Issues in AccessTokenTrait.php (master) - Issues in master - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Issues (66)

src/Entities/Traits/AccessTokenTrait.php (4 issues)

Labels

Severity

<?php

/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

declare(strict_types=1);

namespace League\OAuth2\Server\Entities\Traits;

use DateTimeImmutable;
use Lcobucci\JWT\Configuration;
use Lcobucci\JWT\Signer\Key\InMemory;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use Lcobucci\JWT\Token;
use League\OAuth2\Server\CryptKeyInterface;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
use RuntimeException;
use SensitiveParameter;
filter:
    dependency_paths: ["lib/*"]

trait AccessTokenTrait
{
    private CryptKeyInterface $privateKey;

    private Configuration $jwtConfiguration;

    /**
     * Set the private key used to encrypt this access token.
     */
    public function setPrivateKey(
        #[SensitiveParameter]
        CryptKeyInterface $privateKey
    ): void {
        $this->privateKey = $privateKey;
    }

    /**
     * Initialise the JWT Configuration.
     */
    public function initJwtConfiguration(): void
    {
        $privateKeyContents = $this->privateKey->getKeyContents();

        if ($privateKeyContents === '') {
            throw new RuntimeException('Private key is empty');
        }

        $this->jwtConfiguration = Configuration::forAsymmetricSigner(
            new Sha256(),
            InMemory::plainText($privateKeyContents, $this->privateKey->getPassPhrase() ?? ''),
            InMemory::plainText('empty', 'empty')
        );
    }

    /**
     * Generate a JWT from the access token
     */
    private function convertToJWT(): Token
    {
        $this->initJwtConfiguration();

        return $this->jwtConfiguration->builder()
            ->permittedFor($this->getClient()->getIdentifier())
            ->identifiedBy($this->getIdentifier())
            ->issuedAt(new DateTimeImmutable())
            ->canOnlyBeUsedAfter(new DateTimeImmutable())
            ->expiresAt($this->getExpiryDateTime())
            ->relatedTo($this->getSubjectIdentifier())
            ->withClaim('scopes', $this->getScopes())
            ->getToken($this->jwtConfiguration->signer(), $this->jwtConfiguration->signingKey());
    }

    /**
     * Generate a string representation from the access token
     */
    public function toString(): string
    {
        return $this->convertToJWT()->toString();
    }

    abstract public function getClient(): ClientEntityInterface;

    abstract public function getExpiryDateTime(): DateTimeImmutable;

    /**
     * @return non-empty-string|null

     */
    abstract public function getUserIdentifier(): string|null;

    /**
     * @return ScopeEntityInterface[]
     */
    abstract public function getScopes(): array;

    /**
     * @return non-empty-string

     */
    abstract public function getIdentifier(): string;

    /**
     * @return non-empty-string

     */
    private function getSubjectIdentifier(): string
    {
        return $this->getUserIdentifier() ?? $this->getClient()->getIdentifier();
    }
}


1		<?php
2
3		/**
4		* @author Alex Bilbie <[email protected]>
5		* @copyright Copyright (c) Alex Bilbie
6		* @license http://mit-license.org/
7		*
8		* @link https://github.com/thephpleague/oauth2-server
9		*/
10
11		declare(strict_types=1);
12
13		namespace League\OAuth2\Server\Entities\Traits;
14
15		use DateTimeImmutable;
16		use Lcobucci\JWT\Configuration;
17		use Lcobucci\JWT\Signer\Key\InMemory;
18		use Lcobucci\JWT\Signer\Rsa\Sha256;
19		use Lcobucci\JWT\Token;
20		use League\OAuth2\Server\CryptKeyInterface;
21		use League\OAuth2\Server\Entities\ClientEntityInterface;
22		use League\OAuth2\Server\Entities\ScopeEntityInterface;
23		use RuntimeException;
24		use SensitiveParameter;
		0 ignored issues – show Bug introduced 2025-05-27 11:02 UTC by Report Bug Copy Issue Report Show Similar Issues like this The type `SensitiveParameter` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
25
26		trait AccessTokenTrait
27		{
28		private CryptKeyInterface $privateKey;
29
30		private Configuration $jwtConfiguration;
31
32		/**
33		* Set the private key used to encrypt this access token.
34		*/
35	35	public function setPrivateKey(
36		#[SensitiveParameter]
37		CryptKeyInterface $privateKey
38		): void {
39	35	$this->privateKey = $privateKey;
40		}
41
42		/**
43		* Initialise the JWT Configuration.
44		*/
45	10	public function initJwtConfiguration(): void
46		{
47	10	$privateKeyContents = $this->privateKey->getKeyContents();
48
49	10	if ($privateKeyContents === '') {
50		throw new RuntimeException('Private key is empty');
51		}
52
53	10	$this->jwtConfiguration = Configuration::forAsymmetricSigner(
54	10	new Sha256(),
55	10	InMemory::plainText($privateKeyContents, $this->privateKey->getPassPhrase() ?? ''),
56	10	InMemory::plainText('empty', 'empty')
57	10	);
58		}
59
60		/**
61		* Generate a JWT from the access token
62		*/
63	10	private function convertToJWT(): Token
64		{
65	10	$this->initJwtConfiguration();
66
67	10	return $this->jwtConfiguration->builder()
68	10	->permittedFor($this->getClient()->getIdentifier())
69	10	->identifiedBy($this->getIdentifier())
70	10	->issuedAt(new DateTimeImmutable())
71	10	->canOnlyBeUsedAfter(new DateTimeImmutable())
72	10	->expiresAt($this->getExpiryDateTime())
73	10	->relatedTo($this->getSubjectIdentifier())
74	10	->withClaim('scopes', $this->getScopes())
75	10	->getToken($this->jwtConfiguration->signer(), $this->jwtConfiguration->signingKey());
76		}
77
78		/**
79		* Generate a string representation from the access token
80		*/
81	10	public function toString(): string
82		{
83	10	return $this->convertToJWT()->toString();
84		}
85
86		abstract public function getClient(): ClientEntityInterface;
87
88		abstract public function getExpiryDateTime(): DateTimeImmutable;
89
90		/**
91		* @return non-empty-string\|null
		0 ignored issues – show Documentation Bug introduced 2024-03-27 00:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc comment `non-empty-string\|null` at position `0` could not be parsed: Unknown type name 'non-empty-string' at position 0 in non-empty-string\|null. Loading history...
92		*/
93		abstract public function getUserIdentifier(): string\|null;
94
95		/**
96		* @return ScopeEntityInterface[]
97		*/
98		abstract public function getScopes(): array;
99
100		/**
101		* @return non-empty-string
		0 ignored issues – show Documentation Bug introduced 2024-03-27 00:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc comment `non-empty-string` at position `0` could not be parsed: Unknown type name 'non-empty-string' at position 0 in non-empty-string. Loading history...
102		*/
103		abstract public function getIdentifier(): string;
104
105		/**
106		* @return non-empty-string
		0 ignored issues – show Documentation Bug introduced 2024-03-27 00:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc comment `non-empty-string` at position `0` could not be parsed: Unknown type name 'non-empty-string' at position 0 in non-empty-string. Loading history...
107		*/
108	10	private function getSubjectIdentifier(): string
109		{
110	10	return $this->getUserIdentifier() ?? $this->getClient()->getIdentifier();
111		}
112		}
113

thephpleague / oauth2-server

Issues (66)

src/Entities/Traits/AccessTokenTrait.php (4 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like