Authentication::authUser() - Code Metrics - Inspection of "[RELEASE] Release of aoe_ipauth 1.0.2" - AOEpeople/aoe_ipauth - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 7a0b86...5db248 )

unknown

created 2016-05-06 12:10 UTC

Authentication::authUser() B

↳ Parent: Authentication

Complexity

Conditions	5
Paths	4

Size

Total Lines	25
Code Lines	13

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	12
CRAP Score	5.0729

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
c	1
b	0
f	0
dl	0
loc	25
rs	8.439
ccs	12
cts	14
cp	0.8571
cc	5
eloc	13
nc	4
nop	1
crap	5.0729

<?php
namespace AOE\AoeIpauth\Typo3\Service;

/***************************************************************
 *  Copyright notice
 *
 *  (c) 2014 AOE GmbH <[email protected]>
 *
 *  All rights reserved
 *
 *  This script is part of the TYPO3 project. The TYPO3 project is
 *  free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 3 of the License, or
 *  (at your option) any later version.
 *
 *  The GNU General Public License can be found at
 *  http://www.gnu.org/copyleft/gpl.html.
 *
 *  This script is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  This copyright notice MUST APPEAR in all copies of the script!
 ***************************************************************/

use TYPO3\CMS\Core\Utility\GeneralUtility;

/**
 * Class Authentication
 *
 * @package AOE\AoeIpauth\Typo3\Service
 */
class Authentication extends \TYPO3\CMS\Sv\AbstractAuthenticationService
{


    /**
     * @var \AOE\AoeIpauth\Service\IpMatchingService
     */
    protected $ipMatchingService = null;

    /**
     * @var \AOE\AoeIpauth\Domain\Service\FeEntityService
     */
    protected $feEntityService = null;

    /**
     * @var \AOE\AoeIpauth\Domain\Service\IpService
     */
    protected $ipService = null;

    /**
     * Makes sure the TCA is readable, necessary for enableFields to work
     * Is de-facto called when using the Preview BE Module
     *
     * @return void
     */
    protected function safeguardContext()
    {
        if (!isset($GLOBALS['TSFE'])) {
            return;
        }

        if (!isset($GLOBALS['TCA'][\AOE\AoeIpauth\Domain\Service\FeEntityService::TABLE_USER])) {
            if (empty($GLOBALS['TSFE']->sys_page)) {
                $GLOBALS['TSFE']->sys_page = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\PageRepository');
            }
            if (version_compare(TYPO3_version, '7.0.0', '<')) {
                $GLOBALS['TSFE']->getCompressedTCarray();
            }
        }
    }

    /**
     * Gets the user automatically
     *
     * @return bool
     */
    public function getUser()
    {
        // Do not respond to non-fe users and login attempts
        if ('getUserFE' != $this->mode || 'login' == $this->login['status']) {
            return false;
        }

        $this->safeguardContext();

        $clientIp = $this->authInfo['REMOTE_ADDR'];
        $ipAuthenticatedUsers = $this->findAllUsersByIpAuthentication($clientIp);

        if (empty($ipAuthenticatedUsers)) {
            return false;
        }

        $user = array_pop($ipAuthenticatedUsers);
        return $user;
    }

    /**
     * Authenticate a user
     * Return 200 if the IP is right.
     * This means that no more checks are needed.
     * Otherwise authentication may fail because we may don't have a password.
     *
     * @param array Data of user.
     * @return bool
     */
    public function authUser($user)
    {
        $this->safeguardContext();

        $authCode = 100;

        // Do not respond to non-fe users and login attempts
        if ('FE' != $this->authInfo['loginType'] || 'login' == $this->login['status']) {
            return $authCode;
        }
        if (!isset($user['uid'])) {
            return $authCode;
        }

        $clientIp = $this->authInfo['REMOTE_ADDR'];
        $userId = $user['uid'];

        $ipMatches = $this->doesCurrentUsersIpMatch($userId, $clientIp);

        if ($ipMatches) {
            $authCode = 200;
        }

        return $authCode;
    }

    /**
     * Get the group list
     *
     * @param string $user
     * @param array $knownGroups
     * @return array
     */
    public function getGroups($user, $knownGroups)

    {
        // Do not respond to non-FE group calls
        if ('getGroupsFE' != $this->mode) {
            return $knownGroups;
        }

        $this->safeguardContext();

