SessionSecurityProfile - Code Metrics - slickframework/web-stack - Measure and Improve Code Quality continuously with Scrutinizer

SessionSecurityProfile A
last analyzed 2025-09-22 22:18 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	72
Duplicated Lines	0 %

Importance

Changes

Metric	Value
wmc	8
eloc	15
dl	0
loc	72
rs	10
c	0
b	0
f	0

5 Methods

Rating	Name	Size	Complexity
A	handleAuthenticationSuccess()	4	1
A	logout()	4	1
A	restoreToken()	13	4
A	login()	4	1
A	__construct()	10	1

<?php

/**
 * This file is part of web-stack
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace Slick\WebStack\Domain\Security\Http\SecurityProfile\StatefulSecurityProfile;

use Slick\WebStack\Domain\Security\Authentication\Token\TokenStorageInterface;
use Slick\WebStack\Domain\Security\Authentication\Token\TokenValidatorInterface;
use Slick\WebStack\Domain\Security\Authentication\TokenInterface;
use Slick\WebStack\Domain\Security\Http\AuthenticationEntryPointInterface;
use Slick\WebStack\Domain\Security\Http\AuthenticatorManagerInterface;
use Slick\WebStack\Domain\Security\Http\SecurityProfile\SecurityProfile;
use Slick\WebStack\Domain\Security\Http\SecurityProfile\StatefulSecurityProfileInterface;
use Slick\WebStack\Domain\Security\UserInterface;
use Psr\Http\Message\ServerRequestInterface;
use Slick\Http\Session\SessionDriverInterface;

/**
 * SessionSecurityProfile
 *
 * @package Slick\WebStack\Domain\Security\Http\SecurityProfile\StatefulSecurityProfile
 * @template-covariant T of UserInterface
 * @implements StatefulSecurityProfileInterface<T>
 */
final class SessionSecurityProfile extends SecurityProfile implements StatefulSecurityProfileInterface
{
    public const SESSION_KEY = '_security_session_token';

    /**
     * Creates a Session Security Profile
     *
     * @param string $matchExp The match expression for the HTTP middleware process
     * @param AuthenticatorManagerInterface $authenticatorManager The authenticator manager
     * @param TokenStorageInterface<T> $tokenStorage The token storage
     * @param SessionDriverInterface $session The session driver
     * @param AuthenticationEntryPointInterface|null $entryPoint The authentication entry point (optional)
     * @param TokenValidatorInterface|null $tokenValidator
     * @param array<string> $acl
     */
    public function __construct(
        string $matchExp,
        AuthenticatorManagerInterface $authenticatorManager,
        TokenStorageInterface $tokenStorage,
        private readonly SessionDriverInterface $session,
        ?AuthenticationEntryPointInterface $entryPoint = null,
        private readonly ?TokenValidatorInterface $tokenValidator = null,
        array $acl = []
    ) {
        parent::__construct($matchExp, $authenticatorManager, $tokenStorage, $entryPoint, $acl);
    }

    /**
     * Restores the session token and stores it in the token storage
     *
     * @return TokenInterface|null The restored token or null if session token is not found
     *
     * @phpstan-return TokenInterface<T> $token
     */
    public function restoreToken(): ?TokenInterface
    {
        if (!$token = $this->session->get(self::SESSION_KEY)) {
            return null;
        }

        if ($this->tokenValidator && !$this->tokenValidator->validate($token)) {
            return null;
        }


        $this->tokenStorage->setToken($token);
        return $token;
    }

    /**
     * @inheritDoc
     */
    
    protected function handleAuthenticationSuccess(ServerRequestInterface &$request): void
    {
        parent::handleAuthenticationSuccess($request);
        $this->session->set(self::SESSION_KEY, $this->tokenStorage->getToken());
    }

    /**
     * @inheritDoc
     */
    public function logout(): void
    {
        $this->session->erase(self::SESSION_KEY);
        $this->authenticatorManager->clear();
    }

    public function login(TokenInterface $token): void
    {
        $this->session->set(self::SESSION_KEY, $token);
        $this->tokenStorage->setToken($token);
    }
}


