OutsideComm::adminInvitationMail() - Code Metrics - Inspection of "beef up the invitation system to ask for IdP/SP/bo..." - GEANT/CAT - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — master ( 2cdad9...933f57 )

by Stefan

created 2019-03-15 15:14 UTC

OutsideComm::adminInvitationMail() F

↳ Parent: OutsideComm

Complexity

Conditions	19
Paths	363

Size

Total Lines	110
Code Lines	73

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
eloc	73
dl	0
loc	110
rs	1.6458
c	0
b	0
f	0
cc	19
nc	363
nop	6

How to fix Long Method Complexity

<?php
/*
 * *****************************************************************************
 * Contributions to this work were made on behalf of the GÉANT project, a 
 * project that has received funding from the European Union’s Framework 
 * Programme 7 under Grant Agreements No. 238875 (GN3) and No. 605243 (GN3plus),
 * Horizon 2020 research and innovation programme under Grant Agreements No. 
 * 691567 (GN4-1) and No. 731122 (GN4-2).
 * On behalf of the aforementioned projects, GEANT Association is the sole owner
 * of the copyright in all material which was developed by a member of the GÉANT
 * project. GÉANT Vereniging (Association) is registered with the Chamber of 
 * Commerce in Amsterdam with registration number 40535155 and operates in the 
 * UK as a branch of GÉANT Vereniging.
 * 
 * Registered office: Hoekenrode 3, 1102BR Amsterdam, The Netherlands. 
 * UK branch address: City House, 126-130 Hills Road, Cambridge CB2 1PQ, UK
 *
 * License: see the web/copyright.inc.php file in the file structure or
 *          <base_url>/copyright.php after deploying the software
 */

namespace core\common;

/**
 * This class contains a number of functions for talking to the outside world
 * @author Stefan Winter <[email protected]>
 * @author Tomasz Wolniewicz <[email protected]>
 *
 * @package Developer
 */
class OutsideComm extends Entity {

    /**
     * downloads a file from the internet
     * @param string $url the URL to download
     * @return string|boolean the data we got back, or FALSE on failure
     */
    public static function downloadFile($url) {
        $loggerInstance = new \core\common\Logging();
        if (!preg_match("/:\/\//", $url)) {
            $loggerInstance->debug(3, "The specified string does not seem to be a URL!");
            return FALSE;
        }
        # we got a URL, download it
        $download = fopen($url, "rb");
        if ($download === FALSE) {
            $loggerInstance->debug(2, "Failed to open handle for $url");
            return FALSE;
        }
        $data = stream_get_contents($download);
        if ($data === FALSE) {
            $loggerInstance->debug(2, "Failed to download the file from $url");
            return FALSE;
        }
        return $data;
    }

    /**
     * create an email handle from PHPMailer for later customisation and sending
     * @return \PHPMailer\PHPMailer\PHPMailer
     */
    public static function mailHandle() {
// use PHPMailer to send the mail
        $mail = new \PHPMailer\PHPMailer\PHPMailer();
        $mail->isSMTP();
        $mail->Port = 587;
        $mail->SMTPSecure = 'tls';
        $mail->Host = CONFIG['MAILSETTINGS']['host'];
        if (CONFIG['MAILSETTINGS']['user'] === NULL && CONFIG['MAILSETTINGS']['pass'] === NULL) {
            $mail->SMTPAuth = false;
        } else {
            $mail->SMTPAuth = true;
            $mail->Username = CONFIG['MAILSETTINGS']['user'];
            $mail->Password = CONFIG['MAILSETTINGS']['pass'];
        }
        $mail->SMTPOptions = CONFIG['MAILSETTINGS']['options'];
// formatting nitty-gritty
        $mail->WordWrap = 72;
        $mail->isHTML(FALSE);
        $mail->CharSet = 'UTF-8';
        $mail->From = CONFIG['APPEARANCE']['from-mail'];
// are we fancy? i.e. S/MIME signing?
        if (isset(CONFIG['MAILSETTINGS']['certfilename'], CONFIG['MAILSETTINGS']['keyfilename'], CONFIG['MAILSETTINGS']['keypass'])) {
            $mail->sign(CONFIG['MAILSETTINGS']['certfilename'], CONFIG['MAILSETTINGS']['keyfilename'], CONFIG['MAILSETTINGS']['keypass']);
        }
        return $mail;
    }

    const MAILDOMAIN_INVALID = -1000;
    const MAILDOMAIN_NO_MX = -1001;
    const MAILDOMAIN_NO_HOST = -1002;
    const MAILDOMAIN_NO_CONNECT = -1003;
    const MAILDOMAIN_NO_STARTTLS = 1;
    const MAILDOMAIN_STARTTLS = 2;

