JwtGuard - Code Metrics - Inspection of "Add missing packages and refresh token function" - wisoot/jwt-guard - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( a68e04...120cb2 )

by Wisoot

created 2016-04-08 01:06 UTC

JwtGuard B

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	404
Duplicated Lines	12.87 %

Coupling/Cohesion

Components	1
Dependencies	8

Importance

Changes	9
Bugs	1	Features	3

Metric	Value
wmc	44
c	9
b	1
f	3
lcom	1
cbo	8
dl	52
loc	404
rs	8.3396

22 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	9	1
B	user()	0	25	5
A	getPayloadOfToken()	0	4	1
A	getUserByPayload()	0	4	1
A	userHasToken()	0	4	1
A	removeUserToken()	0	4	1
A	validate()	0	4	1
A	attempt()	0	19	3
A	hasValidCredentials()	0	4	2
A	fireAttemptEvent()	0	8	2
A	attempting()	0	6	2
A	login()	0	13	1
A	generateTokenForUserId()	0	8	1
A	refreshTokenForUser()	0	10	1
A	fireLoginEvent()	0	6	2
A	loginUsingId()	0	6	1
B	logout()	26	26	5
B	logoutAll()	26	26	5
A	refreshToken()	0	21	4
A	setToken()	0	4	1
A	getToken()	0	4	1
A	getBearerToken()	0	8	2

How to fix Duplicated Code Complexity

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

If you have the same expression in different places: Extract expression to a method
If you have the same method in different sub-classes: Extract method, and pull up field to the parent class
If you have the same code in unrelated classes: Consider extracting the code to a new class, and injecting that class

Complex Class

Tip: Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like JwtGuard often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

While breaking up the class, it is a good idea to analyze how other classes use JwtGuard, and based on these observations, apply Extract Interface, too.

<?php

namespace WWON\JwtGuard;

use Illuminate\Auth\Events\Attempting;
use Illuminate\Auth\Events\Login;
use Illuminate\Auth\Events\Logout;
use Illuminate\Auth\GuardHelpers;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Contracts\Auth\UserProvider;
use Illuminate\Http\Request;
use Illuminate\Session\TokenMismatchException;
use Tymon\JWTAuth\Exceptions\JWTException;
use Tymon\JWTAuth\Payload;

class JwtGuard implements Guard
{

    use GuardHelpers;

    /**
     * @var string
     */
    protected $token;

    /**
     * @var TokenManager
     */
    protected $tokenManager;

    /**
     * @var Request
     */
    protected $request;

    /**
     * Indicates if the logout method has been called.
     *
     * @var bool
     */
    protected $loggedOut = false;

    /**
     * JwtGuard constructor
     *
     * @param UserProvider $provider
     * @param TokenManager $tokenManager
     * @param Request|null $request
     */
    public function __construct(
        UserProvider $provider,
        TokenManager $tokenManager,
        Request $request = null
    ) {
        $this->provider = $provider;
        $this->tokenManager = $tokenManager;
        $this->request = $request;
    }

    /**
     * Get the currently authenticated user.
     *
     * @return \Illuminate\Contracts\Auth\Authenticatable|null
     */
    public function user()
    {
        // If we've already retrieved the user for the current request we can just
        // return it back immediately. We do not want to fetch the user data on
        // every call to this method because that would be tremendously slow.
        if ($this->user) {
            return $this->user;
        }

        if (!$token = $this->getBearerToken()) {
            return $this->user = null;
        }

        try {
            $payload = $this->getPayloadOfToken($token);
            $user = $this->getUserByPayload($payload);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

            $this->user = $this->userHasToken($user, $payload) ? $user : null;
/** @return stdClass|null */
function mayReturnNull() { }

function doesNotAcceptNull(stdClass $x) { }

// With potential error.
function withoutCheck() {
    $x = mayReturnNull();
    doesNotAcceptNull($x); // Potential error here.
}

// Safe - Alternative 1
function withCheck1() {
    $x = mayReturnNull();
    if ( ! $x instanceof stdClass) {
        throw new \LogicException('$x must be defined.');
    }
    doesNotAcceptNull($x);
}

// Safe - Alternative 2
function withCheck2() {
    $x = mayReturnNull();
    if ($x instanceof stdClass) {
        doesNotAcceptNull($x);
    }
}

        } catch (JWTException $e) {
            $this->user = null;
        }

        return $this->user;
    }

    /**
     * Retrieve the payload of the given token.
     *
     * @param string $token
     * @return array
     */
    protected function getPayloadOfToken($token)
    {
        return app('tymon.jwt.auth')->setToken($token)->getPayload();
    }

