RemoteVettingController::remoteVetAction() - Code Metrics - Inspection of "Merge commit 'c41df124bd125fbdcca80bb82bc8fbf2827e..." - OpenConext/Stepup-SelfService - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — remote-vetting ( 9b6a17...6d48a7 )

by Pieter van der

created 2021-02-26 13:11 UTC

RemoteVettingController::remoteVetAction() A

↳ Parent: RemoteVettingController

Complexity

Conditions	4
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	23
rs	9.552
c	0
b	0
f	0
cc	4
nc	2
nop	3

<?php
/**
 * Copyright 2010 SURFnet B.V.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupSelfService\SelfServiceBundle\Controller;

use Psr\Log\LoggerInterface;
use SAML2\Response\Exception\PreconditionNotMetException;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Surfnet\StepupBundle\DateTime\RegistrationExpirationHelper;
use Surfnet\StepupSelfService\SelfServiceBundle\Command\RemoteVetCommand;
use Surfnet\StepupSelfService\SelfServiceBundle\Command\RemoteVetValidationCommand;
use Surfnet\StepupSelfService\SelfServiceBundle\Exception\InvalidRemoteVettingContextException;
use Surfnet\StepupSelfService\SelfServiceBundle\Exception\InvalidRemoteVettingStateException;
use Surfnet\StepupSelfService\SelfServiceBundle\Form\Type\RemoteVetSecondFactorType;
use Surfnet\StepupSelfService\SelfServiceBundle\Form\Type\RemoteVetValidationType;
use Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Token\SamlToken;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\Dto\AttributeListDto;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\Dto\RemoteVettingTokenDto;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\RemoteVettingViewHelper;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\SamlCalloutHelper;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\Value\FeedbackCollection;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\Value\ProcessId;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVettingService;
use Surfnet\StepupSelfService\SelfServiceBundle\Service\SecondFactorService;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\Session\Flash\FlashBagInterface;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;

/**
 * @SuppressWarnings(PHPMD.CouplingBetweenObjects) Too much coupling dus to glue code nature of this controller.
 *                                                 Could be refactored later on
 */
class RemoteVettingController extends Controller
{
    /**
     * @var RemoteVettingService
     */
    private $remoteVettingService;
    /**
     * @var SamlCalloutHelper
     */
    private $samlCalloutHelper;
    /**
     * @var LoggerInterface
     */
    private $logger;
    /**
     * @var RegistrationExpirationHelper
     */
    private $expirationHelper;
    /**
     * @var SecondFactorService
     */
    private $secondFactorService;
    /**
     * @var RemoteVettingViewHelper
     */
    private $remoteVettingViewHelper;

    public function __construct(
        RemoteVettingService $remoteVettingService,
        RemoteVettingViewHelper $remoteVettingViewHelper,
        SecondFactorService $secondFactorService,
        SamlCalloutHelper $samlCalloutHelper,
        RegistrationExpirationHelper $expirationHelper,
        LoggerInterface $logger
    ) {
        $this->secondFactorService = $secondFactorService;
        $this->remoteVettingService = $remoteVettingService;
        $this->samlCalloutHelper = $samlCalloutHelper;
        $this->expirationHelper = $expirationHelper;
        $this->logger = $logger;
        $this->remoteVettingViewHelper = $remoteVettingViewHelper;
    }

    /**
     * @Template
     * @param Request $request
     * @param string $secondFactorId
     * @param string $identityProviderSlug
     * @return array|Response
     */
    public function remoteVetAction(Request $request, $secondFactorId, $identityProviderSlug)

    {
        $identity = $this->getIdentity();

        $secondFactor = $this->secondFactorService->findOneVerified($secondFactorId);
        if ($secondFactor === null ||
            $secondFactor->identityId != $identity->id ||
            $this->expirationHelper->hasExpired($secondFactor->registrationRequestedAt)
        ) {
            throw new NotFoundHttpException(
                sprintf("No %s second factor with id '%s' exists.", 'verified', $secondFactorId)
            );
        }

        $token = RemoteVettingTokenDto::create(
            $identity->id,
            $secondFactor->id
        );

        $this->remoteVettingService->start($identityProviderSlug, $token);

        return new RedirectResponse($this->samlCalloutHelper->createAuthnRequest($identityProviderSlug));
    }

    /**
     * @param Request $request
     * @return mixed
     */
    public function acsAction(Request $request)
    {
        $this->logger->info('Receiving response from the remote IdP');

        /** @var FlashBagInterface $flashBag */
        $flashBag = $this->get('session')->getFlashBag();

