OpenConext /
Stepup-Gateway
| Conditions | 7 |
| Paths | 10 |
| Total Lines | 74 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 70 | public function consumeAssertion(Provider $provider, Request $httpRequest, ProxyResponseFactory $proxyResponseFactory) |
||
|
|
|||
| 71 | { |
||
| 72 | $stateHandler = $provider->getStateHandler(); |
||
| 73 | $originalRequestId = $stateHandler->getRequestId(); |
||
| 74 | |||
| 75 | $logger = $this->samlLogger->forAuthentication($originalRequestId); |
||
| 76 | |||
| 77 | $action = $stateHandler->hasSubject() ? 'Second Factor Verification' : 'Proxy Response'; |
||
| 78 | $logger->notice( |
||
| 79 | sprintf('Received SAMLResponse, attempting to process for %s', $action) |
||
| 80 | ); |
||
| 81 | |||
| 82 | try { |
||
| 83 | $assertion = $this->postBinding->processResponse( |
||
| 84 | $httpRequest, |
||
| 85 | $provider->getRemoteIdentityProvider(), |
||
| 86 | $provider->getServiceProvider() |
||
| 87 | ); |
||
| 88 | } catch (Exception $exception) { |
||
| 89 | $message = sprintf('Could not process received Response, error: "%s"', $exception->getMessage()); |
||
| 90 | $logger->error($message); |
||
| 91 | |||
| 92 | throw new ResponseFailureException($message); |
||
| 93 | } |
||
| 94 | |||
| 95 | $adaptedAssertion = new AssertionAdapter($assertion); |
||
| 96 | $expectedResponse = $stateHandler->getGatewayRequestId(); |
||
| 97 | if (!$adaptedAssertion->inResponseToMatches($expectedResponse)) { |
||
| 98 | throw new UnknownInResponseToException( |
||
| 99 | $adaptedAssertion->getInResponseTo(), |
||
| 100 | $expectedResponse |
||
| 101 | ); |
||
| 102 | } |
||
| 103 | |||
| 104 | $authenticatedNameId = $assertion->getNameId(); |
||
| 105 | $isSubjectRequested = $stateHandler->hasSubject(); |
||
| 106 | if ($isSubjectRequested && ($stateHandler->getSubject() !== $authenticatedNameId->value)) { |
||
| 107 | $message = sprintf( |
||
| 108 | 'Requested Subject NameID "%s" and Response NameID "%s" do not match', |
||
| 109 | $stateHandler->getSubject(), |
||
| 110 | $authenticatedNameId->value |
||
| 111 | ); |
||
| 112 | $logger->critical($message); |
||
| 113 | |||
| 114 | throw new InvalidSubjectException($message); |
||
| 115 | } |
||
| 116 | |||
| 117 | $logger->notice('Successfully processed SAMLResponse'); |
||
| 118 | |||
| 119 | if ($stateHandler->secondFactorVerificationRequested()) { |
||
| 120 | $message = 'Second Factor verification was requested and was successful, forwarding to SecondFactor handling'; |
||
| 121 | $logger->notice($message); |
||
| 122 | |||
| 123 | throw new SecondfactorVerfificationRequiredException($message); |
||
| 124 | } |
||
| 125 | |||
| 126 | $targetServiceProvider = $this->getServiceProvider($stateHandler->getRequestServiceProvider()); |
||
| 127 | |||
| 128 | $response = $proxyResponseFactory->createProxyResponse( |
||
| 129 | $assertion, |
||
| 130 | $targetServiceProvider->determineAcsLocation( |
||
| 131 | $stateHandler->getRequestAssertionConsumerServiceUrl(), |
||
| 132 | $this->logger |
||
| 133 | ) |
||
| 134 | ); |
||
| 135 | |||
| 136 | $logger->notice(sprintf( |
||
| 137 | 'Responding to request "%s" with response based on response from the remote IdP with response "%s"', |
||
| 138 | $stateHandler->getRequestId(), |
||
| 139 | $response->getId() |
||
| 140 | )); |
||
| 141 | |||
| 142 | return $response; |
||
| 143 | } |
||
| 144 | |||
| 154 |
Loading history...
Overly long lines are hard to read on any screen. Most code styles therefor impose a maximum limit on the number of characters in a line.