JwtGuard - Code Metrics - Inspection of "Add feature to detect the present of the token" - wisoot/jwt-guard - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( d11ec8...35a198 )

by Wisoot

created 2016-05-19 00:34 UTC

JwtGuard B

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	427
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	11

Importance

Changes	15
Bugs	1	Features	5

Metric	Value
wmc	45
c	15
b	1
f	5
lcom	1
cbo	11
dl	0
loc	427
rs	8.3673

23 Methods

Rating	Name	Size	Complexity
A	__construct()	9	1
B	user()	26	5
A	getUserByToken()	11	3
A	validate()	4	1
B	attempt()	23	4
A	hasValidCredentials()	4	2
A	fireAttemptEvent()	8	2
A	attempting()	6	2
A	login()	18	1
A	refreshTokenForUser()	10	2
A	fireLoginEvent()	6	2
A	loginUsingId()	12	2
A	logout()	14	3
A	logoutAll()	17	3
A	logoutCurrentUser()	13	2
A	refreshToken()	10	2
A	getDispatcher()	4	1
A	setDispatcher()	4	1
A	setToken()	4	1
A	getToken()	4	1
A	isTokenRefreshable()	4	1
A	isTokenPresent()	4	1
A	getBearerToken()	10	2

How to fix Complexity

<?php

namespace WWON\JwtGuard;

use Illuminate\Auth\Events\Attempting;
use Illuminate\Auth\Events\Login;
use Illuminate\Auth\Events\Logout;
use Illuminate\Auth\GuardHelpers;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Contracts\Auth\UserProvider;
use Illuminate\Contracts\Events\Dispatcher;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Config;
use WWON\JwtGuard\Exceptions\Exception;
use WWON\JwtGuard\Exceptions\InaccessibleException;
use WWON\JwtGuard\Exceptions\InvalidTokenException;
use WWON\JwtGuard\Exceptions\MalformedException;
use WWON\JwtGuard\Exceptions\TokenExpiredException;

class JwtGuard implements Guard
{

    use GuardHelpers;

    /**
     * @var string
     */
    protected $token;

    /**
     * @var bool
     */
    protected $isTokenRefreshable = false;

    /**
     * @var bool
     */
    protected $isTokenPresent = false;

    /**
     * @var JwtService
     */
    protected $jwtService;

    /**
     * @var Request
     */
    protected $request;

    /**
     * The event dispatcher instance.
     *
     * @var Dispatcher
     */
    protected $events;

    /**
     * Indicates if the logout method has been called.
     *
     * @var bool
     */
    protected $loggedOut = false;

    /**
     * JwtGuard constructor
     *
     * @param UserProvider $provider
     * @param JwtService $jwtService
     * @param Request|null $request
     */
    public function __construct(
        UserProvider $provider,
        JwtService $jwtService,
        Request $request = null
    ) {
        $this->provider = $provider;
        $this->jwtService = $jwtService;
        $this->request = $request;
    }

    /**
     * Get the currently authenticated user.
     *
     * @return \Illuminate\Contracts\Auth\Authenticatable|null
     */
    public function user()
    {
        // If we've already retrieved the user for the current request we can just
        // return it back immediately. We do not want to fetch the user data on
        // every call to this method because that would be tremendously slow.
        if ($this->user) {
            return $this->user;
        }

        if (!$token = $this->getBearerToken()) {
            return $this->user = null;
        }

        $this->isTokenPresent = true;

        try {
            $this->user = $this->getUserByToken($token);
        } catch (InaccessibleException $e) {
            $this->isTokenRefreshable = true;
            $this->user = null;
        } catch (Exception $e) {
            $this->user = null;
        }

        return $this->user;
    }

    /**
     * Retrieve the user by the given payload.
     *
     * @param string $token
     * @return AuthenticatableContract|null
     * @throws InaccessibleException
     * @throws MalformedException
     * @throws TokenExpiredException
     * @throws InvalidTokenException
     */
    protected function getUserByToken($token)
    {
        $claim = $this->jwtService->getClaimFromToken($token);
        $user = $this->provider->retrieveById($claim->sub);

        if (!empty($user) && get_class($user) !== $claim->aud) {
            throw new InvalidTokenException;
        }

        return $user;
    }

    /**
     * Validate a user's credentials.
     *
     * @param array $credentials
     * @return bool
     */
    public function validate(array $credentials = [])
    {
        return $this->attempt($credentials, false);
    }