    /**
     * verifies whether a mail address is in an existing and STARTTLS enabled mail domain
     * 
     * @param string $address the mail address to check
     * @return int status of the mail domain
     */
    public static function mailAddressValidSecure($address) {
        $loggerInstance = new \core\common\Logging();
        if (!filter_var($address, FILTER_VALIDATE_EMAIL)) {
            $loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: invalid mail address.");
            return OutsideComm::MAILDOMAIN_INVALID;
        }
        $domain = substr($address, strpos($address, '@') + 1); // everything after the @ sign
        // we can be sure that the @ was found (FILTER_VALIDATE_EMAIL succeeded)
        // but let's be explicit
        if ($domain === FALSE) {
            return OutsideComm::MAILDOMAIN_INVALID;
        }
        // does the domain have MX records?
        $mx = dns_get_record($domain, DNS_MX);
        if ($mx === FALSE) {
            $loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: no MX.");
            return OutsideComm::MAILDOMAIN_NO_MX;
        }
        $loggerInstance->debug(5, "Domain: $domain MX: " . print_r($mx, TRUE));
        // create a pool of A and AAAA records for all the MXes
        $ipAddrs = [];
        foreach ($mx as $onemx) {
            $v4list = dns_get_record($onemx['target'], DNS_A);
            $v6list = dns_get_record($onemx['target'], DNS_AAAA);
            foreach ($v4list as $oneipv4) {
                $ipAddrs[] = $oneipv4['ip'];
            }
            foreach ($v6list as $oneipv6) {
                $ipAddrs[] = "[" . $oneipv6['ipv6'] . "]";
            }
        }
        if (count($ipAddrs) == 0) {
            $loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: no mailserver hosts.");
            return OutsideComm::MAILDOMAIN_NO_HOST;
        }
        $loggerInstance->debug(5, "Domain: $domain Addrs: " . print_r($ipAddrs, TRUE));
        // connect to all hosts. If all can't connect, return MAILDOMAIN_NO_CONNECT. 
        // If at least one does not support STARTTLS or one of the hosts doesn't connect
        // , return MAILDOMAIN_NO_STARTTLS (one which we can't connect to we also
        // can't verify if it's doing STARTTLS, so better safe than sorry.
        $retval = OutsideComm::MAILDOMAIN_NO_CONNECT;
        $allWithStarttls = TRUE;
        foreach ($ipAddrs as $oneip) {
            $loggerInstance->debug(5, "OutsideComm::mailAddressValidSecure: connecting to $oneip.");
            $smtp = new \PHPMailer\PHPMailer\SMTP;
            if ($smtp->connect($oneip, 25)) {
                // host reached! so at least it's not a NO_CONNECT
                $loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: connected to $oneip.");
                $retval = OutsideComm::MAILDOMAIN_NO_STARTTLS;
                if ($smtp->hello('eduroam.org')) {
                    $extensions = $smtp->getServerExtList(); // Scrutinzer is wrong; is not always null - contains server capabilities
                    if (!is_array($extensions) || !array_key_exists('STARTTLS', $extensions)) {
                        $loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: no indication for STARTTLS.");
                        $allWithStarttls = FALSE;
                    }
                }
            } else {
                // no connect: then we can't claim all targets have STARTTLS
                $allWithStarttls = FALSE;
                $loggerInstance->debug(5, "OutsideComm::mailAddressValidSecure: failed $oneip.");
            }
        }
        // did the state $allWithStarttls survive? Then up the response to
        // appropriate level.
        if ($retval == OutsideComm::MAILDOMAIN_NO_STARTTLS && $allWithStarttls) {
            $retval = OutsideComm::MAILDOMAIN_STARTTLS;
        }
        return $retval;
    }

    const SMS_SENT = 100;
    const SMS_NOTSENT = 101;
    const SMS_FRAGEMENTSLOST = 102;

    /**
     * Send SMS invitations to end users
     * 
     * @param string $number  the number to send to: with country prefix, but without the + sign ("352123456" for a Luxembourg example)
     * @param string $content the text to send
     * @return integer status of the sending process
     * @throws Exception
     */
    public static function sendSMS($number, $content) {
        $loggerInstance = new \core\common\Logging();
        switch (CONFIG_CONFASSISTANT['SMSSETTINGS']['provider']) {
            case 'Nexmo':
                // taken from https://docs.nexmo.com/messaging/sms-api
                $url = 'https://rest.nexmo.com/sms/json?' . http_build_query(
                                [
                                    'api_key' => CONFIG_CONFASSISTANT['SMSSETTINGS']['username'],
                                    'api_secret' => CONFIG_CONFASSISTANT['SMSSETTINGS']['password'],
                                    'to' => $number,
                                    'from' => CONFIG_CONFASSISTANT['CONSORTIUM']['name'],
                                    'text' => $content,
                                    'type' => 'unicode',
                                ]
                );

                $ch = curl_init($url);
                curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                $response = curl_exec($ch);

