DamaxApiAuthExtension::configureJwtClaims() - Code Metrics - Inspection of "Use request matcher from symfony/http-foundation." - lakiboy/damax-api-auth-bundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 4a72af...750ca9 )

by Dmitri

created 2018-07-05 14:36 UTC

DamaxApiAuthExtension::configureJwtClaims() A

↳ Parent: DamaxApiAuthExtension

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
nc	1
nop	3
dl	0
loc	25
rs	9.52
c	0
b	0
f	0

<?php

declare(strict_types=1);

namespace Damax\Bundle\ApiAuthBundle\DependencyInjection;

use Damax\Bundle\ApiAuthBundle\Extractor\ChainExtractor;
use Damax\Bundle\ApiAuthBundle\Jwt\Claims;
use Damax\Bundle\ApiAuthBundle\Jwt\Claims\ClaimsCollector;
use Damax\Bundle\ApiAuthBundle\Jwt\Claims\OrganizationClaims;
use Damax\Bundle\ApiAuthBundle\Jwt\Claims\SecurityClaims;
use Damax\Bundle\ApiAuthBundle\Jwt\Claims\TimestampClaims;
use Damax\Bundle\ApiAuthBundle\Jwt\Lcobucci\Builder;
use Damax\Bundle\ApiAuthBundle\Jwt\Lcobucci\Parser;
use Damax\Bundle\ApiAuthBundle\Jwt\TokenBuilder;
use Damax\Bundle\ApiAuthBundle\Key\Generator\Generator;
use Damax\Bundle\ApiAuthBundle\Key\Storage\ChainStorage;
use Damax\Bundle\ApiAuthBundle\Key\Storage\DummyStorage;
use Damax\Bundle\ApiAuthBundle\Key\Storage\Reader;
use Damax\Bundle\ApiAuthBundle\Key\Storage\Writer;
use Damax\Bundle\ApiAuthBundle\Listener\ExceptionListener;
use Damax\Bundle\ApiAuthBundle\Security\ApiKey\Authenticator as ApiKeyAuthenticator;
use Damax\Bundle\ApiAuthBundle\Security\ApiKey\StorageUserProvider;
use Damax\Bundle\ApiAuthBundle\Security\Jwt\AuthenticationHandler;
use Damax\Bundle\ApiAuthBundle\Security\Jwt\Authenticator as JwtAuthenticator;
use Lcobucci\Clock\SystemClock;
use Lcobucci\JWT\Configuration as JwtConfiguration;
use Lcobucci\JWT\Signer\Key;
use Symfony\Component\Config\FileLocator;
use Symfony\Component\DependencyInjection\Argument\TaggedIteratorArgument;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\DependencyInjection\Definition;
use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
use Symfony\Component\DependencyInjection\Reference;
use Symfony\Component\HttpFoundation\RequestMatcher;
use Symfony\Component\HttpKernel\DependencyInjection\ConfigurableExtension;

final class DamaxApiAuthExtension extends ConfigurableExtension
{
    protected function loadInternal(array $config, ContainerBuilder $container)
    {
        $loader = new XmlFileLoader($container, new FileLocator(__DIR__ . '/../Resources/config'));
        $loader->load('services.xml');

        if ($config['api_key']['enabled']) {
            $this->configureApiKey($config['api_key'], $container);
        }

        if ($config['jwt']['enabled']) {
            $this->configureJwt($config['jwt'], $container);
        }

        if ($config['format_exceptions']['enabled']) {
            $this->configureExceptions($config['format_exceptions'], $container);
        }
    }

    private function configureApiKey(array $config, ContainerBuilder $container): self
    {
        $extractors = $this->configureExtractors($config['extractors']);

        // User provider.
        $container->autowire('damax.api_auth.api_key.user_provider', StorageUserProvider::class);

        // Authenticator.
        $container
            ->register('damax.api_auth.api_key.authenticator', ApiKeyAuthenticator::class)
            ->addArgument($extractors)
        ;

        // Key generator.
        $container
            ->register(Generator::class)
            ->setClass(sprintf('Damax\\Bundle\\ApiAuthBundle\\Key\\Generator\\%sGenerator', ucfirst($config['generator'])))
        ;

        return $this->configureKeyStorage($config['storage'], $container);
    }

    private function configureJwt(array $config, ContainerBuilder $container): self
    {
        $signer = $this->configureJwtSigner($config['signer']);

        $clock = new Definition(SystemClock::class);

