DefaultPasswordHasher::needsRehash() - Code Metrics - Inspection of "Fixing copy and paste fail" - Phauthentic/password-hashers - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Branch — salts (889e41)

by Florian

created 2020-05-05 14:35 UTC

DefaultPasswordHasher::needsRehash() A

↳ Parent: DefaultPasswordHasher

Complexity

Conditions	1
Paths	1

Size

Total Lines	6
Code Lines	4

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	5
CRAP Score	1

Importance

Changes

Metric	Value
eloc	4
dl	0
loc	6
ccs	5
cts	5
cp	1
rs	10
c	0
b	0
f	0
cc	1
nc	1
nop	1
crap	1

<?php
declare(strict_types=1);
/**
 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 *
 * Licensed under The MIT License
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
 * @link          http://cakephp.org CakePHP(tm) Project
 * @license       http://www.opensource.org/licenses/mit-license.php MIT License
 */
namespace Phauthentic\PasswordHasher;

use InvalidArgumentException;
use RuntimeException;

/**
 * Abstraction of the php password_hash() function
 *
 * @link http://php.net/manual/en/function.password-hash.php
 */
class DefaultPasswordHasher extends AbstractPasswordHasher
{

    /**
     * Hashing algo to use. Valid values are those supported by `$algo` argument
     * of `password_hash()`. Defaults to `PASSWORD_DEFAULT`
     *
     * @var int
     */
    protected $hashType = PASSWORD_DEFAULT;

    /**
     * Associative array of options. Check the PHP manual for supported options
     * for each hash type. Defaults to empty array.
     *
     * @var array
     */
    protected $hashOptions = [];

    /**
     * Set Hash Options
     *
     * @param array $options Associative array of options. Check the PHP manual for supported options for each hash type. Defaults to empty array.
     * @return $this
     */
    public function setHashOptions(array $options): self
    {
        $this->hashOptions = $options;

        return $this;
    }

    /**
     * Sets the hash type
     *
     * @param int|string $type Hashing algo to use. Valid values are those supported by `$algo` argument of `password_hash()`. Defaults to `PASSWORD_DEFAULT`
     * @return $this
     */
    public function setHashType($type): self
    {
        if (!is_int($type) && !is_string($type)) {

            throw new InvalidArgumentException(sprintf(
                'You must pass an integer or string value'
            ));
        }

        $this->hashType = $type;
class Id
{
    public $id;

    public function __construct($id)
    {
        $this->id = $id;
    }

}

class Account
{
    /** @var  Id $id */
    public $id;
}

$account_id = false;

if (starsAreRight()) {
    $account_id = new Id(42);
}

$account = new Account();
if ($account instanceof Id)
{
    $account->id = $account_id;
}

        return $this;
    }

    /**
     * Generates password hash.
     *
     * @param string $password Plain text password to hash.
     * @return string Password hash or false on failure.
     */
    public function hash(string $password): string
    {
        $hash = password_hash(
            $this->saltPassword($password),
            $this->hashType,
            $this->hashOptions
        );

        if ($hash === false) {
            throw new RuntimeException('Failed to hash password.');
        }

        return $hash;
    }

    /**
     * Check hash. Generate hash for user provided password and check against existing hash.
     *
     * @param string $password Plain text password to hash.
     * @param string $hashedPassword Existing hashed password.
     * @return bool True if hashes match else false.
     */
    public function check(string $password, string $hashedPassword): bool
    {
        return password_verify(
            $this->saltPassword($password),
            $hashedPassword
        );
    }

    /**
     * Returns true if the password need to be rehashed, due to the password being
     * created with anything else than the passwords generated by this class.
     *
     * @param string $password The password to verify
     * @return bool
     */
    public function needsRehash(string $password): bool
    {
        return password_needs_rehash(
            $this->saltPassword($password),
            $this->hashType,
            $this->hashOptions
        );
    }
}


