Issues in Facebook.php - New Issues - Inspection of "added ability to send appsecret_proof with request..." - laravel-notification-channels/facebook - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 554576...c39576 )

by Irfaq

created 2020-02-26 06:41 UTC

src/Facebook.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace NotificationChannels\Facebook;

use Exception;
use GuzzleHttp\Client as HttpClient;
use GuzzleHttp\Exception\ClientException;
use GuzzleHttp\Exception\GuzzleException;
use NotificationChannels\Facebook\Exceptions\CouldNotSendNotification;
use Psr\Http\Message\ResponseInterface;

/**
 * Class Facebook.
 */
class Facebook
{
    /** @var HttpClient HTTP Client */
    protected $http;

    /** @var string|null Page Token. */
    protected $token;

    /** @var string|null App Secret */
    protected $secret;

    /** @var string Default Graph API Version */
    protected $graphApiVersion = '4.0';

    /**
     * @param  string|null      $token
     * @param  HttpClient|null  $httpClient
     */
    public function __construct(string $token = null, HttpClient $httpClient = null)
    {
        $this->token = $token;

        $this->http = $httpClient;
    }

    /**
     * Set Default Graph API Version.
     *
     * @param $graphApiVersion
     *
     * @return Facebook
     */
    public function setGraphApiVersion($graphApiVersion): self
    {
        $this->graphApiVersion = $graphApiVersion;

        return $this;
    }

    /**
     * Set App Secret to generate appsecret_proof.
     *
     * @param string $secret
     *
     * @return Facebook
     */
    public function setSecret($secret = null): self
    {
        $this->secret = $secret;

        return $this;
    }

    /**
     * Get HttpClient.
     *
     * @return HttpClient
     */
    protected function httpClient(): HttpClient
    {
        return $this->http ?? new HttpClient();
    }

    /**
     * Send text message.
     *
     * @param  array  $params
     *
     * @throws GuzzleException
     * @throws CouldNotSendNotification
     * @return ResponseInterface
     */
    public function send(array $params): ResponseInterface
    {
        return $this->post('me/messages', $params);
    }

    /**
     * @param  string  $endpoint
     * @param  array   $params
     *
     * @throws GuzzleException
     * @throws CouldNotSendNotification
     * @return ResponseInterface
     */
    public function get(string $endpoint, array $params = []): ResponseInterface
    {
        return $this->api($endpoint, ['query' => $params]);
    }

    /**
     * @param  string  $endpoint
     * @param  array   $params
     *
     * @throws GuzzleException
     * @throws CouldNotSendNotification
     * @return ResponseInterface
     */
    public function post(string $endpoint, array $params = []): ResponseInterface
    {
        return $this->api($endpoint, ['json' => $params], 'POST');
    }

    /**
     * Send an API request and return response.
     *
     * @param  string  $endpoint
     * @param  array   $options
     * @param  string  $method
     *
     * @throws GuzzleException
     * @throws CouldNotSendNotification
     * @return mixed|ResponseInterface
     */
    protected function api(string $endpoint, array $options, $method = 'GET')
    {
        if (empty($this->token)) {
            throw CouldNotSendNotification::facebookPageTokenNotProvided('You must provide your Facebook Page token to make any API requests.');
        }

        $url = "https://graph.facebook.com/v{$this->graphApiVersion}/{$endpoint}?access_token={$this->token}";

        if ($this->secret) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            $appsecret_proof = hash_hmac('sha256', $this->token, $this->secret);

            $url .= "&appsecret_proof={$appsecret_proof}";
        }

        try {
            return $this->httpClient()->request($method, $url, $options);
        } catch (ClientException $exception) {
            throw CouldNotSendNotification::facebookRespondedWithAnError($exception);
        } catch (Exception $exception) {
            throw CouldNotSendNotification::couldNotCommunicateWithFacebook($exception);
        }
    }
}


