ApiKeyAuthenticationHandler::validateCredentials() - Code Metrics - Inspection of "apply method split refactoring to `ApiKeyAuthentic..." - Ma27/Ma27ApiKeyAuthenticationBundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 746f66...4de486 )

by Maximilian

created 2017-01-04 10:28 UTC

ApiKeyAuthenticationHandler::validateCredentials() A

↳ Parent: ApiKeyAuthenticationHandler

Complexity

Conditions	2
Paths	2

Size

Total Lines	7
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	3
CRAP Score	2

Importance

Changes

Metric	Value
dl	0
loc	7
ccs	3
cts	3
cp	1
rs	9.4285
c	0
b	0
f	0
cc	2
eloc	4
nc	2
nop	2
crap	2

<?php

namespace Ma27\ApiKeyAuthenticationBundle\Service\Auth;

use Doctrine\Common\Persistence\ObjectManager;
use Ma27\ApiKeyAuthenticationBundle\Event\OnAuthenticationEvent;
use Ma27\ApiKeyAuthenticationBundle\Event\OnInvalidCredentialsEvent;
use Ma27\ApiKeyAuthenticationBundle\Event\OnLogoutEvent;
use Ma27\ApiKeyAuthenticationBundle\Exception\CredentialException;
use Ma27\ApiKeyAuthenticationBundle\Ma27ApiKeyAuthenticationEvents;
use Ma27\ApiKeyAuthenticationBundle\Service\Key\KeyFactoryInterface;
use Ma27\ApiKeyAuthenticationBundle\Service\Mapping\ClassMetadata;
use Ma27\ApiKeyAuthenticationBundle\Service\Password\PasswordHasherInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;

/**
 * Concrete handler for api key authorization.
 */
class ApiKeyAuthenticationHandler implements AuthenticationHandlerInterface
{
    /**
     * @var ObjectManager
     */
    private $om;

    /**
     * @var PasswordHasherInterface
     */
    private $passwordHasher;

    /**
     * @var KeyFactoryInterface
     */
    private $keyFactory;

    /**
     * @var EventDispatcherInterface
     */
    private $eventDispatcher;

    /**
     * @var string
     */
    private $modelName;

    /**
     * @var ClassMetadata
     */
    private $classMetadata;

    /**
     * Constructor.
     *
     * @param ObjectManager            $om
     * @param PasswordHasherInterface  $passwordHasher
     * @param KeyFactoryInterface      $keyFactory
     * @param EventDispatcherInterface $dispatcher
     * @param string                   $modelName
     * @param ClassMetadata            $metadata
     */
    public function __construct(
        ObjectManager $om,
        PasswordHasherInterface $passwordHasher,
        KeyFactoryInterface $keyFactory,
        EventDispatcherInterface $dispatcher,
        $modelName,
        ClassMetadata $metadata
    ) {
        $this->om = $om;
        $this->passwordHasher = $passwordHasher;
        $this->keyFactory = $keyFactory;
        $this->eventDispatcher = $dispatcher;
        $this->modelName = (string) $modelName;
        $this->classMetadata = $metadata;
    }

    /**
     * {@inheritdoc}
     *
     * @throws \InvalidArgumentException If the `login` or `password` property is missing.
     * @throws CredentialException If the credentials couldn't be validated.
     */
    public function authenticate(array $credentials)
    {
        $loginProperty = $this->classMetadata->getPropertyName(ClassMetadata::LOGIN_PROPERTY);
        $passwordProperty = $this->classMetadata->getPropertyName(ClassMetadata::PASSWORD_PROPERTY);

        if (!array_key_exists($passwordProperty, $credentials)) {
            throw new \InvalidArgumentException(sprintf(
                'Unable to find password property "%s" in credential set!',
                $passwordProperty
            ));
        }

        if (!array_key_exists($loginProperty, $credentials)) {
            throw new \InvalidArgumentException(sprintf(
                'Unable to find login property "%s" in credential set!',
                $loginProperty
            ));
        }

