OAuth2Client::__construct() - Code Metrics - Inspection of "better input testing" - fkooman/php-oauth2-client - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 4038ea...fdafb0 )

by François

created 2016-05-30 20:21 UTC

OAuth2Client::__construct() A

↳ Parent: OAuth2Client

Complexity

Conditions	2
Paths	2

Size

Total Lines	9
Code Lines	6

Duplication

Lines	0
Ratio	0 %

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
c	2
b	0
f	0
dl	0
loc	9
rs	9.6666
cc	2
eloc	6
nc	2
nop	3

<?php
/**
 * Copyright 2016 François Kooman <[email protected]>.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace fkooman\OAuth\Client;

use fkooman\OAuth\Client\Exception\OAuthException;

class OAuth2Client
{
    /** @var Provider */
    private $provider;

    /** @var HttpClientInterface */
    private $httpClient;

    /** @var RandomInterface */
    private $random;

    public function __construct(Provider $provider, HttpClientInterface $httpClient, RandomInterface $random = null)
    {
        $this->provider = $provider;
        $this->httpClient = $httpClient;
        if (is_null($random)) {
            $random = new Random();
        }
        $this->random = $random;
    }

    /**
     * Obtain an authorization request URL to start the authorization process
     * at the OAuth provider.
     *
     * @param string $scope       the space separated scope tokens
     * @param string $redirectUri the URL to redirect back to after coming back
     *                            from the OAuth provider (callback URL)
     *
     * @return string the authorization request URL
     */
    public function getAuthorizationRequestUri($scope, $redirectUri)
    {
        $state = $this->random->get();

        $queryParams = http_build_query(
            [
                'client_id' => $this->provider->getId(),
                'redirect_uri' => $redirectUri,
                'scope' => $scope,
                'state' => $state,
                'response_type' => 'code',
            ],
            '&'
        );

        return sprintf(
            '%s%s%s',
            $this->provider->getAuthorizationEndpoint(),
            false === strpos($this->provider->getAuthorizationEndpoint(), '?') ? '?' : '&',
            $queryParams
        );
    }

    /**
     * Obtain the access token from the OAuth provider after returning from the
     * OAuth provider on the redirectUri (callback URL).
     *
     * @param string $authorizationRequestUri    the original authorization
     *                                           request URL as obtained by getAuthorzationRequestUri
     * @param string $authorizationResponseCode  the code passed to the 'code' 
     *                                           query parameter on the callback URL
     * @param string $authorizationResponsestate the state passed to the 'state'
/**
 * @param array $germany
 * @param array $ireland
 */
function finale($germany, $island) {
    return "2:1";
}
     *                                           query parameter on the callback URL
     *
     * @return AccessToken
     */
    public function getAccessToken($authorizationRequestUri, $authorizationResponseCode, $authorizationResponseState)
    {
        self::requireNonEmptyStrings(func_get_args());

        // parse our authorizationRequestUri to extract the state
        if (false === strpos($authorizationRequestUri, '?')) {
            throw new OAuthException('invalid authorizationRequestUri');
        }

        parse_str(explode('?', $authorizationRequestUri)[1], $queryParams);

        if (!isset($queryParams['state'])) {
            throw new OAuthException('state missing from authorizationRequestUri');
        }

        if (!isset($queryParams['redirect_uri'])) {
            throw new OAuthException('redirect_uri missing from authorizationRequestUri');
        }

        if ($authorizationResponseState !== $queryParams['state']) {
            throw new OAuthException('state from authorizationRequestUri does not equal authorizationResponseState');
        }

        // prepare access_token request
        $tokenRequestData = [
            'client_id' => $this->provider->getId(),
            'grant_type' => 'authorization_code',
            'code' => $authorizationResponseCode,
            'redirect_uri' => $queryParams['redirect_uri'],
        ];

        $responseData = self::validateTokenResponse(
            $this->httpClient->post(
                $this->provider,
                $tokenRequestData
            )
        );

        return new AccessToken(
            $responseData['access_token'],
            $responseData['token_type'],
            $responseData['scope'],
            $responseData['expire_in']
        );
    }

    private static function validateTokenResponse(array $responseData)
    {
        if (!isset($responseData['access_token'])) {
            throw new OAuthException('no access_token received from token endpoint');
        }

        if (!isset($responseData['token_type'])) {
            throw new OAuthException('no token_type received from token endpoint');
        }

        if (!isset($responseData['scope'])) {
            $responseData['scope'] = null;
        }

        if (!isset($responseData['expires_in'])) {
            $responseData['expire_in'] = null;
        }

        return $responseData;
    }

    private static function requireNonEmptyStrings(array $strs)
    {
        foreach ($strs as $no => $str) {
            if (!is_string($str)) {
                throw new InvalidArgumentException(sprintf('parameter %d must be string', $no));
            }
            if (0 >= strlen($str)) {
                throw new DomainException(sprintf('parameter %d must be non-empty', $no));
            }
        }
    }
}


