OpenConext /
Stepup-Gateway
| Conditions | 7 |
| Paths | 10 |
| Total Lines | 74 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 63 | public function consumeAssertion(Provider $provider, Request $httpRequest, ProxyResponseFactory $proxyResponseFactory) |
||
|
|
|||
| 64 | { |
||
| 65 | $stateHandler = $provider->getStateHandler(); |
||
| 66 | $originalRequestId = $stateHandler->getRequestId(); |
||
| 67 | |||
| 68 | $logger = $this->samlLogger->forAuthentication($originalRequestId); |
||
| 69 | |||
| 70 | $action = $stateHandler->hasSubject() ? 'Second Factor Verification' : 'Proxy Response'; |
||
| 71 | $logger->notice( |
||
| 72 | sprintf('Received SAMLResponse, attempting to process for %s', $action) |
||
| 73 | ); |
||
| 74 | |||
| 75 | try { |
||
| 76 | $assertion = $this->postBinding->processResponse( |
||
| 77 | $httpRequest, |
||
| 78 | $provider->getRemoteIdentityProvider(), |
||
| 79 | $provider->getServiceProvider() |
||
| 80 | ); |
||
| 81 | } catch (Exception $exception) { |
||
| 82 | $message = sprintf('Could not process received Response, error: "%s"', $exception->getMessage()); |
||
| 83 | $logger->error($message); |
||
| 84 | |||
| 85 | throw new ResponseFailureException($message); |
||
| 86 | } |
||
| 87 | |||
| 88 | $adaptedAssertion = new AssertionAdapter($assertion); |
||
| 89 | $expectedResponse = $stateHandler->getGatewayRequestId(); |
||
| 90 | if (!$adaptedAssertion->inResponseToMatches($expectedResponse)) { |
||
| 91 | throw new UnknownInResponseToException( |
||
| 92 | $adaptedAssertion->getInResponseTo(), |
||
| 93 | $expectedResponse |
||
| 94 | ); |
||
| 95 | } |
||
| 96 | |||
| 97 | $authenticatedNameId = $assertion->getNameId(); |
||
| 98 | $isSubjectRequested = $stateHandler->hasSubject(); |
||
| 99 | if ($isSubjectRequested && ($stateHandler->getSubject() !== $authenticatedNameId->value)) { |
||
| 100 | $message = sprintf( |
||
| 101 | 'Requested Subject NameID "%s" and Response NameID "%s" do not match', |
||
| 102 | $stateHandler->getSubject(), |
||
| 103 | $authenticatedNameId->value |
||
| 104 | ); |
||
| 105 | $logger->critical($message); |
||
| 106 | |||
| 107 | throw new InvalidSubjectException($message); |
||
| 108 | } |
||
| 109 | |||
| 110 | $logger->notice('Successfully processed SAMLResponse'); |
||
| 111 | |||
| 112 | if ($stateHandler->secondFactorVerificationRequested()) { |
||
| 113 | $message = 'Second Factor verification was requested and was successful, forwarding to SecondFactor handling'; |
||
| 114 | $logger->notice($message); |
||
| 115 | |||
| 116 | throw new SecondfactorVerfificationRequiredException($message); |
||
| 117 | } |
||
| 118 | |||
| 119 | $targetServiceProvider = $this->getServiceProvider($stateHandler->getRequestServiceProvider()); |
||
| 120 | |||
| 121 | $response = $proxyResponseFactory->createProxyResponse( |
||
| 122 | $assertion, |
||
| 123 | $targetServiceProvider->determineAcsLocation( |
||
| 124 | $stateHandler->getRequestAssertionConsumerServiceUrl(), |
||
| 125 | $this->logger |
||
| 126 | ) |
||
| 127 | ); |
||
| 128 | |||
| 129 | $logger->notice(sprintf( |
||
| 130 | 'Responding to request "%s" with response based on response from the remote IdP with response "%s"', |
||
| 131 | $stateHandler->getRequestId(), |
||
| 132 | $response->getId() |
||
| 133 | )); |
||
| 134 | |||
| 135 | return $response; |
||
| 136 | } |
||
| 137 | |||
| 147 |
Loading history...
Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line.