These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | declare(strict_types=1); |
||
4 | |||
5 | /* |
||
6 | * The MIT License (MIT) |
||
7 | * |
||
8 | * Copyright (c) 2014-2019 Spomky-Labs |
||
9 | * |
||
10 | * This software may be modified and distributed under the terms |
||
11 | * of the MIT license. See the LICENSE file for details. |
||
12 | */ |
||
13 | |||
14 | namespace Jose\Component\Signature\Serializer; |
||
15 | |||
16 | use Base64Url\Base64Url; |
||
17 | use InvalidArgumentException; |
||
18 | use Jose\Component\Core\Util\JsonConverter; |
||
19 | use Jose\Component\Signature\JWS; |
||
20 | |||
21 | final class JSONFlattenedSerializer extends Serializer |
||
22 | { |
||
23 | public const NAME = 'jws_json_flattened'; |
||
24 | |||
25 | public function displayName(): string |
||
26 | { |
||
27 | return 'JWS JSON Flattened'; |
||
28 | } |
||
29 | |||
30 | public function name(): string |
||
31 | { |
||
32 | return self::NAME; |
||
33 | } |
||
34 | |||
35 | public function serialize(JWS $jws, ?int $signatureIndex = null): string |
||
36 | { |
||
37 | if (null === $signatureIndex) { |
||
38 | $signatureIndex = 0; |
||
39 | } |
||
40 | $signature = $jws->getSignature($signatureIndex); |
||
41 | |||
42 | $data = []; |
||
43 | $values = [ |
||
0 ignored issues
–
show
|
|||
44 | 'payload' => $jws->getEncodedPayload(), |
||
45 | 'protected' => $signature->getEncodedProtectedHeader(), |
||
46 | 'header' => $signature->getHeader(), |
||
47 | ]; |
||
48 | $encodedPayload = $jws->getEncodedPayload(); |
||
49 | if (null !== $encodedPayload && '' !== $encodedPayload) { |
||
50 | $data['payload'] = $encodedPayload; |
||
51 | } |
||
52 | $encodedProtectedHeader = $signature->getEncodedProtectedHeader(); |
||
53 | if (null !== $encodedProtectedHeader && '' !== $encodedProtectedHeader) { |
||
54 | $data['protected'] = $encodedProtectedHeader; |
||
55 | } |
||
56 | $header = $signature->getHeader(); |
||
57 | if (0 !== \count($header)) { |
||
58 | $data['header'] = $header; |
||
59 | } |
||
60 | $data['signature'] = Base64Url::encode($signature->getSignature()); |
||
61 | |||
62 | return JsonConverter::encode($data); |
||
63 | } |
||
64 | |||
65 | public function unserialize(string $input): JWS |
||
66 | { |
||
67 | $data = JsonConverter::decode($input); |
||
68 | if (!\is_array($data)) { |
||
69 | throw new InvalidArgumentException('Unsupported input.'); |
||
70 | } |
||
71 | if (!isset($data['signature'])) { |
||
72 | throw new InvalidArgumentException('Unsupported input.'); |
||
73 | } |
||
74 | $signature = Base64Url::decode($data['signature']); |
||
75 | |||
76 | if (isset($data['protected'])) { |
||
77 | $encodedProtectedHeader = $data['protected']; |
||
78 | $protectedHeader = JsonConverter::decode(Base64Url::decode($data['protected'])); |
||
79 | } else { |
||
80 | $encodedProtectedHeader = null; |
||
81 | $protectedHeader = []; |
||
82 | } |
||
83 | if (isset($data['header'])) { |
||
84 | if (!\is_array($data['header'])) { |
||
85 | throw new InvalidArgumentException('Bad header.'); |
||
86 | } |
||
87 | $header = $data['header']; |
||
88 | } else { |
||
89 | $header = []; |
||
90 | } |
||
91 | |||
92 | if (isset($data['payload'])) { |
||
93 | $encodedPayload = $data['payload']; |
||
94 | $payload = $this->isPayloadEncoded($protectedHeader) ? Base64Url::decode($encodedPayload) : $encodedPayload; |
||
95 | } else { |
||
96 | $payload = null; |
||
97 | $encodedPayload = null; |
||
98 | } |
||
99 | |||
100 | $jws = new JWS($payload, $encodedPayload, null === $encodedPayload); |
||
101 | |||
102 | return $jws->addSignature($signature, $protectedHeader, $encodedProtectedHeader, $header); |
||
103 | } |
||
104 | } |
||
105 |
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.
Both the
$myVar
assignment in line 1 and the$higher
assignment in line 2 are dead. The first because$myVar
is never used and the second because$higher
is always overwritten for every possible time line.