FacebookController::validateState() - Code Metrics - Inspection of "fix for oAuth2 Facebook redirect URL having double..." - zemit-cms/core - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — master ( 55df4f...a8146b )

by Julien

created 2020-10-06 18:52 UTC

FacebookController::validateState() A

↳ Parent: FacebookController

Complexity

Conditions	3
Paths	2

Size

Total Lines	9
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	12

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
eloc	4
c	1
b	0
f	0
dl	0
loc	9
ccs	0
cts	5
cp	0
rs	10
cc	3
nc	2
nop	1
crap	12

<?php
/**
 * This file is part of the Zemit Framework.
 *
 * (c) Zemit Team <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE.txt
 * file that was distributed with this source code.
 */

namespace Zemit\Modules\Oauth2\Controllers;

use League\OAuth2\Client\Grant\RefreshToken;
use League\OAuth2\Client\Provider\Facebook;
use League\OAuth2\Client\Provider\ResourceOwnerInterface;

/**
 * Class FacebookController
 *
 * @property Facebook $oauth2Facebook
 * @package Zemit\Modules\Oauth2\Controllers
 */
class FacebookController extends AbstractController
{
    const DEFAULT_SCOPE = 'email';
    
    public string $sessionKey = 'oauth2-facebook-state';
    
    /**
     * Redirect to Authorization Url
     *
     * @param null $scope

     *
     * @return \Phalcon\Http\ResponseInterface
     */
    public function authorizationUrlAction($scope = null)
    {
        $redirectUrl = $this->oauth2Facebook->getAuthorizationUrl([
            'scope' => explode(',', $scope ?: $this->request->get('scope', 'string', self::DEFAULT_SCOPE))

        ]);
        $this->session->set($this->sessionKey, $this->oauth2Facebook->getState());
        return $this->response->redirect($redirectUrl);
    }
    
    /**
     *
     */
    public function callbackAction() {
        
        if ($this->validateState()) {
            $accessToken = $this->getAccessToken();
            $longLivedAccessToken = $this->getLongLivedAccessToken($accessToken);

            $resourceOwner = $this->getResourceOwner($accessToken);

            
//            $resourceOwner->toArray();
//            $session = $this->identity->getSession();
//            $session->setUserId();
        }
    }
    
    /**
     * Validate State
     *
     * @param null $state

     *
     * @return bool
     */
    public function validateState($state = null)
    {
        $state ??= $this->request->get('state', 'string');
        
        if (empty($state) || !$this->session->has($this->sessionKey)) {
            return false;
        }
        
        return $state === $this->session->get($this->sessionKey);
    }
    
    /**
     * Get Access Token
     *
     * @param null $code

     *
     * @return mixed
     */
    public function getAccessToken($code = null)
    {
        $code ??= $this->request->get('code', 'string');
        return $this->oauth2Facebook->getAccessToken('authorization_code', ['code' => $code]);
    }
    
    /**
     * @param null $shortLivedAccessToken

     *
     * @return mixed
     */
    public function getLongLivedAccessToken($shortLivedAccessToken = null)
    {
        return $this->oauth2Facebook->getLongLivedAccessToken($shortLivedAccessToken);
    }
    
    /**
     * Refresh Token
     *
     * @param null $code

     *
     * @return mixed
     */
    public function refreshToken($refreshToken = null)
    {
        $refreshToken ??= $this->request->get('refreshToken', 'string');
        return $this->oauth2Facebook->getAccessToken(new RefreshToken(), ['code' => $refreshToken]);
    }
    
    /**
     * @param null $token

     *
     * @return ResourceOwnerInterface
     */
    public function getResourceOwner($token = null)
    {
        $token ??= $this->getAccessToken();
        return $this->oauth2Facebook->getResourceOwner($token);
    }
}


