Completed
Push — feature/bootstrap-yubikey-comm... ( f430e1 )
by Michiel
03:40 queued 01:24
created

AbstractBootstrapCommand::verifyEmail()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 8

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
dl 0
loc 8
rs 10
c 0
b 0
f 0
cc 1
nc 1
nop 2
1
<?php
2
3
/**
4
 * Copyright 2020 SURFnet bv
5
 *
6
 * Licensed under the Apache License, Version 2.0 (the "License");
7
 * you may not use this file except in compliance with the License.
8
 * You may obtain a copy of the License at
9
 *
10
 *     http://www.apache.org/licenses/LICENSE-2.0
11
 *
12
 * Unless required by applicable law or agreed to in writing, software
13
 * distributed under the License is distributed on an "AS IS" BASIS,
14
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
 * See the License for the specific language governing permissions and
16
 * limitations under the License.
17
 */
18
19
namespace Surfnet\StepupMiddleware\MiddlewareBundle\Console\Command;
20
21
use Broadway\EventHandling\EventBusInterface;
22
use Rhumsaa\Uuid\Uuid;
23
use Surfnet\StepupMiddleware\CommandHandlingBundle\Command\Command as MiddlewareCommand;
24
use Surfnet\StepupMiddleware\CommandHandlingBundle\Command\Metadata;
25
use Surfnet\StepupMiddleware\CommandHandlingBundle\EventSourcing\MetadataEnricher;
26
use Surfnet\StepupMiddleware\CommandHandlingBundle\Identity\Command\VerifyEmailCommand;
27
use Surfnet\StepupMiddleware\CommandHandlingBundle\Identity\Command\VetSecondFactorCommand;
28
use Surfnet\StepupMiddleware\CommandHandlingBundle\Pipeline\Pipeline;
29
use Surfnet\StepupMiddleware\MiddlewareBundle\Service\DBALConnectionHelper;
30
use Surfnet\StepupMiddleware\MiddlewareBundle\Service\TokenBootstrapService;
31
use Symfony\Component\Console\Command\Command;
32
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
33
34
abstract class AbstractBootstrapCommand extends Command
35
{
36
    /** @var Pipeline  */
37
    private $pipeline;
38
    /** @var EventBusInterface  */
39
    private $eventBus;
40
    /** @var DBALConnectionHelper  */
41
    private $connection;
42
    /** @var TokenStorageInterface */
43
    protected $tokenStorage;
44
    /** @var MetadataEnricher */
45
    private $enricher;
46
    /** @var TokenBootstrapService */
47
    protected $tokenBootstrapService;
48
49
    public function __construct(
50
        Pipeline $pipeline,
51
        EventBusInterface $eventBus,
52
        DBALConnectionHelper $connection,
53
        MetadataEnricher $enricher,
54
        TokenStorageInterface $tokenStorage,
55
        TokenBootstrapService $tokenBootstrapService
56
    ) {
57
        $this->pipeline = $pipeline;
58
        $this->eventBus = $eventBus;
59
        $this->connection = $connection;
60
        $this->enricher = $enricher;
61
        $this->tokenStorage = $tokenStorage;
62
        $this->tokenBootstrapService = $tokenBootstrapService;
63
        parent::__construct();
64
    }
65
66
    protected function beginTransaction()
67
    {
68
        $this->connection->beginTransaction();
69
    }
70
71
    protected function finishTransaction()
72
    {
73
        $this->eventBus->flush();
0 ignored issues
show
Bug introduced by
It seems like you code against a concrete implementation and not the interface Broadway\EventHandling\EventBusInterface as the method flush() does only exist in the following implementations of said interface: Surfnet\StepupMiddleware...ndling\BufferedEventBus.

Let’s take a look at an example:

interface User
{
    /** @return string */
    public function getPassword();
}

class MyUser implements User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}

In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different implementation of User which does not have a getDisplayName() method, the code will break.

Available Fixes

  1. Change the type-hint for the parameter:

    class AuthSystem
    {
        public function authenticate(MyUser $user) { /* ... */ }
    }
    
  2. Add an additional type-check:

    class AuthSystem
    {
        public function authenticate(User $user)
        {
            if ($user instanceof MyUser) {
                $this->logger->info(/** ... */);
            }
    
            // or alternatively
            if ( ! $user instanceof MyUser) {
                throw new \LogicException(
                    '$user must be an instance of MyUser, '
                   .'other instances are not supported.'
                );
            }
    
        }
    }
    
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case.
  1. Add the method to the interface:

    interface User
    {
        /** @return string */
        public function getPassword();
    
        /** @return string */
        public function getDisplayName();
    }
    
Loading history...
74
        $this->connection->commit();
75
    }
76
77
    protected function rollback()
78
    {
79
        $this->connection->rollBack();
80
    }
81
82
    protected function process(MiddlewareCommand $command)
83
    {
84
        $this->pipeline->process($command);
85
    }
86
87
    protected function requiresMailVerification($institution)
88
    {
89
        $configuration = $this->tokenBootstrapService->findConfigurationOptionsFor($institution);
90
        if ($configuration) {
91
            return $configuration->verifyEmailOption->isEnabled();
92
        }
93
        return true;
94
    }
95
96
    protected function vetSecondFactor($tokenType, $actorId, $identity, $secondFactorId, $verifiedSecondFactor, $phoneNumber)
97
    {
98
        $command = new VetSecondFactorCommand();
99
        $command->UUID = (string) Uuid::uuid4();
100
        $command->authorityId = $actorId;
101
        $command->identityId = $identity->id;
102
        $command->secondFactorId = $secondFactorId;
103
        $command->registrationCode = $verifiedSecondFactor->registrationCode;
104
        $command->secondFactorType = $tokenType;
105
        $command->secondFactorIdentifier = $phoneNumber;
106
        $command->documentNumber = '123987';
107
        $command->identityVerified = true;
108
        $this->pipeline->process($command);
109
    }
110
111
    protected function enrichEventMetadata($actorId)
112
    {
113
        $actor = $this->tokenBootstrapService->findIdentityById($actorId);
114
        $metadata = new Metadata();
115
        $metadata->actorId = $actor->id;
116
        $metadata->actorInstitution = $actor->institution;
117
        $this->enricher->setMetadata($metadata);
118
    }
119
120
    protected function verifyEmail($identity, $unverifiedSecondFactor)
121
    {
122
        $command = new VerifyEmailCommand();
123
        $command->UUID = (string)Uuid::uuid4();
124
        $command->identityId = $identity->id;
125
        $command->verificationNonce = $unverifiedSecondFactor->verificationNonce;
126
        $this->process($command);
127
    }
128
}
129