Issues in Api.php (master) - Issues in master - Piou-piou/RibsAdminBundle - Measure and Improve Code Quality continuously with Scrutinizer

Issues (62)

Service/Api.php (1 issue)

Severity

<?php

namespace PiouPiou\RibsAdminBundle\Service;

use PiouPiou\RibsAdminBundle\Entity\Account;
use Doctrine\Common\Annotations\AnnotationException;
use Doctrine\Common\Annotations\AnnotationReader;
use Doctrine\ORM\EntityManagerInterface;
use Exception;
use PiouPiou\RibsAdminBundle\Entity\AccountToken;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Symfony\Component\Serializer\Encoder\JsonEncoder;
use Symfony\Component\Serializer\Encoder\XmlEncoder;
use Symfony\Component\Serializer\Exception\ExceptionInterface;
use Symfony\Component\Serializer\Mapping\Factory\ClassMetadataFactory;
use Symfony\Component\Serializer\Mapping\Loader\AnnotationLoader;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
use Symfony\Component\Serializer\Normalizer\ObjectNormalizer;
use Symfony\Component\Serializer\Serializer;

class Api
{
    /**
     * @var ContainerInterface
     */
    private $container;

    /**
     * @var EntityManagerInterface
     */
    private $em;

    /**
     * @var SessionInterface
     */
    private $session;

    /**
     * @var Account
     */
    private $account;

    /**
     * @var Request|null
     */
    private $request;

    /**
     * Api constructor.
     * @param ContainerInterface $container
     * @param EntityManagerInterface $em
     * @param SessionInterface $session
     * @param RequestStack $request_stack
     */
    public function __construct(ContainerInterface $container, EntityManagerInterface $em, SessionInterface $session, RequestStack $request_stack)
    {
        $this->container = $container;
        $this->em = $em;
        $this->session = $session;
        $this->request = $request_stack->getCurrentRequest();
    }

    /**
     * this method is used to test jwt and if the account is ok else send false
     * @param string $infos_jwt
     * @param string $token
     * @return bool
     * @throws Exception
     */
    public function userIslogged(string $infos_jwt, string $token): bool
    {
        $em = $this->em;
        $jwt = Jwt::decode($infos_jwt, $token);

        if ($jwt === false) {

            return false;
        }

        $account_token_search = [
            "token" => $token,
            "userAgent" => $this->request->server->get("HTTP_USER_AGENT"),
            "ip" => $this->request->server->get("REMOTE_ADDR")
        ];
        if (preg_match('/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i',$this->request->server->get("HTTP_USER_AGENT"))||preg_match('/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i',substr($this->request->server->get("HTTP_USER_AGENT"),0,4))) {
            $account_token_search = [
                "token" => $token,
                "userAgent" => $this->request->server->get("HTTP_USER_AGENT"),
            ];
        }

        $account_token = $em->getRepository(AccountToken::class)->findOneBy($account_token_search);

        if (!$account_token) {
            return false;
        }

        $this->account = $em->getRepository(Account::class)->findOneBy([
            "id" => $account_token->getAccount()->getId(),
            "isActive" => true,
        ]);

        if (!$this->account) {
            return false;
        }

        $this->account->setLastConnection(new \DateTime());
        $em->persist($this->account);
        $em->flush();

        $this->getToken($this->account);
        $this->session->set("jwt_infos", $jwt);
        $this->session->set("account", $this->account);
        $this->session->set("account_token", $account_token);

        return true;
    }

    /**
     * method that return the token for a account
     * @param Account $account
     * @return string
     * @throws Exception
     */
    public function getToken(Account $account): string
    {
        $account_token = $this->em->getRepository(AccountToken::class)->findOneBy([
            "account" => $account,
            "userAgent" => $this->request->server->get("HTTP_USER_AGENT"),
            "ip" => $this->request->server->get("REMOTE_ADDR")
        ]);

