DefaultPasswordHasher - Code Metrics - Inspection of "Improving salting" - Phauthentic/password-hashers - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#5)

by Florian

created 2020-05-05 15:13 UTC

DefaultPasswordHasher A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	100
Duplicated Lines	0 %

Test Coverage

Coverage

88%

Importance

Changes

Metric	Value
wmc	8
eloc	24
dl	0
loc	100
ccs	22
cts	25
cp	0.88
rs	10
c	0
b	0
f	0

5 Methods

Rating	Name	Size	Complexity
A	check()	5	1
A	hash()	13	2
A	setHashOptions()	5	1
A	setHashType()	11	3
A	needsRehash()	6	1

<?php

declare(strict_types=1);

/**

 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 *
 * Licensed under The MIT License
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 * @link          http://cakephp.org CakePHP(tm) Project
 * @license       http://www.opensource.org/licenses/mit-license.php MIT License
 */

namespace Phauthentic\PasswordHasher;

use InvalidArgumentException;
use RuntimeException;

/**
 * Abstraction of the php password_hash() function
 *
 * @link http://php.net/manual/en/function.password-hash.php
 */
class DefaultPasswordHasher extends AbstractPasswordHasher
{

    /**
     * Hashing algo to use. Valid values are those supported by `$algo` argument
     * of `password_hash()`. Defaults to `PASSWORD_DEFAULT`
     *
     * @var int
     */
    protected $hashType = PASSWORD_DEFAULT;

    /**
     * Associative array of options. Check the PHP manual for supported options
     * for each hash type. Defaults to empty array.
     *
     * @var array
     */
    protected $hashOptions = [];

    /**
     * Set Hash Options
     *
     * @param array $options Associative array of options. Check the PHP manual for supported options for each hash type. Defaults to empty array.
     * @return $this
     */
    public function setHashOptions(array $options): self
    {
        $this->hashOptions = $options;

        return $this;
    }

    /**
     * Sets the hash type
     *
     * @param int|string $type Hashing algo to use. Valid values are those supported by `$algo` argument of `password_hash()`. Defaults to `PASSWORD_DEFAULT`
     * @return $this
     */
    public function setHashType($type): self
    {
        if (!is_int($type) && !is_string($type)) {

            throw new InvalidArgumentException(sprintf(
                'You must pass an integer or string value'
            ));
        }

        $this->hashType = $type;
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}

        return $this;
    }

    /**
     * Generates password hash.
     *
     * @param string $password Plain text password to hash.
     * @return string Password hash or false on failure.
     */
    public function hash(string $password): string
    {
        $hash = password_hash(
            $this->saltPassword($password),
            $this->hashType,
            $this->hashOptions
        );

        if ($hash === false) {
            throw new RuntimeException('Failed to hash password.');
        }

        return $hash;
    }

    /**
     * Check hash. Generate hash for user provided password and check against existing hash.
     *
     * @param string $password Plain text password to hash.
     * @param string $hashedPassword Existing hashed password.
     * @return bool True if hashes match else false.
     */
    public function check(string $password, string $hashedPassword): bool
    {
        return password_verify(
            $this->saltPassword($password),
            $hashedPassword
        );
    }

    /**
     * Returns true if the password need to be rehashed, due to the password being
     * created with anything else than the passwords generated by this class.
     *
     * @param string $password The password to verify
     * @return bool
     */
    public function needsRehash(string $password): bool
    {
        return password_needs_rehash(
            $this->saltPassword($password),
            $this->hashType,
            $this->hashOptions
        );
    }
}


