Google::assertMatchingDomain() - Code Metrics - Inspection of "Remove Google+ support" - thephpleague/oauth2-google - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#65)

by Woody

created 2018-12-23 04:28 UTC

Google::assertMatchingDomain() A

↳ Parent: Google

Complexity

Conditions	5
Paths	4

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	19
rs	9.3222
c	0
b	0
f	0
cc	5
nc	4
nop	1

<?php

namespace League\OAuth2\Client\Provider;

use League\OAuth2\Client\Exception\HostedDomainException;
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Token\AccessToken;
use League\OAuth2\Client\Tool\BearerAuthorizationTrait;
use Psr\Http\Message\ResponseInterface;

class Google extends AbstractProvider
{
    use BearerAuthorizationTrait;

    /**
     * @var string If set, this will be sent to google as the "access_type" parameter.
     * @link https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
     */
    protected $accessType;

    /**
     * @var string If set, this will be sent to google as the "hd" parameter.
     * @link https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
     */
    protected $hostedDomain;

    /**
     * @var string If set, this will be sent to google as the "prompt" parameter.
     * @link https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
     */
    protected $prompt;

    /**
     * @var array List of scopes that will be used for authentication.
     * @link https://developers.google.com/identity/protocols/googlescopes
     */
    protected $scopes = [];

    public function getBaseAuthorizationUrl()
    {
        return 'https://accounts.google.com/o/oauth2/v2/auth';
    }

    public function getBaseAccessTokenUrl(array $params)
    {
        return 'https://www.googleapis.com/oauth2/v4/token';
    }

    public function getResourceOwnerDetailsUrl(AccessToken $token)
    {
        return 'https://openidconnect.googleapis.com/v1/userinfo';
    }

    protected function getAuthorizationParameters(array $options)
    {
        $additionalOptions = array_filter([
            'hd' => $this->hostedDomain,
            'access_type' => $this->accessType,
            'prompt' => $this->prompt,
            'scopes' => $this->scopes,
        ]);

        $options = array_replace($additionalOptions, parent::getAuthorizationParameters($options));

        return $options;
    }

    protected function getDefaultScopes()
    {
        // "openid" SHOULD be the first scope in the list.
        return [
            'openid',
            'email',
            'profile',
        ];
    }

    protected function getScopeSeparator()
    {
        return ' ';
    }

    protected function checkResponse(ResponseInterface $response, $data)
    {
        // @codeCoverageIgnoreStart
        if (empty($data['error'])) {
            return;
        }
        // @codeCoverageIgnoreEnd

        $code  = 0;
        $error = $data['error'];

        if (is_array($error)) {
            $code  = $error['code'];
            $error = $error['message'];
        }

        throw new IdentityProviderException($error, $code, $data);
    }

    protected function createResourceOwner(array $response, AccessToken $token)
    {
        $user = new GoogleUser($response);

        $this->assertMatchingDomain($user->getHostedDomain());

        return $user;
    }

    /**
     * @throws HostedDomainException If the domain does not match the configured domain.
     */
    protected function assertMatchingDomain($hostedDomain)
    {
        if ($this->hostedDomain === null) {
            // No hosted domain configured.
            return;
        }

        if ($this->hostedDomain === '*' && $hostedDomain) {
            // Any hosted domain is allowed.
            return;
        }

        if ($this->hostedDomain === $hostedDomain) {
            // Hosted domain is correct.
            return;
        }

        throw HostedDomainException::notMatchingDomain($this->hostedDomain);
    }
}


1			<?php
2
3			namespace League\OAuth2\Client\Provider;
4
5			use League\OAuth2\Client\Exception\HostedDomainException;
6			use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
7			use League\OAuth2\Client\Token\AccessToken;
8			use League\OAuth2\Client\Tool\BearerAuthorizationTrait;
9			use Psr\Http\Message\ResponseInterface;
10
11			class Google extends AbstractProvider
12			{
13			use BearerAuthorizationTrait;
14
15			/**
16			* @var string If set, this will be sent to google as the "access_type" parameter.
17			* @link https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
18			*/
19			protected $accessType;
20
21			/**
22			* @var string If set, this will be sent to google as the "hd" parameter.
23			* @link https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
24			*/
25			protected $hostedDomain;
26
27			/**
28			* @var string If set, this will be sent to google as the "prompt" parameter.
29			* @link https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
30			*/
31			protected $prompt;
32
33			/**
34			* @var array List of scopes that will be used for authentication.
35			* @link https://developers.google.com/identity/protocols/googlescopes
36			*/
37			protected $scopes = [];
38
39			public function getBaseAuthorizationUrl()
40			{
41			return 'https://accounts.google.com/o/oauth2/v2/auth';
42			}
43
44			public function getBaseAccessTokenUrl(array $params)
45			{
46			return 'https://www.googleapis.com/oauth2/v4/token';
47			}
48
49			public function getResourceOwnerDetailsUrl(AccessToken $token)
50			{
51			return 'https://openidconnect.googleapis.com/v1/userinfo';
52			}
53
54			protected function getAuthorizationParameters(array $options)
55			{
56			$additionalOptions = array_filter([
57			'hd' => $this->hostedDomain,
58			'access_type' => $this->accessType,
59			'prompt' => $this->prompt,
60			'scopes' => $this->scopes,
61			]);
62
63			$options = array_replace($additionalOptions, parent::getAuthorizationParameters($options));
64
65			return $options;
66			}
67
68			protected function getDefaultScopes()
69			{
70			// "openid" SHOULD be the first scope in the list.
71			return [
72			'openid',
73			'email',
74			'profile',
75			];
76			}
77
78			protected function getScopeSeparator()
79			{
80			return ' ';
81			}
82
83			protected function checkResponse(ResponseInterface $response, $data)
84			{
85			// @codeCoverageIgnoreStart
86			if (empty($data['error'])) {
87			return;
88			}
89			// @codeCoverageIgnoreEnd
90
91			$code = 0;
92			$error = $data['error'];
93
94			if (is_array($error)) {
95			$code = $error['code'];
96			$error = $error['message'];
97			}
98
99			throw new IdentityProviderException($error, $code, $data);
100			}
101
102			protected function createResourceOwner(array $response, AccessToken $token)
103			{
104			$user = new GoogleUser($response);
105
106			$this->assertMatchingDomain($user->getHostedDomain());
107
108			return $user;
109			}
110
111			/**
112			* @throws HostedDomainException If the domain does not match the configured domain.
113			*/
114			protected function assertMatchingDomain($hostedDomain)
115			{
116			if ($this->hostedDomain === null) {
117			// No hosted domain configured.
118			return;
119			}
120
121			if ($this->hostedDomain === '*' && $hostedDomain) {
122			// Any hosted domain is allowed.
123			return;
124			}
125
126			if ($this->hostedDomain === $hostedDomain) {
127			// Hosted domain is correct.
128			return;
129			}
130
131			throw HostedDomainException::notMatchingDomain($this->hostedDomain);
132			}
133			}
134

thephpleague / oauth2-google

Pull Request — master (#65)

Google::assertMatchingDomain() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like