Issues in oauth2callback.php - Fixed Issues - Inspection of "Fix Scruitinizer Code issues" - BurningFlipside/Profiles - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#51)

by Patrick

created 2017-06-21 02:19 UTC

oauth2callback.php (1 issue)

Labels

Best Practice 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
require('Autoload.php');

$auth = AuthProvider::getInstance();
$src  = false;
if(isset($_GET['src']))
{
    $src = $_GET['src'];
}
else if(strstr($_SERVER['HTTP_REFERER'], 'google.com') !== false)
{
    $src = 'google';
}
else if(strstr($_SERVER['HTTP_REFERER'], 'gitlab.com') !== false)
{
    $src = 'gitlab';
}

$ref = '.';
if(isset($_SERVER['HTTP_REFERER']) && strstr($_SERVER['HTTP_REFERER'], 'google.com') === false)
{
    $ref = $_SERVER['HTTP_REFERER'];
}

switch($src)
{
    case 'google':
        $google = $auth->getMethodByName('Auth\GoogleAuthenticator');
        if(!isset($_GET['code']))
        {
            $google->redirect();
            die();
        }
        else
        {
            $res = $google->authenticate($_GET['code'], $current_user);
            switch($res)
            {
                case \Auth\Authenticator::SUCCESS:
                    header('Location: '.$ref);
                    die();
                default:
                case \Auth\Authenticator::LOGIN_FAILED:
                    header('Location: login.php');
                    die();
                case \Auth\Authenticator::ALREADY_PRESENT:
                    header('Location: user_exists.php?src=google&uid='.$current_user->uid);
                    die();
            }
        }
        break;
    case 'twitter':
        $twitter = $auth->getMethodByName('Auth\TwitterAuthenticator');
        if(!isset($_GET['oauth_token']) || !isset($_GET['oauth_verifier']))
        {
            $twitter->redirect();
            die();
        }
        else
        {
            $twitter->authenticate($_GET['oauth_token'], $_GET['oauth_verifier'], $current_user);
            switch($res)
            {
                case \Auth\Authenticator::SUCCESS:
                    header('Location: '.$ref);
                    die();
                default:
                case \Auth\Authenticator::LOGIN_FAILED:
                    header('Location: login.php');
                    die();
                case \Auth\Authenticator::ALREADY_PRESENT:
                    header('Location: user_exists.php?src=twitter&uid='.$current_user->uid);
                    die();
            }
        }
        break;
    case 'gitlab':
        $gitlab = $auth->getMethodByName('Auth\OAuth2\GitLabAuthenticator');
        if(!isset($_GET['code']))
        {
            $google->redirect();
            die();
        }
        else
        {
            $res = $gitlab->authenticate($_GET['code'], $current_user);
            switch($res)
            {
                case \Auth\Authenticator::SUCCESS:
                    header('Location: '.$ref);
                    die();
                default:
                case \Auth\Authenticator::LOGIN_FAILED:
                    header('Location: login.php');
                    die();
                case \Auth\Authenticator::ALREADY_PRESENT:
                    header('Location: user_exists.php?src=gitlab&uid='.$current_user->uid);
                    die();
            }
        }
    //Generic OAuth...
    default:
        print_r($_SERVER);
        break;
}
?>



1		<?php
2		require('Autoload.php');
3
4		$auth = AuthProvider::getInstance();
5		$src = false;
6		if(isset($_GET['src']))
7		{
8		$src = $_GET['src'];
9		}
10		else if(strstr($_SERVER['HTTP_REFERER'], 'google.com') !== false)
11		{
12		$src = 'google';
13		}
14		else if(strstr($_SERVER['HTTP_REFERER'], 'gitlab.com') !== false)
15		{
16		$src = 'gitlab';
17		}
18
19		$ref = '.';
20		if(isset($_SERVER['HTTP_REFERER']) && strstr($_SERVER['HTTP_REFERER'], 'google.com') === false)
21		{
22		$ref = $_SERVER['HTTP_REFERER'];
23		}
24
25		switch($src)
26		{
27	View Code Duplication	case 'google':
28		$google = $auth->getMethodByName('Auth\GoogleAuthenticator');
29		if(!isset($_GET['code']))
30		{
31		$google->redirect();
32		die();
33		}
34		else
35		{
36		$res = $google->authenticate($_GET['code'], $current_user);
37		switch($res)
38		{
39		case \Auth\Authenticator::SUCCESS:
40		header('Location: '.$ref);
41		die();
42		default:
43		case \Auth\Authenticator::LOGIN_FAILED:
44		header('Location: login.php');
45		die();
46		case \Auth\Authenticator::ALREADY_PRESENT:
47		header('Location: user_exists.php?src=google&uid='.$current_user->uid);
48		die();
49		}
50		}
51		break;
52		case 'twitter':
53		$twitter = $auth->getMethodByName('Auth\TwitterAuthenticator');
54		if(!isset($_GET['oauth_token']) \|\| !isset($_GET['oauth_verifier']))
55		{
56		$twitter->redirect();
57		die();
58		}
59		else
60		{
61		$twitter->authenticate($_GET['oauth_token'], $_GET['oauth_verifier'], $current_user);
62		switch($res)
63		{
64		case \Auth\Authenticator::SUCCESS:
65		header('Location: '.$ref);
66		die();
67		default:
68		case \Auth\Authenticator::LOGIN_FAILED:
69		header('Location: login.php');
70		die();
71		case \Auth\Authenticator::ALREADY_PRESENT:
72		header('Location: user_exists.php?src=twitter&uid='.$current_user->uid);
73		die();
74		}
75		}
76		break;
77	View Code Duplication	case 'gitlab':
78		$gitlab = $auth->getMethodByName('Auth\OAuth2\GitLabAuthenticator');
79		if(!isset($_GET['code']))
80		{
81		$google->redirect();
82		die();
83		}
84		else
85		{
86		$res = $gitlab->authenticate($_GET['code'], $current_user);
87		switch($res)
88		{
89		case \Auth\Authenticator::SUCCESS:
90		header('Location: '.$ref);
91		die();
92		default:
93		case \Auth\Authenticator::LOGIN_FAILED:
94		header('Location: login.php');
95		die();
96		case \Auth\Authenticator::ALREADY_PRESENT:
97		header('Location: user_exists.php?src=gitlab&uid='.$current_user->uid);
98		die();
99		}
100		}
101		//Generic OAuth...
102		default:
103		print_r($_SERVER);
104		break;
105		}
106		?>
		0 ignored issues – show Best Practice introduced 2016-06-08 20:29 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is not recommended to use PHP's closing tag `?>` in files other than templates. Using a closing tag in PHP files that only contain PHP code is not recommended as you might accidentally add whitespace after the closing tag which would then be output by PHP. This can cause severe problems, for example headers cannot be sent anymore. A simple precaution is to leave off the closing tag as it is not required, and it also has no negative effects whatsoever. Loading history...
107

BurningFlipside / Profiles

Pull Request — develop (#51)

oauth2callback.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like