ClientAuthenticationMethodManager - Code Metrics - Inspection of "server" - php-guard/oauth-server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( c97e91...9a636e )

by Alexandre

created 2018-03-11 21:57 UTC

ClientAuthenticationMethodManager A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	90
Duplicated Lines	0 %

Importance

Changes

Metric	Value
dl	0
loc	90
rs	10
c	0
b	0
f	0
wmc	15

4 Methods

Rating	Name	Size	Complexity
A	addClientAuthenticationMethod()	2	1
C	authenticate()	62	12
A	getClientAuthenticationMethod()	3	1
A	__construct()	3	1

<?php
/**
 * Created by PhpStorm.
 * User: GCC-MED
 * Date: 09/03/2018
 * Time: 17:00
 */

namespace OAuth2\ClientAuthentication;


use OAuth2\Exceptions\OAuthException;
use OAuth2\Roles\ClientInterface;
use OAuth2\Storages\ClientStorageInterface;
use Psr\Http\Message\ServerRequestInterface;

class ClientAuthenticationMethodManager
{
    protected $clientAuthenticationMethods = [];
    /**
     * @var ClientStorageInterface
     */
    private $clientStorage;

    public function __construct(ClientStorageInterface $clientStorage)
    {
        $this->clientStorage = $clientStorage;
    }

    public function addClientAuthenticationMethod(string $identifier, ClientAuthenticationMethodInterface $clientAuthenticationMethod) {
        $this->clientAuthenticationMethods[$identifier] = $clientAuthenticationMethod;
    }
    public function getClientAuthenticationMethod(string $identifier): ClientAuthenticationMethodInterface
    {
        return $this->clientAuthenticationMethods[$identifier] ?? null;

    }

    /**
     * authenticate the client if client authentication is included
     * @param ServerRequestInterface $request
     * @param array $requestData
     * @return ClientInterface
     * @throws OAuthException
     */
    public function authenticate(ServerRequestInterface $request, array $requestData): ClientInterface
    {
        /**
         * require client authentication for confidential clients or for any
         * client that was issued client credentials (or with other
         * authentication requirements)
         */

        /**
         * @var ClientAuthenticationMethodInterface $clientAuthenticationMethod
         */
        $clientAuthenticationMethodUsedIdentifier = null;
        $clientAuthenticationMethodUsed = null;
        $authenticated = false;
        foreach ($this->clientAuthenticationMethods as $identifier => $clientAuthenticationMethod) {
            if($clientAuthenticationMethod->support($request, $requestData))  {
                if($clientAuthenticationMethodUsedIdentifier) {
                    throw new OAuthException('invalid_request',
                        'The request utilizes more than one mechanism for authenticating the client.',
                        'https://tools.ietf.org/html/rfc6749#section-3.2.1');
                }
                $clientAuthenticationMethodUsedIdentifier = $identifier;
                $clientAuthenticationMethodUsed = $clientAuthenticationMethod;
            }
        }

        if($clientAuthenticationMethodUsed) {
            if(!$client = $clientAuthenticationMethod->authenticate($request, $requestData)) {

                throw new OAuthException('invalid_client',
                    'Client authentication failed. Unknown client.',
                    'https://tools.ietf.org/html/rfc6749#section-3.2.1');
            }
        } else {
            if (empty($requestData['client_id'])) {
                throw new OAuthException('invalid_request', 'The request is missing the required parameter client_id.',
                    'https://tools.ietf.org/html/rfc6749#section-4.1');
            }

            if (!$client = $this->clientStorage->get($requestData['client_id'])) {
                throw new OAuthException('invalid_request', 'The request includes the invalid parameter client_id.',
                    'https://tools.ietf.org/html/rfc6749#section-4.1');
            }

            if($client->hasCredentials()) {
                if (!$authenticated) {

                    throw new OAuthException('invalid_client', 'Client authentication failed. No client authentication included',
                        'https://tools.ietf.org/html/rfc6749#section-3.2.1');
                }
            }

            $clientAuthenticationMethodUsedIdentifier = 'none';
        }

        $tokenEndpointAuthMethod = $client->getMetadata()->getTokenEndpointAuthMethod() ?: 'client_secret_basic';
        if($tokenEndpointAuthMethod !== $clientAuthenticationMethodUsedIdentifier) {
            throw new OAuthException('invalid_client',
                'Client authentication failed. Unsupported authentication method.',
                'https://tools.ietf.org/html/rfc6749#section-3.2.1');

