Introspector::isTokenRevoked() - Code Metrics - Inspection of "Add introspection implementation" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#925)

unknown

created 2018-07-22 12:10 UTC

Introspector::isTokenRevoked() A

↳ Parent: Introspector

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes

Metric	Value
dl	0
loc	4
ccs	2
cts	2
cp	1
rs	10
c	0
b	0
f	0
cc	1
nc	1
nop	1
crap	1

<?php

namespace League\OAuth2\Server;

use InvalidArgumentException;
use Lcobucci\JWT\Parser;
use Lcobucci\JWT\Signer\Keychain;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use Lcobucci\JWT\Token;
use Lcobucci\JWT\ValidationData;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\ResponseTypes\IntrospectionResponse;
use Psr\Http\Message\ServerRequestInterface;

class Introspector
{
    /**
     * @var AccessTokenRepositoryInterface
     */
    private $accessTokenRepository;

    /**
     * @var CryptKey
     */
    private $privateKey;

    /**
     * @var Parser
     */
    private $parser;

    /**
     * New Introspector instance.
     *
     * @param AccessTokenRepositoryInterface $accessTokenRepository
     * @param CryptKey                       $privateKey
     * @param Parser                         $parser
     */
    public function __construct(
        AccessTokenRepositoryInterface $accessTokenRepository,
        CryptKey $privateKey,
        Parser $parser
    ) {
        $this->accessTokenRepository = $accessTokenRepository;
        $this->privateKey = $privateKey;
        $this->parser = $parser;
    }

    /**
     * Return an introspection response.
     *
     * @param ServerRequestInterface $request
     * @param IntrospectionResponse  $responseType
     *
     * @return IntrospectionResponse
     */
    public function respondToIntrospectionRequest(
        ServerRequestInterface $request,
        IntrospectionResponse $responseType
    ) {
        $jwt = $request->getParsedBody()['token'] ?? null;

        try {
            $token = $this->parser->parse($jwt);
        } catch (InvalidArgumentException $e) {
            return $responseType;
        }

        return $this->isTokenValid($token) ?
            $this->setTokenOnResponse($token, $responseType) :
            $responseType;
    }

    /**
     * Validate the JWT and make sure it has not expired or been revoked
     *
     * @return bool
     */
    private function isTokenValid(Token $token)
    {
        return $this->verifyToken($token) && !$this->isTokenExpired($token) && !$this->isTokenRevoked($token);
    }

    /**
     * Validate the JWT token.
     *
     * @param Token $token
     *
     * @return bool
     */
    private function verifyToken(Token $token)
    {
        $keychain = new Keychain();
        $key = $keychain->getPrivateKey($this->privateKey->getKeyPath(), $this->privateKey->getPassPhrase());

        return $token->verify(new Sha256, $key->getContent());
    }

    /**
     * Ensure access token hasn't expired
     *
     * @param Token $token
     *
     * @return bool
     */
    private function isTokenExpired(Token $token)
    {
        $data = new ValidationData(time());

        return !$token->validate($data);
    }

    /**
     * Check if the given access token is revoked.
     *
     * @param Token $token
     *
     * @return bool
     */
    private function isTokenRevoked(Token $token)
    {
        return $this->accessTokenRepository->isAccessTokenRevoked($token->getClaim('jti'));
    }

    /**
     * Create active introspection response.
     *
     * @param Token $token
     *
     * @return IntrospectionResponse
     */
    private function setTokenOnResponse(Token $token, IntrospectionResponse $responseType)
    {
        $responseType->setToken($token);

        return $responseType;
    }
}


1		<?php
2
3		namespace League\OAuth2\Server;
4
5		use InvalidArgumentException;
6		use Lcobucci\JWT\Parser;
7		use Lcobucci\JWT\Signer\Keychain;
8		use Lcobucci\JWT\Signer\Rsa\Sha256;
9		use Lcobucci\JWT\Token;
10		use Lcobucci\JWT\ValidationData;
11		use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
12		use League\OAuth2\Server\ResponseTypes\IntrospectionResponse;
13		use Psr\Http\Message\ServerRequestInterface;
14
15		class Introspector
16		{
17		/**
18		* @var AccessTokenRepositoryInterface
19		*/
20		private $accessTokenRepository;
21
22		/**
23		* @var CryptKey
24		*/
25		private $privateKey;
26
27		/**
28		* @var Parser
29		*/
30		private $parser;
31
32		/**
33		* New Introspector instance.
34		*
35		* @param AccessTokenRepositoryInterface $accessTokenRepository
36		* @param CryptKey $privateKey
37		* @param Parser $parser
38		*/
39	5	public function __construct(
40		AccessTokenRepositoryInterface $accessTokenRepository,
41		CryptKey $privateKey,
42		Parser $parser
43		) {
44	5	$this->accessTokenRepository = $accessTokenRepository;
45	5	$this->privateKey = $privateKey;
46	5	$this->parser = $parser;
47	5	}
48
49		/**
50		* Return an introspection response.
51		*
52		* @param ServerRequestInterface $request
53		* @param IntrospectionResponse $responseType
54		*
55		* @return IntrospectionResponse
56		*/
57	5	public function respondToIntrospectionRequest(
58		ServerRequestInterface $request,
59		IntrospectionResponse $responseType
60		) {
61	5	$jwt = $request->getParsedBody()['token'] ?? null;
62
63		try {
64	5	$token = $this->parser->parse($jwt);
65	1	} catch (InvalidArgumentException $e) {
66	1	return $responseType;
67		}
68
69	4	return $this->isTokenValid($token) ?
70	1	$this->setTokenOnResponse($token, $responseType) :
71	4	$responseType;
72		}
73
74		/**
75		* Validate the JWT and make sure it has not expired or been revoked
76		*
77		* @return bool
78		*/
79	4	private function isTokenValid(Token $token)
80		{
81	4	return $this->verifyToken($token) && !$this->isTokenExpired($token) && !$this->isTokenRevoked($token);
82		}
83
84		/**
85		* Validate the JWT token.
86		*
87		* @param Token $token
88		*
89		* @return bool
90		*/
91	4	private function verifyToken(Token $token)
92		{
93	4	$keychain = new Keychain();
94	4	$key = $keychain->getPrivateKey($this->privateKey->getKeyPath(), $this->privateKey->getPassPhrase());
95
96	4	return $token->verify(new Sha256, $key->getContent());
97		}
98
99		/**
100		* Ensure access token hasn't expired
101		*
102		* @param Token $token
103		*
104		* @return bool
105		*/
106	3	private function isTokenExpired(Token $token)
107		{
108	3	$data = new ValidationData(time());
109
110	3	return !$token->validate($data);
111		}
112
113		/**
114		* Check if the given access token is revoked.
115		*
116		* @param Token $token
117		*
118		* @return bool
119		*/
120	2	private function isTokenRevoked(Token $token)
121		{
122	2	return $this->accessTokenRepository->isAccessTokenRevoked($token->getClaim('jti'));
123		}
124
125		/**
126		* Create active introspection response.
127		*
128		* @param Token $token
129		*
130		* @return IntrospectionResponse
131		*/
132	1	private function setTokenOnResponse(Token $token, IntrospectionResponse $responseType)
133		{
134	1	$responseType->setToken($token);
135
136	1	return $responseType;
137		}
138		}
139

thephpleague / oauth2-server

Pull Request — master (#925)

Introspector::isTokenRevoked() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like