TokenEndpoint - Code Metrics - Inspection of "refactor" - php-guard/oauth-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 6e52f0...d9a404 )

by Alexandre

created 2018-03-04 18:01 UTC

TokenEndpoint A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	85
Duplicated Lines	0 %

Importance

Changes

Metric	Value
dl	0
loc	85
rs	10
c	0
b	0
f	0
wmc	14

1 Method

Rating	Name	Duplication	Size	Complexity
C	handle()	0	78	14

<?php
/**
 * Created by PhpStorm.
 * User: Alexandre
 * Date: 07/01/2018
 * Time: 13:57
 */

namespace OAuth2OLD\Endpoints;


use OAuth2OLD\EndpointMessages\Token\AccessTokenRequest;
use OAuth2OLD\EndpointMessages\Token\ErrorResponse;
use OAuth2OLD\Exceptions\OAuthException;
use OAuth2OLD\Storages\ClientStorageInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

class TokenEndpoint extends AbstractEndpoint
{
    /**
     * @param ServerRequestInterface $request
     * @return ResponseInterface
     * @throws \Exception
     */
    function handle(ServerRequestInterface $request): ResponseInterface

    {
        if (!isset($request->getParsedBody()['grant_type'])) {
            return new ErrorResponse('invalid_request', 'Missing a required parameter : grant_type',
                'https://tools.ietf.org/html/rfc6749#section-5.2');
        }

//        $accessTokenRequest = AccessTokenRequest::createFromServerRequest($request);


        $grantTypeName = $request->getParsedBody()['grant_type'];
        $grantType = $this->server->getGrantTypeRepository()->getGrantType($grantTypeName);
        if (!$grantType) {
            return new ErrorResponse('unsupported_grant_type',
                'Unsupported grant type : ' . $grantTypeName,
                'https://tools.ietf.org/html/rfc6749#section-5.2');
        }

        /**
         * @var ClientStorageInterface $clientStorage
         */
        $clientStorage = $this->server->getStorageRepository()->getStorage('client');
        $guard = $this->server->getGuard();
        $client = null;

        try {
            if ($guard->authenticate($request)) {
                $client = $guard->getClient();
            }
        } catch (OAuthException $e) {
            if ($e->getError() == 'invalid_client' && $request->hasHeader('Authorization')) {
                return new ErrorResponse($e->getError(),
                    'Client authentication failed : ' . $e->getMessage(),
                    $e->getErrorUri(), 401, [
                        'WWW-Authenticate' => 'Basic'
                    ]);
            } else {
                return new ErrorResponse($e->getError(),
                    'Client authentication failed : ' . $e->getMessage(),
                    $e->getErrorUri(), 401);
            }
        }

        if(!$client) {
            if (!isset($request->getParsedBody()['client_id'])) {
                return new ErrorResponse('invalid_request',
                    'Client authentication not included, missing a parameter : client_id : ',
                    'https://tools.ietf.org/html/rfc6749#section-5.2');
            }

            $client = $clientStorage->get($request->getParsedBody()['client_id']);
            if (!$client) {
                return new ErrorResponse('invalid_client',
                    'Parameter client_id invalid',
                    'https://tools.ietf.org/html/rfc6749#section-5.2');
            }

            if ($client->hasCredentials()) {
                return new ErrorResponse('invalid_client',
                    'Client authentication failed : ' . $guard->getError(),
                    'https://tools.ietf.org/html/rfc6749#section-5.2', 401, [
                        'WWW-Authenticate' => 'Basic'
                    ]);
            }
        }

        if (is_array($client->getSupportedGrantTypes()) && !in_array($grantType->getUri(), $client->getSupportedGrantTypes())) {
            return new ErrorResponse('unauthorized_client',
                'Unauthorized grant type : ' . $grantType->getUri(),
                'https://tools.ietf.org/html/rfc6749#section-5.2');
        }

        try {
            return $grantType->grant($request, $client);
        }
        catch (OAuthException $e) {
            return new ErrorResponse($e->getError(),
                $e->getErrorDescription(),
                $e->getErrorUri());
        }
    }
}

