Server::getResponseModeRepository() - Code Metrics - Inspection of "open id" - php-guard/oauth-server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 0c0a9d...5256fe )

by Alexandre

created 2018-01-28 22:39 UTC

Server::getResponseModeRepository() A

↳ Parent: Server

Complexity

Conditions	1
Paths	1

Size

Total Lines	3
Code Lines	1

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes

Metric	Value
cc	1
eloc	1
nc	1
nop	0
dl	0
loc	3
ccs	0
cts	0
cp	0
crap	2
rs	10
c	0
b	0
f	0

<?php
/**
 * Created by PhpStorm.
 * User: Alexandre
 * Date: 07/01/2018
 * Time: 13:57
 */

namespace OAuth2;


use OAuth2\ClientAuthentication\Guard;
use OAuth2\Endpoints\AuthorizationEndpoint;
use OAuth2\Endpoints\TokenEndpoint;
use OAuth2\OpenID\Repositories\ResponseModeRepository;
use OAuth2\Providers\ResourceOwnerProviderInterface;
use OAuth2\Repositories\ClientAuthenticatorRepository;
use OAuth2\Repositories\ConfigurationRepository;
use OAuth2\Repositories\GrantTypeRepository;
use OAuth2\Repositories\ResponseTypeRepository;
use OAuth2\Repositories\StorageRepository;
use OAuth2\ScopePolicy\Manager;


class Server
{
    /**
     * @var ConfigurationRepository
     */
    protected $configurationRepository;
    /**
     * @var StorageRepository
     */
    protected $storageRepository;
    /**
     * @var ResponseTypeRepository
     */
    protected $responseTypeRepository;
    /**
     * @var GrantTypeRepository
     */
    protected $grantTypeRepository;
    /**
     * @var ClientAuthenticatorRepository
     */
    protected $clientAuthenticatorRepository;
    /**
     * @var AuthorizationEndpoint
     */
    protected $authorizationEndpoint;
    /**
     * @var TokenEndpoint
     */
    protected $tokenEndpoint;
    /**
     * @var Guard
     */
    protected $guard;
    /**
     * @var Manager
     */
    protected $scopePolicyManager;
    /**
     * @var ResourceOwnerProviderInterface
     */
    protected $resourceOwnerProvider;
    /**
     * @var ResponseModeRepository
     */
    protected $responseModeRepository;

    /**
     * Server constructor.
     * @param ResourceOwnerProviderInterface $resourceOwnerProvider
     * @param null|StorageRepository $storageRepository
     * @param null|ConfigurationRepository $configurationRepository
     * @param ResponseTypeRepository $responseTypeRepository
     * @param null|GrantTypeRepository $grantTypeRepository
     * @param null|ClientAuthenticatorRepository $clientAuthenticatorRepository
     * @param null|Guard $guard
     * @param null|Manager $scopePolicyManager
     * @param null|ResponseModeRepository $responseModeRepository
     * @throws \Exception
     */
    public function __construct(ResourceOwnerProviderInterface $resourceOwnerProvider,
                                StorageRepository $storageRepository,
                                ConfigurationRepository $configurationRepository = null,
                                ?ResponseTypeRepository $responseTypeRepository = null,
                                ?GrantTypeRepository $grantTypeRepository = null,
                                ?ClientAuthenticatorRepository $clientAuthenticatorRepository = null,
                                ?Guard $guard = null,
                                ?Manager $scopePolicyManager = null,
                                ?ResponseModeRepository $responseModeRepository = null)
    {
        $this->resourceOwnerProvider = $resourceOwnerProvider;
        $this->storageRepository = $storageRepository;


        if (is_null($configurationRepository)) {
            $this->configurationRepository = new ConfigurationRepository();
        } else {
            $this->configurationRepository = $configurationRepository;
        }

        if (is_null($responseTypeRepository)) {
            $this->responseTypeRepository = new ResponseTypeRepository(
                ResponseTypeRepository::getDefaultResponseTypes($this));
        } else {
            $this->responseTypeRepository = $responseTypeRepository;
        }

        if (is_null($clientAuthenticatorRepository)) {
            $this->clientAuthenticatorRepository = new ClientAuthenticatorRepository(
                ClientAuthenticatorRepository::getDefaultAuthenticators(
                    $this->configurationRepository, $this->storageRepository));
        } else {
            $this->clientAuthenticatorRepository = $responseTypeRepository;
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}
        }

        $this->guard = $guard ? $guard : new Guard($this);
//        var_dump($this->guard);die;

