ExplicitSessionTimeoutHandler - Code Metrics - Inspection of "Release of new version 2.1.0" - OpenConext/Stepup-SelfService - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 2f8a7e...0fe329 )

by A.

created 2016-08-12 15:07 UTC

ExplicitSessionTimeoutHandler A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	114
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	11

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
wmc	9
c	2
b	0
f	0
lcom	1
cbo	11
dl	0
loc	114
rs	10

3 Methods

Rating	Name	Size	Complexity
A	__construct()	17	1
A	setNext()	4	1
C	process()	49	7

<?php

/**
 * Copyright 2016 SURFnet bv
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Handler;

use Psr\Log\LoggerInterface;
use Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\AuthenticatedSessionStateHandler;
use Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Session\SessionLifetimeGuard;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Http\Logout\CookieClearingLogoutHandler;
use Symfony\Component\Security\Http\Logout\SessionLogoutHandler;

class ExplicitSessionTimeoutHandler implements AuthenticationHandler
{
    /**
     * @var AuthenticationHandler|null
     */
    private $nextHandler;

    /**
     * @var TokenStorageInterface
     */
    private $tokenStorage;

    /**
     * @var SessionLifetimeGuard
     */
    private $sessionLifetimeGuard;

    /**
     * @var AuthenticatedSessionStateHandler
     */
    private $authenticatedSession;

    /**
     * @var SessionLogoutHandler
     */
    private $sessionLogoutHandler;

    /**
     * @var CookieClearingLogoutHandler
     */
    private $cookieClearingLogoutHandler;

    /**
     * @var RouterInterface
     */
    private $router;
    /**
     * @var LoggerInterface
     */
    private $logger;

    public function __construct(
        TokenStorageInterface $tokenStorageInterface,
        AuthenticatedSessionStateHandler $authenticatedSessionStateHandler,

        SessionLifetimeGuard $sessionLifetimeGuard,
        SessionLogoutHandler $sessionLogoutHandler,
        CookieClearingLogoutHandler $cookieClearingLogoutHandler,
        RouterInterface $router,
        LoggerInterface $logger
    ) {
        $this->tokenStorage                = $tokenStorageInterface;
        $this->authenticatedSession        = $authenticatedSessionStateHandler;
        $this->sessionLifetimeGuard        = $sessionLifetimeGuard;
        $this->sessionLogoutHandler        = $sessionLogoutHandler;
        $this->cookieClearingLogoutHandler = $cookieClearingLogoutHandler;
        $this->router                      = $router;
        $this->logger                      = $logger;
    }

    public function process(GetResponseEvent $event)
    {
        if ($this->tokenStorage->getToken() !== null
            && !$this->sessionLifetimeGuard->sessionLifetimeWithinLimits($this->authenticatedSession)
        ) {
            $invalidatedBy = [];
            if (!$this->sessionLifetimeGuard->sessionLifetimeWithinAbsoluteLimit($this->authenticatedSession)) {
                $invalidatedBy[] = 'absolute';
            }

            if (!$this->sessionLifetimeGuard->sessionLifetimeWithinRelativeLimit($this->authenticatedSession)) {
                $invalidatedBy[] = 'relative';
            }

            $this->logger->notice(sprintf(
                'Authenticated user found, but session was determined to be outside of the "%s" time limit. User will '
                . 'be logged out and redirected to session-expired page to attempt new login.',
                implode(' and ', $invalidatedBy)
            ));


            $token   = $this->tokenStorage->getToken();
            $request = $event->getRequest();

            // if the current request was not a GET request we cannot safely redirect to that page after login as it
            // may require a form resubmit for instance. Therefor, we redirect to the last GET request (either current
            // or previous).
            $afterLoginRedirectTo = $this->authenticatedSession->getCurrentRequestUri();
            if ($event->getRequest()->getMethod() === 'GET') {
                $afterLoginRedirectTo = $event->getRequest()->getRequestUri();
            }

            // log the user out using Symfony methodology, see the LogoutListener
            $event->setResponse(new RedirectResponse($this->router->generate('selfservice_security_session_expired')));

            $this->sessionLogoutHandler->logout($request, $event->getResponse(), $token);
            $this->cookieClearingLogoutHandler->logout($request, $event->getResponse(), $token);
            $this->tokenStorage->setToken(null);

            // the session is restarted after invalidation during the logout, so we can (re)store the last GET request
            $this->authenticatedSession->setCurrentRequestUri($afterLoginRedirectTo);

            return;
        }

        if ($this->nextHandler !== null) {
            $this->nextHandler->process($event);
        }
    }

    public function setNext(AuthenticationHandler $handler)
    {
        $this->nextHandler = $handler;
    }
}


