MultiAuthenticate - Code Metrics - Inspection of "Added passport:install command to check" - sfelix-martins/passport-multiauth - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#22)

by Samuel

created 2018-05-12 20:05 UTC

MultiAuthenticate A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	98
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	10

Test Coverage

Coverage

100%

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
wmc	10
c	2
b	0
f	0
lcom	1
cbo	10
dl	0
loc	98
ccs	31
cts	31
cp	1
rs	10

2 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	6	1
C	handle()	0	61	9

<?php

namespace SMartins\PassportMultiauth\Http\Middleware;

use Closure;
use Illuminate\Support\Facades\App;
use League\OAuth2\Server\ResourceServer;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Auth\Middleware\Authenticate;
use Illuminate\Contracts\Auth\Factory as Auth;
use SMartins\PassportMultiauth\PassportMultiauth;
use SMartins\PassportMultiauth\ProviderRepository;
use SMartins\PassportMultiauth\Guards\GuardChecker;
use League\OAuth2\Server\Exception\OAuthServerException;
use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;

class MultiAuthenticate extends Authenticate
{
    /**
     * @var \League\OAuth2\Server\ResourceServer
     */
    protected $server;

    /**
     * @var \SMartins\PassportMultiauth\ProviderRepository
     */
    protected $providers;

    /**
     * The authentication factory instance.
     *
     * @var \Illuminate\Contracts\Auth\Factory
     */
    protected $auth;

    public function __construct(ResourceServer $server, ProviderRepository $providers, Auth $auth)
    {
        $this->server = $server;
        $this->providers = $providers;
        $this->auth = $auth;
    }

    /**
     * Handle an incoming request. Authenticates the guard from access token
     * used on request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure                 $next
     * @param string[]                 ...$guards
     *
     * @return mixed
     */
    public function handle($request, Closure $next, ...$guards)
    {
        // If don't has any guard follow the flow
        if (count($guards) === 0) {
            return $next($request);
        }

        $psrRequest = (new DiactorosFactory())->createRequest($request);

        try {
            $psrRequest = $this->server->validateAuthenticatedRequest($psrRequest);

            $tokenId = $psrRequest->getAttribute('oauth_access_token_id');

            if (! $tokenId) {
                throw new AuthenticationException('Unauthenticated', $guards);
            }

            $accessToken = $this->providers->findForToken($tokenId);

            if (! $accessToken) {
                throw new AuthenticationException('Unauthenticated', $guards);
            }

            $providers = collect($guards)->mapWithKeys(function ($guard) {
                return [GuardChecker::defaultGuardProvider($guard) => $guard];
            });

            // use only guard associated to access token provider
            if ($providers->has($accessToken->provider)) {
                $this->authenticate([$providers->get($accessToken->provider)]);
            } else {
                $this->authenticate([]);
            }

            return $next($request);
        } catch (OAuthServerException $e) {
            // @todo It's the best place to this code???
            //
            // If running unit test and try authenticate an user with
            // `PassportMultiauth::actingAs($user) check the guards on request
            // to authenticate or not the user.
            $user = app('auth')->user();

            if (App::runningUnitTests() && $user) {
                // @todo Move to method
                $guards = GuardChecker::getAuthGuards($request);

                $userGuard = PassportMultiauth::getUserGuard($user);

                if (! in_array($userGuard, $guards)) {
                    throw new AuthenticationException('Unauthenticated', $guards);
                }

                return $next($request);
            }

            // @todo Check if it's the best way to handle with OAuthServerException
            throw new AuthenticationException('Unauthenticated', $guards);
        }
    }
}


1		<?php
2
3		namespace SMartins\PassportMultiauth\Http\Middleware;
4
5		use Closure;
6		use Illuminate\Support\Facades\App;
7		use League\OAuth2\Server\ResourceServer;
8		use Illuminate\Auth\AuthenticationException;
9		use Illuminate\Auth\Middleware\Authenticate;
10		use Illuminate\Contracts\Auth\Factory as Auth;
11		use SMartins\PassportMultiauth\PassportMultiauth;
12		use SMartins\PassportMultiauth\ProviderRepository;
13		use SMartins\PassportMultiauth\Guards\GuardChecker;
14		use League\OAuth2\Server\Exception\OAuthServerException;
15		use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;
16
17		class MultiAuthenticate extends Authenticate
18		{
19		/**
20		* @var \League\OAuth2\Server\ResourceServer
21		*/
22		protected $server;
23
24		/**
25		* @var \SMartins\PassportMultiauth\ProviderRepository
26		*/
27		protected $providers;
28
29		/**
30		* The authentication factory instance.
31		*
32		* @var \Illuminate\Contracts\Auth\Factory
33		*/
34		protected $auth;
35
36	12	public function __construct(ResourceServer $server, ProviderRepository $providers, Auth $auth)
37		{
38	12	$this->server = $server;
39	12	$this->providers = $providers;
40	12	$this->auth = $auth;
41	12	}
42
43		/**
44		* Handle an incoming request. Authenticates the guard from access token
45		* used on request.
46		*
47		* @param \Illuminate\Http\Request $request
48		* @param \Closure $next
49		* @param string[] ...$guards
50		*
51		* @return mixed
52		*/
53	12	public function handle($request, Closure $next, ...$guards)
54		{
55		// If don't has any guard follow the flow
56	12	if (count($guards) === 0) {
57	1	return $next($request);
58		}
59
60	11	$psrRequest = (new DiactorosFactory())->createRequest($request);
61
62		try {
63	11	$psrRequest = $this->server->validateAuthenticatedRequest($psrRequest);
64
65	4	$tokenId = $psrRequest->getAttribute('oauth_access_token_id');
66
67	4	if (! $tokenId) {
68	1	throw new AuthenticationException('Unauthenticated', $guards);
69		}
70
71	3	$accessToken = $this->providers->findForToken($tokenId);
72
73	3	if (! $accessToken) {
74	1	throw new AuthenticationException('Unauthenticated', $guards);
75		}
76
77		$providers = collect($guards)->mapWithKeys(function ($guard) {
78	2	return [GuardChecker::defaultGuardProvider($guard) => $guard];
79	2	});
80
81		// use only guard associated to access token provider
82	2	if ($providers->has($accessToken->provider)) {
83	1	$this->authenticate([$providers->get($accessToken->provider)]);
84		} else {
85	1	$this->authenticate([]);
86		}
87
88	1	return $next($request);
89	10	} catch (OAuthServerException $e) {
90		// @todo It's the best place to this code???
91		//
92		// If running unit test and try authenticate an user with
93		// `PassportMultiauth::actingAs($user) check the guards on request
94		// to authenticate or not the user.
95	7	$user = app('auth')->user();
96
97	7	if (App::runningUnitTests() && $user) {
98		// @todo Move to method
99	6	$guards = GuardChecker::getAuthGuards($request);
100
101	6	$userGuard = PassportMultiauth::getUserGuard($user);
102
103	6	if (! in_array($userGuard, $guards)) {
104	2	throw new AuthenticationException('Unauthenticated', $guards);
105		}
106
107	4	return $next($request);
108		}
109
110		// @todo Check if it's the best way to handle with OAuthServerException
111	1	throw new AuthenticationException('Unauthenticated', $guards);
112		}
113		}
114		}
115

sfelix-martins / passport-multiauth

Pull Request — master (#22)

MultiAuthenticate A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

2 Methods

Duplication Side-by-Side

Filter issues like