SecurityController::sessionExpiredAction() - Code Metrics - Inspection of "Refined firewall with explicit session timeout and..." - OpenConext/Stepup-SelfService - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#110)

by Daan van

created 2016-08-10 15:18 UTC

SecurityController::sessionExpiredAction() A

↳ Parent: SecurityController

Complexity

Conditions	1
Paths	1

Size

Total Lines	22
Code Lines	7

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
c	1
b	0
f	0
dl	0
loc	22
rs	9.2
cc	1
eloc	7
nc	1
nop	1

<?php

/**
 * Copyright 2016 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupSelfService\SelfServiceBundle\Controller;

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;

class SecurityController extends Controller
{
    public function sessionExpiredAction(Request $request)

    {
        $redirectToUrl = $this
            ->get('self_service.security.authentication.session.session_storage')
            ->getCurrentRequestUri();

//        // Return URLs generated by us always include a path (ie. at least a forward slash)

//        // @see https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/Request.php#L878
//        $domain = $request->getSchemeAndHttpHost() . '/';
//        if (strpos($redirectToUrl, $domain) !== 0) {
//            $this->get('logger')->error(
//                'Illegal return-url for redirection after session expired and user was logged out, aborting request'
//            );
//
//            throw new BadRequestHttpException('Invalid return-url given');
//        }

        return $this->render(
            '@SurfnetStepupSelfServiceSelfService/Security/sessionExpired.html.twig',
            ['redirect_to_url' => $redirectToUrl]
        );
    }
}


1			<?php
2
3			/**
4			* Copyright 2016 SURFnet bv
5			*
6			* Licensed under the Apache License, Version 2.0 (the "License");
7			* you may not use this file except in compliance with the License.
8			* You may obtain a copy of the License at
9			*
10			* http://www.apache.org/licenses/LICENSE-2.0
11			*
12			* Unless required by applicable law or agreed to in writing, software
13			* distributed under the License is distributed on an "AS IS" BASIS,
14			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15			* See the License for the specific language governing permissions and
16			* limitations under the License.
17			*/
18
19			namespace Surfnet\StepupSelfService\SelfServiceBundle\Controller;
20
21			use Symfony\Component\HttpFoundation\Request;
22			use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
23
24			class SecurityController extends Controller
25			{
26			public function sessionExpiredAction(Request $request)
			0 ignored issues – show Unused Code introduced 2016-08-10 15:13 UTC by Report Bug Copy Issue Report The parameter `$request` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
27			{
28			$redirectToUrl = $this
29			->get('self_service.security.authentication.session.session_storage')
30			->getCurrentRequestUri();
31
32			// // Return URLs generated by us always include a path (ie. at least a forward slash)
			0 ignored issues – show Unused Code Comprehensibility introduced 2016-08-10 15:13 UTC by Report Bug Copy Issue Report `49%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
33			// // @see https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/Request.php#L878
34			// $domain = $request->getSchemeAndHttpHost() . '/';
35			// if (strpos($redirectToUrl, $domain) !== 0) {
36			// $this->get('logger')->error(
37			// 'Illegal return-url for redirection after session expired and user was logged out, aborting request'
38			// );
39			//
40			// throw new BadRequestHttpException('Invalid return-url given');
41			// }
42
43			return $this->render(
44			'@SurfnetStepupSelfServiceSelfService/Security/sessionExpired.html.twig',
45			['redirect_to_url' => $redirectToUrl]
46			);
47			}
48			}
49

OpenConext / Stepup-SelfService

Pull Request — develop (#110)

SecurityController::sessionExpiredAction() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like