        $configuration = (new Definition(JwtConfiguration::class))
            ->setFactory(JwtConfiguration::class . '::forSymmetricSigner')
            ->addArgument($signer)
            ->addArgument(new Definition(Key::class, [
                $config['signer']['signing_key'],
                $config['signer']['passphrase'],
            ]))
        ;

        if (Configuration::SIGNER_ASYMMETRIC === $config['signer']['type']) {
            $configuration
                ->setFactory(JwtConfiguration::class . '::forAsymmetricSigner')
                ->addArgument(new Definition(Key::class, [
                    $config['signer']['verification_key'],
                ]))
            ;
        }

        $parser = (new Definition(Parser::class))
            ->addArgument($configuration)
            ->addArgument($clock)
            ->addArgument($config['parser']['issuers'] ?? null)
            ->addArgument($config['parser']['audience'] ?? null)
        ;

        $claims = $this->configureJwtClaims($config['builder'], $clock, $container);

        $container
            ->register(TokenBuilder::class, Builder::class)
            ->addArgument($configuration)
            ->addArgument($claims)
        ;

        $extractors = $this->configureExtractors($config['extractors']);

        // Authenticator.
        $container
            ->register('damax.api_auth.jwt.authenticator', JwtAuthenticator::class)
            ->addArgument($extractors)
            ->addArgument($parser)
            ->addArgument($config['identity_claim'] ?? null)
        ;

        // Handler.
        $container->autowire('damax.api_auth.jwt.handler', AuthenticationHandler::class);

        return $this;
    }

    private function configureExceptions(array $config, ContainerBuilder $container): self
    {
        $matcher = (new Definition(RequestMatcher::class))->addArgument($config['path'] ?? null);

        $container
            ->autowire(ExceptionListener::class)
            ->setArgument(1, $matcher)
            ->addTag('kernel.event_listener', ['event' => 'kernel.exception', 'method' => 'onKernelException'])
        ;

        return $this;
    }

    private function configureJwtClaims(array $config, Definition $clock, ContainerBuilder $container): Definition
    {
        // Default claims.
        $container
            ->register(TimestampClaims::class)
            ->addArgument($clock)
            ->addArgument($config['ttl'])
            ->addTag('damax.api_auth.jwt_claims')
        ;
        $container
            ->register(OrganizationClaims::class)
            ->addArgument($config['issuer'] ?? null)
            ->addArgument($config['audience'] ?? null)
            ->addTag('damax.api_auth.jwt_claims')
        ;
        $container
            ->register(SecurityClaims::class)
            ->addTag('damax.api_auth.jwt_claims')
        ;

        $container->setAlias(Claims::class, ClaimsCollector::class);

        return $container
            ->register(ClaimsCollector::class)
            ->addArgument(new TaggedIteratorArgument('damax.api_auth.jwt_claims'))
        ;
    }

    private function configureJwtSigner(array $config): Definition
    {
        $dirs = ['HS' => 'Hmac', 'RS' => 'Rsa', 'ES' => 'Ecdsa'];
        $algo = $config['algorithm'];

        return new Definition('Lcobucci\\JWT\\Signer\\' . $dirs[substr($algo, 0, 2)] . '\\Sha' . substr($algo, 2));
    }

    private function configureExtractors(array $config): Definition
    {
        $extractors = [];

        foreach ($config as $item) {
            $className = sprintf('Damax\\Bundle\\ApiAuthBundle\\Extractor\\%sExtractor', ucfirst($item['type']));

            $extractors[] = (new Definition($className))
                ->setArgument(0, $item['name'])
                ->setArgument(1, $item['prefix'] ?? null)
            ;
        }

        return new Definition(ChainExtractor::class, [$extractors]);
    }

    private function configureKeyStorage(array $config, ContainerBuilder $container): self
    {
        $drivers = [];

        // Default writable storage.
        $container->register(Writer::class, DummyStorage::class);

        foreach ($config as $item) {
            $className = sprintf('Damax\\Bundle\\ApiAuthBundle\\Key\\Storage\\%sStorage', ucfirst($item['type']));

            $drivers[] = $driver = new Definition($className);

            if (Configuration::STORAGE_FIXED === $item['type']) {
                $driver->addArgument($item['tokens']);
            } elseif (Configuration::STORAGE_REDIS === $item['type']) {
                $driver->addArgument(new Reference($item['redis_client_id']));
            } elseif (Configuration::STORAGE_DOCTRINE === $item['type']) {
                $driver
                    ->addArgument(new Reference($item['doctrine_connection_id']))
                    ->addArgument($item['table_name'])
                    ->addArgument($item['fields'] ?? [])
                ;
            }

            if ($item['writable']) {
                $container->setDefinition(Writer::class, $driver);
            }
        }

