Issues in OAuthProtocolHelper.php - Failed Issues - Inspection of "Remove OAuth base URL from config (migrate to doma..." - enwikipedia-acc/waca - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — multiproject/domainsettings ( c67fcc )

by Simon

created 2022-03-14 20:35 UTC

includes/Helpers/OAuthProtocolHelper.php (1 issue)

Labels

Severity

Major 1

<?php
/******************************************************************************
 * Wikipedia Account Creation Assistance tool                                 *
 *                                                                            *
 * All code in this file is released into the public domain by the ACC        *
 * Development Team. Please see team.json for a list of contributors.         *
 ******************************************************************************/

namespace Waca\Helpers;

use MediaWiki\OAuthClient\Client;
use MediaWiki\OAuthClient\ClientConfig;
use MediaWiki\OAuthClient\Consumer;
use MediaWiki\OAuthClient\Token;
use Waca\DataObjects\Domain;
use Waca\Exceptions\CurlException;
use Waca\PdoDatabase;

class OAuthProtocolHelper implements Interfaces\IOAuthProtocolHelper
{
    private $authUrl;
    /**
     * @var PdoDatabase
     */
    private $database;
    /**
     * @var string
     */
    private $consumerKey;
    /**
     * @var string
     */
    private $consumerSecret;
    /**
     * @var string
     */
    private $userAgent;

    /**
     * OAuthHelper constructor.
     *
     * @param string     $consumerKey
     * @param string     $consumerSecret
     * @param PdoDatabase $database
     * @param string      $userAgent
     */
    public function __construct(
        $consumerKey,
        $consumerSecret,
        PdoDatabase $database,
        $userAgent
    ) {
        $this->consumerKey = $consumerKey;
        $this->consumerSecret = $consumerSecret;
        $this->userAgent = $userAgent;
        $this->database = $database;
    }

    /**
     * @inheritDoc
     */
    public function getRequestToken()
    {
        /** @var Token $requestToken */

        // FIXME: domains!
        /** @var Domain $domain */
        $domain = Domain::getById(1, $this->database);

        list($authUrl, $requestToken) = $this->getClient($domain)->initiate();
        $this->authUrl = $authUrl;
        return $requestToken;
    }

    /**
     * @inheritDoc
     */
    public function getAuthoriseUrl($requestToken)
    {
        return $this->authUrl;
    }

    /**
     * @inheritDoc
     */
    public function callbackCompleted($oauthRequestToken, $oauthRequestSecret, $oauthVerifier)
    {
        $requestToken = new Token($oauthRequestToken, $oauthRequestSecret);

        // FIXME: domains!
        /** @var Domain $domain */
        $domain = Domain::getById(1, $this->database);

        return $this->getClient($domain)->complete($requestToken, $oauthVerifier);
interface HasName {
    /** @return string */
    public function getName();
}

class Name {
    public $name;
}

class User implements HasName {
    /** @return string|Name */
    public function getName() {
        return new Name('foo'); // This is a violation of the ``HasName`` interface
                                // which only allows a string value to be returned.
    }
}
    }

    /**
     * @inheritDoc
     */
    public function getIdentityTicket($oauthAccessToken, $oauthAccessSecret)
    {
        // FIXME: domains!
        /** @var Domain $domain */
        $domain = Domain::getById(1, $this->database);

        return $this->getClient($domain)->identify(new Token($oauthAccessToken, $oauthAccessSecret));
    }

    /**
     * @inheritDoc
     */
    public function apiCall($apiParams, $accessToken, $accessSecret, $method = 'GET')
    {
        $userToken = new Token($accessToken, $accessSecret);

        $apiParams['format'] = 'json';

        if ($apiParams === null || !is_array($apiParams)) {
            throw new CurlException("Invalid API call");
        }

        // FIXME: domains!
        /** @var Domain $domain */
        $domain = Domain::getById(1, $this->database);

        $url = $domain->getWikiApiPath();
        $isPost = ($method === 'POST');

        if ($method === 'GET') {
            $query = http_build_query($apiParams);
            $url .= '?' . $query;
            $apiParams = null;
        }

        $data = $this->getClient($domain)->makeOAuthCall($userToken, $url, $isPost, $apiParams);

        return json_decode($data);
    }

    /**
     * @param string $oauthEndpoint
     *
     * @return Client
     */
    protected function getClient(Domain $domain) : Client
    {
        $oauthClientConfig = new ClientConfig($domain->getWikiArticlePath() . "?title=Special:OAuth");
        $oauthClientConfig->setConsumer(new Consumer($this->consumerKey, $this->consumerSecret));
        $oauthClientConfig->setUserAgent($this->userAgent);
        return new Client($oauthClientConfig);
    }
}