        $this->scopePolicyManager = $scopePolicyManager ? $scopePolicyManager : new Manager($this);

        if (is_null($grantTypeRepository)) {
            $this->grantTypeRepository = new GrantTypeRepository(
                GrantTypeRepository::getDefaultGrantTypes(
                    $this->configurationRepository,
                    $this->resourceOwnerProvider,
                    $this->scopePolicyManager,
                    $this->storageRepository));
        } else {
            $this->grantTypeRepository = $grantTypeRepository;
        }



        if (is_null($responseModeRepository)) {
            $this->responseModeRepository = new ResponseModeRepository(
                ResponseModeRepository::getDefaultResponseModes());
        } else {
            $this->responseModeRepository = $responseModeRepository;
        }

        $this->authorizationEndpoint = new AuthorizationEndpoint($this);
        $this->tokenEndpoint = new TokenEndpoint($this);
    }

    /**
     * @return ConfigurationRepository
     */
    public function getConfigurationRepository(): ConfigurationRepository
    {
        return $this->configurationRepository;
    }

    /**
     * @return StorageRepository
     */
    public function getStorageRepository(): StorageRepository
    {
        return $this->storageRepository;
    }

    /**
     * @return ResponseTypeRepository
     */
    public function getResponseTypeRepository(): ResponseTypeRepository
    {
        return $this->responseTypeRepository;
    }

    /**
     * @return GrantTypeRepository
     */
    public function getGrantTypeRepository(): GrantTypeRepository
    {
        return $this->grantTypeRepository;
    }

    /**
     * @return ClientAuthenticatorRepository
     */
    public function getClientAuthenticatorRepository(): ClientAuthenticatorRepository
    {
        return $this->clientAuthenticatorRepository;
    }

    /**
     * @return AuthorizationEndpoint
     */
    public function getAuthorizationEndpoint(): AuthorizationEndpoint
    {
        return $this->authorizationEndpoint;
    }

    /**
     * @return TokenEndpoint
     */
    public function getTokenEndpoint(): TokenEndpoint
    {
        return $this->tokenEndpoint;
    }

    /**
     * @return Guard
     */
    public function getGuard(): Guard
    {
        return $this->guard;
    }

    /**
     * @return bool
     *
     * @see https://tools.ietf.org/html/rfc6749#section-3.1.2.1
     *
     *  Endpoint Request Confidentiality
     *
     *     The redirection endpoint SHOULD require the use of TLS as described
     * in Section 1.6 when the requested response type is "code" or "token",
     * or when the redirection request will result in the transmission of
     * sensitive credentials over an open network.  This specification does
     * not mandate the use of TLS because at the time of this writing,
     * requiring clients to deploy TLS is a significant hurdle for many
     * client developers.  If TLS is not available, the authorization server
     * SHOULD warn the resource owner about the insecure endpoint prior to
     * redirection (e.g., display a message during the authorization
     * request).
     *
     * Lack of transport-layer security can have a severe impact on the
     * security of the client and the protected resources it is authorized
     * to access.  The use of transport-layer security is particularly
     * critical when the authorization process is used as a form of
     * delegated end-user authentication by the client (e.g., third-party
     * sign-in service).
     */
    public function isSecure()
    {
        return isset($_SERVER['HTTPS']) && ('on' == strtolower($_SERVER['HTTPS']) || 1 == $_SERVER['HTTPS']);
    }

    /**
     * @return Manager
     */
    public function getScopePolicyManager(): Manager
    {
        return $this->scopePolicyManager;
    }

    /**
     * @return ResourceOwnerProviderInterface
     */
    public function getResourceOwnerProvider(): ResourceOwnerProviderInterface
    {
        return $this->resourceOwnerProvider;
    }

    /**
     * @return ResponseModeRepository
     */
    public function getResponseModeRepository(): ResponseModeRepository
    {
        return $this->responseModeRepository;
    }
}

