YubiAuthProvider::validateMember() - Code Metrics - Inspection of "Marco/master" - Firesphere/silverstripe-yubiauth - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#13)

by Simon

created 2018-05-06 08:06 UTC

YubiAuthProvider::validateMember() A

↳ Parent: YubiAuthProvider

Complexity

Conditions	3
Paths	2

Size

Total Lines	5
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
eloc	3
nc	2
nop	3
dl	0
loc	5
rs	9.4285
c	0
b	0
f	0

<?php

namespace Firesphere\YubiAuth\Providers;

use DateTime;
use SilverStripe\Core\Config\Configurable;
use SilverStripe\ORM\DataList;
use SilverStripe\ORM\ValidationResult;
use SilverStripe\Security\Member;

/**
 * Class YubiAuthProvider
 *
 * @package Firesphere\YubiAuth
 */
class YubiAuthProvider
{
    use Configurable;

    /**
     * @param Member $member
     * @return ValidationResult|Member
     */
    public function checkNoYubiAttempts(Member $member)
    {
        $noYubiLogins = $this->checkNoYubiLogins($member);
        if ($noYubiLogins instanceof Member) {
            return $this->checkNoYubiDays($member);
        }

        return $noYubiLogins;
    }

    /**
     * Check if a member is allowed to login without a yubikey
     *
     * @param  Member $member
     * @return ValidationResult|Member
     */
    public function checkNoYubiLogins(Member $member)
    {
        $maxNoYubi = $this->config()->get('MaxNoYubiLogin');
        if ($maxNoYubi > 0 && $maxNoYubi <= $member->NoYubikeyCount) {
            $validationResult = ValidationResult::create();
            $validationResult->addError(
                _t(
                    'YubikeyAuthenticator.ERRORMAXYUBIKEY',
                    'Maximum login without yubikey exceeded'
                )
            );

            $member->registerFailedLogin();

            return $validationResult;
        }

        return $member;
    }

    /**
     * Check if the member is allowed login after so many days of not using a yubikey
     *
     * @param  Member $member
     * @return ValidationResult|Member
     */
    public function checkNoYubiDays(Member $member)
    {
        $date1 = new DateTime($member->Created);
        $date2 = new DateTime(date('Y-m-d'));

        $diff = $date2->diff($date1)->format("%a");
        $maxNoYubiDays = $this->config()->get('MaxNoYubiLoginDays');

        if ($maxNoYubiDays > 0 && $diff >= $maxNoYubiDays) {
            $validationResult = ValidationResult::create();
            $validationResult->addError(
                _t(
                    'YubikeyAuthenticator.ERRORMAXYUBIKEYDAYS',
                    'Maximum days without yubikey exceeded'
                )
            );
            $member->registerFailedLogin();

            return $validationResult;
        }

        return $member;
    }

    /**
     * Check if the yubikey is unique and linked to the member trying to logon
     *
     * @param  Member $member
     * @param  string $yubiFingerprint
     * @return ValidationResult
     */
    public function validateYubikey(Member $member, $yubiFingerprint)
    {
        /** @var DataList|Member[] $yubikeyMembers */
        $yubikeyMembers = Member::get()->filter(['Yubikey' => $yubiFingerprint]);

        /** @var ValidationResult $validationResult */
        $validationResult = ValidationResult::create();

        $this->validateMemberCount($member, $yubikeyMembers, $validationResult);
        // Yubikeys have a unique fingerprint, if we find a different member with this yubikey ID, something's wrong
        $this->validateMember($member, $yubikeyMembers, $validationResult);

        // If the member has a yubikey ID set, compare it to the fingerprint.
        $this->validateFingerprint($member, $yubiFingerprint, $validationResult);


        return $validationResult;
    }

    /**
     * @param Member $member
     * @param DataList|Member[] $yubikeyMembers
     * @param ValidationResult $validationResult
     */
    protected function validateMemberCount(Member $member, DataList $yubikeyMembers, ValidationResult &$validationResult)
    {
        if ($yubikeyMembers->count() > 1) {
            $validationResult->addError(
                _t(
                    'YubikeyAuthenticator.DUPLICATE',
                    'Yubikey is duplicate, contact your administrator as soon as possible!'
                )
            );
            $member->registerFailedLogin();
        }
    }

    /**
     * @param Member $member
     * @param DataList|Member[] $yubikeyMembers
     * @param ValidationResult $validationResult
     */
    protected function validateMember(Member $member, DataList $yubikeyMembers, ValidationResult &$validationResult)
    {
        if (!$yubikeyMembers->count() || $yubikeyMembers->first()->ID !== $member->ID) {
            $validationResult->addError(_t('YubikeyAuthenticator.NOMATCH', 'Yubikey does not match found member'));
            $member->registerFailedLogin();
        }
    }

    /**
     * @param Member $member
     * @param string $fingerPrint
     * @param ValidationResult $validationResult
     */
    protected function validateFingerprint(Member $member, string $fingerPrint, ValidationResult &$validationResult)
    {
        if ($member->Yubikey && strpos($fingerPrint, $member->Yubikey) !== 0) {
            $member->registerFailedLogin();
            $validationResult->addError(
                _t(
                    'YubikeyAuthenticator.NOMATCH',
                    'Yubikey fingerprint does not match found member'
                )
            );
        }
    }
}


