GitHub Access Token became invalid

It seems like the GitHub access token used for retrieving details about this repository from GitHub became invalid. This might prevent certain types of inspections from being run (in particular, everything related to pull requests).
Please ask an admin of your repository to re-new the access token on this website.
Completed
Push — master ( 70b15e...4c8633 )
by Joni
04:39
created

ValidationContext::isUnsecuredAllowed()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 3
Code Lines 2

Duplication

Lines 0
Ratio 0 %

Code Coverage

Tests 2
CRAP Score 1

Importance

Changes 1
Bugs 0 Features 1
Metric Value
c 1
b 0
f 1
dl 0
loc 3
ccs 2
cts 2
cp 1
rs 10
cc 1
eloc 2
nc 1
nop 0
crap 1
1
<?php
2
3
namespace JWX\JWT;
4
5
use JWX\JWK\JWK;
6
use JWX\JWK\JWKSet;
7
use JWX\JWT\Claim\RegisteredClaim;
8
use JWX\JWT\Exception\ValidationException;
9
10
11
/**
12
 * Class to provide context for claims validation.
13
 */
14
class ValidationContext
15
{
16
	/**
17
	 * Reference time.
18
	 *
19
	 * @var int $_refTime
20
	 */
21
	protected $_refTime;
22
	
23
	/**
24
	 * Leeway in seconds for the reference time constraints.
25
	 *
26
	 * @var int $_leeway
27
	 */
28
	protected $_leeway;
29
	
30
	/**
31
	 * Validation constraints.
32
	 *
33
	 * @var array $_constraints
34
	 */
35
	protected $_constraints;
36
	
37
	/**
38
	 * Set of JSON Web Keys usable for the validation.
39
	 *
40
	 * @var JWKSet $_keys
41
	 */
42
	protected $_keys;
43
	
44
	/**
45
	 * Whether to allow unsecured JWT's, that is, claims without integrity
46
	 * protection nor encryption.
47
	 *
48
	 * @var bool $_allowUnsecured
49
	 */
50
	protected $_allowUnsecured;
51
	
52
	/**
53
	 * Constructor
54
	 *
55
	 * @param array $constraints Optional array of constraints keyed by claim
56
	 *        names
57
	 * @param JWKSet $keys Optional set of JSON Web Keys used for signature
58
	 *        validation and/or decryption.
59
	 */
60 39
	public function __construct(array $constraints = null, JWKSet $keys = null) {
61 39
		$this->_refTime = time();
62 39
		$this->_leeway = 60;
63 39
		$this->_constraints = $constraints ? $constraints : [];
64 39
		$this->_keys = $keys ? $keys : new JWKSet();
65 39
		$this->_allowUnsecured = false;
66 39
	}
67
	
68
	/**
69
	 * Initialize with a single JSON Web Key.
70
	 *
71
	 * @param JWK $key JSON Web Key
72
	 * @param array $constraints Optional constraints
73
	 * @return self
74
	 */
75 3
	public static function fromKey(JWK $key, array $constraints = []) {
76 3
		return new self($constraints, new JWKSet($key));
77
	}
78
	
79
	/**
80
	 * Get self with reference time.
81
	 *
82
	 * @param int|null $ts Unix timestamp
83
	 * @return self
84
	 */
85 23
	public function withReferenceTime($ts) {
86 23
		$obj = clone $this;
87 23
		$obj->_refTime = $ts;
88 23
		return $obj;
89
	}
90
	
91
	/**
92
	 * Check whether reference time is set.
93
	 *
94
	 * @return bool
95
	 */
96 20
	public function hasReferenceTime() {
97 20
		return isset($this->_refTime);
98
	}
99
	
100
	/**
101
	 * Get reference time.
102
	 *
103
	 * @throws \LogicException
104
	 * @return int
105
	 */
106 13
	public function referenceTime() {
107 13
		if (!$this->hasReferenceTime()) {
108 1
			throw new \LogicException("Reference time not set.");
109
		}
110 12
		return $this->_refTime;
111
	}
112
	
