AuthorizationServer::validateAuthorizationRequest() - Code Metrics - Inspection of "Add introspection implementation" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#925)

by Steve

created 2018-11-11 13:27 UTC

validateAuthorizationRequest() A

↳ Parent: AuthorizationServer

Complexity

Conditions	3
Paths	3

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	5
CRAP Score	3

Importance

Changes

Metric	Value
c	0
b	0
f	0
dl	0
loc	10
ccs	5
cts	5
cp	1
rs	9.9332
cc	3
nc	3
nop	1
crap	3

<?php
/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server;

use Defuse\Crypto\Key;
use League\Event\EmitterAwareInterface;
use League\Event\EmitterAwareTrait;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\GrantTypeInterface;
use League\OAuth2\Server\IntrospectionValidators\BearerTokenValidator;
use League\OAuth2\Server\IntrospectionValidators\IntrospectionValidatorInterface;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use League\OAuth2\Server\ResponseTypes\AbstractResponseType;
use League\OAuth2\Server\ResponseTypes\BearerTokenIntrospectionResponse;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use League\OAuth2\Server\ResponseTypes\IntrospectionResponse;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

class AuthorizationServer implements EmitterAwareInterface
{
    use EmitterAwareTrait;

    /**
     * @var GrantTypeInterface[]
     */
    protected $enabledGrantTypes = [];

    /**
     * @var \DateInterval[]
     */
    protected $grantTypeAccessTokenTTL = [];

    /**
     * @var CryptKey
     */
    protected $privateKey;

    /**
     * @var CryptKey
     */
    protected $publicKey;

    /**
     * @var ResponseTypeInterface
     */
    protected $responseTypePrototype;

    /**
     * @var null|IntrospectionResponse
     */
    protected $introspectionResponseType;

    /**
     * @var null|IntrospectionValidatorInterface
     */
    protected $introspectionValidator;

    /**
     * @var null|Introspector
     */
    protected $introspector;

    /**
     * @var ClientRepositoryInterface
     */
    private $clientRepository;

    /**
     * @var AccessTokenRepositoryInterface
     */
    private $accessTokenRepository;

    /**
     * @var ScopeRepositoryInterface
     */
    private $scopeRepository;

    /**
     * @var string|Key
     */
    private $encryptionKey;

    /**
     * @var string
     */
    private $defaultScope = '';

    /**
     * New server instance.
     *
     * @param ClientRepositoryInterface      $clientRepository
     * @param AccessTokenRepositoryInterface $accessTokenRepository
     * @param ScopeRepositoryInterface       $scopeRepository
     * @param CryptKey|string                $privateKey
     * @param string|Key                     $encryptionKey
     * @param null|ResponseTypeInterface     $responseTypePrototype
     */
    public function __construct(
        ClientRepositoryInterface $clientRepository,
        AccessTokenRepositoryInterface $accessTokenRepository,
        ScopeRepositoryInterface $scopeRepository,
        $privateKey,
        $encryptionKey,
        ResponseTypeInterface $responseTypePrototype = null
    ) {
        $this->clientRepository = $clientRepository;
        $this->accessTokenRepository = $accessTokenRepository;
        $this->scopeRepository = $scopeRepository;

        if ($privateKey instanceof CryptKey === false) {
            $privateKey = new CryptKey($privateKey);
        }

        $this->privateKey = $privateKey;
        $this->encryptionKey = $encryptionKey;

        if ($responseTypePrototype === null) {
            $responseTypePrototype = new BearerTokenResponse();
        } else {
            $responseTypePrototype = clone $responseTypePrototype;
        }

        if ($responseTypePrototype instanceof AbstractResponseType) {
            $responseTypePrototype->setPrivateKey($this->privateKey);
        }

        $responseTypePrototype->setEncryptionKey($this->encryptionKey);