    /**
     * Attempt to authenticate a user using the given credentials.
     *
     * @param array $credentials
     * @param bool $login
     * @return bool
     */
    public function attempt(array $credentials = [], $login = true)
    {
        $this->fireAttemptEvent($credentials, $login);

        $user = $this->provider->retrieveByCredentials($credentials);

        if (empty($user)) {
            return false;
        }

        // If an implementation of UserInterface was returned, we'll ask the provider
        // to validate the user against the given credentials, and if they are in
        // fact valid we'll log the users into the application and return true.
        if ($this->hasValidCredentials($user, $credentials)) {
            if ($login) {
                $this->login($user);
            }

            return true;
        }

        return false;
    }

    /**
     * Determine if the user matches the credentials.
     *
     * @param mixed $user
     * @param array $credentials
     * @return bool
     */
    protected function hasValidCredentials($user, $credentials)
    {
        return ! is_null($user) && $this->provider->validateCredentials($user, $credentials);
    }

    /**
     * Fire the attempt event with the arguments.
     *
     * @param array $credentials
     * @param bool $login
     * @return void
     */
    protected function fireAttemptEvent(array $credentials, $login)
    {
        if (isset($this->events)) {
            $this->events->fire(new Attempting(
                $credentials, false, $login
            ));
        }
    }

    /**
     * Register an authentication attempt event listener.
     *
     * @param mixed $callback
     * @return void
     */
    public function attempting($callback)
    {
        if (isset($this->events)) {
            $this->events->listen(Attempting::class, $callback);
        }
    }

    /**
     * Log a user into the application.
     *
     * @param \Illuminate\Contracts\Auth\Authenticatable $user
     * @return void
     */
    public function login(AuthenticatableContract $user)
    {
        $claim = new Claim([
            'sub' => $user->getAuthIdentifier(),
            'aud' => get_class($user),
            'refresh' => Config::get('jwt.refreshable')
        ]);

        $token = $this->jwtService->getTokenForClaim($claim);

        // If we have an event dispatcher instance set we will fire an event so that
        // any listeners will hook into the authentication events and run actions
        // based on the login and logout events fired from the guard instances.
        $this->fireLoginEvent($user);

        $this->setToken($token);
        $this->setUser($user);
    }

    /**
     * generateTokenForUser method
     *
     * @param string $token
     * @return string
     */
    protected function refreshTokenForUser($token)
    {
        try {
            $newToken = $this->jwtService->refreshToken($token);
        } catch (Exception $e) {
            $newToken = null;
        }

        return $newToken;
    }

    /**
     * Fire the login event if the dispatcher is set.
     *
     * @param \Illuminate\Contracts\Auth\Authenticatable $user
     * @param bool  $remember
     * @return void
     */
    protected function fireLoginEvent($user, $remember = false)
    {
        if (isset($this->events)) {
            $this->events->fire(new Login($user, $remember));
        }
    }

    /**
     * Log the given user ID into the application.
     *
     * @param mixed $id
     * @return \Illuminate\Contracts\Auth\Authenticatable
     */
    public function loginUsingId($id)
    {
        $user = $this->provider->retrieveById($id);

        if (empty($user)) {
            return null;
        }

        $this->login($user);

        return $user;
    }

    /**
     * Log the user out of the application.
     *
     * @return void
     */
    public function logout()
    {
        if (!$token = $this->getBearerToken()) {
            return;
        }

        try {
            $this->jwtService->invalidateToken($token);
        } catch (Exception $e) {
            // User has no valid token but fine with logout calling
        }

        $this->logoutCurrentUser();
    }

    /**
     * log this user out from every token
     *
     * @return void
     */
    public function logoutAll()
    {
        if (!$token = $this->getBearerToken()) {
            return;
        }

        try {
            $claim = $this->jwtService->getClaimFromToken($token);

            $this->jwtService->wipeUserTokens($claim);

        } catch (Exception $e) {
            // User has no valid token but fine with logout calling
        }