        $container
            ->register(Reader::class, ChainStorage::class)
            ->addArgument($drivers)
        ;

        return $this;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace Damax\Bundle\ApiAuthBundle\DependencyInjection;
6
7			use Damax\Bundle\ApiAuthBundle\Extractor\ChainExtractor;
8			use Damax\Bundle\ApiAuthBundle\Jwt\Claims;
9			use Damax\Bundle\ApiAuthBundle\Jwt\Claims\ClaimsCollector;
10			use Damax\Bundle\ApiAuthBundle\Jwt\Claims\OrganizationClaims;
11			use Damax\Bundle\ApiAuthBundle\Jwt\Claims\SecurityClaims;
12			use Damax\Bundle\ApiAuthBundle\Jwt\Claims\TimestampClaims;
13			use Damax\Bundle\ApiAuthBundle\Jwt\Lcobucci\Builder;
14			use Damax\Bundle\ApiAuthBundle\Jwt\Lcobucci\Parser;
15			use Damax\Bundle\ApiAuthBundle\Jwt\TokenBuilder;
16			use Damax\Bundle\ApiAuthBundle\Key\Generator\Generator;
17			use Damax\Bundle\ApiAuthBundle\Key\Storage\ChainStorage;
18			use Damax\Bundle\ApiAuthBundle\Key\Storage\DummyStorage;
19			use Damax\Bundle\ApiAuthBundle\Key\Storage\Reader;
20			use Damax\Bundle\ApiAuthBundle\Key\Storage\Writer;
21			use Damax\Bundle\ApiAuthBundle\Listener\ExceptionListener;
22			use Damax\Bundle\ApiAuthBundle\Security\ApiKey\Authenticator as ApiKeyAuthenticator;
23			use Damax\Bundle\ApiAuthBundle\Security\ApiKey\StorageUserProvider;
24			use Damax\Bundle\ApiAuthBundle\Security\Jwt\AuthenticationHandler;
25			use Damax\Bundle\ApiAuthBundle\Security\Jwt\Authenticator as JwtAuthenticator;
26			use Lcobucci\Clock\SystemClock;
27			use Lcobucci\JWT\Configuration as JwtConfiguration;
28			use Lcobucci\JWT\Signer\Key;
29			use Symfony\Component\Config\FileLocator;
30			use Symfony\Component\DependencyInjection\Argument\TaggedIteratorArgument;
31			use Symfony\Component\DependencyInjection\ContainerBuilder;
32			use Symfony\Component\DependencyInjection\Definition;
33			use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
34			use Symfony\Component\DependencyInjection\Reference;
35			use Symfony\Component\HttpFoundation\RequestMatcher;
36			use Symfony\Component\HttpKernel\DependencyInjection\ConfigurableExtension;
37
38			final class DamaxApiAuthExtension extends ConfigurableExtension
39			{
40			protected function loadInternal(array $config, ContainerBuilder $container)
41			{
42			$loader = new XmlFileLoader($container, new FileLocator(__DIR__ . '/../Resources/config'));
43			$loader->load('services.xml');
44
45			if ($config['api_key']['enabled']) {
46			$this->configureApiKey($config['api_key'], $container);
47			}
48
49			if ($config['jwt']['enabled']) {
50			$this->configureJwt($config['jwt'], $container);
51			}
52
53			if ($config['format_exceptions']['enabled']) {
54			$this->configureExceptions($config['format_exceptions'], $container);
55			}
56			}
57
58			private function configureApiKey(array $config, ContainerBuilder $container): self
59			{
60			$extractors = $this->configureExtractors($config['extractors']);
61
62			// User provider.
63			$container->autowire('damax.api_auth.api_key.user_provider', StorageUserProvider::class);
64
65			// Authenticator.
66			$container
67			->register('damax.api_auth.api_key.authenticator', ApiKeyAuthenticator::class)
68			->addArgument($extractors)
69			;
70
71			// Key generator.
72			$container
73			->register(Generator::class)
74			->setClass(sprintf('Damax\\Bundle\\ApiAuthBundle\\Key\\Generator\\%sGenerator', ucfirst($config['generator'])))
75			;
76
77			return $this->configureKeyStorage($config['storage'], $container);
78			}
79
80			private function configureJwt(array $config, ContainerBuilder $container): self
81			{
82			$signer = $this->configureJwtSigner($config['signer']);
83
84			$clock = new Definition(SystemClock::class);
85
86			$configuration = (new Definition(JwtConfiguration::class))
87			->setFactory(JwtConfiguration::class . '::forSymmetricSigner')
88			->addArgument($signer)
89			->addArgument(new Definition(Key::class, [
90			$config['signer']['signing_key'],
91			$config['signer']['passphrase'],
92			]))
93			;
94
95			if (Configuration::SIGNER_ASYMMETRIC === $config['signer']['type']) {
96			$configuration
97			->setFactory(JwtConfiguration::class . '::forAsymmetricSigner')
98			->addArgument(new Definition(Key::class, [
99			$config['signer']['verification_key'],
100			]))
101			;
102			}
103
104			$parser = (new Definition(Parser::class))
105			->addArgument($configuration)
