BearerTokenResponse - Code Metrics - Inspection of "Response converts access token format" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#873)

by Lukáš

created 2018-03-13 09:55 UTC

BearerTokenResponse A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	82
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	5

Test Coverage

Coverage

100%

Importance

Changes

Metric	Value
wmc	4
c	0
b	0
f	0
lcom	1
cbo	5
dl	0
loc	82
ccs	36
cts	36
cp	1
rs	10

3 Methods

Rating	Name	Size	Complexity
B	generateHttpResponse()	41	2
A	getExtraParams()	4	1
A	convert()	13	1

<?php
/**
 * OAuth 2.0 Bearer Token Response.
 *
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server\ResponseTypes;

use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
use Psr\Http\Message\ResponseInterface;

class BearerTokenResponse extends AbstractResponseType
{
    /**
     * {@inheritdoc}
     */
    public function generateHttpResponse(ResponseInterface $response)
    {
        $expireDateTime = $this->accessToken->getExpiryDateTime()->getTimestamp();

        $jwtAccessToken = $this->convert($this->accessToken);

        $responseParams = [
            'token_type'   => 'Bearer',
            'expires_in'   => $expireDateTime - (new \DateTime())->getTimestamp(),
            'access_token' => $jwtAccessToken,
        ];

        if ($this->refreshToken instanceof RefreshTokenEntityInterface) {
            $refreshToken = $this->encrypt(
                json_encode(
                    [
                        'client_id'        => $this->accessToken->getClient()->getIdentifier(),
                        'refresh_token_id' => $this->refreshToken->getIdentifier(),
                        'access_token_id'  => $this->accessToken->getIdentifier(),
                        'scopes'           => $this->accessToken->getScopes(),
                        'user_id'          => $this->accessToken->getUserIdentifier(),
                        'expire_time'      => $this->refreshToken->getExpiryDateTime()->getTimestamp(),
                    ]
                )
            );

            $responseParams['refresh_token'] = $refreshToken;
        }

        $responseParams = array_merge($this->getExtraParams($this->accessToken), $responseParams);

        $response = $response
            ->withStatus(200)
            ->withHeader('pragma', 'no-cache')
            ->withHeader('cache-control', 'no-store')
            ->withHeader('content-type', 'application/json; charset=UTF-8');

        $response->getBody()->write(json_encode($responseParams));

        return $response;
    }

    /**
     * Add custom fields to your Bearer Token response here, then override
     * AuthorizationServer::getResponseType() to pull in your version of
     * this class rather than the default.
     *
     * @param AccessTokenEntityInterface $accessToken
     *
     * @return array
     */
    protected function getExtraParams(AccessTokenEntityInterface $accessToken)

    {
        return [];
    }

    /**
     * Generate a string token from the access token
     *
     * @param AccessTokenEntityInterface $accessToken
     *
     * @return string
     */
    public function convert(AccessTokenEntityInterface $accessToken)
    {
        return (string) (new Builder())
            ->setAudience($accessToken->getClient()->getIdentifier())
            ->setId($accessToken->getIdentifier(), true)
            ->setIssuedAt(time())
            ->setNotBefore(time())
            ->setExpiration($accessToken->getExpiryDateTime()->getTimestamp())
            ->setSubject((string) $accessToken->getUserIdentifier())
            ->set('scopes', $accessToken->getScopes())
            ->sign(new Sha256(), new Key($this->privateKey->getKeyPath(), $this->privateKey->getPassPhrase()))
            ->getToken();
    }
}


1		<?php
2		/**
3		* OAuth 2.0 Bearer Token Response.
4		*
5		* @author Alex Bilbie <[email protected]>
6		* @copyright Copyright (c) Alex Bilbie
7		* @license http://mit-license.org/
8		*
9		* @link https://github.com/thephpleague/oauth2-server
10		*/
11
12		namespace League\OAuth2\Server\ResponseTypes;
13
14		use Lcobucci\JWT\Builder;
15		use Lcobucci\JWT\Signer\Key;
16		use Lcobucci\JWT\Signer\Rsa\Sha256;
17		use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
18		use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
19		use Psr\Http\Message\ResponseInterface;
20
21		class BearerTokenResponse extends AbstractResponseType
22		{
23		/**
24		* {@inheritdoc}
25		*/
26	5	public function generateHttpResponse(ResponseInterface $response)
27		{
28	5	$expireDateTime = $this->accessToken->getExpiryDateTime()->getTimestamp();
29
30	5	$jwtAccessToken = $this->convert($this->accessToken);
31
32		$responseParams = [
33	5	'token_type' => 'Bearer',
34	5	'expires_in' => $expireDateTime - (new \DateTime())->getTimestamp(),
35	5	'access_token' => $jwtAccessToken,
36		];
37
38	5	if ($this->refreshToken instanceof RefreshTokenEntityInterface) {
39	5	$refreshToken = $this->encrypt(
40	5	json_encode(
41		[
42	5	'client_id' => $this->accessToken->getClient()->getIdentifier(),
43	5	'refresh_token_id' => $this->refreshToken->getIdentifier(),
44	5	'access_token_id' => $this->accessToken->getIdentifier(),
45	5	'scopes' => $this->accessToken->getScopes(),
46	5	'user_id' => $this->accessToken->getUserIdentifier(),
47	5	'expire_time' => $this->refreshToken->getExpiryDateTime()->getTimestamp(),
48		]
49		)
50		);
51
52	5	$responseParams['refresh_token'] = $refreshToken;
53		}
54
55	5	$responseParams = array_merge($this->getExtraParams($this->accessToken), $responseParams);
56
57		$response = $response
58	5	->withStatus(200)
59	5	->withHeader('pragma', 'no-cache')
60	5	->withHeader('cache-control', 'no-store')
61	5	->withHeader('content-type', 'application/json; charset=UTF-8');
62
63	5	$response->getBody()->write(json_encode($responseParams));
64
65	5	return $response;
66		}
67
68		/**
69		* Add custom fields to your Bearer Token response here, then override
70		* AuthorizationServer::getResponseType() to pull in your version of
71		* this class rather than the default.
72		*
73		* @param AccessTokenEntityInterface $accessToken
74		*
75		* @return array
76		*/
77	4	protected function getExtraParams(AccessTokenEntityInterface $accessToken)
		0 ignored issues – show Unused Code introduced 2017-08-01 13:44 UTC by Report Bug Copy Issue Report The parameter `$accessToken` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
78		{
79	4	return [];
80		}
81
82		/**
83		* Generate a string token from the access token
84		*
85		* @param AccessTokenEntityInterface $accessToken
86		*
87		* @return string
88		*/
89	9	public function convert(AccessTokenEntityInterface $accessToken)
90		{
91	9	return (string) (new Builder())
92	9	->setAudience($accessToken->getClient()->getIdentifier())
93	9	->setId($accessToken->getIdentifier(), true)
94	9	->setIssuedAt(time())
95	9	->setNotBefore(time())
96	9	->setExpiration($accessToken->getExpiryDateTime()->getTimestamp())
97	9	->setSubject((string) $accessToken->getUserIdentifier())
98	9	->set('scopes', $accessToken->getScopes())
99	9	->sign(new Sha256(), new Key($this->privateKey->getKeyPath(), $this->privateKey->getPassPhrase()))
100	9	->getToken();
101		}
102		}
103

thephpleague / oauth2-server

Pull Request — master (#873)

BearerTokenResponse A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

3 Methods

Duplication Side-by-Side

Filter issues like