SamlEntity - Code Metrics - OpenConext/Stepup-Gateway - Measure and Improve Code Quality continuously with Scrutinizer

SamlEntity A
last analyzed 2025-11-24 03:31 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	118
Duplicated Lines	0 %

Importance

Changes

Metric	Value
eloc	43
dl	0
loc	118
rs	10
c	0
b	0
f	0
wmc	9

3 Methods

Rating	Name	Size	Complexity
A	toIdentityProvider()	18	2
A	decodeConfiguration()	3	1
B	toServiceProvider()	45	6

<?php

/**
 * Copyright 2014 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupGateway\GatewayBundle\Entity;

use Doctrine\ORM\Mapping as ORM;
use GuzzleHttp;
use Surfnet\SamlBundle\Entity\IdentityProvider;
use Surfnet\StepupGateway\GatewayBundle\Exception\RuntimeException;

/**
 * @ORM\Entity(repositoryClass="Surfnet\StepupGateway\GatewayBundle\Entity\DoctrineSamlEntityRepository")
 * @ORM\Table()
 *
 * @SuppressWarnings(PHPMD.UnusedPrivateField)
 */
class SamlEntity
{
    /**
     * Constants denoting the type of SamlEntity. Also used in the middleware to make that distinction
     */
    public const TYPE_IDP = 'idp';
    public const TYPE_SP = 'sp';

    /**
     * @var string
     *
     * @ORM\Id
     * @ORM\Column(length=36)
     */
    private $id;


    /**
     * @ORM\Column
     *
     * @var string
     */
    private $entityId;

    /**
     * @ORM\Column
     *
     * @var string
     */
    private $type;

    /**
     * @ORM\Column(type="text")
     *
     * @var string the configuration as json string
     */
    private $configuration;

    /**
     * @return IdentityProvider
     */
    public function toIdentityProvider()
    {
        if (!$this->type === self::TYPE_IDP) {

            throw new RuntimeException(sprintf(
                'Cannot cast a SAMLEntity to an IdentityProvider if it is not of the type "%s", current type: "%s"',
                self::TYPE_IDP,
                $this->type
            ));
        }

        $decodedConfiguration = $this->decodeConfiguration();

        // index based will be supported later on
        $configuration = [];
        $configuration['entityId']             = $this->entityId;
        $configuration['configuredLoas']       = $decodedConfiguration['loa'];

        return new IdentityProvider($configuration);
    }

    /**
     * @return ServiceProvider
     */
    public function toServiceProvider()
    {
        if (!$this->type === self::TYPE_SP) {

            throw new RuntimeException(sprintf(
                'Cannot cast a SAMLEntity to a ServiceProvider if it is not of the type "%s", current type: "%s"',
                self::TYPE_SP,
                $this->type
            ));
        }

        $decodedConfiguration = $this->decodeConfiguration();

        // Note that we don't set 'assertionConsumerUrl',
        // getAssertionConsumerUrl() on this service provider entity will
        // yield null. The ACS URL in the AuthnRequest is used instead, and
        // this URL is validated by matching against the configured 'allowed
        // ACS locations'. If it doesn't match, the gateway will fall back to
        // the first configured ACS location.
        $configuration = [];
        $configuration['allowedAcsLocations'] = $decodedConfiguration['acs'];
        $configuration['certificateData']     = $decodedConfiguration['public_key'];
        $configuration['entityId']            = $this->entityId;
        $configuration['configuredLoas']      = $decodedConfiguration['loa'];

        $configuration['secondFactorOnly'] = false;
        // Allow the sp to evaluate the SSO on 2FA cookie if present? (defaults to false)
        $configuration['allowSsoOn2fa'] = false;
        // Is the SP allowed to set a SSO on 2FA cookie in Gateway? (defautls to false)
        $configuration['setSsoCookieOn2fa'] = false;

        if (isset($decodedConfiguration['second_factor_only'])) {
            $configuration['secondFactorOnly'] = $decodedConfiguration['second_factor_only'];
        }
        $configuration['secondFactorOnlyNameIdPatterns'] = [];
        if (isset($decodedConfiguration['second_factor_only_nameid_patterns'])) {
            $configuration['secondFactorOnlyNameIdPatterns'] =
                $decodedConfiguration['second_factor_only_nameid_patterns'];
        }
        if (isset($decodedConfiguration['allow_sso_on_2fa'])) {
            $configuration['allowSsoOn2fa'] = $decodedConfiguration['allow_sso_on_2fa'];
        }
        if (isset($decodedConfiguration['set_sso_cookie_on_2fa'])) {
            $configuration['setSsoCookieOn2fa'] = $decodedConfiguration['set_sso_cookie_on_2fa'];
        }
        return new ServiceProvider($configuration);
    }

    /**
     * Returns the decoded configuration
     *
     * @return array
     */
    private function decodeConfiguration()
    {
        return GuzzleHttp\json_decode($this->configuration, true);
    }
}


