AuthorizationServer - Code Metrics - Inspection of "Add introspection implementation" - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#925)

unknown

created 2018-11-11 12:40 UTC

AuthorizationServer A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	315
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	10

Test Coverage

Coverage

63.53%

Importance

Changes

Metric	Value
wmc	26
lcom	1
cbo	10
dl	0
loc	315
ccs	54
cts	85
cp	0.6353
rs	10
c	0
b	0
f	0

14 Methods

Rating	Name	Size	Complexity
A	__construct()	33	4
A	enableGrantType()	17	2
A	validateAuthorizationRequest()	10	3
A	completeAuthorizationRequest()	6	1
A	respondToAccessTokenRequest()	19	4
A	setIntrospectionReponseType()	4	1
A	setIntrospectionValidator()	4	1
A	getIntrospectionResponseType()	8	2
A	getIntrospectionValidator()	8	2
A	respondToIntrospectionRequest()	11	1
A	validateIntrospectionRequest()	5	1
A	getIntrospector()	12	2
A	newResponseType()	4	1
A	setDefaultScope()	4	1

<?php
/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server;

use Defuse\Crypto\Key;
use Lcobucci\JWT\Parser;
use League\Event\EmitterAwareInterface;
use League\Event\EmitterAwareTrait;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\GrantTypeInterface;
use League\OAuth2\Server\IntrospectionValidators\BearerTokenValidator;
use League\OAuth2\Server\IntrospectionValidators\IntrospectionValidatorInterface;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use League\OAuth2\Server\ResponseTypes\AbstractResponseType;
use League\OAuth2\Server\ResponseTypes\BearerTokenIntrospectionResponse;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use League\OAuth2\Server\ResponseTypes\IntrospectionResponse;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

class AuthorizationServer implements EmitterAwareInterface
{
    use EmitterAwareTrait;

    /**
     * @var GrantTypeInterface[]
     */
    protected $enabledGrantTypes = [];

    /**
     * @var \DateInterval[]
     */
    protected $grantTypeAccessTokenTTL = [];

    /**
     * @var CryptKey
     */
    protected $privateKey;

    /**
     * @var CryptKey
     */
    protected $publicKey;

    /**
     * @var ResponseTypeInterface
     */
    protected $responseTypePrototype;

    /**
     * @var null|IntrospectionResponse
     */
    protected $introspectionResponseType;

    /**
     * @var null|IntrospectionValidatorInterface
     */
    protected $introspectionValidator;

    /**
     * @var null|Introspector
     */
    protected $introspector;

    /**
     * @var ClientRepositoryInterface
     */
    private $clientRepository;

    /**
     * @var AccessTokenRepositoryInterface
     */
    private $accessTokenRepository;

    /**
     * @var ScopeRepositoryInterface
     */
    private $scopeRepository;

    /**
     * @var string|Key
     */
    private $encryptionKey;

    /**
     * @var string
     */
    private $defaultScope = '';

    /**
     * New server instance.
     *
     * @param ClientRepositoryInterface      $clientRepository
     * @param AccessTokenRepositoryInterface $accessTokenRepository
     * @param ScopeRepositoryInterface       $scopeRepository
     * @param CryptKey|string                $privateKey
     * @param string|Key                     $encryptionKey
     * @param null|ResponseTypeInterface     $responseTypePrototype
     */
    public function __construct(
        ClientRepositoryInterface $clientRepository,
        AccessTokenRepositoryInterface $accessTokenRepository,
        ScopeRepositoryInterface $scopeRepository,
        $privateKey,
        $encryptionKey,
        ResponseTypeInterface $responseTypePrototype = null
    ) {
        $this->clientRepository = $clientRepository;
        $this->accessTokenRepository = $accessTokenRepository;
        $this->scopeRepository = $scopeRepository;

        if ($privateKey instanceof CryptKey === false) {
            $privateKey = new CryptKey($privateKey);
        }