        $this->logger->info('Load the attributes from the saml response');

        try {
            $processId = $this->samlCalloutHelper->handleResponse($request, $this->remoteVettingService->getActiveIdentityProviderSlug());
        } catch (InvalidRemoteVettingStateException $e) {
            $this->logger->error($e->getMessage());
            $flashBag->add('error', 'ss.second_factor.revoke.alert.remote_vetting_failed');
            return $this->redirectToRoute('ss_second_factor_list');
        } catch (PreconditionNotMetException $e) {
            $this->logger->error($e->getMessage());
            $flashBag->add('error', 'ss.second_factor.revoke.alert.remote_vetting_failed');
            return $this->redirectToRoute('ss_second_factor_list');
        } catch (InvalidRemoteVettingContextException $e) {
            $this->logger->error($e->getMessage());
            return $this->redirectToRoute('ss_second_factor_list');
        }

        return $this->redirectToRoute('ss_second_factor_remote_vet_match', [
            'processId' => $processId->getProcessId(),
        ]);

        return $this->redirectToRoute('ss_second_factor_list');
function fx() {
    try {
        doSomething();
        return true;
    }
    catch (\Exception $e) {
        return false;
    }

    return false;
}
    }

    /**
     * @param Request $request
     * @param $processId
     * @return Response
     */
    public function remoteVetMatchAction(Request $request, $processId)
    {
        /** @var FlashBagInterface $flashBag */
        $flashBag = $this->get('session')->getFlashBag();

        /** @var SamlToken $samlToken */
        $samlToken = $this->container->get('security.token_storage')->getToken();

        $localAttributes = AttributeListDto::fromAttributeSet($samlToken->getAttribute(SamlToken::ATTRIBUTE_SET));

        $matches = $this->remoteVettingService->getAttributeMatchCollection($localAttributes);
        $command = new RemoteVetValidationCommand($matches, new FeedbackCollection());

        try {
            $form = $this->createForm(RemoteVetValidationType::class, $command)->handleRequest($request);
            if ($form->isSubmitted() && $form->isValid()) {

                /** @var RemoteVetValidationCommand $command */
                $command = $form->getData();

                $token =  $this->remoteVettingService->done(
                    ProcessId::create($processId),
                    $this->getIdentity(),
                    $localAttributes,
                    $command->matches,
                    $command->feedback
                );

                $command = new RemoteVetCommand();
                $command->identity = $token->getIdentityId();
                $command->secondFactor = $token->getSecondFactorId();

                if ($this->secondFactorService->remoteVet($command)) {
                    $flashBag->add('success', 'ss.second_factor.revoke.alert.remote_vetting_successful');
                } else {
                    $flashBag->add('error', 'ss.second_factor.revoke.alert.remote_vetting_failed');
                }

                return $this->redirectToRoute('ss_second_factor_list');
            }
            
            $provider = $this->remoteVettingViewHelper->getIdentityProvider($this->remoteVettingService->getActiveIdentityProviderSlug());

            return $this->render('SurfnetStepupSelfServiceSelfServiceBundle:remote_vetting:validation.html.twig', [
                'provider' => $provider,
                'identity' => $this->getIdentity(),
                'form' => $form->createView(),
            ]);
        } catch (InvalidRemoteVettingStateException $e) {
            $this->logger->error($e->getMessage());
            $flashBag->add('error', 'ss.second_factor.revoke.alert.remote_vetting_failed');
            return $this->redirectToRoute('ss_second_factor_list');
        } catch (InvalidRemoteVettingContextException $e) {
            $this->logger->error($e->getMessage());
            return $this->redirectToRoute('ss_second_factor_list');
        }
    }
}