        $this->responseTypePrototype = $responseTypePrototype;
    }

    /**
     * Enable a grant type on the server.
     *
     * @param GrantTypeInterface $grantType
     * @param null|\DateInterval $accessTokenTTL
     */
    public function enableGrantType(GrantTypeInterface $grantType, \DateInterval $accessTokenTTL = null)
    {
        if ($accessTokenTTL instanceof \DateInterval === false) {
            $accessTokenTTL = new \DateInterval('PT1H');
        }

        $grantType->setAccessTokenRepository($this->accessTokenRepository);
        $grantType->setClientRepository($this->clientRepository);
        $grantType->setScopeRepository($this->scopeRepository);
        $grantType->setDefaultScope($this->defaultScope);
        $grantType->setPrivateKey($this->privateKey);
        $grantType->setEmitter($this->getEmitter());
        $grantType->setEncryptionKey($this->encryptionKey);

        $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
        $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
    }

    /**
     * Validate an authorization request
     *
     * @param ServerRequestInterface $request
     *
     * @throws OAuthServerException
     *
     * @return AuthorizationRequest
     */
    public function validateAuthorizationRequest(ServerRequestInterface $request)
    {
        foreach ($this->enabledGrantTypes as $grantType) {
            if ($grantType->canRespondToAuthorizationRequest($request)) {
                return $grantType->validateAuthorizationRequest($request);
            }
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * Complete an authorization request
     *
     * @param AuthorizationRequest $authRequest
     * @param ResponseInterface    $response
     *
     * @return ResponseInterface
     */
    public function completeAuthorizationRequest(AuthorizationRequest $authRequest, ResponseInterface $response)
    {
        return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]
            ->completeAuthorizationRequest($authRequest)
            ->generateHttpResponse($response);
    }

    /**
     * Return an access token response.
     *
     * @param ServerRequestInterface $request
     * @param ResponseInterface      $response
     *
     * @throws OAuthServerException
     *
     * @return ResponseInterface
     */
    public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)
    {
        foreach ($this->enabledGrantTypes as $grantType) {
            if (!$grantType->canRespondToAccessTokenRequest($request)) {
                continue;
            }
            $tokenResponse = $grantType->respondToAccessTokenRequest(
                $request,
                $this->newResponseType(),
                $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
            );

            if ($tokenResponse instanceof ResponseTypeInterface) {
                return $tokenResponse->generateHttpResponse($response);
            }
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * Set the introspection response type.
     *
     * @param IntrospectionResponse $reponseType
     */
    public function setIntrospectionReponseType(IntrospectionResponse $reponseType)
    {
        $this->introspectionResponseType = $reponseType;
    }

    /**
     * Set the validator used for introspection requests.
     *
     * @param IntrospectionValidatorInterface $introspectionValidator
     */
    public function setIntrospectionValidator(IntrospectionValidatorInterface $introspectionValidator)
    {
        $this->introspectionValidator = $introspectionValidator;
    }

    /**
     * Get the introspection response.
     *
     * @return IntrospectionResponse
     */
    protected function getIntrospectionResponseType()
    {
        if ($this->introspectionResponseType instanceof IntrospectionResponse === false) {
            $this->introspectionResponseType = new BearerTokenIntrospectionResponse();
        }

        return $this->introspectionResponseType;
    }

    /**
     * Get the introspection response
     *
     * @return IntrospectionValidatorInterface
     */
    protected function getIntrospectionValidator()
    {
        if ($this->introspectionValidator instanceof IntrospectionValidatorInterface === false) {
            $this->introspectionValidator = new BearerTokenValidator($this->accessTokenRepository);
        }

        return $this->introspectionValidator;
    }

    /**
     * Return an introspection response.
     *
     * @param ServerRequestInterface $request
     * @param ResponseInterface      $response
     *
     * @return ResponseInterface
     */
    public function respondToIntrospectionRequest(ServerRequestInterface $request, ResponseInterface $response)
    {
        $introspector = $this->getIntrospector();

