Introspector::isTokenRevoked() - Code Metrics - Inspection of "Add introspection implementation" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#925)

unknown

created 2018-07-20 16:31 UTC

Introspector::isTokenRevoked() A

↳ Parent: Introspector

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	2
CRAP Score	1

Importance

Changes

Metric	Value
dl	0
loc	4
ccs	2
cts	2
cp	1
rs	10
c	0
b	0
f	0
cc	1
nc	1
nop	1
crap	1

<?php

namespace League\OAuth2\Server;

use Exception;
use InvalidArgumentException;
use Lcobucci\JWT\Parser;
use Lcobucci\JWT\Signer\Keychain;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use Lcobucci\JWT\Token;
use Lcobucci\JWT\ValidationData;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\ResponseTypes\IntrospectionResponse;
use Psr\Http\Message\ServerRequestInterface;

class Introspector
{
    /**
     * @var AccessTokenRepositoryInterface
     */
    private $accessTokenRepository;

    /**
     * @var CryptKey
     */
    private $privateKey;

    /**
     * @var Parser
     */
    private $parser;

    /**
     * New Introspector instance.
     *
     * @param AccessTokenRepositoryInterface $accessTokenRepository
     * @param CryptKey                       $privateKey
     * @param Parser                         $parser
     */
    public function __construct(
        AccessTokenRepositoryInterface $accessTokenRepository,
        CryptKey $privateKey,
        Parser $parser
    ) {
        $this->accessTokenRepository = $accessTokenRepository;
        $this->privateKey = $privateKey;
        $this->parser = $parser;
    }

    /**
     * Return an introspection response.
     *
     * @param ServerRequestInterface $request
     *
     * @return IntrospectionResponse
     */
    public function respondToIntrospectionRequest(
        ServerRequestInterface $request,
        IntrospectionResponse $responseType
    )
    {
        $jwt = $request->getParsedBody()['token'] ?? null;

        try {
            $token = $this->parser->parse($jwt);
        } catch (InvalidArgumentException $e) {
            return $responseType;
        }

        return $this->isTokenValid($token) ?
            $this->setTokenOnResponse($token, $responseType) :
            $responseType;
    }

    /**
     * Validate the JWT and make sure it has not expired or been revoked
     *
     * @return bool
     */
    private function isTokenValid(Token $token)
    {
        return $this->verifyToken($token) && !$this->isTokenExpired($token) && !$this->isTokenRevoked($token);
    }

    /**
     * Validate the JWT token.
     *
     * @param Token $token
     *
     * @return bool
     */
    private function verifyToken(Token $token)
    {
        $keychain = new Keychain();
        $key = $keychain->getPrivateKey($this->privateKey->getKeyPath(), $this->privateKey->getPassPhrase());

        return $token->verify(new Sha256, $key->getContent());
    }

    /**
     * Ensure access token hasn't expired
     *
     * @param Token $token
     *
     * @return bool
     */
    private function isTokenExpired(Token $token)
    {
        $data = new ValidationData(time());

        return !$token->validate($data);
    }

    /**
     * Check if the given access token is revoked.
     *
     * @param Token $token
     *
     * @return bool
     */
    private function isTokenRevoked(Token $token)
    {
        return $this->accessTokenRepository->isAccessTokenRevoked($token->getClaim('jti'));
    }

    /**
     * Create active introspection response.
     *
     * @param Token $token
     *
     * @return IntrospectionResponse
     */
    private function setTokenOnResponse(Token $token, IntrospectionResponse $responseType)
    {
        $responseType->setToken($token);

        return $responseType;
    }
}


1		<?php
2
3		namespace League\OAuth2\Server;
4
5		use Exception;
6		use InvalidArgumentException;
7		use Lcobucci\JWT\Parser;
8		use Lcobucci\JWT\Signer\Keychain;
9		use Lcobucci\JWT\Signer\Rsa\Sha256;
10		use Lcobucci\JWT\Token;
11		use Lcobucci\JWT\ValidationData;
12		use League\OAuth2\Server\Exception\OAuthServerException;
13		use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
14		use League\OAuth2\Server\ResponseTypes\IntrospectionResponse;
15		use Psr\Http\Message\ServerRequestInterface;
16
17		class Introspector
18		{
19		/**
20		* @var AccessTokenRepositoryInterface
21		*/
22		private $accessTokenRepository;
23
24		/**
25		* @var CryptKey
26		*/
27		private $privateKey;
28
29		/**
30		* @var Parser
31		*/
32		private $parser;
33
34		/**
35		* New Introspector instance.
36		*
37		* @param AccessTokenRepositoryInterface $accessTokenRepository
38		* @param CryptKey $privateKey
39		* @param Parser $parser
40		*/
41	5	public function __construct(
42		AccessTokenRepositoryInterface $accessTokenRepository,
43		CryptKey $privateKey,
44		Parser $parser
45		) {
46	5	$this->accessTokenRepository = $accessTokenRepository;
47	5	$this->privateKey = $privateKey;
48	5	$this->parser = $parser;
49	5	}
50
51		/**
52		* Return an introspection response.
53		*
54		* @param ServerRequestInterface $request
55		*
56		* @return IntrospectionResponse
57		*/
58	5	public function respondToIntrospectionRequest(
59		ServerRequestInterface $request,
60		IntrospectionResponse $responseType
61		)
62		{
63	5	$jwt = $request->getParsedBody()['token'] ?? null;
64
65		try {
66	5	$token = $this->parser->parse($jwt);
67	1	} catch (InvalidArgumentException $e) {
68	1	return $responseType;
69		}
70
71	4	return $this->isTokenValid($token) ?
72	1	$this->setTokenOnResponse($token, $responseType) :
73	4	$responseType;
74		}
75
76		/**
77		* Validate the JWT and make sure it has not expired or been revoked
78		*
79		* @return bool
80		*/
81	4	private function isTokenValid(Token $token)
82		{
83	4	return $this->verifyToken($token) && !$this->isTokenExpired($token) && !$this->isTokenRevoked($token);
84		}
85
86		/**
87		* Validate the JWT token.
88		*
89		* @param Token $token
90		*
91		* @return bool
92		*/
93	4	private function verifyToken(Token $token)
94		{
95	4	$keychain = new Keychain();
96	4	$key = $keychain->getPrivateKey($this->privateKey->getKeyPath(), $this->privateKey->getPassPhrase());
97
98	4	return $token->verify(new Sha256, $key->getContent());
99		}
100
101		/**
102		* Ensure access token hasn't expired
103		*
104		* @param Token $token
105		*
106		* @return bool
107		*/
108	3	private function isTokenExpired(Token $token)
109		{
110	3	$data = new ValidationData(time());
111
112	3	return !$token->validate($data);
113		}
114
115		/**
116		* Check if the given access token is revoked.
117		*
118		* @param Token $token
119		*
120		* @return bool
121		*/
122	2	private function isTokenRevoked(Token $token)
123		{
124	2	return $this->accessTokenRepository->isAccessTokenRevoked($token->getClaim('jti'));
125		}
126
127		/**
128		* Create active introspection response.
129		*
130		* @param Token $token
131		*
132		* @return IntrospectionResponse
133		*/
134	1	private function setTokenOnResponse(Token $token, IntrospectionResponse $responseType)
135		{
136	1	$responseType->setToken($token);
137
138	1	return $responseType;
139		}
140		}
141

thephpleague / oauth2-server

Pull Request — master (#925)

Introspector::isTokenRevoked() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like