cmpSequenceNumber() - Code Metrics - Inspection of "introduce skeleton of new AdminAPI. The action NEW..." - GEANT/CAT - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 14cefc...1cb0a0 )

by Stefan

created 2018-04-24 13:00 UTC

cmpSequenceNumber() A

↳ Parent: Project

Complexity

Conditions	3
Paths	4

Size

Total Lines	8
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	8
c	0
b	0
f	0
rs	9.4285
cc	3
eloc	7
nc	4
nop	2

<?php

/*
 * ******************************************************************************
 * Copyright 2011-2017 DANTE Ltd. and GÉANT on behalf of the GN3, GN3+, GN4-1 
 * and GN4-2 consortia
 *
 * License: see the web/copyright.php file in the file structure
 * ******************************************************************************
 */
?>
<?php

require_once(dirname(dirname(dirname(__FILE__))) . "/config/_config.php");


// no SAML auth on this page. The API key authenticates the entity

$mode = "API";

$adminApi = new \web\lib\admin\API();
$validator = new \web\lib\common\InputValidation();
$optionParser = new \web\lib\admin\OptionParser();

function return_error($code, $description) {
    echo json_encode(["result" => "ERROR", "details" => ["errorcode" => $code, "description" => $description]], JSON_PRETTY_PRINT);
}

if (!isset(CONFIG['registration_API_keys']) || count(CONFIG['registration_API_keys']) == 0) {
    return_error(web\lib\admin\API::ERROR_API_DISABLED, "API is disabled in this instance of CAT");
    exit(1);
}

$inputRaw = file_get_contents('php://input');
$inputDecoded = json_decode($inputRaw, TRUE);
if (!is_array($inputDecoded)) {
    return_error(web\lib\admin\API::ERROR_MALFORMED_REQUEST, "Unable to decode JSON POST data.");
    exit(1);
}

if (!isset($inputDecoded['APIKEY'])) {
    return_error(web\lib\admin\API::ERROR_NO_APIKEY, "JSON request structure did not contain an APIKEY");
    exit(1);
}

$checkval = "FAIL";
foreach (CONFIG['registration_API_keys'] as $key => $fed_name) {
    if ($inputDecoded['APIKEY'] == $key) {
        $mode = "API";
        $federation = $fed_name;
        $checkval = "OK-NEW";
    }
}

if ($checkval == "FAIL") {
    return_error(web\lib\admin\API::ERROR_INVALID_APIKEY, "APIKEY is invalid");
    exit(1);
}

// let's instantiate the fed, we will need it later
$fed = new \core\Federation($federation);
// it's a valid admin; what does he want to do?
if (!array_key_exists($inputDecoded['ACTION'], web\lib\admin\API::ACTIONS)) {
    return_error(ERROR_NO_ACTION, "JSON request structure did not contain a valid ACTION");

    exit(1);
}
// it's a valid ACTION, so let's sanitise the input parameters
$scrubbedParameters = $adminApi->scrub($inputDecoded);
// are all the required parameters (still) in the request?
foreach (web\lib\admin\API::ACTIONS[$inputDecoded['ACTION']]['REQ'] as $oneRequiredAttribute) {
    if (!in_array($oneRequiredAttribute, $scrubbedParameters)) {
        return_error(web\lib\admin\API::ERROR_MISSING_PARAMETER, "At least one required parameter for this ACTION is missing: $oneRequiredAttribute");
    }
}

switch ($inputDecoded['ACTION']) {
    case web\lib\admin\API::ACTION_NEWINST:
        // create the inst, no admin, no attributes
        $idp = new \core\IdP($fed->newIdP("PENDING", "API"));
        // now add all submitted attributes
        $inputs = $adminApi->uglify($scrubbedParameters);
        $optionParser->processSubmittedFields($idp, $inputs["POST"], $inputs["FILES"]);
        break;
    case web\lib\admin\API::ACTION_ADMIN_ADD:
        // generate the token
        $newtoken = $mgmt->createToken(true, $validator->string($_POST['NEWINST_PRIMARYADMIN']), $idp);
        // and send it back to the caller
        $URL = "https://" . $_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']) . "/action_enrollment.php?token=$newtoken";
        echo "<CAT-API-Response>\n";
        echo "  <success action='NEWINST'>\n    <enrollment_URL>$URL</enrollment_URL>\n    <inst_unique_id>" . $idp->identifier . "</inst_unique_id>\n  </success>\n";
        echo "</CAT-API-Response>\n";
        exit(0);
        break;
    default:
        return_error(web\lib\admin\API::ERROR_INVALID_ACTION, "Not implemented yet.");
        exit(1);
}