        $introspectionResponse = $introspector->respondToIntrospectionRequest(
            $request,
            $this->getIntrospectionResponseType()
        );

        return $introspectionResponse->generateHttpResponse($response);
    }

    /**
     * Validate an introspection request.
     *
     * @param ServerRequestInterface $request
     */
    public function validateIntrospectionRequest(ServerRequestInterface $request)
    {
        $introspector = $this->getIntrospector();
        $introspector->validateIntrospectionRequest($request);
    }

    /**
     * Returns the introspector.
     *
     * @return Introspector
     */
    private function getIntrospector()
    {
        if (!isset($this->introspector)) {
            $this->introspector = new Introspector(
                $this->accessTokenRepository,
                $this->privateKey,
                $this->getIntrospectionValidator()
            );
        }

        return $this->introspector;
    }

    /**
     * Get the token type that grants will return in the HTTP response.
     *
     * @return ResponseTypeInterface
     */
    protected function newResponseType()
    {
        return clone $this->responseTypePrototype;
    }

    /**
     * Set the default scope for the authorization server.
     *
     * @param string $defaultScope
     */
    public function setDefaultScope($defaultScope)
    {
        $this->defaultScope = $defaultScope;
    }
}


1		<?php
2		/**
3		* @author Alex Bilbie <[email protected]>
4		* @copyright Copyright (c) Alex Bilbie
5		* @license http://mit-license.org/
6		*
7		* @link https://github.com/thephpleague/oauth2-server
8		*/
9
10		namespace League\OAuth2\Server;
11
12		use Defuse\Crypto\Key;
13		use League\Event\EmitterAwareInterface;
14		use League\Event\EmitterAwareTrait;
15		use League\OAuth2\Server\Exception\OAuthServerException;
16		use League\OAuth2\Server\Grant\GrantTypeInterface;
17		use League\OAuth2\Server\IntrospectionValidators\BearerTokenValidator;
18		use League\OAuth2\Server\IntrospectionValidators\IntrospectionValidatorInterface;
19		use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
20		use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
21		use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
22		use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
23		use League\OAuth2\Server\ResponseTypes\AbstractResponseType;
24		use League\OAuth2\Server\ResponseTypes\BearerTokenIntrospectionResponse;
25		use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
26		use League\OAuth2\Server\ResponseTypes\IntrospectionResponse;
27		use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
28		use Psr\Http\Message\ResponseInterface;
29		use Psr\Http\Message\ServerRequestInterface;
30
31		class AuthorizationServer implements EmitterAwareInterface
32		{
33		use EmitterAwareTrait;
34
35		/**
36		* @var GrantTypeInterface[]
37		*/
38		protected $enabledGrantTypes = [];
39
40		/**
41		* @var \DateInterval[]
42		*/
43		protected $grantTypeAccessTokenTTL = [];
44
45		/**
46		* @var CryptKey
47		*/
48		protected $privateKey;
49
50		/**
51		* @var CryptKey
52		*/
53		protected $publicKey;
54
55		/**
56		* @var ResponseTypeInterface
57		*/
58		protected $responseTypePrototype;
59
60		/**
61		* @var null\|IntrospectionResponse
62		*/
63		protected $introspectionResponseType;
64
65		/**
66		* @var null\|IntrospectionValidatorInterface
67		*/
68		protected $introspectionValidator;
69
70		/**
71		* @var null\|Introspector
72		*/
73		protected $introspector;
74
75		/**
76		* @var ClientRepositoryInterface
77		*/
78		private $clientRepository;
79
80		/**
81		* @var AccessTokenRepositoryInterface
82		*/
83		private $accessTokenRepository;
84
85		/**
86		* @var ScopeRepositoryInterface
87		*/
88		private $scopeRepository;
89
90		/**
91		* @var string\|Key
92		*/
93		private $encryptionKey;
94
95		/**
96		* @var string
