Conditions | 6 |
Paths | 9 |
Total Lines | 63 |
Code Lines | 36 |
Lines | 0 |
Ratio | 0 % |
Changes | 5 | ||
Bugs | 0 | Features | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
1 | <?php |
||
78 | $this->logger->notice('Starting second factor test'); |
||
79 | |||
80 | $identity = $this->getIdentity(); |
||
81 | |||
82 | $vettedSecondFactors = $this->secondFactorService->findVettedByIdentity($identity->id); |
||
83 | if (!$vettedSecondFactors || $vettedSecondFactors->getTotalItems() === 0) { |
||
84 | $this->logger->error( |
||
85 | sprintf( |
||
86 | 'Identity "%s" tried to test a second factor, but does not own a suitable vetted token.', |
||
87 | $identity->id |
||
88 | ) |
||
89 | ); |
||
90 | |||
91 | throw new NotFoundHttpException(); |
||
92 | } |
||
93 | |||
94 | |||
95 | // By requesting LoA 1.5 any relevant token can be tested (LoA 2 and 3) |
||
96 | $authenticationRequest = $this->testAuthenticationRequestFactory->createSecondFactorTestRequest( |
||
97 | $identity->nameId, |
||
98 | $this->loaResolutionService->getLoaByLevel(Loa::LOA_SELF_VETTED) |
||
99 | ); |
||
100 | |||
101 | $this->requestStack->getSession()->set('second_factor_test_request_id', $authenticationRequest->getRequestId()); |
||
102 | |||
103 | $samlLogger = $this->samlAuthenticationLogger->forAuthentication($authenticationRequest->getRequestId()); |
||
104 | $samlLogger->notice('Sending authentication request to the second factor test IDP'); |
||
105 | |||
106 | return $this->redirectBinding->createResponseFor($authenticationRequest); |
||
107 | } |
||
108 | |||
109 | #[Route( |
||
110 | path: '/authentication/consume-assertion', |
||
111 | name: 'selfservice_serviceprovider_consume_assertion', |
||
112 | methods: ['POST'], |
||
113 | )] |
||
114 | public function consumeAssertion(Request $httpRequest): Response |
||
115 | { |
||
116 | $session = $this->requestStack->getSession(); |
||
117 | if ($session->has(SelfVetController::SELF_VET_SESSION_ID)) { |
||
118 | // The test authentication IdP is also used for self vetting, a different session id is |
||
119 | // used to mark a self vet command |
||
120 | /** @var SelfVetRequestId $selfVetRequestId */ |
||
121 | $selfVetRequestId = $session->get(SelfVetController::SELF_VET_SESSION_ID); |
||
122 | $secondFactorId = $selfVetRequestId->vettingSecondFactorId(); |
||
123 | return $this->forward( |
||
124 | 'SurfnetStepupSelfServiceSelfServiceBundle:SelfVet:consumeSelfVetAssertion', |
||
125 | ['secondFactorId' => $secondFactorId] |
||
126 | ); |
||
127 | } |
||
128 | if ($session->has(RecoveryTokenState::RECOVERY_TOKEN_STEP_UP_REQUEST_ID_IDENTIFIER)) { |
||
129 | // The test authentication IdP is also used for self-asserted recovery token |
||
130 | // verification a different session id is used to mark the authentication. |
||
131 | return $this->forward('SurfnetStepupSelfServiceSelfServiceBundle:RecoveryToken:stepUpConsumeAssertion'); |
||
132 | } |
||
133 | if (!$session->has('second_factor_test_request_id')) { |
||
134 | $this->logger->error( |
||
135 | 'Received an authentication response for testing a second factor, but no second factor test response was expected' |
||
136 | ); |
||
137 | |||
138 | throw new AccessDeniedHttpException('Did not expect an authentication response'); |
||
139 | } |
||
140 | $this->logger->notice('Received an authentication response for testing a second factor'); |
||
141 | $initiatedRequestId = $session->get('second_factor_test_request_id'); |
||
180 |