        $this->privateKey = $privateKey;
        $this->encryptionKey = $encryptionKey;

        if ($responseTypePrototype === null) {
            $responseTypePrototype = new BearerTokenResponse();
        } else {
            $responseTypePrototype = clone $responseTypePrototype;
        }

        if ($responseTypePrototype instanceof AbstractResponseType) {
            $responseTypePrototype->setPrivateKey($this->privateKey);
        }

        $responseTypePrototype->setEncryptionKey($this->encryptionKey);

        $this->responseTypePrototype = $responseTypePrototype;
    }

    /**
     * Enable a grant type on the server.
     *
     * @param GrantTypeInterface $grantType
     * @param null|\DateInterval $accessTokenTTL
     */
    public function enableGrantType(GrantTypeInterface $grantType, \DateInterval $accessTokenTTL = null)
    {
        if ($accessTokenTTL instanceof \DateInterval === false) {
            $accessTokenTTL = new \DateInterval('PT1H');
        }

        $grantType->setAccessTokenRepository($this->accessTokenRepository);
        $grantType->setClientRepository($this->clientRepository);
        $grantType->setScopeRepository($this->scopeRepository);
        $grantType->setDefaultScope($this->defaultScope);
        $grantType->setPrivateKey($this->privateKey);
        $grantType->setEmitter($this->getEmitter());
        $grantType->setEncryptionKey($this->encryptionKey);

        $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
        $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
    }

    /**
     * Validate an authorization request
     *
     * @param ServerRequestInterface $request
     *
     * @throws OAuthServerException
     *
     * @return AuthorizationRequest
     */
    public function validateAuthorizationRequest(ServerRequestInterface $request)
    {
        foreach ($this->enabledGrantTypes as $grantType) {
            if ($grantType->canRespondToAuthorizationRequest($request)) {
                return $grantType->validateAuthorizationRequest($request);
            }
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * Complete an authorization request
     *
     * @param AuthorizationRequest $authRequest
     * @param ResponseInterface    $response
     *
     * @return ResponseInterface
     */
    public function completeAuthorizationRequest(AuthorizationRequest $authRequest, ResponseInterface $response)
    {
        return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]
            ->completeAuthorizationRequest($authRequest)
            ->generateHttpResponse($response);
    }

    /**
     * Return an access token response.
     *
     * @param ServerRequestInterface $request
     * @param ResponseInterface      $response
     *
     * @throws OAuthServerException
     *
     * @return ResponseInterface
     */
    public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)
    {
        foreach ($this->enabledGrantTypes as $grantType) {
            if (!$grantType->canRespondToAccessTokenRequest($request)) {
                continue;
            }
            $tokenResponse = $grantType->respondToAccessTokenRequest(
                $request,
                $this->newResponseType(),
                $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
            );

            if ($tokenResponse instanceof ResponseTypeInterface) {
                return $tokenResponse->generateHttpResponse($response);
            }
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * @param IntrospectionResponse $reponseType
     */
    public function setIntrospectionReponseType(IntrospectionResponse $reponseType)
    {
        $this->introspectionResponseType = $reponseType;
    }

    /**
     * @param IntrospectionValidatorInterface $introspectionValidator
     */
    public function setIntrospectionValidator(IntrospectionValidatorInterface $introspectionValidator)
    {
        $this->introspectionValidator = $introspectionValidator;
    }

    /**
     * Get the introspection response
     *
     * @return IntrospectionResponse
     */
    protected function getIntrospectionResponseType()
    {
        if ($this->introspectionResponseType instanceof IntrospectionResponse === false) {
            $this->introspectionResponseType = new BearerTokenIntrospectionResponse();
        }

        return $this->introspectionResponseType;
    }

    /**
     * Get the introspection response
     *
     * @return IntrospectionValidatorInterface
     */
    protected function getIntrospectionValidator()
    {
        if ($this->introspectionValidator instanceof IntrospectionValidatorInterface === false) {
            $this->introspectionValidator = new BearerTokenValidator($this->accessTokenRepository);
        }

        return $this->introspectionValidator;
    }

    /**
     * Return an introspection response.
     *
     * @param ServerRequestInterface $request
     * @param ResponseInterface      $response
     *
     * @return ResponseInterface
     */
    public function respondToIntrospectionRequest(ServerRequestInterface $request, ResponseInterface $response)
    {
        $introspector = $this->getIntrospector();

