SelectionController - Code Metrics - Inspection of "Feature/second factor only" - OpenConext/Stepup-Gateway - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#91)

by Boy

created 2016-05-26 10:18 UTC

SelectionController A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	79
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	3

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
wmc	5
c	2
b	0
f	0
lcom	1
cbo	3
dl	0
loc	79
rs	10

1 Method

Rating	Name	Duplication	Size	Complexity
B	selectSecondFactorForVerificationAction()	0	76	5

<?php

/**
 * Copyright 2014 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupGateway\GatewayBundle\Controller;

use Psr\Log\LoggerInterface;
use Surfnet\StepupBundle\Command\VerifyPossessionOfPhoneCommand;
use Surfnet\StepupBundle\Value\PhoneNumber\InternationalPhoneNumber;
use Surfnet\StepupGateway\GatewayBundle\Saml\ResponseContext;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;

class SelectionController extends Controller
{
    public function selectSecondFactorForVerificationAction()
    {
        /** @var ResponseContext $responseContext */
        $context = $this->get(
          $this->get('gateway.proxy.state_handler')->getResponseContextServiceId()
        );
        $originalRequestId = $context->getInResponseTo();

        /** @var \Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger $logger */
        $logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
        $logger->notice('Determining which second factor to use...');

        $requiredLoa = $this
            ->get('gateway.service.stepup_authentication')
            ->resolveHighestRequiredLoa(
                $context->getRequiredLoa(),
                $context->getServiceProvider(),
                $context->getAuthenticatingIdp()
            );

        if ($requiredLoa === null) {
            $logger->notice(
                'No valid required Loa can be determined, no authentication is possible, Loa cannot be given'
            );

            return $this->forward('SurfnetStepupGatewayGatewayBundle:Failure:sendLoaCannotBeGiven');
        } else {
            $logger->notice(sprintf('Determined that the required Loa is "%s"', $requiredLoa));
        }

        if ($this->get('gateway.service.stepup_authentication')->isIntrinsicLoa($requiredLoa)) {
            $this->get('gateway.authentication_logger')->logIntrinsicLoaAuthentication($originalRequestId);

            return $this->forward($context->getResponseAction());
        }

        $secondFactorCollection = $this
            ->get('gateway.service.stepup_authentication')
            ->determineViableSecondFactors($context->getIdentityNameId(), $requiredLoa);

        if (count($secondFactorCollection) === 0) {
            $logger->notice('No second factors can give the determined Loa');

            return $this->forward('SurfnetStepupGatewayGatewayBundle:Failure:sendLoaCannotBeGiven');
        }

        // will be replaced by a second factor selection screen once we support multiple
        /** @var \Surfnet\StepupGateway\GatewayBundle\Entity\SecondFactor $secondFactor */
        $secondFactor = $secondFactorCollection->first();
        // when multiple second factors are supported this should be moved into the
        // StepUpAuthenticationService::determineViableSecondFactors and handled in a performant way
        // currently keeping this here for visibility
        if (!$this->get('gateway.service.whitelist')->contains($secondFactor->institution)) {
            $logger->notice(sprintf(
                'Second factor "%s" is listed for institution "%s" which is not on the whitelist, sending Loa '
                . 'cannot be given response',
                $secondFactor->secondFactorId,
                $secondFactor->institution
            ));

            return $this->forward('SurfnetStepupGatewayGatewayBundle:Failure:sendLoaCannotBeGiven');
        }

        $logger->notice(sprintf(
            'Found "%d" second factors, using second factor of type "%s"',
            count($secondFactorCollection),
            $secondFactor->secondFactorType
        ));

        $context->saveSelectedSecondFactor($secondFactor->secondFactorId);

        $this->get('gateway.service.stepup_authentication')->clearSmsVerificationState();

        $route = 'gateway_verify_second_factor_' . strtolower($secondFactor->secondFactorType);
        return $this->redirect($this->generateUrl($route));
    }
}


