MiddlewareBuilder - Code Metrics - schnittstabil/psr7-csrf-middleware - Measure and Improve Code Quality continuously with Scrutinizer

MiddlewareBuilder A
last analyzed 2017-02-24 02:58 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	130
Duplicated Lines	12.31 %

Coupling/Cohesion

Components	1
Dependencies	1

Importance

Changes

Metric	Value
wmc	5
lcom	1
cbo	1
dl	16
loc	130
rs	10
c	0
b	0
f	0

5 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	5	1
A	create()	0	8	1
A	buildCookieToHeaderMiddleware()	8	12	1
A	buildHeaderToHeaderMiddleware()	8	11	1
A	buildSynchronizerTokenPatternMiddleware()	0	9	1

How to fix Duplicated Code

<?php

namespace Schnittstabil\Psr7\Csrf;

use Schnittstabil\Csrf\TokenService\TokenService;
use Schnittstabil\Csrf\TokenService\TokenServiceInterface;

/**
 * CSRF protection middleware builder.
 */
class MiddlewareBuilder
{
    /**
     * TokenService for building.
     *
     * @var TokenServiceInterface
     */
    protected $tokenService;

    /**
     * Middleware class.
     *
     * @var string
     */
    protected $middlewareClass;

    /**
     * Create a new MiddlewareBuilder.
     *
     * @param TokenService $tokenService    TokenService for building
     * @param string       $middlewareClass Middleware class
     */
    public function __construct(TokenService $tokenService, $middlewareClass = Middleware::class)
    {
        $this->tokenService = $tokenService;
        $this->middlewareClass = $middlewareClass;
    }

    /**
     * Create a new MiddlewareBuilder.
     *
     * `$ttl` is used for calculating the expiration time of the tokens, its default value (1440sec === 24min)
     * correspond to the default `session.gc_maxlifetime`.
     *
     * @see http://php.net/manual/en/session.configuration.php Documentation of `session.gc-maxlifetime`
     *
     * @param string $key             Shared secret key used for generating token signatures
     * @param int    $ttl             Default Time to Live in seconds
     * @param string $algo            Name of hashing algorithm. See hash_algos() for a list of supported algorithms
     * @param string $middlewareClass Middleware class
     *
     * @return static
     */
    public static function create(
        $key,
        $ttl = 1440,
        $algo = 'SHA512',
        $middlewareClass = Middleware::class
    ) {
        return new self(new TokenService($key, $ttl, $algo), $middlewareClass);
    }

    /**
     * Build a AngularJS compatible stateless Cookie-To-Header CSRF proptection middleware.
     *
     * + Sends tokens via cookies
     * + Accepts tokens via request headers
     * + Always accepts GET requests
     *
     * @param string   $cookieName       Cookie name
     * @param string   $headerName       Header field name
     * @param callable $rejectMiddleware See `\Schnittstabil\Psr7\Csrf\Middlewares\Guard` for details
     * @param callable $cookieModifier   See `Schnittstabil\Psr7\Csrf\Middlewares\RespondWithCookieToken` for details
     *
     * @return static
     */
    public function buildCookieToHeaderMiddleware(
        $cookieName = 'XSRF-TOKEN',
        $headerName = 'X-XSRF-TOKEN',
        callable $rejectMiddleware = null,
        callable $cookieModifier = null
    ) {
        return (new $this->middlewareClass($this->tokenService))
            ->withGuard($rejectMiddleware)
            ->withAcceptHeaderToken($headerName)
            ->withAcceptMethods(['GET', 'OPTIONS'])
            ->withRespondWithCookieToken($cookieName, $cookieModifier);
    }

    /**
     * Build a stateless Header-To-Header CSRF proptection middleware.
     *
     * + Sends tokens via headers
     * + Accepts tokens via request headers
     * + Always accepts GET requests
     *
     * @param string   $responseHeaderName Response header field name
     * @param string   $requestHeaderName  Request header field name
     * @param callable $rejectMiddleware   See `\Schnittstabil\Psr7\Csrf\Middlewares\Guard` for details
     *
     * @return static
     */
    public function buildHeaderToHeaderMiddleware(
        $responseHeaderName = 'XSRF-TOKEN',
        $requestHeaderName = 'X-XSRF-TOKEN',
        callable $rejectMiddleware = null
    ) {
        return (new $this->middlewareClass($this->tokenService))
            ->withGuard($rejectMiddleware)
            ->withAcceptHeaderToken($requestHeaderName)
            ->withAcceptMethods(['GET', 'OPTIONS'])
            ->withRespondWithHeaderToken($responseHeaderName);
    }

    /**
     * Build a stateless Synchronizer Token Pattern CSRF proptection middleware.
     *
     * + Accepts tokens via request body (`ServerRequestInterface::getParsedBody`)
     * + Always accepts GET requests
     * + Tokens have to be generated by `getTokenService()->generate()` and manually rendered into HTML/JSON or XML.
     *
     *
     * @see https://github.com/schnittstabil/get Documentation of `Schnittstabil\Get\getValue`
     * @see http://www.php-fig.org/psr/psr-7     Documentation of `ServerRequestInterface::getParsedBody`
     *
     * @param string|int|mixed[] $path             a `Schnittstabil\Get\getValue` path
     * @param callable           $rejectMiddleware See `\Schnittstabil\Psr7\Csrf\Middlewares\Guard` for details
     *
     * @return static
     */
    public function buildSynchronizerTokenPatternMiddleware(
        $path = 'X-XSRF-TOKEN',
        callable $rejectMiddleware = null
    ) {
        return (new $this->middlewareClass($this->tokenService))
            ->withGuard($rejectMiddleware)
            ->withAcceptParsedBodyToken($path)
            ->withAcceptMethods(['GET', 'OPTIONS']);
    }
}