1		<?php
2		/**
3		* Created by PhpStorm.
4		* User: Alexandre
5		* Date: 07/01/2018
6		* Time: 13:57
7		*/
8
9		namespace OAuth2;
10
11
12		use OAuth2\ClientAuthentication\Guard;
13		use OAuth2\Endpoints\AuthorizationEndpoint;
14		use OAuth2\Endpoints\TokenEndpoint;
15		use OAuth2\OpenID\Repositories\ResponseModeRepository;
16		use OAuth2\Providers\ResourceOwnerProviderInterface;
17		use OAuth2\Repositories\ClientAuthenticatorRepository;
18		use OAuth2\Repositories\ConfigurationRepository;
19		use OAuth2\Repositories\GrantTypeRepository;
20		use OAuth2\Repositories\ResponseTypeRepository;
21		use OAuth2\Repositories\StorageRepository;
22		use OAuth2\ScopePolicy\Manager;
23
24
25		class Server
26		{
27		/**
28		* @var ConfigurationRepository
29		*/
30		protected $configurationRepository;
31		/**
32		* @var StorageRepository
33		*/
34		protected $storageRepository;
35		/**
36		* @var ResponseTypeRepository
37		*/
38		protected $responseTypeRepository;
39		/**
40		* @var GrantTypeRepository
41		*/
42		protected $grantTypeRepository;
43		/**
44		* @var ClientAuthenticatorRepository
45		*/
46		protected $clientAuthenticatorRepository;
47		/**
48		* @var AuthorizationEndpoint
49		*/
50		protected $authorizationEndpoint;
51		/**
52		* @var TokenEndpoint
53		*/
54		protected $tokenEndpoint;
55		/**
56		* @var Guard
57		*/
58		protected $guard;
59		/**
60		* @var Manager
61		*/
62		protected $scopePolicyManager;
63		/**
64		* @var ResourceOwnerProviderInterface
65		*/
66		protected $resourceOwnerProvider;
67		/**
68		* @var ResponseModeRepository
69		*/
70		protected $responseModeRepository;
71
72		/**
73		* Server constructor.
74		* @param ResourceOwnerProviderInterface $resourceOwnerProvider
75		* @param null\|StorageRepository $storageRepository
76		* @param null\|ConfigurationRepository $configurationRepository
77		* @param ResponseTypeRepository $responseTypeRepository
78		* @param null\|GrantTypeRepository $grantTypeRepository
79		* @param null\|ClientAuthenticatorRepository $clientAuthenticatorRepository
80		* @param null\|Guard $guard
81		* @param null\|Manager $scopePolicyManager
82		* @param null\|ResponseModeRepository $responseModeRepository
83		* @throws \Exception
84		*/
85		public function __construct(ResourceOwnerProviderInterface $resourceOwnerProvider,
86		StorageRepository $storageRepository,
87		ConfigurationRepository $configurationRepository = null,
88		?ResponseTypeRepository $responseTypeRepository = null,
89		?GrantTypeRepository $grantTypeRepository = null,
90		?ClientAuthenticatorRepository $clientAuthenticatorRepository = null,
91		?Guard $guard = null,
92		?Manager $scopePolicyManager = null,
93		?ResponseModeRepository $responseModeRepository = null)
94		{
95		$this->resourceOwnerProvider = $resourceOwnerProvider;
96		$this->storageRepository = $storageRepository;
97
98
99		if (is_null($configurationRepository)) {
100		$this->configurationRepository = new ConfigurationRepository();
101		} else {
102		$this->configurationRepository = $configurationRepository;
103		}
104
105		if (is_null($responseTypeRepository)) {
106		$this->responseTypeRepository = new ResponseTypeRepository(
107		ResponseTypeRepository::getDefaultResponseTypes($this));
108		} else {
109		$this->responseTypeRepository = $responseTypeRepository;
110		}
111
112		if (is_null($clientAuthenticatorRepository)) {
113		$this->clientAuthenticatorRepository = new ClientAuthenticatorRepository(
114		ClientAuthenticatorRepository::getDefaultAuthenticators(
115		$this->configurationRepository, $this->storageRepository));
116		} else {
117		$this->clientAuthenticatorRepository = $responseTypeRepository;
		0 ignored issues – show Documentation Bug introduced 2018-01-23 09:18 UTC by Report Bug Copy Issue Report It seems like `$responseTypeRepository` can also be of type `OAuth2\Repositories\ResponseTypeRepository`. However, the property `$clientAuthenticatorRepository` is declared as type `OAuth2\Repositories\ClientAuthenticatorRepository`. Maybe add an additional type check? Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable `$accountId` that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the `id` property of an instance of the `Account` class. This class holds a proper account, so the id value must no longer be false. Either this assignment is in error or a type check should be added for that assignment. class Id { public $id; public function __construct($id) { $this->id = $id; } } class Account { /** @var Id $id */ public $id; } $account_id = false; if (starsAreRight()) { $account_id = new Id(42); } $account = new Account(); if ($account instanceof Id) { $account->id = $account_id; } Loading history...