1			<?php
2
3			/**
4			* Copyright 2016 SURFnet bv
5			*
6			* Licensed under the Apache License, Version 2.0 (the "License");
7			* you may not use this file except in compliance with the License.
8			* You may obtain a copy of the License at
9			*
10			* http://www.apache.org/licenses/LICENSE-2.0
11			*
12			* Unless required by applicable law or agreed to in writing, software
13			* distributed under the License is distributed on an "AS IS" BASIS,
14			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15			* See the License for the specific language governing permissions and
16			* limitations under the License.
17			*/
18
19			namespace Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Handler;
20
21			use Psr\Log\LoggerInterface;
22			use Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\AuthenticatedSessionStateHandler;
23			use Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Session\SessionLifetimeGuard;
24			use Symfony\Component\HttpFoundation\RedirectResponse;
25			use Symfony\Component\HttpKernel\Event\GetResponseEvent;
26			use Symfony\Component\Routing\RouterInterface;
27			use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
28			use Symfony\Component\Security\Http\Logout\CookieClearingLogoutHandler;
29			use Symfony\Component\Security\Http\Logout\SessionLogoutHandler;
30
31			class ExplicitSessionTimeoutHandler implements AuthenticationHandler
32			{
33			/**
34			* @var AuthenticationHandler\|null
35			*/
36			private $nextHandler;
37
38			/**
39			* @var TokenStorageInterface
40			*/
41			private $tokenStorage;
42
43			/**
44			* @var SessionLifetimeGuard
45			*/
46			private $sessionLifetimeGuard;
47
48			/**
49			* @var AuthenticatedSessionStateHandler
50			*/
51			private $authenticatedSession;
52
53			/**
54			* @var SessionLogoutHandler
55			*/
56			private $sessionLogoutHandler;
57
58			/**
59			* @var CookieClearingLogoutHandler
60			*/
61			private $cookieClearingLogoutHandler;
62
63			/**
64			* @var RouterInterface
65			*/
66			private $router;
67			/**
68			* @var LoggerInterface
69			*/
70			private $logger;
71
72			public function __construct(
73			TokenStorageInterface $tokenStorageInterface,
74			AuthenticatedSessionStateHandler $authenticatedSessionStateHandler,
			0 ignored issues – show Comprehensibility Naming introduced 2016-08-10 15:13 UTC by Report Bug Copy Issue Report The variable name `$authenticatedSessionStateHandler` exceeds the maximum configured length of `30`. Very long variable names usually make code harder to read. It is therefore recommended not to make variable names too verbose. Loading history...
75			SessionLifetimeGuard $sessionLifetimeGuard,
76			SessionLogoutHandler $sessionLogoutHandler,
77			CookieClearingLogoutHandler $cookieClearingLogoutHandler,
78			RouterInterface $router,
79			LoggerInterface $logger
80			) {
81			$this->tokenStorage = $tokenStorageInterface;
82			$this->authenticatedSession = $authenticatedSessionStateHandler;
83			$this->sessionLifetimeGuard = $sessionLifetimeGuard;
84			$this->sessionLogoutHandler = $sessionLogoutHandler;
85			$this->cookieClearingLogoutHandler = $cookieClearingLogoutHandler;
86			$this->router = $router;
87			$this->logger = $logger;
88			}
89
90			public function process(GetResponseEvent $event)
91			{
92			if ($this->tokenStorage->getToken() !== null
93			&& !$this->sessionLifetimeGuard->sessionLifetimeWithinLimits($this->authenticatedSession)
94			) {
95			$invalidatedBy = [];
96			if (!$this->sessionLifetimeGuard->sessionLifetimeWithinAbsoluteLimit($this->authenticatedSession)) {
97			$invalidatedBy[] = 'absolute';
98			}
99
100			if (!$this->sessionLifetimeGuard->sessionLifetimeWithinRelativeLimit($this->authenticatedSession)) {
101			$invalidatedBy[] = 'relative';
102			}
103
104			$this->logger->notice(sprintf(
105			'Authenticated user found, but session was determined to be outside of the "%s" time limit. User will '
106			. 'be logged out and redirected to session-expired page to attempt new login.',
107			implode(' and ', $invalidatedBy)
108			));
109
110
111			$token = $this->tokenStorage->getToken();
112			$request = $event->getRequest();
113
114			// if the current request was not a GET request we cannot safely redirect to that page after login as it
115			// may require a form resubmit for instance. Therefor, we redirect to the last GET request (either current
116			// or previous).
117			$afterLoginRedirectTo = $this->authenticatedSession->getCurrentRequestUri();
118			if ($event->getRequest()->getMethod() === 'GET') {
119			$afterLoginRedirectTo = $event->getRequest()->getRequestUri();
120			}
121
122			// log the user out using Symfony methodology, see the LogoutListener
123			$event->setResponse(new RedirectResponse($this->router->generate('selfservice_security_session_expired')));
124
125			$this->sessionLogoutHandler->logout($request, $event->getResponse(), $token);
126			$this->cookieClearingLogoutHandler->logout($request, $event->getResponse(), $token);
127			$this->tokenStorage->setToken(null);
128
129			// the session is restarted after invalidation during the logout, so we can (re)store the last GET request
130			$this->authenticatedSession->setCurrentRequestUri($afterLoginRedirectTo);
131
132			return;
133			}
134
135			if ($this->nextHandler !== null) {
136			$this->nextHandler->process($event);
137			}
138			}
139
140			public function setNext(AuthenticationHandler $handler)
141			{
142			$this->nextHandler = $handler;
143			}
144			}
145

OpenConext / Stepup-SelfService

Push — master ( 2f8a7e...0fe329 )

ExplicitSessionTimeoutHandler A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

3 Methods

Duplication Side-by-Side

Filter issues like