1			<?php
2
3			/**
4			* Copyright 2014 SURFnet bv
5			*
6			* Licensed under the Apache License, Version 2.0 (the "License");
7			* you may not use this file except in compliance with the License.
8			* You may obtain a copy of the License at
9			*
10			* http://www.apache.org/licenses/LICENSE-2.0
11			*
12			* Unless required by applicable law or agreed to in writing, software
13			* distributed under the License is distributed on an "AS IS" BASIS,
14			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15			* See the License for the specific language governing permissions and
16			* limitations under the License.
17			*/
18
19			namespace Surfnet\StepupGateway\GatewayBundle\Entity;
20
21			use Doctrine\ORM\Mapping as ORM;
22			use GuzzleHttp;
23			use Surfnet\SamlBundle\Entity\IdentityProvider;
24			use Surfnet\StepupGateway\GatewayBundle\Exception\RuntimeException;
25
26			/**
27			* @ORM\Entity(repositoryClass="Surfnet\StepupGateway\GatewayBundle\Entity\DoctrineSamlEntityRepository")
28			* @ORM\Table()
29			*
30			* @SuppressWarnings(PHPMD.UnusedPrivateField)
31			*/
32			class SamlEntity
33			{
34			/**
35			* Constants denoting the type of SamlEntity. Also used in the middleware to make that distinction
36			*/
37			public const TYPE_IDP = 'idp';
38			public const TYPE_SP = 'sp';
39
40			/**
41			* @var string
42			*
43			* @ORM\Id
44			* @ORM\Column(length=36)
45			*/
46			private $id;
			0 ignored issues – show introduced 2023-09-07 07:02 UTC by Report Bug Copy Issue Report The private property `$id` is not used, and could be removed. Loading history...
47
48			/**
49			* @ORM\Column
50			*
51			* @var string
52			*/
53			private $entityId;
54
55			/**
56			* @ORM\Column
57			*
58			* @var string
59			*/
60			private $type;
61
62			/**
63			* @ORM\Column(type="text")
64			*
65			* @var string the configuration as json string
66			*/
67			private $configuration;
68
69			/**
70			* @return IdentityProvider
71			*/
72			public function toIdentityProvider()
73			{
74			if (!$this->type === self::TYPE_IDP) {
			0 ignored issues – show introduced 2023-09-07 07:02 UTC by Report Bug Copy Issue Report The condition `! $this->type === self::TYPE_IDP` is always `false`. Loading history...
75			throw new RuntimeException(sprintf(
76			'Cannot cast a SAMLEntity to an IdentityProvider if it is not of the type "%s", current type: "%s"',
77			self::TYPE_IDP,
78			$this->type
79			));
80			}
81
82			$decodedConfiguration = $this->decodeConfiguration();
83
84			// index based will be supported later on
85			$configuration = [];
86			$configuration['entityId'] = $this->entityId;
87			$configuration['configuredLoas'] = $decodedConfiguration['loa'];
88
89			return new IdentityProvider($configuration);
90			}
91
92			/**
93			* @return ServiceProvider
94			*/
95			public function toServiceProvider()
96			{
97			if (!$this->type === self::TYPE_SP) {
			0 ignored issues – show introduced 2023-09-07 07:02 UTC by Report Bug Copy Issue Report The condition `! $this->type === self::TYPE_SP` is always `false`. Loading history...
98			throw new RuntimeException(sprintf(
99			'Cannot cast a SAMLEntity to a ServiceProvider if it is not of the type "%s", current type: "%s"',
100			self::TYPE_SP,
101			$this->type
102			));
103			}
104
105			$decodedConfiguration = $this->decodeConfiguration();
106
107			// Note that we don't set 'assertionConsumerUrl',
108			// getAssertionConsumerUrl() on this service provider entity will
109			// yield null. The ACS URL in the AuthnRequest is used instead, and
110			// this URL is validated by matching against the configured 'allowed
111			// ACS locations'. If it doesn't match, the gateway will fall back to
112			// the first configured ACS location.
113			$configuration = [];
114			$configuration['allowedAcsLocations'] = $decodedConfiguration['acs'];
115			$configuration['certificateData'] = $decodedConfiguration['public_key'];
116			$configuration['entityId'] = $this->entityId;
117			$configuration['configuredLoas'] = $decodedConfiguration['loa'];
118
119			$configuration['secondFactorOnly'] = false;
120			// Allow the sp to evaluate the SSO on 2FA cookie if present? (defaults to false)
121			$configuration['allowSsoOn2fa'] = false;
122			// Is the SP allowed to set a SSO on 2FA cookie in Gateway? (defautls to false)
123			$configuration['setSsoCookieOn2fa'] = false;
124
125			if (isset($decodedConfiguration['second_factor_only'])) {
126			$configuration['secondFactorOnly'] = $decodedConfiguration['second_factor_only'];
127			}
128			$configuration['secondFactorOnlyNameIdPatterns'] = [];
129			if (isset($decodedConfiguration['second_factor_only_nameid_patterns'])) {
130			$configuration['secondFactorOnlyNameIdPatterns'] =
131			$decodedConfiguration['second_factor_only_nameid_patterns'];
132			}
133			if (isset($decodedConfiguration['allow_sso_on_2fa'])) {
134			$configuration['allowSsoOn2fa'] = $decodedConfiguration['allow_sso_on_2fa'];
135			}
136			if (isset($decodedConfiguration['set_sso_cookie_on_2fa'])) {
137			$configuration['setSsoCookieOn2fa'] = $decodedConfiguration['set_sso_cookie_on_2fa'];
138			}
139			return new ServiceProvider($configuration);
140			}
141
142			/**
143			* Returns the decoded configuration
144			*
145			* @return array
146			*/
147			private function decodeConfiguration()
148			{
149			return GuzzleHttp\json_decode($this->configuration, true);
150			}
151			}
152

OpenConext / Stepup-Gateway

SamlEntity A last analyzed 2025-11-24 03:31 UTC

Complexity

Size/Duplication

Importance

3 Methods

Duplication Side-by-Side

Filter issues like

SamlEntity A
last analyzed 2025-11-24 03:31 UTC