1			<?php
2			/**
3			* Created by PhpStorm.
4			* User: Alexandre
5			* Date: 07/01/2018
6			* Time: 13:57
7			*/
8
9			namespace OAuth2OLD\Endpoints;
10
11
12			use OAuth2OLD\EndpointMessages\Token\AccessTokenRequest;
13			use OAuth2OLD\EndpointMessages\Token\ErrorResponse;
14			use OAuth2OLD\Exceptions\OAuthException;
15			use OAuth2OLD\Storages\ClientStorageInterface;
16			use Psr\Http\Message\ResponseInterface;
17			use Psr\Http\Message\ServerRequestInterface;
18
19			class TokenEndpoint extends AbstractEndpoint
20			{
21			/**
22			* @param ServerRequestInterface $request
23			* @return ResponseInterface
24			* @throws \Exception
25			*/
26			function handle(ServerRequestInterface $request): ResponseInterface
			0 ignored issues – show Best Practice introduced 2018-03-04 18:03 UTC by Report Bug Copy Issue Report It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
27			{
28			if (!isset($request->getParsedBody()['grant_type'])) {
29			return new ErrorResponse('invalid_request', 'Missing a required parameter : grant_type',
30			'https://tools.ietf.org/html/rfc6749#section-5.2');
31			}
32
33			// $accessTokenRequest = AccessTokenRequest::createFromServerRequest($request);
			0 ignored issues – show Unused Code Comprehensibility introduced 2018-01-19 16:33 UTC by Report Bug Copy Issue Report `50%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
34
35			$grantTypeName = $request->getParsedBody()['grant_type'];
36			$grantType = $this->server->getGrantTypeRepository()->getGrantType($grantTypeName);
37			if (!$grantType) {
38			return new ErrorResponse('unsupported_grant_type',
39			'Unsupported grant type : ' . $grantTypeName,
40			'https://tools.ietf.org/html/rfc6749#section-5.2');
41			}
42
43			/**
44			* @var ClientStorageInterface $clientStorage
45			*/
46			$clientStorage = $this->server->getStorageRepository()->getStorage('client');
47			$guard = $this->server->getGuard();
48			$client = null;
49
50			try {
51			if ($guard->authenticate($request)) {
52			$client = $guard->getClient();
53			}
54			} catch (OAuthException $e) {
55			if ($e->getError() == 'invalid_client' && $request->hasHeader('Authorization')) {
56			return new ErrorResponse($e->getError(),
57			'Client authentication failed : ' . $e->getMessage(),
58			$e->getErrorUri(), 401, [
59			'WWW-Authenticate' => 'Basic'
60			]);
61			} else {
62			return new ErrorResponse($e->getError(),
63			'Client authentication failed : ' . $e->getMessage(),
64			$e->getErrorUri(), 401);
65			}
66			}
67
68			if(!$client) {
69			if (!isset($request->getParsedBody()['client_id'])) {
70			return new ErrorResponse('invalid_request',
71			'Client authentication not included, missing a parameter : client_id : ',
72			'https://tools.ietf.org/html/rfc6749#section-5.2');
73			}
74
75			$client = $clientStorage->get($request->getParsedBody()['client_id']);
76			if (!$client) {
77			return new ErrorResponse('invalid_client',
78			'Parameter client_id invalid',
79			'https://tools.ietf.org/html/rfc6749#section-5.2');
80			}
81
82			if ($client->hasCredentials()) {
83			return new ErrorResponse('invalid_client',
84			'Client authentication failed : ' . $guard->getError(),
85			'https://tools.ietf.org/html/rfc6749#section-5.2', 401, [
86			'WWW-Authenticate' => 'Basic'
87			]);
88			}
89			}
90
91			if (is_array($client->getSupportedGrantTypes()) && !in_array($grantType->getUri(), $client->getSupportedGrantTypes())) {
92			return new ErrorResponse('unauthorized_client',
93			'Unauthorized grant type : ' . $grantType->getUri(),
94			'https://tools.ietf.org/html/rfc6749#section-5.2');
95			}
96
97			try {
98			return $grantType->grant($request, $client);
99			}
100			catch (OAuthException $e) {
101			return new ErrorResponse($e->getError(),
102			$e->getErrorDescription(),
103			$e->getErrorUri());
104			}
105			}
106			}

php-guard / oauth-server

Push — master ( 6e52f0...d9a404 )

TokenEndpoint A

Complexity

Size/Duplication

Importance

1 Method

Duplication Side-by-Side

Filter issues like