AbstractAccessTokenAuthenticator - Code Metrics - Inspection of "Fixing CleanUpAccessTokensCommand" - dontdrinkandroot/rest-bundle.php - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( beec4b...b0a6d2 )

by Philip

created 2017-07-19 09:26 UTC

AbstractAccessTokenAuthenticator A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	152
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	8

Test Coverage

Coverage

75.56%

Importance

Changes

Metric	Value
wmc	18
lcom	1
cbo	8
dl	0
loc	152
ccs	34
cts	45
cp	0.7556
rs	10
c	0
b	0
f	0

12 Methods

Rating	Name	Size	Complexity
A	supportsToken()	4	2
A	onAuthenticationFailure()	4	1
A	getTokenQueryParameterName()	4	1
A	setTokenQueryParameterName()	4	1
A	getTokenHeaderName()	4	1
A	setTokenHeaderName()	4	1
A	isTokenRequired()	4	1
A	setTokenRequired()	4	1
A	createTokenMissingException()	4	1
	findUserByToken()	1	?
A	authenticateToken()	20	3
B	createToken()	21	5

<?php

namespace Dontdrinkandroot\RestBundle\Security;

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
use Symfony\Component\Security\Http\Authentication\SimplePreAuthenticatorInterface;

/**
 * @author Philip Washington Sorst <[email protected]>
 */
abstract class AbstractAccessTokenAuthenticator
    implements SimplePreAuthenticatorInterface, AuthenticationFailureHandlerInterface
{
    const DEFAULT_TOKEN_QUERY_PARAMETER_NAME = 'token';
    const DEFAULT_TOKEN_HEADER_NAME = 'X-Access-Token';

    /**
     * @var string
     */
    protected $tokenQueryParameterName = self::DEFAULT_TOKEN_QUERY_PARAMETER_NAME;

    /**
     * @var string
     */
    protected $tokenHeaderName = self::DEFAULT_TOKEN_HEADER_NAME;

    /**
     * If set to true an AuthenticationException will be thrown if no Access Token was found. Otherwise if will simply
     * continue with other authentication methods.
     *
     * @var bool
     */
    protected $tokenRequired = false;

    /**
     * {@inheritdoc}
     */
    public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
    {
        $tokenString = $token->getCredentials();

        $user = $this->findUserByToken($tokenString);

        if (null === $user || !$user instanceof UserInterface) {
            throw new AuthenticationException('Invalid Access Token');
        }

        $userRoles = $user->getRoles();
        $userRoles[] = 'ROLE_REST_API';

        return new PreAuthenticatedToken(
            $user,
            $tokenString,
            $providerKey,
            $userRoles
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
        );
    }

    /**
     * {@inheritdoc}
     */
    public function supportsToken(TokenInterface $token, $providerKey)
    {
        return $token instanceof PreAuthenticatedToken && $token->getProviderKey() === $providerKey;
    }

    /**
     * {@inheritdoc}
     */
    public function createToken(Request $request, $providerKey)
    {
        $token = $request->query->get($this->getTokenQueryParameterName());
        if (null === $token) {
            $token = $request->headers->get($this->getTokenHeaderName());
        }

        if (null === $token || 'null' === $token) {
            if ($this->tokenRequired) {
                throw $this->createTokenMissingException();
            } else {
                return null;
            }
        }

        return new PreAuthenticatedToken(
            'anon.',
            $token,
            $providerKey
        );
    }

    /**
     * {@inheritdoc}
     */
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        throw new BadCredentialsException($exception->getMessage(), Response::HTTP_FORBIDDEN, $exception);
    }

    /**
     * @return string
     */
    public function getTokenQueryParameterName()
    {
        return $this->tokenQueryParameterName;
    }

    /**
     * @param $tokenQueryName
     */
    public function setTokenQueryParameterName($tokenQueryName)
    {
        $this->tokenQueryParameterName = $tokenQueryName;
    }

    /**
     * @return string
     */
    public function getTokenHeaderName()
    {
        return $this->tokenHeaderName;
    }

    /**
     * @param $tokenHeaderName
     */
    public function setTokenHeaderName($tokenHeaderName)
    {
        $this->tokenHeaderName = $tokenHeaderName;
    }

    /**
     * @return bool
     */
    public function isTokenRequired()
    {
        return $this->tokenRequired;
    }

    /**
     * @param bool $tokenRequired
     */
    public function setTokenRequired($tokenRequired)
    {
        $this->tokenRequired = $tokenRequired;
    }

    /**
     * @return AuthenticationException
     */
    protected function createTokenMissingException()
    {
        return new BadCredentialsException('No Access Token found');
    }

    /**
     * @param $token
     *
     * @return UserInterface|null
     */
    protected abstract function findUserByToken($token);
}