        $introspectionResponse = $introspector->respondToIntrospectionRequest(
            $request,
            $this->getIntrospectionResponseType()
        );

        return $introspectionResponse->generateHttpResponse($response);
    }

    /**
     * Validate an introspection request.
     *
     * @param ServerRequestInterface $request
     */
    public function validateIntrospectionRequest(ServerRequestInterface $request)
    {
        $introspector = $this->getIntrospector();
        $introspector->validateIntrospectionRequest($request);
    }

    /**
     * Returns the introspector.
     *
     * @return Introspector
     */
    private function getIntrospector()
    {
        if (!isset($this->introspector)) {
            $this->introspector = new Introspector(
                $this->accessTokenRepository,
                $this->privateKey,
                $this->getIntrospectionValidator()
            );
        }

        return $this->introspector;
    }

    /**
     * Get the token type that grants will return in the HTTP response.
     *
     * @return ResponseTypeInterface
     */
    protected function newResponseType()
    {
        return clone $this->responseTypePrototype;
    }

    /**
     * Set the default scope for the authorization server.
     *
     * @param string $defaultScope
     */
    public function setDefaultScope($defaultScope)
    {
        $this->defaultScope = $defaultScope;
    }
}


1		<?php
2		/**
3		* @author Alex Bilbie <[email protected]>
4		* @copyright Copyright (c) Alex Bilbie
5		* @license http://mit-license.org/
6		*
7		* @link https://github.com/thephpleague/oauth2-server
8		*/
9
10		namespace League\OAuth2\Server;
11
12		use Defuse\Crypto\Key;
13		use Lcobucci\JWT\Parser;
14		use League\Event\EmitterAwareInterface;
15		use League\Event\EmitterAwareTrait;
16		use League\OAuth2\Server\Exception\OAuthServerException;
17		use League\OAuth2\Server\Grant\GrantTypeInterface;
18		use League\OAuth2\Server\IntrospectionValidators\BearerTokenValidator;
19		use League\OAuth2\Server\IntrospectionValidators\IntrospectionValidatorInterface;
20		use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
21		use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
22		use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
23		use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
24		use League\OAuth2\Server\ResponseTypes\AbstractResponseType;
25		use League\OAuth2\Server\ResponseTypes\BearerTokenIntrospectionResponse;
26		use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
27		use League\OAuth2\Server\ResponseTypes\IntrospectionResponse;
28		use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
29		use Psr\Http\Message\ResponseInterface;
30		use Psr\Http\Message\ServerRequestInterface;
31
32		class AuthorizationServer implements EmitterAwareInterface
33		{
34		use EmitterAwareTrait;
35
36		/**
37		* @var GrantTypeInterface[]
38		*/
39		protected $enabledGrantTypes = [];
40
41		/**
42		* @var \DateInterval[]
43		*/
44		protected $grantTypeAccessTokenTTL = [];
45
46		/**
47		* @var CryptKey
48		*/
49		protected $privateKey;
50
51		/**
52		* @var CryptKey
53		*/
54		protected $publicKey;
55
56		/**
57		* @var ResponseTypeInterface
58		*/
59		protected $responseTypePrototype;
60
61		/**
62		* @var null\|IntrospectionResponse
63		*/
64		protected $introspectionResponseType;
65
66		/**
67		* @var null\|IntrospectionValidatorInterface
68		*/
69		protected $introspectionValidator;
70
71		/**
72		* @var null\|Introspector
73		*/
74		protected $introspector;
75
76		/**
77		* @var ClientRepositoryInterface
78		*/
79		private $clientRepository;
80
81		/**
82		* @var AccessTokenRepositoryInterface
83		*/
84		private $accessTokenRepository;
85
86		/**
87		* @var ScopeRepositoryInterface
88		*/
89		private $scopeRepository;
90
91		/**
92		* @var string\|Key
93		*/