1		<?php
2
3		namespace Schnittstabil\Psr7\Csrf;
4
5		use Schnittstabil\Csrf\TokenService\TokenService;
6		use Schnittstabil\Csrf\TokenService\TokenServiceInterface;
7
8		/**
9		* CSRF protection middleware builder.
10		*/
11		class MiddlewareBuilder
12		{
13		/**
14		* TokenService for building.
15		*
16		* @var TokenServiceInterface
17		*/
18		protected $tokenService;
19
20		/**
21		* Middleware class.
22		*
23		* @var string
24		*/
25		protected $middlewareClass;
26
27		/**
28		* Create a new MiddlewareBuilder.
29		*
30		* @param TokenService $tokenService TokenService for building
31		* @param string $middlewareClass Middleware class
32		*/
33		public function __construct(TokenService $tokenService, $middlewareClass = Middleware::class)
34		{
35		$this->tokenService = $tokenService;
36		$this->middlewareClass = $middlewareClass;
37		}
38
39		/**
40		* Create a new MiddlewareBuilder.
41		*
42		* `$ttl` is used for calculating the expiration time of the tokens, its default value (1440sec === 24min)
43		* correspond to the default `session.gc_maxlifetime`.
44		*
45		* @see http://php.net/manual/en/session.configuration.php Documentation of `session.gc-maxlifetime`
46		*
47		* @param string $key Shared secret key used for generating token signatures
48		* @param int $ttl Default Time to Live in seconds
49		* @param string $algo Name of hashing algorithm. See hash_algos() for a list of supported algorithms
50		* @param string $middlewareClass Middleware class
51		*
52		* @return static
53		*/
54		public static function create(
55		$key,
56		$ttl = 1440,
57		$algo = 'SHA512',
58		$middlewareClass = Middleware::class
59		) {
60		return new self(new TokenService($key, $ttl, $algo), $middlewareClass);
61		}
62
63		/**
64		* Build a AngularJS compatible stateless Cookie-To-Header CSRF proptection middleware.
65		*
66		* + Sends tokens via cookies
67		* + Accepts tokens via request headers
68		* + Always accepts GET requests
69		*
70		* @param string $cookieName Cookie name
71		* @param string $headerName Header field name
72		* @param callable $rejectMiddleware See `\Schnittstabil\Psr7\Csrf\Middlewares\Guard` for details
73		* @param callable $cookieModifier See `Schnittstabil\Psr7\Csrf\Middlewares\RespondWithCookieToken` for details
74		*
75		* @return static
76		*/
77	View Code Duplication	public function buildCookieToHeaderMiddleware(
78		$cookieName = 'XSRF-TOKEN',
79		$headerName = 'X-XSRF-TOKEN',
80		callable $rejectMiddleware = null,
81		callable $cookieModifier = null
82		) {
83		return (new $this->middlewareClass($this->tokenService))
84		->withGuard($rejectMiddleware)
85		->withAcceptHeaderToken($headerName)
86		->withAcceptMethods(['GET', 'OPTIONS'])
87		->withRespondWithCookieToken($cookieName, $cookieModifier);
88		}
89
90		/**
91		* Build a stateless Header-To-Header CSRF proptection middleware.
92		*
93		* + Sends tokens via headers
94		* + Accepts tokens via request headers
95		* + Always accepts GET requests
96		*
97		* @param string $responseHeaderName Response header field name
98		* @param string $requestHeaderName Request header field name
99		* @param callable $rejectMiddleware See `\Schnittstabil\Psr7\Csrf\Middlewares\Guard` for details
100		*
101		* @return static
102		*/
103	View Code Duplication	public function buildHeaderToHeaderMiddleware(
104		$responseHeaderName = 'XSRF-TOKEN',
105		$requestHeaderName = 'X-XSRF-TOKEN',
106		callable $rejectMiddleware = null
107		) {
108		return (new $this->middlewareClass($this->tokenService))
109		->withGuard($rejectMiddleware)
110		->withAcceptHeaderToken($requestHeaderName)
111		->withAcceptMethods(['GET', 'OPTIONS'])
112		->withRespondWithHeaderToken($responseHeaderName);
113		}
114
115		/**
116		* Build a stateless Synchronizer Token Pattern CSRF proptection middleware.
117		*
118		* + Accepts tokens via request body (`ServerRequestInterface::getParsedBody`)
119		* + Always accepts GET requests
120		* + Tokens have to be generated by `getTokenService()->generate()` and manually rendered into HTML/JSON or XML.
121		*
122		*
123		* @see https://github.com/schnittstabil/get Documentation of `Schnittstabil\Get\getValue`
124		* @see http://www.php-fig.org/psr/psr-7 Documentation of `ServerRequestInterface::getParsedBody`
125		*
126		* @param string\|int\|mixed[] $path a `Schnittstabil\Get\getValue` path
127		* @param callable $rejectMiddleware See `\Schnittstabil\Psr7\Csrf\Middlewares\Guard` for details
128		*
129		* @return static
130		*/
131		public function buildSynchronizerTokenPatternMiddleware(
132		$path = 'X-XSRF-TOKEN',
133		callable $rejectMiddleware = null
134		) {
135		return (new $this->middlewareClass($this->tokenService))
136		->withGuard($rejectMiddleware)
137		->withAcceptParsedBodyToken($path)
138		->withAcceptMethods(['GET', 'OPTIONS']);
139		}
140		}
141

schnittstabil / psr7-csrf-middleware

MiddlewareBuilder A last analyzed 2017-02-24 02:58 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Importance

5 Methods

How to fix Duplicated Code

Duplicated Code

Duplication Side-by-Side

Filter issues like

MiddlewareBuilder A
last analyzed 2017-02-24 02:58 UTC