                $decoded_response = json_decode($response, true);
                $messageCount = $decoded_response['message-count'];

                if ($messageCount == 0) {
                    $loggerInstance->debug(2, 'Problem with SMS invitation: no message was sent!');
                    return OutsideComm::SMS_NOTSENT;
                }
                $loggerInstance->debug(2, 'Total of ' . $messageCount . ' messages were attempted to send.');

                $totalFailures = 0;
                foreach ($decoded_response['messages'] as $message) {
                    if ($message['status'] == 0) {
                        $loggerInstance->debug(2, $message['message-id'] . ": Success");
                    } else {
                        $loggerInstance->debug(2, $message['message-id'] . ": Failed (failure code = " . $message['status'] . ")");
                        $totalFailures++;
                    }
                }
                if ($messageCount == count($decoded_response['messages']) && $totalFailures == 0) {
                    return OutsideComm::SMS_SENT;
                }
                return OutsideComm::SMS_FRAGEMENTSLOST;
            default:
                throw new \Exception("Unknown SMS Gateway provider!");
        }
    }

    const INVITE_CONTEXTS = [
        0 => "CO-ADMIN",
        1 => "NEW-FED",
        2 => "EXISTING-FED",
    ];

    /**
     * 
     * @param string           $targets       one or more mail addresses, comma-separated
     * @param string           $introtext     introductory sentence (varies by situation)
     * @param string           $newtoken      the token to send
     * @param string           $idpPrettyName the name of the IdP, in best-match language
     * @param \core\Federation $federation    if not NULL, indicates that invitation comes from authorised fed admin of that federation
     * @param string           $type          the type of participant we're invited to
     * @return array
     */
    public static function adminInvitationMail($targets, $introtext, $newtoken, $idpPrettyName, $federation, $type) {
        if (!in_array($introtext, OutsideComm::INVITE_CONTEXTS)) {
            throw new \Exception("Unknown invite mode!");
        }
        if ($introtext == OutsideComm::INVITE_CONTEXTS[1] && $federation === NULL) { // comes from fed admin, so federation must be set
            throw new \Exception("Invitation from a fed admin, but we do not know the corresponding federation!");
        }
        $prettyPrintType = "";
        switch ($type) {
            case \core\IdP::TYPE_IDP:
                $prettyPrintType = Entity::$nomenclature_inst;
                break;
            case \core\IdP::TYPE_SP:
                $prettyPrintType = Entity::$nomenclature_hotspot;
                break;
            case \core\IdP::TYPE_IDPSP:
                $prettyPrintType = sprintf(_("%s and %s"), Entity::$nomenclature_inst, Entity::$nomenclature_hotspot);
                break;
            default:
                throw new Exception("This is controlled vocabulary, impossible.");

        }
        Entity::intoThePotatoes();
        $mail = OutsideComm::mailHandle();
        new \core\CAT(); // makes sure Entity is initialised
        // we have a few stock intro texts on file
        $introTexts = [
            OutsideComm::INVITE_CONTEXTS[0] => sprintf(_("a %s of the %s %s \"%s\" has invited you to manage the %s together with him."), Entity::$nomenclature_fed, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], Entity::$nomenclature_participant, $idpPrettyName, Entity::$nomenclature_participant),
            OutsideComm::INVITE_CONTEXTS[1] => sprintf(_("a %s %s has invited you to manage the future %s  \"%s\" (%s). The organisation will be a %s."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], Entity::$nomenclature_fed, Entity::$nomenclature_participant, $idpPrettyName, strtoupper($federation->tld), $prettyPrintType),
            OutsideComm::INVITE_CONTEXTS[2] => sprintf(_("a %s %s has invited you to manage the %s  \"%s\". This is a %s."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], Entity::$nomenclature_fed, Entity::$nomenclature_participant, $idpPrettyName, $prettyPrintType),
        ];
        $validity = sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X %Z", time() + 86400));
        // need some nomenclature
        // are we on https?
        $proto = "http://";
        if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") {
            $proto = "https://";
        }
        // then, send out the mail
        $message = _("Hello,") . "\n\n" . wordwrap($introTexts[$introtext] . " " . $validity, 72) . "\n\n";
        // default means we don't have a Reply-To.
        $replyToMessage = wordwrap(_("manually. Please do not reply to this mail; this is a send-only address."));

        if ($federation !== NULL) {
            // see if we are supposed to add a custom message
            $customtext = $federation->getAttributes('fed:custominvite');
            if (count($customtext) > 0) {
                $message .= wordwrap(sprintf(_("Additional message from your %s administrator:"), Entity::$nomenclature_fed), 72) . "\n---------------------------------" .
                        wordwrap($customtext[0]['value'], 72) . "\n---------------------------------\n\n";
            }
            // and add Reply-To already now
            foreach ($federation->listFederationAdmins() as $fedadmin_id) {
                $fedadmin = new \core\User($fedadmin_id);
                $mailaddrAttrib = $fedadmin->getAttributes("user:email");
                $nameAttrib = $fedadmin->getAttributes("user:realname");
                $name = $nameAttrib[0]['value'] ?? sprintf(_("%s administrator"), Entity::$nomenclature_fed);
                if (count($mailaddrAttrib) > 0) {
                    $mail->addReplyTo($mailaddrAttrib[0]['value'], $name);
                    $replyToMessage = wordwrap(sprintf(_("manually. If you reply to this mail, you will reach your %s administrators."), Entity::$nomenclature_fed), 72);
                }
            }
        }

