AccessTokenAuthenticator - Code Metrics - Inspection of "Merge branch 'release/v2.0.6'" - slickframework/web-stack - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( c858e1...becd64 )

by Filipe

created 2024-11-13 17:57 UTC

AccessTokenAuthenticator A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	103
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
wmc	12
eloc	28
dl	0
loc	103
rs	10
c	1
b	0
f	0

8 Methods

Rating	Name	Size	Complexity
A	supports()	3	1
A	__construct()	4	1
A	onAuthenticationSuccess()	3	1
A	clear()	2	1
A	authenticate()	9	2
A	createToken()	9	1
A	onAuthenticationFailure()	8	1
A	getAuthenticateHeader()	15	4

<?php

/**
 * This file is part of web-stack
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace Slick\WebStack\Infrastructure\Http\Authenticator;

use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Slick\Http\Message\Response;
use Slick\WebStack\Domain\Security\Authentication\Token\UserToken;
use Slick\WebStack\Domain\Security\Authentication\TokenInterface;
use Slick\WebStack\Domain\Security\Exception\AuthenticationException;
use Slick\WebStack\Domain\Security\Exception\BadCredentialsException;
use Slick\WebStack\Domain\Security\Http\AccessToken\AccessTokenExtractorInterface;
use Slick\WebStack\Domain\Security\Http\AccessToken\AccessTokenHandlerInterface;
use Slick\WebStack\Domain\Security\Http\Authenticator\PassportInterface;
use Slick\WebStack\Domain\Security\Http\Authenticator\SelfValidatingPassport;
use Slick\WebStack\Domain\Security\Http\AuthenticatorInterface;
use Slick\WebStack\Domain\Security\SecurityException;
use Slick\WebStack\Domain\Security\UserInterface;

/**
 * AccessTokenAuthenticator
 *
 * @package Slick\WebStack\Infrastructure\Http\Authenticator
 * @implements AuthenticatorInterface<UserInterface>
 */
final class AccessTokenAuthenticator implements AuthenticatorInterface
{

    use AuthenticatorHandlerTrait;

    /**
     * Creates a AccessTokenAuthenticator
     *
     * @param AccessTokenExtractorInterface $extractor
     * @param AccessTokenHandlerInterface $tokenHandler
     */
    public function __construct(
        private readonly AccessTokenExtractorInterface $extractor,
        private readonly AccessTokenHandlerInterface   $tokenHandler
    ) {
    }

    /**
     * @inheritDoc
     */
    public function supports(ServerRequestInterface $request): bool
    {
        return is_string($this->extractor->extractAccessToken($request));
    }

    /**
     * @inheritDoc
     */
    public function authenticate(ServerRequestInterface $request): PassportInterface
    {
        $accessToken = $this->extractor->extractAccessToken($request);
        if (null === $accessToken) {
            throw new BadCredentialsException("Invalid credentials");
        }

        $userBadge = $this->tokenHandler->userBadgeFromToken($accessToken);
        return new SelfValidatingPassport($userBadge);
    }

    /**
     * @inheritDoc
     * @throws SecurityException
     */
    public function createToken(PassportInterface $passport): TokenInterface
    {
        $userToken = new UserToken($passport->user());
        $userToken->withAttributes([
            'IS_AUTHENTICATED_FULLY' => 'true',
            'IS_AUTHENTICATED_REMEMBERED' => 'false',
            'IS_AUTHENTICATED' => 'true'
        ]);
        return $userToken;
    }

    /**
     * @inheritDoc
     */
    public function onAuthenticationSuccess(ServerRequestInterface $request, TokenInterface $token): ?ResponseInterface
    {
        return null;
    }

    /**
     * @inheritDoc
     */
    public function onAuthenticationFailure(
        ServerRequestInterface $request,
        AuthenticationException $exception
    ): ResponseInterface {
        return new Response(
            401,
            'Unauthorized',
            ['WWW-Authenticate' => $this->getAuthenticateHeader($exception->getMessage())]
        );
    }


    /**
     * @inheritDoc
     */
    public function clear(): void
    {
        // noop
    }

