Rest_Authentication::wp_rest_authenticate() - Code Metrics - Inspection of "Admin Page: switch Creative Mail recommendation to..." - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — update/setup-wizard-free-creat... ( a13f63...9ba60b )

by Jeremy

created 2020-08-25 09:06 UTC

Rest_Authentication::wp_rest_authenticate() C

↳ Parent: Rest_Authentication

Complexity

Conditions	15
Paths	8

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	15
nc	8
nop	1
dl	0
loc	67
rs	5.9166
c	0
b	0
f	0

How to fix Long Method Complexity

<?php
/**
 * The Jetpack Connection Rest Authentication file.
 *
 * @package automattic/jetpack-connection
 */

namespace Automattic\Jetpack\Connection;

/**
 * The Jetpack Connection Rest Authentication class.
 */
class Rest_Authentication {

	/**
	 * The rest authentication status.
	 *
	 * @since 8.9.0
	 * @var boolean
	 */
	private $rest_authentication_status = null;

	/**
	 * The Manager object.
	 *
	 * @since 8.9.0
	 * @var Object
	 */
	private $connection_manager = null;

	/**
	 * Holds the singleton instance of this class
	 *
	 * @since 8.9.0
	 * @var Object
	 */
	private static $instance = false;

	/**
	 * The constructor.
	 */
	private function __construct() {
		$this->connection_manager = new Manager();
	}

	/**
	 * Controls the single instance of this class.
	 *
	 * @static
	 */
	public static function init() {
		if ( ! self::$instance ) {
			self::$instance = new self();

			add_filter( 'determine_current_user', array( self::$instance, 'wp_rest_authenticate' ) );
			add_filter( 'rest_authentication_errors', array( self::$instance, 'wp_rest_authentication_errors' ) );
		}

		return self::$instance;
	}

	/**
	 * Authenticates requests from Jetpack server to WP REST API endpoints.
	 * Uses the existing XMLRPC request signing implementation.
	 *
	 * @param int|bool $user User ID if one has been determined, false otherwise.
	 *
	 * @return int|null The user id or null if the request was not authenticated.
	 */
	public function wp_rest_authenticate( $user ) {
		if ( ! empty( $user ) ) {
			// Another authentication method is in effect.
			return $user;
		}

		if ( ! isset( $_GET['_for'] ) || 'jetpack' !== $_GET['_for'] ) {
			// Nothing to do for this authentication method.
			return null;
		}

		if ( ! isset( $_GET['token'] ) && ! isset( $_GET['signature'] ) ) {
			// Nothing to do for this authentication method.
			return null;
		}

		if ( ! isset( $_SERVER['REQUEST_METHOD'] ) ) {
			$this->rest_authentication_status = new \WP_Error(

				'rest_invalid_request',

				__( 'The request method is missing.', 'jetpack' ),
				array( 'status' => 400 )
			);
			return null;
		}

		// Only support specific request parameters that have been tested and
		// are known to work with signature verification.  A different method
		// can be passed to the WP REST API via the '?_method=' parameter if
		// needed.
		if ( 'GET' !== $_SERVER['REQUEST_METHOD'] && 'POST' !== $_SERVER['REQUEST_METHOD'] ) {
			$this->rest_authentication_status = new \WP_Error(

				'rest_invalid_request',

				__( 'This request method is not supported.', 'jetpack' ),
				array( 'status' => 400 )
			);
			return null;
		}
		if ( 'POST' !== $_SERVER['REQUEST_METHOD'] && ! empty( file_get_contents( 'php://input' ) ) ) {
			$this->rest_authentication_status = new \WP_Error(

				'rest_invalid_request',

				__( 'This request method does not support body parameters.', 'jetpack' ),
				array( 'status' => 400 )
			);
			return null;
		}

		$verified = $this->connection_manager->verify_xml_rpc_signature();

		if (
			$verified &&
			isset( $verified['type'] ) &&
			'user' === $verified['type'] &&
			! empty( $verified['user_id'] )
		) {
			// Authentication successful.
			$this->rest_authentication_status = true;
			return $verified['user_id'];
		}

