ValidationContext::isUnsecuredAllowed() - Code Metrics - Inspection of "Add tests" - sop/jwx - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 70b15e...4c8633 )

by Joni

created 2016-06-16 12:44 UTC

ValidationContext::isUnsecuredAllowed() A

↳ Parent: ValidationContext

Complexity

Conditions	1
Paths	1

Size

Total Lines	3
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes	1
Bugs	0	Features	1

Metric	Value
c	1
b	0
f	1
dl	0
loc	3
ccs	2
cts	2
cp	1
rs	10
cc	1
eloc	2
nc	1
nop	0
crap	1

<?php

namespace JWX\JWT;

use JWX\JWK\JWK;
use JWX\JWK\JWKSet;
use JWX\JWT\Claim\RegisteredClaim;
use JWX\JWT\Exception\ValidationException;


/**
 * Class to provide context for claims validation.
 */
class ValidationContext
{
	/**
	 * Reference time.
	 *
	 * @var int $_refTime
	 */
	protected $_refTime;
	
	/**
	 * Leeway in seconds for the reference time constraints.
	 *
	 * @var int $_leeway
	 */
	protected $_leeway;
	
	/**
	 * Validation constraints.
	 *
	 * @var array $_constraints
	 */
	protected $_constraints;
	
	/**
	 * Set of JSON Web Keys usable for the validation.
	 *
	 * @var JWKSet $_keys
	 */
	protected $_keys;
	
	/**
	 * Whether to allow unsecured JWT's, that is, claims without integrity
	 * protection nor encryption.
	 *
	 * @var bool $_allowUnsecured
	 */
	protected $_allowUnsecured;
	
	/**
	 * Constructor
	 *
	 * @param array $constraints Optional array of constraints keyed by claim
	 *        names
	 * @param JWKSet $keys Optional set of JSON Web Keys used for signature
	 *        validation and/or decryption.
	 */
	public function __construct(array $constraints = null, JWKSet $keys = null) {
		$this->_refTime = time();
		$this->_leeway = 60;
		$this->_constraints = $constraints ? $constraints : [];
		$this->_keys = $keys ? $keys : new JWKSet();
		$this->_allowUnsecured = false;
	}
	
	/**
	 * Initialize with a single JSON Web Key.
	 *
	 * @param JWK $key JSON Web Key
	 * @param array $constraints Optional constraints
	 * @return self
	 */
	public static function fromKey(JWK $key, array $constraints = []) {
		return new self($constraints, new JWKSet($key));
	}
	
	/**
	 * Get self with reference time.
	 *
	 * @param int|null $ts Unix timestamp
	 * @return self
	 */
	public function withReferenceTime($ts) {
		$obj = clone $this;
		$obj->_refTime = $ts;
		return $obj;
	}
	
	/**
	 * Check whether reference time is set.
	 *
	 * @return bool
	 */
	public function hasReferenceTime() {
		return isset($this->_refTime);
	}
	
	/**
	 * Get reference time.
	 *
	 * @throws \LogicException
	 * @return int
	 */
	public function referenceTime() {
		if (!$this->hasReferenceTime()) {
			throw new \LogicException("Reference time not set.");
		}
		return $this->_refTime;
	}
	
	/**
	 * Get self with reference time leeway.
	 *
	 * @param int $seconds
	 * @return self
	 */
	public function withLeeway($seconds) {
		$obj = clone $this;
		$obj->_leeway = $seconds;
		return $obj;
	}
	
	/**
	 * Get reference time leeway.
	 *
	 * @return int
	 */
	public function leeway() {
		return $this->_leeway;
	}
	
	/**
	 * Get self with validation constraint.
	 *
	 * @param string $name Claim name
	 * @param mixed $constraint Value to check claim against
	 * @return self
	 */
	public function withConstraint($name, $constraint) {
		$obj = clone $this;
		$obj->_constraints[$name] = $constraint;
		return $obj;
	}
	
	/**
	 * Get self with issuer constraint.
	 *
	 * @param string $issuer
	 * @return self
	 */
	public function withIssuer($issuer) {
		return $this->withConstraint(RegisteredClaim::NAME_ISSUER, $issuer);
	}
	
	/**
	 * Get self with subject constraint.
	 *
	 * @param string $subject
	 * @return self
	 */
	public function withSubject($subject) {
		return $this->withConstraint(RegisteredClaim::NAME_SUBJECT, $subject);
	}
	
