Controller::verifyWithToken() - Code Metrics - Inspection of "added ability to verify requests with signature (..." - spatie/laravel-slack-slash-command - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 789986...f8b0bb )

by Freek

created 2019-01-17 09:14 UTC

Controller::verifyWithToken() A

↳ Parent: Controller

Complexity

Conditions	4
Paths	5

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	16
rs	9.7333
c	0
b	0
f	0
cc	4
nc	5
nop	1

<?php

namespace Spatie\SlashCommand;

use Exception;
use Illuminate\Config\Repository;
use Illuminate\Http\Request as IlluminateRequest;
use Spatie\SlashCommand\Exceptions\InvalidHandler;
use Spatie\SlashCommand\Exceptions\InvalidRequest;
use Spatie\SlashCommand\Handlers\SignatureHandler;
use Illuminate\Http\Response as IlluminateResponse;
use Illuminate\Routing\Controller as IlluminateController;
use Spatie\SlashCommand\Exceptions\RequestCouldNotBeHandled;
use Spatie\SlashCommand\Exceptions\SlackSlashCommandException;

class Controller extends IlluminateController
{
    /** @var \Spatie\SlashCommand\Request */
    protected $request;

    /** @var \Illuminate\Support\Collection */
    protected $config;

    public function __construct(IlluminateRequest $request, Repository $config)
    {
        $this->request = Request::createFromIlluminateRequest($request);


        $this->config = collect($config->get('laravel-slack-slash-command'));
    }

    public function getResponse(IlluminateRequest $request): IlluminateResponse
    {
        $this->guardAgainstInvalidRequest($request);

        $handler = $this->determineHandler();

        try {
            if ($handler instanceof SignatureHandler) {
                $handler->validate();
            }
            $response = $handler->handle($this->request);
        } catch (SlackSlashCommandException $exception) {
            $response = $exception->getResponse($this->request);
        } catch (Exception $exception) {
            $response = $this->convertToResponse($exception);
        }

        return $response->getIlluminateResponse();
    }

    protected function guardAgainstInvalidRequest(IlluminateRequest $request)
    {
        if ($this->config->get('verify_with_signing')) {
            $this->verifyWithSigning($request);
        } else {
            $this->verifyWithToken($request);
        }
    }

    protected function verifyWithSigning(IlluminateRequest $request)
    {
        $signature = app(RequestSignature::class)->create($request);

        if ($request->header('X-Slack-Signature') !== $signature) {
            throw InvalidRequest::invalidSignature($signature);
        }
    }

    protected function verifyWithToken(IlluminateRequest $request)
    {
        if (! $request->has('token')) {
            throw InvalidRequest::tokenNotFound();
        }

        $validTokens = $this->config->get('token');

        if (! is_array($validTokens)) {
            $validTokens = [$validTokens];
        }

        if (! in_array($this->request->get('token'), $validTokens)) {
            throw InvalidRequest::invalidToken($this->request->get('token'));
        }
    }

    /**
     * @return \Spatie\SlashCommand\Handlers\BaseHandler
     *
     * @throws \Spatie\SlashCommand\Exceptions\RequestCouldNotBeHandled
     */
    protected function determineHandler()
    {
        $handler = collect($this->config->get('handlers'))
            ->map(function (string $handlerClassName) {
                if (! class_exists($handlerClassName)) {
                    throw InvalidHandler::handlerDoesNotExist($handlerClassName);
                }

                return new $handlerClassName($this->request);
            })
            ->filter(function (HandlesSlashCommand $handler) {
                return $handler->canHandle($this->request);
interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
            })
            ->first();

        if (! $handler) {
            throw RequestCouldNotBeHandled::noHandlerFound($this->request);
        }

        return $handler;
    }

    protected function convertToResponse(Exception $exception) : Response
    {
        $message = config('app.debug') ? (string) $exception : 'Whoops, something went wrong...';

        $exception = new SlackSlashCommandException(
            $message,
            $exception->getCode(),
            $exception
        );

