AuthorizationServer - Code Metrics - Inspection of "Private claims implementation" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#1122)

by Sebastian

created 2020-06-04 14:10 UTC

AuthorizationServer A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	215
Duplicated Lines	0 %

Test Coverage

Coverage

Importance

Changes	13
Bugs	0	Features	0

Metric	Value
eloc	61
c	13
b	0
f	0
dl	0
loc	215
ccs	0
cts	56
cp	0
rs	10
wmc	16

7 Methods

Rating	Name	Size	Complexity
A	enableGrantType()	17	2
A	validateAuthorizationRequest()	9	3
A	__construct()	28	3
A	respondToAccessTokenRequest()	18	4
A	getResponseType()	11	2
A	setDefaultScope()	3	1
A	completeAuthorizationRequest()	5	1

<?php
/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server;

use DateInterval;
use Defuse\Crypto\Key;
use League\Event\EmitterAwareInterface;
use League\Event\EmitterAwareTrait;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\GrantTypeInterface;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClaimRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use League\OAuth2\Server\ResponseTypes\AbstractResponseType;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

class AuthorizationServer implements EmitterAwareInterface
{
    use EmitterAwareTrait;

    /**
     * @var GrantTypeInterface[]
     */
    protected $enabledGrantTypes = [];

    /**
     * @var DateInterval[]
     */
    protected $grantTypeAccessTokenTTL = [];

    /**
     * @var CryptKey
     */
    protected $privateKey;

    /**
     * @var CryptKey
     */
    protected $publicKey;

    /**
     * @var ResponseTypeInterface
     */
    protected $responseType;

    /**
     * @var ClientRepositoryInterface
     */
    private $clientRepository;

    /**
     * @var AccessTokenRepositoryInterface
     */
    private $accessTokenRepository;

    /**
     * @var ScopeRepositoryInterface
     */
    private $scopeRepository;

    /**
     * @var ClaimRepositoryInterface
     */
    private $claimRepository;

    /**
     * @var string|Key
     */
    private $encryptionKey;

    /**
     * @var string
     */
    private $defaultScope = '';

    /**
     * New server instance.
     *
     * @param ClientRepositoryInterface      $clientRepository
     * @param AccessTokenRepositoryInterface $accessTokenRepository
     * @param ScopeRepositoryInterface       $scopeRepository
     * @param CryptKey|string                $privateKey
     * @param string|Key                     $encryptionKey
     * @param null|ResponseTypeInterface     $responseType
     */
    public function __construct(
        ClientRepositoryInterface $clientRepository,
        AccessTokenRepositoryInterface $accessTokenRepository,
        ScopeRepositoryInterface $scopeRepository,
        ClaimRepositoryInterface $claimRepository,
        $privateKey,
        $encryptionKey,
        ResponseTypeInterface $responseType = null
    ) {
        $this->clientRepository = $clientRepository;
        $this->accessTokenRepository = $accessTokenRepository;
        $this->scopeRepository = $scopeRepository;
        $this->claimRepository = $claimRepository;

        if ($privateKey instanceof CryptKey === false) {
            $privateKey = new CryptKey($privateKey);
        }

        $this->privateKey = $privateKey;
        $this->encryptionKey = $encryptionKey;

        if ($responseType === null) {
            $responseType = new BearerTokenResponse();
        } else {
            $responseType = clone $responseType;
        }

        $this->responseType = $responseType;
    }

    /**
     * Enable a grant type on the server.
     *
     * @param GrantTypeInterface $grantType
     * @param null|DateInterval  $accessTokenTTL
     */
    public function enableGrantType(GrantTypeInterface $grantType, DateInterval $accessTokenTTL = null)
    {
        if ($accessTokenTTL === null) {
            $accessTokenTTL = new DateInterval('PT1H');
        }

        $grantType->setAccessTokenRepository($this->accessTokenRepository);
        $grantType->setClientRepository($this->clientRepository);
        $grantType->setScopeRepository($this->scopeRepository);
        $grantType->setClaimRepository($this->claimRepository);
        $grantType->setDefaultScope($this->defaultScope);
        $grantType->setPrivateKey($this->privateKey);
        $grantType->setEmitter($this->getEmitter());
        $grantType->setEncryptionKey($this->encryptionKey);

        $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
        $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
    }