1			<?php
2
3			/**
4			* Copyright 2014 SURFnet bv
5			*
6			* Licensed under the Apache License, Version 2.0 (the "License");
7			* you may not use this file except in compliance with the License.
8			* You may obtain a copy of the License at
9			*
10			* http://www.apache.org/licenses/LICENSE-2.0
11			*
12			* Unless required by applicable law or agreed to in writing, software
13			* distributed under the License is distributed on an "AS IS" BASIS,
14			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15			* See the License for the specific language governing permissions and
16			* limitations under the License.
17			*/
18
19			namespace Surfnet\StepupGateway\GatewayBundle\Controller;
20
21			use Psr\Log\LoggerInterface;
22			use Surfnet\StepupBundle\Command\VerifyPossessionOfPhoneCommand;
23			use Surfnet\StepupBundle\Value\PhoneNumber\InternationalPhoneNumber;
24			use Surfnet\StepupGateway\GatewayBundle\Saml\ResponseContext;
25			use Symfony\Bundle\FrameworkBundle\Controller\Controller;
26
27			class SelectionController extends Controller
28			{
29			public function selectSecondFactorForVerificationAction()
30			{
31			/** @var ResponseContext $responseContext */
32			$context = $this->get(
33			$this->get('gateway.proxy.state_handler')->getResponseContextServiceId()
34			);
35			$originalRequestId = $context->getInResponseTo();
36
37			/** @var \Surfnet\SamlBundle\Monolog\SamlAuthenticationLogger $logger */
38			$logger = $this->get('surfnet_saml.logger')->forAuthentication($originalRequestId);
39			$logger->notice('Determining which second factor to use...');
40
41			$requiredLoa = $this
42			->get('gateway.service.stepup_authentication')
43			->resolveHighestRequiredLoa(
44			$context->getRequiredLoa(),
45			$context->getServiceProvider(),
46			$context->getAuthenticatingIdp()
47			);
48
49			if ($requiredLoa === null) {
50			$logger->notice(
51			'No valid required Loa can be determined, no authentication is possible, Loa cannot be given'
52			);
53
54			return $this->forward('SurfnetStepupGatewayGatewayBundle:Failure:sendLoaCannotBeGiven');
55			} else {
56			$logger->notice(sprintf('Determined that the required Loa is "%s"', $requiredLoa));
57			}
58
59			if ($this->get('gateway.service.stepup_authentication')->isIntrinsicLoa($requiredLoa)) {
60			$this->get('gateway.authentication_logger')->logIntrinsicLoaAuthentication($originalRequestId);
61
62			return $this->forward($context->getResponseAction());
63			}
64
65			$secondFactorCollection = $this
66			->get('gateway.service.stepup_authentication')
67			->determineViableSecondFactors($context->getIdentityNameId(), $requiredLoa);
68
69			if (count($secondFactorCollection) === 0) {
70			$logger->notice('No second factors can give the determined Loa');
71
72			return $this->forward('SurfnetStepupGatewayGatewayBundle:Failure:sendLoaCannotBeGiven');
73			}
74
75			// will be replaced by a second factor selection screen once we support multiple
76			/** @var \Surfnet\StepupGateway\GatewayBundle\Entity\SecondFactor $secondFactor */
77			$secondFactor = $secondFactorCollection->first();
78			// when multiple second factors are supported this should be moved into the
79			// StepUpAuthenticationService::determineViableSecondFactors and handled in a performant way
80			// currently keeping this here for visibility
81			if (!$this->get('gateway.service.whitelist')->contains($secondFactor->institution)) {
82			$logger->notice(sprintf(
83			'Second factor "%s" is listed for institution "%s" which is not on the whitelist, sending Loa '
84			. 'cannot be given response',
85			$secondFactor->secondFactorId,
86			$secondFactor->institution
87			));
88
89			return $this->forward('SurfnetStepupGatewayGatewayBundle:Failure:sendLoaCannotBeGiven');
90			}
91
92			$logger->notice(sprintf(
93			'Found "%d" second factors, using second factor of type "%s"',
94			count($secondFactorCollection),
95			$secondFactor->secondFactorType
96			));
97
98			$context->saveSelectedSecondFactor($secondFactor->secondFactorId);
99
100			$this->get('gateway.service.stepup_authentication')->clearSmsVerificationState();
101
102			$route = 'gateway_verify_second_factor_' . strtolower($secondFactor->secondFactorType);
103			return $this->redirect($this->generateUrl($route));
104			}
105			}
106

OpenConext / Stepup-Gateway

Pull Request — develop (#91)

SelectionController A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

1 Method

Duplication Side-by-Side

Filter issues like