        $object = $this->resolveObject($loginProperty, $credentials);
/**
 * @return array|string
 */
function returnsDifferentValues($x) {
    if ($x) {
        return 'foo';
    }

    return array();
}

$x = returnsDifferentValues($y);
if (is_array($x)) {
    // $x is an array.
}

        if (!$this->validateCredentials($object, $credentials[$passwordProperty])) {
            $this->eventDispatcher->dispatch(
                Ma27ApiKeyAuthenticationEvents::CREDENTIAL_FAILURE,
                new OnInvalidCredentialsEvent($object)
            );

            throw new CredentialException();
        }

        $this->eventDispatcher->dispatch(Ma27ApiKeyAuthenticationEvents::AUTHENTICATION, new OnAuthenticationEvent($object));
        $this->buildKey($object);

        $this->om->persist($object);
        $this->om->flush();

        return $object;
    }

    /**
     * {@inheritdoc}
     */
    public function removeSession($user, $purgeJob = false)
    {
        $this->classMetadata->modifyProperty($user, null, ClassMetadata::API_KEY_PROPERTY);

        $event = $this->buildEventObject($user, $purgeJob);
        $this->eventDispatcher->dispatch(Ma27ApiKeyAuthenticationEvents::LOGOUT, $event);

        $this->om->persist($user);

        // on purge jobs one big flush will be commited to the db after the whole action
        if (!$purgeJob) {
            $this->om->flush();
        }
    }

    /**
     * Getter for the object manager.
     *
     * @return ObjectManager
     */
    protected function getOm()
    {
        return $this->om;
    }

    /**
     * Getter for the password hasher.
     *
     * @return PasswordHasherInterface
     */
    protected function getPasswordHasher()
    {
        return $this->passwordHasher;
    }

    /**
     * Getter for the key factory.
     *
     * @return KeyFactoryInterface
     */
    protected function getKeyFactory()
    {
        return $this->keyFactory;
    }

    /**
     * Getter for the dispatcher.
     *
     * @return EventDispatcherInterface
     */
    protected function getEventDispatcher()
    {
        return $this->eventDispatcher;
    }

    /**
     * Getter for the model name.
     *
     * @return string
     */
    protected function getModelName()
    {
        return $this->modelName;
    }

    /**
     * @return ClassMetadata
     */
    protected function getClassMetadata()
    {
        return $this->classMetadata;
    }

    /**
     * Simple helper which builds the API key and stores it in the user.
     *
     * @param object $userObject
     */
    private function buildKey($userObject)
    {
        $key = $this->classMetadata->getPropertyValue($userObject, ClassMetadata::API_KEY_PROPERTY);

        if (empty($key)) {
            $this->classMetadata->modifyProperty(
                $userObject,
                $this->keyFactory->getKey(),
                ClassMetadata::API_KEY_PROPERTY
            );
        }
    }

    /**
     * Simple helper which searches the ObjectManager by the given login parameter.
     *
     * @param string $loginProperty
     * @param array  $credentials
     *
     * @return object
     */
    private function resolveObject($loginProperty, array $credentials)
    {
        return $this->om->getRepository($this->modelName)->findOneBy([
            $loginProperty => $credentials[$loginProperty],
        ]);
    }

    /**
     * Validates the existance of the object and ensures that a valid password is given.
     *
     * @param object $object
     * @param string $password
     *
     * @return bool
     */
    private function validateCredentials($object, $password)
    {
        return !(
            null === $object
            || !$this->passwordHasher->compareWith($object->getPassword(), $password)
        );
    }

    /**
     * Builds the `OnLogoutEvent`.
     *
     * @param object $user
     * @param bool   $purgeJob
     *
     * @return OnLogoutEvent
     */
    private function buildEventObject($user, $purgeJob = false)
    {
        $event = new OnLogoutEvent($user);
        if ($purgeJob) {
            $event->markAsPurgeJob();
        }

