Issues in middleware_use.php - All Issues - Inspection of "Merge pull request #1055 from Sephster/fix-client-..." - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 661e1f...1f20a4 )

by Andrew

created 2019-09-26 21:38 UTC

examples/public/middleware_use.php (1 issue)

Labels

Bug 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Grant\AuthCodeGrant;
use League\OAuth2\Server\Grant\RefreshTokenGrant;
use League\OAuth2\Server\Middleware\AuthorizationServerMiddleware;
use League\OAuth2\Server\Middleware\ResourceServerMiddleware;
use League\OAuth2\Server\ResourceServer;
use OAuth2ServerExamples\Repositories\AccessTokenRepository;
use OAuth2ServerExamples\Repositories\AuthCodeRepository;
use OAuth2ServerExamples\Repositories\ClientRepository;
use OAuth2ServerExamples\Repositories\RefreshTokenRepository;
use OAuth2ServerExamples\Repositories\ScopeRepository;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Slim\App;
use Zend\Diactoros\Stream;

include __DIR__ . '/../vendor/autoload.php';

$app = new App([
    'settings'                 => [
        'displayErrorDetails' => true,
    ],
    AuthorizationServer::class => function () {
        // Init our repositories
        $clientRepository = new ClientRepository();
        $accessTokenRepository = new AccessTokenRepository();
        $scopeRepository = new ScopeRepository();
        $authCodeRepository = new AuthCodeRepository();
        $refreshTokenRepository = new RefreshTokenRepository();

        $privateKeyPath = 'file://' . __DIR__ . '/../private.key';

        // Setup the authorization server
        $server = new AuthorizationServer(
            $clientRepository,
            $accessTokenRepository,
            $scopeRepository,
            $privateKeyPath,
            'lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen'
        );

        // Enable the authentication code grant on the server with a token TTL of 1 hour
        $server->enableGrantType(
            new AuthCodeGrant(
                $authCodeRepository,
                $refreshTokenRepository,
                new \DateInterval('PT10M')
            ),
            new \DateInterval('PT1H')
        );

        // Enable the refresh token grant on the server with a token TTL of 1 month
        $server->enableGrantType(
            new RefreshTokenGrant($refreshTokenRepository),
            new \DateInterval('P1M')
        );

        return $server;
    },
    ResourceServer::class => function () {
        $publicKeyPath = 'file://' . __DIR__ . '/../public.key';

        $server = new ResourceServer(
            new AccessTokenRepository(),
            $publicKeyPath
        );

        return $server;
    },
]);

// Access token issuer
$app->post('/access_token', function () {
})->add(new AuthorizationServerMiddleware($app->getContainer()->get(AuthorizationServer::class)));

// Secured API
$app->group('/api', function () {
    $this->get('/user', function (ServerRequestInterface $request, ResponseInterface $response) {

        $params = [];

        if (in_array('basic', $request->getAttribute('oauth_scopes', []))) {
            $params = [
                'id'   => 1,
                'name' => 'Alex',
                'city' => 'London',
            ];
        }

        if (in_array('email', $request->getAttribute('oauth_scopes', []))) {
            $params['email'] = '[email protected]';
        }

        $body = new Stream('php://temp', 'r+');
        $body->write(json_encode($params));

        return $response->withBody($body);
    });
})->add(new ResourceServerMiddleware($app->getContainer()->get(ResourceServer::class)));

$app->run();


1			<?php
2			/**
3			* @author Alex Bilbie <[email protected]>
4			* @copyright Copyright (c) Alex Bilbie
5			* @license http://mit-license.org/
6			*
7			* @link https://github.com/thephpleague/oauth2-server
8			*/
9
10			use League\OAuth2\Server\AuthorizationServer;
11			use League\OAuth2\Server\Grant\AuthCodeGrant;
12			use League\OAuth2\Server\Grant\RefreshTokenGrant;
13			use League\OAuth2\Server\Middleware\AuthorizationServerMiddleware;
14			use League\OAuth2\Server\Middleware\ResourceServerMiddleware;
15			use League\OAuth2\Server\ResourceServer;
16			use OAuth2ServerExamples\Repositories\AccessTokenRepository;
17			use OAuth2ServerExamples\Repositories\AuthCodeRepository;
18			use OAuth2ServerExamples\Repositories\ClientRepository;
19			use OAuth2ServerExamples\Repositories\RefreshTokenRepository;
20			use OAuth2ServerExamples\Repositories\ScopeRepository;
21			use Psr\Http\Message\ResponseInterface;
22			use Psr\Http\Message\ServerRequestInterface;
23			use Slim\App;
24			use Zend\Diactoros\Stream;
25
26			include __DIR__ . '/../vendor/autoload.php';
27
28			$app = new App([
29			'settings' => [
30			'displayErrorDetails' => true,
31			],
32			AuthorizationServer::class => function () {
33			// Init our repositories
34			$clientRepository = new ClientRepository();
35			$accessTokenRepository = new AccessTokenRepository();
36			$scopeRepository = new ScopeRepository();
37			$authCodeRepository = new AuthCodeRepository();
38			$refreshTokenRepository = new RefreshTokenRepository();
39
40			$privateKeyPath = 'file://' . __DIR__ . '/../private.key';
41
42			// Setup the authorization server
43			$server = new AuthorizationServer(
44			$clientRepository,
45			$accessTokenRepository,
46			$scopeRepository,
47			$privateKeyPath,
48			'lxZFUEsBCJ2Yb14IF2ygAHI5N4+ZAUXXaSeeJm6+twsUmIen'
49			);
50
51			// Enable the authentication code grant on the server with a token TTL of 1 hour
52			$server->enableGrantType(
53			new AuthCodeGrant(
54			$authCodeRepository,
55			$refreshTokenRepository,
56			new \DateInterval('PT10M')
57			),
58			new \DateInterval('PT1H')
59			);
60
61			// Enable the refresh token grant on the server with a token TTL of 1 month
62			$server->enableGrantType(
63			new RefreshTokenGrant($refreshTokenRepository),
64			new \DateInterval('P1M')
65			);
66
67			return $server;
68			},
69			ResourceServer::class => function () {
70			$publicKeyPath = 'file://' . __DIR__ . '/../public.key';
71
72			$server = new ResourceServer(
73			new AccessTokenRepository(),
74			$publicKeyPath
75			);
76
77			return $server;
78			},
79			]);
80
81			// Access token issuer
82			$app->post('/access_token', function () {
83			})->add(new AuthorizationServerMiddleware($app->getContainer()->get(AuthorizationServer::class)));
84
85			// Secured API
86			$app->group('/api', function () {
87			$this->get('/user', function (ServerRequestInterface $request, ResponseInterface $response) {
			0 ignored issues – show Bug introduced 2016-04-18 11:55 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$this` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
88			$params = [];
89
90			if (in_array('basic', $request->getAttribute('oauth_scopes', []))) {
91			$params = [
92			'id' => 1,
93			'name' => 'Alex',
94			'city' => 'London',
95			];
96			}
97
98			if (in_array('email', $request->getAttribute('oauth_scopes', []))) {
99			$params['email'] = '[email protected]';
100			}
101
102			$body = new Stream('php://temp', 'r+');
103			$body->write(json_encode($params));
104
105			return $response->withBody($body);
106			});
107			})->add(new ResourceServerMiddleware($app->getContainer()->get(ResourceServer::class)));
108
109			$app->run();
110

thephpleague / oauth2-server

Push — master ( 661e1f...1f20a4 )

examples/public/middleware_use.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like