94		private $encryptionKey;
95
96		/**
97		* @var string
98		*/
99		private $defaultScope = '';
100
101		/**
102		* New server instance.
103		*
104		* @param ClientRepositoryInterface $clientRepository
105		* @param AccessTokenRepositoryInterface $accessTokenRepository
106		* @param ScopeRepositoryInterface $scopeRepository
107		* @param CryptKey\|string $privateKey
108		* @param string\|Key $encryptionKey
109		* @param null\|ResponseTypeInterface $responseTypePrototype
110		*/
111	10	public function __construct(
112		ClientRepositoryInterface $clientRepository,
113		AccessTokenRepositoryInterface $accessTokenRepository,
114		ScopeRepositoryInterface $scopeRepository,
115		$privateKey,
116		$encryptionKey,
117		ResponseTypeInterface $responseTypePrototype = null
118		) {
119	10	$this->clientRepository = $clientRepository;
120	10	$this->accessTokenRepository = $accessTokenRepository;
121	10	$this->scopeRepository = $scopeRepository;
122
123	10	if ($privateKey instanceof CryptKey === false) {
124	10	$privateKey = new CryptKey($privateKey);
125		}
126
127	10	$this->privateKey = $privateKey;
128	10	$this->encryptionKey = $encryptionKey;
129
130	10	if ($responseTypePrototype === null) {
131	5	$responseTypePrototype = new BearerTokenResponse();
132		} else {
133	5	$responseTypePrototype = clone $responseTypePrototype;
134		}
135
136	10	if ($responseTypePrototype instanceof AbstractResponseType) {
137	10	$responseTypePrototype->setPrivateKey($this->privateKey);
138		}
139
140	10	$responseTypePrototype->setEncryptionKey($this->encryptionKey);
141
142	10	$this->responseTypePrototype = $responseTypePrototype;
143	10	}
144
145		/**
146		* Enable a grant type on the server.
147		*
148		* @param GrantTypeInterface $grantType
149		* @param null\|\DateInterval $accessTokenTTL
150		*/
151	7	public function enableGrantType(GrantTypeInterface $grantType, \DateInterval $accessTokenTTL = null)
152		{
153	7	if ($accessTokenTTL instanceof \DateInterval === false) {
154	4	$accessTokenTTL = new \DateInterval('PT1H');
155		}
156
157	7	$grantType->setAccessTokenRepository($this->accessTokenRepository);
158	7	$grantType->setClientRepository($this->clientRepository);
159	7	$grantType->setScopeRepository($this->scopeRepository);
160	7	$grantType->setDefaultScope($this->defaultScope);
161	7	$grantType->setPrivateKey($this->privateKey);
162	7	$grantType->setEmitter($this->getEmitter());
163	7	$grantType->setEncryptionKey($this->encryptionKey);
164
165	7	$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
166	7	$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
167	7	}
168
169		/**
170		* Validate an authorization request
171		*
172		* @param ServerRequestInterface $request
173		*
174		* @throws OAuthServerException
175		*
176		* @return AuthorizationRequest
177		*/
178	3	public function validateAuthorizationRequest(ServerRequestInterface $request)
179		{
180	3	foreach ($this->enabledGrantTypes as $grantType) {
181	2	if ($grantType->canRespondToAuthorizationRequest($request)) {
182	2	return $grantType->validateAuthorizationRequest($request);
183		}
184		}
185
186	1	throw OAuthServerException::unsupportedGrantType();
187		}
188
189		/**
190		* Complete an authorization request
191		*
192		* @param AuthorizationRequest $authRequest
193		* @param ResponseInterface $response
194		*
195		* @return ResponseInterface
196		*/
197	1	public function completeAuthorizationRequest(AuthorizationRequest $authRequest, ResponseInterface $response)
198		{
199	1	return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]
200	1	->completeAuthorizationRequest($authRequest)
201	1	->generateHttpResponse($response);
202		}
203
204		/**
205		* Return an access token response.
206		*
207		* @param ServerRequestInterface $request
208		* @param ResponseInterface $response
209		*
210		* @throws OAuthServerException
211		*
212		* @return ResponseInterface
213		*/
