ConsumeAssertionService - Code Metrics - Inspection of "Add gateway endpoint tests 9" - OpenConext/Stepup-Gateway - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — feature/refactor-gateway-contr... ( 4996d0...48680d )

unknown

created 2018-08-23 15:35 UTC

ConsumeAssertionService A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	124
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	15

Importance

Changes

Metric	Value
wmc	9
lcom	1
cbo	15
dl	0
loc	124
rs	10
c	0
b	0
f	0

3 Methods

Rating	Name	Size	Complexity
A	__construct()	11	1
B	consumeAssertion()	74	7
A	getServiceProvider()	4	1

<?php

namespace Surfnet\StepupGateway\SamlStepupProviderBundle\Service;

use Exception;
use Psr\Log\LoggerInterface;
use Surfnet\SamlBundle\Http\PostBinding;
use Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger;
use Surfnet\StepupGateway\GatewayBundle\Entity\ServiceProvider;
use Surfnet\StepupGateway\GatewayBundle\Exception\ResponseFailureException;
use Surfnet\StepupGateway\GatewayBundle\Saml\AssertionAdapter;
use Surfnet\StepupGateway\GatewayBundle\Saml\Exception\UnknownInResponseToException;
use Surfnet\StepupGateway\SamlStepupProviderBundle\Exception\InvalidSubjectException;
use Surfnet\StepupGateway\SamlStepupProviderBundle\Exception\SecondfactorVerfificationRequiredException;
use Surfnet\StepupGateway\SamlStepupProviderBundle\Provider\ConnectedServiceProviders;
use Surfnet\StepupGateway\SamlStepupProviderBundle\Provider\Provider;
use Surfnet\StepupGateway\SamlStepupProviderBundle\Saml\ProxyResponseFactory;
use Symfony\Component\HttpFoundation\Request;

/**
 * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
 */
class ConsumeAssertionService
{
    /** @var LoggerInterface */
    private $logger;

    /** @var SamlAuthenticationLogger */
    private $samlLogger;

    /** @var PostBinding */
    private $postBinding;

    /** @var ConnectedServiceProviders */
    private $connectedServiceProviders;

    /**
     * ConsumeAssertionService constructor.
     * @param LoggerInterface $logger
     * @param SamlAuthenticationLogger $samlLogger
     * @param PostBinding $postBinding
     * @param ConnectedServiceProviders $connectedServiceProviders
     */
    public function __construct(
        LoggerInterface $logger,
        SamlAuthenticationLogger $samlLogger,
        PostBinding $postBinding,
        ConnectedServiceProviders $connectedServiceProviders
    ) {
        $this->logger = $logger;
        $this->samlLogger = $samlLogger;
        $this->postBinding = $postBinding;
        $this->connectedServiceProviders = $connectedServiceProviders;
    }

    /**
     * @param Provider $provider
     * @param Request $httpRequest
     * @param ProxyResponseFactory $proxyResponseFactory
     * @return \SAML2\Response
     * @throws Exception
     */
    public function consumeAssertion(Provider $provider, Request $httpRequest, ProxyResponseFactory $proxyResponseFactory)

    {
        $stateHandler = $provider->getStateHandler();
        $originalRequestId = $stateHandler->getRequestId();

        $logger = $this->samlLogger->forAuthentication($originalRequestId);

        $action = $stateHandler->hasSubject() ? 'Second Factor Verification' : 'Proxy Response';
        $logger->notice(
            sprintf('Received SAMLResponse, attempting to process for %s', $action)
        );

        try {
            $assertion = $this->postBinding->processResponse(
                $httpRequest,
                $provider->getRemoteIdentityProvider(),
                $provider->getServiceProvider()
            );
        } catch (Exception $exception) {
            $message = sprintf('Could not process received Response, error: "%s"', $exception->getMessage());
            $logger->error($message);

            throw new ResponseFailureException($message);
        }

        $adaptedAssertion = new AssertionAdapter($assertion);
        $expectedResponse = $stateHandler->getGatewayRequestId();
        if (!$adaptedAssertion->inResponseToMatches($expectedResponse)) {
            throw new UnknownInResponseToException(
                $adaptedAssertion->getInResponseTo(),
                $expectedResponse
            );
        }

