OAuth2Middleware - Code Metrics - hiqdev/hiapi - Measure and Improve Code Quality continuously with Scrutinizer

OAuth2Middleware A
last analyzed 2021-06-11 17:48 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	80
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	2

Importance

Changes

Metric	Value
wmc	11
lcom	1
cbo	2
dl	0
loc	80
rs	10
c	0
b	0
f	0

7 Methods

Rating	Name	Size	Complexity
A	__construct()	4	1
A	authenticate()	13	3
A	findIdentity()	15	3
A	buildUnathorizedIdentity()	9	1
A	buildIdentity()	6	1
A	getUserInfo()	10	1
A	getClient()	7	1

<?php

namespace hiapi\Core\Auth;

use GuzzleHttp\RequestOptions;
use hiapi\exceptions\NotAuthenticatedException;
use Psr\Http\Message\ServerRequestInterface;
use yii\web\User;
use GuzzleHttp\Client;
use yii\web\IdentityInterface;

/**
 * XXX Think if authentication can be done deferred?
 * XXX Does it make sence?
 */
class OAuth2Middleware extends AuthMiddleware
{
    public $userinfoUrl;

    /**
     * @var User
     */
    private $user;

    public function __construct(User $user)
    {
        $this->user = $user;
    }

    public function authenticate(ServerRequestInterface $request)
    {
        $identity = $this->findIdentity($request);

        if (empty($identity)) {
            return $this->buildUnathorizedIdentity();
        }

        $ok = $this->user->login($identity);
        if ($ok !== true) {
            throw new NotAuthenticatedException('failed login by token');
        }
    }

    private function findIdentity(ServerRequestInterface $request): ?IdentityInterface
    {
        $token = $this->getAccessToken($request);
        if (empty($token)) {
            return null;
        }

        try {
            $info = $this->getUserInfo($token);
        } catch (\Throwable $e) {
            throw new NotAuthenticatedException($e->getMessage());
        }

        return $this->buildIdentity($info);
    }

    private function buildUnathorizedIdentity(): IdentityInterface
    {
        return $this->buildIdentity([
            'sub' => -1,
            'username' => 'unauthorized',
            'state' => 'disabled',
            'roles' => 'role:unauthorized',
        ]);
    }

    private function buildIdentity(array $info): IdentityInterface
    {
        $class = $this->user->identityClass;

        return $class::fromArray($info);
    }

    private function getUserInfo(string $token)
    {
        $res = $this->getClient()->request('GET', '', [
            RequestOptions::HEADERS => [
                'Authorization' => 'Bearer ' . $token,
            ],
        ]);

        return \json_decode((string)$res->getBody(), true);
    }

    private function getClient(): Client
    {
        return new Client([
            'base_uri' => $this->userinfoUrl,
            'timeout' => 5.0,
        ]);
    }
}


1			<?php
2
3			namespace hiapi\Core\Auth;
4
5			use GuzzleHttp\RequestOptions;
6			use hiapi\exceptions\NotAuthenticatedException;
7			use Psr\Http\Message\ServerRequestInterface;
8			use yii\web\User;
9			use GuzzleHttp\Client;
10			use yii\web\IdentityInterface;
11
12			/**
13			* XXX Think if authentication can be done deferred?
14			* XXX Does it make sence?
15			*/
16			class OAuth2Middleware extends AuthMiddleware
17			{
18			public $userinfoUrl;
19
20			/**
21			* @var User
22			*/
23			private $user;
24
25			public function __construct(User $user)
26			{
27			$this->user = $user;
28			}
29
30			public function authenticate(ServerRequestInterface $request)
31			{
32			$identity = $this->findIdentity($request);
33
34			if (empty($identity)) {
35			return $this->buildUnathorizedIdentity();
36			}
37
38			$ok = $this->user->login($identity);
39			if ($ok !== true) {
40			throw new NotAuthenticatedException('failed login by token');
41			}
42			}
43
44			private function findIdentity(ServerRequestInterface $request): ?IdentityInterface
45			{
46			$token = $this->getAccessToken($request);
47			if (empty($token)) {
48			return null;
49			}
50
51			try {
52			$info = $this->getUserInfo($token);
53			} catch (\Throwable $e) {
54			throw new NotAuthenticatedException($e->getMessage());
55			}
56
57			return $this->buildIdentity($info);
58			}
59
60			private function buildUnathorizedIdentity(): IdentityInterface
61			{
62			return $this->buildIdentity([
63			'sub' => -1,
64			'username' => 'unauthorized',
65			'state' => 'disabled',
66			'roles' => 'role:unauthorized',
67			]);
68			}
69
70			private function buildIdentity(array $info): IdentityInterface
71			{
72			$class = $this->user->identityClass;
73
74			return $class::fromArray($info);
75			}
76
77			private function getUserInfo(string $token)
78			{
79			$res = $this->getClient()->request('GET', '', [
80			RequestOptions::HEADERS => [
81			'Authorization' => 'Bearer ' . $token,
82			],
83			]);
84
85			return \json_decode((string)$res->getBody(), true);
86			}
87
88			private function getClient(): Client
89			{
90			return new Client([
91			'base_uri' => $this->userinfoUrl,
92			'timeout' => 5.0,
93			]);
94			}
95			}
96

hiqdev / hiapi

OAuth2Middleware A last analyzed 2021-06-11 17:48 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Importance

7 Methods

Duplication Side-by-Side

Filter issues like

OAuth2Middleware A
last analyzed 2021-06-11 17:48 UTC