ShibbolethAuthenticationListener::handle() - Code Metrics - MetalArend/authentication-bundle - Measure and Improve Code Quality continuously with Scrutinizer

ShibbolethAuthenticationListener::handle() D
last analyzed 2016-09-14 12:22 UTC

↳ Parent: ShibbolethAuthenticationListener

Complexity

Conditions	18
Paths	226

Size

Total Lines	89
Code Lines	60

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	89
rs	4.0726
c	0
b	0
f	0
cc	18
eloc	60
nc	226
nop	1

How to fix Long Method Complexity

<?php

namespace Kuleuven\AuthenticationBundle\Security;

use Kuleuven\AuthenticationBundle\Service\ShibbolethServiceProvider;
use Kuleuven\AuthenticationBundle\Traits\LoggerTrait;
use Psr\Log\LoggerAwareInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Role\SwitchUserRole;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
use Symfony\Component\Security\Http\Firewall\ListenerInterface;
use Symfony\Component\Security\Http\SecurityEvents;

class ShibbolethAuthenticationListener implements ListenerInterface, LoggerAwareInterface
{
    use LoggerTrait;

    /**
     * @var ShibbolethServiceProvider
     */
    protected $shibbolethServiceProvider;

    /**
     * @var AuthenticationManagerInterface
     */
    protected $authenticationManager;

    /**
     * @var AuthenticationEntryPointInterface
     */
    protected $authenticationEntryPoint;

    /**
     * @var TokenStorageInterface
     */
    protected $tokenStorage;

    /**
     * @var EventDispatcherInterface
     */
    protected $eventDispatcher;

    /**
     * @var array
     */
    protected $defaultRoles;

    /**
     * @var string
     */
    protected $providerKey;

    public function __construct(
        ShibbolethServiceProvider $shibbolethServiceProvider,
        TokenStorageInterface $tokenStorage,
        AuthenticationManagerInterface $authenticationManager,
        AuthenticationEntryPointInterface $authenticationEntryPoint = null,
        EventDispatcherInterface $eventDispatcher = null,
        array $defaultRoles = [],
        $providerKey = ''
    )
    {
        $this->shibbolethServiceProvider = $shibbolethServiceProvider;
        $this->tokenStorage = $tokenStorage;
        $this->providerKey = $providerKey;
        $this->authenticationManager = $authenticationManager;
        $this->authenticationEntryPoint = $authenticationEntryPoint;
        $this->eventDispatcher = $eventDispatcher;
        $this->defaultRoles = $defaultRoles;
    }

    public function handle(GetResponseEvent $event)
    {
        $request = $event->getRequest();

        $attributes = $this->shibbolethServiceProvider->getAttributes();

        if (empty($attributes)) {
            $this->log('Shibboleth attributes not found');
            return;
        }

        $this->log(sprintf('Shibboleth attributes found: %s', json_encode($attributes)));

        if (!$this->shibbolethServiceProvider->isAuthenticated()) {
            $this->log('Shibboleth has not authenticated your request.');
            return;
        }

        $username = $this->shibbolethServiceProvider->getUsername();

        if (empty($username)) {
            $this->log('Username not found');
            return;
        }

        $this->log(sprintf('Username found: %s', $username));
        $token = $this->tokenStorage->getToken();

        if (!empty($token)) {
            if ($token instanceof KuleuvenUserToken && $token->isAuthenticated()) {
                $this->log(sprintf('Token found: %s', $token));
                if ($token->getUsername() === $username && count($token->getRoles()) === count($token->getUser()->getRoles())) {
                    $this->log(sprintf('Token authenticated for username "%s": %s', $username, $token));
                    return;
                }
                $roles = $token->getRoles();
                foreach ($roles as $role) {
                    if ($role instanceof SwitchUserRole) {
                        if ($role->getSource()->getUser()->getUsername() === $username) {
                            $this->log(sprintf('Token authenticated for username "%s", impersonating "%s": %s', $username, $token->getUsername(), $token));
                            return;
                        }
                        break;
                    }
                }
            }
        }

        try {
            $token = new KuleuvenUserToken(
                $username,
                $attributes,
                $this->providerKey,
                $this->defaultRoles
            );
            $this->log(sprintf('Token created for username "%s": %s', $username, $token));

