AuthorizationServer::setEncryptionKey() - Code Metrics - Inspection of "Updated changelog and readme" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( bf7084...09c167 )

by Alex

created 2017-07-01 16:18 UTC

AuthorizationServer::setEncryptionKey() A

↳ Parent: AuthorizationServer

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
c	0
b	0
f	0
dl	0
loc	4
rs	10
cc	1
eloc	2
nc	1
nop	1

<?php
/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server;

use League\Event\EmitterAwareInterface;
use League\Event\EmitterAwareTrait;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\GrantTypeInterface;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

class AuthorizationServer implements EmitterAwareInterface
{
    use EmitterAwareTrait;

    const ENCRYPTION_KEY_ERROR = 'You must set the encryption key going forward to improve the security of this library - see this page for more information https://oauth2.thephpleague.com/v5-security-improvements/';

    /**
     * @var GrantTypeInterface[]
     */
    protected $enabledGrantTypes = [];

    /**
     * @var \DateInterval[]
     */
    protected $grantTypeAccessTokenTTL = [];

    /**
     * @var CryptKey
     */
    protected $privateKey;

    /**
     * @var CryptKey
     */
    protected $publicKey;

    /**
     * @var null|ResponseTypeInterface
     */
    protected $responseType;

    /**
     * @var ClientRepositoryInterface
     */
    private $clientRepository;

    /**
     * @var AccessTokenRepositoryInterface
     */
    private $accessTokenRepository;

    /**
     * @var ScopeRepositoryInterface
     */
    private $scopeRepository;

    /**
     * @var string
     */
    private $encryptionKey;

    /**
     * New server instance.
     *
     * @param ClientRepositoryInterface      $clientRepository
     * @param AccessTokenRepositoryInterface $accessTokenRepository
     * @param ScopeRepositoryInterface       $scopeRepository
     * @param CryptKey|string                $privateKey
     * @param CryptKey|string                $publicKey
     * @param null|ResponseTypeInterface     $responseType
     */
    public function __construct(
        ClientRepositoryInterface $clientRepository,
        AccessTokenRepositoryInterface $accessTokenRepository,
        ScopeRepositoryInterface $scopeRepository,
        $privateKey,
        $publicKey,
        ResponseTypeInterface $responseType = null
    ) {
        $this->clientRepository = $clientRepository;
        $this->accessTokenRepository = $accessTokenRepository;
        $this->scopeRepository = $scopeRepository;

        if ($privateKey instanceof CryptKey === false) {
            $privateKey = new CryptKey($privateKey);
        }
        $this->privateKey = $privateKey;

        if ($publicKey instanceof CryptKey === false) {
            $publicKey = new CryptKey($publicKey);
        }
        $this->publicKey = $publicKey;

        $this->responseType = $responseType;
    }

    /**
     * Set the encryption key
     *
     * @param string $key
     */
    public function setEncryptionKey($key)
    {
        $this->encryptionKey = $key;
    }

    /**
     * Enable a grant type on the server.
     *
     * @param GrantTypeInterface $grantType
     * @param null|\DateInterval $accessTokenTTL
     */
    public function enableGrantType(GrantTypeInterface $grantType, \DateInterval $accessTokenTTL = null)
    {
        if ($accessTokenTTL instanceof \DateInterval === false) {
            $accessTokenTTL = new \DateInterval('PT1H');
        }

        $grantType->setAccessTokenRepository($this->accessTokenRepository);
        $grantType->setClientRepository($this->clientRepository);
        $grantType->setScopeRepository($this->scopeRepository);
        $grantType->setPrivateKey($this->privateKey);
        $grantType->setPublicKey($this->publicKey);
        $grantType->setEmitter($this->getEmitter());

        if ($this->encryptionKey === null) {
            // @codeCoverageIgnoreStart
            error_log(self::ENCRYPTION_KEY_ERROR);
            // @codeCoverageIgnoreEnd
        }
        $grantType->setEncryptionKey($this->encryptionKey);

        $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
        $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
    }

