Surfnet\StepupSelfService\SelfServiceBundle\Controller\Registration\Sms\SmsProofPossessionController

Complexity

Total Complexity

7

Size/Duplication

Total Lines	54
Duplicated Lines	0 %

Importance

Changes	2
Bugs	0	Features	0

2 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	4	1
B	__invoke()	0	46	6

<?php

declare(strict_types = 1);

/**
 * Copyright 2023 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

PHP version not specified

Missing @category tag in file comment

Missing @package tag in file comment

Missing @author tag in file comment

Missing @license tag in file comment

Missing @link tag in file comment

namespace Surfnet\StepupSelfService\SelfServiceBundle\Controller\Registration\Sms;

use Surfnet\StepupSelfService\SelfServiceBundle\Command\VerifySmsChallengeCommand;
use Surfnet\StepupSelfService\SelfServiceBundle\Form\Type\VerifySmsChallengeType;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\ControllerCheckerService;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\SmsSecondFactorServiceInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;

class SmsProofPossessionController extends AbstractController

Missing doc comment for class SmsProofPossessionController

{
    public function __construct(

Missing doc comment for function __construct()

        private readonly SmsSecondFactorServiceInterface $smsSecondFactorService,
        private readonly ControllerCheckerService $checkerService,
    ) {
    }

    #[Route(
        path: '/registration/sms/prove-possession',
        name: 'ss_registration_sms_prove_possession',
        methods: ['GET','POST'],
    )]
    public function __invoke(Request $request): Response

Missing doc comment for function __invoke()

    {
        $this->checkerService->assertSecondFactorEnabled('sms');

        if (!$this->smsSecondFactorService->hasSmsVerificationState(SmsSecondFactorServiceInterface::REGISTRATION_SECOND_FACTOR_ID)) {
            $this->addFlash('notice', 'ss.registration.sms.alert.no_verification_state');

            return $this->redirectToRoute('ss_registration_sms_send_challenge');
        }

        $command = new VerifySmsChallengeCommand();

        $command->identity = $this->getUser()->getIdentity()->id;

The method getIdentity() does not exist on Symfony\Component\Security\Core\User\UserInterface. It seems like you code against a sub-type of Symfony\Component\Security\Core\User\UserInterface such as Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\AuthenticatedIdentity.

        $form = $this->createForm(VerifySmsChallengeType::class, $command)->handleRequest($request);

        if ($form->isSubmitted() && $form->isValid()) {
            $result = $this->smsSecondFactorService->provePossession($command);

            if ($result->isSuccessful()) {
                $this->smsSecondFactorService->clearSmsVerificationState(SmsSecondFactorServiceInterface::REGISTRATION_SECOND_FACTOR_ID);
                $route = $this->checkerService->emailVerificationIsRequired()
                    ? 'ss_registration_email_verification_email_sent'
                    : 'ss_second_factor_vetting_types';

                return $this->redirectToRoute($route, ['secondFactorId' => $result->getSecondFactorId()]);
            }

            match (true) {
                $result->wasIncorrectChallengeResponseGiven() => $this->addFlash('error', 'ss.prove_phone_possession.incorrect_challenge_response'),

Are you sure the usage of $this->addFlash('error', 'ss.prove_phone_possession.incorrect_challenge_response') targeting Symfony\Bundle\FrameworkBundle\Controller\AbstractController::addFlash() seems to always return null.

                $result->hasChallengeExpired() => $this->addFlash('error', 'ss.prove_phone_possession.challenge_expired'),

Are you sure the usage of $this->addFlash('error', 'ss.prove_phone_possession.challenge_expired') targeting Symfony\Bundle\FrameworkBundle\Controller\AbstractController::addFlash() seems to always return null.

                $result->wereTooManyAttemptsMade() => $this->addFlash('error', 'ss.prove_phone_possession.too_many_attempts'),

Are you sure the usage of $this->addFlash('error', 'ss.prove_phone_possession.too_many_attempts') targeting Symfony\Bundle\FrameworkBundle\Controller\AbstractController::addFlash() seems to always return null.

                default => $this->addFlash('error', 'ss.prove_phone_possession.proof_of_possession_failed'),

Are you sure the usage of $this->addFlash('error', 'ss.prove_phone_possession.proof_of_possession_failed') targeting Symfony\Bundle\FrameworkBundle\Controller\AbstractController::addFlash() seems to always return null.

            };
        }

        return $this->render(
            'registration/sms/prove_possession.html.twig',
            [
                'form' => $form->createView(),
                'verifyEmail' => $this->checkerService->emailVerificationIsRequired(),
            ]
        );
    }
}