Total Complexity | 58 |
Total Lines | 335 |
Duplicated Lines | 0 % |
Changes | 2 | ||
Bugs | 0 | Features | 0 |
Complex classes like REST often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use REST, and based on these observations, apply Extract Interface, too.
1 | <?php |
||
9 | class REST { |
||
10 | |||
11 | /** |
||
12 | * [private description] |
||
13 | * @var [type] |
||
|
|||
14 | */ |
||
15 | private $ci; |
||
16 | /** |
||
17 | * [private description] |
||
18 | * @var [type] |
||
19 | */ |
||
20 | private $api_key_limit_column; |
||
21 | /** |
||
22 | * [private description] |
||
23 | * @var [type] |
||
24 | */ |
||
25 | private $api_key_column; |
||
26 | /** |
||
27 | * [private description] |
||
28 | * @var [type] |
||
29 | */ |
||
30 | private $per_hour; |
||
31 | /** |
||
32 | * [private description] |
||
33 | * @var [type] |
||
34 | */ |
||
35 | private $ip_per_hour; |
||
36 | /** |
||
37 | * [private description] |
||
38 | * @var [type] |
||
39 | */ |
||
40 | private $show_header; |
||
41 | /** |
||
42 | * [private description] |
||
43 | * @var [type] |
||
44 | */ |
||
45 | private $whitelist; |
||
46 | /** |
||
47 | * [private description] |
||
48 | * @var [type] |
||
49 | */ |
||
50 | private $checked_rate_limit = false; |
||
51 | /** |
||
52 | * [private description] |
||
53 | * @var [type] |
||
54 | */ |
||
55 | private $header_prefix; |
||
56 | /** |
||
57 | * [private description] |
||
58 | * @var [type] |
||
59 | */ |
||
60 | private $limit_api; |
||
61 | |||
62 | /** |
||
63 | * [public description] |
||
64 | * @var [type] |
||
65 | */ |
||
66 | public $userId; |
||
67 | /** |
||
68 | * [public description] |
||
69 | * @var [type] |
||
70 | */ |
||
71 | public $apiKeyHeader; |
||
72 | /** |
||
73 | * [public description] |
||
74 | * @var [type] |
||
75 | */ |
||
76 | public $token; |
||
77 | /** |
||
78 | * [PACKAGE description] |
||
79 | * @var string |
||
80 | */ |
||
81 | const PACKAGE = "francis94c/ci-rest"; |
||
82 | /** |
||
83 | * [RATE_LIMIT description] |
||
84 | * @var string |
||
85 | */ |
||
86 | const RATE_LIMIT = "RateLimit"; |
||
87 | |||
88 | /** |
||
89 | * [__construct description] |
||
90 | * @param [type] $params [description] |
||
91 | */ |
||
92 | function __construct($params=null) { |
||
132 | } |
||
133 | /** |
||
134 | * [authenticate description] |
||
135 | */ |
||
136 | private function authenticate():void { |
||
161 | } |
||
162 | /** |
||
163 | * [process_auth description] |
||
164 | * @param string $auth [description] |
||
165 | * @return bool [description] |
||
166 | */ |
||
167 | private function process_auth(string &$auth):void { |
||
168 | switch ($auth) { |
||
169 | case RESTAuth::BASIC: $this->basic_auth(); break; |
||
170 | case RESTAuth::API_KEY: $this->api_key_auth(); break; |
||
171 | case RESTAuth::OAUTH2: $this->bearer_auth(RESTAuth::OAUTH2); break; |
||
172 | case RESTAuth::BEARER: $this->bearer_auth(); break; |
||
173 | default: $this->custom_auth($auth); |
||
174 | } |
||
175 | } |
||
176 | /** |
||
177 | * [bearer_auth description] |
||
178 | */ |
||
179 | private function bearer_auth($auth=RESTAuth::BEARER):void { |
||