        $message .= wordwrap(sprintf(_("To enlist as an administrator for that %s, please click on the following link:"), Entity::$nomenclature_participant), 72) . "\n\n" .
                $proto . $_SERVER['SERVER_NAME'] . CONFIG['PATHS']['cat_base_url'] . "admin/action_enrollment.php?token=$newtoken\n\n" .
                wordwrap(sprintf(_("If clicking the link doesn't work, you can also go to the %s Administrator Interface at"), CONFIG['APPEARANCE']['productname']), 72) . "\n\n" .
                $proto . $_SERVER['SERVER_NAME'] . CONFIG['PATHS']['cat_base_url'] . "admin/\n\n" .
                _("and enter the invitation token") . "\n\n" .
                $newtoken . "\n\n$replyToMessage\n\n" .
                wordwrap(_("Do NOT forward the mail before the token has expired - or the recipients may be able to consume the token on your behalf!"), 72) . "\n\n" .
                wordwrap(sprintf(_("We wish you a lot of fun with the %s."), CONFIG['APPEARANCE']['productname']), 72) . "\n\n" .
                sprintf(_("Sincerely,\n\nYour friendly folks from %s Operations"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']);


// who to whom?
        $mail->FromName = CONFIG['APPEARANCE']['productname'] . " Invitation System";

        if (isset(CONFIG['APPEARANCE']['invitation-bcc-mail']) && CONFIG['APPEARANCE']['invitation-bcc-mail'] !== NULL) {
            $mail->addBCC(CONFIG['APPEARANCE']['invitation-bcc-mail']);
        }

// all addresses are wrapped in a string, but PHPMailer needs a structured list of addressees
// sigh... so convert as needed
// first split multiple into one if needed
        $recipients = explode(", ", $targets);

        $secStatus = TRUE;
        $domainStatus = TRUE;

// fill the destinations in PHPMailer API
        foreach ($recipients as $recipient) {
            $mail->addAddress($recipient);
            $status = OutsideComm::mailAddressValidSecure($recipient);
            if ($status < OutsideComm::MAILDOMAIN_STARTTLS) {
                $secStatus = FALSE;
            }
            if ($status < 0) {
                $domainStatus = FALSE;
            }
        }
        Entity::outOfThePotatoes();
        if (!$domainStatus) {
            return ["SENT" => FALSE, "TRANSPORT" => FALSE];
        }

// what do we want to say?
        Entity::intoThePotatoes();
        $mail->Subject = sprintf(_("%s: you have been invited to manage an %s"), CONFIG['APPEARANCE']['productname'], Entity::$nomenclature_participant);
        Entity::outOfThePotatoes();
        $mail->Body = $message;
        return ["SENT" => $mail->send(), "TRANSPORT" => $secStatus];
    }

    /**
     * sends a POST with some JSON inside
     * 
     * @param string $url       the URL to POST to
     * @param array  $dataArray the data to be sent in PHP array representation
     * @return array the JSON response, decoded into PHP associative array
     * @throws \Exception
     */
    public static function postJson($url, $dataArray) {
        $ch = \curl_init($url);
        \curl_setopt_array($ch, array(
            CURLOPT_POST => TRUE,
            CURLOPT_RETURNTRANSFER => TRUE,
            CURLOPT_POSTFIELDS => json_encode($dataArray),
            CURLOPT_FRESH_CONNECT => TRUE,
        ));
        $response = \curl_exec($ch);
        if ($response === FALSE || $response === NULL) {
            throw new \Exception("the POST didn't work!");
        }
        return json_decode($response, TRUE);
    }

    /**
     * performs an HTTP request. Currently unused, will be for external CA API calls.
     * 
     * @param string $url the URL to send the request to
     * @param array $postValues POST values to send
     * @return string the returned HTTP content

      public static function PostHttp($url, $postValues) {
      $options = [
      'http' => ['header' => 'Content-type: application/x-www-form-urlencoded\r\n', "method" => 'POST', 'content' => http_build_query($postValues)]
      ];
      $context = stream_context_create($options);
      return file_get_contents($url, false, $context);
      }
     * 
     */
}


