Issues in Token.php (master) - Issues in master - spinen/laravel-formio - Measure and Improve Code Quality continuously with Scrutinizer

Issues (13)

src/Token.php (1 issue)

Severity

Unknown 1

<?php

namespace Spinen\Formio;

use Carbon\Carbon;
use Firebase\JWT\JWT;
use stdClass;

/**
 * Class Token
 *
 * @package Spinen\Formio
 */
class Token
{
    /**
     * Carbon instance of when token expires
     *
     * @var Carbon
     */
    public $expires_at;

    /**
     * Carbon instance of when token issued
     *
     * @var Carbon
     */
    public $issued_at;

    /**
     * The JWT
     *
     * @var string
     */
    public $jwt;

    /**
     * Parsed JWT as an object
     *
     * @var stdClass
     */
    public $jwt_obj;

    /**
     * Formio User
     *
     * @var array
     */
    public $user;

    /**
     * Is the token expired?
     *
     * @return bool
     */
    public function expired()
    {
        return empty($this->expires_at)
            ? true
            : Carbon::now()
                    ->gte($this->expires_at);
    }

    /**
     * Build SSO JWT for a User
     *
     * @see https://help.form.io/integrations/sso/
     *
     * @param string $project
     * @param string $form
     * @param array $user
     * @param array $roles
     * @param string $secret
     * @param string $algorithm
     *
     * @return Token
     */
    public function makeJwt($project, $form, array $user, array $roles, $secret, $algorithm)
    {
        $now = Carbon::now();

        $jwt = [
            'external' => true,
            'form'     => [
                '_id' => $form,
            ],
            'user'     => [
                '_id'   => 'external',
                'data'  => $user,
                'roles' => $roles,
            ],
            'iat'      => $now->timestamp,
            // TODO: Use the same timeout as the docker container
            'exp'      => $now->addMinutes(240)->timestamp,
        ];

        // NOTE: Appears to only be used by enterprise version where you can have multiple "projects"
        if (!is_null($project)) {

            $jwt['project'] = [
                '_id' => $project,
            ];
        }

        return $this->setJwt(JWT::encode($jwt, $secret, $algorithm), $secret, $algorithm)
                    ->setUser($user);
    }

    /**
     * Set the JWT
     *
     * @param string $jwt
     * @param string $secret
     * @param string $algorithm
     *
     * @return $this
     */
    public function setJwt($jwt, $secret, $algorithm)
    {
        // 1 second buffer to time difference
        JWT::$leeway += 10;

        $this->jwt = $jwt;
        $this->jwt_obj = JWT::decode($this->jwt, $secret, [$algorithm]);

        $this->expires_at = Carbon::createFromTimestamp($this->jwt_obj->exp);
        $this->issued_at = Carbon::createFromTimestamp($this->jwt_obj->iat);

        return $this;
    }

    /**
     * Set the User
     *
     * @param array $user
     *
     * @return Token
     */
    public function setUser(array $user)
    {
        $this->user = $user;

        return $this;
    }
}


1		<?php
2
3		namespace Spinen\Formio;
4
5		use Carbon\Carbon;
6		use Firebase\JWT\JWT;
7		use stdClass;
8
9		/**
10		* Class Token
11		*
12		* @package Spinen\Formio
13		*/
14		class Token
15		{
16		/**
17		* Carbon instance of when token expires
18		*
19		* @var Carbon
20		*/
21		public $expires_at;
22
23		/**
24		* Carbon instance of when token issued
25		*
26		* @var Carbon
27		*/
28		public $issued_at;
29
30		/**
31		* The JWT
32		*
33		* @var string
34		*/
35		public $jwt;
36
37		/**
38		* Parsed JWT as an object
39		*
40		* @var stdClass
41		*/
42		public $jwt_obj;
43
44		/**
45		* Formio User
46		*
47		* @var array
48		*/
49		public $user;
50
51		/**
52		* Is the token expired?
53		*
54		* @return bool
55		*/
56	2	public function expired()
57		{
58	2	return empty($this->expires_at)
59	2	? true
60	2	: Carbon::now()
61	2	->gte($this->expires_at);
62		}
63
64		/**
65		* Build SSO JWT for a User
66		*
67		* @see https://help.form.io/integrations/sso/
68		*
69		* @param string $project
70		* @param string $form
71		* @param array $user
72		* @param array $roles
73		* @param string $secret
74		* @param string $algorithm
75		*
76		* @return Token
77		*/
78	2	public function makeJwt($project, $form, array $user, array $roles, $secret, $algorithm)
79		{
80	2	$now = Carbon::now();
81
82		$jwt = [
83	2	'external' => true,
84		'form' => [
85	2	'_id' => $form,
86		],
87		'user' => [
88	2	'_id' => 'external',
89	2	'data' => $user,
90	2	'roles' => $roles,
91		],
92	2	'iat' => $now->timestamp,
93		// TODO: Use the same timeout as the docker container
94	2	'exp' => $now->addMinutes(240)->timestamp,
95		];
96
97		// NOTE: Appears to only be used by enterprise version where you can have multiple "projects"
98	2	if (!is_null($project)) {
		0 ignored issues – show introduced 2019-10-04 18:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The condition `is_null($project)` is always `false`. Loading history...
99	1	$jwt['project'] = [
100	1	'_id' => $project,
101		];
102		}
103
104	2	return $this->setJwt(JWT::encode($jwt, $secret, $algorithm), $secret, $algorithm)
105		->setUser($user);
106		}
107
108		/**
109		* Set the JWT
110		*
111		* @param string $jwt
112		* @param string $secret
113		* @param string $algorithm
114		*
115		* @return $this
116		*/
117	3	public function setJwt($jwt, $secret, $algorithm)
118		{
119		// 1 second buffer to time difference
120	3	JWT::$leeway += 10;
121
122	3	$this->jwt = $jwt;
123	3	$this->jwt_obj = JWT::decode($this->jwt, $secret, [$algorithm]);
124
125	3	$this->expires_at = Carbon::createFromTimestamp($this->jwt_obj->exp);
126	3	$this->issued_at = Carbon::createFromTimestamp($this->jwt_obj->iat);
127
128	3	return $this;
129		}
130
131		/**
132		* Set the User
133		*
134		* @param array $user
135		*
136		* @return Token
137		*/
138	3	public function setUser(array $user)
139		{
140	3	$this->user = $user;
141
142	3	return $this;
143		}
144		}
145

spinen / laravel-formio

Issues (13)

src/Token.php (1 issue)

Severity

Introduced By

Duplication Side-by-Side

Filter issues like