1			<?php
2
3			namespace NotificationChannels\Facebook;
4
5			use Exception;
6			use GuzzleHttp\Client as HttpClient;
7			use GuzzleHttp\Exception\ClientException;
8			use GuzzleHttp\Exception\GuzzleException;
9			use NotificationChannels\Facebook\Exceptions\CouldNotSendNotification;
10			use Psr\Http\Message\ResponseInterface;
11
12			/**
13			* Class Facebook.
14			*/
15			class Facebook
16			{
17			/** @var HttpClient HTTP Client */
18			protected $http;
19
20			/** @var string\|null Page Token. */
21			protected $token;
22
23			/** @var string\|null App Secret */
24			protected $secret;
25
26			/** @var string Default Graph API Version */
27			protected $graphApiVersion = '4.0';
28
29			/**
30			* @param string\|null $token
31			* @param HttpClient\|null $httpClient
32			*/
33			public function __construct(string $token = null, HttpClient $httpClient = null)
34			{
35			$this->token = $token;
36
37			$this->http = $httpClient;
38			}
39
40			/**
41			* Set Default Graph API Version.
42			*
43			* @param $graphApiVersion
44			*
45			* @return Facebook
46			*/
47			public function setGraphApiVersion($graphApiVersion): self
48			{
49			$this->graphApiVersion = $graphApiVersion;
50
51			return $this;
52			}
53
54			/**
55			* Set App Secret to generate appsecret_proof.
56			*
57			* @param string $secret
58			*
59			* @return Facebook
60			*/
61			public function setSecret($secret = null): self
62			{
63			$this->secret = $secret;
64
65			return $this;
66			}
67
68			/**
69			* Get HttpClient.
70			*
71			* @return HttpClient
72			*/
73			protected function httpClient(): HttpClient
74			{
75			return $this->http ?? new HttpClient();
76			}
77
78			/**
79			* Send text message.
80			*
81			* @param array $params
82			*
83			* @throws GuzzleException
84			* @throws CouldNotSendNotification
85			* @return ResponseInterface
86			*/
87			public function send(array $params): ResponseInterface
88			{
89			return $this->post('me/messages', $params);
90			}
91
92			/**
93			* @param string $endpoint
94			* @param array $params
95			*
96			* @throws GuzzleException
97			* @throws CouldNotSendNotification
98			* @return ResponseInterface
99			*/
100			public function get(string $endpoint, array $params = []): ResponseInterface
101			{
102			return $this->api($endpoint, ['query' => $params]);
103			}
104
105			/**
106			* @param string $endpoint
107			* @param array $params
108			*
109			* @throws GuzzleException
110			* @throws CouldNotSendNotification
111			* @return ResponseInterface
112			*/
113			public function post(string $endpoint, array $params = []): ResponseInterface
114			{
115			return $this->api($endpoint, ['json' => $params], 'POST');
116			}
117
118			/**
119			* Send an API request and return response.
120			*
121			* @param string $endpoint
122			* @param array $options
123			* @param string $method
124			*
125			* @throws GuzzleException
126			* @throws CouldNotSendNotification
127			* @return mixed\|ResponseInterface
128			*/
129			protected function api(string $endpoint, array $options, $method = 'GET')
130			{
131			if (empty($this->token)) {
132			throw CouldNotSendNotification::facebookPageTokenNotProvided('You must provide your Facebook Page token to make any API requests.');
133			}
134
135			$url = "https://graph.facebook.com/v{$this->graphApiVersion}/{$endpoint}?access_token={$this->token}";
136
137			if ($this->secret) {
			0 ignored issues – show Bug Best Practice introduced 2020-02-25 19:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$this->secret` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
138			$appsecret_proof = hash_hmac('sha256', $this->token, $this->secret);
139
140			$url .= "&appsecret_proof={$appsecret_proof}";
141			}
142
143			try {
144			return $this->httpClient()->request($method, $url, $options);
145			} catch (ClientException $exception) {
146			throw CouldNotSendNotification::facebookRespondedWithAnError($exception);
147			} catch (Exception $exception) {
148			throw CouldNotSendNotification::couldNotCommunicateWithFacebook($exception);
149			}
150			}
151			}
152

GitHub Access Token became invalid

Push — master ( 554576...c39576 )

src/Facebook.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

laravel-notification-channels / facebook

GitHub Access Token became invalid

Push — master ( 554576...c39576 )

src/Facebook.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like