1			<?php
2			/*
3			* *****************************************************************************
4			* Contributions to this work were made on behalf of the GÉANT project, a
5			* project that has received funding from the European Union’s Framework
6			* Programme 7 under Grant Agreements No. 238875 (GN3) and No. 605243 (GN3plus),
7			* Horizon 2020 research and innovation programme under Grant Agreements No.
8			* 691567 (GN4-1) and No. 731122 (GN4-2).
9			* On behalf of the aforementioned projects, GEANT Association is the sole owner
10			* of the copyright in all material which was developed by a member of the GÉANT
11			* project. GÉANT Vereniging (Association) is registered with the Chamber of
12			* Commerce in Amsterdam with registration number 40535155 and operates in the
13			* UK as a branch of GÉANT Vereniging.
14			*
15			* Registered office: Hoekenrode 3, 1102BR Amsterdam, The Netherlands.
16			* UK branch address: City House, 126-130 Hills Road, Cambridge CB2 1PQ, UK
17			*
18			* License: see the web/copyright.inc.php file in the file structure or
19			* <base_url>/copyright.php after deploying the software
20			*/
21
22			namespace core\common;
23
24			/**
25			* This class contains a number of functions for talking to the outside world
26			* @author Stefan Winter <[email protected]>
27			* @author Tomasz Wolniewicz <[email protected]>
28			*
29			* @package Developer
30			*/
31			class OutsideComm extends Entity {
32
33			/**
34			* downloads a file from the internet
35			* @param string $url the URL to download
36			* @return string\|boolean the data we got back, or FALSE on failure
37			*/
38			public static function downloadFile($url) {
39			$loggerInstance = new \core\common\Logging();
40			if (!preg_match("/:\/\//", $url)) {
41			$loggerInstance->debug(3, "The specified string does not seem to be a URL!");
42			return FALSE;
43			}
44			# we got a URL, download it
45			$download = fopen($url, "rb");
46			if ($download === FALSE) {
47			$loggerInstance->debug(2, "Failed to open handle for $url");
48			return FALSE;
49			}
50			$data = stream_get_contents($download);
51			if ($data === FALSE) {
52			$loggerInstance->debug(2, "Failed to download the file from $url");
53			return FALSE;
54			}
55			return $data;
56			}
57
58			/**
59			* create an email handle from PHPMailer for later customisation and sending
60			* @return \PHPMailer\PHPMailer\PHPMailer
61			*/
62			public static function mailHandle() {
63			// use PHPMailer to send the mail
64			$mail = new \PHPMailer\PHPMailer\PHPMailer();
65			$mail->isSMTP();
66			$mail->Port = 587;
67			$mail->SMTPSecure = 'tls';
68			$mail->Host = CONFIG['MAILSETTINGS']['host'];
69			if (CONFIG['MAILSETTINGS']['user'] === NULL && CONFIG['MAILSETTINGS']['pass'] === NULL) {
70			$mail->SMTPAuth = false;
71			} else {
72			$mail->SMTPAuth = true;
73			$mail->Username = CONFIG['MAILSETTINGS']['user'];
74			$mail->Password = CONFIG['MAILSETTINGS']['pass'];
75			}
76			$mail->SMTPOptions = CONFIG['MAILSETTINGS']['options'];
77			// formatting nitty-gritty
78			$mail->WordWrap = 72;
79			$mail->isHTML(FALSE);
80			$mail->CharSet = 'UTF-8';
81			$mail->From = CONFIG['APPEARANCE']['from-mail'];
82			// are we fancy? i.e. S/MIME signing?
83			if (isset(CONFIG['MAILSETTINGS']['certfilename'], CONFIG['MAILSETTINGS']['keyfilename'], CONFIG['MAILSETTINGS']['keypass'])) {
84			$mail->sign(CONFIG['MAILSETTINGS']['certfilename'], CONFIG['MAILSETTINGS']['keyfilename'], CONFIG['MAILSETTINGS']['keypass']);
85			}
86			return $mail;
87			}
88
89			const MAILDOMAIN_INVALID = -1000;
90			const MAILDOMAIN_NO_MX = -1001;
91			const MAILDOMAIN_NO_HOST = -1002;
92			const MAILDOMAIN_NO_CONNECT = -1003;
93			const MAILDOMAIN_NO_STARTTLS = 1;
94			const MAILDOMAIN_STARTTLS = 2;
95
96			/**
97			* verifies whether a mail address is in an existing and STARTTLS enabled mail domain
98			*
99			* @param string $address the mail address to check
100			* @return int status of the mail domain
101			*/
102			public static function mailAddressValidSecure($address) {
103			$loggerInstance = new \core\common\Logging();
104			if (!filter_var($address, FILTER_VALIDATE_EMAIL)) {
105			$loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: invalid mail address.");
106			return OutsideComm::MAILDOMAIN_INVALID;
107			}
108			$domain = substr($address, strpos($address, '@') + 1); // everything after the @ sign
109			// we can be sure that the @ was found (FILTER_VALIDATE_EMAIL succeeded)
110			// but let's be explicit
111			if ($domain === FALSE) {
112			return OutsideComm::MAILDOMAIN_INVALID;
