Issues in oauth2callback.php - Fixed Issues - Inspection of "Fix bugs" - BurningFlipside/Profiles - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Branch — fix/scruitinizer (cfa942)

by Patrick

created 2017-06-21 03:51 UTC

oauth2callback.php (4 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
require('Autoload.php');

function doAuthByType($type, $src)

{
    $google = $auth->getMethodByName($type);

    if(!isset($_GET['code']))
    {
        $google->redirect();
        die();
    }
    else
    {
        $res = $google->authenticate($_GET['code'], $current_user);

        switch($res)
        {
            case \Auth\Authenticator::SUCCESS:
                header('Location: '.$ref);

                die();
            default:
            case \Auth\Authenticator::LOGIN_FAILED:
                header('Location: login.php');
                die();
            case \Auth\Authenticator::ALREADY_PRESENT:
                header('Location: user_exists.php?src='.$src.'&uid='.$current_user->uid);
                die();
        }
    }
}

$auth = AuthProvider::getInstance();
$src  = false;
if(isset($_GET['src']))
{
    $src = $_GET['src'];
}
else if(strstr($_SERVER['HTTP_REFERER'], 'google.com') !== false)
{
    $src = 'google';
}
else if(strstr($_SERVER['HTTP_REFERER'], 'gitlab.com') !== false)
{
    $src = 'gitlab';
}

$ref = '.';
if(isset($_SERVER['HTTP_REFERER']) && strstr($_SERVER['HTTP_REFERER'], 'google.com') === false)
{
    $ref = $_SERVER['HTTP_REFERER'];
}

switch($src)
{
    case 'google':
        doAuthByType('Auth\GoogleAuthenticator', $src);
        break;
    case 'twitter':
        $twitter = $auth->getMethodByName('Auth\TwitterAuthenticator');
        if(!isset($_GET['oauth_token']) || !isset($_GET['oauth_verifier']))
        {
            $twitter->redirect();
            die();
        }
        else
        {
            $twitter->authenticate($_GET['oauth_token'], $_GET['oauth_verifier'], $current_user);
            switch($res)
            {
                case \Auth\Authenticator::SUCCESS:
                    header('Location: '.$ref);
                    die();
                default:
                case \Auth\Authenticator::LOGIN_FAILED:
                    header('Location: login.php');
                    die();
                case \Auth\Authenticator::ALREADY_PRESENT:
                    header('Location: user_exists.php?src=twitter&uid='.$current_user->uid);
                    die();
            }
        }
        break;
    case 'gitlab':
        doAuthByType('Auth\OAuth2\GitLabAuthenticator', $src);
        break;
        //Generic OAuth...
    default:
        print_r($_SERVER);
        break;
}
/* vim: set tabstop=4 shiftwidth=4 expandtab: */


1		<?php
2		require('Autoload.php');
3
4		function doAuthByType($type, $src)
		0 ignored issues – show Unused Code introduced 2017-06-21 03:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$src` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
5		{
6		$google = $auth->getMethodByName($type);
		0 ignored issues – show Bug introduced 2017-06-21 03:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$auth` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
7		if(!isset($_GET['code']))
8		{
9		$google->redirect();
10		die();
11		}
12	View Code Duplication	else
13		{
14		$res = $google->authenticate($_GET['code'], $current_user);
		0 ignored issues – show Bug introduced 2017-06-21 03:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$current_user` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
15		switch($res)
16		{
17		case \Auth\Authenticator::SUCCESS:
18		header('Location: '.$ref);
		0 ignored issues – show Bug introduced 2017-06-21 03:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$ref` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
19		die();
20		default:
21		case \Auth\Authenticator::LOGIN_FAILED:
22		header('Location: login.php');
23		die();
24		case \Auth\Authenticator::ALREADY_PRESENT:
25		header('Location: user_exists.php?src='.$src.'&uid='.$current_user->uid);
26		die();
27		}
28		}
29		}
30
31		$auth = AuthProvider::getInstance();
32		$src = false;
33		if(isset($_GET['src']))
34		{
35		$src = $_GET['src'];
36		}
37		else if(strstr($_SERVER['HTTP_REFERER'], 'google.com') !== false)
38		{
39		$src = 'google';
40		}
41		else if(strstr($_SERVER['HTTP_REFERER'], 'gitlab.com') !== false)
42		{
43		$src = 'gitlab';
44		}
45
46		$ref = '.';
47		if(isset($_SERVER['HTTP_REFERER']) && strstr($_SERVER['HTTP_REFERER'], 'google.com') === false)
48		{
49		$ref = $_SERVER['HTTP_REFERER'];
50		}
51
52		switch($src)
53		{
54		case 'google':
55		doAuthByType('Auth\GoogleAuthenticator', $src);
56		break;
57		case 'twitter':
58		$twitter = $auth->getMethodByName('Auth\TwitterAuthenticator');
59		if(!isset($_GET['oauth_token']) \|\| !isset($_GET['oauth_verifier']))
60		{
61		$twitter->redirect();
62		die();
63		}
64	View Code Duplication	else
65		{
66		$twitter->authenticate($_GET['oauth_token'], $_GET['oauth_verifier'], $current_user);
67		switch($res)
68		{
69		case \Auth\Authenticator::SUCCESS:
70		header('Location: '.$ref);
71		die();
72		default:
73		case \Auth\Authenticator::LOGIN_FAILED:
74		header('Location: login.php');
75		die();
76		case \Auth\Authenticator::ALREADY_PRESENT:
77		header('Location: user_exists.php?src=twitter&uid='.$current_user->uid);
78		die();
79		}
80		}
81		break;
82		case 'gitlab':
83		doAuthByType('Auth\OAuth2\GitLabAuthenticator', $src);
84		break;
85		//Generic OAuth...
86		default:
87		print_r($_SERVER);
88		break;
89		}
90		/* vim: set tabstop=4 shiftwidth=4 expandtab: */
91

BurningFlipside / Profiles

Branch — fix/scruitinizer (cfa942)

oauth2callback.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like