ImplicitGrant::getIdentifier() - Code Metrics - Inspection of "commenting out test. Will enable in v9" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 056b41...9402d9 )

by Andrew

created 2022-04-07 21:26 UTC

ImplicitGrant::getIdentifier() A

↳ Parent: ImplicitGrant

Complexity

Conditions	1
Paths	1

Size

Total Lines	3
Code Lines	1

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes

Metric	Value
cc	1
eloc	1
c	0
b	0
f	0
nc	1
nop	0
dl	0
loc	3
ccs	2
cts	2
cp	1
crap	1
rs	10

<?php
/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server\Grant;

use DateInterval;
use League\OAuth2\Server\Entities\UserEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\RequestEvent;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use League\OAuth2\Server\ResponseTypes\RedirectResponse;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use LogicException;
use Psr\Http\Message\ServerRequestInterface;

class ImplicitGrant extends AbstractAuthorizeGrant
{
    /**
     * @var DateInterval
     */
    private $accessTokenTTL;

    /**
     * @var string
     */
    private $queryDelimiter;

    /**
     * @param DateInterval $accessTokenTTL
     * @param string       $queryDelimiter
     */
    public function __construct(DateInterval $accessTokenTTL, $queryDelimiter = '#')
    {
        $this->accessTokenTTL = $accessTokenTTL;
        $this->queryDelimiter = $queryDelimiter;
    }

    /**
     * @param DateInterval $refreshTokenTTL
     *
     * @throw LogicException
     */
    public function setRefreshTokenTTL(DateInterval $refreshTokenTTL)
    {
        throw new LogicException('The Implicit Grant does not return refresh tokens');
    }

    /**
     * @param RefreshTokenRepositoryInterface $refreshTokenRepository
     *
     * @throw LogicException
     */
    public function setRefreshTokenRepository(RefreshTokenRepositoryInterface $refreshTokenRepository)
    {
        throw new LogicException('The Implicit Grant does not return refresh tokens');
    }

    /**
     * {@inheritdoc}
     */
    public function canRespondToAccessTokenRequest(ServerRequestInterface $request)
    {
        return false;
    }

    /**
     * Return the grant identifier that can be used in matching up requests.
     *
     * @return string
     */
    public function getIdentifier()
    {
        return 'implicit';
    }

    /**
     * Respond to an incoming request.
     *
     * @param ServerRequestInterface $request
     * @param ResponseTypeInterface  $responseType
     * @param DateInterval           $accessTokenTTL
     *
     * @return ResponseTypeInterface
     */
    public function respondToAccessTokenRequest(
        ServerRequestInterface $request,
        ResponseTypeInterface $responseType,
        DateInterval $accessTokenTTL
    ) {
        throw new LogicException('This grant does not used this method');
    }

    /**
     * {@inheritdoc}
     */
    public function canRespondToAuthorizationRequest(ServerRequestInterface $request)
    {
        return (
            isset($request->getQueryParams()['response_type'])
            && $request->getQueryParams()['response_type'] === 'token'
            && isset($request->getQueryParams()['client_id'])
        );
    }

    /**
     * {@inheritdoc}
     */
    public function validateAuthorizationRequest(ServerRequestInterface $request)
    {
        $clientId = $this->getQueryStringParameter(
            'client_id',
            $request,
            $this->getServerParameter('PHP_AUTH_USER', $request)
        );

        if (\is_null($clientId)) {
            throw OAuthServerException::invalidRequest('client_id');
        }

        $client = $this->getClientEntityOrFail($clientId, $request);

        $redirectUri = $this->getQueryStringParameter('redirect_uri', $request);

        if ($redirectUri !== null) {
            if (!\is_string($redirectUri)) {

                throw OAuthServerException::invalidRequest('redirect_uri');
            }

            $this->validateRedirectUri($redirectUri, $client, $request);
        } elseif (\is_array($client->getRedirectUri()) && \count($client->getRedirectUri()) !== 1

            || empty($client->getRedirectUri())) {
            $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
            throw OAuthServerException::invalidClient($request);
        } else {
            $redirectUri = \is_array($client->getRedirectUri())
                ? $client->getRedirectUri()[0]
                : $client->getRedirectUri();
        }

