Issues in class.ProfilesAPI.php - New Issues - Inspection of "Fix composer project name" - BurningFlipside/Profiles - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( ff0f24...b7393c )

by Patrick

created 2020-06-18 15:29 UTC

api/v1/class.ProfilesAPI.php (1 issue)

Labels

Unused Code 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
class ProfilesAPI extends Flipside\Http\Rest\RestAPI
{
    public function setup($app)
    {
        $app->post('/login[/]', array($this, 'login'));
        $app->post('/logout[/]', array($this, 'logout'));
        $app->post('/zip[/]', array($this, 'validateZip'));
    }

    public function login($request, $response)
    {
        $params = $request->getParams();
        if(!isset($params['username']) || !isset($params['password']))
        {
            $response->getBody()->write('Missing Required Parameters!');
            return $response->withStatus(400);
        }
        $auth = Flipside\AuthProvider::getInstance();
        $res = $auth->login($params['username'], $params['password']);
        if($res === false)
        {
            return $response->withStatus(403);
        }
        else
        {
            $user = \Flipside\FlipSession::getUser();
            $privateKey = file_get_contents('/var/www/secure_settings/jwtRS256.key');
            $groups = $user->getGroups();
            if($groups === false)
            {
                $groups = array();
            }
            $count = count($groups);
            for($i = 0; $i < $count; $i++)
            {
                $groups[$i] = $groups[$i]->getGroupName();
            }
            $token = array(
                'iss' => $request->getUri()->getHost(),
                'sub' => $user->uid,
                'private' => array('Flipside'=>array(
                    'email'=>$user->mail,
                    'groups'=>$groups,
                    'sessionIDs'=> array(
                        'php'=>session_id()
                        )
                    )      
                )
            );
            $cookieParams = session_get_cookie_params();
            $jwt = \Firebase\JWT\JWT::encode($token, $privateKey, 'RS256');
            $response = $response->withHeader('Set-Cookie', 'Flipside_JWT='.$jwt.'; path=/; domain='.$cookieParams['domain'].'; secure');
            return $response->withJson($res);
        }
    }

    public function logout($request, $response)
    {
        \Flipside\FlipSession::end();
        $cookieParams = session_get_cookie_params();
        $response = $response->withHeader('Set-Cookie', 'Flipside_JWT=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain='.$cookieParams['domain'].'; secure');
        return $response->withJson(true);
    }

    public function validateZip($request, $response, $args)

    {
        $obj = $request->getQueryParams();
        if(empty($obj))
        {
            $obj = (array)$request->getParsedBody();
        }
        $ret = false;
        if($obj['c'] == 'US')
        {
            if(preg_match("/^([0-9]{5})(-[0-9]{4})?$/i", $obj['postalCode']))
            {
                $contents = file_get_contents('http://ziptasticapi.com/'.$obj['postalCode']);
                $resp = json_decode($contents);
                if(isset($resp->error))
                {
                    $ret = $resp->error;
                }
                else
                {
                    $ret = true;
                }
            }
            else
            {
                $ret = 'Invalid Zip Code!';
            }
        }
        else
        {
            $ret = true;
        }
        return $response->withJson($ret);
    }
}
/* vim: set tabstop=4 shiftwidth=4 expandtab: */


1		<?php
2		class ProfilesAPI extends Flipside\Http\Rest\RestAPI
3		{
4		public function setup($app)
5		{
6		$app->post('/login[/]', array($this, 'login'));
7		$app->post('/logout[/]', array($this, 'logout'));
8		$app->post('/zip[/]', array($this, 'validateZip'));
9		}
10
11		public function login($request, $response)
12		{
13		$params = $request->getParams();
14		if(!isset($params['username']) \|\| !isset($params['password']))
15		{
16		$response->getBody()->write('Missing Required Parameters!');
17		return $response->withStatus(400);
18		}
19		$auth = Flipside\AuthProvider::getInstance();
20		$res = $auth->login($params['username'], $params['password']);
21		if($res === false)
22		{
23		return $response->withStatus(403);
24		}
25		else
26		{
27		$user = \Flipside\FlipSession::getUser();
28		$privateKey = file_get_contents('/var/www/secure_settings/jwtRS256.key');
29		$groups = $user->getGroups();
30		if($groups === false)
31		{
32		$groups = array();
33		}
34		$count = count($groups);
35	View Code Duplication	for($i = 0; $i < $count; $i++)
36		{
37		$groups[$i] = $groups[$i]->getGroupName();
38		}
39		$token = array(
40		'iss' => $request->getUri()->getHost(),
41		'sub' => $user->uid,
42		'private' => array('Flipside'=>array(
43		'email'=>$user->mail,
44		'groups'=>$groups,
45		'sessionIDs'=> array(
46		'php'=>session_id()
47		)
48		)
49		)
50		);
51		$cookieParams = session_get_cookie_params();
52		$jwt = \Firebase\JWT\JWT::encode($token, $privateKey, 'RS256');
53		$response = $response->withHeader('Set-Cookie', 'Flipside_JWT='.$jwt.'; path=/; domain='.$cookieParams['domain'].'; secure');
54		return $response->withJson($res);
55		}
56		}
57
58		public function logout($request, $response)
59		{
60		\Flipside\FlipSession::end();
61		$cookieParams = session_get_cookie_params();
62		$response = $response->withHeader('Set-Cookie', 'Flipside_JWT=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain='.$cookieParams['domain'].'; secure');
63		return $response->withJson(true);
64		}
65
66		public function validateZip($request, $response, $args)
		0 ignored issues – show Unused Code introduced 2017-10-17 17:42 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$args` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
67		{
68		$obj = $request->getQueryParams();
69		if(empty($obj))
70		{
71		$obj = (array)$request->getParsedBody();
72		}
73		$ret = false;
74		if($obj['c'] == 'US')
75		{
76		if(preg_match("/^([0-9]{5})(-[0-9]{4})?$/i", $obj['postalCode']))
77		{
78		$contents = file_get_contents('http://ziptasticapi.com/'.$obj['postalCode']);
79		$resp = json_decode($contents);
80		if(isset($resp->error))
81		{
82		$ret = $resp->error;
83		}
84		else
85		{
86		$ret = true;
87		}
88		}
89		else
90		{
91		$ret = 'Invalid Zip Code!';
92		}
93		}
94		else
95		{
96		$ret = true;
97		}
98		return $response->withJson($ret);
99		}
100		}
101		/* vim: set tabstop=4 shiftwidth=4 expandtab: */
102

BurningFlipside / Profiles

Push — develop ( ff0f24...b7393c )

api/v1/class.ProfilesAPI.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like