OpenConext /
Stepup-Gateway
| Conditions | 7 |
| Paths | 10 |
| Total Lines | 76 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 72 | public function consumeAssertion(Provider $provider, Request $httpRequest, ProxyResponseFactory $proxyResponseFactory) |
||
| 73 | { |
||
| 74 | $stateHandler = $provider->getStateHandler(); |
||
| 75 | $originalRequestId = $stateHandler->getRequestId(); |
||
| 76 | |||
| 77 | $this->handledRequestId = $originalRequestId; |
||
| 78 | |||
| 79 | $logger = $this->samlLogger->forAuthentication($originalRequestId); |
||
| 80 | |||
| 81 | $action = $stateHandler->hasSubject() ? 'Second Factor Verification' : 'Proxy Response'; |
||
| 82 | $logger->notice( |
||
| 83 | sprintf('Received SAMLResponse, attempting to process for %s', $action) |
||
| 84 | ); |
||
| 85 | |||
| 86 | try { |
||
| 87 | $assertion = $this->postBinding->processResponse( |
||
| 88 | $httpRequest, |
||
| 89 | $provider->getRemoteIdentityProvider(), |
||
| 90 | $provider->getServiceProvider() |
||
| 91 | ); |
||
| 92 | } catch (Exception $exception) { |
||
| 93 | $message = sprintf('Could not process received Response, error: "%s"', $exception->getMessage()); |
||
| 94 | $logger->error($message); |
||
| 95 | |||
| 96 | throw new ResponseFailureException($message); |
||
| 97 | } |
||
| 98 | |||
| 99 | $adaptedAssertion = new AssertionAdapter($assertion); |
||
| 100 | $expectedResponse = $stateHandler->getGatewayRequestId(); |
||
| 101 | if (!$adaptedAssertion->inResponseToMatches($expectedResponse)) { |
||
| 102 | throw new UnknownInResponseToException( |
||
| 103 | $adaptedAssertion->getInResponseTo(), |
||
| 104 | $expectedResponse |
||
| 105 | ); |
||
| 106 | } |
||
| 107 | |||
| 108 | $authenticatedNameId = $assertion->getNameId(); |
||
| 109 | $isSubjectRequested = $stateHandler->hasSubject(); |
||
| 110 | if ($isSubjectRequested && ($stateHandler->getSubject() !== $authenticatedNameId->value)) { |
||
| 111 | $message = sprintf( |
||
| 112 | 'Requested Subject NameID "%s" and Response NameID "%s" do not match', |
||
| 113 | $stateHandler->getSubject(), |
||
| 114 | $authenticatedNameId->value |
||
| 115 | ); |
||
| 116 | $logger->critical($message); |
||
| 117 | |||
| 118 | throw new InvalidSubjectException($message); |
||
| 119 | } |
||
| 120 | |||
| 121 | $logger->notice('Successfully processed SAMLResponse'); |
||
| 122 | |||
| 123 | if ($stateHandler->secondFactorVerificationRequested()) { |
||
| 124 | $message = 'Second Factor verification was requested and was successful, forwarding to SecondFactor handling'; |
||
| 125 | $logger->notice($message); |
||
| 126 | |||
| 127 | throw new SecondfactorVerfificationRequiredException($message); |
||
| 128 | } |
||
| 129 | |||
| 130 | $targetServiceProvider = $this->getServiceProvider($stateHandler->getRequestServiceProvider()); |
||
| 131 | |||
| 132 | $response = $proxyResponseFactory->createProxyResponse( |
||
| 133 | $assertion, |
||
| 134 | $targetServiceProvider->determineAcsLocation( |
||
| 135 | $stateHandler->getRequestAssertionConsumerServiceUrl(), |
||
| 136 | $this->logger |
||
| 137 | ) |
||
| 138 | ); |
||
| 139 | |||
| 140 | $logger->notice(sprintf( |
||
| 141 | 'Responding to request "%s" with response based on response from the remote IdP with response "%s"', |
||
| 142 | $stateHandler->getRequestId(), |
||
| 143 | $response->getId() |
||
| 144 | )); |
||
| 145 | |||
| 146 | return $response; |
||
| 147 | } |
||
| 148 | |||
| 166 |
