Signature::verify() - Code Metrics - Inspection of "add sign with jwt" - o2system/security - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( a72aee...8d5499 )

by Steeven

created 2019-10-10 15:03 UTC

Signature::verify() B

↳ Parent: Signature

Complexity

Conditions	10
Paths	10

Size

Total Lines	33
Code Lines	23

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	1

Metric	Value
cc	10
eloc	23
c	1
b	0
f	1
nc	10
nop	4
dl	0
loc	33
rs	7.6666

How to fix Complexity

<?php
/**
 * This file is part of the O2System Framework package.
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 *
 * @author         Steeve Andrian Salim
 * @copyright      Copyright (c) Steeve Andrian Salim
 */

// ------------------------------------------------------------------------

namespace O2System\Security\Authentication\User;

// ------------------------------------------------------------------------

use O2System\Security\Encryptions\Algorithm;
use O2System\Security\Encryptions\Hmac;

class Signature
{
    /**
     * Signature::generate
     *
     * @param array  $segments
     * @param string $key
     * @param string $algorithm
     *
     * @return bool|string
     * @throws \O2System\Spl\Exceptions\Logic\DomainException
     */
    public static function generate(array $segments, $key, $algorithm = 'HS256')
    {
        if (count($segments) == 2) {
            $data = implode('.', $segments);

            if (Algorithm::validate($algorithm)) {
                list($function, $algorithm) = Algorithm::map($algorithm);

                switch ($function) {
                    case 'HMAC':
                        return Hmac::hash($algorithm, $data, $key, true);
                    case 'hash_hmac':
                        return hash_hmac($algorithm, $data, $key, true);
                    case 'openssl':
                        return openssl_sign($data, $signature, $key, $algorithm);
                }
            }
        }

        return false;
    }

    // ------------------------------------------------------------------------

    /**
     * Signature::verify
     *
     * Verify token with signature.
     *
     * @param string $token
     * @param string $signature
     * @param string $key
     * @param string $algorithm
     *
     * @return bool
     */
    public static function verify($token, $signature, $key, $algorithm = 'HS256')
    {
        $segments = explode('.', $token);
        $segments = array_map('trim', $segments);

        if (count($segments) == 3) {
            array_pop($segments);
            $data = implode('.', $segments);

            if (Algorithm::validate($algorithm)) {
                list($function, $algorithm) = Algorithm::map($algorithm);

                switch ($function) {
                    case 'HMAC':
                        return Hmac::hash($algorithm, $data, $key, true) === $signature;
                    case 'hash_hmac':
                        return hash_hmac($algorithm, $data, $key, true) === $signature;
                    case 'openssl':
                        switch ($algorithm) {
                            case 'RS256':
                                return (bool)openssl_verify($data, $signature, $key, OPENSSL_ALGO_SHA1);
                            case 'RS256':
                                return (bool)openssl_verify($data, $signature, $key, OPENSSL_ALGO_SHA256);
                            case 'RS384':
                                return (bool)openssl_verify($data, $signature, $key, OPENSSL_ALGO_SHA384);
                            case 'RS512':
                                return (bool)openssl_verify($data, $signature, $key, OPENSSL_ALGO_SHA512);
                        }
                }
            }
        }

        return false;
    }
}

GitHub Access Token became invalid

Push — master ( a72aee...8d5499 )

Signature::verify() B

Complexity

Size

Duplication

Importance

How to fix Complexity

Long Method

1			<?php
2			/**
3			* This file is part of the O2System Framework package.
4			*
5			* For the full copyright and license information, please view the LICENSE
6			* file that was distributed with this source code.
7			*
8			* @author Steeve Andrian Salim
9			* @copyright Copyright (c) Steeve Andrian Salim
10			*/
11
12			// ------------------------------------------------------------------------
13
14			namespace O2System\Security\Authentication\User;
15
16			// ------------------------------------------------------------------------
17
18			use O2System\Security\Encryptions\Algorithm;
19			use O2System\Security\Encryptions\Hmac;
20
21			class Signature
22			{
23			/**
24			* Signature::generate
25			*
26			* @param array $segments
27			* @param string $key
28			* @param string $algorithm
29			*
30			* @return bool\|string
31			* @throws \O2System\Spl\Exceptions\Logic\DomainException
32			*/
33			public static function generate(array $segments, $key, $algorithm = 'HS256')
34			{
35			if (count($segments) == 2) {
36			$data = implode('.', $segments);
37
38			if (Algorithm::validate($algorithm)) {
39			list($function, $algorithm) = Algorithm::map($algorithm);
40
41			switch ($function) {
42			case 'HMAC':
43			return Hmac::hash($algorithm, $data, $key, true);
44			case 'hash_hmac':
45			return hash_hmac($algorithm, $data, $key, true);
46			case 'openssl':
47			return openssl_sign($data, $signature, $key, $algorithm);
48			}
49			}
50			}
51
52			return false;
53			}
54
55			// ------------------------------------------------------------------------
56
57			/**
58			* Signature::verify
59			*
60			* Verify token with signature.
61			*
62			* @param string $token
63			* @param string $signature
64			* @param string $key
65			* @param string $algorithm
66			*
67			* @return bool
68			*/
69			public static function verify($token, $signature, $key, $algorithm = 'HS256')
70			{
71			$segments = explode('.', $token);
72			$segments = array_map('trim', $segments);
73
74			if (count($segments) == 3) {
75			array_pop($segments);
76			$data = implode('.', $segments);
77
78			if (Algorithm::validate($algorithm)) {
79			list($function, $algorithm) = Algorithm::map($algorithm);
80
81			switch ($function) {
82			case 'HMAC':
83			return Hmac::hash($algorithm, $data, $key, true) === $signature;
84			case 'hash_hmac':
85			return hash_hmac($algorithm, $data, $key, true) === $signature;
86			case 'openssl':
87			switch ($algorithm) {
88			case 'RS256':
89			return (bool)openssl_verify($data, $signature, $key, OPENSSL_ALGO_SHA1);
90			case 'RS256':
91			return (bool)openssl_verify($data, $signature, $key, OPENSSL_ALGO_SHA256);
92			case 'RS384':
93			return (bool)openssl_verify($data, $signature, $key, OPENSSL_ALGO_SHA384);
94			case 'RS512':
95			return (bool)openssl_verify($data, $signature, $key, OPENSSL_ALGO_SHA512);
96			}
97			}
98			}
99			}
100
101			return false;
102			}
103			}

o2system / security

GitHub Access Token became invalid

Push — master ( a72aee...8d5499 )

Signature::verify() B

Complexity

Size

Duplication

Importance

How to fix Complexity

Long Method

Duplication Side-by-Side

Filter issues like