Surfnet\StepupSelfService\SelfServiceBundle\Service\SecondFactorService

Complexity

Total Complexity

23

Size/Duplication

Total Lines	215
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

17 Methods

Rating	Name	Duplication	Size	Complexity
A	filterAvailableSecondFactors()	0	9	3
A	__construct()	0	2	1
A	findVettedByIdentity()	0	4	1
A	revoke()	0	12	1
A	verifyEmail()	0	9	1
A	doSecondFactorsExistForIdentity()	0	9	1
A	findUnverifiedByVerificationNonce()	0	14	1
A	findUnverifiedByIdentity()	0	4	1
A	registerSelfAssertedToken()	0	12	1
A	selfVet()	0	13	1
A	findOneUnverified()	0	3	1
A	findOneVetted()	0	3	1
A	findOneVerified()	0	3	1
A	determineAvailable()	0	9	1
A	getSecondFactorsForIdentity()	0	27	2
A	identityHasSecondFactorOfStateWithId()	0	20	4
A	findVerifiedByIdentity()	0	5	1

<?php

declare(strict_types = 1);

/**
 * Copyright 2014 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

PHP version not specified

Missing @category tag in file comment

Missing @package tag in file comment

Missing @author tag in file comment

Missing @license tag in file comment

Missing @link tag in file comment

namespace Surfnet\StepupSelfService\SelfServiceBundle\Service;

use Surfnet\StepupMiddlewareClient\Identity\Dto\UnverifiedSecondFactorSearchQuery;
use Surfnet\StepupMiddlewareClient\Identity\Dto\VerifiedSecondFactorOfIdentitySearchQuery;
use Surfnet\StepupMiddlewareClient\Identity\Dto\VettedSecondFactorSearchQuery;
use Surfnet\StepupMiddlewareClientBundle\Dto\CollectionDto;
use Surfnet\StepupMiddlewareClientBundle\Identity\Command\RegisterSelfAssertedSecondFactorCommand;
use Surfnet\StepupMiddlewareClientBundle\Identity\Command\SelfVetSecondFactorCommand;
use Surfnet\StepupMiddlewareClientBundle\Identity\Command\RevokeOwnSecondFactorCommand;
use Surfnet\StepupMiddlewareClientBundle\Identity\Command\VerifyEmailCommand;
use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\UnverifiedSecondFactor;
use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\UnverifiedSecondFactorCollection;
use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\VerifiedSecondFactor;
use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\VerifiedSecondFactorCollection;
use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\VettedSecondFactor;
use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\VettedSecondFactorCollection;
use Surfnet\StepupMiddlewareClientBundle\Identity\Service\SecondFactorService as MiddlewareSecondFactorService;
use Surfnet\StepupSelfService\SelfServiceBundle\Command\SelfAssertedTokenRegistrationCommand;
use Surfnet\StepupSelfService\SelfServiceBundle\Command\SelfVetCommand;
use Surfnet\StepupSelfService\SelfServiceBundle\Command\RevokeCommand;
use Surfnet\StepupSelfService\SelfServiceBundle\Exception\LogicException;

/**

Missing short description in doc comment

 * @SuppressWarnings(PHPMD.TooManyPublicMethods)
 * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
 */

Missing @category tag in class comment

Missing @package tag in class comment

Missing @author tag in class comment

Missing @license tag in class comment

Missing @link tag in class comment

class SecondFactorService
{
    public function __construct(private readonly MiddlewareSecondFactorService $secondFactors, private readonly CommandService $commandService)

Missing doc comment for function __construct()

    {
    }

    public function verifyEmail(string $identityId, string $nonce): bool

Missing doc comment for function verifyEmail()

    {
        $command = new VerifyEmailCommand();
        $command->identityId = $identityId;
        $command->verificationNonce = $nonce;

        $result = $this->commandService->execute($command);

        return $result->isSuccessful();
    }

    public function revoke(RevokeCommand $command): bool

Missing doc comment for function revoke()

    {
        /** @var UnverifiedSecondFactor|VerifiedSecondFactor|VettedSecondFactor $secondFactor */

The open comment tag must be the only content on the line

Missing short description in doc comment

The close comment tag must be the only content on the line

        $secondFactor = $command->secondFactor;

        $apiCommand = new RevokeOwnSecondFactorCommand();
        $apiCommand->identityId = $command->identity->id;
        $apiCommand->secondFactorId = $secondFactor->id;

        $result = $this->commandService->execute($apiCommand);

        return $result->isSuccessful();
    }

    public function selfVet(SelfVetCommand $command): bool

Missing doc comment for function selfVet()

