Issues in OAuthClient.php (master) - Issues in master - nixsolutions/yandex-php-library - Measure and Improve Code Quality continuously with Scrutinizer

Issues (302)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Yandex/OAuth/OAuthClient.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Yandex PHP Library
 *
 * @copyright NIX Solutions Ltd.
 * @link https://github.com/nixsolutions/yandex-php-library
 */

/**
 * @namespace
 */
namespace Yandex\OAuth;

use GuzzleHttp\Exception\ClientException;
use GuzzleHttp\Exception\RequestException;
use Yandex\Common\AbstractServiceClient;
use Yandex\OAuth\Exception\AuthRequestException;
use Yandex\OAuth\Exception\AuthResponseException;

/**
 * Class OAuthClient implements Yandex OAuth protocol
 *
 * @category Yandex
 * @package  OAuth
 *
 * @author   Eugene Zabolotniy <[email protected]>
 * @created  29.08.13 12:07
 */
class OAuthClient extends AbstractServiceClient
{
    /*
     * Authentication types constants
     *
     * The "code" type means that the application will use an intermediate code to obtain an access token.
     * The "token" type will result a user is redirected back to the application with an access token in a URL
     */
    const CODE_AUTH_TYPE = 'code';
    const TOKEN_AUTH_TYPE = 'token';

    /**
     * @var string
     */
    private $clientId = '';

    /**
     * @var string
     */
    private $clientSecret = '';

    /**
     * @var string
     */
    protected $serviceDomain = 'oauth.yandex.ru';

    /**
     * @param string $clientId
     * @param string $clientSecret
     */
    public function __construct($clientId = '', $clientSecret = '')
    {
        $this->setClientId($clientId);
        $this->setClientSecret($clientSecret);
    }

    /**
     * @param string $clientId
     *
     * @return self
     */
    public function setClientId($clientId)
    {
        $this->clientId = $clientId;

        return $this;
    }

    /**
     * @return string
     */
    public function getClientId()
    {
        return $this->clientId;
    }

    /**
     * @param string $clientSecret
     *
     * @return self
     */
    public function setClientSecret($clientSecret)
    {
        $this->clientSecret = $clientSecret;

        return $this;
    }

    /**
     * @return string
     */
    public function getClientSecret()
    {
        return $this->clientSecret;
    }

    /**
     * @param string $type
     * @param string $state optional string
     *
     * @return string
     */
    public function getAuthUrl($type = self::CODE_AUTH_TYPE, $state = null)
    {
        $url = $this->getServiceUrl('authorize') . '?response_type=' . $type . '&client_id=' . $this->clientId;
        if ($state) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            $url .= '&state=' . $state;
        }

        return $url;
    }

    /**
     * Sends a redirect to the Yandex authentication page.
     *
     * @param bool   $exit  indicates whether to stop the PHP script immediately or not
     * @param string $type  a type of the authentication procedure
     * @param string $state optional string
     * @return bool|void
     */
    public function authRedirect($exit = true, $type = self::CODE_AUTH_TYPE, $state = null)
    {
        header('Location: ' . $this->getAuthUrl($type, $state));

        return $exit ? exit() : true;
    }

    /**
     * Exchanges a temporary code for an access token.
     *
     * @param $code
     *
     * @throws AuthRequestException on a known request error
     * @throws AuthResponseException on a response format error
     * @throws RequestException on an unknown request error
     *
     * @return self
     */
    public function requestAccessToken($code)
    {
        $client = $this->getClient();

        try {
            $response = $client->request(
                'POST',
                '/token',
                [
                    'auth' => [
                        $this->clientId,
                        $this->clientSecret
                    ],
                    'form_params' => [
                        'grant_type'    => 'authorization_code',
                        'code'          => $code,
                        'client_id'     => $this->clientId,
                        'client_secret' => $this->clientSecret
                    ]
                ]
            );
        } catch (ClientException $ex) {
            $result = $this->getDecodedBody($ex->getResponse()->getBody());

            if (is_array($result) && isset($result['error'])) {
                // handle a service error message
                $message = 'Service responsed with error code "' . $result['error'] . '".';

                if (isset($result['error_description']) && $result['error_description']) {
                    $message .= ' Description "' . $result['error_description'] . '".';
                }
                throw new AuthRequestException($message, 0, $ex);
            }

            // unknown error. not parsed error
            throw $ex;
        }

        try {
            $result = $this->getDecodedBody($response->getBody());
        } catch (\RuntimeException $ex) {
            throw new AuthResponseException('Server response can\'t be parsed', 0, $ex);
        }

        if (!is_array($result)) {
            throw new AuthResponseException('Server response has unknown format');
        }

        if (!isset($result['access_token'])) {
            throw new AuthResponseException('Server response doesn\'t contain access token');
        }

        $this->setAccessToken($result['access_token']);

        $lifetimeInSeconds = $result['expires_in'];

        $expireDateTime = new \DateTime();
        $expireDateTime->add(new \DateInterval('PT'.$lifetimeInSeconds.'S'));