113			}
114			// does the domain have MX records?
115			$mx = dns_get_record($domain, DNS_MX);
116			if ($mx === FALSE) {
117			$loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: no MX.");
118			return OutsideComm::MAILDOMAIN_NO_MX;
119			}
120			$loggerInstance->debug(5, "Domain: $domain MX: " . print_r($mx, TRUE));
121			// create a pool of A and AAAA records for all the MXes
122			$ipAddrs = [];
123			foreach ($mx as $onemx) {
124			$v4list = dns_get_record($onemx['target'], DNS_A);
125			$v6list = dns_get_record($onemx['target'], DNS_AAAA);
126			foreach ($v4list as $oneipv4) {
127			$ipAddrs[] = $oneipv4['ip'];
128			}
129			foreach ($v6list as $oneipv6) {
130			$ipAddrs[] = "[" . $oneipv6['ipv6'] . "]";
131			}
132			}
133			if (count($ipAddrs) == 0) {
134			$loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: no mailserver hosts.");
135			return OutsideComm::MAILDOMAIN_NO_HOST;
136			}
137			$loggerInstance->debug(5, "Domain: $domain Addrs: " . print_r($ipAddrs, TRUE));
138			// connect to all hosts. If all can't connect, return MAILDOMAIN_NO_CONNECT.
139			// If at least one does not support STARTTLS or one of the hosts doesn't connect
140			// , return MAILDOMAIN_NO_STARTTLS (one which we can't connect to we also
141			// can't verify if it's doing STARTTLS, so better safe than sorry.
142			$retval = OutsideComm::MAILDOMAIN_NO_CONNECT;
143			$allWithStarttls = TRUE;
144			foreach ($ipAddrs as $oneip) {
145			$loggerInstance->debug(5, "OutsideComm::mailAddressValidSecure: connecting to $oneip.");
146			$smtp = new \PHPMailer\PHPMailer\SMTP;
147			if ($smtp->connect($oneip, 25)) {
148			// host reached! so at least it's not a NO_CONNECT
149			$loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: connected to $oneip.");
150			$retval = OutsideComm::MAILDOMAIN_NO_STARTTLS;
151			if ($smtp->hello('eduroam.org')) {
152			$extensions = $smtp->getServerExtList(); // Scrutinzer is wrong; is not always null - contains server capabilities
153			if (!is_array($extensions) \|\| !array_key_exists('STARTTLS', $extensions)) {
154			$loggerInstance->debug(4, "OutsideComm::mailAddressValidSecure: no indication for STARTTLS.");
155			$allWithStarttls = FALSE;
156			}
157			}
158			} else {
159			// no connect: then we can't claim all targets have STARTTLS
160			$allWithStarttls = FALSE;
161			$loggerInstance->debug(5, "OutsideComm::mailAddressValidSecure: failed $oneip.");
162			}
163			}
164			// did the state $allWithStarttls survive? Then up the response to
165			// appropriate level.
166			if ($retval == OutsideComm::MAILDOMAIN_NO_STARTTLS && $allWithStarttls) {
167			$retval = OutsideComm::MAILDOMAIN_STARTTLS;
168			}
169			return $retval;
170			}
171
172			const SMS_SENT = 100;
173			const SMS_NOTSENT = 101;
174			const SMS_FRAGEMENTSLOST = 102;
175
176			/**
177			* Send SMS invitations to end users
178			*
179			* @param string $number the number to send to: with country prefix, but without the + sign ("352123456" for a Luxembourg example)
180			* @param string $content the text to send
181			* @return integer status of the sending process
182			* @throws Exception
183			*/
184			public static function sendSMS($number, $content) {
185			$loggerInstance = new \core\common\Logging();
186			switch (CONFIG_CONFASSISTANT['SMSSETTINGS']['provider']) {
187			case 'Nexmo':
188			// taken from https://docs.nexmo.com/messaging/sms-api
189			$url = 'https://rest.nexmo.com/sms/json?' . http_build_query(
190			[
191			'api_key' => CONFIG_CONFASSISTANT['SMSSETTINGS']['username'],
192			'api_secret' => CONFIG_CONFASSISTANT['SMSSETTINGS']['password'],
193			'to' => $number,
194			'from' => CONFIG_CONFASSISTANT['CONSORTIUM']['name'],
195			'text' => $content,
196			'type' => 'unicode',
197			]
198			);
199
200			$ch = curl_init($url);
201			curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
202			$response = curl_exec($ch);
203
204			$decoded_response = json_decode($response, true);
205			$messageCount = $decoded_response['message-count'];
206
207			if ($messageCount == 0) {
208			$loggerInstance->debug(2, 'Problem with SMS invitation: no message was sent!');
209			return OutsideComm::SMS_NOTSENT;
210			}
211			$loggerInstance->debug(2, 'Total of ' . $messageCount . ' messages were attempted to send.');
212
213			$totalFailures = 0;
214			foreach ($decoded_response['messages'] as $message) {
215			if ($message['status'] == 0) {
216			$loggerInstance->debug(2, $message['message-id'] . ": Success");
217			} else {
218			$loggerInstance->debug(2, $message['message-id'] . ": Failed (failure code = " . $message['status'] . ")");