    {
        $apiCommand = new SelfVetSecondFactorCommand();
        $apiCommand->identityId = $command->identity->id;
        $apiCommand->registrationCode = $command->secondFactor->registrationCode;
        $apiCommand->secondFactorIdentifier = $command->secondFactor->id;
        $apiCommand->secondFactorId = $command->secondFactor->secondFactorIdentifier;
        $apiCommand->secondFactorType = $command->secondFactor->type;
        $apiCommand->authorityId = $command->identity->id;
        $apiCommand->authoringSecondFactorIdentifier = $command->authoringLoa;

        $result = $this->commandService->execute($apiCommand);
        return $result->isSuccessful();
    }

    public function registerSelfAssertedToken(SelfAssertedTokenRegistrationCommand $command): bool

Missing doc comment for function registerSelfAssertedToken()

    {
        $apiCommand = new RegisterSelfAssertedSecondFactorCommand();
        $apiCommand->identityId = $command->identity->id;
        $apiCommand->registrationCode = $command->secondFactor->registrationCode;
        $apiCommand->secondFactorIdentifier = $command->secondFactor->secondFactorIdentifier;
        $apiCommand->secondFactorId = $command->secondFactor->id;
        $apiCommand->secondFactorType = $command->secondFactor->type;
        $apiCommand->authorityId = $command->identity->id;
        $apiCommand->authoringRecoveryTokenId = $command->recoveryTokenId;

        return $this->commandService->execute($apiCommand)->isSuccessful();
    }

    /**

Parameter $identityId should have a doc-comment as per coding-style.

     * Returns whether the given registrant has registered second factors with Step-up. The state of the second factor
     * is irrelevant.
     */

Missing @return tag in function comment

    public function doSecondFactorsExistForIdentity(string $identityId): bool
    {
        $unverifiedSecondFactors = $this->findUnverifiedByIdentity($identityId);
        $verifiedSecondFactors = $this->findVerifiedByIdentity($identityId);
        $vettedSecondFactors = $this->findVettedByIdentity($identityId);

        return $unverifiedSecondFactors->getTotalItems() +
            $verifiedSecondFactors->getTotalItems() +
            $vettedSecondFactors->getTotalItems() > 0;
    }

    /**

Parameter $identityId should have a doc-comment as per coding-style.

     * Returns the given registrant's unverified second factors.
     */

Missing @return tag in function comment

    public function findUnverifiedByIdentity(string $identityId): ?UnverifiedSecondFactorCollection
    {
        return $this->secondFactors->searchUnverified(
            (new UnverifiedSecondFactorSearchQuery())->setIdentityId($identityId),
        );
    }

    /**

Parameter $identityId should have a doc-comment as per coding-style.

     * Returns the given registrant's verified second factors.
     */

Missing @return tag in function comment

    public function findVerifiedByIdentity(string $identityId): ?VerifiedSecondFactorCollection
    {
        $query = new VerifiedSecondFactorOfIdentitySearchQuery();
        $query->setIdentityId($identityId);
        return $this->secondFactors->searchOwnVerified($query);
    }

    /**

Parameter $identityId should have a doc-comment as per coding-style.

     * Returns the given registrant's verified second factors.
     */

Missing @return tag in function comment

    public function findVettedByIdentity(string $identityId): ?VettedSecondFactorCollection
    {
        return $this->secondFactors->searchVetted(
            (new VettedSecondFactorSearchQuery())->setIdentityId($identityId),
        );
    }

    public function identityHasSecondFactorOfStateWithId(string $identityId, $state, $secondFactorId): bool

Missing doc comment for function identityHasSecondFactorOfStateWithId()

    {
        $secondFactors = match ($state) {
            'unverified' => $this->findUnverifiedByIdentity($identityId),
            'verified' => $this->findVerifiedByIdentity($identityId),
            'vetted' => $this->findVettedByIdentity($identityId),
            default => throw new LogicException(sprintf('Invalid second factor state "%s" given.', $state)),
        };

        if ($secondFactors->getElements() === []) {
            return false;
        }

        foreach ($secondFactors->getElements() as $secondFactor) {
            if ($secondFactor->id === $secondFactorId) {
                return true;
            }
        }

        return false;
    }

    public function findOneUnverified(string $secondFactorId): ?UnverifiedSecondFactor

Missing doc comment for function findOneUnverified()

    {
        return $this->secondFactors->getUnverified($secondFactorId);
    }

    public function findOneVerified(string $secondFactorId): ?VerifiedSecondFactor

Missing doc comment for function findOneVerified()

    {
        return $this->secondFactors->getVerified($secondFactorId);
    }

    public function findOneVetted(string $secondFactorId): ?VettedSecondFactor

Missing doc comment for function findOneVetted()