    /**
     * Validate an authorization request
     *
     * @param ServerRequestInterface $request
     *
     * @throws OAuthServerException
     *
     * @return AuthorizationRequest
     */
    public function validateAuthorizationRequest(ServerRequestInterface $request)
    {
        if ($this->encryptionKey === null) {
            // @codeCoverageIgnoreStart
            error_log(self::ENCRYPTION_KEY_ERROR);
            // @codeCoverageIgnoreEnd
        }

        foreach ($this->enabledGrantTypes as $grantType) {
            if ($grantType->canRespondToAuthorizationRequest($request)) {
                return $grantType->validateAuthorizationRequest($request);
            }
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * Complete an authorization request
     *
     * @param AuthorizationRequest $authRequest
     * @param ResponseInterface    $response
     *
     * @return ResponseInterface
     */
    public function completeAuthorizationRequest(AuthorizationRequest $authRequest, ResponseInterface $response)
    {
        return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]
            ->completeAuthorizationRequest($authRequest)
            ->generateHttpResponse($response);
    }

    /**
     * Return an access token response.
     *
     * @param ServerRequestInterface $request
     * @param ResponseInterface      $response
     *
     * @throws OAuthServerException
     *
     * @return ResponseInterface
     */
    public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)
    {
        foreach ($this->enabledGrantTypes as $grantType) {
            if ($grantType->canRespondToAccessTokenRequest($request)) {
                $tokenResponse = $grantType->respondToAccessTokenRequest(
                    $request,
                    $this->getResponseType(),
                    $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
                );

                if ($tokenResponse instanceof ResponseTypeInterface) {
                    return $tokenResponse->generateHttpResponse($response);
                }
            }
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * Get the token type that grants will return in the HTTP response.
     *
     * @return ResponseTypeInterface
     */
    protected function getResponseType()
    {
        if ($this->responseType instanceof ResponseTypeInterface === false) {
            $this->responseType = new BearerTokenResponse();
        }

        $this->responseType->setPrivateKey($this->privateKey);
        $this->responseType->setEncryptionKey($this->encryptionKey);