    /**
     * Retrieve the user by the given payload.
     *
     * @param Payload $payload
     * @return AuthenticatableContract|null
     */
    protected function getUserByPayload(Payload $payload)
    {
        return $this->provider->retrieveById($payload['sub']);
    }

    /**
     * Determine whether the user has a token attached.
     *
     * @param \Illuminate\Contracts\Auth\Authenticatable $user
     * @param Payload $payload
     * @return bool
     */
    protected function userHasToken($user, Payload $payload)
    {
        return $this->tokenManager->check($user->getAuthIdentifier(), $payload['jti']);
    }

    /**
     * Remove given token from the given user
     * 
     * @param $user
     * @param Payload $payload
     */
    protected function removeUserToken($user, Payload $payload)
    {
        $this->tokenManager->remove($user->getAuthIdentifier(), $payload['jti']);
    }

    /**
     * Validate a user's credentials.
     *
     * @param array $credentials
     * @return bool
     */
    public function validate(array $credentials = [])
    {
        return $this->attempt($credentials, false);
    }

    /**
     * Attempt to authenticate a user using the given credentials.
     *
     * @param array $credentials
     * @param bool $login
     * @return bool
     */
    public function attempt(array $credentials = [], $login = true)
    {
        $this->fireAttemptEvent($credentials, $login);

        $this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);
class MyClass { }

$x = new MyClass();
$x->foo = true;

        // If an implementation of UserInterface was returned, we'll ask the provider
        // to validate the user against the given credentials, and if they are in
        // fact valid we'll log the users into the application and return true.
        if ($this->hasValidCredentials($user, $credentials)) {
            if ($login) {
                $this->login($user);
/** @return stdClass|null */
function mayReturnNull() { }

function doesNotAcceptNull(stdClass $x) { }

// With potential error.
function withoutCheck() {
    $x = mayReturnNull();
    doesNotAcceptNull($x); // Potential error here.
}

// Safe - Alternative 1
function withCheck1() {
    $x = mayReturnNull();
    if ( ! $x instanceof stdClass) {
        throw new \LogicException('$x must be defined.');
    }
    doesNotAcceptNull($x);
}

// Safe - Alternative 2
function withCheck2() {
    $x = mayReturnNull();
    if ($x instanceof stdClass) {
        doesNotAcceptNull($x);
    }
}
            }

            return true;
        }

        return false;
    }

    /**
     * Determine if the user matches the credentials.
     *
     * @param mixed $user
     * @param array $credentials
     * @return bool
     */
    protected function hasValidCredentials($user, $credentials)
    {
        return ! is_null($user) && $this->provider->validateCredentials($user, $credentials);
    }

    /**
     * Fire the attempt event with the arguments.
     *
     * @param array $credentials
     * @param bool $login
     * @return void
     */
    protected function fireAttemptEvent(array $credentials, $login)
    {
        if (isset($this->events)) {
            $this->events->fire(new Attempting(
class MyClass { }

$x = new MyClass();
$x->foo = true;
                $credentials, false, $login
            ));
        }
    }

    /**
     * Register an authentication attempt event listener.
     *
     * @param mixed $callback
     * @return void
     */
    public function attempting($callback)
    {
        if (isset($this->events)) {
            $this->events->listen(Attempting::class, $callback);
        }
    }

    /**
     * Log a user into the application.
     *
     * @param \Illuminate\Contracts\Auth\Authenticatable $user
     * @return void
     */
    public function login(AuthenticatableContract $user)
    {
        $userId = $user->getAuthIdentifier();
        $token = $this->generateTokenForUserId($userId);

        // If we have an event dispatcher instance set we will fire an event so that
        // any listeners will hook into the authentication events and run actions
        // based on the login and logout events fired from the guard instances.
        $this->fireLoginEvent($user);

        $this->setToken($token);
        $this->setUser($user);
    }

    /**
     * generateTokenForUser method
     *
     * @param int $userId
     * @return string
     */
    protected function generateTokenForUserId($userId)
    {
        $payload = app('tymon.jwt.payload.factory')->make(['sub' => $userId]);
        $token = app('tymon.jwt.auth')->encode($payload);
        $this->tokenManager->add($userId, $payload['jti']);

        return $token->get();
    }

    /**
     * generateTokenForUser method
     *
     * @param string $token
     * @return string
     */
    protected function refreshTokenForUser($token)
    {
        $newToken = app('tymon.jwt.auth')->refresh($token);
        $payload = $this->getPayloadOfToken($newToken);
        $user = $this->getUserByPayload($payload);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