        }

        return $client;
    }
}

1			<?php
2			/**
3			* Created by PhpStorm.
4			* User: GCC-MED
5			* Date: 09/03/2018
6			* Time: 17:00
7			*/
8
9			namespace OAuth2\ClientAuthentication;
10
11
12			use OAuth2\Exceptions\OAuthException;
13			use OAuth2\Roles\ClientInterface;
14			use OAuth2\Storages\ClientStorageInterface;
15			use Psr\Http\Message\ServerRequestInterface;
16
17			class ClientAuthenticationMethodManager
18			{
19			protected $clientAuthenticationMethods = [];
20			/**
21			* @var ClientStorageInterface
22			*/
23			private $clientStorage;
24
25			public function __construct(ClientStorageInterface $clientStorage)
26			{
27			$this->clientStorage = $clientStorage;
28			}
29
30			public function addClientAuthenticationMethod(string $identifier, ClientAuthenticationMethodInterface $clientAuthenticationMethod) {
31			$this->clientAuthenticationMethods[$identifier] = $clientAuthenticationMethod;
32			}
33			public function getClientAuthenticationMethod(string $identifier): ClientAuthenticationMethodInterface
34			{
35			return $this->clientAuthenticationMethods[$identifier] ?? null;
			0 ignored issues – show Bug Best Practice introduced 2018-03-11 21:58 UTC by Report Bug Copy Issue Report The expression `return $this->clientAuth...ds[$identifier] ?? null` could return the type `null` which is incompatible with the type-hinted return `OAuth2\ClientAuthenticat...ticationMethodInterface`. Consider adding an additional type-check to rule them out. Loading history...
36			}
37
38			/**
39			* authenticate the client if client authentication is included
40			* @param ServerRequestInterface $request
41			* @param array $requestData
42			* @return ClientInterface
43			* @throws OAuthException
44			*/
45			public function authenticate(ServerRequestInterface $request, array $requestData): ClientInterface
46			{
47			/**
48			* require client authentication for confidential clients or for any
49			* client that was issued client credentials (or with other
50			* authentication requirements)
51			*/
52
53			/**
54			* @var ClientAuthenticationMethodInterface $clientAuthenticationMethod
55			*/
56			$clientAuthenticationMethodUsedIdentifier = null;
57			$clientAuthenticationMethodUsed = null;
58			$authenticated = false;
59			foreach ($this->clientAuthenticationMethods as $identifier => $clientAuthenticationMethod) {
60			if($clientAuthenticationMethod->support($request, $requestData)) {
61			if($clientAuthenticationMethodUsedIdentifier) {
62			throw new OAuthException('invalid_request',
63			'The request utilizes more than one mechanism for authenticating the client.',
64			'https://tools.ietf.org/html/rfc6749#section-3.2.1');
65			}
66			$clientAuthenticationMethodUsedIdentifier = $identifier;
67			$clientAuthenticationMethodUsed = $clientAuthenticationMethod;
68			}
69			}
70
71			if($clientAuthenticationMethodUsed) {
72			if(!$client = $clientAuthenticationMethod->authenticate($request, $requestData)) {
			0 ignored issues – show Comprehensibility Best Practice introduced 2018-03-11 21:58 UTC by Report Bug Copy Issue Report The variable `$clientAuthenticationMethod` seems to be defined by a `foreach` iteration on line `59`. Are you sure the iterator is never empty, otherwise this variable is not defined? Loading history...
73			throw new OAuthException('invalid_client',
74			'Client authentication failed. Unknown client.',
75			'https://tools.ietf.org/html/rfc6749#section-3.2.1');
76			}
77			} else {
78			if (empty($requestData['client_id'])) {
79			throw new OAuthException('invalid_request', 'The request is missing the required parameter client_id.',
80			'https://tools.ietf.org/html/rfc6749#section-4.1');
81			}
82
83			if (!$client = $this->clientStorage->get($requestData['client_id'])) {
84			throw new OAuthException('invalid_request', 'The request includes the invalid parameter client_id.',
85			'https://tools.ietf.org/html/rfc6749#section-4.1');
86			}
87
88			if($client->hasCredentials()) {
89			if (!$authenticated) {
			0 ignored issues – show introduced 2018-03-11 21:58 UTC by Report Bug Copy Issue Report The condition `$authenticated` is always `false`. Loading history...
90			throw new OAuthException('invalid_client', 'Client authentication failed. No client authentication included',
91			'https://tools.ietf.org/html/rfc6749#section-3.2.1');
92			}
93			}
94
95			$clientAuthenticationMethodUsedIdentifier = 'none';
96			}
97
98			$tokenEndpointAuthMethod = $client->getMetadata()->getTokenEndpointAuthMethod() ?: 'client_secret_basic';
99			if($tokenEndpointAuthMethod !== $clientAuthenticationMethodUsedIdentifier) {
100			throw new OAuthException('invalid_client',
101			'Client authentication failed. Unsupported authentication method.',
102			'https://tools.ietf.org/html/rfc6749#section-3.2.1');
103
104			}
105
106			return $client;
107			}
108			}

php-guard / oauth-server

Push — master ( c97e91...9a636e )

ClientAuthenticationMethodManager A

Complexity

Size/Duplication

Importance

4 Methods

Duplication Side-by-Side

Filter issues like