CryptKey::isFilePath() - Code Metrics - Inspection of "Inmemory cryptokey" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#1196)

unknown

created 2021-03-07 10:28 UTC

CryptKey::isFilePath() A

↳ Parent: CryptKey

Complexity

Conditions	1
Paths	1

Size

Total Lines	3
Code Lines	1

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	1
CRAP Score	1.125

Importance

Changes

Metric	Value
cc	1
eloc	1
nc	1
nop	0
dl	0
loc	3
ccs	1
cts	2
cp	0.5
crap	1.125
rs	10
c	0
b	0
f	0

<?php
/**
 * Cryptography key holder.
 *
 * @author      Julián Gutiérrez <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server;

use Lcobucci\JWT\Signer\Key\InMemory;
use Lcobucci\JWT\Signer\Key\LocalFileReference;
use LogicException;

class CryptKey
{
    const RSA_KEY_PATTERN =
        '/^(-----BEGIN (RSA )?(PUBLIC|PRIVATE) KEY-----)\R.*(-----END (RSA )?(PUBLIC|PRIVATE) KEY-----)\R?$/s';

    const FILE_PREFIX = 'file://';

    /**
     * @var string
     */
    protected $keyPath;

    /**
     * @var null|string
     */
    protected $passPhrase;

    /**
     * @param string $keyPath
     * @param null|string $passPhrase
     * @param bool $keyPermissionsCheck
     */
    public function __construct(string $keyPath, ?string $passPhrase = null, bool $keyPermissionsCheck = true)
    {
        $this->keyPath = $keyPath;
        $this->passPhrase = $passPhrase;

        if (is_file($this->keyPath) && !$this->isFilePath()) {
            $this->keyPath = self::FILE_PREFIX . $this->keyPath;
        }

        if ($this->isFilePath()) {
            if (!\file_exists($keyPath) || !\is_readable($keyPath)) {
                throw new LogicException(\sprintf('Key path "%s" does not exist or is not readable', $keyPath));
            }

            if ($keyPermissionsCheck === true && PHP_OS_FAMILY !== 'Windows') {
                // Verify the permissions of the key
                $keyPathPerms = \decoct(\fileperms($keyPath) & 0777);
                if (\in_array($keyPathPerms, ['400', '440', '600', '640', '660'], true) === false) {
                    \trigger_error(
                        \sprintf(
                            'Key file "%s" permissions are not correct, recommend changing to 600 or 660 instead of %s',
                            $keyPath,
                            $keyPathPerms
                        ),
                        E_USER_NOTICE
                    );
                }
            }
        } else {
            $rsaMatch = \preg_match(static::RSA_KEY_PATTERN, $this->keyPath);
            if ($rsaMatch === 0) {
                throw new LogicException('This is not a RSA key');
            }

            if ($rsaMatch === false) {
                throw new \RuntimeException(
                    \sprintf('PCRE error [%d] encountered during key match attempt', \preg_last_error())
                );
            }
        }
    }

    public function isFilePath(): bool
    {
        return \strpos($this->keyPath, self::FILE_PREFIX) === 0;
    }

    /**
     * Retrieve key path.
     *
     * @return string
     */
    public function getKeyPath()
    {
        return $this->keyPath;
    }

    /**
     * Retrieve key pass phrase.
     *
     * @return null|string
     */
    public function getPassPhrase()
    {
        return $this->passPhrase;
    }

    /**
     * Create signer key
     *
     * @internal Remove when the JWT configuration is moved to the dependency injection container
     *
     * @return \Lcobucci\JWT\Signer\Key
     */
    public function createSignerKey(): \Lcobucci\JWT\Signer\Key
    {
        if ($this->isFilePath()) {
            return LocalFileReference::file($this->keyPath, $this->passPhrase ?? '');
        }

