SameSiteNoneCompatSessionHandler::destroy() - Code Metrics - Inspection of "Merge pull request #4519 from nanasess/samesite-no..." - EC-CUBE/ec-cube - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — 4.0 ( 192ad8...9e2fab )

by Kiyotaka

created 2020-05-19 05:20 UTC

SameSiteNoneCompatSessionHandler::destroy() C

↳ Parent: SameSiteNoneCompatSessionHandler

Complexity

Conditions	13
Paths	18

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	13
nc	18
nop	1
dl	0
loc	52
rs	6.6166
c	0
b	0
f	0

How to fix Long Method Complexity

<?php

/*
 * This file is part of EC-CUBE
 *
 * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
 *
 * http://www.ec-cube.co.jp/
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Eccube\Session\Storage\Handler;

use Skorp\Dissua\SameSite;
use Symfony\Component\HttpFoundation\Cookie;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Session\Storage\Handler\StrictSessionHandler;

class SameSiteNoneCompatSessionHandler extends StrictSessionHandler
{
    /** @var \SessionHandlerInterface */
    private $handler;

    /** @var bool */
    private $doDestroy;

    /** @var string */
    private $sessionName;

    /** @var string|null */
    private $prefetchId;

    /** @var string|null */
    private $prefetchData;

    /** @var string */
    private $newSessionId;

    /** @var string|null */
    private $igbinaryEmptyData;


    /**
     *  {@inheritdoc}
     */
    public function __construct(\SessionHandlerInterface $handler)
    {
        $this->handler = $handler;

        ini_set('session.cookie_secure', $this->getCookieSecure());
        ini_set('session.cookie_samesite', $this->getCookieSameSite());
        ini_set('session.cookie_path', $this->getCookiePath());
    }

    /**
     * {@inheritdoc}
     */
    public function open($savePath, $sessionName)
    {
        $this->sessionName = $sessionName;
        // see https://github.com/symfony/symfony/blob/2adc85d49cbe14e346068fa7e9c2e1f08ab31de6/src/Symfony/Component/HttpFoundation/Session/Storage/Handler/AbstractSessionHandler.php#L35-L37
        if (!headers_sent() && !ini_get('session.cache_limiter') && '0' !== ini_get('session.cache_limiter')) {
            header(sprintf('Cache-Control: max-age=%d, private, must-revalidate', 60 * (int) ini_get('session.cache_expire')));
        }

        return $this->handler->open($savePath, $sessionName);
    }

    /**
     * {@inheritdoc}
     */
    protected function doRead($sessionId)
    {
        return $this->handler->read($sessionId);
    }

    /**
     * {@inheritdoc}
     */
    public function updateTimestamp($sessionId, $data)
    {
        return $this->write($sessionId, $data);
    }

    /**
     * {@inheritdoc}
     */
    protected function doWrite($sessionId, $data)
    {
        return $this->handler->write($sessionId, $data);
    }

    /**
     * {@inheritdoc}
     * @see https://github.com/symfony/symfony/blob/2adc85d49cbe14e346068fa7e9c2e1f08ab31de6/src/Symfony/Component/HttpFoundation/Session/Storage/Handler/AbstractSessionHandler.php#L126-L167
     */
    public function destroy($sessionId)
    {
        if (\PHP_VERSION_ID < 70000) {
            $this->prefetchData = null;
        }
        if (!headers_sent() && filter_var(ini_get('session.use_cookies'), FILTER_VALIDATE_BOOLEAN)) {
            if (!$this->sessionName) {
                throw new \LogicException(sprintf('Session name cannot be empty, did you forget to call "parent::open()" in "%s"?.', \get_class($this)));
            }
            $sessionCookie = sprintf(' %s=', urlencode($this->sessionName));
            $sessionCookieWithId = sprintf('%s%s;', $sessionCookie, urlencode($sessionId));
            $sessionCookieFound = false;
            $otherCookies = [];
            foreach (headers_list() as $h) {
                if (0 !== stripos($h, 'Set-Cookie:')) {
                    continue;
                }
                if (11 === strpos($h, $sessionCookie, 11)) {
                    $sessionCookieFound = true;

                    if (11 !== strpos($h, $sessionCookieWithId, 11)) {
                        $otherCookies[] = $h;
                    }
                } else {
                    $otherCookies[] = $h;
                }
            }
            if ($sessionCookieFound) {
                header_remove('Set-Cookie');
                foreach ($otherCookies as $h) {
                    header($h, false);
                }
            } else {
                if (\PHP_VERSION_ID < 70300) {
                    setcookie($this->sessionName, '', 0, ini_get('session.cookie_path'), ini_get('session.cookie_domain'), filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN), filter_var(ini_get('session.cookie_httponly'), FILTER_VALIDATE_BOOLEAN));
                } else {
                    setcookie($this->sessionName, '',
                              [
                                  'expires' => 0,
                                  'path' => $this->getCookiePath(),
                                  'domain' => ini_get('session.cookie_domain'),
                                  'secure' => filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN),
                                  'httponly' => filter_var(ini_get('session.cookie_httponly'), FILTER_VALIDATE_BOOLEAN),
                                  'samesite' => $this->getCookieSameSite(),
                              ]
                    );
                }
            }
        }

        return $this->newSessionId === $sessionId || $this->doDestroy($sessionId);
    }

    /**
     * {@inheritdoc}
     */
    protected function doDestroy($sessionId)
    {
        $this->doDestroy = false;

        return $this->handler->destroy($sessionId);
    }

    /**
     * {@inheritdoc}
     */
    public function close()
    {
        return $this->handler->close();
    }