		// Something else went wrong.  Probably a signature error.
		$this->rest_authentication_status = new \WP_Error(

			'rest_invalid_signature',

			__( 'The request is not signed correctly.', 'jetpack' ),
			array( 'status' => 400 )
		);
		return null;
	}

	/**
	 * Report authentication status to the WP REST API.
	 *
	 * @param  WP_Error|mixed $value Error from another authentication handler, null if we should handle it, or another value if not.
	 * @return WP_Error|boolean|null {@see WP_JSON_Server::check_authentication}
	 */
	public function wp_rest_authentication_errors( $value ) {
		if ( null !== $value ) {
			return $value;
		}
		return $this->rest_authentication_status;
	}

	/**
	 * Resets the saved authentication state in between testing requests.
	 */
	public function reset_saved_auth_state() {
		$this->rest_authentication_status = null;
		$this->connection_manager->reset_saved_auth_state();
	}
}


1			<?php
2			/**
3			* The Jetpack Connection Rest Authentication file.
4			*
5			* @package automattic/jetpack-connection
6			*/
7
8			namespace Automattic\Jetpack\Connection;
9
10			/**
11			* The Jetpack Connection Rest Authentication class.
12			*/
13			class Rest_Authentication {
14
15			/**
16			* The rest authentication status.
17			*
18			* @since 8.9.0
19			* @var boolean
20			*/
21			private $rest_authentication_status = null;
22
23			/**
24			* The Manager object.
25			*
26			* @since 8.9.0
27			* @var Object
28			*/
29			private $connection_manager = null;
30
31			/**
32			* Holds the singleton instance of this class
33			*
34			* @since 8.9.0
35			* @var Object
36			*/
37			private static $instance = false;
38
39			/**
40			* The constructor.
41			*/
42			private function __construct() {
43			$this->connection_manager = new Manager();
44			}
45
46			/**
47			* Controls the single instance of this class.
48			*
49			* @static
50			*/
51			public static function init() {
52			if ( ! self::$instance ) {
53			self::$instance = new self();
54
55			add_filter( 'determine_current_user', array( self::$instance, 'wp_rest_authenticate' ) );
56			add_filter( 'rest_authentication_errors', array( self::$instance, 'wp_rest_authentication_errors' ) );
57			}
58
59			return self::$instance;
60			}
61
62			/**
63			* Authenticates requests from Jetpack server to WP REST API endpoints.
64			* Uses the existing XMLRPC request signing implementation.
65			*
66			* @param int\|bool $user User ID if one has been determined, false otherwise.
67			*
68			* @return int\|null The user id or null if the request was not authenticated.
69			*/
70			public function wp_rest_authenticate( $user ) {
71			if ( ! empty( $user ) ) {
72			// Another authentication method is in effect.
73			return $user;
74			}
75
76			if ( ! isset( $_GET['_for'] ) \|\| 'jetpack' !== $_GET['_for'] ) {
77			// Nothing to do for this authentication method.
78			return null;
79			}
80
81			if ( ! isset( $_GET['token'] ) && ! isset( $_GET['signature'] ) ) {
82			// Nothing to do for this authentication method.
83			return null;
84			}
85
86			if ( ! isset( $_SERVER['REQUEST_METHOD'] ) ) {
87			$this->rest_authentication_status = new \WP_Error(
			0 ignored issues – show Documentation Bug introduced 2020-08-24 04:33 UTC by Report Bug Copy Issue Report It seems like `new \WP_Error('rest_inva...array('status' => 400))` of type `object<WP_Error>` is incompatible with the declared type `boolean` of property `$rest_authentication_status`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
88			'rest_invalid_request',
			0 ignored issues – show Unused Code introduced 2019-06-17 08:53 UTC by Report Bug Copy Issue Report The call to `WP_Error::__construct()` has too many arguments starting with `'rest_invalid_request'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
89			__( 'The request method is missing.', 'jetpack' ),
90			array( 'status' => 400 )
91			);
92			return null;
93			}
94
95			// Only support specific request parameters that have been tested and
96			// are known to work with signature verification. A different method
97			// can be passed to the WP REST API via the '?_method=' parameter if