        $scopes = $this->validateScopes(
            $this->getQueryStringParameter('scope', $request, $this->defaultScope),
            $redirectUri
        );

        $stateParameter = $this->getQueryStringParameter('state', $request);

        if ($stateParameter !== null && !\is_string($stateParameter)) {

            throw OAuthServerException::invalidRequest('state');
        }

        $authorizationRequest = new AuthorizationRequest();
        $authorizationRequest->setGrantTypeId($this->getIdentifier());
        $authorizationRequest->setClient($client);
        $authorizationRequest->setRedirectUri($redirectUri);

        if ($stateParameter !== null) {
            $authorizationRequest->setState($stateParameter);
        }

        $authorizationRequest->setScopes($scopes);

        return $authorizationRequest;
    }

    /**
     * {@inheritdoc}
     */
    public function completeAuthorizationRequest(AuthorizationRequest $authorizationRequest)
    {
        if ($authorizationRequest->getUser() instanceof UserEntityInterface === false) {
            throw new LogicException('An instance of UserEntityInterface should be set on the AuthorizationRequest');
        }

        $finalRedirectUri = ($authorizationRequest->getRedirectUri() === null)
            ? \is_array($authorizationRequest->getClient()->getRedirectUri())
                ? $authorizationRequest->getClient()->getRedirectUri()[0]
                : $authorizationRequest->getClient()->getRedirectUri()
            : $authorizationRequest->getRedirectUri();

        // The user approved the client, redirect them back with an access token
        if ($authorizationRequest->isAuthorizationApproved() === true) {
            // Finalize the requested scopes
            $finalizedScopes = $this->scopeRepository->finalizeScopes(
                $authorizationRequest->getScopes(),
                $this->getIdentifier(),
                $authorizationRequest->getClient(),
                $authorizationRequest->getUser()->getIdentifier()
            );

            $accessToken = $this->issueAccessToken(
                $this->accessTokenTTL,
                $authorizationRequest->getClient(),
                $authorizationRequest->getUser()->getIdentifier(),
                $finalizedScopes
            );

            $response = new RedirectResponse();
            $response->setRedirectUri(
                $this->makeRedirectUri(
                    $finalRedirectUri,
                    [
                        'access_token' => (string) $accessToken,
                        'token_type'   => 'Bearer',
                        'expires_in'   => $accessToken->getExpiryDateTime()->getTimestamp() - \time(),
                        'state'        => $authorizationRequest->getState(),
                    ],
                    $this->queryDelimiter
                )
            );

            return $response;
        }

        // The user denied the client, redirect them back with an error
        throw OAuthServerException::accessDenied(
            'The user denied the request',
            $this->makeRedirectUri(
                $finalRedirectUri,
                [
                    'state' => $authorizationRequest->getState(),
                ]
            )
        );
    }
}