        $token = $account_token ? $account_token->getToken() : null;
        $now = new \DateTime();

        if ($token === null || $account_token->getEndToken() < $now) {
            return $this->setToken($account, $account_token);
        }

        return $token;
    }

    /**
     * @param Account $account
     * @param $account_token
     * @return string
     * method that set a token for the account
     * @throws Exception
     */
    public function setToken(Account $account, $account_token): string
    {
        $token = $this->generateToken();
        $now = new \DateTime();
        $end_token = $now->add(new \DateInterval("PT".$this->container->getParameter("ribs_admin.api_token_duration")."M"));

        if (!$account_token) {
            $account_token = new AccountToken();
        }

        $account_token->setToken($token);
        $account_token->setUserAgent($this->request->server->get("HTTP_USER_AGENT"));
        $account_token->setIp($this->request->server->get("REMOTE_ADDR"));
        $account_token->setEndToken($end_token);
        $account_token->setAccount($account);
        $this->em->persist($account_token);
        $this->em->flush();

        $this->account = $account;
        $this->session->set("account", $this->account);
        $this->session->set("account_token", $account_token);

        return $token;
    }

    /**
     * generate a token for api
     * @param int $length
     * @return string
     */
    public function generateToken(int $length = 200): string
    {
        $string = "abcdefghijklmnopqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ23456789";
        $token = "";
        srand((double)microtime() * 1000000);
        for ($i = 0; $i < $length; $i++) {
            $token .= $string[rand() % strlen($string)];
        }

        return $token;
    }

    /**
     * method that encode an object to a json
     * @param $object
     * @param string $type
     * @return mixed
     * @throws ExceptionInterface
     * @throws AnnotationException
     */
    public function serializeObject($object, $type = "json")
    {
        $classMetadataFactory = new ClassMetadataFactory(new AnnotationLoader(new AnnotationReader()));
        $serializer = new Serializer([new DateTimeNormalizer(), new ObjectNormalizer($classMetadataFactory)], [new XmlEncoder(), new JsonEncoder()]);

        return $serializer->normalize($object, $type, [
            'circular_reference_handler' => function ($object) {
                return $object->getId();
            },
            'groups' => 'main'
        ]);
    }
}