	/**
	 * Get self with audience constraint.
	 *
	 * @param string $audience
	 * @return self
	 */
	public function withAudience($audience) {
		return $this->withConstraint(RegisteredClaim::NAME_AUDIENCE, $audience);
	}
	
	/**
	 * Get self with JWT ID constraint.
	 *
	 * @param string $id
	 * @return self
	 */
	public function withID($id) {
		return $this->withConstraint(RegisteredClaim::NAME_JWT_ID, $id);
	}
	
	/**
	 * Check whether constraint is present.
	 *
	 * @param string $name Claim name
	 * @return bool
	 */
	public function hasConstraint($name) {
		return isset($this->_constraints[$name]);
	}
	
	/**
	 * Get constraint by claim name.
	 *
	 * @param string $name
	 * @throws \LogicException
	 * @return mixed Constraint value
	 */
	public function constraint($name) {
		if (!$this->hasConstraint($name)) {
			throw new \LogicException("Constraint $name not set.");
		}
		return $this->_constraints[$name];
	}
	
	/**
	 * Get the set of JSON Web Keys defined in this context.
	 *
	 * @return JWKSet
	 */
	public function keys() {
		return $this->_keys;
	}
	
	/**
	 * Get self with 'allow unsecured' flag set.
	 *
	 * @param bool $allow Whether to allow unsecured JWT's
	 * @return self
	 */
	public function withUnsecuredAllowed($allow) {
		$obj = clone $this;
		$obj->_allowUnsecured = (bool) $allow;
		return $obj;
	}
	
	/**
	 * Check whether unsecured JWT's are allowed.
	 *
	 * @return bool
	 */
	public function isUnsecuredAllowed() {
		return $this->_allowUnsecured;
	}
	
	/**
	 * Validate claims.
	 *
	 * @param Claims $claims
	 * @throws \RuntimeException If any of the claims is not valid
	 * @return self
	 */
	public function validate(Claims $claims) {
		foreach ($claims as $claim) {
			if (!$claim->validateWithContext($this)) {
				throw new ValidationException(
					"Validation of claim '" . $claim->name() . "' failed.");
			}
		}
		return $this;
	}
}


