Issues in Authorization.php - Failed Issues - Inspection of "Remove slim requirement" - chadicus/slim-oauth2-middleware - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — master (#20)

by Chad

created 2016-11-15 16:54 UTC

src/Authorization.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Chadicus\Slim\OAuth2\Middleware;

use ArrayAccess;
use Chadicus\Slim\OAuth2\Http\RequestBridge;
use Chadicus\Slim\OAuth2\Http\ResponseBridge;
use Chadicus\Psr\Middleware\MiddlewareInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
use OAuth2;

/**
 * Slim Middleware to handle OAuth2 Authorization.
 */
class Authorization implements MiddlewareInterface
{
    /**
     * OAuth2 Server
     *
     * @var OAuth2\Server
     */
    private $server;

    /**
     * Array of scopes required for authorization.
     *
     * @var array
     */
    private $scopes;

    /**
     * Container for token.
     *
     * @var ArrayAccess
     */
    private $container;

    /**
     * Create a new instance of the Authroization middleware.
     *
     * @param OAuth2\Server $server    The configured OAuth2 server.
     * @param ArrayAccess   $container A container object in which to store the token from the request.
     * @param array         $scopes    Scopes required for authorization. $scopes can be given as an array of arrays. OR
     *                                 logic will use with each grouping.  Example:
     *                                 Given ['superUser', ['basicUser', 'aPermission']], the request will be verified
     *                                 if the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as
     *                                 its scope.
     */
    public function __construct(OAuth2\Server $server, ArrayAccess $container, array $scopes = [])
    {
        $this->server = $server;
        $this->container = $container;
        $this->scopes = $scopes;
    }

    /**
     * Execute this middleware.
     *
     * @param  ServerRequestInterface $request  The PSR7 request.
     * @param  ResponseInterface      $response The PSR7 response.
     * @param  callable               $next     The Next middleware.
     *
     * @return ResponseInterface
     */
    public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
    {
        $oauth2Request = RequestBridge::toOAuth2($request);

        $scopes = $this->scopes;
        if (empty($scopes)) {
            $scopes = [null]; //use at least 1 null scope
        }

        foreach ($scopes as $scope) {
            if (is_array($scope)) {
                $scope = implode(' ', $scope);
            }

            if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
                $this->container['token'] = $this->server->getResourceController()->getToken();
                return $next($request, $response);
            }
        }

        return ResponseBridge::fromOAuth2($this->server->getResponse());
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
    }

    /**
     * Returns a callable function to be used as a authorization middleware with a specified scope.
     *
     * @param array $scopes Scopes require for authorization.
     *
     * @return Authorization
     */
    public function withRequiredScope(array $scopes)
    {
        $clone = clone $this;
        $clone->scopes = $scopes;
        return $clone;
    }
}


1			<?php
2			namespace Chadicus\Slim\OAuth2\Middleware;
3
4			use ArrayAccess;
5			use Chadicus\Slim\OAuth2\Http\RequestBridge;
6			use Chadicus\Slim\OAuth2\Http\ResponseBridge;
7			use Chadicus\Psr\Middleware\MiddlewareInterface;
8			use Psr\Http\Message\ServerRequestInterface;
9			use Psr\Http\Message\ResponseInterface;
10			use OAuth2;
11
12			/**
13			* Slim Middleware to handle OAuth2 Authorization.
14			*/
15			class Authorization implements MiddlewareInterface
16			{
17			/**
18			* OAuth2 Server
19			*
20			* @var OAuth2\Server
21			*/
22			private $server;
23
24			/**
25			* Array of scopes required for authorization.
26			*
27			* @var array
28			*/
29			private $scopes;
30
31			/**
32			* Container for token.
33			*
34			* @var ArrayAccess
35			*/
36			private $container;
37
38			/**
39			* Create a new instance of the Authroization middleware.
40			*
41			* @param OAuth2\Server $server The configured OAuth2 server.
42			* @param ArrayAccess $container A container object in which to store the token from the request.
43			* @param array $scopes Scopes required for authorization. $scopes can be given as an array of arrays. OR
44			* logic will use with each grouping. Example:
45			* Given ['superUser', ['basicUser', 'aPermission']], the request will be verified
46			* if the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as
47			* its scope.
48			*/
49			public function __construct(OAuth2\Server $server, ArrayAccess $container, array $scopes = [])
50			{
51			$this->server = $server;
52			$this->container = $container;
53			$this->scopes = $scopes;
54			}
55
56			/**
57			* Execute this middleware.
58			*
59			* @param ServerRequestInterface $request The PSR7 request.
60			* @param ResponseInterface $response The PSR7 response.
61			* @param callable $next The Next middleware.
62			*
63			* @return ResponseInterface
64			*/
65			public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
66			{
67			$oauth2Request = RequestBridge::toOAuth2($request);
68
69			$scopes = $this->scopes;
70			if (empty($scopes)) {
71			$scopes = [null]; //use at least 1 null scope
72			}
73
74			foreach ($scopes as $scope) {
75			if (is_array($scope)) {
76			$scope = implode(' ', $scope);
77			}
78
79			if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
80			$this->container['token'] = $this->server->getResourceController()->getToken();
81			return $next($request, $response);
82			}
83			}
84
85			return ResponseBridge::fromOAuth2($this->server->getResponse());
			0 ignored issues – show Bug Best Practice introduced 2016-11-15 16:34 UTC by Report Bug Copy Issue Report Show Similar Issues like this The return type of `return \Chadicus\Slim\OA...server->getResponse());` (`Slim\Http\Response`) is incompatible with the return type declared by the interface `Chadicus\Psr\Middleware\...wareInterface::__invoke` of type `Psr\Http\Message\ResponseInterface`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
86			}
87
88			/**
89			* Returns a callable function to be used as a authorization middleware with a specified scope.
90			*
91			* @param array $scopes Scopes require for authorization.
92			*
93			* @return Authorization
94			*/
95			public function withRequiredScope(array $scopes)
96			{
97			$clone = clone $this;
98			$clone->scopes = $scopes;
99			return $clone;
100			}
101			}
102

chadicus / slim-oauth2-middleware

Pull Request — master (#20)

src/Authorization.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like