        return InMemory::plainText($this->keyPath, $this->passPhrase ?? '');
    }
}


1		<?php
2		/**
3		* Cryptography key holder.
4		*
5		* @author Julián Gutiérrez <[email protected]>
6		* @copyright Copyright (c) Alex Bilbie
7		* @license http://mit-license.org/
8		*
9		* @link https://github.com/thephpleague/oauth2-server
10		*/
11
12		namespace League\OAuth2\Server;
13
14		use Lcobucci\JWT\Signer\Key\InMemory;
15		use Lcobucci\JWT\Signer\Key\LocalFileReference;
16		use LogicException;
17
18		class CryptKey
19		{
20		const RSA_KEY_PATTERN =
21		'/^(-----BEGIN (RSA )?(PUBLIC\|PRIVATE) KEY-----)\R.*(-----END (RSA )?(PUBLIC\|PRIVATE) KEY-----)\R?$/s';
22
23		const FILE_PREFIX = 'file://';
24
25		/**
26		* @var string
27		*/
28		protected $keyPath;
29
30		/**
31		* @var null\|string
32		*/
33		protected $passPhrase;
34
35		/**
36		* @param string $keyPath
37	56	* @param null\|string $passPhrase
38		* @param bool $keyPermissionsCheck
39	56	*/
40	1	public function __construct(string $keyPath, ?string $passPhrase = null, bool $keyPermissionsCheck = true)
41	55	{
42	1	$this->keyPath = $keyPath;
43	1	$this->passPhrase = $passPhrase;
44
45		if (is_file($this->keyPath) && !$this->isFilePath()) {
46		$this->keyPath = self::FILE_PREFIX . $this->keyPath;
47	55	}
48	2
49		if ($this->isFilePath()) {
50		if (!\file_exists($keyPath) \|\| !\is_readable($keyPath)) {
51	55	throw new LogicException(\sprintf('Key path "%s" does not exist or is not readable', $keyPath));
52	1	}
53
54		if ($keyPermissionsCheck === true && PHP_OS_FAMILY !== 'Windows') {
55	54	// Verify the permissions of the key
56		$keyPathPerms = \decoct(\fileperms($keyPath) & 0777);
57	54	if (\in_array($keyPathPerms, ['400', '440', '600', '640', '660'], true) === false) {
58	54	\trigger_error(
59		\sprintf(
60		'Key file "%s" permissions are not correct, recommend changing to 600 or 660 instead of %s',
61		$keyPath,
62		$keyPathPerms
63		),
64		E_USER_NOTICE
65		);
66		}
67	54	}
68	54	} else {
69	54	$rsaMatch = \preg_match(static::RSA_KEY_PATTERN, $this->keyPath);
70		if ($rsaMatch === 0) {
71		throw new LogicException('This is not a RSA key');
72		}
73
74		if ($rsaMatch === false) {
75		throw new \RuntimeException(
76		\sprintf('PCRE error [%d] encountered during key match attempt', \preg_last_error())
77		);
78	1	}
79		}
80	1	}
81	1
82		public function isFilePath(): bool
83	1	{
84		return \strpos($this->keyPath, self::FILE_PREFIX) === 0;
85		}
86
87	1	/**
88		* Retrieve key path.
89		*
90		* @return string
91		*/
92		public function getKeyPath()
93	1	{
94		return $this->keyPath;
95		}
96
97		/**
98		* Retrieve key pass phrase.
99	1	*
100		* @return null\|string
101		*/
102		public function getPassPhrase()
103		{
104		return $this->passPhrase;
105		}
106
107	19	/**
108		* Create signer key
109	19	*
110		* @internal Remove when the JWT configuration is moved to the dependency injection container
111		*
112		* @return \Lcobucci\JWT\Signer\Key
113		*/
114		public function createSignerKey(): \Lcobucci\JWT\Signer\Key
115		{
116		if ($this->isFilePath()) {
117	10	return LocalFileReference::file($this->keyPath, $this->passPhrase ?? '');
118		}
119	10
120		return InMemory::plainText($this->keyPath, $this->passPhrase ?? '');
121		}
122		}
123

thephpleague / oauth2-server

Pull Request — master (#1196)

CryptKey::isFilePath() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like