1		<?php
2
3		namespace JWX\JWT;
4
5		use JWX\JWK\JWK;
6		use JWX\JWK\JWKSet;
7		use JWX\JWT\Claim\RegisteredClaim;
8		use JWX\JWT\Exception\ValidationException;
9
10
11		/**
12		* Class to provide context for claims validation.
13		*/
14		class ValidationContext
15		{
16		/**
17		* Reference time.
18		*
19		* @var int $_refTime
20		*/
21		protected $_refTime;
22
23		/**
24		* Leeway in seconds for the reference time constraints.
25		*
26		* @var int $_leeway
27		*/
28		protected $_leeway;
29
30		/**
31		* Validation constraints.
32		*
33		* @var array $_constraints
34		*/
35		protected $_constraints;
36
37		/**
38		* Set of JSON Web Keys usable for the validation.
39		*
40		* @var JWKSet $_keys
41		*/
42		protected $_keys;
43
44		/**
45		* Whether to allow unsecured JWT's, that is, claims without integrity
46		* protection nor encryption.
47		*
48		* @var bool $_allowUnsecured
49		*/
50		protected $_allowUnsecured;
51
52		/**
53		* Constructor
54		*
55		* @param array $constraints Optional array of constraints keyed by claim
56		* names
57		* @param JWKSet $keys Optional set of JSON Web Keys used for signature
58		* validation and/or decryption.
59		*/
60	39	public function __construct(array $constraints = null, JWKSet $keys = null) {
61	39	$this->_refTime = time();
62	39	$this->_leeway = 60;
63	39	$this->_constraints = $constraints ? $constraints : [];
64	39	$this->_keys = $keys ? $keys : new JWKSet();
65	39	$this->_allowUnsecured = false;
66	39	}
67
68		/**
69		* Initialize with a single JSON Web Key.
70		*
71		* @param JWK $key JSON Web Key
72		* @param array $constraints Optional constraints
73		* @return self
74		*/
75	3	public static function fromKey(JWK $key, array $constraints = []) {
76	3	return new self($constraints, new JWKSet($key));
77		}
78
79		/**
80		* Get self with reference time.
81		*
82		* @param int\|null $ts Unix timestamp
83		* @return self
84		*/
85	23	public function withReferenceTime($ts) {
86	23	$obj = clone $this;
87	23	$obj->_refTime = $ts;
88	23	return $obj;
89		}
90
91		/**
92		* Check whether reference time is set.
93		*
94		* @return bool
95		*/
96	20	public function hasReferenceTime() {
97	20	return isset($this->_refTime);
98		}
99
100		/**
101		* Get reference time.
102		*
103		* @throws \LogicException
104		* @return int
105		*/
106	13	public function referenceTime() {
107	13	if (!$this->hasReferenceTime()) {
108	1	throw new \LogicException("Reference time not set.");
109		}
110	12	return $this->_refTime;
111		}
112
113		/**
114		* Get self with reference time leeway.
115		*
116		* @param int $seconds
117		* @return self
118		*/
119	11	public function withLeeway($seconds) {
120	11	$obj = clone $this;
121	11	$obj->_leeway = $seconds;
122	11	return $obj;
123		}
124
125		/**
126		* Get reference time leeway.
127		*
128		* @return int
129		*/
130	12	public function leeway() {
131	12	return $this->_leeway;
132		}
133
134		/**
135		* Get self with validation constraint.
136		*
137		* @param string $name Claim name
138		* @param mixed $constraint Value to check claim against
139		* @return self
140		*/
141	14	public function withConstraint($name, $constraint) {
142	14	$obj = clone $this;
143	14	$obj->_constraints[$name] = $constraint;
144	14	return $obj;
145		}
146
147		/**
148		* Get self with issuer constraint.
149		*
150		* @param string $issuer
151		* @return self
152		*/
153	4	public function withIssuer($issuer) {
154	4	return $this->withConstraint(RegisteredClaim::NAME_ISSUER, $issuer);
155		}
156
157		/**
158		* Get self with subject constraint.
159		*
160		* @param string $subject
161		* @return self
162		*/
163	3	public function withSubject($subject) {
164	3	return $this->withConstraint(RegisteredClaim::NAME_SUBJECT, $subject);
165		}
166
167		/**
168		* Get self with audience constraint.
169		*
170		* @param string $audience
171		* @return self
172		*/
173	3	public function withAudience($audience) {
174	3	return $this->withConstraint(RegisteredClaim::NAME_AUDIENCE, $audience);
175		}
176
177		/**
178		* Get self with JWT ID constraint.
179		*
180		* @param string $id
181		* @return self
182		*/
183	3	public function withID($id) {
184	3	return $this->withConstraint(RegisteredClaim::NAME_JWT_ID, $id);
185		}
186
187		/**
188		* Check whether constraint is present.
189		*
190		* @param string $name Claim name
191		* @return bool
192		*/
193	33	public function hasConstraint($name) {
194	33	return isset($this->_constraints[$name]);
195		}
196
197		/**
198		* Get constraint by claim name.
199		*
200		* @param string $name
201		* @throws \LogicException
202		* @return mixed Constraint value
203		*/
204	20	public function constraint($name) {
205	20	if (!$this->hasConstraint($name)) {
206	1	throw new \LogicException("Constraint $name not set.");
207		}
208	19	return $this->_constraints[$name];
209		}
210
211		/**
212		* Get the set of JSON Web Keys defined in this context.
213		*
214		* @return JWKSet
215		*/
216	8	public function keys() {
217	8	return $this->_keys;
218		}
219
220		/**
221		* Get self with 'allow unsecured' flag set.
222		*
223		* @param bool $allow Whether to allow unsecured JWT's
224		* @return self
225		*/
226	3	public function withUnsecuredAllowed($allow) {
227	3	$obj = clone $this;
228	3	$obj->_allowUnsecured = (bool) $allow;
229	3	return $obj;
230		}
231
232		/**
233		* Check whether unsecured JWT's are allowed.
234		*
235		* @return bool
236		*/
237	3	public function isUnsecuredAllowed() {
238	3	return $this->_allowUnsecured;
239		}
240
241		/**
242		* Validate claims.
243		*
244		* @param Claims $claims
245		* @throws \RuntimeException If any of the claims is not valid
246		* @return self
247		*/
248	25	public function validate(Claims $claims) {
249	25	foreach ($claims as $claim) {
250	25	if (!$claim->validateWithContext($this)) {
251	10	throw new ValidationException(
252	10	"Validation of claim '" . $claim->name() . "' failed.");
253		}
254	21	}
255	15	return $this;
256		}
257		}
258

sop / jwx

GitHub Access Token became invalid

Push — master ( 70b15e...4c8633 )

ValidationContext::isUnsecuredAllowed() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like