        $this->setExpiresIn($expireDateTime);

        return $this;
    }
}


1		<?php
2		/**
3		* Yandex PHP Library
4		*
5		* @copyright NIX Solutions Ltd.
6		* @link https://github.com/nixsolutions/yandex-php-library
7		*/
8
9		/**
10		* @namespace
11		*/
12		namespace Yandex\OAuth;
13
14		use GuzzleHttp\Exception\ClientException;
15		use GuzzleHttp\Exception\RequestException;
16		use Yandex\Common\AbstractServiceClient;
17		use Yandex\OAuth\Exception\AuthRequestException;
18		use Yandex\OAuth\Exception\AuthResponseException;
19
20		/**
21		* Class OAuthClient implements Yandex OAuth protocol
22		*
23		* @category Yandex
24		* @package OAuth
25		*
26		* @author Eugene Zabolotniy <[email protected]>
27		* @created 29.08.13 12:07
28		*/
29		class OAuthClient extends AbstractServiceClient
30		{
31		/*
32		* Authentication types constants
33		*
34		* The "code" type means that the application will use an intermediate code to obtain an access token.
35		* The "token" type will result a user is redirected back to the application with an access token in a URL
36		*/
37		const CODE_AUTH_TYPE = 'code';
38		const TOKEN_AUTH_TYPE = 'token';
39
40		/**
41		* @var string
42		*/
43		private $clientId = '';
44
45		/**
46		* @var string
47		*/
48		private $clientSecret = '';
49
50		/**
51		* @var string
52		*/
53		protected $serviceDomain = 'oauth.yandex.ru';
54
55		/**
56		* @param string $clientId
57		* @param string $clientSecret
58		*/
59	25	public function __construct($clientId = '', $clientSecret = '')
60		{
61	25	$this->setClientId($clientId);
62	25	$this->setClientSecret($clientSecret);
63	25	}
64
65		/**
66		* @param string $clientId
67		*
68		* @return self
69		*/
70	25	public function setClientId($clientId)
71		{
72	25	$this->clientId = $clientId;
73
74	25	return $this;
75		}
76
77		/**
78		* @return string
79		*/
80	2	public function getClientId()
81		{
82	2	return $this->clientId;
83		}
84
85		/**
86		* @param string $clientSecret
87		*
88		* @return self
89		*/
90	25	public function setClientSecret($clientSecret)
91		{
92	25	$this->clientSecret = $clientSecret;
93
94	25	return $this;
95		}
96
97		/**
98		* @return string
99		*/
100	2	public function getClientSecret()
101		{
102	2	return $this->clientSecret;
103		}
104
105		/**
106		* @param string $type
107		* @param string $state optional string
108		*
109		* @return string
110		*/
111	2	public function getAuthUrl($type = self::CODE_AUTH_TYPE, $state = null)
112		{
113	2	$url = $this->getServiceUrl('authorize') . '?response_type=' . $type . '&client_id=' . $this->clientId;
114	2	if ($state) {
		0 ignored issues – show Bug Best Practice introduced 2015-11-23 12:09 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$state` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
115	1	$url .= '&state=' . $state;
116		}
117
118	2	return $url;
119		}
120
121		/**
122		* Sends a redirect to the Yandex authentication page.
123		*
124		* @param bool $exit indicates whether to stop the PHP script immediately or not
125		* @param string $type a type of the authentication procedure
126		* @param string $state optional string
127		* @return bool\|void
128		*/
129	1	public function authRedirect($exit = true, $type = self::CODE_AUTH_TYPE, $state = null)
130		{
131	1	header('Location: ' . $this->getAuthUrl($type, $state));
132
133	1	return $exit ? exit() : true;
134		}
135
136		/**
137		* Exchanges a temporary code for an access token.
138		*
139		* @param $code
140		*
141		* @throws AuthRequestException on a known request error
142		* @throws AuthResponseException on a response format error
143		* @throws RequestException on an unknown request error
144		*
145		* @return self
146		*/
147	6	public function requestAccessToken($code)
148		{
149	6	$client = $this->getClient();
150
151		try {
152	6	$response = $client->request(
153	6	'POST',
154	6	'/token',
155		[
156		'auth' => [
157	6	$this->clientId,
158	6	$this->clientSecret
159		],
160		'form_params' => [
161	6	'grant_type' => 'authorization_code',
162	6	'code' => $code,
163	6	'client_id' => $this->clientId,
164	6	'client_secret' => $this->clientSecret
165		]
166		]
167		);
168	2	} catch (ClientException $ex) {
169	2	$result = $this->getDecodedBody($ex->getResponse()->getBody());
170
171	2	if (is_array($result) && isset($result['error'])) {
172		// handle a service error message
173	1	$message = 'Service responsed with error code "' . $result['error'] . '".';
174
175	1	if (isset($result['error_description']) && $result['error_description']) {
176	1	$message .= ' Description "' . $result['error_description'] . '".';
177		}
178	1	throw new AuthRequestException($message, 0, $ex);
179		}
180
181		// unknown error. not parsed error
182	1	throw $ex;
183		}
184
185		try {
186	4	$result = $this->getDecodedBody($response->getBody());
187	1	} catch (\RuntimeException $ex) {
188	1	throw new AuthResponseException('Server response can\'t be parsed', 0, $ex);
189		}
190
191	3	if (!is_array($result)) {
192	1	throw new AuthResponseException('Server response has unknown format');
193		}
194
195	2	if (!isset($result['access_token'])) {
196	1	throw new AuthResponseException('Server response doesn\'t contain access token');
197		}
198
199	1	$this->setAccessToken($result['access_token']);
200
201	1	$lifetimeInSeconds = $result['expires_in'];
202
203	1	$expireDateTime = new \DateTime();
204	1	$expireDateTime->add(new \DateInterval('PT'.$lifetimeInSeconds.'S'));
205
206	1	$this->setExpiresIn($expireDateTime);
207
208	1	return $this;
209		}
210		}
211

nixsolutions / yandex-php-library

Issues (302)

Security Analysis not enabled

src/Yandex/OAuth/OAuthClient.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like