rhertogh /
yii2-oauth2-server
| Conditions | 9 |
| Paths | 8 |
| Total Lines | 58 |
| Code Lines | 29 |
| Lines | 0 |
| Ratio | 0 % |
| Tests | 29 |
| CRAP Score | 9.4078 |
| Changes | 1 | ||
| Bugs | 0 | Features | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 34 | 8 | public function respondToAccessTokenRequest( |
|
| 35 | ServerRequestInterface $request, |
||
| 36 | ResponseTypeInterface $responseType, |
||
| 37 | DateInterval $accessTokenTTL |
||
| 38 | ) { |
||
| 39 | /** @var Oauth2ClientInterface $client */ |
||
| 40 | 8 | $client = $this->validateClient($request); |
|
| 41 | 8 | $oldRefreshToken = $this->validateOldRefreshToken($request, $client->getIdentifier()); |
|
| 42 | |||
| 43 | 8 | $user = $this->module->getUserRepository()->getUserEntityByIdentifier($oldRefreshToken['user_id']); |
|
| 44 | 8 | if (empty($user)) { |
|
| 45 | 1 | throw new NotFoundHttpException( |
|
| 46 | 1 | Yii::t('oauth2', 'Unable to find user with id "' . $oldRefreshToken['user_id'] . '".') |
|
| 47 | 1 | ); |
|
| 48 | } |
||
| 49 | |||
| 50 | 7 | if ($user->isOauth2ClientAllowed($client, $this->getIdentifier()) !== true) { |
|
| 51 | throw Oauth2ServerException::accessDenied( |
||
| 52 | Yii::t('oauth2', 'User {user_id} is not allowed to use client {client_identifier}.', [ |
||
| 53 | 'user_id' => $user->getId(), |
||
|
Bug
introduced
by
|
|||
| 54 | 'client_identifier' => $client->getIdentifier(), |
||
| 55 | ]) |
||
| 56 | ); |
||
| 57 | } |
||
| 58 | |||
| 59 | 7 | if ($this->module->enableOpenIdConnect) { |
|
| 60 | 6 | $scopes = $oldRefreshToken['scopes'] ?? []; |
|
| 61 | |||
| 62 | if ( |
||
| 63 | 6 | in_array(Oauth2OidcScopeInterface::OPENID_CONNECT_SCOPE_OPENID, $scopes) |
|
| 64 | 6 | && !in_array(Oauth2OidcScopeInterface::OPENID_CONNECT_SCOPE_OFFLINE_ACCESS, $scopes) |
|
| 65 | ) { |
||
| 66 | // Refresh tokens are not issued when `openIdConnectIssueRefreshTokenWithoutOfflineAccessScope` |
||
| 67 | // is disabled, but let's ensure setting hasn't changed. |
||
| 68 | 4 | if (!$this->module->openIdConnectIssueRefreshTokenWithoutOfflineAccessScope) { |
|
| 69 | 1 | throw Oauth2ServerException::accessDenied( |
|
| 70 | 1 | 'The refresh token grant type is unavailable in OpenID Connect context when' |
|
| 71 | 1 | . ' `openIdConnectIssueRefreshTokenWithoutOfflineAccessScope` is disabled.' |
|
| 72 | 1 | ); |
|
| 73 | } |
||
| 74 | |||
| 75 | 3 | if (!($user instanceof Oauth2OidcUserSessionStatusInterface)) { |
|
| 76 | 1 | throw new InvalidConfigException( |
|
| 77 | 1 | 'In order to support OpenId Connect Refresh Tokens without offline_access scope ' |
|
| 78 | 1 | . get_class($user) . ' must implement ' . Oauth2OidcUserSessionStatusInterface::class |
|
| 79 | 1 | ); |
|
| 80 | } |
||
| 81 | |||
| 82 | 2 | if (!$user->hasActiveSession()) { |
|
| 83 | 1 | throw Oauth2ServerException::accessDenied( |
|
| 84 | 1 | 'The refresh token grant type is unavailable in OpenID Connect context when the user is' |
|
| 85 | 1 | . ' offline and the authorized scope does not include "offline_access".' |
|
| 86 | 1 | ); |
|
| 87 | } |
||
| 88 | } |
||
| 89 | } |
||
| 90 | |||
| 91 | 4 | return parent::respondToAccessTokenRequest($request, $responseType, $accessTokenTTL); |
|
| 92 | } |
||
| 94 |
Loading history...