180 | $authorization = $this->get_authorization_header(); |
||
181 | if ($authorization == null || substr_count($authorization, " ") != 1) { |
||
182 | $this->handle_response(RESTResponse::BAD_REQUEST, $auth); // Exits. |
||
183 | } |
||
184 | $token = explode(" ", $authorization); |
||
185 | if ($token[0] != "Bearer") { |
||
186 | $this->handle_response(RESTResponse::BAD_REQUEST, $auth); // Exits. |
||
187 | } |
||
188 | $this->token = $token[1]; |
||
189 | // Call Up Custom Implemented Bearer/Token Authorization. |
||
190 | // Callback Check. |
||
191 | if (!isset($this->ci->config->item('rest')['auth_callbacks'][$auth])) { |
||
192 | $this->handle_response(RESTResponse::NOT_IMPLEMENTED, $auth); // Exits. |
||
193 | } |
||
194 | // Authorization. |
||
195 | if (!$this->ci->config->item('rest')['auth_callbacks'][$auth]($this, $this->token)) { |
||
196 | $this->handle_response(RESTResponse::UN_AUTHORIZED, $auth); // Exits. |
||
197 | } |
||
198 | } |
||
199 | /** |
||
200 | * [basic_auth description] |
||
201 | */ |
||
202 | private function basic_auth():void { |
||
203 | $username = $_SERVER['PHP_AUTH_USER'] ?? null; |
||
204 | $password = $_SERVER['PHP_AUTH_PW'] ?? null; |
||
205 | if (!$username || !$password) $this->handle_response(RESTResponse::BAD_REQUEST, RESTAuth::BASIC); // Exits. |
||
206 | if (!$this->rest_model->basicAuth($this, $username, $password)) $this->handle_response(RESTResponse::UN_AUTHORIZED, RESTAuth::BASIC); // Exits. |
||
207 | } |
||
208 | /** |
||
209 | * [api_key_auth description] |
||
210 | */ |
||
211 | private function api_key_auth():void { |
||
212 | if (!isset($_SERVER['HTTP_' . str_replace("-", "_", $this->apiKeyHeader)])) { |
||
213 | $this->handle_response(RESTResponse::BAD_REQUEST, RESTAuth::API_KEY); // Exits. |
||
214 | } |
||
215 | $apiKey = $this->rest_model->getAPIKeyData( |
||
216 | $_SERVER['HTTP_' . str_replace("-", "_", $this->apiKeyHeader)] |
||
217 | ); |
||
218 | if ($apiKey == null) { |
||
219 | $this->handle_response(RESTResponse::UN_AUTHORIZED, RESTAuth::API_KEY); // Exits. |
||
220 | } |
||
221 | // API KEY Auth Passed Above. |
||
222 | if ($this->limit_api && $this->api_key_limit_column != null && $apiKey[$this->api_key_limit_column] == 1) { |
||
223 | // Trunctate Rate Limit Data. |
||
224 | $this->rest_model->truncateRatelimitData(); |
||
225 | // Check Whitelist. |
||
226 | if (in_array($this->ci->input->ip_address(), $this->whitelist)) { |
||
227 | $this->checked_rate_limit = true; // Ignore Limit By IP. |
||
228 | return; |
||
229 | } |
||
230 | // Should we acyually Limit? |
||
231 | if ($this->per_hour > 0) { |
||
232 | $client = hash('md5', $this->ci->input->ip_address() . "%" . $apiKey[$this->api_key_column]); |
||
233 | $limitData = $this->rest_model->getLimitData($client, '_api_keyed_user'); |
||
234 | if ($limitData == null) { |
||
235 | $limitData = []; |
||
236 | $limitData['count'] = 0; |
||
237 | $limitData['reset_epoch'] = gmdate('d M Y H:i:s', time() + (60 * 60)); |
||
238 | $limitData['start'] = date('d M Y H:i:s'); |
||
239 | } |
||
240 | if ($this->per_hour - $limitData['count'] > 0) { |
||
241 | if (!$this->rest_model->insertLimitData($client, '_api_keyed_user')) { |