    /**
     * Validate an authorization request
     *
     * @param ServerRequestInterface $request
     *
     * @throws OAuthServerException
     *
     * @return AuthorizationRequest
     */
    public function validateAuthorizationRequest(ServerRequestInterface $request)
    {
        foreach ($this->enabledGrantTypes as $grantType) {
            if ($grantType->canRespondToAuthorizationRequest($request)) {
                return $grantType->validateAuthorizationRequest($request);
            }
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * Complete an authorization request
     *
     * @param AuthorizationRequest $authRequest
     * @param ResponseInterface    $response
     *
     * @return ResponseInterface
     */
    public function completeAuthorizationRequest(AuthorizationRequest $authRequest, ResponseInterface $response)
    {
        return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]
            ->completeAuthorizationRequest($authRequest)
            ->generateHttpResponse($response);
    }

    /**
     * Return an access token response.
     *
     * @param ServerRequestInterface $request
     * @param ResponseInterface      $response
     *
     * @throws OAuthServerException
     *
     * @return ResponseInterface
     */
    public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)
    {
        foreach ($this->enabledGrantTypes as $grantType) {
            if (!$grantType->canRespondToAccessTokenRequest($request)) {
                continue;
            }
            $tokenResponse = $grantType->respondToAccessTokenRequest(
                $request,
                $this->getResponseType(),
                $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
            );

            if ($tokenResponse instanceof ResponseTypeInterface) {
                return $tokenResponse->generateHttpResponse($response);
            }
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * Get the token type that grants will return in the HTTP response.
     *
     * @return ResponseTypeInterface
     */
    protected function getResponseType()
    {
        $responseType = clone $this->responseType;

        if ($responseType instanceof AbstractResponseType) {
            $responseType->setPrivateKey($this->privateKey);
        }

        $responseType->setEncryptionKey($this->encryptionKey);

        return $responseType;
    }

    /**
     * Set the default scope for the authorization server.
     *
     * @param string $defaultScope
     */
    public function setDefaultScope($defaultScope)
    {
        $this->defaultScope = $defaultScope;
    }
}


