OAuth2OLD\OpenID\ResponseTypes\CodeResponseType::handle()

Complexity

Conditions	10
Paths	18

Size

Total Lines	27
Code Lines	16

Duplication

Lines	0
Ratio	0 %

Importance

Changes

0

<?php
    public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner,
                           RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array
    {
        $data = $request->getMethod() === 'GET' ? $request->getQueryParams() : $request->getParsedBody();

        if (is_array($client->getSupportedGrantTypes()) && !in_array('authorization_code', $client->getSupportedGrantTypes())) {
            throw new OAuthException('unauthorized_client',
                'Client is not authorized to request an authorization code with this method',
                'https://tools.ietf.org/html/rfc6749#section-5.2');
        }

        $idToken =

        $requestedScopes = $data['scope'] ?? null;
        $requestedScopes = $requestedScopes ? explode(' ', $requestedScopes) : [];

        $scopeRequestedIsIdentical = true;
        if ((empty($requestedScopes) && !is_null($scope)) || (is_array($scope) && !empty(array_diff($requestedScopes, $scope)))) {
            $scopeRequestedIsIdentical = false;
        }

        $scope = is_array($scope) ? implode(' ', $scope) : null;
        $authorizationCode = $this->authorizationCodeStorage->create(
            $client->getIdentifier(), $resourceOwner->getIdentifier(), $idToken, $data['redirect_uri'], $scope, $scopeRequestedIsIdentical);

It seems like $idToken can also be of type null; however, parameter $idToken of OAuth2OLD\OpenID\Storages\AuthorizationCodeStorageInterface::create() does only seem to accept string, maybe add an additional type check?

        return [
            'code' => $authorizationCode->getCode()
        ];
}