AccessTokenTrait::setPrivateKey() - Code Metrics - Inspection of "Always validate auth code clients, even when publi..." - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#1036)

by Matt

created 2019-07-22 22:51 UTC

AccessTokenTrait::setPrivateKey() A

↳ Parent: AccessTokenTrait

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	3
CRAP Score	1

Importance

Changes

Metric	Value
dl	0
loc	4
rs	10
c	0
b	0
f	0
ccs	3
cts	3
cp	1
cc	1
nc	1
nop	1
crap	1

<?php
/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server\Entities\Traits;

use DateTimeImmutable;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use Lcobucci\JWT\Token;
use League\OAuth2\Server\CryptKey;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;

trait AccessTokenTrait
{
    /**
     * @var CryptKey
     */
    private $privateKey;

    /**
     * Set the private key used to encrypt this access token.
     */
    public function setPrivateKey(CryptKey $privateKey)
    {
        $this->privateKey = $privateKey;
    }

    /**
     * Generate a JWT from the access token
     *
     * @param CryptKey $privateKey
     *
     * @return Token
     */
    private function convertToJWT(CryptKey $privateKey)
    {
        return (new Builder())
            ->setAudience($this->getClient()->getIdentifier())
            ->setId($this->getIdentifier())
trait Idable {
    public function equalIds(Idable $other) {
        return $this->getId() === $other->getId();
    }
}
            ->setIssuedAt(time())
            ->setNotBefore(time())
            ->setExpiration($this->getExpiryDateTime()->getTimestamp())
            ->setSubject((string) $this->getUserIdentifier())
            ->set('scopes', $this->getScopes())
            ->sign(new Sha256(), new Key($privateKey->getKeyPath(), $privateKey->getPassPhrase()))
            ->getToken();
    }

    /**
     * Generate a string representation from the access token
     */
    public function __toString()
    {
        return (string) $this->convertToJWT($this->privateKey);
    }

    /**
     * @return ClientEntityInterface
     */
    abstract public function getClient();

    /**
     * @return DateTimeImmutable
     */
    abstract public function getExpiryDateTime();

    /**
     * @return string|int
     */
    abstract public function getUserIdentifier();

    /**
     * @return ScopeEntityInterface[]
     */
    abstract public function getScopes();
}


1		<?php
2		/**
3		* @author Alex Bilbie <[email protected]>
4		* @copyright Copyright (c) Alex Bilbie
5		* @license http://mit-license.org/
6		*
7		* @link https://github.com/thephpleague/oauth2-server
8		*/
9
10		namespace League\OAuth2\Server\Entities\Traits;
11
12		use DateTimeImmutable;
13		use Lcobucci\JWT\Builder;
14		use Lcobucci\JWT\Signer\Key;
15		use Lcobucci\JWT\Signer\Rsa\Sha256;
16		use Lcobucci\JWT\Token;
17		use League\OAuth2\Server\CryptKey;
18		use League\OAuth2\Server\Entities\ClientEntityInterface;
19		use League\OAuth2\Server\Entities\ScopeEntityInterface;
20
21		trait AccessTokenTrait
22		{
23		/**
24		* @var CryptKey
25		*/
26		private $privateKey;
27
28		/**
29		* Set the private key used to encrypt this access token.
30		*/
31	29	public function setPrivateKey(CryptKey $privateKey)
32		{
33	29	$this->privateKey = $privateKey;
34	29	}
35
36		/**
37		* Generate a JWT from the access token
38		*
39		* @param CryptKey $privateKey
40		*
41		* @return Token
42		*/
43	9	private function convertToJWT(CryptKey $privateKey)
44		{
45	9	return (new Builder())
46	9	->setAudience($this->getClient()->getIdentifier())
47	9	->setId($this->getIdentifier())
		0 ignored issues – show Bug introduced 2019-07-22 22:27 UTC by Report Bug Copy Issue Report It seems like `getIdentifier()` must be provided by classes using this trait. How about adding it as abstract method to this trait? This check looks for methods that are used by a trait but not required by it. To illustrate, let’s look at the following code example trait Idable { public function equalIds(Idable $other) { return $this->getId() === $other->getId(); } } The trait `Idable` provides a method `equalsId` that in turn relies on the method `getId()`. If this method does not exist on a class mixing in this trait, the method will fail. Adding the `getId()` as an abstract method to the trait will make sure it is available. Loading history...
48	9	->setIssuedAt(time())
49	9	->setNotBefore(time())
50	9	->setExpiration($this->getExpiryDateTime()->getTimestamp())
51	9	->setSubject((string) $this->getUserIdentifier())
52	9	->set('scopes', $this->getScopes())
53	9	->sign(new Sha256(), new Key($privateKey->getKeyPath(), $privateKey->getPassPhrase()))
54	9	->getToken();
55		}
56
57		/**
58		* Generate a string representation from the access token
59		*/
60	9	public function __toString()
61		{
62	9	return (string) $this->convertToJWT($this->privateKey);
63		}
64
65		/**
66		* @return ClientEntityInterface
67		*/
68		abstract public function getClient();
69
70		/**
71		* @return DateTimeImmutable
72		*/
73		abstract public function getExpiryDateTime();
74
75		/**
76		* @return string\|int
77		*/
78		abstract public function getUserIdentifier();
79
80		/**
81		* @return ScopeEntityInterface[]
82		*/
83		abstract public function getScopes();
84		}
85

thephpleague / oauth2-server

Pull Request — master (#1036)

AccessTokenTrait::setPrivateKey() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like