Authenticator - Code Metrics - Inspection of "Catch (and ignore) possible DB errors." - JC5/google2fa-laravel - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( bbf340...fc9753 )

by James

created 2019-12-07 16:41 UTC

Authenticator A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	189
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	11

Test Coverage

Coverage

76.27%

Importance

Changes

Metric	Value
wmc	25
lcom	1
cbo	11
dl	0
loc	189
ccs	45
cts	59
cp	0.7627
rs	10
c	0
b	0
f	0

11 Methods

Rating	Name	Size	Complexity
A	__construct()	4	1
A	boot()	6	1
A	bootStateless()	8	1
A	cleanupTokens()	7	2
A	fireLoginEvent()	10	2
A	getOneTimePassword()	14	4
A	isAuthenticated()	4	2
A	hasValidCookieToken()	24	3
A	canPassWithoutCheckingOTP()	8	4
A	checkOTP()	17	4
A	verifyOneTimePassword()	4	1

<?php

declare(strict_types=1);

namespace PragmaRX\Google2FALaravel\Support;

use Illuminate\Database\QueryException;
use Illuminate\Http\Request as IlluminateRequest;
use Illuminate\Support\Facades\DB;
use PragmaRX\Google2FALaravel\Events\EmptyOneTimePasswordReceived;
use PragmaRX\Google2FALaravel\Events\LoginFailed;
use PragmaRX\Google2FALaravel\Events\LoginSucceeded;
use PragmaRX\Google2FALaravel\Exceptions\InvalidOneTimePassword;
use PragmaRX\Google2FALaravel\Google2FA;

/**
 * Class Authenticator
 */
class Authenticator extends Google2FA
{
    use ErrorBag, Input, Response, Session;

    /**
     * The current password.
     *
     * @var
     */
    protected $password;

    /**
     * Authenticator constructor.
     *
     * @param \Illuminate\Http\Request $request
     */
    public function __construct(IlluminateRequest $request)
    {
        parent::__construct($request);
    }

    /**
     * Authenticator boot.
     *
     * @param $request
     *
     * @return Google2FA
     */
    public function boot($request)
    {
        parent::boot($request);

        return $this;
    }

    /**
     * Authenticator boot for API usage.
     *
     * @param $request
     *
     * @return Google2FA
     */
    public function bootStateless($request)
    {
        $this->boot($request);

        $this->setStateless();

        return $this;
    }

    /**
     * Removes expired tokens from the database.
     */
    public function cleanupTokens(): void
    {
        if (true === config('google2fa.store_in_cookie')) {
            // TODO add try/catch
            DB::table('2fa_tokens')->where('expires_at', '<=', date('Y-m-d H:i:s'))->delete();
        }
    }

    /**
     * Fire login (success or failed).
     *
     * @param $succeeded
     *
     */
    private function fireLoginEvent($succeeded)
    {
        event(
            $succeeded
                ? new LoginSucceeded($this->getUser())
                : new LoginFailed($this->getUser())
        );

        return $succeeded;
    }

    /**
     * Get the OTP from user input.
     *
     * @throws InvalidOneTimePassword
     *
     * @return mixed
     */
    protected function getOneTimePassword()
    {
        $password = $this->getInputOneTimePassword();

        if (is_null($password) || empty($password)) {
            event(new EmptyOneTimePasswordReceived());

            if ($this->config('throw_exceptions', true)) {
                throw new InvalidOneTimePassword(config('google2fa.error_messages.cannot_be_empty'));
            }
        }

        return $password;
    }

    /**
     * Check if the current use is authenticated via OTP.
     *
     * @return bool
     */
    public function isAuthenticated()
    {
        return $this->canPassWithoutCheckingOTP() || ($this->checkOTP() === Constants::OTP_VALID);
    }

    /**
     * @return bool
     */
    public function hasValidCookieToken(): bool
    {
        $storeInCookie = config('google2fa.store_in_cookie', false);
        if (false === $storeInCookie) {
            return false;
        }
        $cookieName = config('google2fa.cookie_name', 'google2fa_token');

        /** @var Request $request */
        $token = $this->getRequest()->cookies->get($cookieName);
        $time  = date('Y-m-d H:i:s');

        // check DB for token.
        try {
            $count = DB::table('2fa_tokens')
                       ->where('token', $token)
                       ->where('expires_at', '>', $time)
                       ->where('user_id', $this->getUser()->id)->count();
        } catch (QueryException $e) {
            $count = 0;
        }

        return 1 === $count;
    }

    /**
     * Check if it is already logged in or passable without checking for an OTP.
     *
     * @return bool
     */
    protected function canPassWithoutCheckingOTP()
    {
        return
            !$this->isEnabled()
            || $this->noUserIsAuthenticated()
            || !$this->isActivated()
            || $this->twoFactorAuthStillValid();
    }

    /**
     * Check if the input OTP is valid. Returns one of the possible OTP_STATUS codes:
     * 'empty', 'valid' or 'invalid'.
     *
     * @return string
     */
    protected function checkOTP()
    {
        if (!$this->inputHasOneTimePassword() || empty($this->getInputOneTimePassword())) {
            return Constants::OTP_EMPTY;
        }

        $isValid = $this->verifyOneTimePassword();

        if ($isValid) {
            $this->login();
            $this->fireLoginEvent($isValid);

            return Constants::OTP_VALID;
        }

        return Constants::OTP_INVALID;
    }

    /**
     * Verify the OTP.
     *
     * @throws InvalidOneTimePassword
     *
     * @return mixed
     */
    protected function verifyOneTimePassword()
    {
        return $this->verifyAndStoreOneTimePassword($this->getOneTimePassword());
    }
}