            $authenticationToken = $this->authenticationManager->authenticate($token);
            if ($authenticationToken instanceof TokenInterface) {
                $this->log(sprintf('Set authentication token: %s', $authenticationToken));
                $this->tokenStorage->setToken($authenticationToken);
                if (null !== $this->eventDispatcher) {
                    $loginEvent = new InteractiveLoginEvent($request, $authenticationToken);
                    $this->log('Dispatch login event');
                    $this->eventDispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent);
                }
            } elseif ($authenticationToken instanceof Response) {
                $this->log('Using authentication token as response...');
                $event->setResponse($authenticationToken);
            }
        } catch (AuthenticationException $failed) {
            $this->log(sprintf('Authentication request failed for username "%s": %s', $username, $failed->getMessage()));

            $token = $this->tokenStorage->getToken();
            if ($token instanceof KuleuvenUserToken) {
                $this->tokenStorage->setToken(null);
                $this->log(sprintf('Token removed from storage', $token));
            }

            try {
                $event->setResponse($this->authenticationEntryPoint->start($request, $failed));
            } catch (AuthenticationException $failed) {
                $this->log('Entry point failed, sending forbidden response...');
                $response = (new Response());
                $response->setStatusCode(Response::HTTP_FORBIDDEN);
                $event->setResponse($response);
            }
        }
    }
}


