BootstrapMFAAuthenticator - Code Metrics - Inspection of "Extension hook before mfa" - Firesphere/silverstripe-bootstrapmfa - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#38)

by Simon

created 2018-11-01 06:12 UTC

BootstrapMFAAuthenticator A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	60
Duplicated Lines	0 %

Importance

Changes

Metric	Value
eloc	18
dl	0
loc	60
rs	10
c	0
b	0
f	0
wmc	6

3 Methods

Rating	Name	Size	Complexity
A	supportedServices()	5	1
A	validateBackupCode()	26	4
A	getLoginHandler()	3	1

<?php

namespace Firesphere\BootstrapMFA\Authenticators;

use Firesphere\BootstrapMFA\Handlers\BootstrapMFALoginHandler;
use Firesphere\BootstrapMFA\Providers\BootstrapMFAProvider;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\ORM\ValidationException;
use SilverStripe\ORM\ValidationResult;
use SilverStripe\Security\Authenticator;
use SilverStripe\Security\Member;
use SilverStripe\Security\MemberAuthenticator\MemberAuthenticator;
use SilverStripe\Security\PasswordEncryptor_NotFoundException;

/**
 * Class BootstrapMFAAuthenticator
 * It needs to be instantiable, therefore it can't be an Abstract.
 *
 * @package Firesphere\BootstrapMFA\Authenticators
 * @method string getTokenField() Stub for child implementations
 */
class BootstrapMFAAuthenticator extends MemberAuthenticator
{
    /**
     * Key for array to be stored in between steps in the session
     */
    const SESSION_KEY = 'MFALogin';

    /**
     * @return int
     */
    public function supportedServices()
    {
        // Bitwise-OR of all the supported services in this Authenticator, to make a bitmask
        return Authenticator::LOGIN | Authenticator::LOGOUT | Authenticator::CHANGE_PASSWORD
            | Authenticator::RESET_PASSWORD | Authenticator::CHECK_PASSWORD;
    }

    /**
     * @param Member $member
     * @param string $token
     * @param ValidationResult|null $result
     * @return bool|Member
     * @throws ValidationException
     * @throws PasswordEncryptor_NotFoundException
     */
    public function validateBackupCode($member, $token, &$result = null)
    {
        if (!$result) {
            $result = new ValidationResult();
        }
        $token = $member->encryptWithUserSettings($token);

        /** @var BootstrapMFAProvider $provider */
        $provider = Injector::inst()->get(BootstrapMFAProvider::class);
        $provider->setMember($member);

        $backupCode = $provider->fetchToken($token);

        if ($backupCode && $backupCode->exists()) {
            $backupCode->expire();
            // Reset the subclass authenticator results
            $result = Injector::inst()->get(ValidationResult::class, false);

            /** @var Member $member */
            return $member;
        }

        $member->registerFailedLogin();
        $result->addError(_t(self::class . '.INVALIDTOKEN', 'Invalid token'));

        return false;
    }

    /**
     * @param string $link
     * @return BootstrapMFALoginHandler|static
     */
    public function getLoginHandler($link)
    {
        return BootstrapMFALoginHandler::create($link, $this);
    }
}


1			<?php
2
3			namespace Firesphere\BootstrapMFA\Authenticators;
4
5			use Firesphere\BootstrapMFA\Handlers\BootstrapMFALoginHandler;
6			use Firesphere\BootstrapMFA\Providers\BootstrapMFAProvider;
7			use SilverStripe\Core\Injector\Injector;
8			use SilverStripe\ORM\ValidationException;
9			use SilverStripe\ORM\ValidationResult;
10			use SilverStripe\Security\Authenticator;
11			use SilverStripe\Security\Member;
12			use SilverStripe\Security\MemberAuthenticator\MemberAuthenticator;
13			use SilverStripe\Security\PasswordEncryptor_NotFoundException;
14
15			/**
16			* Class BootstrapMFAAuthenticator
17			* It needs to be instantiable, therefore it can't be an Abstract.
18			*
19			* @package Firesphere\BootstrapMFA\Authenticators
20			* @method string getTokenField() Stub for child implementations
21			*/
22			class BootstrapMFAAuthenticator extends MemberAuthenticator
23			{
24			/**
25			* Key for array to be stored in between steps in the session
26			*/
27			const SESSION_KEY = 'MFALogin';
28
29			/**
30			* @return int
31			*/
32			public function supportedServices()
33			{
34			// Bitwise-OR of all the supported services in this Authenticator, to make a bitmask
35			return Authenticator::LOGIN \| Authenticator::LOGOUT \| Authenticator::CHANGE_PASSWORD
36			\| Authenticator::RESET_PASSWORD \| Authenticator::CHECK_PASSWORD;
37			}
38
39			/**
40			* @param Member $member
41			* @param string $token
42			* @param ValidationResult\|null $result
43			* @return bool\|Member
44			* @throws ValidationException
45			* @throws PasswordEncryptor_NotFoundException
46			*/
47			public function validateBackupCode($member, $token, &$result = null)
48			{
49			if (!$result) {
50			$result = new ValidationResult();
51			}
52			$token = $member->encryptWithUserSettings($token);
53
54			/** @var BootstrapMFAProvider $provider */
55			$provider = Injector::inst()->get(BootstrapMFAProvider::class);
56			$provider->setMember($member);
57
58			$backupCode = $provider->fetchToken($token);
59
60			if ($backupCode && $backupCode->exists()) {
61			$backupCode->expire();
62			// Reset the subclass authenticator results
63			$result = Injector::inst()->get(ValidationResult::class, false);
64
65			/** @var Member $member */
66			return $member;
67			}
68
69			$member->registerFailedLogin();
70			$result->addError(_t(self::class . '.INVALIDTOKEN', 'Invalid token'));
71
72			return false;
73			}
74
75			/**
76			* @param string $link
77			* @return BootstrapMFALoginHandler\|static
78			*/
79			public function getLoginHandler($link)
80			{
81			return BootstrapMFALoginHandler::create($link, $this);
82			}
83			}
84

Firesphere / silverstripe-bootstrapmfa

Pull Request — master (#38)

BootstrapMFAAuthenticator A

Complexity

Size/Duplication

Importance

3 Methods

Duplication Side-by-Side

Filter issues like