rhertogh\Yii2Oauth2Server\components\openidconnect\server\Oauth2OidcBearerTokenResponse

Complexity

Total Complexity

6

Size/Duplication

Total Lines	65
Duplicated Lines	0 %

Test Coverage

Coverage

90.91%

Importance

Changes	1
Bugs	0	Features	0

3 Methods

Rating	Name	Duplication	Size	Complexity
A	getModule()	0	3	1
A	getExtraParams()	0	36	4
A	__construct()	0	3	1

<?php

namespace rhertogh\Yii2Oauth2Server\components\openidconnect\server;

use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use rhertogh\Yii2Oauth2Server\helpers\OpenIdConnectHelper;

The type rhertogh\Yii2Oauth2Server\helpers\OpenIdConnectHelper was not found. Maybe you did not declare it correctly or list all dependencies?

use rhertogh\Yii2Oauth2Server\interfaces\components\openidconnect\request\Oauth2OidcAuthenticationRequestInterface;
use rhertogh\Yii2Oauth2Server\interfaces\components\openidconnect\scope\Oauth2OidcScopeInterface;
use rhertogh\Yii2Oauth2Server\interfaces\components\openidconnect\server\Oauth2OidcBearerTokenResponseInterface;
use rhertogh\Yii2Oauth2Server\interfaces\models\external\user\Oauth2OidcUserInterface;
use rhertogh\Yii2Oauth2Server\interfaces\models\external\user\Oauth2UserInterface;
use rhertogh\Yii2Oauth2Server\interfaces\models\Oauth2AccessTokenInterface;
use rhertogh\Yii2Oauth2Server\Oauth2Module;
use Yii;
use yii\base\InvalidArgumentException;
use yii\base\InvalidConfigException;

class Oauth2OidcBearerTokenResponse extends BearerTokenResponse implements Oauth2OidcBearerTokenResponseInterface
{
    /**
     * @var Oauth2Module
     */
    protected $_module;

    /**
     * @inheritDoc
     */
    public function __construct(Oauth2Module $module)
    {
        $this->_module = $module;
    }

    /**
     * @inheritDoc
     */
    public function getModule()
    {
        return $this->_module;
    }

    /**
     * @inheritDoc
     * @param Oauth2AccessTokenInterface $accessToken
     * @return array
     * @throws InvalidConfigException
     */
    protected function getExtraParams(AccessTokenEntityInterface $accessToken)
    {
        $scopeIdentifiers = array_map(fn($scope) => $scope->getIdentifier(), $accessToken->getScopes());

        // Not a OpenId Connect request if OpenId scope is not present.
        if (!in_array(Oauth2OidcScopeInterface::OPENID_CONNECT_SCOPE_OPENID, $scopeIdentifiers)) {
            return [];
        }

        $module = $this->getModule();

        $user = $module->getUserRepository()->getUserEntityByIdentifier($accessToken->getUserIdentifier());
        if ($user === null) {
            throw new InvalidArgumentException(
                'No user with identifier "' . $accessToken->getUserIdentifier() . '" found.'
            );
        }
        if (!($user instanceof Oauth2OidcUserInterface)) {
            throw new InvalidConfigException(
                get_class($user) . ' must implement ' . Oauth2OidcUserInterface::class
            );
        }

        $nonce = Yii::$app->request->post(Oauth2OidcAuthenticationRequestInterface::REQUEST_PARAMETER_NONCE);

        $token = $module->generateOpenIdConnectUserClaimsToken(
            $user,
            $accessToken->getClient()->getIdentifier(),
            $this->privateKey,
            $scopeIdentifiers,

$scopeIdentifiers of type array is incompatible with the type string expected by parameter $scopeIdentifiers of rhertogh\Yii2Oauth2Server\base\Oauth2BaseModule::generateOpenIdConnectUserClaimsToken().

            $nonce,

It seems like $nonce can also be of type array; however, parameter $nonce of rhertogh\Yii2Oauth2Server\base\Oauth2BaseModule::generateOpenIdConnectUserClaimsToken() does only seem to accept null|string, maybe add an additional type check?

            $accessToken->getExpiryDateTime()
        );

        return [
            static::TOKEN_RESPONSE_ID_TOKEN => $token->toString()
        ];
    }
}