PrivateKeyJwt - Code Metrics - thomasvargiu/php-openid-client - Measure and Improve Code Quality continuously with Scrutinizer

PrivateKeyJwt A
last analyzed 2019-07-22 14:09 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	74
Duplicated Lines	0 %

Test Coverage

Coverage

96.67%

Importance

Changes

Metric	Value
eloc	30
c	0
b	0
f	0
dl	0
loc	74
ccs	29
cts	30
cp	0.9667
rs	10
wmc	7

3 Methods

Rating	Name	Size	Complexity
A	__construct()	10	3
A	createAuthJwt()	35	3
A	getSupportedMethod()	3	1

<?php

declare(strict_types=1);

namespace TMV\OpenIdClient\AuthMethod;

use function array_merge;
use Jose\Component\Core\AlgorithmManager;
use Jose\Component\Core\JWK;
use Jose\Component\Signature\Algorithm\RS256;
use Jose\Component\Signature\JWSBuilder;
use Jose\Component\Signature\Serializer\CompactSerializer;
use Jose\Component\Signature\Serializer\JWSSerializer;
use function json_encode;
use function random_bytes;
use function time;
use function TMV\OpenIdClient\base64url_encode;
use TMV\OpenIdClient\Client\ClientInterface as OpenIDClient;
use TMV\OpenIdClient\Exception\RuntimeException;

final class PrivateKeyJwt extends AbstractJwtAuth
{
    /** @var JWSBuilder */
    private $jwsBuilder;

    /** @var JWSSerializer */
    private $jwsSerializer;

    /** @var null|JWK */
    private $jwk;

    /** @var int */
    private $tokenTTL;

    /**
     * PrivateKeyJwt constructor.
     *
     * @param null|JWSBuilder $jwsBuilder
     * @param null|JWSSerializer $serializer
     * @param null|JWK $jwk
     * @param int $tokenTTL
     */
    public function __construct(
        ?JWSBuilder $jwsBuilder = null,
        ?JWSSerializer $serializer = null,
        ?JWK $jwk = null,
        int $tokenTTL = 60
    ) {
        $this->jwsBuilder = $jwsBuilder ?: new JWSBuilder(new AlgorithmManager([new RS256()]));
        $this->jwsSerializer = $serializer ?: new CompactSerializer();
        $this->jwk = $jwk;
        $this->tokenTTL = $tokenTTL;
    }

    public function getSupportedMethod(): string
    {
        return 'private_key_jwt';
    }

    protected function createAuthJwt(OpenIDClient $client, array $claims = []): string
    {
        $issuer = $client->getIssuer();
        $issuerMetadata = $issuer->getMetadata();

        $clientId = $client->getMetadata()->getClientId();

        $jwk = $this->jwk ?: $client->getJwks()->selectKey('sig');

        if (null === $jwk) {
            throw new RuntimeException('Unable to get a client signature jwk');
        }

        $time = time();
        $jti = base64url_encode(random_bytes(32));

        /** @var string $payload */
        $payload = json_encode(array_merge(
            $claims,
            [
                'iss' => $clientId,
                'sub' => $clientId,
                'aud' => $issuerMetadata->getIssuer(),
                'iat' => $time,
                'exp' => $time + $this->tokenTTL,
                'jti' => $jti,
            ]
        ));

        $jws = $this->jwsBuilder->create()
            ->withPayload($payload)
            ->addSignature($jwk, ['alg' => $jwk->get('alg'), 'jti' => $jti])
            ->build();

        return $this->jwsSerializer->serialize($jws, 0);
    }
}


1		<?php
2
3		declare(strict_types=1);
4
5		namespace TMV\OpenIdClient\AuthMethod;
6
7		use function array_merge;
8		use Jose\Component\Core\AlgorithmManager;
9		use Jose\Component\Core\JWK;
10		use Jose\Component\Signature\Algorithm\RS256;
11		use Jose\Component\Signature\JWSBuilder;
12		use Jose\Component\Signature\Serializer\CompactSerializer;
13		use Jose\Component\Signature\Serializer\JWSSerializer;
14		use function json_encode;
15		use function random_bytes;
16		use function time;
17		use function TMV\OpenIdClient\base64url_encode;
18		use TMV\OpenIdClient\Client\ClientInterface as OpenIDClient;
19		use TMV\OpenIdClient\Exception\RuntimeException;
20
21		final class PrivateKeyJwt extends AbstractJwtAuth
22		{
23		/** @var JWSBuilder */
24		private $jwsBuilder;
25
26		/** @var JWSSerializer */
27		private $jwsSerializer;
28
29		/** @var null\|JWK */
30		private $jwk;
31
32		/** @var int */
33		private $tokenTTL;
34
35		/**
36		* PrivateKeyJwt constructor.
37		*
38		* @param null\|JWSBuilder $jwsBuilder
39		* @param null\|JWSSerializer $serializer
40		* @param null\|JWK $jwk
41		* @param int $tokenTTL
42		*/
43	4	public function __construct(
44		?JWSBuilder $jwsBuilder = null,
45		?JWSSerializer $serializer = null,
46		?JWK $jwk = null,
47		int $tokenTTL = 60
48		) {
49	4	$this->jwsBuilder = $jwsBuilder ?: new JWSBuilder(new AlgorithmManager([new RS256()]));
50	4	$this->jwsSerializer = $serializer ?: new CompactSerializer();
51	4	$this->jwk = $jwk;
52	4	$this->tokenTTL = $tokenTTL;
53	4	}
54
55	2	public function getSupportedMethod(): string
56		{
57	2	return 'private_key_jwt';
58		}
59
60	2	protected function createAuthJwt(OpenIDClient $client, array $claims = []): string
61		{
62	2	$issuer = $client->getIssuer();
63	2	$issuerMetadata = $issuer->getMetadata();
64
65	2	$clientId = $client->getMetadata()->getClientId();
66
67	2	$jwk = $this->jwk ?: $client->getJwks()->selectKey('sig');
68
69	2	if (null === $jwk) {
70		throw new RuntimeException('Unable to get a client signature jwk');
71		}
72
73	2	$time = time();
74	2	$jti = base64url_encode(random_bytes(32));
75
76		/** @var string $payload */
77	2	$payload = json_encode(array_merge(
78	2	$claims,
79		[
80	2	'iss' => $clientId,
81	2	'sub' => $clientId,
82	2	'aud' => $issuerMetadata->getIssuer(),
83	2	'iat' => $time,
84	2	'exp' => $time + $this->tokenTTL,
85	2	'jti' => $jti,
86		]
87		));
88
89	2	$jws = $this->jwsBuilder->create()
90	2	->withPayload($payload)
91	2	->addSignature($jwk, ['alg' => $jwk->get('alg'), 'jti' => $jti])
92	2	->build();
93
94	2	return $this->jwsSerializer->serialize($jws, 0);
95		}
96		}
97

thomasvargiu / php-openid-client

PrivateKeyJwt A last analyzed 2019-07-22 14:09 UTC

Complexity

Size/Duplication

Test Coverage

Importance

3 Methods

Duplication Side-by-Side

Filter issues like

PrivateKeyJwt A
last analyzed 2019-07-22 14:09 UTC