        $this->logoutCurrentUser();
    }

    /**
     * logoutCurrentUser method
     */
    protected function logoutCurrentUser()
    {
        if (isset($this->events)) {
            $this->events->fire(new Logout($this->user));
        }

        // Once we have fired the logout event we will clear the users out of memory
        // so they are no longer available as the user is no longer considered as
        // being signed into this application and should not be available here.
        $this->user = null;
        $this->token = null;
        $this->loggedOut = true;
    }

    /**
     * Refresh user token
     *
     * @return string|null
     */
    public function refreshToken()
    {
        if (!$token = $this->getBearerToken()) {
            return null;
        }

        $this->token = $this->refreshTokenForUser($token);

        return $this->token;
    }

    /**
     * Get the event dispatcher instance.
     *
     * @return Dispatcher
     */
    public function getDispatcher()
    {
        return $this->events;
    }

    /**
     * Set the event dispatcher instance.
     *
     * @param Dispatcher $events
     * @return void
     */
    public function setDispatcher(Dispatcher $events)
    {
        $this->events = $events;
    }

    /**
     * setToken method
     *
     * @param string $token
     */
    public function setToken($token)
    {
        $this->token = $token;
    }

    /**
     * getToken method
     *
     * @return null|string
     */
    public function getToken()
    {
        return $this->token;
    }

    /**
     * isTokenRefreshable method
     *
     * @return boolean
     */
    public function isTokenRefreshable()
    {
        return $this->isTokenRefreshable;
    }

    /**
     * isTokenPresent method
     *
     * @return boolean
     */
    public function isTokenPresent()
    {
        return $this->isTokenPresent;
    }

    /**
     * getBearerToken method
     *
     * @return string|null
     */
    protected function getBearerToken()
    {
        $header = $this->request->header('Authorization', '');

        if (starts_with(strtolower($header), 'bearer ')) {
            return mb_substr($header, 7, null, 'UTF-8');
        }

