Complex classes like AbstractGrant often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use AbstractGrant, and based on these observations, apply Extract Interface, too.
1 | <?php |
||
42 | abstract class AbstractGrant implements GrantTypeInterface |
||
43 | { |
||
44 | use EmitterAwareTrait, CryptTrait; |
||
45 | |||
46 | const SCOPE_DELIMITER_STRING = ' '; |
||
47 | |||
48 | const MAX_RANDOM_TOKEN_GENERATION_ATTEMPTS = 10; |
||
49 | |||
50 | /** |
||
51 | * @var ClientRepositoryInterface |
||
52 | */ |
||
53 | protected $clientRepository; |
||
54 | |||
55 | /** |
||
56 | * @var AccessTokenRepositoryInterface |
||
57 | */ |
||
58 | protected $accessTokenRepository; |
||
59 | |||
60 | /** |
||
61 | * @var ScopeRepositoryInterface |
||
62 | */ |
||
63 | protected $scopeRepository; |
||
64 | |||
65 | /** |
||
66 | * @var AuthCodeRepositoryInterface |
||
67 | */ |
||
68 | protected $authCodeRepository; |
||
69 | |||
70 | /** |
||
71 | * @var RefreshTokenRepositoryInterface |
||
72 | */ |
||
73 | protected $refreshTokenRepository; |
||
74 | |||
75 | /** |
||
76 | * @var UserRepositoryInterface |
||
77 | */ |
||
78 | protected $userRepository; |
||
79 | |||
80 | /** |
||
81 | * @var DateInterval |
||
82 | */ |
||
83 | protected $refreshTokenTTL; |
||
84 | |||
85 | /** |
||
86 | * @var CryptKey |
||
87 | */ |
||
88 | protected $privateKey; |
||
89 | |||
90 | /** |
||
91 | * @string |
||
92 | */ |
||
93 | protected $defaultScope; |
||
94 | |||
95 | /** |
||
96 | * @param ClientRepositoryInterface $clientRepository |
||
97 | */ |
||
98 | 67 | public function setClientRepository(ClientRepositoryInterface $clientRepository) |
|
102 | |||
103 | /** |
||
104 | * @param AccessTokenRepositoryInterface $accessTokenRepository |
||
105 | */ |
||
106 | 45 | public function setAccessTokenRepository(AccessTokenRepositoryInterface $accessTokenRepository) |
|
110 | |||
111 | /** |
||
112 | * @param ScopeRepositoryInterface $scopeRepository |
||
113 | */ |
||
114 | 40 | public function setScopeRepository(ScopeRepositoryInterface $scopeRepository) |
|
118 | |||
119 | /** |
||
120 | * @param RefreshTokenRepositoryInterface $refreshTokenRepository |
||
121 | */ |
||
122 | 60 | public function setRefreshTokenRepository(RefreshTokenRepositoryInterface $refreshTokenRepository) |
|
126 | |||
127 | /** |
||
128 | * @param AuthCodeRepositoryInterface $authCodeRepository |
||
129 | */ |
||
130 | 43 | public function setAuthCodeRepository(AuthCodeRepositoryInterface $authCodeRepository) |
|
134 | |||
135 | /** |
||
136 | * @param UserRepositoryInterface $userRepository |
||
137 | */ |
||
138 | 6 | public function setUserRepository(UserRepositoryInterface $userRepository) |
|
142 | |||
143 | /** |
||
144 | * {@inheritdoc} |
||
145 | */ |
||
146 | 2 | public function setRefreshTokenTTL(DateInterval $refreshTokenTTL) |
|
150 | |||
151 | /** |
||
152 | * Set the private key |
||
153 | * |
||
154 | * @param CryptKey $key |
||
155 | */ |
||
156 | 21 | public function setPrivateKey(CryptKey $key) |
|
160 | |||
161 | /** |
||
162 | * @param string $scope |
||
163 | */ |
||
164 | 17 | public function setDefaultScope($scope) |
|
168 | |||
169 | /** |
||
170 | * Validate the client. |
||
171 | * |
||
172 | * @param ServerRequestInterface $request |
||
173 | * |
||
174 | * @throws OAuthServerException |
||
175 | * |
||
176 | * @return ClientEntityInterface |
||
177 | */ |
||
178 | 45 | protected function validateClient(ServerRequestInterface $request) |
