IdTokenResponse::isOpenIDRequest() - Code Metrics - Inspection of "Add OpenID Response Type" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#1316)

unknown

created 2024-10-22 19:52 UTC

IdTokenResponse::isOpenIDRequest() A

↳ Parent: IdTokenResponse

Complexity

Conditions	4
Paths	4

Size

Total Lines	11
Code Lines	5

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	4
eloc	5
c	1
b	0
f	0
nc	4
nop	1
dl	0
loc	11
rs	10

<?php

declare(strict_types=1);

namespace League\OAuth2\Server\ResponseTypes;

use Lcobucci\JWT\Signer\Key\InMemory;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use League\OAuth2\Server\ClaimExtractor;
use League\OAuth2\Server\ClaimExtractorInterface;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\ClaimSetInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
use League\OAuth2\Server\EventEmitting\EmitterAwarePolyfill;
use League\OAuth2\Server\EventEmitting\EventEmitter;
use League\OAuth2\Server\IdTokenClaimsCreatedEvent;
use League\OAuth2\Server\IdTokenEvent;
use League\OAuth2\Server\IdTokenIssuedEvent;
use League\OAuth2\Server\Repositories\ClaimSetRepositoryInterface;
use League\OAuth2\Server\Repositories\IdTokenRepositoryInterface;

/**
 * OpenidConfigurationResponse
 *
 * @link https://github.com/steverhoades/oauth2-openid-connect-server
 *
 * @author Steve Rhoades <[email protected]>
 * @author Marc Riemer <[email protected]>
 */
class IdTokenResponse extends BearerTokenResponse
{
    use EmitterAwarePolyfill;

    /**
     * IdTokenRepositoryInterface
     */
    protected IdTokenRepositoryInterface $idTokenRepository;

    /**
     * ClaimSetRepositoryInterface
     */
    protected ClaimSetRepositoryInterface $claimRepository;

    /**
     * ClaimExtractorInterface
     */
    protected ClaimExtractorInterface $extractor;

    public function __construct(
        IdTokenRepositoryInterface $idTokenRepository,
        ClaimSetRepositoryInterface $claimRepository,
        EventEmitter $emitter,
        ?ClaimExtractorInterface $extractor = null
    ) {
        if (!$extractor) {
            $this->extractor = new ClaimExtractor();
        } else {
            $this->extractor = $extractor;
        }
        $this->idTokenRepository = $idTokenRepository;
        $this->claimRepository = $claimRepository;
        $this->setEmitter($emitter);
    }

    /**
     * Add custom fields to your Bearer Token response here, then override
     * AuthorizationServer::getResponseType() to pull in your version of
     * this class rather than the default.
     *
     * @return array<array-key,mixed>

     */
    protected function getExtraParams(AccessTokenEntityInterface $accessToken): array
    {
        // Onyly add id_token to openid scopes
        if (!self::isOpenIDRequest($accessToken->getScopes())) {
            return [];
        }

        $claimSet = $this->claimRepository->getClaimSet($accessToken);

        $builder = $this->idTokenRepository->getBuilder($accessToken);

        if ($claimSet instanceof ClaimSetInterface) {

            foreach ($this->extractor->extract($accessToken->getScopes(), $claimSet->getClaims()) as $claimName => $claimValue) {
                $builder = $builder->withClaim($claimName, $claimValue);
            }
        }

        $this->getEmitter()->emit(
            new IdTokenClaimsCreatedEvent(IdTokenEvent::ID_TOKEN_CLAIMS_CREATED, $builder)
        );

        $token = $builder->getToken(
            new Sha256(),
            InMemory::file($this->privateKey->getKeyPath(), (string) $this->privateKey->getPassPhrase())
        );

        $this->getEmitter()->emit(
            new IdTokenIssuedEvent(IdTokenEvent::ID_TOKEN_ISSUED, $token)
        );

        return [
            'id_token' => $token->toString(),
        ];
    }

    /**
     * Return true If this is an OpenID request
     *
     * @param ScopeEntityInterface[] $scopes
     */
    private static function isOpenIDRequest(array $scopes): bool
    {
        foreach ($scopes as $scope) {
            if ($scope instanceof ScopeEntityInterface) {
                if ($scope->getIdentifier() === 'openid') {
                    return true;
                }
            }
        }