        return null;
    }

}

1			<?php
2
3			namespace WWON\JwtGuard;
4
5			use Illuminate\Auth\Events\Attempting;
6			use Illuminate\Auth\Events\Login;
7			use Illuminate\Auth\Events\Logout;
8			use Illuminate\Auth\GuardHelpers;
9			use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
10			use Illuminate\Contracts\Auth\Guard;
11			use Illuminate\Contracts\Auth\UserProvider;
12			use Illuminate\Contracts\Events\Dispatcher;
13			use Illuminate\Http\Request;
14			use Illuminate\Support\Facades\Config;
15			use WWON\JwtGuard\Exceptions\Exception;
16			use WWON\JwtGuard\Exceptions\InaccessibleException;
17			use WWON\JwtGuard\Exceptions\InvalidTokenException;
18			use WWON\JwtGuard\Exceptions\MalformedException;
19			use WWON\JwtGuard\Exceptions\TokenExpiredException;
20
21			class JwtGuard implements Guard
22			{
23
24			use GuardHelpers;
25
26			/**
27			* @var string
28			*/
29			protected $token;
30
31			/**
32			* @var bool
33			*/
34			protected $isTokenRefreshable = false;
35
36			/**
37			* @var bool
38			*/
39			protected $isTokenPresent = false;
40
41			/**
42			* @var JwtService
43			*/
44			protected $jwtService;
45
46			/**
47			* @var Request
48			*/
49			protected $request;
50
51			/**
52			* The event dispatcher instance.
53			*
54			* @var Dispatcher
55			*/
56			protected $events;
57
58			/**
59			* Indicates if the logout method has been called.
60			*
61			* @var bool
62			*/
63			protected $loggedOut = false;
64
65			/**
66			* JwtGuard constructor
67			*
68			* @param UserProvider $provider
69			* @param JwtService $jwtService
70			* @param Request\|null $request
71			*/
72			public function __construct(
73			UserProvider $provider,
74			JwtService $jwtService,
75			Request $request = null
76			) {
77			$this->provider = $provider;
78			$this->jwtService = $jwtService;
79			$this->request = $request;
80			}
81
82			/**
83			* Get the currently authenticated user.
84			*
85			* @return \Illuminate\Contracts\Auth\Authenticatable\|null
86			*/
87			public function user()
88			{
89			// If we've already retrieved the user for the current request we can just
90			// return it back immediately. We do not want to fetch the user data on
91			// every call to this method because that would be tremendously slow.
92			if ($this->user) {
93			return $this->user;
94			}
95
96			if (!$token = $this->getBearerToken()) {
97			return $this->user = null;
98			}
99
100			$this->isTokenPresent = true;
101
102			try {
103			$this->user = $this->getUserByToken($token);
104			} catch (InaccessibleException $e) {
105			$this->isTokenRefreshable = true;
106			$this->user = null;
107			} catch (Exception $e) {
108			$this->user = null;
109			}
110
111			return $this->user;
112			}
113
114			/**
115			* Retrieve the user by the given payload.
116			*
117			* @param string $token
118			* @return AuthenticatableContract\|null
119			* @throws InaccessibleException
120			* @throws MalformedException
121			* @throws TokenExpiredException
122			* @throws InvalidTokenException
123			*/
124			protected function getUserByToken($token)
125			{
126			$claim = $this->jwtService->getClaimFromToken($token);
127			$user = $this->provider->retrieveById($claim->sub);
128
129			if (!empty($user) && get_class($user) !== $claim->aud) {
130			throw new InvalidTokenException;
131			}
132
133			return $user;
134			}
135
136			/**
137			* Validate a user's credentials.
138			*
139			* @param array $credentials
140			* @return bool
141			*/
142			public function validate(array $credentials = [])
143			{
144			return $this->attempt($credentials, false);
145			}
146
147			/**
148			* Attempt to authenticate a user using the given credentials.
149			*
150			* @param array $credentials
151			* @param bool $login
152			* @return bool
153			*/
154			public function attempt(array $credentials = [], $login = true)
155			{
156			$this->fireAttemptEvent($credentials, $login);
157
158			$user = $this->provider->retrieveByCredentials($credentials);
159
160			if (empty($user)) {
161			return false;
162			}
163
164			// If an implementation of UserInterface was returned, we'll ask the provider
165			// to validate the user against the given credentials, and if they are in
166			// fact valid we'll log the users into the application and return true.
167			if ($this->hasValidCredentials($user, $credentials)) {
168			if ($login) {
169			$this->login($user);
170			}
171
172			return true;
173			}
174
175			return false;
176			}
177
178			/**
179			* Determine if the user matches the credentials.
180			*
181			* @param mixed $user
182			* @param array $credentials
183			* @return bool
184			*/
185			protected function hasValidCredentials($user, $credentials)
186			{
187			return ! is_null($user) && $this->provider->validateCredentials($user, $credentials);
188			}
189
190			/**
191			* Fire the attempt event with the arguments.
192			*
193			* @param array $credentials
194			* @param bool $login
195			* @return void
196			*/
197			protected function fireAttemptEvent(array $credentials, $login)
198			{
199			if (isset($this->events)) {
200			$this->events->fire(new Attempting(
201			$credentials, false, $login
202			));
203			}
204			}
205
206			/**
207			* Register an authentication attempt event listener.
208			*
209			* @param mixed $callback
210			* @return void
211			*/
212			public function attempting($callback)
213			{
214			if (isset($this->events)) {
