Issues in AccessTokenTrait.php (master) - Issues in master - thephpleague/oauth2-server - Measure and Improve Code Quality continuously with Scrutinizer

Issues (58)

src/Entities/Traits/AccessTokenTrait.php (3 issues)

Labels

Severity

Minor 3

<?php

/**
 * @author      Alex Bilbie <[email protected]>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 *
 * @link        https://github.com/thephpleague/oauth2-server
 */

declare(strict_types=1);

namespace League\OAuth2\Server\Entities\Traits;

use DateTimeImmutable;
use Lcobucci\JWT\Configuration;
use Lcobucci\JWT\Signer\Key\InMemory;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use Lcobucci\JWT\Token;
use League\OAuth2\Server\CryptKeyInterface;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
use RuntimeException;

trait AccessTokenTrait
{
    private CryptKeyInterface $privateKey;

    private Configuration $jwtConfiguration;

    /**
     * Set the private key used to encrypt this access token.
     */
    public function setPrivateKey(CryptKeyInterface $privateKey): void
    {
        $this->privateKey = $privateKey;
    }

    /**
     * Initialise the JWT Configuration.
     */
    public function initJwtConfiguration(): void
    {
        $privateKeyContents = $this->privateKey->getKeyContents();

        if ($privateKeyContents === '') {
            throw new RuntimeException('Private key is empty');
        }

        $this->jwtConfiguration = Configuration::forAsymmetricSigner(
            new Sha256(),
            InMemory::plainText($privateKeyContents, $this->privateKey->getPassPhrase() ?? ''),
            InMemory::plainText('empty', 'empty')
        );
    }

    /**
     * Generate a JWT from the access token
     */
    private function convertToJWT(): Token
    {
        $this->initJwtConfiguration();

        return $this->jwtConfiguration->builder()
            ->permittedFor($this->getClient()->getIdentifier())
            ->identifiedBy($this->getIdentifier())
            ->issuedAt(new DateTimeImmutable())
            ->canOnlyBeUsedAfter(new DateTimeImmutable())
            ->expiresAt($this->getExpiryDateTime())
            ->relatedTo($this->getSubjectIdentifier())
            ->withClaim('scopes', $this->getScopes())
            ->getToken($this->jwtConfiguration->signer(), $this->jwtConfiguration->signingKey());
    }

    /**
     * Generate a string representation from the access token
     */
    public function toString(): string
    {
        return $this->convertToJWT()->toString();
    }

    abstract public function getClient(): ClientEntityInterface;

    abstract public function getExpiryDateTime(): DateTimeImmutable;

    /**
     * @return non-empty-string|null

     */
    abstract public function getUserIdentifier(): string|null;

    /**
     * @return ScopeEntityInterface[]
     */
    abstract public function getScopes(): array;

    /**
     * @return non-empty-string

     */
    abstract public function getIdentifier(): string;

    /**
     * @return non-empty-string

     */
    private function getSubjectIdentifier(): string
    {
        return $this->getUserIdentifier() ?? $this->getClient()->getIdentifier();
    }
}


1		<?php
2
3		/**
4		* @author Alex Bilbie <[email protected]>
5		* @copyright Copyright (c) Alex Bilbie
6		* @license http://mit-license.org/
7		*
8		* @link https://github.com/thephpleague/oauth2-server
9		*/
10
11		declare(strict_types=1);
12
13		namespace League\OAuth2\Server\Entities\Traits;
14
15		use DateTimeImmutable;
16		use Lcobucci\JWT\Configuration;
17		use Lcobucci\JWT\Signer\Key\InMemory;
18		use Lcobucci\JWT\Signer\Rsa\Sha256;
19		use Lcobucci\JWT\Token;
20		use League\OAuth2\Server\CryptKeyInterface;
21		use League\OAuth2\Server\Entities\ClientEntityInterface;
22		use League\OAuth2\Server\Entities\ScopeEntityInterface;
23		use RuntimeException;
24
25		trait AccessTokenTrait
26		{
27		private CryptKeyInterface $privateKey;
28
29		private Configuration $jwtConfiguration;
30
31		/**
32		* Set the private key used to encrypt this access token.
33		*/
34	35	public function setPrivateKey(CryptKeyInterface $privateKey): void
35		{
36	35	$this->privateKey = $privateKey;
37		}
38
39		/**
40		* Initialise the JWT Configuration.
41		*/
42	10	public function initJwtConfiguration(): void
43		{
44	10	$privateKeyContents = $this->privateKey->getKeyContents();
45
46	10	if ($privateKeyContents === '') {
47		throw new RuntimeException('Private key is empty');
48		}
49
50	10	$this->jwtConfiguration = Configuration::forAsymmetricSigner(
51	10	new Sha256(),
52	10	InMemory::plainText($privateKeyContents, $this->privateKey->getPassPhrase() ?? ''),
53	10	InMemory::plainText('empty', 'empty')
54	10	);
55		}
56
57		/**
58		* Generate a JWT from the access token
59		*/
60	10	private function convertToJWT(): Token
61		{
62	10	$this->initJwtConfiguration();
63
64	10	return $this->jwtConfiguration->builder()
65	10	->permittedFor($this->getClient()->getIdentifier())
66	10	->identifiedBy($this->getIdentifier())
67	10	->issuedAt(new DateTimeImmutable())
68	10	->canOnlyBeUsedAfter(new DateTimeImmutable())
69	10	->expiresAt($this->getExpiryDateTime())
70	10	->relatedTo($this->getSubjectIdentifier())
71	10	->withClaim('scopes', $this->getScopes())
72	10	->getToken($this->jwtConfiguration->signer(), $this->jwtConfiguration->signingKey());
73		}
74
75		/**
76		* Generate a string representation from the access token
77		*/
78	10	public function toString(): string
79		{
80	10	return $this->convertToJWT()->toString();
81		}
82
83		abstract public function getClient(): ClientEntityInterface;
84
85		abstract public function getExpiryDateTime(): DateTimeImmutable;
86
87		/**
88		* @return non-empty-string\|null
		0 ignored issues – show Documentation Bug introduced 2024-03-27 00:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc comment `non-empty-string\|null` at position `0` could not be parsed: Unknown type name 'non-empty-string' at position 0 in non-empty-string\|null. Loading history...
89		*/
90		abstract public function getUserIdentifier(): string\|null;
91
92		/**
93		* @return ScopeEntityInterface[]
94		*/
95		abstract public function getScopes(): array;
96
97		/**
98		* @return non-empty-string
		0 ignored issues – show Documentation Bug introduced 2024-03-27 00:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc comment `non-empty-string` at position `0` could not be parsed: Unknown type name 'non-empty-string' at position 0 in non-empty-string. Loading history...
99		*/
100		abstract public function getIdentifier(): string;
101
102		/**
103		* @return non-empty-string
		0 ignored issues – show Documentation Bug introduced 2024-03-27 00:04 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc comment `non-empty-string` at position `0` could not be parsed: Unknown type name 'non-empty-string' at position 0 in non-empty-string. Loading history...
104		*/
105	10	private function getSubjectIdentifier(): string
106		{
107	10	return $this->getUserIdentifier() ?? $this->getClient()->getIdentifier();
108		}
109		}
110

thephpleague / oauth2-server

Issues (58)

src/Entities/Traits/AccessTokenTrait.php (3 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like