League\OAuth2\Server\Handlers\AbstractTokenHandler

Complexity

Total Complexity

11

Size/Duplication

Total Lines	93
Duplicated Lines	0 %

Importance

Changes	2
Bugs	0	Features	1

6 Methods

Rating	Name	Duplication	Size	Complexity
A	validateRefreshToken()	0	12	2
A	setPublicKey()	0	3	1
A	setBearerTokenValidator()	0	3	1
A	getBearerTokenValidator()	0	11	3
A	validateToken()	0	18	2
A	validateAccessToken()	0	16	2

<?php

declare(strict_types=1);

namespace League\OAuth2\Server\Handlers;

use League\OAuth2\Server\AbstractHandler;
use League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator;
use League\OAuth2\Server\AuthorizationValidators\BearerTokenValidatorInterface;
use League\OAuth2\Server\CryptKeyInterface;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException;
use Psr\Http\Message\ServerRequestInterface;
use Throwable;

abstract class AbstractTokenHandler extends AbstractHandler implements TokenHandlerInterface
{
    private CryptKeyInterface $publicKey;

    private ?BearerTokenValidatorInterface $bearerTokenValidator = null;

    public function setPublicKey(CryptKeyInterface $publicKey): void
    {
        $this->publicKey = $publicKey;
    }

    public function setBearerTokenValidator(BearerTokenValidatorInterface $bearerTokenValidator): void
    {
        $this->bearerTokenValidator = $bearerTokenValidator;
    }

    protected function getBearerTokenValidator(): BearerTokenValidatorInterface
    {
        if ($this->bearerTokenValidator instanceof BearerTokenValidatorInterface === false) {
            $this->bearerTokenValidator = new BearerTokenValidator($this->accessTokenRepository);
        }

        if ($this->bearerTokenValidator instanceof BearerTokenValidator === true) {
            $this->bearerTokenValidator->setPublicKey($this->publicKey);

The method setPublicKey() does not exist on League\OAuth2\Server\AuthorizationValidators\BearerTokenValidatorInterface. Since it exists in all sub-types, consider adding an abstract or default implementation to League\OAuth2\Server\AuthorizationValidators\BearerTokenValidatorInterface.

The method setPublicKey() does not exist on null.

        }

        return $this->bearerTokenValidator;

The expression return $this->bearerTokenValidator could return the type null which is incompatible with the type-hinted return League\OAuth2\Server\AuthorizationValidators\BearerTokenValidatorInterface. Consider adding an additional type-check to rule them out.

    }

    /**
     * @return array{type: non-empty-string, data: array<non-empty-string, mixed>}|null

The doc comment array{type: non-empty-string, data: array<non-empty-string, mixed>}|null at position 4 could not be parsed: Unknown type name 'non-empty-string' at position 4 in array{type: non-empty-string, data: array<non-empty-string, mixed>}|null.

     *
     * @throws OAuthServerException
     */
    protected function validateToken(
        ServerRequestInterface $request,
        ClientEntityInterface $client
    ): ?array {
        $token = $this->getRequestParameter('token', $request)
            ?? throw OAuthServerException::invalidRequest('token');

        $tokenTypeHint = $this->getRequestParameter('token_type_hint', $request, 'access_token');

        // If the token cannot be located using the provided token type hint, we extend
        // the search across all supported token types according to the RFC spec.
        if ($tokenTypeHint === 'refresh_token') {
            return $this->validateRefreshToken($request, $token, $client)
                ?? $this->validateAccessToken($request, $token, $client);
        }

        return $this->validateAccessToken($request, $token, $client)
            ?? $this->validateRefreshToken($request, $token, $client);
    }

    /**
     * @return array{type: non-empty-string, data: array<non-empty-string, mixed>}|null

The doc comment array{type: non-empty-string, data: array<non-empty-string, mixed>}|null at position 4 could not be parsed: Unknown type name 'non-empty-string' at position 4 in array{type: non-empty-string, data: array<non-empty-string, mixed>}|null.

     */
    private function validateRefreshToken(
        ServerRequestInterface $request,
        string $refreshToken,
        ClientEntityInterface $client
    ): ?array {
        try {
            return [
                'type' => 'refresh_token',
                'data' => $this->validateEncryptedRefreshToken($request, $refreshToken, $client->getIdentifier()),
            ];
        } catch (Throwable) {
            return null;
        }
    }

    /**
     * @param non-empty-string $accessToken

The doc comment non-empty-string at position 0 could not be parsed: Unknown type name 'non-empty-string' at position 0 in non-empty-string.

     *
     * @return array{type: non-empty-string, data: array<non-empty-string, mixed>}|null

The doc comment array{type: non-empty-string, data: array<non-empty-string, mixed>}|null at position 4 could not be parsed: Unknown type name 'non-empty-string' at position 4 in array{type: non-empty-string, data: array<non-empty-string, mixed>}|null.

     */
    private function validateAccessToken(
        ServerRequestInterface $request,
        string $accessToken,
        ClientEntityInterface $client
    ): ?array {
        try {
            return [
                'type' => 'access_token',
                'data' => $this->getBearerTokenValidator()->validateBearerToken(
                    $request,
                    $accessToken,
                    $client->getIdentifier()
                ),
            ];
        } catch (Throwable) {
            return null;
        }
    }
}