WebAuthController::logout() - Code Metrics - Inspection of "added logout and oauth logout routes, made scope p..." - metaclassing/PHP7-Laravel5-EnterpriseAuth - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 5dbaed...2ce543 )

by meta

created 2018-05-14 11:58 UTC

WebAuthController::logout() A

↳ Parent: WebAuthController

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
eloc	2
nc	1
nop	1
dl	0
loc	4
rs	10
c	0
b	0
f	0

<?php

namespace Metaclassing\EnterpriseAuth\Controllers;

use Illuminate\Routing\Controller;
use Laravel\Socialite\Facades\Socialite;

class WebAuthController extends AuthController
{
    // Route to save unauthenticated users original page request and redirect to oauth provider redirect
    public function loginOrRegister(\Illuminate\Http\Request $request)
    {
        // This is what gets called after a user is redirected to /login by the framework
        $lastPage = $request->session()->get('url.intended');
        \Illuminate\Support\Facades\Log::info('AUTH loginOrRegister with request url '.$lastPage);

        // Make sure they are not going to end up in a redirect loop with the login route
        if ($lastPage && $lastPage != route('login')) {
            $request->session()->put('oauthIntendedUrl', $lastPage);
        }

        return redirect()->guest(config('enterpriseauth.routes.login'));
    }

    // Route to clear the session and redirect to oauth signout handler
    public function logout(\Illuminate\Http\Request $request)
    public function logout(/** @scrutinizer ignore-unused */ \Illuminate\Http\Request $request)
    {
        auth()->logout();
        return redirect(config('enterpriseauth.routes.logout'));
    }

    // Route to redirect to oauth idp end-session endpoint
    public function logoutFromOauthProvider(\Illuminate\Http\Request $request)
    public function logoutFromOauthProvider(/** @scrutinizer ignore-unused */ \Illuminate\Http\Request $request)
    {
        $endSessionEndpoint = $this->azureActiveDirectory->endSessionEndpoint;
        return redirect($endSessionEndpoint);
    }

    // Route called to redirect administrative users to provide consent to access aad
    public function redirectToOauthAdminConsent(\Illuminate\Http\Request $request)
    public function redirectToOauthAdminConsent(/** @scrutinizer ignore-unused */ \Illuminate\Http\Request $request)
    {
        $url = $this->azureActiveDirectory->buildAdminConsentUrl(config('enterpriseauth.credentials.client_id'),
                                                                 config('enterpriseauth.credentials.callback_url'));
        //return new \Illuminate\Http\RedirectResponse($url);
        return redirect($url);
    }

    // Route called to redirect unauthenticated users to oauth identity provider
    public function redirectToOauthProvider(\Illuminate\Http\Request $request)
    public function redirectToOauthProvider(/** @scrutinizer ignore-unused */ \Illuminate\Http\Request $request)
    {
        $url = $this->buildAuthUrl();
        //return new \Illuminate\Http\RedirectResponse($url);
        return redirect($url);
    }

    // Helper to build redirect url from azure AD tenant
    public function buildAuthUrl()
    {
        $url = $this->azureActiveDirectory->authorizationEndpoint
             .'?'
             .$this->buildAuthUrlQueryString();

        return $url;
    }

    // helper to build query string for oauth provider
    public function buildAuthUrlQueryString()
    {
        $fields = [
            'client_id'     => config('enterpriseauth.credentials.client_id'),
            'redirect_uri'  => config('enterpriseauth.credentials.callback_url'),
            'scope'         => 'https://graph.microsoft.com/.default',
            'response_type' => 'code',
        ];

        return http_build_query($fields);
    }

    // Route to handle response back from our oauth provider
    public function handleOauthResponse(\Illuminate\Http\Request $request)
    {
        // Handle user authentication responses
        if ($request->input('code')) {
            return $this->handleOauthLoginResponse($request);
        }
        if ($request->input('admin_consent')) {
            return 'Thank you';
        }
        throw new \Exception('Unhandled oauth response');
    }

    public function handleOauthLoginResponse(\Illuminate\Http\Request $request)
    {
        // Turn coke into pepsi
        $accessToken = $this->getAccessTokenFromCode($request->input('code'));
        // Get the associated laravel \App\User object
        $user = $this->validateOauthCreateOrUpdateUserAndGroups($accessToken);
        // Authenticate the users session
        auth()->login($user, true);

        // Check to see if there is an intended destination url saved
        $destination = $request->session()
                               ->get('oauthIntendedUrl');
        // If there is no intended destination url, use the default
        if (! $destination) {
            $destination = config('enterpriseauth.redirect_on_login');
        }
        \Illuminate\Support\Facades\Log::info('AUTH success USER ID '.$user->id.' with redirect url '.$destination);

        return redirect($destination);
    }

    // Turn coke into pepsi: Take the authorization code and turn it into an access token for graph api
    public function getAccessTokenFromCode($code)
    {
        $guzzle = new \GuzzleHttp\Client();
        $url = $this->azureActiveDirectory->tokenEndpoint;
        $parameters = [
            'headers' => [
                'Accept' => 'application/json',
            ],
            'form_params' => [
                'code'          => $code,
                'scope'         => 'https://graph.microsoft.com/.default',
                'client_id'     => config('enterpriseauth.credentials.client_id'),
                'client_secret' => config('enterpriseauth.credentials.client_secret'),
                'redirect_uri'  => config('enterpriseauth.credentials.callback_url'),
                'grant_type'    => 'authorization_code',
             ],
        ];
        $response = $guzzle->post($url, $parameters);
        $responseObject = json_decode($response->getBody());
        $accessToken = $responseObject->access_token;

        return $accessToken;
    }
}


metaclassing / PHP7-Laravel5-EnterpriseAuth

Push — master ( 5dbaed...2ce543 )

WebAuthController::logout() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like