        $response = $exception->getResponse($this->request);

        return $response;
    }
}


1			<?php
2
3			namespace Spatie\SlashCommand;
4
5			use Exception;
6			use Illuminate\Config\Repository;
7			use Illuminate\Http\Request as IlluminateRequest;
8			use Spatie\SlashCommand\Exceptions\InvalidHandler;
9			use Spatie\SlashCommand\Exceptions\InvalidRequest;
10			use Spatie\SlashCommand\Handlers\SignatureHandler;
11			use Illuminate\Http\Response as IlluminateResponse;
12			use Illuminate\Routing\Controller as IlluminateController;
13			use Spatie\SlashCommand\Exceptions\RequestCouldNotBeHandled;
14			use Spatie\SlashCommand\Exceptions\SlackSlashCommandException;
15
16			class Controller extends IlluminateController
17			{
18			/** @var \Spatie\SlashCommand\Request */
19			protected $request;
20
21			/** @var \Illuminate\Support\Collection */
22			protected $config;
23
24			public function __construct(IlluminateRequest $request, Repository $config)
25			{
26			$this->request = Request::createFromIlluminateRequest($request);
			0 ignored issues – show Documentation Bug introduced 2018-02-12 08:54 UTC by Report Bug Copy Issue Report It seems like `\Spatie\SlashCommand\Req...minateRequest($request)` of type `object<self>` is incompatible with the declared type `object<Spatie\SlashCommand\Request>` of property `$request`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
27
28			$this->config = collect($config->get('laravel-slack-slash-command'));
29			}
30
31			public function getResponse(IlluminateRequest $request): IlluminateResponse
32			{
33			$this->guardAgainstInvalidRequest($request);
34
35			$handler = $this->determineHandler();
36
37			try {
38			if ($handler instanceof SignatureHandler) {
39			$handler->validate();
40			}
41			$response = $handler->handle($this->request);
42			} catch (SlackSlashCommandException $exception) {
43			$response = $exception->getResponse($this->request);
44			} catch (Exception $exception) {
45			$response = $this->convertToResponse($exception);
46			}
47
48			return $response->getIlluminateResponse();
49			}
50
51			protected function guardAgainstInvalidRequest(IlluminateRequest $request)
52			{
53			if ($this->config->get('verify_with_signing')) {
54			$this->verifyWithSigning($request);
55			} else {
56			$this->verifyWithToken($request);
57			}
58			}
59
60			protected function verifyWithSigning(IlluminateRequest $request)
61			{
62			$signature = app(RequestSignature::class)->create($request);
63
64			if ($request->header('X-Slack-Signature') !== $signature) {
65			throw InvalidRequest::invalidSignature($signature);
66			}
67			}
68
69			protected function verifyWithToken(IlluminateRequest $request)
70			{
71			if (! $request->has('token')) {
72			throw InvalidRequest::tokenNotFound();
73			}
74
75			$validTokens = $this->config->get('token');
76
77			if (! is_array($validTokens)) {
78			$validTokens = [$validTokens];
79			}
80
81			if (! in_array($this->request->get('token'), $validTokens)) {
82			throw InvalidRequest::invalidToken($this->request->get('token'));
83			}
84			}
85
86			/**
87			* @return \Spatie\SlashCommand\Handlers\BaseHandler
88			*
89			* @throws \Spatie\SlashCommand\Exceptions\RequestCouldNotBeHandled
90			*/
91			protected function determineHandler()
92			{
93			$handler = collect($this->config->get('handlers'))
94			->map(function (string $handlerClassName) {
95			if (! class_exists($handlerClassName)) {
96			throw InvalidHandler::handlerDoesNotExist($handlerClassName);
97			}
98
99			return new $handlerClassName($this->request);
100			})
101			->filter(function (HandlesSlashCommand $handler) {
102			return $handler->canHandle($this->request);
			0 ignored issues – show Bug introduced 2016-10-03 09:53 UTC by Report Bug Copy Issue Report It seems like you code against a concrete implementation and not the interface `Spatie\SlashCommand\HandlesSlashCommand` as the method `canHandle()` does only exist in the following implementations of said interface: `Spatie\SlashCommand\Handlers\BaseHandler`, `Spatie\SlashCommand\Handlers\CatchAll`, `Spatie\SlashCommand\Handlers\Help`, `Spatie\SlashCommand\Handlers\SignatureHandler`. Let’s take a look at an example: interface User { /** @return string / public function getPassword(); } class MyUser implements User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the interface: interface User { /** @return string / public function getPassword(); /* @return string */ public function getDisplayName(); } Loading history...
103			})
104			->first();
105
106			if (! $handler) {
107			throw RequestCouldNotBeHandled::noHandlerFound($this->request);
108			}
109
110			return $handler;
111			}
112
113			protected function convertToResponse(Exception $exception) : Response
114			{
115			$message = config('app.debug') ? (string) $exception : 'Whoops, something went wrong...';
116
117			$exception = new SlackSlashCommandException(
118			$message,
119			$exception->getCode(),
120			$exception
121			);
122
123			$response = $exception->getResponse($this->request);
124
125			return $response;
126			}
127			}
128

spatie / laravel-slack-slash-command

GitHub Access Token became invalid

Push — master ( 789986...f8b0bb )

Controller::verifyWithToken() A

Complexity

Size

Duplication

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like