AuthorizationHeaderPlugin::update() - Code Metrics - Inspection of "Merge pull request #218 from acelaya/feature/api-k..." - shlinkio/shlink - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 224127...d5dc6c )

by Alejandro

created 2018-09-29 07:05 UTC

AuthorizationHeaderPlugin::update() A

↳ Parent: AuthorizationHeaderPlugin

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	5
CRAP Score	1

Importance

Changes

Metric	Value
cc	1
nc	1
nop	2
dl	0
loc	8
ccs	5
cts	5
cp	1
crap	1
rs	10
c	0
b	0
f	0

<?php
declare(strict_types=1);

namespace Shlinkio\Shlink\Rest\Authentication\Plugin;

use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Shlinkio\Shlink\Rest\Authentication\JWTServiceInterface;
use Shlinkio\Shlink\Rest\Exception\VerifyAuthenticationException;
use Shlinkio\Shlink\Rest\Util\RestUtils;
use Throwable;
use Zend\I18n\Translator\TranslatorInterface;
use function count;
use function explode;
use function sprintf;
use function strtolower;

class AuthorizationHeaderPlugin implements AuthenticationPluginInterface
{
    public const HEADER_NAME = 'Authorization';

    /**
     * @var JWTServiceInterface
     */
    private $jwtService;
    /**
     * @var TranslatorInterface
     */
    private $translator;

    public function __construct(JWTServiceInterface $jwtService, TranslatorInterface $translator)
    {
        $this->jwtService = $jwtService;
        $this->translator = $translator;
    }

    /**
     * @throws VerifyAuthenticationException
     */
    public function verify(ServerRequestInterface $request): void
    {
        // Get token making sure the an authorization type is provided
        $authToken = $request->getHeaderLine(self::HEADER_NAME);
        $authTokenParts = explode(' ', $authToken);
        if (count($authTokenParts) === 1) {
            throw VerifyAuthenticationException::withError(
                RestUtils::INVALID_AUTHORIZATION_ERROR,
                sprintf(
                    $this->translator->translate('You need to provide the Bearer type in the %s header.'),
                    self::HEADER_NAME
                )
            );
        }

        // Make sure the authorization type is Bearer
        [$authType, $jwt] = $authTokenParts;

        if (strtolower($authType) !== 'bearer') {
            throw VerifyAuthenticationException::withError(
                RestUtils::INVALID_AUTHORIZATION_ERROR,
                sprintf($this->translator->translate(
                    'Provided authorization type %s is not supported. Use Bearer instead.'
                ), $authType)
            );
        }

        try {
            if (! $this->jwtService->verify($jwt)) {
                throw $this->createInvalidTokenError();
            }
        } catch (Throwable $e) {
            throw $this->createInvalidTokenError($e);
        }
    }

    private function createInvalidTokenError(Throwable $prev = null): VerifyAuthenticationException
    {
        return VerifyAuthenticationException::withError(
            RestUtils::INVALID_AUTH_TOKEN_ERROR,
            sprintf($this->translator->translate(
                'Missing or invalid auth token provided. Perform a new authentication request and send provided '
                . 'token on every new request on the %s header'
            ), self::HEADER_NAME),
            $prev
        );
    }

    public function update(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
    {
        $authToken = $request->getHeaderLine(self::HEADER_NAME);
        [, $jwt] = explode(' ', $authToken);
function someFunction() {
    $x = 5;
    echo $x;
}
        $jwt = $this->jwtService->refresh($jwt);
function someFunction() {
    $x = 5;
    echo $x;
}

        return $response->withHeader(self::HEADER_NAME, sprintf('Bearer %s', $jwt));
    }
}


