yrc\actions\AuthenticationAction

Complexity

Total Complexity

10

Size/Duplication

Total Lines	60
Duplicated Lines	0 %

Importance

Changes

0

3 Methods

Rating	Name	Duplication	Size	Complexity
A	post()	0	15	3
A	delete()	0	10	3
A	getTokenFromAccessToken()	0	16	4

<?php

namespace yrc\actions;

use common\forms\Login;

The type common\forms\Login was not found. Maybe you did not declare it correctly or list all dependencies?

use ncryptf\Authorization;
use yrc\filters\auth\HMACSignatureAuth;
use yrc\rest\Action as RestAction;
use yii\web\UnauthorizedHttpException;
use Yii;

/**
 * Handles Authentication and Deauthentication of users
 * @class AuthenticationAction
 */
class AuthenticationAction extends RestAction
{
    /**
     * Authenticates a user using their username and password
     * @return mixed
     */
    public function post($params)

The parameter $params is not used and could be removed.

    {
        $model = new Login;
        
        if ($model->load(['Login' => Yii::$app->request->post()])) {
            $token = $model->authenticate();

            if ($token === false) {
                throw new UnauthorizedHttpException('The credentials you provided are not valid', $model->exitStatus);
            } else {
                return $token->getAuthResponse();
            }
        }
            
        return false;
    }

    /**
     * Deauthenticates a user
     * @return mixed
     */
    public function delete($params)

The parameter $params is not used and could be removed.

    {
        $params = Authorization::extractParamsFromHeaderString(Yii::$app->request->getHeaders()->get(HMACSignatureAuth::AUTHORIZATION_HEADER));

It seems like Yii::app->request->getHeaders()->get(yrc\filters\auth\HMACSignatureAuth::AUTHORIZATION_HEADER) can also be of type array; however, parameter $hmacHeader of ncryptf\Authorization::extractParamsFromHeaderString() does only seem to accept null|string, maybe add an additional type check?

        if ($params) {
            if ($token = $this->getTokenFromAccessToken($params['access_token'])) {
                return (bool)$token->delete();
            }
        }

        return false;
    }

    /**
    * Retrieves a Token object from an access token string
    * @param string $accessToken
    * @return \yrc\models\redis\Token
    */
    private function getTokenFromAccessToken(string $accessToken)
    {
        try {
            $tokenClass = (Yii::$app->user->identityClass::TOKEN_CLASS);
            $token = $tokenClass::find()
                ->where(['access_token' => $accessToken])
                ->one();
        } catch (\Exception $e) {
            return null;
        }

        if ($token === null || $token->isExpired()) {
            return null;
        }

        return $token;
    }
}