1			<?php
2
3			namespace Kuleuven\AuthenticationBundle\Security;
4
5			use Kuleuven\AuthenticationBundle\Service\ShibbolethServiceProvider;
6			use Kuleuven\AuthenticationBundle\Traits\LoggerTrait;
7			use Psr\Log\LoggerAwareInterface;
8			use Symfony\Component\EventDispatcher\EventDispatcherInterface;
9			use Symfony\Component\HttpFoundation\Response;
10			use Symfony\Component\HttpKernel\Event\GetResponseEvent;
11			use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
12			use Symfony\Component\Security\Core\Role\SwitchUserRole;
13			use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
14			use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
15			use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
16			use Symfony\Component\Security\Core\Exception\AuthenticationException;
17			use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
18			use Symfony\Component\Security\Http\Firewall\ListenerInterface;
19			use Symfony\Component\Security\Http\SecurityEvents;
20
21			class ShibbolethAuthenticationListener implements ListenerInterface, LoggerAwareInterface
22			{
23			use LoggerTrait;
24
25			/**
26			* @var ShibbolethServiceProvider
27			*/
28			protected $shibbolethServiceProvider;
29
30			/**
31			* @var AuthenticationManagerInterface
32			*/
33			protected $authenticationManager;
34
35			/**
36			* @var AuthenticationEntryPointInterface
37			*/
38			protected $authenticationEntryPoint;
39
40			/**
41			* @var TokenStorageInterface
42			*/
43			protected $tokenStorage;
44
45			/**
46			* @var EventDispatcherInterface
47			*/
48			protected $eventDispatcher;
49
50			/**
51			* @var array
52			*/
53			protected $defaultRoles;
54
55			/**
56			* @var string
57			*/
58			protected $providerKey;
59
60			public function __construct(
61			ShibbolethServiceProvider $shibbolethServiceProvider,
62			TokenStorageInterface $tokenStorage,
63			AuthenticationManagerInterface $authenticationManager,
64			AuthenticationEntryPointInterface $authenticationEntryPoint = null,
65			EventDispatcherInterface $eventDispatcher = null,
66			array $defaultRoles = [],
67			$providerKey = ''
68			)
69			{
70			$this->shibbolethServiceProvider = $shibbolethServiceProvider;
71			$this->tokenStorage = $tokenStorage;
72			$this->providerKey = $providerKey;
73			$this->authenticationManager = $authenticationManager;
74			$this->authenticationEntryPoint = $authenticationEntryPoint;
75			$this->eventDispatcher = $eventDispatcher;
76			$this->defaultRoles = $defaultRoles;
77			}
78
79			public function handle(GetResponseEvent $event)
80			{
81			$request = $event->getRequest();
82
83			$attributes = $this->shibbolethServiceProvider->getAttributes();
84
85			if (empty($attributes)) {
86			$this->log('Shibboleth attributes not found');
87			return;
88			}
89
90			$this->log(sprintf('Shibboleth attributes found: %s', json_encode($attributes)));
91
92			if (!$this->shibbolethServiceProvider->isAuthenticated()) {
93			$this->log('Shibboleth has not authenticated your request.');
94			return;
95			}
96
97			$username = $this->shibbolethServiceProvider->getUsername();
98
99			if (empty($username)) {
100			$this->log('Username not found');
101			return;
102			}
103
104			$this->log(sprintf('Username found: %s', $username));
105			$token = $this->tokenStorage->getToken();
106
107			if (!empty($token)) {
108			if ($token instanceof KuleuvenUserToken && $token->isAuthenticated()) {
109			$this->log(sprintf('Token found: %s', $token));
110			if ($token->getUsername() === $username && count($token->getRoles()) === count($token->getUser()->getRoles())) {
111			$this->log(sprintf('Token authenticated for username "%s": %s', $username, $token));
112			return;
113			}
114			$roles = $token->getRoles();
115			foreach ($roles as $role) {
116			if ($role instanceof SwitchUserRole) {
117			if ($role->getSource()->getUser()->getUsername() === $username) {
118			$this->log(sprintf('Token authenticated for username "%s", impersonating "%s": %s', $username, $token->getUsername(), $token));
119			return;
120			}
121			break;
122			}
123			}
124			}
125			}
126
127			try {
128			$token = new KuleuvenUserToken(
129			$username,
130			$attributes,
131			$this->providerKey,
132			$this->defaultRoles
133			);
134			$this->log(sprintf('Token created for username "%s": %s', $username, $token));
135
136			$authenticationToken = $this->authenticationManager->authenticate($token);
137			if ($authenticationToken instanceof TokenInterface) {
138			$this->log(sprintf('Set authentication token: %s', $authenticationToken));
139			$this->tokenStorage->setToken($authenticationToken);
140			if (null !== $this->eventDispatcher) {
141			$loginEvent = new InteractiveLoginEvent($request, $authenticationToken);
142			$this->log('Dispatch login event');
143			$this->eventDispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent);
144			}
145			} elseif ($authenticationToken instanceof Response) {
146			$this->log('Using authentication token as response...');
147			$event->setResponse($authenticationToken);
148			}
149			} catch (AuthenticationException $failed) {
150			$this->log(sprintf('Authentication request failed for username "%s": %s', $username, $failed->getMessage()));
151
152			$token = $this->tokenStorage->getToken();
153			if ($token instanceof KuleuvenUserToken) {
154			$this->tokenStorage->setToken(null);
155			$this->log(sprintf('Token removed from storage', $token));
156			}
157
158			try {
159			$event->setResponse($this->authenticationEntryPoint->start($request, $failed));
160			} catch (AuthenticationException $failed) {
161			$this->log('Entry point failed, sending forbidden response...');
162			$response = (new Response());
163			$response->setStatusCode(Response::HTTP_FORBIDDEN);
164			$event->setResponse($response);
165			}
166			}
167			}
168			}
169

MetalArend / authentication-bundle

ShibbolethAuthenticationListener::handle() D last analyzed 2016-09-14 12:22 UTC

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like

ShibbolethAuthenticationListener::handle() D
last analyzed 2016-09-14 12:22 UTC