1		<?php
2		declare(strict_types=1);
3		/**
4		* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
5		* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
6		*
7		* Licensed under The MIT License
8		* For full copyright and license information, please see the LICENSE.txt
9		* Redistributions of files must retain the above copyright notice.
10		*
11		* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
12		* @link http://cakephp.org CakePHP(tm) Project
13		* @license http://www.opensource.org/licenses/mit-license.php MIT License
14		*/
15		namespace Phauthentic\PasswordHasher;
16
17		use InvalidArgumentException;
18		use RuntimeException;
19
20		/**
21		* Abstraction of the php password_hash() function
22		*
23		* @link http://php.net/manual/en/function.password-hash.php
24		*/
25		class DefaultPasswordHasher extends AbstractPasswordHasher
26		{
27
28		/**
29		* Hashing algo to use. Valid values are those supported by `$algo` argument
30		* of `password_hash()`. Defaults to `PASSWORD_DEFAULT`
31		*
32		* @var int
33		*/
34		protected $hashType = PASSWORD_DEFAULT;
35
36		/**
37		* Associative array of options. Check the PHP manual for supported options
38		* for each hash type. Defaults to empty array.
39		*
40		* @var array
41		*/
42		protected $hashOptions = [];
43
44		/**
45		* Set Hash Options
46		*
47		* @param array $options Associative array of options. Check the PHP manual for supported options for each hash type. Defaults to empty array.
48		* @return $this
49		*/
50	1	public function setHashOptions(array $options): self
51		{
52	1	$this->hashOptions = $options;
53
54	1	return $this;
55		}
56
57		/**
58		* Sets the hash type
59		*
60		* @param int\|string $type Hashing algo to use. Valid values are those supported by `$algo` argument of `password_hash()`. Defaults to `PASSWORD_DEFAULT`
61		* @return $this
62		*/
63	1	public function setHashType($type): self
64		{
65	1	if (!is_int($type) && !is_string($type)) {
		0 ignored issues – show introduced 2020-05-05 14:37 UTC by Report Bug Copy Issue Report The condition `is_string($type)` is always `true`. Loading history...
66		throw new InvalidArgumentException(sprintf(
67		'You must pass an integer or string value'
68		));
69		}
70
71	1	$this->hashType = $type;
		0 ignored issues – show Documentation Bug introduced 2020-05-05 14:21 UTC by Report Bug Copy Issue Report It seems like `$type` can also be of type `string`. However, the property `$hashType` is declared as type `integer`. Maybe add an additional type check? Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly. For example, imagine you have a variable `$accountId` that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to the `id` property of an instance of the `Account` class. This class holds a proper account, so the id value must no longer be false. Either this assignment is in error or a type check should be added for that assignment. class Id { public $id; public function __construct($id) { $this->id = $id; } } class Account { /** @var Id $id */ public $id; } $account_id = false; if (starsAreRight()) { $account_id = new Id(42); } $account = new Account(); if ($account instanceof Id) { $account->id = $account_id; } Loading history...
72
73	1	return $this;
74		}
75
76		/**
77		* Generates password hash.
78		*
79		* @param string $password Plain text password to hash.
80		* @return string Password hash or false on failure.
81		*/
82	6	public function hash(string $password): string
83		{
84	6	$hash = password_hash(
85	6	$this->saltPassword($password),
86	6	$this->hashType,
87	6	$this->hashOptions
88		);
89
90	6	if ($hash === false) {
91		throw new RuntimeException('Failed to hash password.');
92		}
93
94	6	return $hash;
95		}
96
97		/**
98		* Check hash. Generate hash for user provided password and check against existing hash.
99		*
100		* @param string $password Plain text password to hash.
101		* @param string $hashedPassword Existing hashed password.
102		* @return bool True if hashes match else false.
103		*/
104	3	public function check(string $password, string $hashedPassword): bool
105		{
106	3	return password_verify(
107	3	$this->saltPassword($password),
108	3	$hashedPassword
109		);
110		}
111
112		/**
113		* Returns true if the password need to be rehashed, due to the password being
114		* created with anything else than the passwords generated by this class.
115		*
116		* @param string $password The password to verify
117		* @return bool
118		*/
119	3	public function needsRehash(string $password): bool
120		{
121	3	return password_needs_rehash(
122	3	$this->saltPassword($password),
123	3	$this->hashType,
124	3	$this->hashOptions
125		);
126		}
127		}
128

Phauthentic / password-hashers

Branch — salts (889e41)

DefaultPasswordHasher::needsRehash() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like