        return $event;
    }
}


1		<?php
2
3		namespace Ma27\ApiKeyAuthenticationBundle\Service\Auth;
4
5		use Doctrine\Common\Persistence\ObjectManager;
6		use Ma27\ApiKeyAuthenticationBundle\Event\OnAuthenticationEvent;
7		use Ma27\ApiKeyAuthenticationBundle\Event\OnInvalidCredentialsEvent;
8		use Ma27\ApiKeyAuthenticationBundle\Event\OnLogoutEvent;
9		use Ma27\ApiKeyAuthenticationBundle\Exception\CredentialException;
10		use Ma27\ApiKeyAuthenticationBundle\Ma27ApiKeyAuthenticationEvents;
11		use Ma27\ApiKeyAuthenticationBundle\Service\Key\KeyFactoryInterface;
12		use Ma27\ApiKeyAuthenticationBundle\Service\Mapping\ClassMetadata;
13		use Ma27\ApiKeyAuthenticationBundle\Service\Password\PasswordHasherInterface;
14		use Symfony\Component\EventDispatcher\EventDispatcherInterface;
15
16		/**
17		* Concrete handler for api key authorization.
18		*/
19		class ApiKeyAuthenticationHandler implements AuthenticationHandlerInterface
20		{
21		/**
22		* @var ObjectManager
23		*/
24		private $om;
25
26		/**
27		* @var PasswordHasherInterface
28		*/
29		private $passwordHasher;
30
31		/**
32		* @var KeyFactoryInterface
33		*/
34		private $keyFactory;
35
36		/**
37		* @var EventDispatcherInterface
38		*/
39		private $eventDispatcher;
40
41		/**
42		* @var string
43		*/
44		private $modelName;
45
46		/**
47		* @var ClassMetadata
48		*/
49		private $classMetadata;
50
51		/**
52		* Constructor.
53		*
54		* @param ObjectManager $om
55		* @param PasswordHasherInterface $passwordHasher
56		* @param KeyFactoryInterface $keyFactory
57		* @param EventDispatcherInterface $dispatcher
58		* @param string $modelName
59		* @param ClassMetadata $metadata
60		*/
61	19	public function __construct(
62		ObjectManager $om,
63		PasswordHasherInterface $passwordHasher,
64		KeyFactoryInterface $keyFactory,
65		EventDispatcherInterface $dispatcher,
66		$modelName,
67		ClassMetadata $metadata
68		) {
69	19	$this->om = $om;
70	19	$this->passwordHasher = $passwordHasher;
71	19	$this->keyFactory = $keyFactory;
72	19	$this->eventDispatcher = $dispatcher;
73	19	$this->modelName = (string) $modelName;
74	19	$this->classMetadata = $metadata;
75	19	}
76
77		/**
78		* {@inheritdoc}
79		*
80		* @throws \InvalidArgumentException If the `login` or `password` property is missing.
81		* @throws CredentialException If the credentials couldn't be validated.
82		*/
83	17	public function authenticate(array $credentials)
84		{
85	17	$loginProperty = $this->classMetadata->getPropertyName(ClassMetadata::LOGIN_PROPERTY);
86	17	$passwordProperty = $this->classMetadata->getPropertyName(ClassMetadata::PASSWORD_PROPERTY);
87
88	17	if (!array_key_exists($passwordProperty, $credentials)) {
89	1	throw new \InvalidArgumentException(sprintf(
90	1	'Unable to find password property "%s" in credential set!',
91		$passwordProperty
92		));
93		}
94
95	16	if (!array_key_exists($loginProperty, $credentials)) {
96	1	throw new \InvalidArgumentException(sprintf(
97	1	'Unable to find login property "%s" in credential set!',
98		$loginProperty
99		));
100		}
101
102	15	$object = $this->resolveObject($loginProperty, $credentials);
		0 ignored issues – show Bug introduced 2017-01-04 10:31 UTC by Report Bug Copy Issue Report It seems like `$loginProperty` defined by `$this->classMetadata->ge...tadata::LOGIN_PROPERTY)` on line `85` can also be of type `null` or `object<ReflectionProperty>`; however, `Ma27\ApiKeyAuthenticatio...andler::resolveObject()` does only seem to accept `string`, maybe add an additional type check? If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check: /** * @return array\|string */ function returnsDifferentValues($x) { if ($x) { return 'foo'; } return array(); } $x = returnsDifferentValues($y); if (is_array($x)) { // $x is an array. } If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue. Loading history...
103
104	15	if (!$this->validateCredentials($object, $credentials[$passwordProperty])) {
105	5	$this->eventDispatcher->dispatch(