98			// needed.
99			if ( 'GET' !== $_SERVER['REQUEST_METHOD'] && 'POST' !== $_SERVER['REQUEST_METHOD'] ) {
100			$this->rest_authentication_status = new \WP_Error(
			0 ignored issues – show Documentation Bug introduced 2020-08-24 04:33 UTC by Report Bug Copy Issue Report It seems like `new \WP_Error('rest_inva...array('status' => 400))` of type `object<WP_Error>` is incompatible with the declared type `boolean` of property `$rest_authentication_status`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
101			'rest_invalid_request',
			0 ignored issues – show Unused Code introduced 2019-06-17 08:53 UTC by Report Bug Copy Issue Report The call to `WP_Error::__construct()` has too many arguments starting with `'rest_invalid_request'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
102			__( 'This request method is not supported.', 'jetpack' ),
103			array( 'status' => 400 )
104			);
105			return null;
106			}
107			if ( 'POST' !== $_SERVER['REQUEST_METHOD'] && ! empty( file_get_contents( 'php://input' ) ) ) {
108			$this->rest_authentication_status = new \WP_Error(
			0 ignored issues – show Documentation Bug introduced 2020-08-24 04:33 UTC by Report Bug Copy Issue Report It seems like `new \WP_Error('rest_inva...array('status' => 400))` of type `object<WP_Error>` is incompatible with the declared type `boolean` of property `$rest_authentication_status`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
109			'rest_invalid_request',
			0 ignored issues – show Unused Code introduced 2020-08-24 04:33 UTC by Report Bug Copy Issue Report The call to `WP_Error::__construct()` has too many arguments starting with `'rest_invalid_request'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
110			__( 'This request method does not support body parameters.', 'jetpack' ),
111			array( 'status' => 400 )
112			);
113			return null;
114			}
115
116			$verified = $this->connection_manager->verify_xml_rpc_signature();
117
118			if (
119			$verified &&
120			isset( $verified['type'] ) &&
121			'user' === $verified['type'] &&
122			! empty( $verified['user_id'] )
123			) {
124			// Authentication successful.
125			$this->rest_authentication_status = true;
126			return $verified['user_id'];
127			}
128
129			// Something else went wrong. Probably a signature error.
130			$this->rest_authentication_status = new \WP_Error(
			0 ignored issues – show Documentation Bug introduced 2020-08-24 04:33 UTC by Report Bug Copy Issue Report It seems like `new \WP_Error('rest_inva...array('status' => 400))` of type `object<WP_Error>` is incompatible with the declared type `boolean` of property `$rest_authentication_status`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
131			'rest_invalid_signature',
			0 ignored issues – show Unused Code introduced 2019-06-17 08:53 UTC by Report Bug Copy Issue Report The call to `WP_Error::__construct()` has too many arguments starting with `'rest_invalid_signature'`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
132			__( 'The request is not signed correctly.', 'jetpack' ),
133			array( 'status' => 400 )
134			);
135			return null;
136			}
137
138			/**
139			* Report authentication status to the WP REST API.
140			*
141			* @param WP_Error\|mixed $value Error from another authentication handler, null if we should handle it, or another value if not.
142			* @return WP_Error\|boolean\|null {@see WP_JSON_Server::check_authentication}
143			*/
144			public function wp_rest_authentication_errors( $value ) {
145			if ( null !== $value ) {
146			return $value;
147			}
148			return $this->rest_authentication_status;
149			}
150
151			/**
152			* Resets the saved authentication state in between testing requests.
153			*/
154			public function reset_saved_auth_state() {
155			$this->rest_authentication_status = null;
156			$this->connection_manager->reset_saved_auth_state();
157			}
158			}
159

Automattic / jetpack

Push — update/setup-wizard-free-creat... ( a13f63...9ba60b )

Rest_Authentication::wp_rest_authenticate() C

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like