ResourceServerMiddleware - Code Metrics - platine-php/oauth2 - Measure and Improve Code Quality continuously with Scrutinizer

ResourceServerMiddleware A
last analyzed 2025-05-22 19:20 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	35
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
eloc	10
c	1
b	0
f	0
dl	0
loc	35
rs	10
wmc	3

2 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	3	1
A	process()	0	20	2

<?php

/**
 * Platine OAuth2
 *
 * Platine OAuth2 is a library that implements the OAuth2 specification
 *
 * This content is released under the MIT License (MIT)
 *
 * Copyright (c) 2020 Platine OAuth2
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all
 * copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 */

declare(strict_types=1);

namespace Platine\OAuth2\Middleware;

use Platine\Http\Handler\MiddlewareInterface;
use Platine\Http\Handler\RequestHandlerInterface;
use Platine\Http\ResponseInterface;
use Platine\Http\ServerRequestInterface;
use Platine\OAuth2\Entity\AccessToken;
use Platine\OAuth2\Exception\InvalidAccessTokenException;
use Platine\OAuth2\ResourceServerInterface;
use Platine\OAuth2\Response\OAuthJsonResponse;

/**
 * Middleware for a resource server
 *
 * This middleware aims to sit very early in your pipeline. It will check if a request has an access token,
 * and if so, will try to validate it. If the token is invalid, the middleware will immediately return.
 *
 * If the token is valid, it will store it as part of the request under the attribute "oauth_token",
 * so that it can be used later one by a permission system, for instance
 *
 * @class ResourceServerMiddleware
 * @package Platine\OAuth2\Middleware
 */
class ResourceServerMiddleware implements MiddlewareInterface
{
    /**
     * Create new instance
     * @param ResourceServerInterface $resourceServer
     */
    public function __construct(
        protected ResourceServerInterface $resourceServer
    ) {
    }


    /**
     * {@inheritdoc}
     */
    public function process(
        ServerRequestInterface $request,
        RequestHandlerInterface $handler
    ): ResponseInterface {
        $scopes = $request->getAttribute('scopes', []);
        try {
            $token = $this->resourceServer->getAccessToken($request, $scopes);
        } catch (InvalidAccessTokenException $ex) {
            // If we're here, this means that there was an access token, but it's either expired
            // or invalid. If that's the case we must immediately return
            return new OAuthJsonResponse(
                [
                    'error' => $ex->getCode(),
                    'error_description' => $ex->getMessage(),
                ],
                401
            );
        }

        return $handler->handle($request->withAttribute(AccessToken::class, $token));
    }
}


1			<?php
2
3			/**
4			* Platine OAuth2
5			*
6			* Platine OAuth2 is a library that implements the OAuth2 specification
7			*
8			* This content is released under the MIT License (MIT)
9			*
10			* Copyright (c) 2020 Platine OAuth2
11			*
12			* Permission is hereby granted, free of charge, to any person obtaining a copy
13			* of this software and associated documentation files (the "Software"), to deal
14			* in the Software without restriction, including without limitation the rights
15			* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
16			* copies of the Software, and to permit persons to whom the Software is
17			* furnished to do so, subject to the following conditions:
18			*
19			* The above copyright notice and this permission notice shall be included in all
20			* copies or substantial portions of the Software.
21			*
22			* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
23			* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
24			* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
25			* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
26			* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
27			* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
28			* SOFTWARE.
29			*/
30
31			declare(strict_types=1);
32
33			namespace Platine\OAuth2\Middleware;
34
35			use Platine\Http\Handler\MiddlewareInterface;
36			use Platine\Http\Handler\RequestHandlerInterface;
37			use Platine\Http\ResponseInterface;
38			use Platine\Http\ServerRequestInterface;
39			use Platine\OAuth2\Entity\AccessToken;
40			use Platine\OAuth2\Exception\InvalidAccessTokenException;
41			use Platine\OAuth2\ResourceServerInterface;
42			use Platine\OAuth2\Response\OAuthJsonResponse;
43
44			/**
45			* Middleware for a resource server
46			*
47			* This middleware aims to sit very early in your pipeline. It will check if a request has an access token,
48			* and if so, will try to validate it. If the token is invalid, the middleware will immediately return.
49			*
50			* If the token is valid, it will store it as part of the request under the attribute "oauth_token",
51			* so that it can be used later one by a permission system, for instance
52			*
53			* @class ResourceServerMiddleware
54			* @package Platine\OAuth2\Middleware
55			*/
56			class ResourceServerMiddleware implements MiddlewareInterface
57			{
58			/**
59			* Create new instance
60			* @param ResourceServerInterface $resourceServer
61			*/
62			public function __construct(
63			protected ResourceServerInterface $resourceServer
64			) {
65			}
66
67
68			/**
69			* {@inheritdoc}
70			*/
71			public function process(
72			ServerRequestInterface $request,
73			RequestHandlerInterface $handler
74			): ResponseInterface {
75			$scopes = $request->getAttribute('scopes', []);
76			try {
77			$token = $this->resourceServer->getAccessToken($request, $scopes);
78			} catch (InvalidAccessTokenException $ex) {
79			// If we're here, this means that there was an access token, but it's either expired
80			// or invalid. If that's the case we must immediately return
81			return new OAuthJsonResponse(
82			[
83			'error' => $ex->getCode(),
84			'error_description' => $ex->getMessage(),
85			],
86			401
87			);
88			}
89
90			return $handler->handle($request->withAttribute(AccessToken::class, $token));
91			}
92			}
93

platine-php / oauth2

ResourceServerMiddleware A last analyzed 2025-05-22 19:20 UTC

Complexity

Size/Duplication

Importance

2 Methods

Duplication Side-by-Side

Filter issues like

ResourceServerMiddleware A
last analyzed 2025-05-22 19:20 UTC