SamlProvider::getEmail() - Code Metrics - Inspection of "Require PHP 5.6 and do a composer update" - OpenConext/Stepup-SelfService - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#101)

by Boy

created 2016-06-09 12:04 UTC

SamlProvider::getEmail() B

↳ Parent: SamlProvider

Complexity

Conditions	4
Paths	5

Size

Total Lines	25
Code Lines	13

Duplication

Lines	25
Ratio	100 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
c	1
b	0
f	0
dl	25
loc	25
rs	8.5806
cc	4
eloc	13
nc	5
nop	1

<?php

/**
 * Copyright 2014 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Provider;

use Psr\Log\LoggerInterface;
use Surfnet\SamlBundle\SAML2\Attribute\AttributeDictionary;
use Surfnet\SamlBundle\SAML2\Response\AssertionAdapter;
use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\Identity;
use Surfnet\StepupMiddlewareClientBundle\Uuid\Uuid;
use Surfnet\StepupSelfService\SelfServiceBundle\Locale\PreferredLocaleProvider;
use Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Token\SamlToken;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\IdentityService;
use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;

class SamlProvider implements AuthenticationProviderInterface
{
    /**
     * @var \Surfnet\StepupSelfService\SelfServiceBundle\Service\IdentityService
     */
    private $identityService;

    /**
     * @var \Surfnet\SamlBundle\SAML2\Attribute\AttributeDictionary
     */
    private $attributeDictionary;

    /**
     * @var \Surfnet\StepupSelfService\SelfServiceBundle\Locale\PreferredLocaleProvider
     */
    private $preferredLocaleProvider;

    /**
     * @var \Psr\Log\LoggerInterface
     */
    private $logger;

    public function __construct(
        IdentityService $identityService,
        AttributeDictionary $attributeDictionary,
        PreferredLocaleProvider $preferredLocaleProvider,
        LoggerInterface $logger
    ) {
        $this->identityService = $identityService;
        $this->attributeDictionary = $attributeDictionary;
        $this->preferredLocaleProvider = $preferredLocaleProvider;
        $this->logger = $logger;
    }

    /**
     * @param  SamlToken $token

     * @return TokenInterface|void
     */
    public function authenticate(TokenInterface $token)
    {
        $translatedAssertion = $this->attributeDictionary->translate($token->assertion);
interface SomeInterface { }
class SomeClass implements SomeInterface {
    public $a;
}

function someFunction(SomeInterface $object) {
    if ($object instanceof SomeClass) {
        $a = $object->a;
    }
}

        $nameId         = $translatedAssertion->getNameID();
        $institution    = $this->getInstitution($translatedAssertion);
        $email          = $this->getEmail($translatedAssertion);
        $commonName     = $this->getCommonName($translatedAssertion);


        $identity = $this->identityService->findByNameIdAndInstitution($nameId, $institution);

        if ($identity === null) {
            $identity = new Identity();
            $identity->id              = Uuid::generate();
            $identity->nameId          = $nameId;
            $identity->institution     = $institution;
            $identity->email           = $email;
            $identity->commonName      = $commonName;
            $identity->preferredLocale = $this->preferredLocaleProvider->providePreferredLocale();

            $this->identityService->createIdentity($identity);
        } elseif ($identity->email !== $email || $identity->commonName !== $commonName) {
            $identity->email = $email;
            $identity->commonName = $commonName;

            $this->identityService->updateIdentity($identity);
        }

        $authenticatedToken = new SamlToken(['ROLE_USER']);

        $authenticatedToken->setUser($identity);

        return $authenticatedToken;
    }

    public function supports(TokenInterface $token)
    {
        return $token instanceof SamlToken;
    }

    /**
     * @param AssertionAdapter $translatedAssertion
     * @return string
     */
    private function getCommonName(AssertionAdapter $translatedAssertion)

    {
        $commonNames = $translatedAssertion->getAttributeValue('commonName');

        if (empty($commonNames)) {
            throw new BadCredentialsException(
                'No commonName provided'
            );
        }

        if (count($commonNames) > 1) {
            $this->logger->notice('Multiple commonNames provided, picking first one', ['commonNames' => $commonNames]);
        }

        $commonName = $commonNames[0];

        if (!is_string($commonName)) {
            $this->logger->notice('Received invalid commonName', ['commonName' => $commonName]);
            throw new BadCredentialsException(
                'commonName is not a string'
            );
        }

        return $commonName;
    }

    /**
     * @param AssertionAdapter $translatedAssertion
     * @return string
     */
    private function getEmail(AssertionAdapter $translatedAssertion)