1			<?php
2			/**
3			* Copyright 2010 SURFnet B.V.
4			*
5			* Licensed under the Apache License, Version 2.0 (the "License");
6			* you may not use this file except in compliance with the License.
7			* You may obtain a copy of the License at
8			*
9			* http://www.apache.org/licenses/LICENSE-2.0
10			*
11			* Unless required by applicable law or agreed to in writing, software
12			* distributed under the License is distributed on an "AS IS" BASIS,
13			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14			* See the License for the specific language governing permissions and
15			* limitations under the License.
16			*/
17
18			namespace Surfnet\StepupSelfService\SelfServiceBundle\Controller;
19
20			use Psr\Log\LoggerInterface;
21			use SAML2\Response\Exception\PreconditionNotMetException;
22			use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
23			use Surfnet\StepupBundle\DateTime\RegistrationExpirationHelper;
24			use Surfnet\StepupSelfService\SelfServiceBundle\Command\RemoteVetCommand;
25			use Surfnet\StepupSelfService\SelfServiceBundle\Command\RemoteVetValidationCommand;
26			use Surfnet\StepupSelfService\SelfServiceBundle\Exception\InvalidRemoteVettingContextException;
27			use Surfnet\StepupSelfService\SelfServiceBundle\Exception\InvalidRemoteVettingStateException;
28			use Surfnet\StepupSelfService\SelfServiceBundle\Form\Type\RemoteVetSecondFactorType;
29			use Surfnet\StepupSelfService\SelfServiceBundle\Form\Type\RemoteVetValidationType;
30			use Surfnet\StepupSelfService\SelfServiceBundle\Security\Authentication\Token\SamlToken;
31			use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\Dto\AttributeListDto;
32			use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\Dto\RemoteVettingTokenDto;
33			use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\RemoteVettingViewHelper;
34			use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\SamlCalloutHelper;
35			use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\Value\FeedbackCollection;
36			use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\Value\ProcessId;
37			use Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVettingService;
38			use Surfnet\StepupSelfService\SelfServiceBundle\Service\SecondFactorService;
39			use Symfony\Component\HttpFoundation\RedirectResponse;
40			use Symfony\Component\HttpFoundation\Request;
41			use Symfony\Component\HttpFoundation\Response;
42			use Symfony\Component\HttpFoundation\Session\Flash\FlashBagInterface;
43			use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
44
45			/**
46			* @SuppressWarnings(PHPMD.CouplingBetweenObjects) Too much coupling dus to glue code nature of this controller.
47			* Could be refactored later on
48			*/
49			class RemoteVettingController extends Controller
50			{
51			/**
52			* @var RemoteVettingService
53			*/
54			private $remoteVettingService;
55			/**
56			* @var SamlCalloutHelper
57			*/
58			private $samlCalloutHelper;
59			/**
60			* @var LoggerInterface
61			*/
62			private $logger;
63			/**
64			* @var RegistrationExpirationHelper
65			*/
66			private $expirationHelper;
67			/**
68			* @var SecondFactorService
69			*/
70			private $secondFactorService;
71			/**
72			* @var RemoteVettingViewHelper
73			*/
74			private $remoteVettingViewHelper;
75
76			public function __construct(
77			RemoteVettingService $remoteVettingService,
78			RemoteVettingViewHelper $remoteVettingViewHelper,
79			SecondFactorService $secondFactorService,
80			SamlCalloutHelper $samlCalloutHelper,
81			RegistrationExpirationHelper $expirationHelper,
82			LoggerInterface $logger
83			) {
84			$this->secondFactorService = $secondFactorService;
85			$this->remoteVettingService = $remoteVettingService;
86			$this->samlCalloutHelper = $samlCalloutHelper;
87			$this->expirationHelper = $expirationHelper;
88			$this->logger = $logger;
89			$this->remoteVettingViewHelper = $remoteVettingViewHelper;
90			}
91
92			/**
93			* @Template
94			* @param Request $request
95			* @param string $secondFactorId
96			* @param string $identityProviderSlug
97			* @return array\|Response
98			*/
99			public function remoteVetAction(Request $request, $secondFactorId, $identityProviderSlug)
			0 ignored issues – show Unused Code introduced 2021-02-25 15:11 UTC by Report Bug Copy Issue Report The parameter `$request` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
100			{
101			$identity = $this->getIdentity();
102
103			$secondFactor = $this->secondFactorService->findOneVerified($secondFactorId);
104			if ($secondFactor === null \|\|
105			$secondFactor->identityId != $identity->id \|\|
106			$this->expirationHelper->hasExpired($secondFactor->registrationRequestedAt)
107			) {
108			throw new NotFoundHttpException(
109			sprintf("No %s second factor with id '%s' exists.", 'verified', $secondFactorId)
110			);
111			}
112
113			$token = RemoteVettingTokenDto::create(
114			$identity->id,
115			$secondFactor->id
116			);
117
