ImplicitGrant::__construct() - Code Metrics - Inspection of "Improved examples" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 704578...e88511 )

by Alex

created 2016-04-18 11:23 UTC

ImplicitGrant::__construct() A

↳ Parent: ImplicitGrant

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Importance

Changes	3
Bugs	0	Features	0

Metric	Value
c	3
b	0
f	0
dl	0
loc	4
rs	10
cc	1
eloc	2
nc	1
nop	1

<?php
/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server\Grant;

use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\UserEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\RequestEvent;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use League\OAuth2\Server\ResponseTypes\RedirectResponse;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use Psr\Http\Message\ServerRequestInterface;

class ImplicitGrant extends AbstractAuthorizeGrant
{
    /**
     * @var \DateInterval
     */
    private $accessTokenTTL;

    /**
     * @param \DateInterval $accessTokenTTL
     */
    public function __construct(\DateInterval $accessTokenTTL)
    {
        $this->accessTokenTTL = $accessTokenTTL;
    }

    /**
     * @param \DateInterval $refreshTokenTTL
     *
     * @throw \LogicException
     */
    public function setRefreshTokenTTL(\DateInterval $refreshTokenTTL)
    {
        throw new \LogicException('The Implicit Grant does nto return refresh tokens');
    }

    /**
     * @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository
     *
     * @throw \LogicException
     */
    public function setRefreshTokenRepository(RefreshTokenRepositoryInterface $refreshTokenRepository)
    {
        throw new \LogicException('The Implicit Grant does nto return refresh tokens');
    }

    /**
     * {@inheritdoc}
     */
    public function canRespondToAccessTokenRequest(ServerRequestInterface $request)
    {
        return false;
    }

    /**
     * Return the grant identifier that can be used in matching up requests.
     *
     * @return string
     */
    public function getIdentifier()
    {
        return 'implicit';
    }

    /**
     * Respond to an incoming request.
     *
     * @param \Psr\Http\Message\ServerRequestInterface                  $request
     * @param \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType
     * @param \DateInterval                                             $accessTokenTTL
     *
     * @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface
     */
    public function respondToAccessTokenRequest(
        ServerRequestInterface $request,
        ResponseTypeInterface $responseType,
        \DateInterval $accessTokenTTL
    ) {
        throw new \LogicException('This grant does not used this method');
    }

    /**
     * {@inheritdoc}
     */
    public function canRespondToAuthorizationRequest(ServerRequestInterface $request)
    {
        return (
            array_key_exists('response_type', $request->getQueryParams())
            && $request->getQueryParams()['response_type'] === 'token'
            && isset($request->getQueryParams()['client_id'])
        );
    }

    /**
     * {@inheritdoc}
     */
    public function validateAuthorizationRequest(ServerRequestInterface $request)
    {
        $clientId = $this->getQueryStringParameter(
            'client_id',
            $request,
            $this->getServerParameter('PHP_AUTH_USER', $request)
        );
        if (is_null($clientId)) {
            throw OAuthServerException::invalidRequest('client_id');
        }

        $client = $this->clientRepository->getClientEntity(
            $clientId,
            $this->getIdentifier(),
            null,
            false
        );

        if ($client instanceof ClientEntityInterface === false) {
            $this->getEmitter()->emit(new RequestEvent('client.authentication.failed', $request));
            throw OAuthServerException::invalidClient();
        }

        $redirectUri = $this->getQueryStringParameter('redirect_uri', $request);
        if ($redirectUri !== null) {
            if (
                is_string($client->getRedirectUri())
                && (strcmp($client->getRedirectUri(), $redirectUri) !== 0)
            ) {
                $this->getEmitter()->emit(new RequestEvent('client.authentication.failed', $request));
                throw OAuthServerException::invalidClient();
            } elseif (
                is_array($client->getRedirectUri())
                && in_array($redirectUri, $client->getRedirectUri()) === false
            ) {
                $this->getEmitter()->emit(new RequestEvent('client.authentication.failed', $request));
                throw OAuthServerException::invalidClient();
            }
        }

        $scopes = $this->validateScopes(
            $this->getQueryStringParameter('scope', $request),
            is_array($client->getRedirectUri())
                ? $client->getRedirectUri()[0]
                : $client->getRedirectUri()
        );

        $stateParameter = $this->getQueryStringParameter('state', $request);

