TokenAuthenticator::getCredentials() - Code Metrics - Inspection of "Fix readme badges" - components-web-app/api-components-bundle - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — feature/uploadable ( 7c6d25...a7ed20 )

by Daniel

created 2020-05-02 19:56 UTC

TokenAuthenticator::getCredentials() A

↳ Parent: TokenAuthenticator

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes

Metric	Value
cc	1
eloc	2
nc	1
nop	1
dl	0
loc	4
ccs	2
cts	2
cp	1
crap	1
rs	10
c	0
b	0
f	0

<?php

/*
 * This file is part of the Silverback API Components Bundle Project
 *
 * (c) Daniel West <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace Silverback\ApiComponentsBundle\Security;

use Silverback\ApiComponentsBundle\Entity\User\TokenUser;
use Silverback\ApiComponentsBundle\Exception\TokenAuthenticationException;
use Silverback\ApiComponentsBundle\Factory\Response\ResponseFactory;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;

/**
 * @author Daniel West <[email protected]>
 */
class TokenAuthenticator extends AbstractGuardAuthenticator
{
    private Security $security;
    private ResponseFactory $responseFactory;
    private array $tokens;

    public function __construct(Security $security, ResponseFactory $responseFactory, array $tokens = [])
    {
        $this->security = $security;
        $this->responseFactory = $responseFactory;
        $this->tokens = $tokens;
    }

    /**
     * Called on every request to decide if this authenticator should be
     * used for the request. Returning false will cause this authenticator
     * to be skipped.
     */
    public function supports(Request $request): bool
    {
        if ($this->security->getUser()) {
            return false;
        }

        return $request->headers->has('X-AUTH-TOKEN');
    }

    /**
     * Called on every request. Return whatever credentials you want to
     * be passed to getUser() as $credentials.
     */
    public function getCredentials(Request $request): array
    {
        return [
            'token' => $request->headers->get('X-AUTH-TOKEN'),
        ];
    }

    public function getUser($credentials, UserProviderInterface $userProvider = null): ?TokenUser
    {
        $apiToken = $credentials['token'];
        if (null === $apiToken || !\in_array($apiToken, $this->tokens, true)) {
            throw new TokenAuthenticationException('The authentication token provided in the X-AUTH-TOKEN header is invalid');
        }

        return new TokenUser();
    }

    public function checkCredentials($credentials, UserInterface $user): bool
    {
        return true;
    }

    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey): void
    {
    }

    public function onAuthenticationFailure(Request $request, AuthenticationException $exception): Response
    {
        $data = [
            'message' => strtr($exception->getMessageKey(), $exception->getMessageData()),
        ];

        return $this->responseFactory->create($request, $data, Response::HTTP_FORBIDDEN);
    }

    /**
     * Called when authentication is needed, but it's not sent.
     */
    public function start(Request $request, AuthenticationException $authException = null): Response
    {
        $data = [
            'message' => 'Token Authentication Required',
        ];

        return $this->responseFactory->create($request, $data, Response::HTTP_UNAUTHORIZED);
    }

    public function supportsRememberMe(): bool
    {
        return false;
    }
}


1		<?php
2
3		/*
4		* This file is part of the Silverback API Components Bundle Project
5		*
6		* (c) Daniel West <[email protected]>
7		*
8		* For the full copyright and license information, please view the LICENSE
9		* file that was distributed with this source code.
10		*/
11
12		declare(strict_types=1);
13
14		namespace Silverback\ApiComponentsBundle\Security;
15
16		use Silverback\ApiComponentsBundle\Entity\User\TokenUser;
17		use Silverback\ApiComponentsBundle\Exception\TokenAuthenticationException;
18		use Silverback\ApiComponentsBundle\Factory\Response\ResponseFactory;
19		use Symfony\Component\HttpFoundation\Request;
20		use Symfony\Component\HttpFoundation\Response;
21		use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
22		use Symfony\Component\Security\Core\Exception\AuthenticationException;
23		use Symfony\Component\Security\Core\Security;
24		use Symfony\Component\Security\Core\User\UserInterface;
25		use Symfony\Component\Security\Core\User\UserProviderInterface;
26		use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
27
28		/**
29		* @author Daniel West <[email protected]>
30		*/
31		class TokenAuthenticator extends AbstractGuardAuthenticator
32		{
33		private Security $security;
34		private ResponseFactory $responseFactory;
35		private array $tokens;
36
37	12	public function __construct(Security $security, ResponseFactory $responseFactory, array $tokens = [])
38		{
39	12	$this->security = $security;
40	12	$this->responseFactory = $responseFactory;
41	12	$this->tokens = $tokens;
42	12	}
43
44		/**
45		* Called on every request to decide if this authenticator should be
46		* used for the request. Returning false will cause this authenticator
47		* to be skipped.
48		*/
49	3	public function supports(Request $request): bool
50		{
51	3	if ($this->security->getUser()) {
52	1	return false;
53		}
54
55	2	return $request->headers->has('X-AUTH-TOKEN');
56		}
57
58		/**
59		* Called on every request. Return whatever credentials you want to
60		* be passed to getUser() as $credentials.
61		*/
62	1	public function getCredentials(Request $request): array
63		{
64		return [
65	1	'token' => $request->headers->get('X-AUTH-TOKEN'),
66		];
67		}
68
69	3	public function getUser($credentials, UserProviderInterface $userProvider = null): ?TokenUser
70		{
71	3	$apiToken = $credentials['token'];
72	3	if (null === $apiToken \|\| !\in_array($apiToken, $this->tokens, true)) {
73	2	throw new TokenAuthenticationException('The authentication token provided in the X-AUTH-TOKEN header is invalid');
74		}
75
76	1	return new TokenUser();
77		}
78
79	1	public function checkCredentials($credentials, UserInterface $user): bool
80		{
81	1	return true;
82		}
83
84	1	public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey): void
85		{
86	1	}
87
88	1	public function onAuthenticationFailure(Request $request, AuthenticationException $exception): Response
89		{
90		$data = [
91	1	'message' => strtr($exception->getMessageKey(), $exception->getMessageData()),
92		];
93
94	1	return $this->responseFactory->create($request, $data, Response::HTTP_FORBIDDEN);
95		}
96
97		/**
98		* Called when authentication is needed, but it's not sent.
99		*/
100	1	public function start(Request $request, AuthenticationException $authException = null): Response
101		{
102		$data = [
103	1	'message' => 'Token Authentication Required',
104		];
105
106	1	return $this->responseFactory->create($request, $data, Response::HTTP_UNAUTHORIZED);
107		}
108
109	1	public function supportsRememberMe(): bool
110		{
111	1	return false;
112		}
113		}
114

components-web-app / api-components-bundle

Push — feature/uploadable ( 7c6d25...a7ed20 )

TokenAuthenticator::getCredentials() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like