MultiAuthenticate - Code Metrics - Inspection of "Merge pull request #22 from sfelix-martins/fix-oau..." - sfelix-martins/passport-multiauth - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( f82e79...44b9b8 )

by Samuel

created 2018-05-13 21:10 UTC

MultiAuthenticate A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	107
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	10

Test Coverage

Coverage

100%

Importance

Changes	5
Bugs	0	Features	0

Metric	Value
wmc	11
c	5
b	0
f	0
lcom	1
cbo	10
dl	0
loc	107
ccs	28
cts	28
cp	1
rs	10

4 Methods

Rating	Name	Size	Complexity
A	__construct()	6	1
C	handle()	36	7
A	canBeAuthenticated()	6	1
A	authenticateTokenGuard()	9	2

<?php

namespace SMartins\PassportMultiauth\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use League\OAuth2\Server\ResourceServer;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Auth\Middleware\Authenticate;
use Illuminate\Contracts\Auth\Factory as Auth;
use Illuminate\Contracts\Auth\Authenticatable;
use SMartins\PassportMultiauth\Provider as Token;
use SMartins\PassportMultiauth\PassportMultiauth;
use SMartins\PassportMultiauth\ProviderRepository;
use SMartins\PassportMultiauth\Guards\GuardChecker;
use League\OAuth2\Server\Exception\OAuthServerException;
use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;

class MultiAuthenticate extends Authenticate
{
    /**
     * @var \League\OAuth2\Server\ResourceServer
     */
    protected $server;

    /**
     * @var \SMartins\PassportMultiauth\ProviderRepository
     */
    protected $providers;

    /**
     * The authentication factory instance.
     *
     * @var \Illuminate\Contracts\Auth\Factory
     */
    protected $auth;

    public function __construct(ResourceServer $server, ProviderRepository $providers, Auth $auth)
    {
        $this->server = $server;
        $this->providers = $providers;
        $this->auth = $auth;
    }

    /**
     * Handle an incoming request. Authenticates the guard from access token
     * used on request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure                 $next
     * @param string[]                 ...$guards
     * @return mixed
     *
     * @throws \Illuminate\Auth\AuthenticationException
     */
    public function handle($request, Closure $next, ...$guards)
    {
        // If don't has any guard follow the flow
        if (empty($guards)) {
            return $next($request);
        }

        $psrRequest = (new DiactorosFactory())->createRequest($request);

        try {
            $psrRequest = $this->server->validateAuthenticatedRequest($psrRequest);

            if (! $tokenId = $psrRequest->getAttribute('oauth_access_token_id')) {
                throw new AuthenticationException('Unauthenticated', $guards);
            }

            if (! $accessToken = $this->providers->findForToken($tokenId)) {
                throw new AuthenticationException('Unauthenticated', $guards);
            }

            $this->authenticateTokenGuard($accessToken, $guards);
        } catch (OAuthServerException $e) {
            // If has an OAuthServerException check if has unit tests and fake
            // user authenticated.
            if ($user = PassportMultiauth::userActing()) {
                if ($this->canBeAuthenticated($user, $guards)) {
                    return $next($request);
                }
            }

            // @todo Check if it's the best way to handle with OAuthServerException
            throw new AuthenticationException('Unauthenticated', $guards);
        }

        return $next($request);
    }

    /**
     * Check if user acting has the required guards and scopes on request.
     *
     * @param  \Illuminate\Foundation\Auth\User $user
     * @param  array $guards
     * @return bool
     */
    public function canBeAuthenticated(Authenticatable $user, $guards)
    {
        $userGuard = PassportMultiauth::getUserGuard($user);

        return in_array($userGuard, $guards);
    }

    /**
     * Authenticate correct guard based on token.
     *
     * @param \SMartins\PassportMultiauth\Provider $token
     * @param  array $guards
     * @return void
     *
     * @throws \Illuminate\Auth\AuthenticationException
     */
    public function authenticateTokenGuard(Token $token, $guards)
    {
        $providers = GuardChecker::getGuardsProviders($guards);