1		<?php
2
3		namespace Dontdrinkandroot\RestBundle\Security;
4
5		use Symfony\Component\HttpFoundation\Request;
6		use Symfony\Component\HttpFoundation\Response;
7		use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
8		use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
9		use Symfony\Component\Security\Core\Exception\AuthenticationException;
10		use Symfony\Component\Security\Core\Exception\BadCredentialsException;
11		use Symfony\Component\Security\Core\User\UserInterface;
12		use Symfony\Component\Security\Core\User\UserProviderInterface;
13		use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
14		use Symfony\Component\Security\Http\Authentication\SimplePreAuthenticatorInterface;
15
16		/**
17		* @author Philip Washington Sorst <[email protected]>
18		*/
19		abstract class AbstractAccessTokenAuthenticator
20		implements SimplePreAuthenticatorInterface, AuthenticationFailureHandlerInterface
21		{
22		const DEFAULT_TOKEN_QUERY_PARAMETER_NAME = 'token';
23		const DEFAULT_TOKEN_HEADER_NAME = 'X-Access-Token';
24
25		/**
26		* @var string
27		*/
28		protected $tokenQueryParameterName = self::DEFAULT_TOKEN_QUERY_PARAMETER_NAME;
29
30		/**
31		* @var string
32		*/
33		protected $tokenHeaderName = self::DEFAULT_TOKEN_HEADER_NAME;
34
35		/**
36		* If set to true an AuthenticationException will be thrown if no Access Token was found. Otherwise if will simply
37		* continue with other authentication methods.
38		*
39		* @var bool
40		*/
41		protected $tokenRequired = false;
42
43		/**
44		* {@inheritdoc}
45		*/
46	48	public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
47		{
48	48	$tokenString = $token->getCredentials();
49
50	48	$user = $this->findUserByToken($tokenString);
51
52	48	if (null === $user \|\| !$user instanceof UserInterface) {
53	2	throw new AuthenticationException('Invalid Access Token');
54		}
55
56	48	$userRoles = $user->getRoles();
57	48	$userRoles[] = 'ROLE_REST_API';
58
59	48	return new PreAuthenticatedToken(
60	48	$user,
61	48	$tokenString,
62	48	$providerKey,
63	48	$userRoles
		0 ignored issues – show Documentation introduced 2017-07-19 09:35 UTC by Report Bug Copy Issue Report `$userRoles` is of type `array<integer,object<Sym...Core\Role\Role>\|string>`, but the function expects a `array<integer,object<Sym...\RoleInterface>\|string>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
64		);
65		}
66
67		/**
68		* {@inheritdoc}
69		*/
70	88	public function supportsToken(TokenInterface $token, $providerKey)
71		{
72	88	return $token instanceof PreAuthenticatedToken && $token->getProviderKey() === $providerKey;
73		}
74
75		/**
76		* {@inheritdoc}
77		*/
78	88	public function createToken(Request $request, $providerKey)
79		{
80	88	$token = $request->query->get($this->getTokenQueryParameterName());
81	88	if (null === $token) {
82	88	$token = $request->headers->get($this->getTokenHeaderName());
83		}
84
85	88	if (null === $token \|\| 'null' === $token) {
86	44	if ($this->tokenRequired) {
87		throw $this->createTokenMissingException();
88		} else {
89	44	return null;
90		}
91		}
92
93	48	return new PreAuthenticatedToken(
94	48	'anon.',
95	48	$token,
96	48	$providerKey
97		);
98		}
99
100		/**
101		* {@inheritdoc}
102		*/
103	2	public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
104		{
105	2	throw new BadCredentialsException($exception->getMessage(), Response::HTTP_FORBIDDEN, $exception);
106		}
107
108		/**
109		* @return string
110		*/
111	88	public function getTokenQueryParameterName()
112		{
113	88	return $this->tokenQueryParameterName;
114		}
115
116		/**
117		* @param $tokenQueryName
118		*/
119		public function setTokenQueryParameterName($tokenQueryName)
120		{
121		$this->tokenQueryParameterName = $tokenQueryName;
122		}
123
124		/**
125		* @return string
126		*/
127	88	public function getTokenHeaderName()
128		{
129	88	return $this->tokenHeaderName;
130		}
131
132		/**
133		* @param $tokenHeaderName
134		*/
135		public function setTokenHeaderName($tokenHeaderName)
136		{
137		$this->tokenHeaderName = $tokenHeaderName;
138		}
139
140		/**
141		* @return bool
142		*/
143		public function isTokenRequired()
144		{
145		return $this->tokenRequired;
146		}
147
148		/**
149		* @param bool $tokenRequired
150		*/
151	91	public function setTokenRequired($tokenRequired)
152		{
153	91	$this->tokenRequired = $tokenRequired;
154	91	}
155
156		/**
157		* @return AuthenticationException
158		*/
159		protected function createTokenMissingException()
160		{
161		return new BadCredentialsException('No Access Token found');
162		}
163
164		/**
165		* @param $token
166		*
167		* @return UserInterface\|null
168		*/
169		protected abstract function findUserByToken($token);
170		}
171

dontdrinkandroot / rest-bundle.php

Push — master ( beec4b...b0a6d2 )

AbstractAccessTokenAuthenticator A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

12 Methods

Duplication Side-by-Side

Filter issues like