214	4	public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)
215		{
216	4	foreach ($this->enabledGrantTypes as $grantType) {
217	4	if (!$grantType->canRespondToAccessTokenRequest($request)) {
218	1	continue;
219		}
220	3	$tokenResponse = $grantType->respondToAccessTokenRequest(
221	3	$request,
222	3	$this->newResponseType(),
223	3	$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
224		);
225
226	2	if ($tokenResponse instanceof ResponseTypeInterface) {
227	2	return $tokenResponse->generateHttpResponse($response);
228		}
229		}
230
231	1	throw OAuthServerException::unsupportedGrantType();
232		}
233
234		/**
235		* @param IntrospectionResponse $reponseType
236		*/
237		public function setIntrospectionReponseType(IntrospectionResponse $reponseType)
238		{
239		$this->introspectionResponseType = $reponseType;
240		}
241
242		/**
243		* @param IntrospectionValidatorInterface $introspectionValidator
244		*/
245		public function setIntrospectionValidator(IntrospectionValidatorInterface $introspectionValidator)
246		{
247		$this->introspectionValidator = $introspectionValidator;
248		}
249
250		/**
251		* Get the introspection response
252		*
253		* @return IntrospectionResponse
254		*/
255		protected function getIntrospectionResponseType()
256		{
257		if ($this->introspectionResponseType instanceof IntrospectionResponse === false) {
258		$this->introspectionResponseType = new BearerTokenIntrospectionResponse();
259		}
260
261		return $this->introspectionResponseType;
262		}
263
264		/**
265		* Get the introspection response
266		*
267		* @return IntrospectionValidatorInterface
268		*/
269		protected function getIntrospectionValidator()
270		{
271		if ($this->introspectionValidator instanceof IntrospectionValidatorInterface === false) {
272		$this->introspectionValidator = new BearerTokenValidator($this->accessTokenRepository);
273		}
274
275		return $this->introspectionValidator;
276		}
277
278		/**
279		* Return an introspection response.
280		*
281		* @param ServerRequestInterface $request
282		* @param ResponseInterface $response
283		*
284		* @return ResponseInterface
285		*/
286		public function respondToIntrospectionRequest(ServerRequestInterface $request, ResponseInterface $response)
287		{
288		$introspector = $this->getIntrospector();
289
290		$introspectionResponse = $introspector->respondToIntrospectionRequest(
291		$request,
292		$this->getIntrospectionResponseType()
293		);
294
295		return $introspectionResponse->generateHttpResponse($response);
296		}
297
298		/**
299		* Validate an introspection request.
300		*
301		* @param ServerRequestInterface $request
302		*/
303		public function validateIntrospectionRequest(ServerRequestInterface $request)
304		{
305		$introspector = $this->getIntrospector();
306		$introspector->validateIntrospectionRequest($request);
307		}
308
309		/**
310		* Returns the introspector.
311		*
312		* @return Introspector
313		*/
314		private function getIntrospector()
315		{
316		if (!isset($this->introspector)) {
317		$this->introspector = new Introspector(
318		$this->accessTokenRepository,
319		$this->privateKey,
320		$this->getIntrospectionValidator()
321		);
322		}
323
324		return $this->introspector;
325		}
326
327		/**
328		* Get the token type that grants will return in the HTTP response.
329		*
330		* @return ResponseTypeInterface
331		*/
332	5	protected function newResponseType()
333		{
334	5	return clone $this->responseTypePrototype;
335		}
336
337		/**
338		* Set the default scope for the authorization server.
339		*
340		* @param string $defaultScope
341		*/
342	3	public function setDefaultScope($defaultScope)
343		{
344	3	$this->defaultScope = $defaultScope;
345	3	}
346		}
347

thephpleague / oauth2-server

Pull Request — master (#925)

AuthorizationServer A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

14 Methods

Duplication Side-by-Side

Filter issues like