97		*/
98		private $defaultScope = '';
99
100		/**
101		* New server instance.
102		*
103		* @param ClientRepositoryInterface $clientRepository
104		* @param AccessTokenRepositoryInterface $accessTokenRepository
105		* @param ScopeRepositoryInterface $scopeRepository
106		* @param CryptKey\|string $privateKey
107		* @param string\|Key $encryptionKey
108		* @param null\|ResponseTypeInterface $responseTypePrototype
109		*/
110	10	public function __construct(
111		ClientRepositoryInterface $clientRepository,
112		AccessTokenRepositoryInterface $accessTokenRepository,
113		ScopeRepositoryInterface $scopeRepository,
114		$privateKey,
115		$encryptionKey,
116		ResponseTypeInterface $responseTypePrototype = null
117		) {
118	10	$this->clientRepository = $clientRepository;
119	10	$this->accessTokenRepository = $accessTokenRepository;
120	10	$this->scopeRepository = $scopeRepository;
121
122	10	if ($privateKey instanceof CryptKey === false) {
123	10	$privateKey = new CryptKey($privateKey);
124		}
125
126	10	$this->privateKey = $privateKey;
127	10	$this->encryptionKey = $encryptionKey;
128
129	10	if ($responseTypePrototype === null) {
130	5	$responseTypePrototype = new BearerTokenResponse();
131		} else {
132	5	$responseTypePrototype = clone $responseTypePrototype;
133		}
134
135	10	if ($responseTypePrototype instanceof AbstractResponseType) {
136	10	$responseTypePrototype->setPrivateKey($this->privateKey);
137		}
138
139	10	$responseTypePrototype->setEncryptionKey($this->encryptionKey);
140
141	10	$this->responseTypePrototype = $responseTypePrototype;
142	10	}
143
144		/**
145		* Enable a grant type on the server.
146		*
147		* @param GrantTypeInterface $grantType
148		* @param null\|\DateInterval $accessTokenTTL
149		*/
150	7	public function enableGrantType(GrantTypeInterface $grantType, \DateInterval $accessTokenTTL = null)
151		{
152	7	if ($accessTokenTTL instanceof \DateInterval === false) {
153	4	$accessTokenTTL = new \DateInterval('PT1H');
154		}
155
156	7	$grantType->setAccessTokenRepository($this->accessTokenRepository);
157	7	$grantType->setClientRepository($this->clientRepository);
158	7	$grantType->setScopeRepository($this->scopeRepository);
159	7	$grantType->setDefaultScope($this->defaultScope);
160	7	$grantType->setPrivateKey($this->privateKey);
161	7	$grantType->setEmitter($this->getEmitter());
162	7	$grantType->setEncryptionKey($this->encryptionKey);
163
164	7	$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
165	7	$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
166	7	}
167
168		/**
169		* Validate an authorization request
170		*
171		* @param ServerRequestInterface $request
172		*
173		* @throws OAuthServerException
174		*
175		* @return AuthorizationRequest
176		*/
177	3	public function validateAuthorizationRequest(ServerRequestInterface $request)
178		{
179	3	foreach ($this->enabledGrantTypes as $grantType) {
180	2	if ($grantType->canRespondToAuthorizationRequest($request)) {
181	2	return $grantType->validateAuthorizationRequest($request);
182		}
183		}
184
185	1	throw OAuthServerException::unsupportedGrantType();
186		}
187
188		/**
189		* Complete an authorization request
190		*
191		* @param AuthorizationRequest $authRequest
192		* @param ResponseInterface $response
193		*
194		* @return ResponseInterface
195		*/
196	1	public function completeAuthorizationRequest(AuthorizationRequest $authRequest, ResponseInterface $response)
197		{
198	1	return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]
199	1	->completeAuthorizationRequest($authRequest)
200	1	->generateHttpResponse($response);
201		}
202
203		/**
204		* Return an access token response.
205		*
206		* @param ServerRequestInterface $request
207		* @param ResponseInterface $response
208		*
209		* @throws OAuthServerException
210		*
211		* @return ResponseInterface
212		*/
213	4	public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)