||
242 | $this->handle_response(RESTResponse::INTERNAL_SERVER_ERROR, self::RATE_LIMIT); // Exits. |
||
243 | } |
||
244 | ++$limitData['count']; |
||
245 | if ($this->show_header) { |
||
246 | header($this->header_prefix.'Limit: '.$this->per_hour); |
||
247 | header($this->header_prefix.'Remaining: '.($this->per_hour - $limitData['count'])); |
||
248 | header($this->header_prefix.'Reset: '.strtotime($limitData['reset_epoch'])); |
||
249 | } |
||
250 | } else { |
||
251 | header('Retry-After: '.(strtotime($limitData['reset_epoch']) - strtotime(gmdate('d M Y H:i:s')))); |
||
252 | $this->handle_response(RESTResponse::TOO_MANY_REQUESTS, self::RATE_LIMIT); // Exits. |
||
253 | } |
||
254 | } |
||
255 | } |
||
256 | $this->checked_rate_limit = true; // Ignore Limit By IP. |
||
257 | } |
||
258 | /** |
||
259 | * [api_rest_limit_by_ip_address description] |
||
260 | * TODO: Implement. |
||
261 | */ |
||
262 | private function api_rest_limit_by_ip_address():void { |
||
263 | // Trunctate Rate Limit Data. |
||
264 | $this->rest_model->truncateRatelimitData(); |
||
265 | // Check Whitelist. |
||
266 | if (in_array($this->ci->input->ip_address(), $this->whitelist)) return; |
||
267 | // Should we acyually Limit? |
||
268 | if ($this->ip_per_hour > 0) { |
||
269 | $client = hash('md5', $this->ci->input->ip_address()); |
||
270 | $limitData = $this->rest_model->getLimitData($client, '_ip_address'); |
||
271 | if ($limitData == null) { |
||
272 | $limitData = []; |
||
273 | $limitData['count'] = 0; |
||
274 | $limitData['reset_epoch'] = gmdate('d M Y H:i:s', time() + (60 * 60)); |
||
275 | $limitData['start'] = date('d M Y H:i:s'); |
||
276 | } |
||
277 | if ($this->ip_per_hour - $limitData['count'] > 0) { |
||
278 | if (!$this->rest_model->insertLimitData($client, '_ip_address')) { |
||
279 | $this->handle_response(RESTResponse::INTERNAL_SERVER_ERROR, self::RATE_LIMIT); // Exits. |
||
280 | } |
||
281 | ++$limitData['count']; |
||
282 | if ($this->show_header) { |
||
283 | header($this->header_prefix.'Limit: '.$this->ip_per_hour); |
||
284 | header($this->header_prefix.'Remaining: '.($this->ip_per_hour - $limitData['count'])); |
||
285 | header($this->header_prefix.'Reset: '.strtotime($limitData['reset_epoch'])); |
||
286 | } |
||
287 | } else { |
||
288 | header('Retry-After: '.(strtotime($limitData['reset_epoch']) - strtotime(gmdate('d M Y H:i:s')))); |
||
289 | $this->handle_response(RESTResponse::TOO_MANY_REQUESTS, self::RATE_LIMIT); // Exits. |
||
290 | } |
||
291 | } |
||
292 | } |
||
293 | /** |
||
294 | * [custom_auth description] |
||
295 | * @param string $auth [description] |
||
296 | */ |
||
297 | private function custom_auth(string &$auth):void { |
||
309 | } |
||
310 | } |
||
311 | /** |
||
312 | * [get_authorization_header description] |
||
313 | * @return [type] [description] |
||
314 | */ |
||
315 | private function get_authorization_header():?string { |
||
331 | } |
||
332 | /** |
||
333 | * [handle_response description] |
||
334 | * @param int $code [description] |
||
335 | */ |
||
336 | private function handle_response(int $code, $auth=null):void { |
||
347 |