        return $this->responseType;
    }
}


1			<?php
2			/**
3			* @author Alex Bilbie <[email protected]>
4			* @copyright Copyright (c) Alex Bilbie
5			* @license http://mit-license.org/
6			*
7			* @link https://github.com/thephpleague/oauth2-server
8			*/
9
10			namespace League\OAuth2\Server;
11
12			use League\Event\EmitterAwareInterface;
13			use League\Event\EmitterAwareTrait;
14			use League\OAuth2\Server\Exception\OAuthServerException;
15			use League\OAuth2\Server\Grant\GrantTypeInterface;
16			use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
17			use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
18			use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
19			use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
20			use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
21			use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
22			use Psr\Http\Message\ResponseInterface;
23			use Psr\Http\Message\ServerRequestInterface;
24
25			class AuthorizationServer implements EmitterAwareInterface
26			{
27			use EmitterAwareTrait;
28
29			const ENCRYPTION_KEY_ERROR = 'You must set the encryption key going forward to improve the security of this library - see this page for more information https://oauth2.thephpleague.com/v5-security-improvements/';
30
31			/**
32			* @var GrantTypeInterface[]
33			*/
34			protected $enabledGrantTypes = [];
35
36			/**
37			* @var \DateInterval[]
38			*/
39			protected $grantTypeAccessTokenTTL = [];
40
41			/**
42			* @var CryptKey
43			*/
44			protected $privateKey;
45
46			/**
47			* @var CryptKey
48			*/
49			protected $publicKey;
50
51			/**
52			* @var null\|ResponseTypeInterface
53			*/
54			protected $responseType;
55
56			/**
57			* @var ClientRepositoryInterface
58			*/
59			private $clientRepository;
60
61			/**
62			* @var AccessTokenRepositoryInterface
63			*/
64			private $accessTokenRepository;
65
66			/**
67			* @var ScopeRepositoryInterface
68			*/
69			private $scopeRepository;
70
71			/**
72			* @var string
73			*/
74			private $encryptionKey;
75
76			/**
77			* New server instance.
78			*
79			* @param ClientRepositoryInterface $clientRepository
80			* @param AccessTokenRepositoryInterface $accessTokenRepository
81			* @param ScopeRepositoryInterface $scopeRepository
82			* @param CryptKey\|string $privateKey
83			* @param CryptKey\|string $publicKey
84			* @param null\|ResponseTypeInterface $responseType
85			*/
86			public function __construct(
87			ClientRepositoryInterface $clientRepository,
88			AccessTokenRepositoryInterface $accessTokenRepository,
89			ScopeRepositoryInterface $scopeRepository,
90			$privateKey,
91			$publicKey,
92			ResponseTypeInterface $responseType = null
93			) {
94			$this->clientRepository = $clientRepository;
95			$this->accessTokenRepository = $accessTokenRepository;
96			$this->scopeRepository = $scopeRepository;
97
98			if ($privateKey instanceof CryptKey === false) {
99			$privateKey = new CryptKey($privateKey);
100			}
101			$this->privateKey = $privateKey;
102
103			if ($publicKey instanceof CryptKey === false) {
104			$publicKey = new CryptKey($publicKey);
105			}
106			$this->publicKey = $publicKey;
107
108			$this->responseType = $responseType;
109			}
110
111			/**
112			* Set the encryption key
113			*
114			* @param string $key
115			*/
116			public function setEncryptionKey($key)
117			{
118			$this->encryptionKey = $key;
119			}
120
121			/**
122			* Enable a grant type on the server.
123			*
124			* @param GrantTypeInterface $grantType
125			* @param null\|\DateInterval $accessTokenTTL
126			*/
127			public function enableGrantType(GrantTypeInterface $grantType, \DateInterval $accessTokenTTL = null)
128			{
129			if ($accessTokenTTL instanceof \DateInterval === false) {
130			$accessTokenTTL = new \DateInterval('PT1H');
131			}
132
133			$grantType->setAccessTokenRepository($this->accessTokenRepository);
134			$grantType->setClientRepository($this->clientRepository);
135			$grantType->setScopeRepository($this->scopeRepository);
136			$grantType->setPrivateKey($this->privateKey);
137			$grantType->setPublicKey($this->publicKey);
138			$grantType->setEmitter($this->getEmitter());
139
140			if ($this->encryptionKey === null) {
141			// @codeCoverageIgnoreStart
142			error_log(self::ENCRYPTION_KEY_ERROR);
143			// @codeCoverageIgnoreEnd
144			}
145			$grantType->setEncryptionKey($this->encryptionKey);
146
147			$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
148			$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
149			}
150
151			/**
152			* Validate an authorization request
153			*
154			* @param ServerRequestInterface $request
155			*
156			* @throws OAuthServerException
157			*
158			* @return AuthorizationRequest
159			*/
160			public function validateAuthorizationRequest(ServerRequestInterface $request)
161			{
162			if ($this->encryptionKey === null) {
163			// @codeCoverageIgnoreStart
164			error_log(self::ENCRYPTION_KEY_ERROR);
165			// @codeCoverageIgnoreEnd
166			}
167
168			foreach ($this->enabledGrantTypes as $grantType) {
169			if ($grantType->canRespondToAuthorizationRequest($request)) {
170			return $grantType->validateAuthorizationRequest($request);
171			}
172			}
173
174			throw OAuthServerException::unsupportedGrantType();
175			}
176
177			/**
178			* Complete an authorization request
179			*
180			* @param AuthorizationRequest $authRequest
181			* @param ResponseInterface $response
182			*
183			* @return ResponseInterface
184			*/
185			public function completeAuthorizationRequest(AuthorizationRequest $authRequest, ResponseInterface $response)
186			{
187			return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]
188			->completeAuthorizationRequest($authRequest)
189			->generateHttpResponse($response);
190			}
191
192			/**
193			* Return an access token response.
194			*
195			* @param ServerRequestInterface $request
196			* @param ResponseInterface $response
197			*
198			* @throws OAuthServerException
199			*
200			* @return ResponseInterface
201			*/
202			public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)
203			{
204			foreach ($this->enabledGrantTypes as $grantType) {
205			if ($grantType->canRespondToAccessTokenRequest($request)) {
206			$tokenResponse = $grantType->respondToAccessTokenRequest(
207			$request,
208			$this->getResponseType(),
209			$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
210			);
211
212			if ($tokenResponse instanceof ResponseTypeInterface) {
213			return $tokenResponse->generateHttpResponse($response);
214			}
215			}
216			}
217
218			throw OAuthServerException::unsupportedGrantType();
219			}
220
221			/**
222			* Get the token type that grants will return in the HTTP response.
223			*
224			* @return ResponseTypeInterface
225			*/
226			protected function getResponseType()
227			{
228			if ($this->responseType instanceof ResponseTypeInterface === false) {
229			$this->responseType = new BearerTokenResponse();
230			}
231
232			$this->responseType->setPrivateKey($this->privateKey);
233			$this->responseType->setEncryptionKey($this->encryptionKey);
234
235			return $this->responseType;
236			}
237			}
238

thephpleague / oauth2-server

Push — master ( bf7084...09c167 )

AuthorizationServer::setEncryptionKey() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like