    {
        $emails = $translatedAssertion->getAttributeValue('mail');

        if (empty($emails)) {
            throw new BadCredentialsException(
                'No schacHomeOrganization provided'
            );
        }

        if (count($emails) > 1) {
            $this->logger->notice('Multiple emails provided, picking first one', ['emails' => $emails]);
        }

        $email = $emails[0];

        if (!is_string($email)) {
            $this->logger->notice('Received invalid commonName', ['email' => $email]);
            throw new BadCredentialsException(
                'commonName is not a string'
            );
        }

        return $email;
    }

    /**
     * @param AssertionAdapter $translatedAssertion
     * @return string
     */
    private function getInstitution(AssertionAdapter $translatedAssertion)
    {
        $institutions = $translatedAssertion->getAttributeValue('schacHomeOrganization');

        if (empty($institutions)) {
            throw new BadCredentialsException(
                'No schacHomeOrganization provided'
            );
        }

        if (count($institutions) > 1) {
            throw new BadCredentialsException(
                'Multiple schacHomeOrganizations provided'
            );
        }

        $institution = $institutions[0];

        if (!is_string($institution)) {
            $this->logger->notice('Received invalid commonName', ['institution' => $institution]);
            throw new BadCredentialsException(
                'commonName is not a string'
            );
        }