        $authorizationRequest = new AuthorizationRequest();
        $authorizationRequest->setGrantTypeId($this->getIdentifier());
        $authorizationRequest->setClient($client);
        $authorizationRequest->setRedirectUri($redirectUri);
        $authorizationRequest->setState($stateParameter);
        $authorizationRequest->setScopes($scopes);

        return $authorizationRequest;
    }

    /**
     * {@inheritdoc}
     */
    public function completeAuthorizationRequest(AuthorizationRequest $authorizationRequest)
    {
        if ($authorizationRequest->getUser() instanceof UserEntityInterface === false) {
            throw new \LogicException('An instance of UserEntityInterface should be set on the AuthorizationRequest');
        }

        $finalRedirectUri = ($authorizationRequest->getRedirectUri() === null)
            ? is_array($authorizationRequest->getClient()->getRedirectUri())
                ? $authorizationRequest->getClient()->getRedirectUri()[0]
                : $authorizationRequest->getClient()->getRedirectUri()
            : $authorizationRequest->getRedirectUri();

        // The user approved the client, redirect them back with an access token
        if ($authorizationRequest->isAuthorizationApproved() === true) {
            $accessToken = $this->issueAccessToken(
                $this->accessTokenTTL,
                $authorizationRequest->getClient(),
                $authorizationRequest->getUser()->getIdentifier(),
                $authorizationRequest->getScopes()
            );

            $response = new RedirectResponse();
            $response->setRedirectUri(
                $this->makeRedirectUri(
                    $finalRedirectUri,
                    [
                        'access_token' => (string) $accessToken->convertToJWT($this->privateKey),
                        'token_type'   => 'bearer',
                        'expires_in'   => $accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp(),
                        'state'        => $authorizationRequest->getState(),
                    ],
                    '#'
                )
            );

            return $response;
        }

        // The user denied the client, redirect them back with an error
        throw OAuthServerException::accessDenied(
            'The user denied the request',
            $finalRedirectUri
        );
    }
}


