AuthMiddleware::getUserByApiKey() - Code Metrics - Inspection of "Add API key support" - BurningFlipside/CommonCode - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#66)

by Patrick

created 2017-06-22 20:17 UTC

AuthMiddleware::getUserByApiKey() A

↳ Parent: AuthMiddleware

Complexity

Conditions	3
Paths	3

Size

Total Lines	18
Code Lines	12

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	3
eloc	12
c	1
b	0
f	0
nc	3
nop	1
dl	0
loc	18
rs	9.4285

<?php
namespace Http;

use \Psr\Http\Message\ServerRequestInterface as Request;
use \Psr\Http\Message\ResponseInterface as Response;

require 'vendor/autoload.php';

class AuthMiddleware
{
    private function getUserFromSession()
    {
        if(\FlipSession::isLoggedIn())
        {
            return \FlipSession::getUser();
        }
        return false;
    }

    /*
     * @SuppressWarnings("Superglobals")
     * @SuppressWarnings("StaticAccess")
     */
    private function getUserFromBasicAuth($header)
    {
        $auth = \AuthProvider::getInstance();
        $auth->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
        $user = FlipSession::getUser();
        if($user === false)
        {
            $data = substr($header, 6);
            $userpass = explode(':', base64_decode($data));
            $user = $auth->getUserByLogin($userpass[0], $userpass[1]);
        }
        return $user;
    }

    /*
     * @SuppressWarnings("StaticAccess")
     */
    private function getUserFromToken($header)
    {
        $auth = \AuthProvider::getInstance();
        $key = substr($header, 6);
        return $auth->getUserByAccessCode($key);
    }

    private function getUserByApiKey($header)
    {
        $key = substr($header, 7);
        $dataTable = \DataSetFactory::getDataTableByNames('profiles', 'apikeys');
        $filter = new \Data\Filter('apikey eq "'.$key.'"');
        $keys = $dataTable->read($filter);
        if(empty($keys))
        {
            return false;
        }
        $auth = \AuthProvider::getInstance();
        $users = $auth->getUsersByFilter(new \Data\Filter('uid eq '.$keys[0]['actas']));
        if(empty($users))
        {
            return false;
        }
        return $users[0];
    }

    private function getUserFromHeader($header)
    {
        if(strncmp($header, 'Basic', 5) == 0)
        {
            return $this->getUserFromBasicAuth($header);
        }
        else if(strncasecmp($header, 'ApiKey', 6) === 0)
        {
            return $this->getUserByApiKey($header);
        }
        return $this->getUserFromToken($header);
    }

    public function __invoke($request, $response, $next)
    {
        $auth = $request->getHeaderLine('Authorization');
        if(empty($auth))
        {
            $request = $request->withAttribute('user', $this->getUserFromSession());
        }
        else
        {
            $request = $request->withAttribute('user', $this->getUserFromHeader($auth));
        }
        $response = $next($request, $response);
        return $response;
    }
}


1			<?php
2			namespace Http;
3
4			use \Psr\Http\Message\ServerRequestInterface as Request;
5			use \Psr\Http\Message\ResponseInterface as Response;
6
7			require 'vendor/autoload.php';
8
9			class AuthMiddleware
10			{
11			private function getUserFromSession()
12			{
13			if(\FlipSession::isLoggedIn())
14			{
15			return \FlipSession::getUser();
16			}
17			return false;
18			}
19
20			/*
21			* @SuppressWarnings("Superglobals")
22			* @SuppressWarnings("StaticAccess")
23			*/
24			private function getUserFromBasicAuth($header)
25			{
26			$auth = \AuthProvider::getInstance();
27			$auth->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
28			$user = FlipSession::getUser();
29			if($user === false)
30			{
31			$data = substr($header, 6);
32			$userpass = explode(':', base64_decode($data));
33			$user = $auth->getUserByLogin($userpass[0], $userpass[1]);
34			}
35			return $user;
36			}
37
38			/*
39			* @SuppressWarnings("StaticAccess")
40			*/
41			private function getUserFromToken($header)
42			{
43			$auth = \AuthProvider::getInstance();
44			$key = substr($header, 6);
45			return $auth->getUserByAccessCode($key);
46			}
47
48			private function getUserByApiKey($header)
49			{
50			$key = substr($header, 7);
51			$dataTable = \DataSetFactory::getDataTableByNames('profiles', 'apikeys');
52			$filter = new \Data\Filter('apikey eq "'.$key.'"');
53			$keys = $dataTable->read($filter);
54			if(empty($keys))
55			{
56			return false;
57			}
58			$auth = \AuthProvider::getInstance();
59			$users = $auth->getUsersByFilter(new \Data\Filter('uid eq '.$keys[0]['actas']));
60			if(empty($users))
61			{
62			return false;
63			}
64			return $users[0];
65			}
66
67			private function getUserFromHeader($header)
68			{
69			if(strncmp($header, 'Basic', 5) == 0)
70			{
71			return $this->getUserFromBasicAuth($header);
72			}
73			else if(strncasecmp($header, 'ApiKey', 6) === 0)
74			{
75			return $this->getUserByApiKey($header);
76			}
77			return $this->getUserFromToken($header);
78			}
79
80			public function __invoke($request, $response, $next)
81			{
82			$auth = $request->getHeaderLine('Authorization');
83			if(empty($auth))
84			{
85			$request = $request->withAttribute('user', $this->getUserFromSession());
86			}
87			else
88			{
89			$request = $request->withAttribute('user', $this->getUserFromHeader($auth));
90			}
91			$response = $next($request, $response);
92			return $response;
93			}
94			}
95

BurningFlipside / CommonCode

Pull Request — develop (#66)

AuthMiddleware::getUserByApiKey() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like