Issues in Authorization.php - Failed Issues - Inspection of "Remove dependeny on SlimAppContainer" - chadicus/slim-oauth2-middleware - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — master (#24)

by Petr

created 2017-01-04 16:50 UTC

src/Authorization.php (1 issue)

Labels

Bug 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
namespace Chadicus\Slim\OAuth2\Middleware;

use ArrayAccess;
use Chadicus\Slim\OAuth2\Http\RequestBridge;
use Chadicus\Slim\OAuth2\Http\ResponseBridge;
use Chadicus\Psr\Middleware\MiddlewareInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
use OAuth2;

/**
 * Slim Middleware to handle OAuth2 Authorization.
 */
class Authorization implements MiddlewareInterface
{
    /**
     * OAuth2 Server
     *
     * @var OAuth2\Server
     */
    private $server;

    /**
     * Array of scopes required for authorization.
     *
     * @var array
     */
    private $scopes;

    /**
     * Create a new instance of the Authroization middleware.
     *
     * @param OAuth2\Server $server    The configured OAuth2 server.
     * @param array         $scopes    Scopes required for authorization. $scopes can be given as an array of arrays. OR
     *                                 logic will use with each grouping.  Example:
     *                                 Given ['superUser', ['basicUser', 'aPermission']], the request will be verified
     *                                 if the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as
     *                                 its scope.
     */
    public function __construct(OAuth2\Server $server, array $scopes = [])
    {
        $this->server = $server;
        $this->scopes = $this->formatScopes($scopes);
    }

    /**
     * Execute this middleware.
     *
     * @param  ServerRequestInterface $request  The PSR7 request.
     * @param  ResponseInterface      $response The PSR7 response.
     * @param  callable               $next     The Next middleware.
     *
     * @return ResponseInterface
     */
    public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
    {
        $oauth2Request = RequestBridge::toOAuth2($request);
        foreach ($this->scopes as $scope) {
            if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
                $this->container['token'] = $this->server->getResourceController()->getToken();
class MyClass { }

$x = new MyClass();
$x->foo = true;
                return $next($request, $response);
            }
        }

        return ResponseBridge::fromOAuth2($this->server->getResponse());
    }

    /**
     * Returns a callable function to be used as a authorization middleware with a specified scope.
     *
     * @param array $scopes Scopes require for authorization.
     *
     * @return Authorization
     */
    public function withRequiredScope(array $scopes)
    {
        $clone = clone $this;
        $clone->scopes = $clone->formatScopes($scopes);
        return $clone;
    }

    /**
     * Helper method to ensure given scopes are formatted properly.
     *
     * @param array $scopes Scopes required for authorization.
     *
     * @return array The formatted scopes array.
     */
    private function formatScopes(array $scopes)
    {
        if (empty($scopes)) {
            return [null]; //use at least 1 null scope
        }

        array_walk(
            $scopes,
            function (&$scope) {
                if (is_array($scope)) {
                    $scope = implode(' ', $scope);
                }
            }
        );

        return $scopes;
    }
}


1			<?php
2			namespace Chadicus\Slim\OAuth2\Middleware;
3
4			use ArrayAccess;
5			use Chadicus\Slim\OAuth2\Http\RequestBridge;
6			use Chadicus\Slim\OAuth2\Http\ResponseBridge;
7			use Chadicus\Psr\Middleware\MiddlewareInterface;
8			use Psr\Http\Message\ServerRequestInterface;
9			use Psr\Http\Message\ResponseInterface;
10			use OAuth2;
11
12			/**
13			* Slim Middleware to handle OAuth2 Authorization.
14			*/
15			class Authorization implements MiddlewareInterface
16			{
17			/**
18			* OAuth2 Server
19			*
20			* @var OAuth2\Server
21			*/
22			private $server;
23
24			/**
25			* Array of scopes required for authorization.
26			*
27			* @var array
28			*/
29			private $scopes;
30
31			/**
32			* Create a new instance of the Authroization middleware.
33			*
34			* @param OAuth2\Server $server The configured OAuth2 server.
35			* @param array $scopes Scopes required for authorization. $scopes can be given as an array of arrays. OR
36			* logic will use with each grouping. Example:
37			* Given ['superUser', ['basicUser', 'aPermission']], the request will be verified
38			* if the request token has 'superUser' scope OR 'basicUser' and 'aPermission' as
39			* its scope.
40			*/
41			public function __construct(OAuth2\Server $server, array $scopes = [])
42			{
43			$this->server = $server;
44			$this->scopes = $this->formatScopes($scopes);
45			}
46
47			/**
48			* Execute this middleware.
49			*
50			* @param ServerRequestInterface $request The PSR7 request.
51			* @param ResponseInterface $response The PSR7 response.
52			* @param callable $next The Next middleware.
53			*
54			* @return ResponseInterface
55			*/
56			public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
57			{
58			$oauth2Request = RequestBridge::toOAuth2($request);
59			foreach ($this->scopes as $scope) {
60			if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) {
61			$this->container['token'] = $this->server->getResourceController()->getToken();
			0 ignored issues – show Bug introduced 2017-01-04 16:52 UTC by Report Bug Copy Issue Report Show Similar Issues like this The property `container` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
62			return $next($request, $response);
63			}
64			}
65
66			return ResponseBridge::fromOAuth2($this->server->getResponse());
67			}
68
69			/**
70			* Returns a callable function to be used as a authorization middleware with a specified scope.
71			*
72			* @param array $scopes Scopes require for authorization.
73			*
74			* @return Authorization
75			*/
76			public function withRequiredScope(array $scopes)
77			{
78			$clone = clone $this;
79			$clone->scopes = $clone->formatScopes($scopes);
80			return $clone;
81			}
82
83			/**
84			* Helper method to ensure given scopes are formatted properly.
85			*
86			* @param array $scopes Scopes required for authorization.
87			*
88			* @return array The formatted scopes array.
89			*/
90			private function formatScopes(array $scopes)
91			{
92			if (empty($scopes)) {
93			return [null]; //use at least 1 null scope
94			}
95
96			array_walk(
97			$scopes,
98			function (&$scope) {
99			if (is_array($scope)) {
100			$scope = implode(' ', $scope);
101			}
102			}
103			);
104
105			return $scopes;
106			}
107			}
108

chadicus / slim-oauth2-middleware

Pull Request — master (#24)

src/Authorization.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like