        $clientIp = $this->authInfo['REMOTE_ADDR'];
        $ipAuthenticatedGroups = $this->findAllGroupsByIpAuthentication($clientIp);

        if (!empty($ipAuthenticatedGroups)) {
            $knownGroups = array_merge($ipAuthenticatedGroups, $knownGroups);
        }

        return $knownGroups;
    }

    /**
     * Returns TRUE if the userId's associated IPs match the client IP
     *
     * @param int $userId
     * @param string $clientIp
     * @return bool
     */
    protected function doesCurrentUsersIpMatch($userId, $clientIp)
    {
        $isMatch = false;
        $ips = $this->getIpService()->findIpsByFeUserId($userId);

        foreach ($ips as $ipWhitelist) {
            if ($this->getIpMatchingService()->isIpAllowed($clientIp, $ipWhitelist)) {
                $isMatch = true;
                break;
            }
        }
        return $isMatch;
    }

    /**
     * Finds all users with IP authentication enabled
     *
     * @param string $ip
     * @return array
     */
    protected function findAllUsersByIpAuthentication($ip)
    {
        $users = $this->getFeEntityService()->findAllUsersAuthenticatedByIp($ip);
        return $users;
    }

    /**
     * Finds all groups with IP authentication enabled
     *
     * @param string $ip
     * @return array
     */
    protected function findAllGroupsByIpAuthentication($ip)
    {
        $groups = $this->getFeEntityService()->findAllGroupsAuthenticatedByIp($ip);
        return $groups;
    }

    /**
     * @return \AOE\AoeIpauth\Domain\Service\FeEntityService
     */
    protected function getFeEntityService()
    {
        if (null === $this->feEntityService) {
            $this->feEntityService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Domain\\Service\\FeEntityService');
        }
        return $this->feEntityService;
    }

    /**
     * @return \AOE\AoeIpauth\Domain\Service\IpService
     */
    protected function getIpService()
    {
        if (null === $this->ipService) {
            $this->ipService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Domain\\Service\\IpService');
        }
        return $this->ipService;
    }

    /**
     * @return \AOE\AoeIpauth\Service\IpMatchingService
     */
    protected function getIpMatchingService()
    {
        if (null === $this->ipMatchingService) {
            $this->ipMatchingService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Service\\IpMatchingService');
        }
        return $this->ipMatchingService;
    }
}


