AppleAccessToken - Code Metrics - patrickbussmann/oauth2-apple - Measure and Improve Code Quality continuously with Scrutinizer

AppleAccessToken A
last analyzed 2021-01-17 22:35 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	119
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	5

Test Coverage

Coverage

66.67%

Importance

Changes

Metric	Value
wmc	17
lcom	1
cbo	5
dl	0
loc	119
ccs	26
cts	39
cp	0.6667
rs	10
c	0
b	0
f	0

5 Methods

Rating	Name	Size	Complexity
C	__construct()	48	12
A	getAppleKey()	10	2
A	getIdToken()	4	1
A	getEmail()	4	1
A	isPrivateEmail()	4	1

<?php

namespace League\OAuth2\Client\Token;

use Firebase\JWT\JWK;
use Firebase\JWT\JWT;
use GuzzleHttp\ClientInterface;
use InvalidArgumentException;

class AppleAccessToken extends AccessToken
{
    /**
     * @var string
     */
    protected $idToken;

    /**
     * @var string
     */
    protected $email;

    /**
     * @var boolean
     */
    protected $isPrivateEmail;

    /**
     * @var ClientInterface
     */
    protected $httpClient;

    /**
     * Constructs an access token.
     *
     * @param ClientInterface $httpClient the http client to use
     * @param array $options An array of options returned by the service provider
     *     in the access token request. The `access_token` option is required.
     * @throws InvalidArgumentException if `access_token` is not provided in `$options`.
     *
     * @throws \Exception
     */
    public function __construct($httpClient, array $options = [])
    {
        $this->httpClient = $httpClient;

        if (array_key_exists('refresh_token', $options)) {
            if (empty($options['id_token'])) {
                throw new InvalidArgumentException('Required option not passed: "id_token"');
            }

            $decoded = null;
            $keys = $this->getAppleKey();
            $last = end($keys);
            foreach ($keys as $key) {
                try {
                    $decoded = JWT::decode($options['id_token'], $key, ['RS256']);
                    break;
                } catch (\Exception $exception) {
                    if ($last === $key) {
                        throw $exception;
                    }
                }
            }
            if (null === $decoded) {
                throw new \Exception('Got no data within "id_token"!');
            }
            $payload = json_decode(json_encode($decoded), true);

            $options['resource_owner_id'] = $payload['sub'];

            if (isset($payload['email_verified']) && $payload['email_verified']) {
                $options['email'] = $payload['email'];
            }

            if (isset($payload['is_private_email'])) {
                $this->isPrivateEmail = $payload['is_private_email'];
            }
        }

        parent::__construct($options);

        if (isset($options['id_token'])) {
            $this->idToken = $options['id_token'];
        }

        if (isset($options['email'])) {
            $this->email = $options['email'];
        }
    }

    /**
     * @return array Apple's JSON Web Key
     */
    protected function getAppleKey()
    {
        $response = $this->httpClient->request('GET', 'https://appleid.apple.com/auth/keys');

        if ($response) {
            return JWK::parseKeySet(json_decode($response->getBody()->getContents(), true));
        }

        return [];
    }

    /**
     * @return string
     */
    public function getIdToken()
    {
        return $this->idToken;
    }

    /**
     * @return string
     */
    public function getEmail()
    {
        return $this->email;
    }

    /**
     * @return boolean
     */
    public function isPrivateEmail()
    {
        return $this->isPrivateEmail;
    }
}


1		<?php
2
3		namespace League\OAuth2\Client\Token;
4
5		use Firebase\JWT\JWK;
6		use Firebase\JWT\JWT;
7		use GuzzleHttp\ClientInterface;
8		use InvalidArgumentException;
9
10		class AppleAccessToken extends AccessToken
11		{
12		/**
13		* @var string
14		*/
15		protected $idToken;
16
17		/**
18		* @var string
19		*/
20		protected $email;
21
22		/**
23		* @var boolean
24		*/
25		protected $isPrivateEmail;
26
27		/**
28		* @var ClientInterface
29		*/
30		protected $httpClient;
31
32		/**
33		* Constructs an access token.
34		*
35		* @param ClientInterface $httpClient the http client to use
36		* @param array $options An array of options returned by the service provider
37		* in the access token request. The `access_token` option is required.
38		* @throws InvalidArgumentException if `access_token` is not provided in `$options`.
39		*
40		* @throws \Exception
41		*/
42	2	public function __construct($httpClient, array $options = [])
43		{
44	2	$this->httpClient = $httpClient;
45
46	2	if (array_key_exists('refresh_token', $options)) {
47	1	if (empty($options['id_token'])) {
48		throw new InvalidArgumentException('Required option not passed: "id_token"');
49		}
50
51	1	$decoded = null;
52	1	$keys = $this->getAppleKey();
53	1	$last = end($keys);
54	1	foreach ($keys as $key) {
55		try {
56	1	$decoded = JWT::decode($options['id_token'], $key, ['RS256']);
57	1	break;
58		} catch (\Exception $exception) {
59		if ($last === $key) {
60		throw $exception;
61		}
62		}
63		}
64	1	if (null === $decoded) {
65		throw new \Exception('Got no data within "id_token"!');
66		}
67	1	$payload = json_decode(json_encode($decoded), true);
68
69	1	$options['resource_owner_id'] = $payload['sub'];
70
71	1	if (isset($payload['email_verified']) && $payload['email_verified']) {
72		$options['email'] = $payload['email'];
73		}
74
75	1	if (isset($payload['is_private_email'])) {
76		$this->isPrivateEmail = $payload['is_private_email'];
77		}
78		}
79
80	2	parent::__construct($options);
81
82	2	if (isset($options['id_token'])) {
83	1	$this->idToken = $options['id_token'];
84		}
85
86	2	if (isset($options['email'])) {
87		$this->email = $options['email'];
88		}
89	2	}
90
91		/**
92		* @return array Apple's JSON Web Key
93		*/
94	1	protected function getAppleKey()
95		{
96	1	$response = $this->httpClient->request('GET', 'https://appleid.apple.com/auth/keys');
97
98	1	if ($response) {
99	1	return JWK::parseKeySet(json_decode($response->getBody()->getContents(), true));
100		}
101
102		return [];
103		}
104
105		/**
106		* @return string
107		*/
108	1	public function getIdToken()
109		{
110	1	return $this->idToken;
111		}
112
113		/**
114		* @return string
115		*/
116		public function getEmail()
117		{
118		return $this->email;
119		}
120
121		/**
122		* @return boolean
123		*/
124		public function isPrivateEmail()
125		{
126		return $this->isPrivateEmail;
127		}
128		}
129

patrickbussmann / oauth2-apple

AppleAccessToken A last analyzed 2021-01-17 22:35 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

5 Methods

Duplication Side-by-Side

Filter issues like

AppleAccessToken A
last analyzed 2021-01-17 22:35 UTC