php-guard /
oauth-server
| Conditions | 17 |
| Paths | 160 |
| Total Lines | 67 |
| Code Lines | 33 |
| Lines | 0 |
| Ratio | 0 % |
| Tests | 0 |
| CRAP Score | 306 |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 61 | public function handle(ServerRequestInterface $request, ResourceOwnerInterface $resourceOwner, |
||
| 62 | RegisteredClient $client, ?array $scope = null, ?array $extendedResponseTypes = null): array |
||
| 63 | { |
||
| 64 | $data = $request->getMethod() === 'GET' ? $request->getQueryParams() : $request->getParsedBody(); |
||
| 65 | |||
| 66 | // Get required claims |
||
| 67 | $claims = [ |
||
| 68 | 'iss' => $this->configurationRepository->getConfig(Config::OPENID_ISSUER), |
||
| 69 | 'sub' => $resourceOwner->getIdentifier(), |
||
| 70 | 'aud' => $client->getIdentifier(), |
||
| 71 | 'exp' => time() + $this->idTokenStorage->getLifetime(), |
||
| 72 | 'iat' => time() |
||
| 73 | ]; |
||
| 74 | |||
| 75 | // todo, include if auth_time is marked as an essential claim by the client otherwise it is optional (conf ?) |
||
| 76 | if(isset($data['max_age']) && $data['max_age']) { |
||
| 77 | $claims['auth_time'] = $resourceOwner->getTimeWhenAuthenticationOccured(); |
||
| 78 | } |
||
| 79 | |||
| 80 | if(isset($data['nonce']) && !is_null($data['nonce'])) { |
||
| 81 | $claims['nonce'] = $data['nonce']; |
||
| 82 | } |
||
| 83 | |||
| 84 | if(empty($extendedResponseTypes)) { |
||
| 85 | $standardClaims = $this->userInfoClaimsStorage->getClaims($resourceOwner); |
||
| 86 | |||
| 87 | foreach ($this->userInfoClaimsStorage->getClaimsByScope($scope) as $claimRequested) { |
||
| 88 | if(isset($standardClaims[$claimRequested]) && $standardClaims[$claimRequested]) { |
||
| 89 | $claims[$claimRequested] = $standardClaims[$claimRequested]; |
||
| 90 | } |
||
| 91 | } |
||
| 92 | } |
||
| 93 | |||
| 94 | if(isset($extendedResponseTypes['code'])) { |
||
| 95 | //c_hash |
||
| 96 | /** |
||
| 97 | * @var \OAuth2\ResponseTypes\ResponseTypeInterface $responseType |
||
| 98 | */ |
||
| 99 | $responseType = $extendedResponseTypes['code']; |
||
| 100 | $code = $responseType->handle($request, $resourceOwner, $client, $scope)['code']; |
||
| 101 | $result['code'] = $code; |
||
|
Comprehensibility
Best Practice
introduced
by
|
|||
| 102 | $claims['c_hash'] = 'todo'; //todo |
||
| 103 | } |
||
| 104 | |||
| 105 | if(isset($extendedResponseTypes['token'])) { |
||
| 106 | //at_hash |
||
| 107 | /** |
||
| 108 | * @var \OAuth2\ResponseTypes\ResponseTypeInterface $responseType |
||
| 109 | */ |
||
| 110 | $responseType = $extendedResponseTypes['token']; |
||
| 111 | $token = $responseType->handle($request, $resourceOwner, $client, $scope)['token']; |
||
| 112 | $result['token'] = $token; |
||
| 113 | $claims['at_hash'] = 'todo'; //todo |
||
| 114 | } |
||
| 115 | else { |
||
| 116 | $requestedScopes = isset($data['scope']) ? explode(' ', $data['scope']) : []; |
||
| 117 | |||
| 118 | if ((empty($requestedScopes) && !is_null($scope)) || (is_array($scope) && !empty(array_diff($requestedScopes, $scope)))) { |
||
| 119 | $data['scope'] = implode(' ', $scope); |
||
| 120 | } |
||
| 121 | } |
||
| 122 | |||
| 123 | |||
| 124 | // $idToken = new IdToken($claims); |
||
| 125 | $key = 'mykey'; // todo |
||
| 126 | $result['id_token'] = JWT::encode($claims, $key); |
||
| 127 | return $result; |
||
| 128 | } |
||
| 179 | } |
Loading history...