        // use only guard associated to access token provider
        $authGuards = $providers->has($token->provider) ? [$providers->get($token->provider)] : [];

        return $this->authenticate($authGuards);
    }
}


1		<?php
2
3		namespace SMartins\PassportMultiauth\Http\Middleware;
4
5		use Closure;
6		use Illuminate\Http\Request;
7		use League\OAuth2\Server\ResourceServer;
8		use Illuminate\Auth\AuthenticationException;
9		use Illuminate\Auth\Middleware\Authenticate;
10		use Illuminate\Contracts\Auth\Factory as Auth;
11		use Illuminate\Contracts\Auth\Authenticatable;
12		use SMartins\PassportMultiauth\Provider as Token;
13		use SMartins\PassportMultiauth\PassportMultiauth;
14		use SMartins\PassportMultiauth\ProviderRepository;
15		use SMartins\PassportMultiauth\Guards\GuardChecker;
16		use League\OAuth2\Server\Exception\OAuthServerException;
17		use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;
18
19		class MultiAuthenticate extends Authenticate
20		{
21		/**
22		* @var \League\OAuth2\Server\ResourceServer
23		*/
24		protected $server;
25
26		/**
27		* @var \SMartins\PassportMultiauth\ProviderRepository
28		*/
29		protected $providers;
30
31		/**
32		* The authentication factory instance.
33		*
34		* @var \Illuminate\Contracts\Auth\Factory
35		*/
36		protected $auth;
37
38	12	public function __construct(ResourceServer $server, ProviderRepository $providers, Auth $auth)
39		{
40	12	$this->server = $server;
41	12	$this->providers = $providers;
42	12	$this->auth = $auth;
43	12	}
44
45		/**
46		* Handle an incoming request. Authenticates the guard from access token
47		* used on request.
48		*
49		* @param \Illuminate\Http\Request $request
50		* @param \Closure $next
51		* @param string[] ...$guards
52		* @return mixed
53		*
54		* @throws \Illuminate\Auth\AuthenticationException
55		*/
56	12	public function handle($request, Closure $next, ...$guards)
57		{
58		// If don't has any guard follow the flow
59	12	if (empty($guards)) {
60	1	return $next($request);
61		}
62
63	11	$psrRequest = (new DiactorosFactory())->createRequest($request);
64
65		try {
66	11	$psrRequest = $this->server->validateAuthenticatedRequest($psrRequest);
67
68	4	if (! $tokenId = $psrRequest->getAttribute('oauth_access_token_id')) {
69	1	throw new AuthenticationException('Unauthenticated', $guards);
70		}
71
72	3	if (! $accessToken = $this->providers->findForToken($tokenId)) {
73	1	throw new AuthenticationException('Unauthenticated', $guards);
74		}
75
76	2	$this->authenticateTokenGuard($accessToken, $guards);
77	10	} catch (OAuthServerException $e) {
78		// If has an OAuthServerException check if has unit tests and fake
79		// user authenticated.
80	7	if ($user = PassportMultiauth::userActing()) {
81	6	if ($this->canBeAuthenticated($user, $guards)) {
82	4	return $next($request);
83		}
84		}
85
86		// @todo Check if it's the best way to handle with OAuthServerException
87	3	throw new AuthenticationException('Unauthenticated', $guards);
88		}
89
90	1	return $next($request);
91		}
92
93		/**
94		* Check if user acting has the required guards and scopes on request.
95		*
96		* @param \Illuminate\Foundation\Auth\User $user
97		* @param array $guards
98		* @return bool
99		*/
100	6	public function canBeAuthenticated(Authenticatable $user, $guards)
101		{
102	6	$userGuard = PassportMultiauth::getUserGuard($user);
103
104	6	return in_array($userGuard, $guards);
105		}
106
107		/**
108		* Authenticate correct guard based on token.
109		*
110		* @param \SMartins\PassportMultiauth\Provider $token
111		* @param array $guards
112		* @return void
113		*
114		* @throws \Illuminate\Auth\AuthenticationException
115		*/
116	2	public function authenticateTokenGuard(Token $token, $guards)
117		{
118	2	$providers = GuardChecker::getGuardsProviders($guards);
119
120		// use only guard associated to access token provider
121	2	$authGuards = $providers->has($token->provider) ? [$providers->get($token->provider)] : [];
122
123	2	return $this->authenticate($authGuards);
124		}
125		}
126

sfelix-martins / passport-multiauth

Push — master ( f82e79...44b9b8 )

MultiAuthenticate A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

4 Methods

Duplication Side-by-Side

Filter issues like