106			->addArgument($clock)
107			->addArgument($config['parser']['issuers'] ?? null)
108			->addArgument($config['parser']['audience'] ?? null)
109			;
110
111			$claims = $this->configureJwtClaims($config['builder'], $clock, $container);
112
113			$container
114			->register(TokenBuilder::class, Builder::class)
115			->addArgument($configuration)
116			->addArgument($claims)
117			;
118
119			$extractors = $this->configureExtractors($config['extractors']);
120
121			// Authenticator.
122			$container
123			->register('damax.api_auth.jwt.authenticator', JwtAuthenticator::class)
124			->addArgument($extractors)
125			->addArgument($parser)
126			->addArgument($config['identity_claim'] ?? null)
127			;
128
129			// Handler.
130			$container->autowire('damax.api_auth.jwt.handler', AuthenticationHandler::class);
131
132			return $this;
133			}
134
135			private function configureExceptions(array $config, ContainerBuilder $container): self
136			{
137			$matcher = (new Definition(RequestMatcher::class))->addArgument($config['path'] ?? null);
138
139			$container
140			->autowire(ExceptionListener::class)
141			->setArgument(1, $matcher)
142			->addTag('kernel.event_listener', ['event' => 'kernel.exception', 'method' => 'onKernelException'])
143			;
144
145			return $this;
146			}
147
148			private function configureJwtClaims(array $config, Definition $clock, ContainerBuilder $container): Definition
149			{
150			// Default claims.
151			$container
152			->register(TimestampClaims::class)
153			->addArgument($clock)
154			->addArgument($config['ttl'])
155			->addTag('damax.api_auth.jwt_claims')
156			;
157			$container
158			->register(OrganizationClaims::class)
159			->addArgument($config['issuer'] ?? null)
160			->addArgument($config['audience'] ?? null)
161			->addTag('damax.api_auth.jwt_claims')
162			;
163			$container
164			->register(SecurityClaims::class)
165			->addTag('damax.api_auth.jwt_claims')
166			;
167
168			$container->setAlias(Claims::class, ClaimsCollector::class);
169
170			return $container
171			->register(ClaimsCollector::class)
172			->addArgument(new TaggedIteratorArgument('damax.api_auth.jwt_claims'))
173			;
174			}
175
176			private function configureJwtSigner(array $config): Definition
177			{
178			$dirs = ['HS' => 'Hmac', 'RS' => 'Rsa', 'ES' => 'Ecdsa'];
179			$algo = $config['algorithm'];
180
181			return new Definition('Lcobucci\\JWT\\Signer\\' . $dirs[substr($algo, 0, 2)] . '\\Sha' . substr($algo, 2));
182			}
183
184			private function configureExtractors(array $config): Definition
185			{
186			$extractors = [];
187
188			foreach ($config as $item) {
189			$className = sprintf('Damax\\Bundle\\ApiAuthBundle\\Extractor\\%sExtractor', ucfirst($item['type']));
190
191			$extractors[] = (new Definition($className))
192			->setArgument(0, $item['name'])
193			->setArgument(1, $item['prefix'] ?? null)
194			;
195			}
196
197			return new Definition(ChainExtractor::class, [$extractors]);
198			}
199
200			private function configureKeyStorage(array $config, ContainerBuilder $container): self
201			{
202			$drivers = [];
203
204			// Default writable storage.
205			$container->register(Writer::class, DummyStorage::class);
206
207			foreach ($config as $item) {
208			$className = sprintf('Damax\\Bundle\\ApiAuthBundle\\Key\\Storage\\%sStorage', ucfirst($item['type']));
209
210			$drivers[] = $driver = new Definition($className);
211
212			if (Configuration::STORAGE_FIXED === $item['type']) {
213			$driver->addArgument($item['tokens']);
214			} elseif (Configuration::STORAGE_REDIS === $item['type']) {
215			$driver->addArgument(new Reference($item['redis_client_id']));
216			} elseif (Configuration::STORAGE_DOCTRINE === $item['type']) {
217			$driver
218			->addArgument(new Reference($item['doctrine_connection_id']))
219			->addArgument($item['table_name'])
220			->addArgument($item['fields'] ?? [])
221			;
222			}
223
224			if ($item['writable']) {
225			$container->setDefinition(Writer::class, $driver);
226			}
227			}
228
229			$container
230			->register(Reader::class, ChainStorage::class)
231			->addArgument($drivers)
232			;
233
234			return $this;
235			}
236			}
237

lakiboy / damax-api-auth-bundle

GitHub Access Token became invalid

Push — master ( 4a72af...750ca9 )

DamaxApiAuthExtension::configureJwtClaims() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like