214		{
215	4	foreach ($this->enabledGrantTypes as $grantType) {
216	4	if (!$grantType->canRespondToAccessTokenRequest($request)) {
217	1	continue;
218		}
219	3	$tokenResponse = $grantType->respondToAccessTokenRequest(
220	3	$request,
221	3	$this->newResponseType(),
222	3	$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
223		);
224
225	2	if ($tokenResponse instanceof ResponseTypeInterface) {
226	2	return $tokenResponse->generateHttpResponse($response);
227		}
228		}
229
230	1	throw OAuthServerException::unsupportedGrantType();
231		}
232
233		/**
234		* Set the introspection response type.
235		*
236		* @param IntrospectionResponse $reponseType
237		*/
238		public function setIntrospectionReponseType(IntrospectionResponse $reponseType)
239		{
240		$this->introspectionResponseType = $reponseType;
241		}
242
243		/**
244		* Set the validator used for introspection requests.
245		*
246		* @param IntrospectionValidatorInterface $introspectionValidator
247		*/
248		public function setIntrospectionValidator(IntrospectionValidatorInterface $introspectionValidator)
249		{
250		$this->introspectionValidator = $introspectionValidator;
251		}
252
253		/**
254		* Get the introspection response.
255		*
256		* @return IntrospectionResponse
257		*/
258		protected function getIntrospectionResponseType()
259		{
260		if ($this->introspectionResponseType instanceof IntrospectionResponse === false) {
261		$this->introspectionResponseType = new BearerTokenIntrospectionResponse();
262		}
263
264		return $this->introspectionResponseType;
265		}
266
267		/**
268		* Get the introspection response
269		*
270		* @return IntrospectionValidatorInterface
271		*/
272		protected function getIntrospectionValidator()
273		{
274		if ($this->introspectionValidator instanceof IntrospectionValidatorInterface === false) {
275		$this->introspectionValidator = new BearerTokenValidator($this->accessTokenRepository);
276		}
277
278		return $this->introspectionValidator;
279		}
280
281		/**
282		* Return an introspection response.
283		*
284		* @param ServerRequestInterface $request
285		* @param ResponseInterface $response
286		*
287		* @return ResponseInterface
288		*/
289		public function respondToIntrospectionRequest(ServerRequestInterface $request, ResponseInterface $response)
290		{
291		$introspector = $this->getIntrospector();
292
293		$introspectionResponse = $introspector->respondToIntrospectionRequest(
294		$request,
295		$this->getIntrospectionResponseType()
296		);
297
298		return $introspectionResponse->generateHttpResponse($response);
299		}
300
301		/**
302		* Validate an introspection request.
303		*
304		* @param ServerRequestInterface $request
305		*/
306		public function validateIntrospectionRequest(ServerRequestInterface $request)
307		{
308		$introspector = $this->getIntrospector();
309		$introspector->validateIntrospectionRequest($request);
310		}
311
312		/**
313		* Returns the introspector.
314		*
315		* @return Introspector
316		*/
317		private function getIntrospector()
318		{
319		if (!isset($this->introspector)) {
320		$this->introspector = new Introspector(
321		$this->accessTokenRepository,
322		$this->privateKey,
323		$this->getIntrospectionValidator()
324		);
325		}
326
327		return $this->introspector;
328		}
329
330		/**
331		* Get the token type that grants will return in the HTTP response.
332		*
333		* @return ResponseTypeInterface
334		*/
335	5	protected function newResponseType()
336		{
337	5	return clone $this->responseTypePrototype;
338		}
339
340		/**
341		* Set the default scope for the authorization server.
342		*
343		* @param string $defaultScope
344		*/
345	3	public function setDefaultScope($defaultScope)
346		{
347	3	$this->defaultScope = $defaultScope;
348	3	}
349		}
350

thephpleague / oauth2-server

Pull Request — master (#925)

validateAuthorizationRequest() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like