        $authenticatedNameId = $assertion->getNameId();
        $isSubjectRequested = $stateHandler->hasSubject();
        if ($isSubjectRequested && ($stateHandler->getSubject() !== $authenticatedNameId->value)) {
            $message = sprintf(
                'Requested Subject NameID "%s" and Response NameID "%s" do not match',
                $stateHandler->getSubject(),
                $authenticatedNameId->value
            );
            $logger->critical($message);

            throw new InvalidSubjectException($message);
        }

        $logger->notice('Successfully processed SAMLResponse');

        if ($stateHandler->secondFactorVerificationRequested()) {
            $message = 'Second Factor verification was requested and was successful, forwarding to SecondFactor handling';

            $logger->notice($message);

            throw new SecondfactorVerfificationRequiredException($message);
        }

        $targetServiceProvider = $this->getServiceProvider($stateHandler->getRequestServiceProvider());

        $response = $proxyResponseFactory->createProxyResponse(
            $assertion,
            $targetServiceProvider->determineAcsLocation(
                $stateHandler->getRequestAssertionConsumerServiceUrl(),
                $this->logger
            )
        );

        $logger->notice(sprintf(
            'Responding to request "%s" with response based on response from the remote IdP with response "%s"',
            $stateHandler->getRequestId(),
            $response->getId()
        ));

        return $response;
    }

    /**
     * @param string $serviceProvider
     * @return ServiceProvider
     */
    private function getServiceProvider($serviceProvider)
    {
        return $this->connectedServiceProviders->getConfigurationOf($serviceProvider);
    }
}