118			$this->remoteVettingService->start($identityProviderSlug, $token);
119
120			return new RedirectResponse($this->samlCalloutHelper->createAuthnRequest($identityProviderSlug));
121			}
122
123			/**
124			* @param Request $request
125			* @return mixed
126			*/
127			public function acsAction(Request $request)
128			{
129			$this->logger->info('Receiving response from the remote IdP');
130
131			/** @var FlashBagInterface $flashBag */
132			$flashBag = $this->get('session')->getFlashBag();
133
134			$this->logger->info('Load the attributes from the saml response');
135
136			try {
137			$processId = $this->samlCalloutHelper->handleResponse($request, $this->remoteVettingService->getActiveIdentityProviderSlug());
138			} catch (InvalidRemoteVettingStateException $e) {
139			$this->logger->error($e->getMessage());
140			$flashBag->add('error', 'ss.second_factor.revoke.alert.remote_vetting_failed');
141			return $this->redirectToRoute('ss_second_factor_list');
142			} catch (PreconditionNotMetException $e) {
143			$this->logger->error($e->getMessage());
144			$flashBag->add('error', 'ss.second_factor.revoke.alert.remote_vetting_failed');
145			return $this->redirectToRoute('ss_second_factor_list');
146			} catch (InvalidRemoteVettingContextException $e) {
147			$this->logger->error($e->getMessage());
148			return $this->redirectToRoute('ss_second_factor_list');
149			}
150
151			return $this->redirectToRoute('ss_second_factor_remote_vet_match', [
152			'processId' => $processId->getProcessId(),
153			]);
154
155			return $this->redirectToRoute('ss_second_factor_list');
			0 ignored issues – show Unused Code introduced 2020-02-25 13:13 UTC by Report Bug Copy Issue Report `return $this->redirectTo...s_second_factor_list');` does not seem to be reachable. This check looks for unreachable code. It uses sophisticated control flow analysis techniques to find statements which will never be executed. Unreachable code is most often the result of `return`, `die` or `exit` statements that have been added for debug purposes. function fx() { try { doSomething(); return true; } catch (\Exception $e) { return false; } return false; } In the above example, the last `return false` will never be executed, because a return statement has already been met in every possible execution path. Loading history...
156			}
157
158			/**
159			* @param Request $request
160			* @param $processId
161			* @return Response
162			*/
163			public function remoteVetMatchAction(Request $request, $processId)
164			{
165			/** @var FlashBagInterface $flashBag */
166			$flashBag = $this->get('session')->getFlashBag();
167
168			/** @var SamlToken $samlToken */
169			$samlToken = $this->container->get('security.token_storage')->getToken();
170
171			$localAttributes = AttributeListDto::fromAttributeSet($samlToken->getAttribute(SamlToken::ATTRIBUTE_SET));
172
173			$matches = $this->remoteVettingService->getAttributeMatchCollection($localAttributes);
174			$command = new RemoteVetValidationCommand($matches, new FeedbackCollection());
175
176			try {
177			$form = $this->createForm(RemoteVetValidationType::class, $command)->handleRequest($request);
178			if ($form->isSubmitted() && $form->isValid()) {
179
180			/** @var RemoteVetValidationCommand $command */
181			$command = $form->getData();
182
183			$token = $this->remoteVettingService->done(
184			ProcessId::create($processId),
185			$this->getIdentity(),
186			$localAttributes,
187			$command->matches,
188			$command->feedback
189			);
190
191			$command = new RemoteVetCommand();
192			$command->identity = $token->getIdentityId();
193			$command->secondFactor = $token->getSecondFactorId();
194
195			if ($this->secondFactorService->remoteVet($command)) {
196			$flashBag->add('success', 'ss.second_factor.revoke.alert.remote_vetting_successful');
197			} else {
198			$flashBag->add('error', 'ss.second_factor.revoke.alert.remote_vetting_failed');
199			}
200
201			return $this->redirectToRoute('ss_second_factor_list');
202			}
203
204			$provider = $this->remoteVettingViewHelper->getIdentityProvider($this->remoteVettingService->getActiveIdentityProviderSlug());
205
206			return $this->render('SurfnetStepupSelfServiceSelfServiceBundle:remote_vetting:validation.html.twig', [
207			'provider' => $provider,
208			'identity' => $this->getIdentity(),
209			'form' => $form->createView(),
210			]);
211			} catch (InvalidRemoteVettingStateException $e) {
212			$this->logger->error($e->getMessage());
213			$flashBag->add('error', 'ss.second_factor.revoke.alert.remote_vetting_failed');
214			return $this->redirectToRoute('ss_second_factor_list');
215			} catch (InvalidRemoteVettingContextException $e) {
216			$this->logger->error($e->getMessage());
217			return $this->redirectToRoute('ss_second_factor_list');
218			}
219			}
220			}
221

OpenConext / Stepup-SelfService

Push — remote-vetting ( 9b6a17...6d48a7 )

RemoteVettingController::remoteVetAction() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like