1			<?php
2			/******************************************************************************
3			* Wikipedia Account Creation Assistance tool *
4			* *
5			* All code in this file is released into the public domain by the ACC *
6			* Development Team. Please see team.json for a list of contributors. *
7			******************************************************************************/
8
9			namespace Waca\Helpers;
10
11			use MediaWiki\OAuthClient\Client;
12			use MediaWiki\OAuthClient\ClientConfig;
13			use MediaWiki\OAuthClient\Consumer;
14			use MediaWiki\OAuthClient\Token;
15			use Waca\DataObjects\Domain;
16			use Waca\Exceptions\CurlException;
17			use Waca\PdoDatabase;
18
19			class OAuthProtocolHelper implements Interfaces\IOAuthProtocolHelper
20			{
21			private $authUrl;
22			/**
23			* @var PdoDatabase
24			*/
25			private $database;
26			/**
27			* @var string
28			*/
29			private $consumerKey;
30			/**
31			* @var string
32			*/
33			private $consumerSecret;
34			/**
35			* @var string
36			*/
37			private $userAgent;
38
39			/**
40			* OAuthHelper constructor.
41			*
42			* @param string $consumerKey
43			* @param string $consumerSecret
44			* @param PdoDatabase $database
45			* @param string $userAgent
46			*/
47			public function __construct(
48			$consumerKey,
49			$consumerSecret,
50			PdoDatabase $database,
51			$userAgent
52			) {
53			$this->consumerKey = $consumerKey;
54			$this->consumerSecret = $consumerSecret;
55			$this->userAgent = $userAgent;
56			$this->database = $database;
57			}
58
59			/**
60			* @inheritDoc
61			*/
62			public function getRequestToken()
63			{
64			/** @var Token $requestToken */
65
66			// FIXME: domains!
67			/** @var Domain $domain */
68			$domain = Domain::getById(1, $this->database);
69
70			list($authUrl, $requestToken) = $this->getClient($domain)->initiate();
71			$this->authUrl = $authUrl;
72			return $requestToken;
73			}
74
75			/**
76			* @inheritDoc
77			*/
78			public function getAuthoriseUrl($requestToken)
79			{
80			return $this->authUrl;
81			}
82
83			/**
84			* @inheritDoc
85			*/
86			public function callbackCompleted($oauthRequestToken, $oauthRequestSecret, $oauthVerifier)
87			{
88			$requestToken = new Token($oauthRequestToken, $oauthRequestSecret);
89
90			// FIXME: domains!
91			/** @var Domain $domain */
92			$domain = Domain::getById(1, $this->database);
93
94			return $this->getClient($domain)->complete($requestToken, $oauthVerifier);
			0 ignored issues – show Bug Best Practice introduced 2022-03-14 20:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `return $this->getClient(...tToken, $oauthVerifier)` returns the type `MediaWiki\OAuthClient\Token` which is incompatible with the return type mandated by `Waca\Helpers\Interfaces\...er::callbackCompleted()` of `stdClass`. In the issue above, the returned value is violating the contract defined by the mentioned interface. Let's take a look at an example: interface HasName { /** @return string / public function getName(); } class Name { public $name; } class User implements HasName { /* @return string\|Name */ public function getName() { return new Name('foo'); // This is a violation of the ``HasName`` interface // which only allows a string value to be returned. } } Loading history...
95			}
96
97			/**
98			* @inheritDoc
99			*/
100			public function getIdentityTicket($oauthAccessToken, $oauthAccessSecret)
101			{
102			// FIXME: domains!
103			/** @var Domain $domain */
104			$domain = Domain::getById(1, $this->database);
105
106			return $this->getClient($domain)->identify(new Token($oauthAccessToken, $oauthAccessSecret));
107			}
108
109			/**
110			* @inheritDoc
111			*/
112			public function apiCall($apiParams, $accessToken, $accessSecret, $method = 'GET')
113			{
114			$userToken = new Token($accessToken, $accessSecret);
115
116			$apiParams['format'] = 'json';
117
118			if ($apiParams === null \|\| !is_array($apiParams)) {
119			throw new CurlException("Invalid API call");
120			}
121
122			// FIXME: domains!
123			/** @var Domain $domain */
124			$domain = Domain::getById(1, $this->database);
125
126			$url = $domain->getWikiApiPath();
127			$isPost = ($method === 'POST');
128
129			if ($method === 'GET') {
130			$query = http_build_query($apiParams);
131			$url .= '?' . $query;
132			$apiParams = null;
133			}
134
135			$data = $this->getClient($domain)->makeOAuthCall($userToken, $url, $isPost, $apiParams);
136
137			return json_decode($data);
138			}
139
140			/**
141			* @param string $oauthEndpoint
142			*
143			* @return Client
144			*/
145			protected function getClient(Domain $domain) : Client
146			{
147			$oauthClientConfig = new ClientConfig($domain->getWikiArticlePath() . "?title=Special:OAuth");
148			$oauthClientConfig->setConsumer(new Consumer($this->consumerKey, $this->consumerSecret));
149			$oauthClientConfig->setUserAgent($this->userAgent);
150			return new Client($oauthClientConfig);
151			}
152			}
153

enwikipedia-acc / waca

Push — multiproject/domainsettings ( c67fcc )

includes/Helpers/OAuthProtocolHelper.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like