1			<?php
2			/**
3			* Copyright 2016 François Kooman <[email protected]>.
4			*
5			* Licensed under the Apache License, Version 2.0 (the "License");
6			* you may not use this file except in compliance with the License.
7			* You may obtain a copy of the License at
8			*
9			* http://www.apache.org/licenses/LICENSE-2.0
10			*
11			* Unless required by applicable law or agreed to in writing, software
12			* distributed under the License is distributed on an "AS IS" BASIS,
13			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14			* See the License for the specific language governing permissions and
15			* limitations under the License.
16			*/
17
18			namespace fkooman\OAuth\Client;
19
20			use fkooman\OAuth\Client\Exception\OAuthException;
21
22			class OAuth2Client
23			{
24			/** @var Provider */
25			private $provider;
26
27			/** @var HttpClientInterface */
28			private $httpClient;
29
30			/** @var RandomInterface */
31			private $random;
32
33			public function __construct(Provider $provider, HttpClientInterface $httpClient, RandomInterface $random = null)
34			{
35			$this->provider = $provider;
36			$this->httpClient = $httpClient;
37			if (is_null($random)) {
38			$random = new Random();
39			}
40			$this->random = $random;
41			}
42
43			/**
44			* Obtain an authorization request URL to start the authorization process
45			* at the OAuth provider.
46			*
47			* @param string $scope the space separated scope tokens
48			* @param string $redirectUri the URL to redirect back to after coming back
49			* from the OAuth provider (callback URL)
50			*
51			* @return string the authorization request URL
52			*/
53			public function getAuthorizationRequestUri($scope, $redirectUri)
54			{
55			$state = $this->random->get();
56
57			$queryParams = http_build_query(
58			[
59			'client_id' => $this->provider->getId(),
60			'redirect_uri' => $redirectUri,
61			'scope' => $scope,
62			'state' => $state,
63			'response_type' => 'code',
64			],
65			'&'
66			);
67
68			return sprintf(
69			'%s%s%s',
70			$this->provider->getAuthorizationEndpoint(),
71			false === strpos($this->provider->getAuthorizationEndpoint(), '?') ? '?' : '&',
72			$queryParams
73			);
74			}
75
76			/**
77			* Obtain the access token from the OAuth provider after returning from the
78			* OAuth provider on the redirectUri (callback URL).
79			*
80			* @param string $authorizationRequestUri the original authorization
81			* request URL as obtained by getAuthorzationRequestUri
82			* @param string $authorizationResponseCode the code passed to the 'code'
83			* query parameter on the callback URL
84			* @param string $authorizationResponsestate the state passed to the 'state'
			0 ignored issues – show Documentation introduced 2016-05-30 20:23 UTC by Report Bug Copy Issue Report There is no parameter named `$authorizationResponsestate`. Did you maybe mean `$authorizationResponseState`? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. It has, however, found a similar but not annotated parameter which might be a good fit. Consider the following example. The parameter `$ireland` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $ireland */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was changed, but the annotation was not. Loading history...
85			* query parameter on the callback URL
86			*
87			* @return AccessToken
88			*/
89			public function getAccessToken($authorizationRequestUri, $authorizationResponseCode, $authorizationResponseState)
90			{
91			self::requireNonEmptyStrings(func_get_args());
92
93			// parse our authorizationRequestUri to extract the state
94			if (false === strpos($authorizationRequestUri, '?')) {
95			throw new OAuthException('invalid authorizationRequestUri');
96			}
97
98			parse_str(explode('?', $authorizationRequestUri)[1], $queryParams);
99
100			if (!isset($queryParams['state'])) {
101			throw new OAuthException('state missing from authorizationRequestUri');
102			}
103
104			if (!isset($queryParams['redirect_uri'])) {
105			throw new OAuthException('redirect_uri missing from authorizationRequestUri');
106			}
107
108			if ($authorizationResponseState !== $queryParams['state']) {
109			throw new OAuthException('state from authorizationRequestUri does not equal authorizationResponseState');
110			}
111
112			// prepare access_token request
113			$tokenRequestData = [
114			'client_id' => $this->provider->getId(),
115			'grant_type' => 'authorization_code',
116			'code' => $authorizationResponseCode,
117			'redirect_uri' => $queryParams['redirect_uri'],
118			];
119
120			$responseData = self::validateTokenResponse(
121			$this->httpClient->post(
122			$this->provider,
123			$tokenRequestData
124			)
125			);
126
127			return new AccessToken(
128			$responseData['access_token'],
129			$responseData['token_type'],
130			$responseData['scope'],
131			$responseData['expire_in']
132			);
133			}
134
135			private static function validateTokenResponse(array $responseData)
136			{
137			if (!isset($responseData['access_token'])) {
138			throw new OAuthException('no access_token received from token endpoint');
139			}
140
141			if (!isset($responseData['token_type'])) {
142			throw new OAuthException('no token_type received from token endpoint');
143			}
144
145			if (!isset($responseData['scope'])) {
146			$responseData['scope'] = null;
147			}
148
149			if (!isset($responseData['expires_in'])) {
150			$responseData['expire_in'] = null;
151			}
152
153			return $responseData;
154			}
155
156			private static function requireNonEmptyStrings(array $strs)
157			{
158			foreach ($strs as $no => $str) {
159			if (!is_string($str)) {
160			throw new InvalidArgumentException(sprintf('parameter %d must be string', $no));
161			}
162			if (0 >= strlen($str)) {
163			throw new DomainException(sprintf('parameter %d must be non-empty', $no));
164			}
165			}
166			}
167			}
168

fkooman / php-oauth2-client

GitHub Access Token became invalid

Push — master ( 4038ea...fdafb0 )

OAuth2Client::__construct() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like