1		<?php
2		declare(strict_types=1);
3
4		namespace Shlinkio\Shlink\Rest\Authentication\Plugin;
5
6		use Psr\Http\Message\ResponseInterface;
7		use Psr\Http\Message\ServerRequestInterface;
8		use Shlinkio\Shlink\Rest\Authentication\JWTServiceInterface;
9		use Shlinkio\Shlink\Rest\Exception\VerifyAuthenticationException;
10		use Shlinkio\Shlink\Rest\Util\RestUtils;
11		use Throwable;
12		use Zend\I18n\Translator\TranslatorInterface;
13		use function count;
14		use function explode;
15		use function sprintf;
16		use function strtolower;
17
18		class AuthorizationHeaderPlugin implements AuthenticationPluginInterface
19		{
20		public const HEADER_NAME = 'Authorization';
21
22		/**
23		* @var JWTServiceInterface
24		*/
25		private $jwtService;
26		/**
27		* @var TranslatorInterface
28		*/
29		private $translator;
30
31	5	public function __construct(JWTServiceInterface $jwtService, TranslatorInterface $translator)
32		{
33	5	$this->jwtService = $jwtService;
34	5	$this->translator = $translator;
35	5	}
36
37		/**
38		* @throws VerifyAuthenticationException
39		*/
40	4	public function verify(ServerRequestInterface $request): void
41		{
42		// Get token making sure the an authorization type is provided
43	4	$authToken = $request->getHeaderLine(self::HEADER_NAME);
44	4	$authTokenParts = explode(' ', $authToken);
45	4	if (count($authTokenParts) === 1) {
46	1	throw VerifyAuthenticationException::withError(
47	1	RestUtils::INVALID_AUTHORIZATION_ERROR,
48	1	sprintf(
49	1	$this->translator->translate('You need to provide the Bearer type in the %s header.'),
50	1	self::HEADER_NAME
51		)
52		);
53		}
54
55		// Make sure the authorization type is Bearer
56	3	[$authType, $jwt] = $authTokenParts;
		0 ignored issues – show Bug introduced 2018-03-29 08:03 UTC by Report Bug Copy Issue Report The variable `$authType` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history... Bug introduced 2018-09-28 20:12 UTC by Report Bug Copy Issue Report The variable `$jwt` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
57	3	if (strtolower($authType) !== 'bearer') {
58	1	throw VerifyAuthenticationException::withError(
59	1	RestUtils::INVALID_AUTHORIZATION_ERROR,
60	1	sprintf($this->translator->translate(
61	1	'Provided authorization type %s is not supported. Use Bearer instead.'
62	1	), $authType)
63		);
64		}
65
66		try {
67	2	if (! $this->jwtService->verify($jwt)) {
68	2	throw $this->createInvalidTokenError();
69		}
70	1	} catch (Throwable $e) {
71	1	throw $this->createInvalidTokenError($e);
72		}
73	1	}
74
75	1	private function createInvalidTokenError(Throwable $prev = null): VerifyAuthenticationException
76		{
77	1	return VerifyAuthenticationException::withError(
78	1	RestUtils::INVALID_AUTH_TOKEN_ERROR,
79	1	sprintf($this->translator->translate(
80		'Missing or invalid auth token provided. Perform a new authentication request and send provided '
81	1	. 'token on every new request on the %s header'
82	1	), self::HEADER_NAME),
83	1	$prev
84		);
85		}
86
87	1	public function update(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
88		{
89	1	$authToken = $request->getHeaderLine(self::HEADER_NAME);
90	1	[, $jwt] = explode(' ', $authToken);
		0 ignored issues – show Bug introduced 2018-09-28 20:12 UTC by Report Bug Copy Issue Report The variable `$jwt` seems only to be defined at a later point. Did you maybe move this code here without moving the variable definition? This error can happen if you refactor code and forget to move the variable initialization. Let’s take a look at a simple example: function someFunction() { $x = 5; echo $x; } The above code is perfectly fine. Now imagine that we re-order the statements: function someFunction() { echo $x; $x = 5; } In that case, `$x` would be read before it is initialized. This was a very basic example, however the principle is the same for the found issue. Loading history...
91	1	$jwt = $this->jwtService->refresh($jwt);
		0 ignored issues – show Bug introduced 2018-03-29 08:03 UTC by Report Bug Copy Issue Report The variable `$jwt` seems only to be defined at a later point. Did you maybe move this code here without moving the variable definition? This error can happen if you refactor code and forget to move the variable initialization. Let’s take a look at a simple example: function someFunction() { $x = 5; echo $x; } The above code is perfectly fine. Now imagine that we re-order the statements: function someFunction() { echo $x; $x = 5; } In that case, `$x` would be read before it is initialized. This was a very basic example, however the principle is the same for the found issue. Loading history...
92
93	1	return $response->withHeader(self::HEADER_NAME, sprintf('Bearer %s', $jwt));
94		}
95		}
96

shlinkio / shlink

Push — master ( 224127...d5dc6c )

AuthorizationHeaderPlugin::update() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like