106	5	Ma27ApiKeyAuthenticationEvents::CREDENTIAL_FAILURE,
107	5	new OnInvalidCredentialsEvent($object)
108		);
109
110	5	throw new CredentialException();
111		}
112
113	10	$this->eventDispatcher->dispatch(Ma27ApiKeyAuthenticationEvents::AUTHENTICATION, new OnAuthenticationEvent($object));
114	10	$this->buildKey($object);
115
116	10	$this->om->persist($object);
117	10	$this->om->flush();
118
119	10	return $object;
120		}
121
122		/**
123		* {@inheritdoc}
124		*/
125	4	public function removeSession($user, $purgeJob = false)
126		{
127	4	$this->classMetadata->modifyProperty($user, null, ClassMetadata::API_KEY_PROPERTY);
128
129	4	$event = $this->buildEventObject($user, $purgeJob);
130	4	$this->eventDispatcher->dispatch(Ma27ApiKeyAuthenticationEvents::LOGOUT, $event);
131
132	4	$this->om->persist($user);
133
134		// on purge jobs one big flush will be commited to the db after the whole action
135	4	if (!$purgeJob) {
136	3	$this->om->flush();
137		}
138	4	}
139
140		/**
141		* Getter for the object manager.
142		*
143		* @return ObjectManager
144		*/
145		protected function getOm()
146		{
147		return $this->om;
148		}
149
150		/**
151		* Getter for the password hasher.
152		*
153		* @return PasswordHasherInterface
154		*/
155		protected function getPasswordHasher()
156		{
157		return $this->passwordHasher;
158		}
159
160		/**
161		* Getter for the key factory.
162		*
163		* @return KeyFactoryInterface
164		*/
165		protected function getKeyFactory()
166		{
167		return $this->keyFactory;
168		}
169
170		/**
171		* Getter for the dispatcher.
172		*
173		* @return EventDispatcherInterface
174		*/
175		protected function getEventDispatcher()
176		{
177		return $this->eventDispatcher;
178		}
179
180		/**
181		* Getter for the model name.
182		*
183		* @return string
184		*/
185		protected function getModelName()
186		{
187		return $this->modelName;
188		}
189
190		/**
191		* @return ClassMetadata
192		*/
193		protected function getClassMetadata()
194		{
195		return $this->classMetadata;
196		}
197
198		/**
199		* Simple helper which builds the API key and stores it in the user.
200		*
201		* @param object $userObject
202		*/
203	10	private function buildKey($userObject)
204		{
205	10	$key = $this->classMetadata->getPropertyValue($userObject, ClassMetadata::API_KEY_PROPERTY);
206
207	10	if (empty($key)) {
208	7	$this->classMetadata->modifyProperty(
209		$userObject,
210	7	$this->keyFactory->getKey(),
211	7	ClassMetadata::API_KEY_PROPERTY
212		);
213		}
214	10	}
215
216		/**
217		* Simple helper which searches the ObjectManager by the given login parameter.
218		*
219		* @param string $loginProperty
220		* @param array $credentials
221		*
222		* @return object
223		*/
224	15	private function resolveObject($loginProperty, array $credentials)
225		{
226	15	return $this->om->getRepository($this->modelName)->findOneBy([
227	15	$loginProperty => $credentials[$loginProperty],
228		]);
229		}
230
231		/**
232		* Validates the existance of the object and ensures that a valid password is given.
233		*
234		* @param object $object
235		* @param string $password
236		*
237		* @return bool
238		*/
239	15	private function validateCredentials($object, $password)
240		{
241		return !(
242	15	null === $object
243	15	\|\| !$this->passwordHasher->compareWith($object->getPassword(), $password)
244		);
245		}
246
247		/**
248		* Builds the `OnLogoutEvent`.
249		*
250		* @param object $user
251		* @param bool $purgeJob
252		*
253		* @return OnLogoutEvent
254		*/
255	4	private function buildEventObject($user, $purgeJob = false)
256		{
257	4	$event = new OnLogoutEvent($user);
258	4	if ($purgeJob) {
259	1	$event->markAsPurgeJob();
260		}
261
262	4	return $event;
263		}
264		}
265

Ma27 / Ma27ApiKeyAuthenticationBundle

GitHub Access Token became invalid

Push — master ( 746f66...4de486 )

ApiKeyAuthenticationHandler::validateCredentials() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like