    /**
     * @return bool
     */
    public function gc($maxlifetime)
    {
        return $this->handler->gc($maxlifetime);
    }

    /**
     * @return string
     */
    public function getCookieSameSite()
    {
        if ($this->shouldSendSameSiteNone() && \PHP_VERSION_ID >= 70300 && $this->getCookieSecure()) {
            return Cookie::SAMESITE_NONE;
        }

        return '';
    }

    /**
     * @return string
     */
    public function getCookiePath()
    {
        $cookiePath = env('ECCUBE_COOKIE_PATH', '/');
        if ($this->shouldSendSameSiteNone() && \PHP_VERSION_ID < 70300 && $this->getCookieSecure()) {
            return $cookiePath.'; SameSite='.Cookie::SAMESITE_NONE;
        }

        return $cookiePath;
    }

    /**
     * @return string
     */
    public function getCookieSecure()
    {
        $request = Request::createFromGlobals();
        return $request->isSecure() ? '1' : '0';
    }

    /**
     * @return bool
     */
    private function shouldSendSameSiteNone()
    {
        $userAgent = array_key_exists('HTTP_USER_AGENT', $_SERVER) ? $_SERVER['HTTP_USER_AGENT'] : null;
        return SameSite::handle($userAgent);
    }
}


1			<?php
2
3			/*
4			* This file is part of EC-CUBE
5			*
6			* Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
7			*
8			* http://www.ec-cube.co.jp/
9			*
10			* For the full copyright and license information, please view the LICENSE
11			* file that was distributed with this source code.
12			*/
13
14			namespace Eccube\Session\Storage\Handler;
15
16			use Skorp\Dissua\SameSite;
17			use Symfony\Component\HttpFoundation\Cookie;
18			use Symfony\Component\HttpFoundation\Request;
19			use Symfony\Component\HttpFoundation\Session\Storage\Handler\StrictSessionHandler;
20
21			class SameSiteNoneCompatSessionHandler extends StrictSessionHandler
22			{
23			/** @var \SessionHandlerInterface */
24			private $handler;
			0 ignored issues – show Comprehensibility introduced 2020-04-21 03:49 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
25			/** @var bool */
26			private $doDestroy;
			0 ignored issues – show Comprehensibility introduced 2020-04-21 03:49 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
27			/** @var string */
28			private $sessionName;
			0 ignored issues – show Comprehensibility introduced 2020-04-21 03:49 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
29			/** @var string\|null */
30			private $prefetchId;
			0 ignored issues – show Comprehensibility introduced 2020-04-21 03:49 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
31			/** @var string\|null */
32			private $prefetchData;
			0 ignored issues – show Comprehensibility introduced 2020-04-21 03:49 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
33			/** @var string */
34			private $newSessionId;
			0 ignored issues – show Comprehensibility introduced 2020-04-21 03:49 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
35			/** @var string\|null */
36			private $igbinaryEmptyData;
			0 ignored issues – show Comprehensibility introduced 2020-04-21 03:49 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
37
38			/**
39			* {@inheritdoc}
40			*/
41			public function __construct(\SessionHandlerInterface $handler)
42			{
43			$this->handler = $handler;
44
45			ini_set('session.cookie_secure', $this->getCookieSecure());
46			ini_set('session.cookie_samesite', $this->getCookieSameSite());
47			ini_set('session.cookie_path', $this->getCookiePath());
48			}
49
50			/**
51			* {@inheritdoc}
52			*/
53			public function open($savePath, $sessionName)
54			{
55			$this->sessionName = $sessionName;
56			// see https://github.com/symfony/symfony/blob/2adc85d49cbe14e346068fa7e9c2e1f08ab31de6/src/Symfony/Component/HttpFoundation/Session/Storage/Handler/AbstractSessionHandler.php#L35-L37
57			if (!headers_sent() && !ini_get('session.cache_limiter') && '0' !== ini_get('session.cache_limiter')) {
58			header(sprintf('Cache-Control: max-age=%d, private, must-revalidate', 60 * (int) ini_get('session.cache_expire')));
59			}
60
61			return $this->handler->open($savePath, $sessionName);
62			}
63
64			/**
65			* {@inheritdoc}
66			*/
67			protected function doRead($sessionId)
68			{