219			$totalFailures++;
220			}
221			}
222			if ($messageCount == count($decoded_response['messages']) && $totalFailures == 0) {
223			return OutsideComm::SMS_SENT;
224			}
225			return OutsideComm::SMS_FRAGEMENTSLOST;
226			default:
227			throw new \Exception("Unknown SMS Gateway provider!");
228			}
229			}
230
231			const INVITE_CONTEXTS = [
232			0 => "CO-ADMIN",
233			1 => "NEW-FED",
234			2 => "EXISTING-FED",
235			];
236
237			/**
238			*
239			* @param string $targets one or more mail addresses, comma-separated
240			* @param string $introtext introductory sentence (varies by situation)
241			* @param string $newtoken the token to send
242			* @param string $idpPrettyName the name of the IdP, in best-match language
243			* @param \core\Federation $federation if not NULL, indicates that invitation comes from authorised fed admin of that federation
244			* @param string $type the type of participant we're invited to
245			* @return array
246			*/
247			public static function adminInvitationMail($targets, $introtext, $newtoken, $idpPrettyName, $federation, $type) {
248			if (!in_array($introtext, OutsideComm::INVITE_CONTEXTS)) {
249			throw new \Exception("Unknown invite mode!");
250			}
251			if ($introtext == OutsideComm::INVITE_CONTEXTS[1] && $federation === NULL) { // comes from fed admin, so federation must be set
252			throw new \Exception("Invitation from a fed admin, but we do not know the corresponding federation!");
253			}
254			$prettyPrintType = "";
255			switch ($type) {
256			case \core\IdP::TYPE_IDP:
257			$prettyPrintType = Entity::$nomenclature_inst;
258			break;
259			case \core\IdP::TYPE_SP:
260			$prettyPrintType = Entity::$nomenclature_hotspot;
261			break;
262			case \core\IdP::TYPE_IDPSP:
263			$prettyPrintType = sprintf(_("%s and %s"), Entity::$nomenclature_inst, Entity::$nomenclature_hotspot);
264			break;
265			default:
266			throw new Exception("This is controlled vocabulary, impossible.");
			0 ignored issues – show Bug introduced 2019-03-15 15:22 UTC by Report Bug Copy Issue Report The type `core\common\Exception` was not found. Did you mean `Exception`? If so, make sure to prefix the type with `\`. Loading history...
267			}
268			Entity::intoThePotatoes();
269			$mail = OutsideComm::mailHandle();
270			new \core\CAT(); // makes sure Entity is initialised
271			// we have a few stock intro texts on file
272			$introTexts = [
273			OutsideComm::INVITE_CONTEXTS[0] => sprintf(_("a %s of the %s %s \"%s\" has invited you to manage the %s together with him."), Entity::$nomenclature_fed, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], Entity::$nomenclature_participant, $idpPrettyName, Entity::$nomenclature_participant),
274			OutsideComm::INVITE_CONTEXTS[1] => sprintf(_("a %s %s has invited you to manage the future %s \"%s\" (%s). The organisation will be a %s."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], Entity::$nomenclature_fed, Entity::$nomenclature_participant, $idpPrettyName, strtoupper($federation->tld), $prettyPrintType),
275			OutsideComm::INVITE_CONTEXTS[2] => sprintf(_("a %s %s has invited you to manage the %s \"%s\". This is a %s."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], Entity::$nomenclature_fed, Entity::$nomenclature_participant, $idpPrettyName, $prettyPrintType),
276			];
277			$validity = sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X %Z", time() + 86400));
278			// need some nomenclature
279			// are we on https?
280			$proto = "http://";
281			if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") {
282			$proto = "https://";
283			}
284			// then, send out the mail
285			$message = _("Hello,") . "\n\n" . wordwrap($introTexts[$introtext] . " " . $validity, 72) . "\n\n";
286			// default means we don't have a Reply-To.
287			$replyToMessage = wordwrap(_("manually. Please do not reply to this mail; this is a send-only address."));
288
289			if ($federation !== NULL) {
290			// see if we are supposed to add a custom message
291			$customtext = $federation->getAttributes('fed:custominvite');
292			if (count($customtext) > 0) {
293			$message .= wordwrap(sprintf(_("Additional message from your %s administrator:"), Entity::$nomenclature_fed), 72) . "\n---------------------------------" .
294			wordwrap($customtext[0]['value'], 72) . "\n---------------------------------\n\n";
295			}
296			// and add Reply-To already now
297			foreach ($federation->listFederationAdmins() as $fedadmin_id) {
298			$fedadmin = new \core\User($fedadmin_id);
