BootstrapMFAAuthenticator::validateBackupCode() - Code Metrics - Inspection of "Merge pull request #53 from Firesphere/feature/tes..." - Firesphere/silverstripe-bootstrapmfa - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( e81144...a25954 )

by Robbie

created 2019-01-15 16:01 UTC

BootstrapMFAAuthenticator::validateBackupCode() B

↳ Parent: BootstrapMFAAuthenticator

Complexity

Conditions	8
Paths	12

Size

Total Lines	40
Code Lines	21

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	8
eloc	21
nc	12
nop	3
dl	0
loc	40
rs	8.4444
c	0
b	0
f	0

<?php

namespace Firesphere\BootstrapMFA\Authenticators;

use Firesphere\BootstrapMFA\Extensions\MemberExtension;
use Firesphere\BootstrapMFA\Handlers\BootstrapMFALoginHandler;
use Firesphere\BootstrapMFA\Models\BackupCode;
use Firesphere\BootstrapMFA\Providers\BootstrapMFAProvider;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\ORM\DataList;
use SilverStripe\ORM\ValidationException;
use SilverStripe\ORM\ValidationResult;
use SilverStripe\Security\Authenticator;
use SilverStripe\Security\Member;
use SilverStripe\Security\MemberAuthenticator\MemberAuthenticator;
use SilverStripe\Security\PasswordEncryptor_NotFoundException;
use SilverStripe\Security\Security;

/**
 * Class BootstrapMFAAuthenticator
 * It needs to be instantiable, therefore it can't be an Abstract.
 *
 * @package Firesphere\BootstrapMFA\Authenticators
 * @method string getTokenField() Stub for child implementations
 */
class BootstrapMFAAuthenticator extends MemberAuthenticator
{
    /**
     * Key for array to be stored in between steps in the session
     */
    const SESSION_KEY = 'MFALogin';

    /**
     * @return int
     */
    public function supportedServices()
    {
        // Bitwise-OR of all the supported services in this Authenticator, to make a bitmask
        return Authenticator::LOGIN | Authenticator::LOGOUT | Authenticator::CHANGE_PASSWORD
            | Authenticator::RESET_PASSWORD | Authenticator::CHECK_PASSWORD;
    }

    /**
     * @param Member|MemberExtension $member
     * @param string $token
     * @param ValidationResult|null $result
     * @return bool|Member
     * @throws ValidationException
     * @throws PasswordEncryptor_NotFoundException
     */
    public function validateBackupCode($member, $token, &$result = null)
    {
        if (!$result) {
            $result = new ValidationResult();
        }
        $hashingMethod = Security::config()->get('password_encryption_algorithm');
        $token = Security::encrypt_password($token, $member->BackupCodeSalt, $hashingMethod);

        /** @var BootstrapMFAProvider $provider */
        $provider = Injector::inst()->get(BootstrapMFAProvider::class);
        $provider->setMember($member);
        $provider->setMember(/** @scrutinizer ignore-type */ $member);

        /** @var DataList|BackupCode[] $backupCodes */
        $backupCodes = $provider->fetchToken($token['password']);

        // Stub, as the ValidationResult so far _could_ be valid, e.g. when not passed in
        $valid = false;
        foreach ($backupCodes as $backupCode) {
            /** @noinspection NotOptimalIfConditionsInspection */
            if ($backupCode &&
                $backupCode->exists() &&
                hash_equals($backupCode->Code, $token['password']) &&
                !$backupCode->Used
            ) {
                $backupCode->expire();
                // Reset the subclass authenticator results
                $result = ValidationResult::create();

                $valid = true;
            }
        }

        if ($valid) {
            return $member;

        }

        $member->registerFailedLogin();
                 registerFailedLogin();
        $result->addError(_t(self::class . '.INVALIDTOKEN', 'Invalid token'));

        return false;
    }

    /**
     * @param string $link
     * @return BootstrapMFALoginHandler|static
     */
    public function getLoginHandler($link)
    {
        return BootstrapMFALoginHandler::create($link, $this);
    }
}


Firesphere / silverstripe-bootstrapmfa

Push — master ( e81144...a25954 )

BootstrapMFAAuthenticator::validateBackupCode() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like