1			<?php
2
3			/*
4			* ******************************************************************************
5			* Copyright 2011-2017 DANTE Ltd. and GÉANT on behalf of the GN3, GN3+, GN4-1
6			* and GN4-2 consortia
7			*
8			* License: see the web/copyright.php file in the file structure
9			* ******************************************************************************
10			*/
11			?>
12			<?php
13
14			require_once(dirname(dirname(dirname(__FILE__))) . "/config/_config.php");
15
16
17			// no SAML auth on this page. The API key authenticates the entity
18
19			$mode = "API";
20
21			$adminApi = new \web\lib\admin\API();
22			$validator = new \web\lib\common\InputValidation();
23			$optionParser = new \web\lib\admin\OptionParser();
24
25			function return_error($code, $description) {
26			echo json_encode(["result" => "ERROR", "details" => ["errorcode" => $code, "description" => $description]], JSON_PRETTY_PRINT);
27			}
28
29			if (!isset(CONFIG['registration_API_keys']) \|\| count(CONFIG['registration_API_keys']) == 0) {
30			return_error(web\lib\admin\API::ERROR_API_DISABLED, "API is disabled in this instance of CAT");
31			exit(1);
32			}
33
34			$inputRaw = file_get_contents('php://input');
35			$inputDecoded = json_decode($inputRaw, TRUE);
36			if (!is_array($inputDecoded)) {
37			return_error(web\lib\admin\API::ERROR_MALFORMED_REQUEST, "Unable to decode JSON POST data.");
38			exit(1);
39			}
40
41			if (!isset($inputDecoded['APIKEY'])) {
42			return_error(web\lib\admin\API::ERROR_NO_APIKEY, "JSON request structure did not contain an APIKEY");
43			exit(1);
44			}
45
46			$checkval = "FAIL";
47			foreach (CONFIG['registration_API_keys'] as $key => $fed_name) {
48			if ($inputDecoded['APIKEY'] == $key) {
49			$mode = "API";
50			$federation = $fed_name;
51			$checkval = "OK-NEW";
52			}
53			}
54
55			if ($checkval == "FAIL") {
56			return_error(web\lib\admin\API::ERROR_INVALID_APIKEY, "APIKEY is invalid");
57			exit(1);
58			}
59
60			// let's instantiate the fed, we will need it later
61			$fed = new \core\Federation($federation);
62			// it's a valid admin; what does he want to do?
63			if (!array_key_exists($inputDecoded['ACTION'], web\lib\admin\API::ACTIONS)) {
64			return_error(ERROR_NO_ACTION, "JSON request structure did not contain a valid ACTION");
			0 ignored issues – show Bug introduced 2018-04-24 13:05 UTC by Report Bug Copy Issue Report The constant `ERROR_NO_ACTION` was not found. Maybe you did not declare it correctly or list all dependencies? Loading history...
65			exit(1);
66			}
67			// it's a valid ACTION, so let's sanitise the input parameters
68			$scrubbedParameters = $adminApi->scrub($inputDecoded);
69			// are all the required parameters (still) in the request?
70			foreach (web\lib\admin\API::ACTIONS[$inputDecoded['ACTION']]['REQ'] as $oneRequiredAttribute) {
71			if (!in_array($oneRequiredAttribute, $scrubbedParameters)) {
72			return_error(web\lib\admin\API::ERROR_MISSING_PARAMETER, "At least one required parameter for this ACTION is missing: $oneRequiredAttribute");
73			}
74			}
75
76			switch ($inputDecoded['ACTION']) {
77			case web\lib\admin\API::ACTION_NEWINST:
78			// create the inst, no admin, no attributes
79			$idp = new \core\IdP($fed->newIdP("PENDING", "API"));
80			// now add all submitted attributes
81			$inputs = $adminApi->uglify($scrubbedParameters);
82			$optionParser->processSubmittedFields($idp, $inputs["POST"], $inputs["FILES"]);
83			break;
84			case web\lib\admin\API::ACTION_ADMIN_ADD:
85			// generate the token
86			$newtoken = $mgmt->createToken(true, $validator->string($_POST['NEWINST_PRIMARYADMIN']), $idp);
87			// and send it back to the caller
88			$URL = "https://" . $_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']) . "/action_enrollment.php?token=$newtoken";
89			echo "<CAT-API-Response>\n";
90			echo " <success action='NEWINST'>\n <enrollment_URL>$URL</enrollment_URL>\n <inst_unique_id>" . $idp->identifier . "</inst_unique_id>\n </success>\n";
91			echo "</CAT-API-Response>\n";
92			exit(0);
93			break;
94			default:
95			return_error(web\lib\admin\API::ERROR_INVALID_ACTION, "Not implemented yet.");
96			exit(1);
97			}
98

GEANT / CAT

Push — master ( 14cefc...1cb0a0 )

cmpSequenceNumber() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like