1		<?php
2		/**
3		* @author Alex Bilbie <[email protected]>
4		* @copyright Copyright (c) Alex Bilbie
5		* @license http://mit-license.org/
6		*
7		* @link https://github.com/thephpleague/oauth2-server
8		*/
9
10		namespace League\OAuth2\Server\Grant;
11
12		use DateInterval;
13		use League\OAuth2\Server\Entities\UserEntityInterface;
14		use League\OAuth2\Server\Exception\OAuthServerException;
15		use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
16		use League\OAuth2\Server\RequestEvent;
17		use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
18		use League\OAuth2\Server\ResponseTypes\RedirectResponse;
19		use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
20		use LogicException;
21		use Psr\Http\Message\ServerRequestInterface;
22
23		class ImplicitGrant extends AbstractAuthorizeGrant
24		{
25		/**
26		* @var DateInterval
27		*/
28		private $accessTokenTTL;
29
30		/**
31		* @var string
32		*/
33		private $queryDelimiter;
34
35		/**
36		* @param DateInterval $accessTokenTTL
37		* @param string $queryDelimiter
38		*/
39	18	public function __construct(DateInterval $accessTokenTTL, $queryDelimiter = '#')
40		{
41	18	$this->accessTokenTTL = $accessTokenTTL;
42	18	$this->queryDelimiter = $queryDelimiter;
43	18	}
44
45		/**
46		* @param DateInterval $refreshTokenTTL
47		*
48		* @throw LogicException
49		*/
50	1	public function setRefreshTokenTTL(DateInterval $refreshTokenTTL)
51		{
52	1	throw new LogicException('The Implicit Grant does not return refresh tokens');
53		}
54
55		/**
56		* @param RefreshTokenRepositoryInterface $refreshTokenRepository
57		*
58		* @throw LogicException
59		*/
60	1	public function setRefreshTokenRepository(RefreshTokenRepositoryInterface $refreshTokenRepository)
61		{
62	1	throw new LogicException('The Implicit Grant does not return refresh tokens');
63		}
64
65		/**
66		* {@inheritdoc}
67		*/
68	1	public function canRespondToAccessTokenRequest(ServerRequestInterface $request)
69		{
70	1	return false;
71		}
72
73		/**
74		* Return the grant identifier that can be used in matching up requests.
75		*
76		* @return string
77		*/
78	7	public function getIdentifier()
79		{
80	7	return 'implicit';
81		}
82
83		/**
84		* Respond to an incoming request.
85		*
86		* @param ServerRequestInterface $request
87		* @param ResponseTypeInterface $responseType
88		* @param DateInterval $accessTokenTTL
89		*
90		* @return ResponseTypeInterface
91		*/
92	1	public function respondToAccessTokenRequest(
93		ServerRequestInterface $request,
94		ResponseTypeInterface $responseType,
95		DateInterval $accessTokenTTL
96		) {
97	1	throw new LogicException('This grant does not used this method');
98		}
99
100		/**
101		* {@inheritdoc}
102		*/
103	1	public function canRespondToAuthorizationRequest(ServerRequestInterface $request)
104		{
105		return (
106	1	isset($request->getQueryParams()['response_type'])
107	1	&& $request->getQueryParams()['response_type'] === 'token'
108	1	&& isset($request->getQueryParams()['client_id'])
109		);
110		}
111
112		/**
113		* {@inheritdoc}
114		*/
115	6	public function validateAuthorizationRequest(ServerRequestInterface $request)
116		{
117	6	$clientId = $this->getQueryStringParameter(
118	6	'client_id',
119		$request,
120	6	$this->getServerParameter('PHP_AUTH_USER', $request)
121		);
122
123	6	if (\is_null($clientId)) {
124	1	throw OAuthServerException::invalidRequest('client_id');
125		}
126
127	5	$client = $this->getClientEntityOrFail($clientId, $request);
128
129	4	$redirectUri = $this->getQueryStringParameter('redirect_uri', $request);
130
131	4	if ($redirectUri !== null) {
132	4	if (!\is_string($redirectUri)) {
		0 ignored issues – show introduced 2021-04-01 15:21 UTC by Report Bug Copy Issue Report The condition `is_string($redirectUri)` is always `true`. Loading history...
133		throw OAuthServerException::invalidRequest('redirect_uri');
134		}
135
136	4	$this->validateRedirectUri($redirectUri, $client, $request);