        return false;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace League\OAuth2\Server\ResponseTypes;
6
7			use Lcobucci\JWT\Signer\Key\InMemory;
8			use Lcobucci\JWT\Signer\Rsa\Sha256;
9			use League\OAuth2\Server\ClaimExtractor;
10			use League\OAuth2\Server\ClaimExtractorInterface;
11			use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
12			use League\OAuth2\Server\Entities\ClaimSetInterface;
13			use League\OAuth2\Server\Entities\ScopeEntityInterface;
14			use League\OAuth2\Server\EventEmitting\EmitterAwarePolyfill;
15			use League\OAuth2\Server\EventEmitting\EventEmitter;
16			use League\OAuth2\Server\IdTokenClaimsCreatedEvent;
17			use League\OAuth2\Server\IdTokenEvent;
18			use League\OAuth2\Server\IdTokenIssuedEvent;
19			use League\OAuth2\Server\Repositories\ClaimSetRepositoryInterface;
20			use League\OAuth2\Server\Repositories\IdTokenRepositoryInterface;
21
22			/**
23			* OpenidConfigurationResponse
24			*
25			* @link https://github.com/steverhoades/oauth2-openid-connect-server
26			*
27			* @author Steve Rhoades <[email protected]>
28			* @author Marc Riemer <[email protected]>
29			*/
30			class IdTokenResponse extends BearerTokenResponse
31			{
32			use EmitterAwarePolyfill;
33
34			/**
35			* IdTokenRepositoryInterface
36			*/
37			protected IdTokenRepositoryInterface $idTokenRepository;
38
39			/**
40			* ClaimSetRepositoryInterface
41			*/
42			protected ClaimSetRepositoryInterface $claimRepository;
43
44			/**
45			* ClaimExtractorInterface
46			*/
47			protected ClaimExtractorInterface $extractor;
48
49			public function __construct(
50			IdTokenRepositoryInterface $idTokenRepository,
51			ClaimSetRepositoryInterface $claimRepository,
52			EventEmitter $emitter,
53			?ClaimExtractorInterface $extractor = null
54			) {
55			if (!$extractor) {
56			$this->extractor = new ClaimExtractor();
57			} else {
58			$this->extractor = $extractor;
59			}
60			$this->idTokenRepository = $idTokenRepository;
61			$this->claimRepository = $claimRepository;
62			$this->setEmitter($emitter);
63			}
64
65			/**
66			* Add custom fields to your Bearer Token response here, then override
67			* AuthorizationServer::getResponseType() to pull in your version of
68			* this class rather than the default.
69			*
70			* @return array<array-key,mixed>
			0 ignored issues – show Documentation Bug introduced 2024-05-26 08:40 UTC by Report Bug Copy Issue Report The doc comment `array<array-key,mixed>` at position `2` could not be parsed: Unknown type name 'array-key' at position 2 in array<array-key,mixed>. Loading history...
71			*/
72			protected function getExtraParams(AccessTokenEntityInterface $accessToken): array
73			{
74			// Onyly add id_token to openid scopes
75			if (!self::isOpenIDRequest($accessToken->getScopes())) {
76			return [];
77			}
78
79			$claimSet = $this->claimRepository->getClaimSet($accessToken);
80
81			$builder = $this->idTokenRepository->getBuilder($accessToken);
82
83			if ($claimSet instanceof ClaimSetInterface) {
			0 ignored issues – show introduced 2022-11-25 13:43 UTC by Report Bug Copy Issue Report `$claimSet` is always a sub-type of `League\OAuth2\Server\Entities\ClaimSetInterface`. Loading history...
84			foreach ($this->extractor->extract($accessToken->getScopes(), $claimSet->getClaims()) as $claimName => $claimValue) {
85			$builder = $builder->withClaim($claimName, $claimValue);
86			}
87			}
88
89			$this->getEmitter()->emit(
90			new IdTokenClaimsCreatedEvent(IdTokenEvent::ID_TOKEN_CLAIMS_CREATED, $builder)
91			);
92
93			$token = $builder->getToken(
94			new Sha256(),
95			InMemory::file($this->privateKey->getKeyPath(), (string) $this->privateKey->getPassPhrase())
96			);
97
98			$this->getEmitter()->emit(
99			new IdTokenIssuedEvent(IdTokenEvent::ID_TOKEN_ISSUED, $token)
100			);
101
102			return [
103			'id_token' => $token->toString(),
104			];
105			}
106
107			/**
108			* Return true If this is an OpenID request
109			*
110			* @param ScopeEntityInterface[] $scopes
111			*/
112			private static function isOpenIDRequest(array $scopes): bool
113			{
114			foreach ($scopes as $scope) {
115			if ($scope instanceof ScopeEntityInterface) {
116			if ($scope->getIdentifier() === 'openid') {
117			return true;
118			}
119			}
120			}
121
122			return false;
123			}
124			}
125

thephpleague / oauth2-server

Pull Request — master (#1316)

IdTokenResponse::isOpenIDRequest() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like