1			<?php
2			/**
3			* @author Alex Bilbie <[email protected]>
4			* @copyright Copyright (c) Alex Bilbie
5			* @license http://mit-license.org/
6			*
7			* @link https://github.com/thephpleague/oauth2-server
8			*/
9
10			namespace League\OAuth2\Server\Grant;
11
12			use League\OAuth2\Server\Entities\ClientEntityInterface;
13			use League\OAuth2\Server\Entities\UserEntityInterface;
14			use League\OAuth2\Server\Exception\OAuthServerException;
15			use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
16			use League\OAuth2\Server\RequestEvent;
17			use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
18			use League\OAuth2\Server\ResponseTypes\RedirectResponse;
19			use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
20			use Psr\Http\Message\ServerRequestInterface;
21
22			class ImplicitGrant extends AbstractAuthorizeGrant
23			{
24			/**
25			* @var \DateInterval
26			*/
27			private $accessTokenTTL;
28
29			/**
30			* @param \DateInterval $accessTokenTTL
31			*/
32			public function __construct(\DateInterval $accessTokenTTL)
33			{
34			$this->accessTokenTTL = $accessTokenTTL;
35			}
36
37			/**
38			* @param \DateInterval $refreshTokenTTL
39			*
40			* @throw \LogicException
41			*/
42			public function setRefreshTokenTTL(\DateInterval $refreshTokenTTL)
43			{
44			throw new \LogicException('The Implicit Grant does nto return refresh tokens');
45			}
46
47			/**
48			* @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository
49			*
50			* @throw \LogicException
51			*/
52			public function setRefreshTokenRepository(RefreshTokenRepositoryInterface $refreshTokenRepository)
53			{
54			throw new \LogicException('The Implicit Grant does nto return refresh tokens');
55			}
56
57			/**
58			* {@inheritdoc}
59			*/
60			public function canRespondToAccessTokenRequest(ServerRequestInterface $request)
61			{
62			return false;
63			}
64
65			/**
66			* Return the grant identifier that can be used in matching up requests.
67			*
68			* @return string
69			*/
70			public function getIdentifier()
71			{
72			return 'implicit';
73			}
74
75			/**
76			* Respond to an incoming request.
77			*
78			* @param \Psr\Http\Message\ServerRequestInterface $request
79			* @param \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType
80			* @param \DateInterval $accessTokenTTL
81			*
82			* @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface
83			*/
84			public function respondToAccessTokenRequest(
85			ServerRequestInterface $request,
86			ResponseTypeInterface $responseType,
87			\DateInterval $accessTokenTTL
88			) {
89			throw new \LogicException('This grant does not used this method');
90			}
91
92			/**
93			* {@inheritdoc}
94			*/
95			public function canRespondToAuthorizationRequest(ServerRequestInterface $request)
96			{
97			return (
98			array_key_exists('response_type', $request->getQueryParams())
99			&& $request->getQueryParams()['response_type'] === 'token'
100			&& isset($request->getQueryParams()['client_id'])
101			);
102			}
103
104			/**
105			* {@inheritdoc}
106			*/
107			public function validateAuthorizationRequest(ServerRequestInterface $request)
108			{
109			$clientId = $this->getQueryStringParameter(
110			'client_id',
111			$request,
112			$this->getServerParameter('PHP_AUTH_USER', $request)
113			);
114			if (is_null($clientId)) {
115			throw OAuthServerException::invalidRequest('client_id');
116			}
117
118			$client = $this->clientRepository->getClientEntity(
119			$clientId,
120			$this->getIdentifier(),
121			null,
122			false
123			);
124
125			if ($client instanceof ClientEntityInterface === false) {
126			$this->getEmitter()->emit(new RequestEvent('client.authentication.failed', $request));
127			throw OAuthServerException::invalidClient();
128			}
129
130			$redirectUri = $this->getQueryStringParameter('redirect_uri', $request);
131			if ($redirectUri !== null) {
132			if (
133			is_string($client->getRedirectUri())
134			&& (strcmp($client->getRedirectUri(), $redirectUri) !== 0)
135			) {
136			$this->getEmitter()->emit(new RequestEvent('client.authentication.failed', $request));
137			throw OAuthServerException::invalidClient();
138			} elseif (
139			is_array($client->getRedirectUri())
140			&& in_array($redirectUri, $client->getRedirectUri()) === false
141			) {
142			$this->getEmitter()->emit(new RequestEvent('client.authentication.failed', $request));
143			throw OAuthServerException::invalidClient();
144			}
145			}
146
147			$scopes = $this->validateScopes(
148			$this->getQueryStringParameter('scope', $request),
149			is_array($client->getRedirectUri())
150			? $client->getRedirectUri()[0]
151			: $client->getRedirectUri()
152			);
153
154			$stateParameter = $this->getQueryStringParameter('state', $request);
155
156			$authorizationRequest = new AuthorizationRequest();
157			$authorizationRequest->setGrantTypeId($this->getIdentifier());
158			$authorizationRequest->setClient($client);
159			$authorizationRequest->setRedirectUri($redirectUri);
160			$authorizationRequest->setState($stateParameter);
161			$authorizationRequest->setScopes($scopes);
162
163			return $authorizationRequest;
164			}
165
166			/**
167			* {@inheritdoc}
168			*/
169			public function completeAuthorizationRequest(AuthorizationRequest $authorizationRequest)
170			{
171			if ($authorizationRequest->getUser() instanceof UserEntityInterface === false) {
172			throw new \LogicException('An instance of UserEntityInterface should be set on the AuthorizationRequest');
173			}
174
175			$finalRedirectUri = ($authorizationRequest->getRedirectUri() === null)
176			? is_array($authorizationRequest->getClient()->getRedirectUri())
177			? $authorizationRequest->getClient()->getRedirectUri()[0]
178			: $authorizationRequest->getClient()->getRedirectUri()
179			: $authorizationRequest->getRedirectUri();
180
181			// The user approved the client, redirect them back with an access token
182			if ($authorizationRequest->isAuthorizationApproved() === true) {
183			$accessToken = $this->issueAccessToken(
184			$this->accessTokenTTL,
185			$authorizationRequest->getClient(),
186			$authorizationRequest->getUser()->getIdentifier(),
187			$authorizationRequest->getScopes()
188			);
189
190			$response = new RedirectResponse();
191			$response->setRedirectUri(
192			$this->makeRedirectUri(
193			$finalRedirectUri,
194			[
195			'access_token' => (string) $accessToken->convertToJWT($this->privateKey),
196			'token_type' => 'bearer',
197			'expires_in' => $accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp(),
198			'state' => $authorizationRequest->getState(),
199			],
200			'#'
201			)
202			);
203
204			return $response;
205			}
206
207			// The user denied the client, redirect them back with an error
208			throw OAuthServerException::accessDenied(
209			'The user denied the request',
210			$finalRedirectUri
211			);
212			}
213			}
214

thephpleague / oauth2-server

Push — master ( 704578...e88511 )

ImplicitGrant::__construct() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like