1			<?php
2
3			namespace Firesphere\YubiAuth\Providers;
4
5			use DateTime;
6			use SilverStripe\Core\Config\Configurable;
7			use SilverStripe\ORM\DataList;
8			use SilverStripe\ORM\ValidationResult;
9			use SilverStripe\Security\Member;
10
11			/**
12			* Class YubiAuthProvider
13			*
14			* @package Firesphere\YubiAuth
15			*/
16			class YubiAuthProvider
17			{
18			use Configurable;
19
20			/**
21			* @param Member $member
22			* @return ValidationResult\|Member
23			*/
24			public function checkNoYubiAttempts(Member $member)
25			{
26			$noYubiLogins = $this->checkNoYubiLogins($member);
27			if ($noYubiLogins instanceof Member) {
28			return $this->checkNoYubiDays($member);
29			}
30
31			return $noYubiLogins;
32			}
33
34			/**
35			* Check if a member is allowed to login without a yubikey
36			*
37			* @param Member $member
38			* @return ValidationResult\|Member
39			*/
40			public function checkNoYubiLogins(Member $member)
41			{
42			$maxNoYubi = $this->config()->get('MaxNoYubiLogin');
43			if ($maxNoYubi > 0 && $maxNoYubi <= $member->NoYubikeyCount) {
44			$validationResult = ValidationResult::create();
45			$validationResult->addError(
46			_t(
47			'YubikeyAuthenticator.ERRORMAXYUBIKEY',
48			'Maximum login without yubikey exceeded'
49			)
50			);
51
52			$member->registerFailedLogin();
53
54			return $validationResult;
55			}
56
57			return $member;
58			}
59
60			/**
61			* Check if the member is allowed login after so many days of not using a yubikey
62			*
63			* @param Member $member
64			* @return ValidationResult\|Member
65			*/
66			public function checkNoYubiDays(Member $member)
67			{
68			$date1 = new DateTime($member->Created);
69			$date2 = new DateTime(date('Y-m-d'));
70
71			$diff = $date2->diff($date1)->format("%a");
72			$maxNoYubiDays = $this->config()->get('MaxNoYubiLoginDays');
73
74			if ($maxNoYubiDays > 0 && $diff >= $maxNoYubiDays) {
75			$validationResult = ValidationResult::create();
76			$validationResult->addError(
77			_t(
78			'YubikeyAuthenticator.ERRORMAXYUBIKEYDAYS',
79			'Maximum days without yubikey exceeded'
80			)
81			);
82			$member->registerFailedLogin();
83
84			return $validationResult;
85			}
86
87			return $member;
88			}
89
90			/**
91			* Check if the yubikey is unique and linked to the member trying to logon
92			*
93			* @param Member $member
94			* @param string $yubiFingerprint
95			* @return ValidationResult
96			*/
97			public function validateYubikey(Member $member, $yubiFingerprint)
98			{
99			/** @var DataList\|Member[] $yubikeyMembers */
100			$yubikeyMembers = Member::get()->filter(['Yubikey' => $yubiFingerprint]);
101
102			/** @var ValidationResult $validationResult */
103			$validationResult = ValidationResult::create();
104
105			$this->validateMemberCount($member, $yubikeyMembers, $validationResult);
106			// Yubikeys have a unique fingerprint, if we find a different member with this yubikey ID, something's wrong
107			$this->validateMember($member, $yubikeyMembers, $validationResult);
108
109			// If the member has a yubikey ID set, compare it to the fingerprint.
110			$this->validateFingerprint($member, $yubiFingerprint, $validationResult);
111
112
113			return $validationResult;
114			}
115
116			/**
117			* @param Member $member
118			* @param DataList\|Member[] $yubikeyMembers
119			* @param ValidationResult $validationResult
120			*/
121			protected function validateMemberCount(Member $member, DataList $yubikeyMembers, ValidationResult &$validationResult)
122			{
123			if ($yubikeyMembers->count() > 1) {
124			$validationResult->addError(
125			_t(
126			'YubikeyAuthenticator.DUPLICATE',
127			'Yubikey is duplicate, contact your administrator as soon as possible!'
128			)
129			);
130			$member->registerFailedLogin();
131			}
132			}
133
134			/**
135			* @param Member $member
136			* @param DataList\|Member[] $yubikeyMembers
137			* @param ValidationResult $validationResult
138			*/
139			protected function validateMember(Member $member, DataList $yubikeyMembers, ValidationResult &$validationResult)
140			{
141			if (!$yubikeyMembers->count() \|\| $yubikeyMembers->first()->ID !== $member->ID) {
142			$validationResult->addError(_t('YubikeyAuthenticator.NOMATCH', 'Yubikey does not match found member'));
143			$member->registerFailedLogin();
144			}
145			}
146
147			/**
148			* @param Member $member
149			* @param string $fingerPrint
150			* @param ValidationResult $validationResult
151			*/
152			protected function validateFingerprint(Member $member, string $fingerPrint, ValidationResult &$validationResult)
153			{
154			if ($member->Yubikey && strpos($fingerPrint, $member->Yubikey) !== 0) {
155			$member->registerFailedLogin();
156			$validationResult->addError(
157			_t(
158			'YubikeyAuthenticator.NOMATCH',
159			'Yubikey fingerprint does not match found member'
160			)
161			);
162			}
163			}
164			}
165

Firesphere / silverstripe-yubiauth

Pull Request — master (#13)

YubiAuthProvider::validateMember() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like