215			$this->events->listen(Attempting::class, $callback);
216			}
217			}
218
219			/**
220			* Log a user into the application.
221			*
222			* @param \Illuminate\Contracts\Auth\Authenticatable $user
223			* @return void
224			*/
225			public function login(AuthenticatableContract $user)
226			{
227			$claim = new Claim([
228			'sub' => $user->getAuthIdentifier(),
229			'aud' => get_class($user),
230			'refresh' => Config::get('jwt.refreshable')
231			]);
232
233			$token = $this->jwtService->getTokenForClaim($claim);
234
235			// If we have an event dispatcher instance set we will fire an event so that
236			// any listeners will hook into the authentication events and run actions
237			// based on the login and logout events fired from the guard instances.
238			$this->fireLoginEvent($user);
239
240			$this->setToken($token);
241			$this->setUser($user);
242			}
243
244			/**
245			* generateTokenForUser method
246			*
247			* @param string $token
248			* @return string
249			*/
250			protected function refreshTokenForUser($token)
251			{
252			try {
253			$newToken = $this->jwtService->refreshToken($token);
254			} catch (Exception $e) {
255			$newToken = null;
256			}
257
258			return $newToken;
259			}
260
261			/**
262			* Fire the login event if the dispatcher is set.
263			*
264			* @param \Illuminate\Contracts\Auth\Authenticatable $user
265			* @param bool $remember
266			* @return void
267			*/
268			protected function fireLoginEvent($user, $remember = false)
269			{
270			if (isset($this->events)) {
271			$this->events->fire(new Login($user, $remember));
272			}
273			}
274
275			/**
276			* Log the given user ID into the application.
277			*
278			* @param mixed $id
279			* @return \Illuminate\Contracts\Auth\Authenticatable
280			*/
281			public function loginUsingId($id)
282			{
283			$user = $this->provider->retrieveById($id);
284
285			if (empty($user)) {
286			return null;
287			}
288
289			$this->login($user);
290
291			return $user;
292			}
293
294			/**
295			* Log the user out of the application.
296			*
297			* @return void
298			*/
299			public function logout()
300			{
301			if (!$token = $this->getBearerToken()) {
302			return;
303			}
304
305			try {
306			$this->jwtService->invalidateToken($token);
307			} catch (Exception $e) {
308			// User has no valid token but fine with logout calling
309			}
310
311			$this->logoutCurrentUser();
312			}
313
314			/**
315			* log this user out from every token
316			*
317			* @return void
318			*/
319			public function logoutAll()
320			{
321			if (!$token = $this->getBearerToken()) {
322			return;
323			}
324
325			try {
326			$claim = $this->jwtService->getClaimFromToken($token);
327
328			$this->jwtService->wipeUserTokens($claim);
329
330			} catch (Exception $e) {
331			// User has no valid token but fine with logout calling
332			}
333
334			$this->logoutCurrentUser();
335			}
336
337			/**
338			* logoutCurrentUser method
339			*/
340			protected function logoutCurrentUser()
341			{
342			if (isset($this->events)) {
343			$this->events->fire(new Logout($this->user));
344			}
345
346			// Once we have fired the logout event we will clear the users out of memory
347			// so they are no longer available as the user is no longer considered as
348			// being signed into this application and should not be available here.
349			$this->user = null;
350			$this->token = null;
351			$this->loggedOut = true;
352			}
353
354			/**
355			* Refresh user token
356			*
357			* @return string\|null
358			*/
359			public function refreshToken()
360			{
361			if (!$token = $this->getBearerToken()) {
362			return null;
363			}
364
365			$this->token = $this->refreshTokenForUser($token);
366
367			return $this->token;
368			}
369
370			/**
371			* Get the event dispatcher instance.
372			*
373			* @return Dispatcher
374			*/
375			public function getDispatcher()
376			{
377			return $this->events;
378			}
379
380			/**
381			* Set the event dispatcher instance.
382			*
383			* @param Dispatcher $events
384			* @return void
385			*/
386			public function setDispatcher(Dispatcher $events)
387			{
388			$this->events = $events;
389			}
390
391			/**
392			* setToken method
393			*
394			* @param string $token
395			*/
396			public function setToken($token)
397			{
398			$this->token = $token;
399			}
400
401			/**
402			* getToken method
403			*
404			* @return null\|string
405			*/
406			public function getToken()
407			{
408			return $this->token;
409			}
410
411			/**
412			* isTokenRefreshable method
413			*
414			* @return boolean
415			*/
416			public function isTokenRefreshable()
417			{
418			return $this->isTokenRefreshable;
419			}
420
421			/**
422			* isTokenPresent method
423			*
424			* @return boolean
425			*/
426			public function isTokenPresent()
427			{
428			return $this->isTokenPresent;
429			}
430
431			/**
432			* getBearerToken method
433			*
434			* @return string\|null
435			*/
436			protected function getBearerToken()
437			{
438			$header = $this->request->header('Authorization', '');
439
440			if (starts_with(strtolower($header), 'bearer ')) {
441			return mb_substr($header, 7, null, 'UTF-8');
442			}
443
444			return null;
445			}
446
447			}

wisoot / jwt-guard

Push — develop ( d11ec8...35a198 )

JwtGuard B

Complexity

Size/Duplication

Coupling/Cohesion

Importance

23 Methods

How to fix Complexity

Complex Class

Duplication Side-by-Side

Filter issues like