Token::getSignKeyPair() - Code Metrics - Inspection of "New implementation with forward-secrecy" - charlesportwoodii/yii2-api-rest-components - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( c06d7d...864e1b )

by Charles

created 2017-03-27 17:28 UTC

Token::getSignKeyPair() A

↳ Parent: Token

Complexity

Conditions	1
Paths	1

Size

Total Lines	6
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
c	0
b	0
f	0
dl	0
loc	6
rs	9.4285
cc	1
eloc	4
nc	1
nop	0

<?php

namespace yrc\api\models;

use Base32\Base32;
use yrc\api\models\TokenKeyPair;
use Yii;

/**
 * Abstract class for generating and storing tokens
 * @class Token
 */
abstract class Token extends \yrc\redis\ActiveRecord
{
    /**
     * This is our default token lifespan
     * @const TOKEN_EXPIRATION_TIME
     */
    const TOKEN_EXPIRATION_TIME = '+15 minutes';

    /**
     * @inheritdoc
     */
    public function attributes()
    {
        return [
            'id',
            'user_id',
            'access_token',
            'refresh_token',
            'ikm',
            'secret_sign_kp',
            'expires_at'
        ];
    }

    /**
     * @return \Sodium\crypto_sign_keypair
     */
    public function getSignKeyPair()
    {
        $secret = \base64_decode($this->secret_sign_kp);
        $public = \Sodium\crypto_sign_publickey_from_secretkey($secret);
        return \Sodium\crypto_sign_keypair_from_secretkey_and_publickey($secret, $public);
    }

    /**
     * @return \Sodium\crypto_sign_publickey
     */
    public function getSignPublicKey()
    {
        return \Sodium\crypto_sign_publickey($this->getSignKeyPair());
    }

    /**
     * Generates a new auth and refresh token pair
     * @param int $userId
     * @param bool $pubkey
/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}
     * @return array
     */
    public static function generate($userId = null)
    {
        $model = null;
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        $signKp = \Sodium\crypto_sign_keypair();

        $user = Yii::$app->yrc->userClass::findOne(['id' => $userId]);
        if ($user === null) {
            throw new \yii\base\Exception('Invalid user');
        }
       
        $token = new static;
        $token->user_id = $userId;
        $token->access_token = \str_replace('=', '', Base32::encode(\random_bytes(32)));
        $token->refresh_token = \str_replace('=', '', Base32::encode(\random_bytes(32)));
        $token->ikm =  \base64_encode(\random_bytes(32));
        $token->secret_sign_kp = \base64_encode(\Sodium\crypto_sign_secretkey($signKp));
        $token->expires_at = \strtotime(static::TOKEN_EXPIRATION_TIME);

        if ($token->save()) {
            return $token;
        }
            
        throw new \yii\base\Exception(Yii::t('yrc', 'Token failed to save'));
    }

    /**
     * Helper method to get the auth response data
     * @return array
     */
    public function getAuthResponse()
    {
        $attributes = $this->getAttributes();
        unset($attributes['id']);

        $attributes['signing'] = \base64_encode($this->getSignPublicKey());
        unset($attributes['secret_sign_kp']);
        return $attributes;
    }
}

1			<?php
2
3			namespace yrc\api\models;
4
5			use Base32\Base32;
6			use yrc\api\models\TokenKeyPair;
7			use Yii;
8
9			/**
10			* Abstract class for generating and storing tokens
11			* @class Token
12			*/
13			abstract class Token extends \yrc\redis\ActiveRecord
14			{
15			/**
16			* This is our default token lifespan
17			* @const TOKEN_EXPIRATION_TIME
18			*/
19			const TOKEN_EXPIRATION_TIME = '+15 minutes';
20
21			/**
22			* @inheritdoc
23			*/
24			public function attributes()
25			{
26			return [
27			'id',
28			'user_id',
29			'access_token',
30			'refresh_token',
31			'ikm',
32			'secret_sign_kp',
33			'expires_at'
34			];
35			}
36
37			/**
38			* @return \Sodium\crypto_sign_keypair
39			*/
40			public function getSignKeyPair()
41			{
42			$secret = \base64_decode($this->secret_sign_kp);
43			$public = \Sodium\crypto_sign_publickey_from_secretkey($secret);
44			return \Sodium\crypto_sign_keypair_from_secretkey_and_publickey($secret, $public);
45			}
46
47			/**
48			* @return \Sodium\crypto_sign_publickey
49			*/
50			public function getSignPublicKey()
51			{
52			return \Sodium\crypto_sign_publickey($this->getSignKeyPair());
53			}
54
55			/**
56			* Generates a new auth and refresh token pair
57			* @param int $userId
58			* @param bool $pubkey
			0 ignored issues – show Bug introduced 2017-03-27 17:30 UTC by Report Bug Copy Issue Report There is no parameter named `$pubkey`. Was it maybe removed? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter `$italy` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $island * @param array $italy */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was removed, but the annotation was not. Loading history...
59			* @return array
60			*/
61			public static function generate($userId = null)
62			{
63			$model = null;
			0 ignored issues – show Unused Code introduced 2017-03-16 16:20 UTC by Report Bug Copy Issue Report `$model` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
64			$signKp = \Sodium\crypto_sign_keypair();
65
66			$user = Yii::$app->yrc->userClass::findOne(['id' => $userId]);
67			if ($user === null) {
68			throw new \yii\base\Exception('Invalid user');
69			}
70
71			$token = new static;
72			$token->user_id = $userId;
73			$token->access_token = \str_replace('=', '', Base32::encode(\random_bytes(32)));
74			$token->refresh_token = \str_replace('=', '', Base32::encode(\random_bytes(32)));
75			$token->ikm = \base64_encode(\random_bytes(32));
76			$token->secret_sign_kp = \base64_encode(\Sodium\crypto_sign_secretkey($signKp));
77			$token->expires_at = \strtotime(static::TOKEN_EXPIRATION_TIME);
78
79			if ($token->save()) {
80			return $token;
81			}
82
83			throw new \yii\base\Exception(Yii::t('yrc', 'Token failed to save'));
84			}
85
86			/**
87			* Helper method to get the auth response data
88			* @return array
89			*/
90			public function getAuthResponse()
91			{
92			$attributes = $this->getAttributes();
93			unset($attributes['id']);
94
95			$attributes['signing'] = \base64_encode($this->getSignPublicKey());
96			unset($attributes['secret_sign_kp']);
97			return $attributes;
98			}
99			}

charlesportwoodii / yii2-api-rest-components

Push — master ( c06d7d...864e1b )

Token::getSignKeyPair() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like