    {
        return $this->secondFactors->getVetted($secondFactorId);
    }

    public function findUnverifiedByVerificationNonce(string $identityId, string $verificationNonce): ?UnverifiedSecondFactor

Missing doc comment for function findUnverifiedByVerificationNonce()

    {
        $secondFactors = $this->secondFactors->searchUnverified(
            (new UnverifiedSecondFactorSearchQuery())
                ->setIdentityId($identityId)
                ->setVerificationNonce($verificationNonce),
        );

        $elements = $secondFactors->getElements();

        return match (count($elements)) {
            0 => null,
            1 => reset($elements),
            default => throw new LogicException('There cannot be more than one unverified second factor with the same nonce'),
        };
    }

    /**

Missing short description in doc comment

     * @param $identity

Missing parameter comment

Tag value for @param tag indented incorrectly; expected 2 spaces but found 1

     * @param array $allSecondFactors

Missing parameter comment

Tag value for @param tag indented incorrectly; expected 2 spaces but found 1

     * @param $allowedSecondFactors

Missing parameter comment

Tag value for @param tag indented incorrectly; expected 2 spaces but found 1

     * @param $maximumNumberOfRegistrations

Missing parameter comment

Tag value for @param tag indented incorrectly; expected 2 spaces but found 1

     * @return SecondFactorTypeCollection

Tag @return cannot be grouped with parameter tags in a doc comment

     */
    public function getSecondFactorsForIdentity(
        $identity,
        array $allSecondFactors,
        $allowedSecondFactors,
        $maximumNumberOfRegistrations,
    ): SecondFactorTypeCollection {
        $unverified = $this->findUnverifiedByIdentity($identity->id);
        $verified = $this->findVerifiedByIdentity($identity->id);
        $vetted = $this->findVettedByIdentity($identity->id);
        // Determine which Second Factors are still available for registration.
        $available = $this->determineAvailable($allSecondFactors, $unverified, $verified, $vetted);

It seems like $vetted can also be of type null; however, parameter $vettedCollection of Surfnet\StepupSelfService\SelfServiceBundle\Service\SecondFactorService::determineAvailable() does only seem to accept Surfnet\StepupMiddlewareClientBundle\Identity\Dto\VettedSecondFactorCollection, maybe add an additional type check?

It seems like $verified can also be of type null; however, parameter $verifiedCollection of Surfnet\StepupSelfService\SelfServiceBundle\Service\SecondFactorService::determineAvailable() does only seem to accept Surfnet\StepupMiddlewareClientBundle\Identity\Dto\VerifiedSecondFactorCollection, maybe add an additional type check?

It seems like $unverified can also be of type null; however, parameter $unverifiedCollection of Surfnet\StepupSelfService\SelfServiceBundle\Service\SecondFactorService::determineAvailable() does only seem to accept Surfnet\StepupMiddlewareClientBundle\Identity\Dto\UnverifiedSecondFactorCollection, maybe add an additional type check?

        if (!empty($allowedSecondFactors)) {
            $available = array_intersect(
                $available,
                $allowedSecondFactors,
            );
        }

        $collection = new SecondFactorTypeCollection();
        $collection->unverified = $unverified;
        $collection->verified = $verified;
        $collection->vetted = $vetted;
        $collection->available = array_combine($available, $available);
        $collection->maxNumberOfRegistrations = $maximumNumberOfRegistrations;

        return $collection;
    }

    private function determineAvailable(

Missing doc comment for function determineAvailable()

Private method name "SecondFactorService::determineAvailable" must be prefixed with an underscore

        array                            $allSecondFactors,
        UnverifiedSecondFactorCollection $unverifiedCollection,
        VerifiedSecondFactorCollection   $verifiedCollection,
        VettedSecondFactorCollection     $vettedCollection,
    ): array {
        $allSecondFactors = $this->filterAvailableSecondFactors($allSecondFactors, $unverifiedCollection);
        $allSecondFactors = $this->filterAvailableSecondFactors($allSecondFactors, $verifiedCollection);
        return $this->filterAvailableSecondFactors($allSecondFactors, $vettedCollection);
    }

    private function filterAvailableSecondFactors(array $allSecondFactors, CollectionDto $collection): array

Private method name "SecondFactorService::filterAvailableSecondFactors" must be prefixed with an underscore

Missing doc comment for function filterAvailableSecondFactors()

    {
        foreach ($collection->getElements() as $secondFactor) {
            $keyFound = array_search($secondFactor->type, $allSecondFactors);
            if (is_numeric($keyFound)) {
                unset($allSecondFactors[$keyFound]);
            }
        }
        return $allSecondFactors;
    }
}