69			return $this->handler->read($sessionId);
70			}
71
72			/**
73			* {@inheritdoc}
74			*/
75			public function updateTimestamp($sessionId, $data)
76			{
77			return $this->write($sessionId, $data);
78			}
79
80			/**
81			* {@inheritdoc}
82			*/
83			protected function doWrite($sessionId, $data)
84			{
85			return $this->handler->write($sessionId, $data);
86			}
87
88			/**
89			* {@inheritdoc}
90			* @see https://github.com/symfony/symfony/blob/2adc85d49cbe14e346068fa7e9c2e1f08ab31de6/src/Symfony/Component/HttpFoundation/Session/Storage/Handler/AbstractSessionHandler.php#L126-L167
91			*/
92			public function destroy($sessionId)
93			{
94			if (\PHP_VERSION_ID < 70000) {
95			$this->prefetchData = null;
96			}
97			if (!headers_sent() && filter_var(ini_get('session.use_cookies'), FILTER_VALIDATE_BOOLEAN)) {
98			if (!$this->sessionName) {
99			throw new \LogicException(sprintf('Session name cannot be empty, did you forget to call "parent::open()" in "%s"?.', \get_class($this)));
100			}
101			$sessionCookie = sprintf(' %s=', urlencode($this->sessionName));
102			$sessionCookieWithId = sprintf('%s%s;', $sessionCookie, urlencode($sessionId));
103			$sessionCookieFound = false;
104			$otherCookies = [];
105			foreach (headers_list() as $h) {
106			if (0 !== stripos($h, 'Set-Cookie:')) {
107			continue;
108			}
109			if (11 === strpos($h, $sessionCookie, 11)) {
110			$sessionCookieFound = true;
111
112			if (11 !== strpos($h, $sessionCookieWithId, 11)) {
113			$otherCookies[] = $h;
114			}
115			} else {
116			$otherCookies[] = $h;
117			}
118			}
119			if ($sessionCookieFound) {
120			header_remove('Set-Cookie');
121			foreach ($otherCookies as $h) {
122			header($h, false);
123			}
124			} else {
125			if (\PHP_VERSION_ID < 70300) {
126			setcookie($this->sessionName, '', 0, ini_get('session.cookie_path'), ini_get('session.cookie_domain'), filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN), filter_var(ini_get('session.cookie_httponly'), FILTER_VALIDATE_BOOLEAN));
127			} else {
128			setcookie($this->sessionName, '',
129			[
130			'expires' => 0,
131			'path' => $this->getCookiePath(),
132			'domain' => ini_get('session.cookie_domain'),
133			'secure' => filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN),
134			'httponly' => filter_var(ini_get('session.cookie_httponly'), FILTER_VALIDATE_BOOLEAN),
135			'samesite' => $this->getCookieSameSite(),
136			]
137			);
138			}
139			}
140			}
141
142			return $this->newSessionId === $sessionId \|\| $this->doDestroy($sessionId);
143			}
144
145			/**
146			* {@inheritdoc}
147			*/
148			protected function doDestroy($sessionId)
149			{
150			$this->doDestroy = false;
151
152			return $this->handler->destroy($sessionId);
153			}
154
155			/**
156			* {@inheritdoc}
157			*/
158			public function close()
159			{
160			return $this->handler->close();
161			}
162
163			/**
164			* @return bool
165			*/
166			public function gc($maxlifetime)
167			{
168			return $this->handler->gc($maxlifetime);
169			}
170
171			/**
172			* @return string
173			*/
174			public function getCookieSameSite()
175			{
176			if ($this->shouldSendSameSiteNone() && \PHP_VERSION_ID >= 70300 && $this->getCookieSecure()) {
177			return Cookie::SAMESITE_NONE;
178			}
179
180			return '';
181			}
182
183			/**
184			* @return string
185			*/
186			public function getCookiePath()
187			{
188			$cookiePath = env('ECCUBE_COOKIE_PATH', '/');
189			if ($this->shouldSendSameSiteNone() && \PHP_VERSION_ID < 70300 && $this->getCookieSecure()) {
190			return $cookiePath.'; SameSite='.Cookie::SAMESITE_NONE;
191			}
192
193			return $cookiePath;
194			}
195
196			/**
197			* @return string
198			*/
199			public function getCookieSecure()
200			{
201			$request = Request::createFromGlobals();
202			return $request->isSecure() ? '1' : '0';
203			}
204
205			/**
206			* @return bool
207			*/
208			private function shouldSendSameSiteNone()
209			{
210			$userAgent = array_key_exists('HTTP_USER_AGENT', $_SERVER) ? $_SERVER['HTTP_USER_AGENT'] : null;
211			return SameSite::handle($userAgent);
212			}
213			}
214

EC-CUBE / ec-cube

Push — 4.0 ( 192ad8...9e2fab )

SameSiteNoneCompatSessionHandler::destroy() C

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like