        );
113
114
        return $scopes;
115
    }
116
}
117