1		<?php
2
3		declare(strict_types=1);
4
5		namespace PragmaRX\Google2FALaravel\Support;
6
7		use Illuminate\Database\QueryException;
8		use Illuminate\Http\Request as IlluminateRequest;
9		use Illuminate\Support\Facades\DB;
10		use PragmaRX\Google2FALaravel\Events\EmptyOneTimePasswordReceived;
11		use PragmaRX\Google2FALaravel\Events\LoginFailed;
12		use PragmaRX\Google2FALaravel\Events\LoginSucceeded;
13		use PragmaRX\Google2FALaravel\Exceptions\InvalidOneTimePassword;
14		use PragmaRX\Google2FALaravel\Google2FA;
15
16		/**
17		* Class Authenticator
18		*/
19		class Authenticator extends Google2FA
20		{
21		use ErrorBag, Input, Response, Session;
22
23		/**
24		* The current password.
25		*
26		* @var
27		*/
28		protected $password;
29
30		/**
31		* Authenticator constructor.
32		*
33		* @param \Illuminate\Http\Request $request
34		*/
35	9	public function __construct(IlluminateRequest $request)
36		{
37	9	parent::__construct($request);
38	9	}
39
40		/**
41		* Authenticator boot.
42		*
43		* @param $request
44		*
45		* @return Google2FA
46		*/
47	9	public function boot($request)
48		{
49	9	parent::boot($request);
50
51	9	return $this;
52		}
53
54		/**
55		* Authenticator boot for API usage.
56		*
57		* @param $request
58		*
59		* @return Google2FA
60		*/
61	1	public function bootStateless($request)
62		{
63	1	$this->boot($request);
64
65	1	$this->setStateless();
66
67	1	return $this;
68		}
69
70		/**
71		* Removes expired tokens from the database.
72		*/
73	7	public function cleanupTokens(): void
74		{
75	7	if (true === config('google2fa.store_in_cookie')) {
76		// TODO add try/catch
77		DB::table('2fa_tokens')->where('expires_at', '<=', date('Y-m-d H:i:s'))->delete();
78		}
79	7	}
80
81		/**
82		* Fire login (success or failed).
83		*
84		* @param $succeeded
85		*
86		*/
87	4	private function fireLoginEvent($succeeded)
88		{
89	4	event(
90	4	$succeeded
91	4	? new LoginSucceeded($this->getUser())
92	4	: new LoginFailed($this->getUser())
93		);
94
95	4	return $succeeded;
96		}
97
98		/**
99		* Get the OTP from user input.
100		*
101		* @throws InvalidOneTimePassword
102		*
103		* @return mixed
104		*/
105	5	protected function getOneTimePassword()
106		{
107	5	$password = $this->getInputOneTimePassword();
108
109	5	if (is_null($password) \|\| empty($password)) {
110		event(new EmptyOneTimePasswordReceived());
111
112		if ($this->config('throw_exceptions', true)) {
113		throw new InvalidOneTimePassword(config('google2fa.error_messages.cannot_be_empty'));
114		}
115		}
116
117	5	return $password;
118		}
119
120		/**
121		* Check if the current use is authenticated via OTP.
122		*
123		* @return bool
124		*/
125	9	public function isAuthenticated()
126		{
127	9	return $this->canPassWithoutCheckingOTP() \|\| ($this->checkOTP() === Constants::OTP_VALID);
128		}
129
130		/**
131		* @return bool
132		*/
133	8	public function hasValidCookieToken(): bool
134		{
135	8	$storeInCookie = config('google2fa.store_in_cookie', false);
136	8	if (false === $storeInCookie) {
137	8	return false;
138		}
139		$cookieName = config('google2fa.cookie_name', 'google2fa_token');
140
141		/** @var Request $request */
142		$token = $this->getRequest()->cookies->get($cookieName);
143		$time = date('Y-m-d H:i:s');
144
145		// check DB for token.
146		try {
147		$count = DB::table('2fa_tokens')
148		->where('token', $token)
149		->where('expires_at', '>', $time)
150		->where('user_id', $this->getUser()->id)->count();
151		} catch (QueryException $e) {
152		$count = 0;
153		}
154
155		return 1 === $count;
156		}
157
158		/**
159		* Check if it is already logged in or passable without checking for an OTP.
160		*
161		* @return bool
162		*/
163	9	protected function canPassWithoutCheckingOTP()
164		{
165		return
166	9	!$this->isEnabled()
167	9	\|\| $this->noUserIsAuthenticated()
168	9	\|\| !$this->isActivated()
169	9	\|\| $this->twoFactorAuthStillValid();
170		}
171
172		/**
173		* Check if the input OTP is valid. Returns one of the possible OTP_STATUS codes:
174		* 'empty', 'valid' or 'invalid'.
175		*
176		* @return string
177		*/
178	9	protected function checkOTP()
179		{
180	9	if (!$this->inputHasOneTimePassword() \|\| empty($this->getInputOneTimePassword())) {
181	7	return Constants::OTP_EMPTY;
182		}
183
184	5	$isValid = $this->verifyOneTimePassword();
185
186	5	if ($isValid) {
187	4	$this->login();
188	4	$this->fireLoginEvent($isValid);
189
190	4	return Constants::OTP_VALID;
191		}
192
193	1	return Constants::OTP_INVALID;
194		}
195
196		/**
197		* Verify the OTP.
198		*
199		* @throws InvalidOneTimePassword
200		*
201		* @return mixed
202		*/
203	5	protected function verifyOneTimePassword()
204		{
205	5	return $this->verifyAndStoreOneTimePassword($this->getOneTimePassword());
206		}
207		}
208

JC5 / google2fa-laravel

GitHub Access Token became invalid

Push — master ( bbf340...fc9753 )

Authenticator A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

11 Methods

Duplication Side-by-Side

Filter issues like