SelfVetMarshaller::isAllowed() - Code Metrics - Inspection of "Self vetting" - OpenConext/Stepup-SelfService - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#227)

by Michiel

created 2021-03-17 13:56 UTC

SelfVetMarshaller::isAllowed() A

↳ Parent: SelfVetMarshaller

Complexity

Conditions	5
Paths	4

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	21
c	0
b	0
f	0
rs	9.2728
cc	5
nc	4
nop	2

<?php

/**
 * Copyright 2021 SURF B.V.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

namespace Surfnet\StepupSelfService\SelfServiceBundle\Service;

use Surfnet\StepupBundle\Service\SecondFactorTypeService;
use Surfnet\StepupBundle\Value\SecondFactorType;
use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\Identity;
use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\VettedSecondFactor;

class SelfVetMarshaller implements VettingMarshaller
{
    /**
     * @var SecondFactorService
     */
    private $secondFactorService;

    /**
     * @var SecondFactorTypeService
     */
    private $secondFactorTypeService;

    public function __construct(
        SecondFactorService $secondFactorService,
        SecondFactorTypeService $secondFactorTypeService
    ) {
        $this->secondFactorService = $secondFactorService;
        $this->secondFactorTypeService = $secondFactorTypeService;
    }

    /**
     * You are allowed to self vet when:
     * 1. You already have a vetted token
     * 2. The vetted token has higher LoA (or equal) to the one being vetted
     */
    public function isAllowed(Identity $identity, string $secondFactorId): bool
    {
        $vettedSecondFactors = $this->secondFactorService->findVettedByIdentity($identity->id);
        if ($vettedSecondFactors->getTotalItems() === 0) {
            return false;
        }
        $candidateToken = $this->secondFactorService->findOneVerified($secondFactorId);
        if ($candidateToken) {
            /** @var VettedSecondFactor $authoringSecondFactor */
            foreach ($vettedSecondFactors->getElements() as $authoringSecondFactor) {
                $hasSuitableToken = $this->secondFactorTypeService->hasEqualOrLowerLoaComparedTo(
                    new SecondFactorType($candidateToken->type),
                    new SecondFactorType($authoringSecondFactor->type)
                );
                if ($hasSuitableToken) {
                    return true;
                }
            }
        }
        return false;
    }
}


1			<?php
2
3			/**
4			* Copyright 2021 SURF B.V.
5			*
6			* Licensed under the Apache License, Version 2.0 (the "License");
7			* you may not use this file except in compliance with the License.
8			* You may obtain a copy of the License at
9			*
10			* http://www.apache.org/licenses/LICENSE-2.0
11			*
12			* Unless required by applicable law or agreed to in writing, software
13			* distributed under the License is distributed on an "AS IS" BASIS,
14			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15			* See the License for the specific language governing permissions and
16			* limitations under the License.
17			*/
18
19			namespace Surfnet\StepupSelfService\SelfServiceBundle\Service;
20
21			use Surfnet\StepupBundle\Service\SecondFactorTypeService;
22			use Surfnet\StepupBundle\Value\SecondFactorType;
23			use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\Identity;
24			use Surfnet\StepupMiddlewareClientBundle\Identity\Dto\VettedSecondFactor;
25
26			class SelfVetMarshaller implements VettingMarshaller
27			{
28			/**
29			* @var SecondFactorService
30			*/
31			private $secondFactorService;
32
33			/**
34			* @var SecondFactorTypeService
35			*/
36			private $secondFactorTypeService;
37
38			public function __construct(
39			SecondFactorService $secondFactorService,
40			SecondFactorTypeService $secondFactorTypeService
41			) {
42			$this->secondFactorService = $secondFactorService;
43			$this->secondFactorTypeService = $secondFactorTypeService;
44			}
45
46			/**
47			* You are allowed to self vet when:
48			* 1. You already have a vetted token
49			* 2. The vetted token has higher LoA (or equal) to the one being vetted
50			*/
51			public function isAllowed(Identity $identity, string $secondFactorId): bool
52			{
53			$vettedSecondFactors = $this->secondFactorService->findVettedByIdentity($identity->id);
54			if ($vettedSecondFactors->getTotalItems() === 0) {
55			return false;
56			}
57			$candidateToken = $this->secondFactorService->findOneVerified($secondFactorId);
58			if ($candidateToken) {
59			/** @var VettedSecondFactor $authoringSecondFactor */
60			foreach ($vettedSecondFactors->getElements() as $authoringSecondFactor) {
61			$hasSuitableToken = $this->secondFactorTypeService->hasEqualOrLowerLoaComparedTo(
62			new SecondFactorType($candidateToken->type),
63			new SecondFactorType($authoringSecondFactor->type)
64			);
65			if ($hasSuitableToken) {
66			return true;
67			}
68			}
69			}
70			return false;
71			}
72			}
73

OpenConext / Stepup-SelfService

Pull Request — develop (#227)

SelfVetMarshaller::isAllowed() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like