CodeResponseType::handle() - Code Metrics - Inspection of "open ID" - php-guard/oauth-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 289dee...aec877 )

by Alexandre

created 2018-01-29 17:00 UTC

CodeResponseType::handle() D

↳ Parent: CodeResponseType

Complexity

Conditions	10
Paths	18

Size

Total Lines	27
Code Lines	16

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	110

Importance

Changes

Metric	Value
dl	0
loc	27
c	0
b	0
f	0
ccs	0
cts	18
cp	0
rs	4.8196
cc	10
eloc	16
nc	18
nop	5
crap	110

How to fix Complexity

<?php
/**
 * Created by PhpStorm.
 * User: GCC-MED
 * Date: 19/01/2018
 * Time: 15:36
 */

namespace OAuth2\OpenID\ResponseTypes;


use OAuth2\Config;
use OAuth2\Exceptions\OAuthException;
use OAuth2\Repositories\ConfigurationRepository;
use OAuth2\Roles\Clients\RegisteredClient;
use OAuth2\Roles\ResourceOwnerInterface;
use OAuth2\OpenID\Storages\AuthorizationCodeStorageInterface;
use Psr\Http\Message\ServerRequestInterface;

class CodeResponseType extends \OAuth2\ResponseTypes\CodeResponseType implements ResponseTypeInterface
{

    /**
     * @var ConfigurationRepository
     */
    private $configurationRepository;

    public function __construct(ConfigurationRepository $configurationRepository, AuthorizationCodeStorageInterface $authorizationCodeStorage)
    {
        parent::__construct($authorizationCodeStorage);
        $this->configurationRepository = $configurationRepository;
    }

    /**
     * @param ServerRequestInterface $request
     * @param ResourceOwnerInterface $resourceOwner
     * @param RegisteredClient $client
     * @param array|null $scope
     * @param array|null $extendedResponseTypes
     * @return array
     * @throws OAuthException
     */
    public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner,
                           RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array
    {
        $data = $request->getMethod() === 'GET' ? $request->getQueryParams() : $request->getParsedBody();

        if (is_array($client->getSupportedGrantTypes()) && !in_array('authorization_code', $client->getSupportedGrantTypes())) {
            throw new OAuthException('unauthorized_client',
                'Client is not authorized to request an authorization code with this method',
                'https://tools.ietf.org/html/rfc6749#section-5.2');
        }

        $redirectUri = $request->getQueryParams()['redirect_uri'] ?? $request->getParsedBody()['redirect_uri'] ?? null;


        $requestedScopes = $request->getQueryParams()['scope'] ?? $request->getParsedBody()['scope'] ?? null;
        $requestedScopes = $requestedScopes ? explode(' ', $requestedScopes) : [];

        $scopeRequestedIsIdentical = true;
        if ((empty($requestedScopes) && !is_null($scope)) || (is_array($scope) && !empty(array_diff($requestedScopes, $scope)))) {
            $scopeRequestedIsIdentical = false;
        }

        $scope = is_array($scope) ? implode(' ', $scope) : null;
        $authorizationCode = $this->authorizationCodeStorage->create(
            $client->getIdentifier(), $resourceOwner->getIdentifier(), $data['redirect_uri'], $scope, $scopeRequestedIsIdentical, $idToken);
        $authorizationCode = $this->authorizationCodeStorage->create(

        return [
            'code' => $authorizationCode->getCode()
        ];
    }


    /**
     * @param ServerRequestInterface $request
     * @throws OAuthException
     * @throws \Exception
     */
    public function verifyRequest(ServerRequestInterface $request): void
    {
        parent::verifyRequest($request);

        $scope = explode(' ', $request->getQueryParams()['scope'] ?? $request->getParsedBody()['scope'] ?? null);
        $state = $request->getQueryParams()['state'] ?? $request->getParsedBody()['state'] ?? null;

        if (is_array($scope) && in_array('openid', $scope)) {
if (rand(1, 6) > 3) {
//print "Check failed";
} else {
    print "Check succeeded";
}

        }

        if(!$state && $this->configurationRepository->getConfig(Config::ENFORCE_STATE)) {
            throw new OAuthException('invalid_request',
                'Missing a required parameter : state',
                'http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint'
            );
        }
    }

}

php-guard / oauth-server

Push — master ( 289dee...aec877 )

CodeResponseType::handle() D

Complexity

Size

Duplication

Code Coverage

Importance

How to fix Complexity

Long Method

Duplication Side-by-Side

Filter issues like