Oauth2OidcEndSessionAction - Code Metrics - Inspection of "Fixed \Yii2Oauth2ServerTests\unit\controllers\cons..." - rhertogh/yii2-oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( a721e7...5904cd )

by Rutger

created 2024-07-27 16:23 UTC

Oauth2OidcEndSessionAction A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	67
Duplicated Lines	0 %

Test Coverage

Coverage

75.76%

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
wmc	10
eloc	35
c	1
b	0
f	0
dl	0
loc	67
ccs	25
cts	33
cp	0.7576
rs	10

1 Method

Rating	Name	Duplication	Size	Complexity
B	run()	0	60	10

<?php

namespace rhertogh\Yii2Oauth2Server\controllers\web\openidconnect;

// phpcs:disable Generic.Files.LineLength.TooLong
use rhertogh\Yii2Oauth2Server\controllers\web\base\Oauth2BaseWebAction;
use rhertogh\Yii2Oauth2Server\controllers\web\Oauth2OidcController;
use rhertogh\Yii2Oauth2Server\interfaces\components\authorization\EndSession\Oauth2EndSessionAuthorizationRequestInterface;
use rhertogh\Yii2Oauth2Server\interfaces\controllers\web\openidconnect\Oauth2OidcEndSessionActionInterface;
use rhertogh\Yii2Oauth2Server\interfaces\models\external\user\Oauth2OidcUserInterface;
use Yii;
use yii\base\InvalidConfigException;
use yii\web\BadRequestHttpException;
use yii\web\ForbiddenHttpException;
use yii\web\NotFoundHttpException;
use yii\web\Response;
use yii\web\UnauthorizedHttpException;

// phpcs:enable Generic.Files.LineLength.TooLong

/**
 * @property Oauth2OidcController $controller
 */
class Oauth2OidcEndSessionAction extends Oauth2BaseWebAction implements Oauth2OidcEndSessionActionInterface
{
    /**
     * @see https://openid.net/specs/openid-connect-rpinitiated-1_0.html
     * @return Response
     * @throws InvalidConfigException
     */
    public function run($endSessionAuthorizationRequestId = null)
    {
        $module = $this->controller->module;
        $request = Yii::$app->request;
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}
        $identity = $module->getUserIdentity();
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
$object = $a->getObject();

        if (!$module->enableOpenIdConnect) {
            throw new ForbiddenHttpException('OpenID Connect is disabled.');
        }

        if ($identity && !($identity instanceof Oauth2OidcUserInterface)) {

            throw new InvalidConfigException('In order to support OpenID Connect '
                . get_class($identity) . ' must implement ' . Oauth2OidcUserInterface::class);
        }

        if (empty($endSessionAuthorizationRequestId)) {
            /** @var Oauth2EndSessionAuthorizationRequestInterface $endSessionAuthorizationRequest */
            $endSessionAuthorizationRequest = Yii::createObject([
                'class' => Oauth2EndSessionAuthorizationRequestInterface::class,
                'module' => $module,
                'idTokenHint' => $this->getRequestParam($request, 'id_token_hint'),
                'idTokenHint' => $this->getRequestParam(/** @scrutinizer ignore-type */ $request, 'id_token_hint'),
                'clientIdentifier' => $this->getRequestParam($request, 'client_id'),
                'endSessionUrl' => $request->absoluteUrl,
                'redirectUri' => $this->getRequestParam($request, 'post_logout_redirect_uri'),
                'state' => $this->getRequestParam($request, 'state'),
            ]);

            $endSessionAuthorizationRequest->validateRequest();

            if (!$identity) {

                /**
                 * Specified in https://openid.net/specs/openid-connect-rpinitiated-1_0.html#ValidationAndErrorHandling
                 * "Note that because RP-Initiated Logout Requests are intended to be idempotent,
                 *  it is explicitly not an error for an RP to request that a logout be performed when the OP does not
                 *  consider that the End-User is logged in with the OP at the requesting RP."
                 */
                return $this->controller->redirect($endSessionAuthorizationRequest->getRequestCompletedRedirectUrl(true));
            }

            if ($endSessionAuthorizationRequest->getEndUserAuthorizationRequired()) {
                if ($endSessionAuthorizationRequest->isAuthorizationAllowed()) {
                    return $module->generateEndSessionAuthReqRedirectResponse($endSessionAuthorizationRequest);
                } else {
                    throw new UnauthorizedHttpException(Yii::t('oauth2', 'You are not allowed to authorize logging out.'));
                }
            } else {
                $endSessionAuthorizationRequest->autoApproveAndProcess();
            }
        } else {
            $endSessionAuthorizationRequest = $module->getEndSessionAuthReqSession($endSessionAuthorizationRequestId);
            if (empty($endSessionAuthorizationRequest)) {
                throw new NotFoundHttpException('End Session authorization request not found.');
            }
        }

        if (!$endSessionAuthorizationRequest->isCompleted()) {
            throw new BadRequestHttpException('End Session authorization is not completed.');
        }

        return $this->controller->redirect($endSessionAuthorizationRequest->getRequestCompletedRedirectUrl());
    }
}


rhertogh / yii2-oauth2-server

Push — master ( a721e7...5904cd )

Oauth2OidcEndSessionAction A

Complexity

Size/Duplication

Test Coverage

Importance

1 Method

Duplication Side-by-Side

Filter issues like