|
179 | { |
||
180 | 45 | list($basicAuthUser, $basicAuthPassword) = $this->getBasicAuthCredentials($request); |
|
181 | |||
182 | 45 | $clientId = $this->getRequestParameter('client_id', $request, $basicAuthUser); |
|
183 | 45 | if ($clientId === null) { |
|
184 | 1 | throw OAuthServerException::invalidRequest('client_id'); |
|
185 | } |
||
186 | |||
187 | // If the client is confidential require the client secret |
||
188 | 44 | $clientSecret = $this->getRequestParameter('client_secret', $request, $basicAuthPassword); |
|
189 | |||
190 | 44 | $client = $this->clientRepository->getClientEntity( |
|
191 | 44 | $clientId, |
|
192 | 44 | $this->getIdentifier(), |
|
193 | $clientSecret, |
||
194 | 44 | true |
|
195 | ); |
||
196 | |||
197 | 44 | if ($client instanceof ClientEntityInterface === false) { |
|
198 | 4 | $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request)); |
|
199 | 4 | throw OAuthServerException::invalidClient(); |
|
200 | } |
||
201 | |||
202 | 40 | $redirectUri = $this->getRequestParameter('redirect_uri', $request, null); |
|
203 | |||
204 | 40 | if ($redirectUri !== null) { |
|
205 | 21 | $this->validateRedirectUri($redirectUri, $client, $request); |
|
206 | } |
||
207 | |||
208 | 38 | return $client; |
|
209 | } |
||
210 | |||
211 | /** |
||
212 | * Validate redirectUri from the request. |
||
213 | * If a redirect URI is provided ensure it matches what is pre-registered |
||
214 | * |
||
215 | * @param string $redirectUri |
||
216 | * @param ClientEntityInterface $client |
||
217 | * @param ServerRequestInterface $request |
||
218 | * |
||
219 | * @throws OAuthServerException |
||
220 | */ |
||
221 | 35 | protected function validateRedirectUri( |
|
238 | |||
239 | /** |
||
240 | * Validate scopes in the request. |
||
241 | * |
||
242 | * @param string|array $scopes |
||
243 | * @param string $redirectUri |
||
244 | * |
||
245 | * @throws OAuthServerException |
||
246 | * |
||
247 | * @return ScopeEntityInterface[] |
||
248 | */ |
||
249 | 37 | public function validateScopes($scopes, $redirectUri = null) |
|
269 | |||
270 | /** |
||
271 | * Converts a scopes query string to an array to easily iterate for validation. |
||
272 | * |
||
273 | * @param string $scopes |
||
274 | * |
||
275 | * @return array |
||
276 | */ |
||
277 | 25 | private function convertScopesQueryStringToArray($scopes) |
|
283 | |||
284 | /** |
||
285 | * Retrieve request parameter. |
||
286 | * |
||
287 | * @param string $parameter |
||
288 | * @param ServerRequestInterface $request |
||
289 | * @param mixed $default |
||
290 | * |
||
291 | * @return null|string |
||
292 | */ |
||
293 | 45 | protected function getRequestParameter($parameter, ServerRequestInterface $request, $default = null) |
|
299 | |||
300 | /** |
||
301 | * Retrieve HTTP Basic Auth credentials with the Authorization header |
||
302 | * of a request. First index of the returned array is the username, |
||
303 | * second is the password (so list() will work). If the header does |
||
304 | * not exist, or is otherwise an invalid HTTP Basic header, return |
||
305 | * [null, null]. |
||
306 | * |
||
307 | * @param ServerRequestInterface $request |
||
308 | * |
||
309 | * @return string[]|null[] |
||
310 | */ |
||
311 | 50 | protected function getBasicAuthCredentials(ServerRequestInterface $request) |
|
332 | |||
333 | /** |
||
334 | * Retrieve query string parameter. |
||
335 | * |
||
336 | * @param string $parameter |