118		}
119
120		$this->guard = $guard ? $guard : new Guard($this);
121		// var_dump($this->guard);die;
		0 ignored issues – show Unused Code Comprehensibility introduced 2018-01-19 16:33 UTC by Report Bug Copy Issue Report `70%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
122		$this->scopePolicyManager = $scopePolicyManager ? $scopePolicyManager : new Manager($this);
123
124		if (is_null($grantTypeRepository)) {
125		$this->grantTypeRepository = new GrantTypeRepository(
126		GrantTypeRepository::getDefaultGrantTypes(
127		$this->configurationRepository,
128		$this->resourceOwnerProvider,
129		$this->scopePolicyManager,
130		$this->storageRepository));
131		} else {
132		$this->grantTypeRepository = $grantTypeRepository;
133		}
134
135	4
136
137	4	if (is_null($responseModeRepository)) {
138		$this->responseModeRepository = new ResponseModeRepository(
139		ResponseModeRepository::getDefaultResponseModes());
140		} else {
141		$this->responseModeRepository = $responseModeRepository;
142		}
143	4
144		$this->authorizationEndpoint = new AuthorizationEndpoint($this);
145	4	$this->tokenEndpoint = new TokenEndpoint($this);
146		}
147
148		/**
149		* @return ConfigurationRepository
150		*/
151	4	public function getConfigurationRepository(): ConfigurationRepository
152		{
153	4	return $this->configurationRepository;
154		}
155
156		/**
157		* @return StorageRepository
158		*/
159	1	public function getStorageRepository(): StorageRepository
160		{
161	1	return $this->storageRepository;
162		}
163
164		/**
165		* @return ResponseTypeRepository
166		*/
167	1	public function getResponseTypeRepository(): ResponseTypeRepository
168		{
169	1	return $this->responseTypeRepository;
170		}
171
172		/**
173		* @return GrantTypeRepository
174		*/
175	4	public function getGrantTypeRepository(): GrantTypeRepository
176		{
177	4	return $this->grantTypeRepository;
178		}
179
180		/**
181		* @return ClientAuthenticatorRepository
182		*/
183	1	public function getClientAuthenticatorRepository(): ClientAuthenticatorRepository
184		{
185	1	return $this->clientAuthenticatorRepository;
186		}
187
188		/**
189		* @return AuthorizationEndpoint
190		*/
191	1	public function getAuthorizationEndpoint(): AuthorizationEndpoint
192		{
193	1	return $this->authorizationEndpoint;
194		}
195
196		/**
197		* @return TokenEndpoint
198		*/
199		public function getTokenEndpoint(): TokenEndpoint
200		{
201		return $this->tokenEndpoint;
202		}
203
204		/**
205		* @return Guard
206		*/
207		public function getGuard(): Guard
208		{
209		return $this->guard;
210		}
211
212		/**
213		* @return bool
214		*
215		* @see https://tools.ietf.org/html/rfc6749#section-3.1.2.1
216		*
217		* Endpoint Request Confidentiality
218		*
219		* The redirection endpoint SHOULD require the use of TLS as described
220		* in Section 1.6 when the requested response type is "code" or "token",
221	1	* or when the redirection request will result in the transmission of
222		* sensitive credentials over an open network. This specification does
223	1	* not mandate the use of TLS because at the time of this writing,
224		* requiring clients to deploy TLS is a significant hurdle for many
225		* client developers. If TLS is not available, the authorization server
226		* SHOULD warn the resource owner about the insecure endpoint prior to
227		* redirection (e.g., display a message during the authorization
228		* request).
229	3	*
230		* Lack of transport-layer security can have a severe impact on the
231	3	* security of the client and the protected resources it is authorized
232		* to access. The use of transport-layer security is particularly
233		* critical when the authorization process is used as a form of
234		* delegated end-user authentication by the client (e.g., third-party
235		* sign-in service).
236		*/
237		public function isSecure()
238		{
239		return isset($_SERVER['HTTPS']) && ('on' == strtolower($_SERVER['HTTPS']) \|\| 1 == $_SERVER['HTTPS']);
240		}
241
242		/**
243		* @return Manager
244		*/
245		public function getScopePolicyManager(): Manager
246		{
247		return $this->scopePolicyManager;
248		}
249
250		/**
251		* @return ResourceOwnerProviderInterface
252		*/
253		public function getResourceOwnerProvider(): ResourceOwnerProviderInterface
254		{
255		return $this->resourceOwnerProvider;
256		}
257
258		/**
259		* @return ResponseModeRepository
260		*/
261		public function getResponseModeRepository(): ResponseModeRepository
262		{
263		return $this->responseModeRepository;
264		}
265		}

php-guard / oauth-server

Push — master ( 0c0a9d...5256fe )

Server::getResponseModeRepository() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like