1			<?php
2
3			/**
4			* This file is part of web-stack
5			*
6			* For the full copyright and license information, please view the LICENSE
7			* file that was distributed with this source code.
8			*/
9
10			declare(strict_types=1);
11
12			namespace Slick\WebStack\Domain\Security\Http\SecurityProfile\StatefulSecurityProfile;
13
14			use Slick\WebStack\Domain\Security\Authentication\Token\TokenStorageInterface;
15			use Slick\WebStack\Domain\Security\Authentication\Token\TokenValidatorInterface;
16			use Slick\WebStack\Domain\Security\Authentication\TokenInterface;
17			use Slick\WebStack\Domain\Security\Http\AuthenticationEntryPointInterface;
18			use Slick\WebStack\Domain\Security\Http\AuthenticatorManagerInterface;
19			use Slick\WebStack\Domain\Security\Http\SecurityProfile\SecurityProfile;
20			use Slick\WebStack\Domain\Security\Http\SecurityProfile\StatefulSecurityProfileInterface;
21			use Slick\WebStack\Domain\Security\UserInterface;
22			use Psr\Http\Message\ServerRequestInterface;
23			use Slick\Http\Session\SessionDriverInterface;
24
25			/**
26			* SessionSecurityProfile
27			*
28			* @package Slick\WebStack\Domain\Security\Http\SecurityProfile\StatefulSecurityProfile
29			* @template-covariant T of UserInterface
30			* @implements StatefulSecurityProfileInterface<T>
31			*/
32			final class SessionSecurityProfile extends SecurityProfile implements StatefulSecurityProfileInterface
33			{
34			public const SESSION_KEY = '_security_session_token';
35
36			/**
37			* Creates a Session Security Profile
38			*
39			* @param string $matchExp The match expression for the HTTP middleware process
40			* @param AuthenticatorManagerInterface $authenticatorManager The authenticator manager
41			* @param TokenStorageInterface<T> $tokenStorage The token storage
42			* @param SessionDriverInterface $session The session driver
43			* @param AuthenticationEntryPointInterface\|null $entryPoint The authentication entry point (optional)
44			* @param TokenValidatorInterface\|null $tokenValidator
45			* @param array<string> $acl
46			*/
47			public function __construct(
48			string $matchExp,
49			AuthenticatorManagerInterface $authenticatorManager,
50			TokenStorageInterface $tokenStorage,
51			private readonly SessionDriverInterface $session,
52			?AuthenticationEntryPointInterface $entryPoint = null,
53			private readonly ?TokenValidatorInterface $tokenValidator = null,
54			array $acl = []
55			) {
56			parent::__construct($matchExp, $authenticatorManager, $tokenStorage, $entryPoint, $acl);
57			}
58
59			/**
60			* Restores the session token and stores it in the token storage
61			*
62			* @return TokenInterface\|null The restored token or null if session token is not found
63			*
64			* @phpstan-return TokenInterface<T> $token
65			*/
66			public function restoreToken(): ?TokenInterface
67			{
68			if (!$token = $this->session->get(self::SESSION_KEY)) {
69			return null;
70			}
71
72			if ($this->tokenValidator && !$this->tokenValidator->validate($token)) {
73			return null;
74			}
75
76
77			$this->tokenStorage->setToken($token);
78			return $token;
79			}
80
81			/**
82			* @inheritDoc
83			*/
84
85			protected function handleAuthenticationSuccess(ServerRequestInterface &$request): void
86			{
87			parent::handleAuthenticationSuccess($request);
88			$this->session->set(self::SESSION_KEY, $this->tokenStorage->getToken());
89			}
90
91			/**
92			* @inheritDoc
93			*/
94			public function logout(): void
95			{
96			$this->session->erase(self::SESSION_KEY);
97			$this->authenticatorManager->clear();
98			}
99
100			public function login(TokenInterface $token): void
101			{
102			$this->session->set(self::SESSION_KEY, $token);
103			$this->tokenStorage->setToken($token);
104			}
105			}
106

slickframework / web-stack

SessionSecurityProfile A last analyzed 2025-09-22 22:18 UTC

Complexity

Size/Duplication

Importance

5 Methods

Duplication Side-by-Side

Filter issues like

SessionSecurityProfile A
last analyzed 2025-09-22 22:18 UTC