1		<?php
2		namespace AOE\AoeIpauth\Typo3\Service;
3
4		/***************************************************************
5		* Copyright notice
6		*
7		* (c) 2014 AOE GmbH <[email protected]>
8		*
9		* All rights reserved
10		*
11		* This script is part of the TYPO3 project. The TYPO3 project is
12		* free software; you can redistribute it and/or modify
13		* it under the terms of the GNU General Public License as published by
14		* the Free Software Foundation; either version 3 of the License, or
15		* (at your option) any later version.
16		*
17		* The GNU General Public License can be found at
18		* http://www.gnu.org/copyleft/gpl.html.
19		*
20		* This script is distributed in the hope that it will be useful,
21		* but WITHOUT ANY WARRANTY; without even the implied warranty of
22		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23		* GNU General Public License for more details.
24		*
25		* This copyright notice MUST APPEAR in all copies of the script!
26		***************************************************************/
27
28		use TYPO3\CMS\Core\Utility\GeneralUtility;
29
30		/**
31		* Class Authentication
32		*
33		* @package AOE\AoeIpauth\Typo3\Service
34		*/
35		class Authentication extends \TYPO3\CMS\Sv\AbstractAuthenticationService
36		{
37
38
39		/**
40		* @var \AOE\AoeIpauth\Service\IpMatchingService
41		*/
42		protected $ipMatchingService = null;
43
44		/**
45		* @var \AOE\AoeIpauth\Domain\Service\FeEntityService
46		*/
47		protected $feEntityService = null;
48
49		/**
50		* @var \AOE\AoeIpauth\Domain\Service\IpService
51		*/
52		protected $ipService = null;
53
54		/**
55		* Makes sure the TCA is readable, necessary for enableFields to work
56		* Is de-facto called when using the Preview BE Module
57		*
58		* @return void
59		*/
60	6	protected function safeguardContext()
61		{
62	6	if (!isset($GLOBALS['TSFE'])) {
63	6	return;
64		}
65
66		if (!isset($GLOBALS['TCA'][\AOE\AoeIpauth\Domain\Service\FeEntityService::TABLE_USER])) {
67		if (empty($GLOBALS['TSFE']->sys_page)) {
68		$GLOBALS['TSFE']->sys_page = GeneralUtility::makeInstance('TYPO3\\CMS\\Frontend\\Page\\PageRepository');
69		}
70		if (version_compare(TYPO3_version, '7.0.0', '<')) {
71		$GLOBALS['TSFE']->getCompressedTCarray();
72		}
73		}
74		}
75
76		/**
77		* Gets the user automatically
78		*
79		* @return bool
80		*/
81	3	public function getUser()
82		{
83		// Do not respond to non-fe users and login attempts
84	3	if ('getUserFE' != $this->mode \|\| 'login' == $this->login['status']) {
85		return false;
86		}
87
88	3	$this->safeguardContext();
89
90	3	$clientIp = $this->authInfo['REMOTE_ADDR'];
91	3	$ipAuthenticatedUsers = $this->findAllUsersByIpAuthentication($clientIp);
92
93	3	if (empty($ipAuthenticatedUsers)) {
94	1	return false;
95		}
96
97	2	$user = array_pop($ipAuthenticatedUsers);
98	2	return $user;
99		}
100
101		/**
102		* Authenticate a user
103		* Return 200 if the IP is right.
104		* This means that no more checks are needed.
105		* Otherwise authentication may fail because we may don't have a password.
106		*
107		* @param array Data of user.
108		* @return bool
109		*/
110	2	public function authUser($user)
111		{
112	2	$this->safeguardContext();
113
114	2	$authCode = 100;
115
116		// Do not respond to non-fe users and login attempts
117	2	if ('FE' != $this->authInfo['loginType'] \|\| 'login' == $this->login['status']) {
118		return $authCode;
119		}
120	2	if (!isset($user['uid'])) {
121		return $authCode;
122		}
123
124	2	$clientIp = $this->authInfo['REMOTE_ADDR'];
125	2	$userId = $user['uid'];
126
127	2	$ipMatches = $this->doesCurrentUsersIpMatch($userId, $clientIp);
128
129	2	if ($ipMatches) {
130	1	$authCode = 200;
131	1	}
132
133	2	return $authCode;
134		}
135
136		/**
137		* Get the group list
138		*
139		* @param string $user
140		* @param array $knownGroups
141		* @return array
142		*/
143	1	public function getGroups($user, $knownGroups)
		0 ignored issues – show Unused Code introduced 2015-11-28 10:33 UTC by Report Bug Copy Issue Report The parameter `$user` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
144		{
145		// Do not respond to non-FE group calls
146	1	if ('getGroupsFE' != $this->mode) {
147		return $knownGroups;
148		}
149
150	1	$this->safeguardContext();
151
152	1	$clientIp = $this->authInfo['REMOTE_ADDR'];
153	1	$ipAuthenticatedGroups = $this->findAllGroupsByIpAuthentication($clientIp);
154
155	1	if (!empty($ipAuthenticatedGroups)) {
156	1	$knownGroups = array_merge($ipAuthenticatedGroups, $knownGroups);
157	1	}
158
159	1	return $knownGroups;
160		}
161
162		/**
163		* Returns TRUE if the userId's associated IPs match the client IP
164		*
165		* @param int $userId
166		* @param string $clientIp
167		* @return bool
168		*/
169		protected function doesCurrentUsersIpMatch($userId, $clientIp)
170		{
171		$isMatch = false;
172		$ips = $this->getIpService()->findIpsByFeUserId($userId);
173
174		foreach ($ips as $ipWhitelist) {
175		if ($this->getIpMatchingService()->isIpAllowed($clientIp, $ipWhitelist)) {
176		$isMatch = true;
177		break;
178		}
179		}
180		return $isMatch;
181		}
182
183		/**
184		* Finds all users with IP authentication enabled
185		*
186		* @param string $ip
187		* @return array
188		*/
189		protected function findAllUsersByIpAuthentication($ip)
190		{
191		$users = $this->getFeEntityService()->findAllUsersAuthenticatedByIp($ip);
192		return $users;
193		}
194
195		/**
196		* Finds all groups with IP authentication enabled
197		*
198		* @param string $ip
199		* @return array
200		*/
201		protected function findAllGroupsByIpAuthentication($ip)
202		{
203		$groups = $this->getFeEntityService()->findAllGroupsAuthenticatedByIp($ip);
204		return $groups;
205		}
206
207		/**
208		* @return \AOE\AoeIpauth\Domain\Service\FeEntityService
209		*/
210		protected function getFeEntityService()
211		{
212		if (null === $this->feEntityService) {
213		$this->feEntityService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Domain\\Service\\FeEntityService');
214		}
215		return $this->feEntityService;
216		}
217
218		/**
219		* @return \AOE\AoeIpauth\Domain\Service\IpService
220		*/
221		protected function getIpService()
222		{
223		if (null === $this->ipService) {
224		$this->ipService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Domain\\Service\\IpService');
225		}
226		return $this->ipService;
227		}
228
229		/**
230		* @return \AOE\AoeIpauth\Service\IpMatchingService
231		*/
232		protected function getIpMatchingService()
233		{
234		if (null === $this->ipMatchingService) {
235		$this->ipMatchingService = GeneralUtility::makeInstance('AOE\\AoeIpauth\\Service\\IpMatchingService');
236		}
237		return $this->ipMatchingService;
238		}
239		}
240

AOEpeople / aoe_ipauth

Push — master ( 7a0b86...5db248 )

Authentication::authUser() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like