    /**
     * @see https://datatracker.ietf.org/doc/html/rfc6750#section-3
     */
    private function getAuthenticateHeader(?string $errorDescription = null): string
    {
        $data = [
            'error' => 'invalid_token',
            'error_description' => $errorDescription,
        ];
        $values = [];
        foreach ($data as $k => $v) {
            if (null === $v || '' === $v) {
                continue;
            }
            $values[] = sprintf('%s="%s"', $k, $v);
        }

        return sprintf('Bearer %s', implode(',', $values));
    }
}


1			<?php
2
3			/**
4			* This file is part of web-stack
5			*
6			* For the full copyright and license information, please view the LICENSE
7			* file that was distributed with this source code.
8			*/
9
10			declare(strict_types=1);
11
12			namespace Slick\WebStack\Infrastructure\Http\Authenticator;
13
14			use Psr\Http\Message\ResponseInterface;
15			use Psr\Http\Message\ServerRequestInterface;
16			use Slick\Http\Message\Response;
17			use Slick\WebStack\Domain\Security\Authentication\Token\UserToken;
18			use Slick\WebStack\Domain\Security\Authentication\TokenInterface;
19			use Slick\WebStack\Domain\Security\Exception\AuthenticationException;
20			use Slick\WebStack\Domain\Security\Exception\BadCredentialsException;
21			use Slick\WebStack\Domain\Security\Http\AccessToken\AccessTokenExtractorInterface;
22			use Slick\WebStack\Domain\Security\Http\AccessToken\AccessTokenHandlerInterface;
23			use Slick\WebStack\Domain\Security\Http\Authenticator\PassportInterface;
24			use Slick\WebStack\Domain\Security\Http\Authenticator\SelfValidatingPassport;
25			use Slick\WebStack\Domain\Security\Http\AuthenticatorInterface;
26			use Slick\WebStack\Domain\Security\SecurityException;
27			use Slick\WebStack\Domain\Security\UserInterface;
28
29			/**
30			* AccessTokenAuthenticator
31			*
32			* @package Slick\WebStack\Infrastructure\Http\Authenticator
33			* @implements AuthenticatorInterface<UserInterface>
34			*/
35			final class AccessTokenAuthenticator implements AuthenticatorInterface
36			{
37
38			use AuthenticatorHandlerTrait;
39
40			/**
41			* Creates a AccessTokenAuthenticator
42			*
43			* @param AccessTokenExtractorInterface $extractor
44			* @param AccessTokenHandlerInterface $tokenHandler
45			*/
46			public function __construct(
47			private readonly AccessTokenExtractorInterface $extractor,
48			private readonly AccessTokenHandlerInterface $tokenHandler
49			) {
50			}
51
52			/**
53			* @inheritDoc
54			*/
55			public function supports(ServerRequestInterface $request): bool
56			{
57			return is_string($this->extractor->extractAccessToken($request));
58			}
59
60			/**
61			* @inheritDoc
62			*/
63			public function authenticate(ServerRequestInterface $request): PassportInterface
64			{
65			$accessToken = $this->extractor->extractAccessToken($request);
66			if (null === $accessToken) {
67			throw new BadCredentialsException("Invalid credentials");
68			}
69
70			$userBadge = $this->tokenHandler->userBadgeFromToken($accessToken);
71			return new SelfValidatingPassport($userBadge);
72			}
73
74			/**
75			* @inheritDoc
76			* @throws SecurityException
77			*/
78			public function createToken(PassportInterface $passport): TokenInterface
79			{
80			$userToken = new UserToken($passport->user());
81			$userToken->withAttributes([
82			'IS_AUTHENTICATED_FULLY' => 'true',
83			'IS_AUTHENTICATED_REMEMBERED' => 'false',
84			'IS_AUTHENTICATED' => 'true'
85			]);
86			return $userToken;
87			}
88
89			/**
90			* @inheritDoc
91			*/
92			public function onAuthenticationSuccess(ServerRequestInterface $request, TokenInterface $token): ?ResponseInterface
93			{
94			return null;
95			}
96
97			/**
98			* @inheritDoc
99			*/
100			public function onAuthenticationFailure(
101			ServerRequestInterface $request,
102			AuthenticationException $exception
103			): ResponseInterface {
104			return new Response(
105			401,
106			'Unauthorized',
107			['WWW-Authenticate' => $this->getAuthenticateHeader($exception->getMessage())]
108			);
109			}
110
111
112			/**
113			* @inheritDoc
114			*/
115			public function clear(): void
116			{
117			// noop
118			}
119
120			/**
121			* @see https://datatracker.ietf.org/doc/html/rfc6750#section-3
122			*/
123			private function getAuthenticateHeader(?string $errorDescription = null): string
124			{
125			$data = [
126			'error' => 'invalid_token',
127			'error_description' => $errorDescription,
128			];
129			$values = [];
130			foreach ($data as $k => $v) {
131			if (null === $v \|\| '' === $v) {
132			continue;
133			}
134			$values[] = sprintf('%s="%s"', $k, $v);
135			}
136
137			return sprintf('Bearer %s', implode(',', $values));
138			}
139			}
140

slickframework / web-stack

Push — master ( c858e1...becd64 )

AccessTokenAuthenticator A

Complexity

Size/Duplication

Importance

8 Methods

Duplication Side-by-Side

Filter issues like