ClientRepository   A
last analyzed

Complexity

Total Complexity 4

Size/Duplication

Total Lines 44
Duplicated Lines 0 %

Importance

Changes 4
Bugs 1 Features 0
Metric Value
eloc 19
c 4
b 1
f 0
dl 0
loc 44
rs 10
wmc 4

2 Methods

Rating   Name   Duplication   Size   Complexity  
A getClientEntity() 0 10 1
A validateClient() 0 21 3
1
<?php
2
3
/**
4
 * @author      Alex Bilbie <[email protected]>
5
 * @copyright   Copyright (c) Alex Bilbie
6
 * @license     http://mit-license.org/
7
 *
8
 * @link        https://github.com/thephpleague/oauth2-server
9
 */
10
11
declare(strict_types=1);
12
13
namespace OAuth2ServerExamples\Repositories;
14
15
use League\OAuth2\Server\Entities\ClientEntityInterface;
16
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
17
use OAuth2ServerExamples\Entities\ClientEntity;
18
19
use function array_key_exists;
20
use function password_hash;
21
use function password_verify;
22
23
class ClientRepository implements ClientRepositoryInterface
24
{
25
    private const CLIENT_NAME = 'My Awesome App';
26
    private const REDIRECT_URI = 'http://foo/bar';
27
28
    /**
29
     * {@inheritdoc}
30
     */
31
    public function getClientEntity(string $clientIdentifier): ?ClientEntityInterface
32
    {
33
        $client = new ClientEntity();
34
35
        $client->setIdentifier($clientIdentifier);
36
        $client->setName(self::CLIENT_NAME);
37
        $client->setRedirectUri(self::REDIRECT_URI);
38
        $client->setConfidential();
39
40
        return $client;
41
    }
42
43
    /**
44
     * {@inheritdoc}
45
     */
46
    public function validateClient($clientIdentifier, $clientSecret, $grantType): bool
47
    {
48
        $clients = [
49
            'myawesomeapp' => [
50
                'secret'          => password_hash('abc123', PASSWORD_BCRYPT),
51
                'name'            => self::CLIENT_NAME,
52
                'redirect_uri'    => self::REDIRECT_URI,
53
                'is_confidential' => true,
54
            ],
55
        ];
56
57
        // Check if client is registered
58
        if (array_key_exists($clientIdentifier, $clients) === false) {
59
            return false;
60
        }
61
62
        if (password_verify($clientSecret, $clients[$clientIdentifier]['secret']) === false) {
0 ignored issues
show
Bug introduced by
It seems like $clients[$clientIdentifier]['secret'] can also be of type null; however, parameter $hash of password_verify() does only seem to accept string, maybe add an additional type check? ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-type  annotation

62
        if (password_verify($clientSecret, /** @scrutinizer ignore-type */ $clients[$clientIdentifier]['secret']) === false) {
Loading history...
63
            return false;
64
        }
65
66
        return true;
67
    }
68
}
69