137		} elseif (\is_array($client->getRedirectUri()) && \count($client->getRedirectUri()) !== 1
		0 ignored issues – show introduced 2019-11-29 22:44 UTC by Report Bug Copy Issue Report Consider adding parentheses for clarity. Current Interpretation: `(is_array($client->getRe...ient->getRedirectUri())`, Probably Intended Meaning: `is_array($client->getRed...ent->getRedirectUri()))` Loading history...
138		\|\| empty($client->getRedirectUri())) {
139		$this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
140		throw OAuthServerException::invalidClient($request);
141		} else {
142		$redirectUri = \is_array($client->getRedirectUri())
143		? $client->getRedirectUri()[0]
144		: $client->getRedirectUri();
145		}
146
147	2	$scopes = $this->validateScopes(
148	2	$this->getQueryStringParameter('scope', $request, $this->defaultScope),
149		$redirectUri
150		);
151
152	2	$stateParameter = $this->getQueryStringParameter('state', $request);
153
154	2	if ($stateParameter !== null && !\is_string($stateParameter)) {
		0 ignored issues – show introduced 2021-04-01 15:21 UTC by Report Bug Copy Issue Report The condition `is_string($stateParameter)` is always `true`. Loading history...
155		throw OAuthServerException::invalidRequest('state');
156		}
157
158	2	$authorizationRequest = new AuthorizationRequest();
159	2	$authorizationRequest->setGrantTypeId($this->getIdentifier());
160	2	$authorizationRequest->setClient($client);
161	2	$authorizationRequest->setRedirectUri($redirectUri);
162
163	2	if ($stateParameter !== null) {
164		$authorizationRequest->setState($stateParameter);
165		}
166
167	2	$authorizationRequest->setScopes($scopes);
168
169	2	return $authorizationRequest;
170		}
171
172		/**
173		* {@inheritdoc}
174		*/
175	6	public function completeAuthorizationRequest(AuthorizationRequest $authorizationRequest)
176		{
177	6	if ($authorizationRequest->getUser() instanceof UserEntityInterface === false) {
178	1	throw new LogicException('An instance of UserEntityInterface should be set on the AuthorizationRequest');
179		}
180
181	5	$finalRedirectUri = ($authorizationRequest->getRedirectUri() === null)
182	5	? \is_array($authorizationRequest->getClient()->getRedirectUri())
183		? $authorizationRequest->getClient()->getRedirectUri()[0]
184	5	: $authorizationRequest->getClient()->getRedirectUri()
185	5	: $authorizationRequest->getRedirectUri();
186
187		// The user approved the client, redirect them back with an access token
188	5	if ($authorizationRequest->isAuthorizationApproved() === true) {
189		// Finalize the requested scopes
190	4	$finalizedScopes = $this->scopeRepository->finalizeScopes(
191	4	$authorizationRequest->getScopes(),
192	4	$this->getIdentifier(),
193	4	$authorizationRequest->getClient(),
194	4	$authorizationRequest->getUser()->getIdentifier()
195		);
196
197	4	$accessToken = $this->issueAccessToken(
198	4	$this->accessTokenTTL,
199	4	$authorizationRequest->getClient(),
200	4	$authorizationRequest->getUser()->getIdentifier(),
201		$finalizedScopes
202		);
203
204	2	$response = new RedirectResponse();
205	2	$response->setRedirectUri(
206	2	$this->makeRedirectUri(
207		$finalRedirectUri,
208		[
209	2	'access_token' => (string) $accessToken,
210	2	'token_type' => 'Bearer',
211	2	'expires_in' => $accessToken->getExpiryDateTime()->getTimestamp() - \time(),
212	2	'state' => $authorizationRequest->getState(),
213		],
214	2	$this->queryDelimiter
215		)
216		);
217
218	2	return $response;
219		}
220
221		// The user denied the client, redirect them back with an error
222	1	throw OAuthServerException::accessDenied(
223		'The user denied the request',
224	1	$this->makeRedirectUri(
225		$finalRedirectUri,
226		[
227	1	'state' => $authorizationRequest->getState(),
228		]
229		)
230		);
231		}
232		}
233

thephpleague / oauth2-server

Push — master ( 056b41...9402d9 )

ImplicitGrant::getIdentifier() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like