||
337 | * @param ServerRequestInterface $request |
||
338 | * @param mixed $default |
||
339 | * |
||
340 | * @return null|string |
||
341 | */ |
||
342 | 21 | protected function getQueryStringParameter($parameter, ServerRequestInterface $request, $default = null) |
|
346 | |||
347 | /** |
||
348 | * Retrieve cookie parameter. |
||
349 | * |
||
350 | * @param string $parameter |
||
351 | * @param ServerRequestInterface $request |
||
352 | * @param mixed $default |
||
353 | * |
||
354 | * @return null|string |
||
355 | */ |
||
356 | 1 | protected function getCookieParameter($parameter, ServerRequestInterface $request, $default = null) |
|
360 | |||
361 | /** |
||
362 | * Retrieve server parameter. |
||
363 | * |
||
364 | * @param string $parameter |
||
365 | * @param ServerRequestInterface $request |
||
366 | * @param mixed $default |
||
367 | * |
||
368 | * @return null|string |
||
369 | */ |
||
370 | 20 | protected function getServerParameter($parameter, ServerRequestInterface $request, $default = null) |
|
374 | |||
375 | /** |
||
376 | * Issue an access token. |
||
377 | * |
||
378 | * @param DateInterval $accessTokenTTL |
||
379 | * @param ClientEntityInterface $client |
||
380 | * @param string|null $userIdentifier |
||
381 | * @param ScopeEntityInterface[] $scopes |
||
382 | * |
||
383 | * @throws OAuthServerException |
||
384 | * @throws UniqueTokenIdentifierConstraintViolationException |
||
385 | * |
||
386 | * @return AccessTokenEntityInterface |
||
387 | */ |
||
388 | 20 | protected function issueAccessToken( |
|
418 | |||
419 | /** |
||
420 | * Issue an auth code. |
||
421 | * |
||
422 | * @param DateInterval $authCodeTTL |
||
423 | * @param ClientEntityInterface $client |
||
424 | * @param string $userIdentifier |
||
425 | * @param string|null $redirectUri |
||
426 | * @param ScopeEntityInterface[] $scopes |
||
427 | * |
||
428 | * @throws OAuthServerException |
||
429 | * @throws UniqueTokenIdentifierConstraintViolationException |
||
430 | * |
||
431 | * @return AuthCodeEntityInterface |
||
432 | */ |
||
433 | 6 | protected function issueAuthCode( |
|
468 | |||
469 | /** |
||
470 | * @param AccessTokenEntityInterface $accessToken |
||
471 | * |
||
472 | * @throws OAuthServerException |
||
473 | * @throws UniqueTokenIdentifierConstraintViolationException |
||
474 | * |
||
475 | * @return RefreshTokenEntityInterface|null |
||
476 | */ |
||
477 | 14 | protected function issueRefreshToken(AccessTokenEntityInterface $accessToken) |
|
503 | |||
504 | /** |
||
505 | * Generate a new unique identifier. |
||
506 | * |
||
507 | * @param int $length |
||
508 | * |
||
509 | * @throws OAuthServerException |
||
510 | * |
||
511 | * @return string |
||
512 | */ |
||
513 | 28 | protected function generateUniqueIdentifier($length = 40) |
|
528 | |||
529 | /** |
||
530 | * {@inheritdoc} |
||
531 | */ |
||
532 | 5 | public function canRespondToAccessTokenRequest(ServerRequestInterface $request) |
|
541 | |||
542 | /** |
||
543 | * {@inheritdoc} |
||
544 | */ |
||
545 | 1 | public function canRespondToAuthorizationRequest(ServerRequestInterface $request) |
|
549 | |||
550 | /** |
||
551 | * {@inheritdoc} |
||
552 | */ |
||
553 | 1 | public function validateAuthorizationRequest(ServerRequestInterface $request) |
|
557 | |||
558 | /** |
||
559 | * {@inheritdoc} |
||
560 | */ |
||
561 | 1 | public function completeAuthorizationRequest(AuthorizationRequest $authorizationRequest) |
|
565 | } |
||
566 |