1			<?php
2			/**
3			* This file is part of the Zemit Framework.
4			*
5			* (c) Zemit Team <[email protected]>
6			*
7			* For the full copyright and license information, please view the LICENSE.txt
8			* file that was distributed with this source code.
9			*/
10
11			namespace Zemit\Modules\Oauth2\Controllers;
12
13			use League\OAuth2\Client\Grant\RefreshToken;
14			use League\OAuth2\Client\Provider\Facebook;
15			use League\OAuth2\Client\Provider\ResourceOwnerInterface;
16
17			/**
18			* Class FacebookController
19			*
20			* @property Facebook $oauth2Facebook
21			* @package Zemit\Modules\Oauth2\Controllers
22			*/
23			class FacebookController extends AbstractController
24			{
25			const DEFAULT_SCOPE = 'email';
26
27			public string $sessionKey = 'oauth2-facebook-state';
28
29			/**
30			* Redirect to Authorization Url
31			*
32			* @param null $scope
			0 ignored issues – show Documentation Bug introduced 2020-08-07 17:38 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$scope` is correct as it would always require `null` to be passed? Loading history...
33			*
34			* @return \Phalcon\Http\ResponseInterface
35			*/
36			public function authorizationUrlAction($scope = null)
37			{
38			$redirectUrl = $this->oauth2Facebook->getAuthorizationUrl([
39			'scope' => explode(',', $scope ?: $this->request->get('scope', 'string', self::DEFAULT_SCOPE))
			0 ignored issues – show introduced 2020-08-07 17:38 UTC by Report Bug Copy Issue Report `$scope` is of type `null`, thus it always evaluated to `false`. Loading history...
40			]);
41			$this->session->set($this->sessionKey, $this->oauth2Facebook->getState());
42			return $this->response->redirect($redirectUrl);
43			}
44
45			/**
46			*
47			*/
48			public function callbackAction() {
49
50			if ($this->validateState()) {
51			$accessToken = $this->getAccessToken();
52			$longLivedAccessToken = $this->getLongLivedAccessToken($accessToken);
			0 ignored issues – show Unused Code introduced 2020-10-06 18:57 UTC by Report Bug Copy Issue Report The assignment to `$longLivedAccessToken` is dead and can be removed. Loading history...
53			$resourceOwner = $this->getResourceOwner($accessToken);
			0 ignored issues – show Unused Code introduced 2020-10-06 18:57 UTC by Report Bug Copy Issue Report The assignment to `$resourceOwner` is dead and can be removed. Loading history...
54
55			// $resourceOwner->toArray();
56			// $session = $this->identity->getSession();
57			// $session->setUserId();
58			}
59			}
60
61			/**
62			* Validate State
63			*
64			* @param null $state
			0 ignored issues – show Documentation Bug introduced 2020-08-07 17:38 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$state` is correct as it would always require `null` to be passed? Loading history...
65			*
66			* @return bool
67			*/
68			public function validateState($state = null)
69			{
70			$state ??= $this->request->get('state', 'string');
71
72			if (empty($state) \|\| !$this->session->has($this->sessionKey)) {
73			return false;
74			}
75
76			return $state === $this->session->get($this->sessionKey);
77			}
78
79			/**
80			* Get Access Token
81			*
82			* @param null $code
			0 ignored issues – show Documentation Bug introduced 2020-08-07 17:38 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$code` is correct as it would always require `null` to be passed? Loading history...
83			*
84			* @return mixed
85			*/
86			public function getAccessToken($code = null)
87			{
88			$code ??= $this->request->get('code', 'string');
89			return $this->oauth2Facebook->getAccessToken('authorization_code', ['code' => $code]);
90			}
91
92			/**
93			* @param null $shortLivedAccessToken
			0 ignored issues – show Documentation Bug introduced 2020-08-07 17:38 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$shortLivedAccessToken` is correct as it would always require `null` to be passed? Loading history...
94			*
95			* @return mixed
96			*/
97			public function getLongLivedAccessToken($shortLivedAccessToken = null)
98			{
99			return $this->oauth2Facebook->getLongLivedAccessToken($shortLivedAccessToken);
100			}
101
102			/**
103			* Refresh Token
104			*
105			* @param null $code
			0 ignored issues – show Documentation Bug introduced 2020-08-07 17:38 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$code` is correct as it would always require `null` to be passed? Loading history...
106			*
107			* @return mixed
108			*/
109			public function refreshToken($refreshToken = null)
110			{
111			$refreshToken ??= $this->request->get('refreshToken', 'string');
112			return $this->oauth2Facebook->getAccessToken(new RefreshToken(), ['code' => $refreshToken]);
113			}
114
115			/**
116			* @param null $token
			0 ignored issues – show Documentation Bug introduced 2020-08-07 17:38 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$token` is correct as it would always require `null` to be passed? Loading history...
117			*
118			* @return ResourceOwnerInterface
119			*/
120			public function getResourceOwner($token = null)
121			{
122			$token ??= $this->getAccessToken();
123			return $this->oauth2Facebook->getResourceOwner($token);
124			}
125			}
126

zemit-cms / core

Push — master ( 55df4f...a8146b )

FacebookController::validateState() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like