Jwt::validateToken() - Code Metrics - Inspection of "update" - edenleung/think-jwt - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed
Push — master ( 7dffd8...7656e9 )

by LEUNG
created 2020-03-18 04:25 UTC
Jwt::validateToken() B

↳ Parent: Jwt
Complexity

Conditions	7
Paths	7
Size

Total Lines	36
Code Lines	19
Duplication

Lines	0
Ratio	0 %
Code Coverage

Tests	10
CRAP Score	7.2269
Importance

Changes
Metric	Value
cc	7
eloc	19
nc	7
nop	0
dl	0
loc	36
ccs	10
cts	12
cp	0.8333
crap	7.2269
rs	8.8333
c	0
b	0
f	0
<?php

declare(strict_types=1);

namespace xiaodi\JWTAuth;

use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Parser;
use Lcobucci\JWT\Token;
use Lcobucci\JWT\ValidationData;
use think\App;
use think\Model;
use xiaodi\JWTAuth\Exception\JWTException;
use xiaodi\JWTAuth\Exception\JWTInvalidArgumentException;
use xiaodi\JWTAuth\Exception\TokenAlreadyEexpired;
use xiaodi\JWTAuth\Handle\RequestToken;

class Jwt
{
    /**
     * @var User
     */
    private $user;

    /**
     * @var Token
     */
    private $token;

    /**
     * @var Manager
     */
    private $manager;

    /**
     * @var Builder
     */
    private $builder;

    use \xiaodi\JWTAuth\Traits\Jwt;


    public function __construct(App $app, Manager $manager, Builder $builder, User $user)
    {
        $this->app = $app;

        $this->manager = $manager;
        $this->builder = $builder;
        $this->user = $user;

        $config = $this->getConfig();
        foreach ($config as $key => $v) {
            $this->$key = $v;
        }
    }

    /**
     * 获取jwt配置.
     *
     * @return array
     */
    public function getConfig(): array
    {
        return $this->app->config->get('jwt.default', []);
    }

    /**
     * 生成 Token.
     *
     * @param array $claims
     *
     * @return Token
     */
    public function token(array $claims): Token
    {
        $uniqid = $this->makeTokenId($claims);

        $this->builder->setIssuer($this->iss())
        $this->builder->setIssuer(/** @scrutinizer ignore-type */ $this->iss())
            ->setAudience($this->aud())
            ->setAudience(/** @scrutinizer ignore-type */ $this->aud())
            ->setId($uniqid, true)
            ->setIssuedAt(time())
            ->setNotBefore(time() + $this->notBefore())
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {
            ->setExpiration(time() + $this->ttl());
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {

        foreach ($claims as $key => $claim) {
            $this->builder->set($key, $claim);
            /** @scrutinizer ignore-deprecated */ $this->builder->set($key, $claim);
        }

        $token = $this->builder->getToken($this->getSigner(), $this->makeSignerKey());

        $this->manager->login($token);

        return $token;
    }

    /**
     * 生成 Token ID.
     *
     * @param array $claims
     *
     * @return string
     */
    private function makeTokenId(array $claims): string
    {
        if (empty($claims[$this->getUniqidKey()])) {
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {
            throw new JWTException('用户唯一值·uniqidKey·未配置', 500);
        }

        return (string) $claims[$this->getUniqidKey()];
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {
    }

    /**
     * 获取 当前用户.
     *
     * @return Model
     */
    public function user(): Model
    {
        return $this->user->get();
    }

    /**
     * 刷新 Token.
     *
     * @param Token $token
     * @return Token
     */
    public function refresh(Token $token = null): Token
    {
        $token = $token ?: $this->getRequestToken();

        $claims = $token->getClaims();

        unset($claims['iat']);
        unset($claims['jti']);
        unset($claims['nbf']);
        unset($claims['exp']);
        unset($claims['iss']);
        unset($claims['aud']);

        // 加入黑名单
        $this->manager->refresh($token);

        return $this->token($claims);
    }

    /**
     * 自动获取请求下的Token.
     *
     * @return Token
     */
    protected function getRequestToken(): Token
    {
        $requestToken = new RequestToken($this->app);

        $token = $requestToken->getToken($this->type());

        try {
            $token = (new Parser())->parse($token);
        } catch (\InvalidArgumentException $e) {
            throw new JWTInvalidArgumentException('此 Token 解析失败', 500);
        }

        return $token;
    }

    /**
     * 解析 Token.
     *
     * @return Token
     */
    public function parseToken(): Token
    {
        $token = $this->getRequestToken();

        return $token;
    }

    /**
     * 登出.
     * @param Token $token
     * @return void
     */
    public function logout(Token $token = null)
    {
        $this->token = $token ?: $this->getRequestToken();

        $this->manager->logout($this->token);
    }

    /**
     * 验证 Token.
     *
     * @param Token $token
     *
     * @return bool
     */
    public function verify(Token $token = null)
    {
        $this->token = $token ?: $this->getRequestToken();

        try {
            $this->validateToken();
        } catch (\BadMethodCallException $e) {
            throw new JWTException('此 Token 未进行签名', 500);
        }

        return true;
    }

    /**
     * 效验 Token.
     *
     * @return void
     */
    protected function validateToken()
    {
        // 验证密钥是否与创建签名的密钥一致
        if (false === $this->token->verify($this->getSigner(), $this->makeSignerKey())) {
        if (false === $this->token->verify($this->getSigner(), /** @scrutinizer ignore-type */ $this->makeSignerKey())) {
            throw new JWTException('此 Token 与 密钥不匹配', 500);
        }

        // 是否可用
        $exp = $this->token->getClaim('nbf');
        if (time() < $exp) {
            throw new JWTException('此 Token 暂未可用', 500);
        }

        // 是否在黑名单
        if ($this->manager->hasBlacklist($this->token)) {
            throw new JWTException('此 Token 已注销', 500);
        }

        // 是否已过期
        if ($this->token->isExpired()) {
            if (time() < ($this->token->getClaim('iat') + $this->refreshTTL())) {
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {
                throw new TokenAlreadyEexpired('Token 已过期，请重新刷新', $this->getAlreadyCode());
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {
            } else {
                throw new TokenAlreadyEexpired('Token 刷新时间已过，请重新登录', $this->getReloginCode());
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {
            }
        }

        $data = new ValidationData();

        $jwt_id = $this->token->getHeader('jti');
        $data->setIssuer($this->iss());
        $data->setIssuer(/** @scrutinizer ignore-type */ $this->iss());
        $data->setAudience($this->aud());
        $data->setAudience(/** @scrutinizer ignore-type */ $this->aud());
        $data->setId($jwt_id);

        if (!$this->token->validate($data)) {
            throw new JWTException('此 Token 效验不通过', 500);
        }
    }
}

edenleung / think-jwt

Push — master ( 7dffd8...7656e9 )

Jwt::validateToken() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like
