ScaleEngineRequestVisitor::_getSignature() - Code Metrics - Inspection of "Initial commit of scaleengine-api-client." - flocasts/scaleengine-api-client - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#1)

by Spencer

created 2016-03-09 18:59 UTC

ScaleEngineRequestVisitor::_getSignature() A

↳ Parent: ScaleEngineRequestVisitor

Complexity

Conditions	1
Paths	1

Size

Total Lines	6
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
c	1
b	0
f	0
dl	0
loc	6
rs	9.4285
cc	1
eloc	3
nc	1
nop	1

<?php
namespace FloSports\ScaleEngine\Visitor;

use Guzzle\Http\Message\RequestInterface;
use Guzzle\Service\Command\CommandInterface;
use Guzzle\Service\Command\LocationVisitor\Request\AbstractRequestVisitor;
use Guzzle\Service\Description\Parameter;
use SplObjectStorage;

/**
 * Visitor used to apply a parameter to an array that will be signed and
 * serialized as a POST field named json in the response in accordance with
 * ScaleEngine's API format.
 */
class ScaleEngineRequestVisitor extends AbstractRequestVisitor
{
    /** @type \SplObjectStorage Data object for persisting JSON data. */
    private $_storage;

    /** @type string The API secret used to sign requests. */
    private $_apiSecret;

    /**
     * Create the visitor, initializing the SPL Object Storage.
     *
     * @param string $apiKey The API secret used to sign requests.
/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}
     */
    public function __construct($apiSecret)
    {
        $this->_storage = new SplObjectStorage();
        $this->_apiSecret = $apiSecret;
    }

    /**
     * Handle a single parameter for a command.
     *
     * Each command has it's own storage inside the SPL Object Storage.  This
     * adds the parameter/value to the storage for that command, after
     * processing any filters, etc. for the parameter.
     *
     * @param CommandInterface $command The command the parameter is for.
     * @param RequestInterface $request The HTTP request being prepared.
     *     Unused.
     * @param Parameter $param The parameter definition being set.
     * @param mixed $value The value the parameter is being set to.
     * @return void
     */
    public function visit(CommandInterface $command, RequestInterface $request, Parameter $param, $value)
    {
        $data = isset($this->_storage[$command]) ? $this->_storage[$command] : [];
        $data[$param->getWireName()] = $this->prepareValue($value, $param);
        $this->_storage[$command] = $data;
    }

    /**
     * Finalizes the data for a request and sets it in the response.
     *
     * ScaleEngine requires a signature of the request to be added to the
     * request.  The data is then JSON-encoded and shoved into a POST field
     * named `json`.
     *
     * @param CommandInterface $command The command being sent.
     * @param RequestInterface $request The HTTP request being prepared.  Will
     *     be modified with the serialized data added as a POST field.
     * @return void
     */
    public function after(CommandInterface $command, RequestInterface $request)
    {
        if (!isset($this->_storage[$command])) {
            return;
        }

        $data = $this->_storage[$command];
        unset($this->_storage[$command]);

        $data['timestamp'] = isset($data['timestamp']) ? $data['timestamp'] : time();
        $data['signature'] = $this->_getSignature($data);

        $request->setPostField('json', json_encode($data));
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
    }

    /**
     * Gets the signature of the data using ScaleEngine's algorithm.
     *
     * This is a potentially fragile method as it could break if `json_encode`
     * changes.
     *
     * @param array $data The data from the request to sign.
     * @return string The base64-encoded signature of the data.
     */
    private function _getSignature(array $data)
    {
        $json = json_encode($data);

        return base64_encode(hash_hmac('sha256', $json, $this->_apiSecret, true));
    }
}