1			<?php
2			/**
3			* @author Alex Bilbie <[email protected]>
4			* @copyright Copyright (c) Alex Bilbie
5			* @license http://mit-license.org/
6			*
7			* @link https://github.com/thephpleague/oauth2-server
8			*/
9
10			namespace League\OAuth2\Server;
11
12			use DateInterval;
13			use Defuse\Crypto\Key;
14			use League\Event\EmitterAwareInterface;
15			use League\Event\EmitterAwareTrait;
16			use League\OAuth2\Server\Exception\OAuthServerException;
17			use League\OAuth2\Server\Grant\GrantTypeInterface;
18			use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
19			use League\OAuth2\Server\Repositories\ClaimRepositoryInterface;
20			use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
21			use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
22			use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
23			use League\OAuth2\Server\ResponseTypes\AbstractResponseType;
24			use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
25			use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
26			use Psr\Http\Message\ResponseInterface;
27			use Psr\Http\Message\ServerRequestInterface;
28
29			class AuthorizationServer implements EmitterAwareInterface
30			{
31			use EmitterAwareTrait;
32
33			/**
34			* @var GrantTypeInterface[]
35			*/
36			protected $enabledGrantTypes = [];
37
38			/**
39			* @var DateInterval[]
40			*/
41			protected $grantTypeAccessTokenTTL = [];
42
43			/**
44			* @var CryptKey
45			*/
46			protected $privateKey;
47
48			/**
49			* @var CryptKey
50			*/
51			protected $publicKey;
52
53			/**
54			* @var ResponseTypeInterface
55			*/
56			protected $responseType;
57
58			/**
59			* @var ClientRepositoryInterface
60			*/
61			private $clientRepository;
62
63			/**
64			* @var AccessTokenRepositoryInterface
65			*/
66			private $accessTokenRepository;
67
68			/**
69			* @var ScopeRepositoryInterface
70			*/
71			private $scopeRepository;
72
73			/**
74			* @var ClaimRepositoryInterface
75			*/
76			private $claimRepository;
77
78			/**
79			* @var string\|Key
80			*/
81			private $encryptionKey;
82
83			/**
84			* @var string
85			*/
86			private $defaultScope = '';
87
88			/**
89			* New server instance.
90			*
91			* @param ClientRepositoryInterface $clientRepository
92			* @param AccessTokenRepositoryInterface $accessTokenRepository
93			* @param ScopeRepositoryInterface $scopeRepository
94			* @param CryptKey\|string $privateKey
95			* @param string\|Key $encryptionKey
96			* @param null\|ResponseTypeInterface $responseType
97			*/
98			public function __construct(
99			ClientRepositoryInterface $clientRepository,
100			AccessTokenRepositoryInterface $accessTokenRepository,
101			ScopeRepositoryInterface $scopeRepository,
102			ClaimRepositoryInterface $claimRepository,
103			$privateKey,
104			$encryptionKey,
105			ResponseTypeInterface $responseType = null
106			) {
107			$this->clientRepository = $clientRepository;
108			$this->accessTokenRepository = $accessTokenRepository;
109			$this->scopeRepository = $scopeRepository;
110			$this->claimRepository = $claimRepository;
111
112			if ($privateKey instanceof CryptKey === false) {
113			$privateKey = new CryptKey($privateKey);
114			}
115
116			$this->privateKey = $privateKey;
117			$this->encryptionKey = $encryptionKey;
118
119			if ($responseType === null) {
120			$responseType = new BearerTokenResponse();
121			} else {
122			$responseType = clone $responseType;
123			}
124
125			$this->responseType = $responseType;
126			}
127
128			/**
129			* Enable a grant type on the server.
130			*
131			* @param GrantTypeInterface $grantType
132			* @param null\|DateInterval $accessTokenTTL
133			*/
134			public function enableGrantType(GrantTypeInterface $grantType, DateInterval $accessTokenTTL = null)
135			{
136			if ($accessTokenTTL === null) {
137			$accessTokenTTL = new DateInterval('PT1H');
138			}
139
140			$grantType->setAccessTokenRepository($this->accessTokenRepository);
141			$grantType->setClientRepository($this->clientRepository);
142			$grantType->setScopeRepository($this->scopeRepository);
143			$grantType->setClaimRepository($this->claimRepository);
144			$grantType->setDefaultScope($this->defaultScope);
145			$grantType->setPrivateKey($this->privateKey);
146			$grantType->setEmitter($this->getEmitter());
147			$grantType->setEncryptionKey($this->encryptionKey);
148
149			$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
150			$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
151			}
152
153			/**
154			* Validate an authorization request
155			*
156			* @param ServerRequestInterface $request
157			*
158			* @throws OAuthServerException
159			*
160			* @return AuthorizationRequest
161			*/
162			public function validateAuthorizationRequest(ServerRequestInterface $request)
163			{
164			foreach ($this->enabledGrantTypes as $grantType) {
165			if ($grantType->canRespondToAuthorizationRequest($request)) {
166			return $grantType->validateAuthorizationRequest($request);
167			}
168			}
169
170			throw OAuthServerException::unsupportedGrantType();
171			}
172
173			/**
174			* Complete an authorization request
175			*
176			* @param AuthorizationRequest $authRequest
177			* @param ResponseInterface $response
178			*
179			* @return ResponseInterface
180			*/
181			public function completeAuthorizationRequest(AuthorizationRequest $authRequest, ResponseInterface $response)
182			{
183			return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]
184			->completeAuthorizationRequest($authRequest)
185			->generateHttpResponse($response);
186			}
187
188			/**
189			* Return an access token response.
190			*
191			* @param ServerRequestInterface $request
192			* @param ResponseInterface $response
193			*
194			* @throws OAuthServerException
195			*
196			* @return ResponseInterface
197			*/
198			public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)
199			{
200			foreach ($this->enabledGrantTypes as $grantType) {
201			if (!$grantType->canRespondToAccessTokenRequest($request)) {
202			continue;
203			}
204			$tokenResponse = $grantType->respondToAccessTokenRequest(
205			$request,
206			$this->getResponseType(),
207			$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
208			);
209
210			if ($tokenResponse instanceof ResponseTypeInterface) {
211			return $tokenResponse->generateHttpResponse($response);
212			}
213			}
214
215			throw OAuthServerException::unsupportedGrantType();
216			}
217
218			/**
219			* Get the token type that grants will return in the HTTP response.
220			*
221			* @return ResponseTypeInterface
222			*/
223			protected function getResponseType()
224			{
225			$responseType = clone $this->responseType;
226
227			if ($responseType instanceof AbstractResponseType) {
228			$responseType->setPrivateKey($this->privateKey);
229			}
230
231			$responseType->setEncryptionKey($this->encryptionKey);
232
233			return $responseType;
234			}
235
236			/**
237			* Set the default scope for the authorization server.
238			*
239			* @param string $defaultScope
240			*/
241			public function setDefaultScope($defaultScope)
242			{
243			$this->defaultScope = $defaultScope;
244			}
245			}
246

thephpleague / oauth2-server

Pull Request — master (#1122)

AuthorizationServer A

Complexity

Size/Duplication

Test Coverage

Importance

7 Methods

Duplication Side-by-Side

Filter issues like