1			<?php
2
3			namespace Surfnet\StepupGateway\SamlStepupProviderBundle\Service;
4
5			use Exception;
6			use Psr\Log\LoggerInterface;
7			use Surfnet\SamlBundle\Http\PostBinding;
8			use Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger;
9			use Surfnet\StepupGateway\GatewayBundle\Entity\ServiceProvider;
10			use Surfnet\StepupGateway\GatewayBundle\Exception\ResponseFailureException;
11			use Surfnet\StepupGateway\GatewayBundle\Saml\AssertionAdapter;
12			use Surfnet\StepupGateway\GatewayBundle\Saml\Exception\UnknownInResponseToException;
13			use Surfnet\StepupGateway\SamlStepupProviderBundle\Exception\InvalidSubjectException;
14			use Surfnet\StepupGateway\SamlStepupProviderBundle\Exception\SecondfactorVerfificationRequiredException;
15			use Surfnet\StepupGateway\SamlStepupProviderBundle\Provider\ConnectedServiceProviders;
16			use Surfnet\StepupGateway\SamlStepupProviderBundle\Provider\Provider;
17			use Surfnet\StepupGateway\SamlStepupProviderBundle\Saml\ProxyResponseFactory;
18			use Symfony\Component\HttpFoundation\Request;
19
20			/**
21			* @SuppressWarnings(PHPMD.CouplingBetweenObjects)
22			*/
23			class ConsumeAssertionService
24			{
25			/** @var LoggerInterface */
26			private $logger;
27
28			/** @var SamlAuthenticationLogger */
29			private $samlLogger;
30
31			/** @var PostBinding */
32			private $postBinding;
33
34			/** @var ConnectedServiceProviders */
35			private $connectedServiceProviders;
36
37			/**
38			* ConsumeAssertionService constructor.
39			* @param LoggerInterface $logger
40			* @param SamlAuthenticationLogger $samlLogger
41			* @param PostBinding $postBinding
42			* @param ConnectedServiceProviders $connectedServiceProviders
43			*/
44			public function __construct(
45			LoggerInterface $logger,
46			SamlAuthenticationLogger $samlLogger,
47			PostBinding $postBinding,
48			ConnectedServiceProviders $connectedServiceProviders
49			) {
50			$this->logger = $logger;
51			$this->samlLogger = $samlLogger;
52			$this->postBinding = $postBinding;
53			$this->connectedServiceProviders = $connectedServiceProviders;
54			}
55
56			/**
57			* @param Provider $provider
58			* @param Request $httpRequest
59			* @param ProxyResponseFactory $proxyResponseFactory
60			* @return \SAML2\Response
61			* @throws Exception
62			*/
63			public function consumeAssertion(Provider $provider, Request $httpRequest, ProxyResponseFactory $proxyResponseFactory)
			0 ignored issues – show Coding Style introduced 2018-08-23 15:38 UTC by Report Bug Copy Issue Report This line exceeds maximum limit of 120 characters; contains 122 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
64			{
65			$stateHandler = $provider->getStateHandler();
66			$originalRequestId = $stateHandler->getRequestId();
67
68			$logger = $this->samlLogger->forAuthentication($originalRequestId);
69
70			$action = $stateHandler->hasSubject() ? 'Second Factor Verification' : 'Proxy Response';
71			$logger->notice(
72			sprintf('Received SAMLResponse, attempting to process for %s', $action)
73			);
74
75			try {
76			$assertion = $this->postBinding->processResponse(
77			$httpRequest,
78			$provider->getRemoteIdentityProvider(),
79			$provider->getServiceProvider()
80			);
81			} catch (Exception $exception) {
82			$message = sprintf('Could not process received Response, error: "%s"', $exception->getMessage());
83			$logger->error($message);
84
85			throw new ResponseFailureException($message);
86			}
87
88			$adaptedAssertion = new AssertionAdapter($assertion);
89			$expectedResponse = $stateHandler->getGatewayRequestId();
90			if (!$adaptedAssertion->inResponseToMatches($expectedResponse)) {
91			throw new UnknownInResponseToException(
92			$adaptedAssertion->getInResponseTo(),
93			$expectedResponse
94			);
95			}
96
97			$authenticatedNameId = $assertion->getNameId();
98			$isSubjectRequested = $stateHandler->hasSubject();
99			if ($isSubjectRequested && ($stateHandler->getSubject() !== $authenticatedNameId->value)) {
100			$message = sprintf(
101			'Requested Subject NameID "%s" and Response NameID "%s" do not match',
102			$stateHandler->getSubject(),
103			$authenticatedNameId->value
104			);
105			$logger->critical($message);
106
107			throw new InvalidSubjectException($message);
108			}
109
110			$logger->notice('Successfully processed SAMLResponse');
111
112			if ($stateHandler->secondFactorVerificationRequested()) {
113			$message = 'Second Factor verification was requested and was successful, forwarding to SecondFactor handling';
			0 ignored issues – show Coding Style introduced 2018-08-23 15:38 UTC by Report Bug Copy Issue Report This line exceeds maximum limit of 120 characters; contains 122 characters Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line. Loading history...
114			$logger->notice($message);
115
116			throw new SecondfactorVerfificationRequiredException($message);
117			}
118
119			$targetServiceProvider = $this->getServiceProvider($stateHandler->getRequestServiceProvider());
120
121			$response = $proxyResponseFactory->createProxyResponse(
122			$assertion,
123			$targetServiceProvider->determineAcsLocation(
124			$stateHandler->getRequestAssertionConsumerServiceUrl(),
125			$this->logger
126			)
127			);
128
129			$logger->notice(sprintf(
130			'Responding to request "%s" with response based on response from the remote IdP with response "%s"',
131			$stateHandler->getRequestId(),
132			$response->getId()
133			));
134
135			return $response;
136			}
137
138			/**
139			* @param string $serviceProvider
140			* @return ServiceProvider
141			*/
142			private function getServiceProvider($serviceProvider)
143			{
144			return $this->connectedServiceProviders->getConfigurationOf($serviceProvider);
145			}
146			}
147

OpenConext / Stepup-Gateway

Push — feature/refactor-gateway-contr... ( 4996d0...48680d )

ConsumeAssertionService A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

3 Methods

Duplication Side-by-Side

Filter issues like