1			<?php
2			namespace FloSports\ScaleEngine\Visitor;
3
4			use Guzzle\Http\Message\RequestInterface;
5			use Guzzle\Service\Command\CommandInterface;
6			use Guzzle\Service\Command\LocationVisitor\Request\AbstractRequestVisitor;
7			use Guzzle\Service\Description\Parameter;
8			use SplObjectStorage;
9
10			/**
11			* Visitor used to apply a parameter to an array that will be signed and
12			* serialized as a POST field named json in the response in accordance with
13			* ScaleEngine's API format.
14			*/
15			class ScaleEngineRequestVisitor extends AbstractRequestVisitor
16			{
17			/** @type \SplObjectStorage Data object for persisting JSON data. */
18			private $_storage;
19
20			/** @type string The API secret used to sign requests. */
21			private $_apiSecret;
22
23			/**
24			* Create the visitor, initializing the SPL Object Storage.
25			*
26			* @param string $apiKey The API secret used to sign requests.
			0 ignored issues – show Bug introduced 2016-03-09 19:03 UTC by Report Bug Copy Issue Report There is no parameter named `$apiKey`. Was it maybe removed? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter `$italy` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $island * @param array $italy */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was removed, but the annotation was not. Loading history...
27			*/
28			public function __construct($apiSecret)
29			{
30			$this->_storage = new SplObjectStorage();
31			$this->_apiSecret = $apiSecret;
32			}
33
34			/**
35			* Handle a single parameter for a command.
36			*
37			* Each command has it's own storage inside the SPL Object Storage. This
38			* adds the parameter/value to the storage for that command, after
39			* processing any filters, etc. for the parameter.
40			*
41			* @param CommandInterface $command The command the parameter is for.
42			* @param RequestInterface $request The HTTP request being prepared.
43			* Unused.
44			* @param Parameter $param The parameter definition being set.
45			* @param mixed $value The value the parameter is being set to.
46			* @return void
47			*/
48			public function visit(CommandInterface $command, RequestInterface $request, Parameter $param, $value)
49			{
50			$data = isset($this->_storage[$command]) ? $this->_storage[$command] : [];
51			$data[$param->getWireName()] = $this->prepareValue($value, $param);
52			$this->_storage[$command] = $data;
53			}
54
55			/**
56			* Finalizes the data for a request and sets it in the response.
57			*
58			* ScaleEngine requires a signature of the request to be added to the
59			* request. The data is then JSON-encoded and shoved into a POST field
60			* named `json`.
61			*
62			* @param CommandInterface $command The command being sent.
63			* @param RequestInterface $request The HTTP request being prepared. Will
64			* be modified with the serialized data added as a POST field.
65			* @return void
66			*/
67			public function after(CommandInterface $command, RequestInterface $request)
68			{
69			if (!isset($this->_storage[$command])) {
70			return;
71			}
72
73			$data = $this->_storage[$command];
74			unset($this->_storage[$command]);
75
76			$data['timestamp'] = isset($data['timestamp']) ? $data['timestamp'] : time();
77			$data['signature'] = $this->_getSignature($data);
78
79			$request->setPostField('json', json_encode($data));
			1 ignored issue – show Bug introduced 2016-03-09 19:03 UTC by Report Bug Copy Issue Report It seems like you code against a concrete implementation and not the interface `Guzzle\Http\Message\RequestInterface` as the method `setPostField()` does only exist in the following implementations of said interface: `Guzzle\Http\Message\EntityEnclosingRequest`. Let’s take a look at an example: interface User { /** @return string / public function getPassword(); } class MyUser implements User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the interface: interface User { /** @return string / public function getPassword(); /* @return string */ public function getDisplayName(); } Loading history...
80			}
81
82			/**
83			* Gets the signature of the data using ScaleEngine's algorithm.
84			*
85			* This is a potentially fragile method as it could break if `json_encode`
86			* changes.
87			*
88			* @param array $data The data from the request to sign.
89			* @return string The base64-encoded signature of the data.
90			*/
91			private function _getSignature(array $data)
92			{
93			$json = json_encode($data);
94
95			return base64_encode(hash_hmac('sha256', $json, $this->_apiSecret, true));
96			}
97			}
98

flocasts / scaleengine-api-client

Pull Request — master (#1)

ScaleEngineRequestVisitor::_getSignature() A

Complexity

Size

Duplication

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like