        $this->tokenManager->add($user->getAuthIdentifier(), $payload['jti']);

        return $newToken;
    }

    /**
     * Fire the login event if the dispatcher is set.
     *
     * @param \Illuminate\Contracts\Auth\Authenticatable $user
     * @param bool  $remember
     * @return void
     */
    protected function fireLoginEvent($user, $remember = false)
    {
        if (isset($this->events)) {
            $this->events->fire(new Login($user, $remember));
        }
    }

    /**
     * Log the given user ID into the application.
     *
     * @param mixed $id
     * @return \Illuminate\Contracts\Auth\Authenticatable
     */
    public function loginUsingId($id)
    {
        $this->login($user = $this->provider->retrieveById($id));
/** @return stdClass|null */
function mayReturnNull() { }

function doesNotAcceptNull(stdClass $x) { }

// With potential error.
function withoutCheck() {
    $x = mayReturnNull();
    doesNotAcceptNull($x); // Potential error here.
}

// Safe - Alternative 1
function withCheck1() {
    $x = mayReturnNull();
    if ( ! $x instanceof stdClass) {
        throw new \LogicException('$x must be defined.');
    }
    doesNotAcceptNull($x);
}

// Safe - Alternative 2
function withCheck2() {
    $x = mayReturnNull();
    if ($x instanceof stdClass) {
        doesNotAcceptNull($x);
    }
}

        return $user;
    }

    /**
     * Log the user out of the application.
     *
     * @return void
     */
    public function logout()

    {
        if (!$token = $this->getBearerToken()) {
            return;
        }

        try {
            $payload = $this->getPayloadOfToken($token);

            if ($user = $this->getUserByPayload($payload)) {
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
                $this->tokenManager->remove($user->getAuthIdentifier(), $payload['jti']);
            }

        } catch (TokenMismatchException $e) { }


        if (isset($this->events)) {
            $this->events->fire(new Logout($this->user));
        }

        // Once we have fired the logout event we will clear the users out of memory
        // so they are no longer available as the user is no longer considered as
        // being signed into this application and should not be available here.
        $this->user = null;
        $this->token = null;
        $this->loggedOut = true;
    }

    /**
     * log this user out from every token
     *
     * @return void
     */
    public function logoutAll()

    {
        if (!$token = $this->getBearerToken()) {
            return;
        }

        try {
            $payload = $this->getPayloadOfToken($token);

            if ($user = $this->getUserByPayload($payload)) {
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
                $this->tokenManager->removeAll($user->getAuthIdentifier());
            }

        } catch (TokenMismatchException $e) { }


        if (isset($this->events)) {
            $this->events->fire(new Logout($this->user));
        }

        // Once we have fired the logout event we will clear the users out of memory
        // so they are no longer available as the user is no longer considered as
        // being signed into this application and should not be available here.
        $this->user = null;
        $this->token = null;
        $this->loggedOut = true;
    }

    /**
     * Refresh user token
     *
     * @return string|null
     */
    public function refreshToken()
    {
        if (!$token = $this->getBearerToken()) {
            return null;
        }

        try {
            $payload = $this->getPayloadOfToken($token);
            $user = $this->getUserByPayload($payload);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

            $user = $this->userHasToken($user, $payload) ? $user : null;
/** @return stdClass|null */
function mayReturnNull() { }

function doesNotAcceptNull(stdClass $x) { }

// With potential error.
function withoutCheck() {
    $x = mayReturnNull();
    doesNotAcceptNull($x); // Potential error here.
}

// Safe - Alternative 1
function withCheck1() {
    $x = mayReturnNull();
    if ( ! $x instanceof stdClass) {
        throw new \LogicException('$x must be defined.');
    }
    doesNotAcceptNull($x);
}

// Safe - Alternative 2
function withCheck2() {
    $x = mayReturnNull();
    if ($x instanceof stdClass) {
        doesNotAcceptNull($x);
    }
}
            $this->removeUserToken($user, $payload);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

            $this->token = $this->refreshTokenForUser($token);

        } catch (JWTException $e) {
            return null;
        }

        return $this->token;
    }

    /**
     * setToken method
     *
     * @param string $token
     */
    public function setToken($token)
    {
        $this->token = $token;
    }

    /**
     * getToken method
     *
     * @return null|string
     */
    public function getToken()
    {
        return $this->token;
    }

    /**
     * getBearerToken method
     *
     * @return string|null
     */
    protected function getBearerToken()
    {
        $header = $this->request->header('Authorization', '');

        if (starts_with(strtolower($header), 'bearer ')) {
            return mb_substr($header, 7, null, 'UTF-8');
        }
    }

}

wisoot / jwt-guard