1		<?php
2
3		declare(strict_types=1);
4
5		/**
		0 ignored issues – show Coding Style introduced 2020-05-05 15:10 UTC by Report Bug Copy Issue Report The file-level docblock must follow the opening PHP tag in the file header Loading history...
6		* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
7		* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
8		*
9		* Licensed under The MIT License
10		* For full copyright and license information, please see the LICENSE.txt
11		* Redistributions of files must retain the above copyright notice.
12		*
13		* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
14		* @link http://cakephp.org CakePHP(tm) Project
15		* @license http://www.opensource.org/licenses/mit-license.php MIT License
16		*/
17
18		namespace Phauthentic\PasswordHasher;
19
20		use InvalidArgumentException;
21		use RuntimeException;
22
23		/**
24		* Abstraction of the php password_hash() function
25		*
26		* @link http://php.net/manual/en/function.password-hash.php
27		*/
28		class DefaultPasswordHasher extends AbstractPasswordHasher
29		{
30
31		/**
32		* Hashing algo to use. Valid values are those supported by `$algo` argument
33		* of `password_hash()`. Defaults to `PASSWORD_DEFAULT`
34		*
35		* @var int
36		*/
37		protected $hashType = PASSWORD_DEFAULT;
38
39		/**
40		* Associative array of options. Check the PHP manual for supported options
41		* for each hash type. Defaults to empty array.
42		*
43		* @var array
44		*/
45		protected $hashOptions = [];
46
47		/**
48		* Set Hash Options
49		*
50		* @param array $options Associative array of options. Check the PHP manual for supported options for each hash type. Defaults to empty array.
51		* @return $this
52		*/
53	2	public function setHashOptions(array $options): self
54		{
55	2	$this->hashOptions = $options;
56
57	2	return $this;
58		}
59
60		/**
61		* Sets the hash type
62		*
63		* @param int\|string $type Hashing algo to use. Valid values are those supported by `$algo` argument of `password_hash()`. Defaults to `PASSWORD_DEFAULT`
64		* @return $this
65		*/
66	2	public function setHashType($type): self
67		{
68	2	if (!is_int($type) && !is_string($type)) {
		0 ignored issues – show introduced 2020-05-05 14:37 UTC by Report Bug Copy Issue Report The condition `is_string($type)` is always `true`. Loading history...
69		throw new InvalidArgumentException(sprintf(
70		'You must pass an integer or string value'
71		));
72		}
73
74	2	$this->hashType = $type;
		0 ignored issues – show Documentation Bug introduced 2020-05-05 14:21 UTC by Report Bug Copy Issue Report It seems like `$type` can also be of type `string`. However, the property `$hashType` is declared as type `integer`. Maybe add an additional type check? Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable `$accountId` that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the `id` property of an instance of the `Account` class. This class holds a proper account, so the id value must no longer be false. Either this assignment is in error or a type check should be added for that assignment. class Id { public $id; public function __construct($id) { $this->id = $id; } } class Account { /** @var Id $id */ public $id; } $account_id = false; if (starsAreRight()) { $account_id = new Id(42); } $account = new Account(); if ($account instanceof Id) { $account->id = $account_id; } Loading history...
75
76	2	return $this;
77		}
78
79		/**
80		* Generates password hash.
81		*
82		* @param string $password Plain text password to hash.
83		* @return string Password hash or false on failure.
84		*/
85	12	public function hash(string $password): string
86		{
87	12	$hash = password_hash(
88	12	$this->saltPassword($password),
89	12	$this->hashType,
90	12	$this->hashOptions
91		);
92
93	12	if ($hash === false) {
94		throw new RuntimeException('Failed to hash password.');
95		}
96
97	12	return $hash;
98		}
99
100		/**
101		* Check hash. Generate hash for user provided password and check against existing hash.
102		*
103		* @param string $password Plain text password to hash.
104		* @param string $hashedPassword Existing hashed password.
105		* @return bool True if hashes match else false.
106		*/
107	6	public function check(string $password, string $hashedPassword): bool
108		{
109	6	return password_verify(
110	6	$this->saltPassword($password),
111		$hashedPassword
112		);
113		}
114
115		/**
116		* Returns true if the password need to be rehashed, due to the password being
117		* created with anything else than the passwords generated by this class.
118		*
119		* @param string $password The password to verify
120		* @return bool
121		*/
122	6	public function needsRehash(string $password): bool
123		{
124	6	return password_needs_rehash(
125	6	$this->saltPassword($password),
126	6	$this->hashType,
127	6	$this->hashOptions
128		);
129		}
130		}
131

Phauthentic / password-hashers

Pull Request — master (#5)

DefaultPasswordHasher A

Complexity

Size/Duplication

Test Coverage

Importance

5 Methods

Duplication Side-by-Side

Filter issues like