113
	/**
114
	 * Get self with reference time leeway.
115
	 *
116
	 * @param int $seconds
117
	 * @return self
118
	 */
119 11
	public function withLeeway($seconds) {
120 11
		$obj = clone $this;
121 11
		$obj->_leeway = $seconds;
122 11
		return $obj;
123
	}
124
	
125
	/**
126
	 * Get reference time leeway.
127
	 *
128
	 * @return int
129
	 */
130 12
	public function leeway() {
131 12
		return $this->_leeway;
132
	}
133
	
134
	/**
135
	 * Get self with validation constraint.
136
	 *
137
	 * @param string $name Claim name
138
	 * @param mixed $constraint Value to check claim against
139
	 * @return self
140
	 */
141 14
	public function withConstraint($name, $constraint) {
142 14
		$obj = clone $this;
143 14
		$obj->_constraints[$name] = $constraint;
144 14
		return $obj;
145
	}
146
	
147
	/**
148
	 * Get self with issuer constraint.
149
	 *
150
	 * @param string $issuer
151
	 * @return self
152
	 */
153 4
	public function withIssuer($issuer) {
154 4
		return $this->withConstraint(RegisteredClaim::NAME_ISSUER, $issuer);
155
	}
156
	
157
	/**
158
	 * Get self with subject constraint.
159
	 *
160
	 * @param string $subject
161
	 * @return self
162
	 */
163 3
	public function withSubject($subject) {
164 3
		return $this->withConstraint(RegisteredClaim::NAME_SUBJECT, $subject);
165
	}
166
	
167
	/**
168
	 * Get self with audience constraint.
169
	 *
170
	 * @param string $audience
171
	 * @return self
172
	 */
173 3
	public function withAudience($audience) {
174 3
		return $this->withConstraint(RegisteredClaim::NAME_AUDIENCE, $audience);
175
	}
176
	
177
	/**
178
	 * Get self with JWT ID constraint.
179
	 *
180
	 * @param string $id
181
	 * @return self
182
	 */
183 3
	public function withID($id) {
184 3
		return $this->withConstraint(RegisteredClaim::NAME_JWT_ID, $id);
185
	}
186
	
187
	/**
188
	 * Check whether constraint is present.
189
	 *
190
	 * @param string $name Claim name
191
	 * @return bool
192
	 */
193 33
	public function hasConstraint($name) {
194 33
		return isset($this->_constraints[$name]);
195
	}
196
	
197
	/**
198
	 * Get constraint by claim name.
199
	 *
200
	 * @param string $name
201
	 * @throws \LogicException
202
	 * @return mixed Constraint value
203
	 */
204 20
	public function constraint($name) {
205 20
		if (!$this->hasConstraint($name)) {
206 1
			throw new \LogicException("Constraint $name not set.");
207
		}
208 19
		return $this->_constraints[$name];
209
	}
210
	
211
	/**
212
	 * Get the set of JSON Web Keys defined in this context.
213
	 *
214
	 * @return JWKSet
215
	 */
216 8
	public function keys() {
217 8
		return $this->_keys;
218
	}
219
	
220
	/**
221
	 * Get self with 'allow unsecured' flag set.
222
	 *
223
	 * @param bool $allow Whether to allow unsecured JWT's
224
	 * @return self
225
	 */
226 3
	public function withUnsecuredAllowed($allow) {
227 3
		$obj = clone $this;
228 3
		$obj->_allowUnsecured = (bool) $allow;
229 3
		return $obj;
230
	}
231
	
232
	/**
233
	 * Check whether unsecured JWT's are allowed.
234
	 *
235
	 * @return bool
236
	 */
237 3
	public function isUnsecuredAllowed() {
238 3
		return $this->_allowUnsecured;
239
	}
240
	
241
	/**
242
	 * Validate claims.
243
	 *
244
	 * @param Claims $claims
245
	 * @throws \RuntimeException If any of the claims is not valid
246
	 * @return self
247
	 */
248 25
	public function validate(Claims $claims) {
249 25
		foreach ($claims as $claim) {
250 25
			if (!$claim->validateWithContext($this)) {
251 10
				throw new ValidationException(
252 10
					"Validation of claim '" . $claim->name() . "' failed.");
253
			}
254 21
		}
255 15
		return $this;
256
	}
257
}
258