OpenConext /
Stepup-SelfService
| Conditions | 6 |
| Paths | 15 |
| Total Lines | 60 |
| Code Lines | 38 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 1 | ||
| Bugs | 0 | Features | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 63 | #[Route( |
||
| 64 | path: '/second-factor/{secondFactorId}/self-vet-consume-assertion', |
||
| 65 | name: 'ss_second_factor_self_vet_consume_assertion', |
||
| 66 | methods: ['POST'], |
||
| 67 | )] |
||
| 68 | public function consumeSelfVetAssertion(Request $httpRequest, string $secondFactorId): RedirectResponse |
||
| 69 | { |
||
| 70 | $identity = $this->getUser()->getIdentity(); |
||
| 71 | if (!$this->selfVetMarshaller->isAllowed($identity, $secondFactorId)) { |
||
| 72 | throw $this->createNotFoundException(); |
||
| 73 | } |
||
| 74 | |||
| 75 | if (!$this->requestStack->getSession()->has(self::SELF_VET_SESSION_ID)) { |
||
| 76 | $this->logger->error( |
||
| 77 | 'Received an authentication response for self vetting a second factor, but no response was expected' |
||
| 78 | ); |
||
| 79 | throw new AccessDeniedHttpException('Did not expect an authentication response'); |
||
| 80 | } |
||
| 81 | |||
| 82 | $this->logger->notice('Received an authentication response for self vetting a second factor'); |
||
| 83 | |||
| 84 | /** @var SelfVetRequestId $initiatedRequestId */ |
||
| 85 | $initiatedRequestId = $this->requestStack->getSession()->get(self::SELF_VET_SESSION_ID); |
||
| 86 | |||
| 87 | $samlLogger = $this->samlAuthenticationLogger->forAuthentication($initiatedRequestId->requestId()); |
||
| 88 | |||
| 89 | $this->requestStack->getSession()->remove(self::SELF_VET_SESSION_ID); |
||
| 90 | |||
| 91 | try { |
||
| 92 | $assertion = $this->postBinding->processResponse( |
||
| 93 | $httpRequest, |
||
| 94 | $this->identityProvider, |
||
| 95 | $this->serviceProvider |
||
| 96 | ); |
||
| 97 | |||
| 98 | if (!InResponseTo::assertEquals($assertion, $initiatedRequestId->requestId())) { |
||
| 99 | $samlLogger->error( |
||
| 100 | sprintf( |
||
| 101 | 'Expected a response to the request with ID "%s", but the SAMLResponse was a response to a different request', |
||
| 102 | $initiatedRequestId |
||
| 103 | ) |
||
| 104 | ); |
||
| 105 | throw new AuthenticationException('Unexpected InResponseTo in SAMLResponse'); |
||
| 106 | } |
||
| 107 | $candidateSecondFactor = $this->secondFactorService->findOneVerified($secondFactorId); |
||
| 108 | // Proof of possession of higher/equal LoA was successful, now apply the self vet command on Middleware |
||
| 109 | $command = new SelfVetCommand(); |
||
| 110 | $command->identity = $this->getUser()->getIdentity(); |
||
| 111 | $command->secondFactor = $candidateSecondFactor; |
||
| 112 | $command->authoringLoa = $assertion->getAuthnContextClassRef(); |
||
| 113 | |||
| 114 | if ($this->secondFactorService->selfVet($command)) { |
||
| 115 | $this->addFlash('success', 'ss.self_vet.second_factor.alert.successful'); |
||
| 116 | } else { |
||
| 117 | $this->addFlash('error', 'ss.self_vet.second_factor.alert.failed'); |
||
| 118 | } |
||
| 119 | } catch (Exception) { |
||
| 120 | $this->addFlash('error', 'ss.self_vet.second_factor.verification_failed'); |
||
| 121 | } |
||
| 122 | return $this->redirectToRoute('ss_second_factor_list'); |
||
| 123 | } |
||
| 125 |
Loading history...