        return $institution;
    }
}


1		<?php
2
3		/**
4		* Copyright 2014 SURFnet bv
5		*
6		* Licensed under the Apache License, Version 2.0 (the "License");
7		* you may not use this file except in compliance with the License.
8		* You may obtain a copy of the License at
9		*
10		* http://www.apache.org/licenses/LICENSE-2.0
11		*
12		* Unless required by applicable law or agreed to in writing, software
13		* distributed under the License is distributed on an "AS IS" BASIS,
14		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15		* See the License for the specific language governing permissions and
16		* limitations under the License.
17		*/
18
19		namespace Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Provider;
20
21		use Psr\Log\LoggerInterface;
22		use Surfnet\SamlBundle\SAML2\Attribute\AttributeDictionary;
23		use Surfnet\SamlBundle\SAML2\Response\AssertionAdapter;
24		use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\Identity;
25		use Surfnet\StepupMiddlewareClientBundle\Uuid\Uuid;
26		use Surfnet\StepupSelfService\SelfServiceBundle\Locale\PreferredLocaleProvider;
27		use Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Token\SamlToken;
28		use Surfnet\StepupSelfService\SelfServiceBundle\Service\IdentityService;
29		use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
30		use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
31		use Symfony\Component\Security\Core\Exception\BadCredentialsException;
32
33		class SamlProvider implements AuthenticationProviderInterface
34		{
35		/**
36		* @var \Surfnet\StepupSelfService\SelfServiceBundle\Service\IdentityService
37		*/
38		private $identityService;
39
40		/**
41		* @var \Surfnet\SamlBundle\SAML2\Attribute\AttributeDictionary
42		*/
43		private $attributeDictionary;
44
45		/**
46		* @var \Surfnet\StepupSelfService\SelfServiceBundle\Locale\PreferredLocaleProvider
47		*/
48		private $preferredLocaleProvider;
49
50		/**
51		* @var \Psr\Log\LoggerInterface
52		*/
53		private $logger;
54
55		public function __construct(
56		IdentityService $identityService,
57		AttributeDictionary $attributeDictionary,
58		PreferredLocaleProvider $preferredLocaleProvider,
59		LoggerInterface $logger
60		) {
61		$this->identityService = $identityService;
62		$this->attributeDictionary = $attributeDictionary;
63		$this->preferredLocaleProvider = $preferredLocaleProvider;
64		$this->logger = $logger;
65		}
66
67		/**
68		* @param SamlToken $token
		0 ignored issues – show Documentation introduced 2015-12-15 13:40 UTC by Report Bug Copy Issue Report Should the type for parameter `$token` not be `TokenInterface`? This check looks for `@param` annotations where the type inferred by our type inference engine differs from the declared type. It makes a suggestion as to what type it considers more descriptive. Most often this is a case of a parameter that can be null in addition to its declared types. Loading history...
69		* @return TokenInterface\|void
70		*/
71		public function authenticate(TokenInterface $token)
72		{
73		$translatedAssertion = $this->attributeDictionary->translate($token->assertion);
		0 ignored issues – show Bug introduced 2015-12-15 13:40 UTC by Report Bug Copy Issue Report Accessing `assertion` on the interface `Symfony\Component\Securi...on\Token\TokenInterface` suggest that you code against a concrete implementation. How about adding an `instanceof` check? If you access a property on an interface, you most likely code against a concrete implementation of the interface. Available Fixes Adding an additional type check: interface SomeInterface { } class SomeClass implements SomeInterface { public $a; } function someFunction(SomeInterface $object) { if ($object instanceof SomeClass) { $a = $object->a; } } Changing the type hint: interface SomeInterface { } class SomeClass implements SomeInterface { public $a; } function someFunction(SomeClass $object) { $a = $object->a; } Loading history...
74
75		$nameId = $translatedAssertion->getNameID();
76		$institution = $this->getInstitution($translatedAssertion);
77		$email = $this->getEmail($translatedAssertion);
78		$commonName = $this->getCommonName($translatedAssertion);
79
80
81		$identity = $this->identityService->findByNameIdAndInstitution($nameId, $institution);
82
83		if ($identity === null) {
84		$identity = new Identity();
85		$identity->id = Uuid::generate();
86		$identity->nameId = $nameId;
87		$identity->institution = $institution;
88		$identity->email = $email;
89		$identity->commonName = $commonName;
90		$identity->preferredLocale = $this->preferredLocaleProvider->providePreferredLocale();
91
92		$this->identityService->createIdentity($identity);
93		} elseif ($identity->email !== $email \|\| $identity->commonName !== $commonName) {
94		$identity->email = $email;
95		$identity->commonName = $commonName;
96
97		$this->identityService->updateIdentity($identity);
98		}
99
100		$authenticatedToken = new SamlToken(['ROLE_USER']);
101
102		$authenticatedToken->setUser($identity);
103
104		return $authenticatedToken;
105		}
106
107		public function supports(TokenInterface $token)
108		{
109		return $token instanceof SamlToken;
110		}
111
112		/**
113		* @param AssertionAdapter $translatedAssertion
114		* @return string
115		*/
116	View Code Duplication	private function getCommonName(AssertionAdapter $translatedAssertion)
		0 ignored issues – show Duplication introduced 2016-06-09 12:06 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
117		{
118		$commonNames = $translatedAssertion->getAttributeValue('commonName');
119
120		if (empty($commonNames)) {
121		throw new BadCredentialsException(
122		'No commonName provided'
123		);
124		}
125
126		if (count($commonNames) > 1) {
127		$this->logger->notice('Multiple commonNames provided, picking first one', ['commonNames' => $commonNames]);
128		}
129
130		$commonName = $commonNames[0];
131
132		if (!is_string($commonName)) {
133		$this->logger->notice('Received invalid commonName', ['commonName' => $commonName]);
134		throw new BadCredentialsException(
135		'commonName is not a string'
136		);
137		}
138
139		return $commonName;
140		}
141
142		/**
143		* @param AssertionAdapter $translatedAssertion
144		* @return string
145		*/
146	View Code Duplication	private function getEmail(AssertionAdapter $translatedAssertion)
		0 ignored issues – show Duplication introduced 2016-06-09 12:06 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
147		{
148		$emails = $translatedAssertion->getAttributeValue('mail');
149
150		if (empty($emails)) {
151		throw new BadCredentialsException(
152		'No schacHomeOrganization provided'
153		);
154		}
155
156		if (count($emails) > 1) {
157		$this->logger->notice('Multiple emails provided, picking first one', ['emails' => $emails]);
158		}
159
160		$email = $emails[0];
161
162		if (!is_string($email)) {
163		$this->logger->notice('Received invalid commonName', ['email' => $email]);
164		throw new BadCredentialsException(
165		'commonName is not a string'
166		);
167		}
168
169		return $email;
170		}
171
172		/**
173		* @param AssertionAdapter $translatedAssertion
174		* @return string
175		*/
176		private function getInstitution(AssertionAdapter $translatedAssertion)
177		{
178		$institutions = $translatedAssertion->getAttributeValue('schacHomeOrganization');
179
180		if (empty($institutions)) {
181		throw new BadCredentialsException(
182		'No schacHomeOrganization provided'
183		);
184		}
185
186		if (count($institutions) > 1) {
187		throw new BadCredentialsException(
188		'Multiple schacHomeOrganizations provided'
189		);
190		}
191
192		$institution = $institutions[0];
193
194		if (!is_string($institution)) {
195		$this->logger->notice('Received invalid commonName', ['institution' => $institution]);
196		throw new BadCredentialsException(
197		'commonName is not a string'
198		);
199		}
200
201		return $institution;
202		}
203		}
204

OpenConext / Stepup-SelfService

Pull Request — develop (#101)

SamlProvider::getEmail() B

Complexity

Size

Duplication

Importance

Available Fixes

Duplication Side-by-Side

Filter issues like