AccessTokenTrait::__toString() - Code Metrics - Inspection of "Prevent public clients from using the client_crede..." - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#1035)

by Matt

created 2019-07-22 22:24 UTC

AccessTokenTrait::__toString() A

↳ Parent: AccessTokenTrait

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes

Metric	Value
dl	0
loc	4
rs	10
c	0
b	0
f	0
ccs	2
cts	2
cp	1
cc	1
nc	1
nop	0
crap	1

<?php
/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server\Entities\Traits;

use DateTimeImmutable;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use Lcobucci\JWT\Token;
use League\OAuth2\Server\CryptKey;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;

trait AccessTokenTrait
{
    /**
     * @var CryptKey
     */
    private $privateKey;

    /**
     * Set the private key used to encrypt this access token.
     */
    public function setPrivateKey(CryptKey $privateKey)
    {
        $this->privateKey = $privateKey;
    }

    /**
     * Generate a JWT from the access token
     *
     * @param CryptKey $privateKey
     *
     * @return Token
     */
    private function convertToJWT(CryptKey $privateKey)
    {
        return (new Builder())

            ->setAudience($this->getClient()->getIdentifier())
            ->setId($this->getIdentifier())
trait Idable {
    public function equalIds(Idable $other) {
        return $this->getId() === $other->getId();
    }
}
            ->setIssuedAt(time())
            ->setNotBefore(time())
            ->setExpiration($this->getExpiryDateTime()->getTimestamp())
            ->setSubject((string) $this->getUserIdentifier())
            ->set('scopes', $this->getScopes())
            ->sign(new Sha256(), new Key($privateKey->getKeyPath(), $privateKey->getPassPhrase()))
            ->getToken();
    }

    /**
     * Generate a string representation from the access token
     */
    public function __toString()
    {
        return (string) $this->convertToJWT($this->privateKey);
    }

    /**
     * @return ClientEntityInterface
     */
    abstract public function getClient();

    /**
     * @return DateTimeImmutable
     */
    abstract public function getExpiryDateTime();

    /**
     * @return string|int
     */
    abstract public function getUserIdentifier();

    /**
     * @return ScopeEntityInterface[]
     */
    abstract public function getScopes();
}


1		<?php
2		/**
3		* @author Alex Bilbie <[email protected]>
4		* @copyright Copyright (c) Alex Bilbie
5		* @license http://mit-license.org/
6		*
7		* @link https://github.com/thephpleague/oauth2-server
8		*/
9
10		namespace League\OAuth2\Server\Entities\Traits;
11
12		use DateTimeImmutable;
13		use Lcobucci\JWT\Builder;
14		use Lcobucci\JWT\Signer\Key;
15		use Lcobucci\JWT\Signer\Rsa\Sha256;
16		use Lcobucci\JWT\Token;
17		use League\OAuth2\Server\CryptKey;
18		use League\OAuth2\Server\Entities\ClientEntityInterface;
19		use League\OAuth2\Server\Entities\ScopeEntityInterface;
20
21		trait AccessTokenTrait
22		{
23		/**
24		* @var CryptKey
25		*/
26		private $privateKey;
27
28		/**
29		* Set the private key used to encrypt this access token.
30		*/
31	29	public function setPrivateKey(CryptKey $privateKey)
32		{
33	29	$this->privateKey = $privateKey;
34	29	}
35
36		/**
37		* Generate a JWT from the access token
38		*
39		* @param CryptKey $privateKey
40		*
41		* @return Token
42		*/
43	9	private function convertToJWT(CryptKey $privateKey)
44		{
45	9	return (new Builder())
		0 ignored issues – show Deprecated Code introduced 2019-06-09 20:30 UTC by Report Bug Copy Issue Report The method `Lcobucci\JWT\Builder::setAudience()` has been deprecated with message: This method will be removed on v4 This method has been deprecated. The supplier of the class has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead. Loading history... Deprecated Code introduced 2019-06-09 20:30 UTC by Report Bug Copy Issue Report The method `Lcobucci\JWT\Builder::setId()` has been deprecated with message: This method will be removed on v4 This method has been deprecated. The supplier of the class has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead. Loading history... Deprecated Code introduced 2019-06-09 20:30 UTC by Report Bug Copy Issue Report The method `Lcobucci\JWT\Builder::setIssuedAt()` has been deprecated with message: This method will be removed on v4 This method has been deprecated. The supplier of the class has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the method will be removed from the class and what other method or class to use instead. Loading history...
46	9	->setAudience($this->getClient()->getIdentifier())
47	9	->setId($this->getIdentifier())
		0 ignored issues – show Bug introduced 2019-07-22 22:27 UTC by Report Bug Copy Issue Report It seems like `getIdentifier()` must be provided by classes using this trait. How about adding it as abstract method to this trait? This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable { public function equalIds(Idable $other) { return $this->getId() === $other->getId(); } } The trait `Idable` provides a method `equalsId` that in turn relies on the method `getId()`. If this method does not exist on a class mixing in this trait, the method will fail. Adding the `getId()` as an abstract method to the trait will make sure it is available. Loading history...
48	9	->setIssuedAt(time())
49	9	->setNotBefore(time())
50	9	->setExpiration($this->getExpiryDateTime()->getTimestamp())
51	9	->setSubject((string) $this->getUserIdentifier())
52	9	->set('scopes', $this->getScopes())
53	9	->sign(new Sha256(), new Key($privateKey->getKeyPath(), $privateKey->getPassPhrase()))
54	9	->getToken();
55		}
56
57		/**
58		* Generate a string representation from the access token
59		*/
60	9	public function __toString()
61		{
62	9	return (string) $this->convertToJWT($this->privateKey);
63		}
64
65		/**
66		* @return ClientEntityInterface
67		*/
68		abstract public function getClient();
69
70		/**
71		* @return DateTimeImmutable
72		*/
73		abstract public function getExpiryDateTime();
74
75		/**
76		* @return string\|int
77		*/
78		abstract public function getUserIdentifier();
79
80		/**
81		* @return ScopeEntityInterface[]
82		*/
83		abstract public function getScopes();
84		}
85

thephpleague / oauth2-server

Pull Request — master (#1035)

AccessTokenTrait::__toString() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like