Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Provider\SamlProvider

Complexity

Total Complexity

13

Size/Duplication

Total Lines	99
Duplicated Lines	0 %

Importance

Changes	3
Bugs	0	Features	0

7 Methods

Rating	Name	Duplication	Size	Complexity
A	loadUserByIdentifier()	0	3	1
A	getSingleStringValue()	0	34	4
A	refreshUser()	0	3	1
A	getNameId()	0	3	1
A	__construct()	0	6	1
A	supportsClass()	0	3	1
A	getUser()	0	29	4

<?php

declare(strict_types = 1);

/**
 * Copyright 2014 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

PHP version not specified

Missing @category tag in file comment

Missing @package tag in file comment

Missing @author tag in file comment

Missing @license tag in file comment

Missing @link tag in file comment

namespace Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Provider;

use BadMethodCallException;
use Psr\Log\LoggerInterface;
use SAML2\Assertion;
use Surfnet\SamlBundle\SAML2\Attribute\AttributeDictionary;
use Surfnet\SamlBundle\SAML2\Response\AssertionAdapter;
use Surfnet\SamlBundle\Security\Authentication\Provider\SamlProviderInterface;
use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\Identity;
use Surfnet\StepupMiddlewareClientBundle\Uuid\Uuid;
use Surfnet\StepupSelfService\SelfServiceBundle\Exception\MissingRequiredAttributeException;
use Surfnet\StepupSelfService\SelfServiceBundle\Locale\PreferredLocaleProvider;
use Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\AuthenticatedIdentity;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\IdentityService;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;

/**

Missing short description in doc comment

 * @SuppressWarnings(PHPMD.CouplingBetweenObjects) -- Hard to reduce due to different commands and queries used.
 */

Missing @category tag in class comment

Missing @package tag in class comment

Missing @author tag in class comment

Missing @license tag in class comment

Missing @link tag in class comment

class SamlProvider implements SamlProviderInterface, UserProviderInterface
{
    public function __construct(

Missing doc comment for function __construct()

        private readonly IdentityService $identityService,
        private readonly AttributeDictionary $attributeDictionary,
        private readonly PreferredLocaleProvider $preferredLocaleProvider,
        private readonly LoggerInterface $logger
    ) {
    }

    /**

Missing short description in doc comment

Parameter $attribute should have a doc-comment as per coding-style.

Parameter $translatedAssertion should have a doc-comment as per coding-style.

     * @return string
     */
    private function getSingleStringValue(string $attribute, AssertionAdapter $translatedAssertion): string

Private method name "SamlProvider::getSingleStringValue" must be prefixed with an underscore

    {
        $values = $translatedAssertion->getAttributeValue($attribute);

        if (empty($values)) {
            throw new MissingRequiredAttributeException(
                sprintf('Missing value for required attribute "%s"', $attribute)
            );
        }

        // see https://www.pivotaltracker.com/story/show/121296389
        if (count($values) > 1) {
            $this->logger->warning(sprintf(

The opening parenthesis of a multi-line function call should be the last content on the line.

                'Found "%d" values for attribute "%s", using first value',
                count($values),
                $attribute
            ));

For multi-line function calls, the closing parenthesis should be on a new line.

        }

        $value = reset($values);

        if (!is_string($value)) {
            $message = sprintf(
                'First value of attribute "%s" must be a string, "%s" given',
                $attribute,
                get_debug_type($value)
            );

            $this->logger->warning($message);

            throw new MissingRequiredAttributeException($message);
        }

        return $value;
    }

    public function getNameId(Assertion $assertion): string

Missing doc comment for function getNameId()

    {
        return $this->attributeDictionary->translate($assertion)->getNameID();
    }

    public function getUser(Assertion $assertion): UserInterface

Missing doc comment for function getUser()

    {
        $translatedAssertion = $this->attributeDictionary->translate($assertion);

        $nameId         = $translatedAssertion->getNameID();
        $institution    = $this->getSingleStringValue('schacHomeOrganization', $translatedAssertion);
        $email          = $this->getSingleStringValue('mail', $translatedAssertion);
        $commonName     = $this->getSingleStringValue('commonName', $translatedAssertion);

        $identity = $this->identityService->findByNameIdAndInstitution($nameId, $institution);

It seems like $nameId can also be of type null; however, parameter $nameId of Surfnet\StepupSelfService\SelfServiceBundle\Service\IdentityService::findByNameIdAndInstitution() does only seem to accept string, maybe add an additional type check?

        if (!$identity instanceof Identity) {
            $identity                  = new Identity();
            $identity->id              = Uuid::generate();
            $identity->nameId          = $nameId;
            $identity->institution     = $institution;
            $identity->email           = $email;
            $identity->commonName      = $commonName;
            $identity->preferredLocale = $this->preferredLocaleProvider->providePreferredLocale();

            $this->identityService->createIdentity($identity);
        } elseif ($identity->email !== $email || $identity->commonName !== $commonName) {
            $identity->email = $email;
            $identity->commonName = $commonName;

            $this->identityService->updateIdentity($identity);
        }

        return new AuthenticatedIdentity($identity);
    }


    public function refreshUser(UserInterface $user): UserInterface

Missing doc comment for function refreshUser()

    {
        return $user;
    }

    public function supportsClass(string $class): bool

Missing doc comment for function supportsClass()

    {
        return $class === AuthenticatedIdentity::class;
    }

    public function loadUserByIdentifier(string $identifier): UserInterface

Missing doc comment for function loadUserByIdentifier()

    {
        throw new BadMethodCallException('Use `getUser` to load a user by username');
    }
}