299			$mailaddrAttrib = $fedadmin->getAttributes("user:email");
300			$nameAttrib = $fedadmin->getAttributes("user:realname");
301			$name = $nameAttrib[0]['value'] ?? sprintf(_("%s administrator"), Entity::$nomenclature_fed);
302			if (count($mailaddrAttrib) > 0) {
303			$mail->addReplyTo($mailaddrAttrib[0]['value'], $name);
304			$replyToMessage = wordwrap(sprintf(_("manually. If you reply to this mail, you will reach your %s administrators."), Entity::$nomenclature_fed), 72);
305			}
306			}
307			}
308
309			$message .= wordwrap(sprintf(_("To enlist as an administrator for that %s, please click on the following link:"), Entity::$nomenclature_participant), 72) . "\n\n" .
310			$proto . $_SERVER['SERVER_NAME'] . CONFIG['PATHS']['cat_base_url'] . "admin/action_enrollment.php?token=$newtoken\n\n" .
311			wordwrap(sprintf(_("If clicking the link doesn't work, you can also go to the %s Administrator Interface at"), CONFIG['APPEARANCE']['productname']), 72) . "\n\n" .
312			$proto . $_SERVER['SERVER_NAME'] . CONFIG['PATHS']['cat_base_url'] . "admin/\n\n" .
313			_("and enter the invitation token") . "\n\n" .
314			$newtoken . "\n\n$replyToMessage\n\n" .
315			wordwrap(_("Do NOT forward the mail before the token has expired - or the recipients may be able to consume the token on your behalf!"), 72) . "\n\n" .
316			wordwrap(sprintf(_("We wish you a lot of fun with the %s."), CONFIG['APPEARANCE']['productname']), 72) . "\n\n" .
317			sprintf(_("Sincerely,\n\nYour friendly folks from %s Operations"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']);
318
319
320			// who to whom?
321			$mail->FromName = CONFIG['APPEARANCE']['productname'] . " Invitation System";
322
323			if (isset(CONFIG['APPEARANCE']['invitation-bcc-mail']) && CONFIG['APPEARANCE']['invitation-bcc-mail'] !== NULL) {
324			$mail->addBCC(CONFIG['APPEARANCE']['invitation-bcc-mail']);
325			}
326
327			// all addresses are wrapped in a string, but PHPMailer needs a structured list of addressees
328			// sigh... so convert as needed
329			// first split multiple into one if needed
330			$recipients = explode(", ", $targets);
331
332			$secStatus = TRUE;
333			$domainStatus = TRUE;
334
335			// fill the destinations in PHPMailer API
336			foreach ($recipients as $recipient) {
337			$mail->addAddress($recipient);
338			$status = OutsideComm::mailAddressValidSecure($recipient);
339			if ($status < OutsideComm::MAILDOMAIN_STARTTLS) {
340			$secStatus = FALSE;
341			}
342			if ($status < 0) {
343			$domainStatus = FALSE;
344			}
345			}
346			Entity::outOfThePotatoes();
347			if (!$domainStatus) {
348			return ["SENT" => FALSE, "TRANSPORT" => FALSE];
349			}
350
351			// what do we want to say?
352			Entity::intoThePotatoes();
353			$mail->Subject = sprintf(_("%s: you have been invited to manage an %s"), CONFIG['APPEARANCE']['productname'], Entity::$nomenclature_participant);
354			Entity::outOfThePotatoes();
355			$mail->Body = $message;
356			return ["SENT" => $mail->send(), "TRANSPORT" => $secStatus];
357			}
358
359			/**
360			* sends a POST with some JSON inside
361			*
362			* @param string $url the URL to POST to
363			* @param array $dataArray the data to be sent in PHP array representation
364			* @return array the JSON response, decoded into PHP associative array
365			* @throws \Exception
366			*/
367			public static function postJson($url, $dataArray) {
368			$ch = \curl_init($url);
369			\curl_setopt_array($ch, array(
370			CURLOPT_POST => TRUE,
371			CURLOPT_RETURNTRANSFER => TRUE,
372			CURLOPT_POSTFIELDS => json_encode($dataArray),
373			CURLOPT_FRESH_CONNECT => TRUE,
374			));
375			$response = \curl_exec($ch);
376			if ($response === FALSE \|\| $response === NULL) {
377			throw new \Exception("the POST didn't work!");
378			}
379			return json_decode($response, TRUE);
380			}
381
382			/**
383			* performs an HTTP request. Currently unused, will be for external CA API calls.
384			*
385			* @param string $url the URL to send the request to
386			* @param array $postValues POST values to send
387			* @return string the returned HTTP content
388
389			public static function PostHttp($url, $postValues) {
390			$options = [
391			'http' => ['header' => 'Content-type: application/x-www-form-urlencoded\r\n', "method" => 'POST', 'content' => http_build_query($postValues)]
392			];
393			$context = stream_context_create($options);
394			return file_get_contents($url, false, $context);
395			}
396			*
397			*/
398			}
399

GEANT / CAT

Push — master ( 2cdad9...933f57 )

OutsideComm::adminInvitationMail() F

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like