1			<?php
2
3			namespace PiouPiou\RibsAdminBundle\Service;
4
5			use PiouPiou\RibsAdminBundle\Entity\Account;
6			use Doctrine\Common\Annotations\AnnotationException;
7			use Doctrine\Common\Annotations\AnnotationReader;
8			use Doctrine\ORM\EntityManagerInterface;
9			use Exception;
10			use PiouPiou\RibsAdminBundle\Entity\AccountToken;
11			use Symfony\Component\DependencyInjection\ContainerInterface;
12			use Symfony\Component\HttpFoundation\Request;
13			use Symfony\Component\HttpFoundation\RequestStack;
14			use Symfony\Component\HttpFoundation\Session\SessionInterface;
15			use Symfony\Component\Serializer\Encoder\JsonEncoder;
16			use Symfony\Component\Serializer\Encoder\XmlEncoder;
17			use Symfony\Component\Serializer\Exception\ExceptionInterface;
18			use Symfony\Component\Serializer\Mapping\Factory\ClassMetadataFactory;
19			use Symfony\Component\Serializer\Mapping\Loader\AnnotationLoader;
20			use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
21			use Symfony\Component\Serializer\Normalizer\ObjectNormalizer;
22			use Symfony\Component\Serializer\Serializer;
23
24			class Api
25			{
26			/**
27			* @var ContainerInterface
28			*/
29			private $container;
30
31			/**
32			* @var EntityManagerInterface
33			*/
34			private $em;
35
36			/**
37			* @var SessionInterface
38			*/
39			private $session;
40
41			/**
42			* @var Account
43			*/
44			private $account;
45
46			/**
47			* @var Request\|null
48			*/
49			private $request;
50
51			/**
52			* Api constructor.
53			* @param ContainerInterface $container
54			* @param EntityManagerInterface $em
55			* @param SessionInterface $session
56			* @param RequestStack $request_stack
57			*/
58			public function __construct(ContainerInterface $container, EntityManagerInterface $em, SessionInterface $session, RequestStack $request_stack)
59			{
60			$this->container = $container;
61			$this->em = $em;
62			$this->session = $session;
63			$this->request = $request_stack->getCurrentRequest();
64			}
65
66			/**
67			* this method is used to test jwt and if the account is ok else send false
68			* @param string $infos_jwt
69			* @param string $token
70			* @return bool
71			* @throws Exception
72			*/
73			public function userIslogged(string $infos_jwt, string $token): bool
74			{
75			$em = $this->em;
76			$jwt = Jwt::decode($infos_jwt, $token);
77
78			if ($jwt === false) {
			0 ignored issues – show introduced 2020-07-22 07:03 UTC by Report Bug Copy Issue Report Show Similar Issues like this The condition `$jwt === false` is always `false`. Loading history...
79			return false;
80			}
81
82			$account_token_search = [
83			"token" => $token,
84			"userAgent" => $this->request->server->get("HTTP_USER_AGENT"),
85			"ip" => $this->request->server->get("REMOTE_ADDR")
86			];
87			if (preg_match('/(android\|bb\d+\|meego).+mobile\|avantgo\|bada\/\|blackberry\|blazer\|compal\|elaine\|fennec\|hiptop\|iemobile\|ip(hone\|od)\|iris\|kindle\|lge \|maemo\|midp\|mmp\|netfront\|opera m(ob\|in)i\|palm( os)?\|phone\|p(ixi\|re)\/\|plucker\|pocket\|psp\|series(4\|6)0\|symbian\|treo\|up\.(browser\|link)\|vodafone\|wap\|windows (ce\|phone)\|xda\|xiino/i',$this->request->server->get("HTTP_USER_AGENT"))\|\|preg_match('/1207\|6310\|6590\|3gso\|4thp\|50[1-6]i\|770s\|802s\|a wa\|abac\|ac(er\|oo\|s\-)\|ai(ko\|rn)\|al(av\|ca\|co)\|amoi\|an(ex\|ny\|yw)\|aptu\|ar(ch\|go)\|as(te\|us)\|attw\|au(di\|\-m\|r \|s )\|avan\|be(ck\|ll\|nq)\|bi(lb\|rd)\|bl(ac\|az)\|br(e\|v)w\|bumb\|bw\-(n\|u)\|c55\/\|capi\|ccwa\|cdm\-\|cell\|chtm\|cldc\|cmd\-\|co(mp\|nd)\|craw\|da(it\|ll\|ng)\|dbte\|dc\-s\|devi\|dica\|dmob\|do(c\|p)o\|ds(12\|\-d)\|el(49\|ai)\|em(l2\|ul)\|er(ic\|k0)\|esl8\|ez([4-7]0\|os\|wa\|ze)\|fetc\|fly(\-\|_)\|g1 u\|g560\|gene\|gf\-5\|g\-mo\|go(\.w\|od)\|gr(ad\|un)\|haie\|hcit\|hd\-(m\|p\|t)\|hei\-\|hi(pt\|ta)\|hp( i\|ip)\|hs\-c\|ht(c(\-\| \|_\|a\|g\|p\|s\|t)\|tp)\|hu(aw\|tc)\|i\-(20\|go\|ma)\|i230\|iac( \|\-\|\/)\|ibro\|idea\|ig01\|ikom\|im1k\|inno\|ipaq\|iris\|ja(t\|v)a\|jbro\|jemu\|jigs\|kddi\|keji\|kgt( \|\/)\|klon\|kpt \|kwc\-\|kyo(c\|k)\|le(no\|xi)\|lg( g\|\/(k\|l\|u)\|50\|54\|\-[a-w])\|libw\|lynx\|m1\-w\|m3ga\|m50\/\|ma(te\|ui\|xo)\|mc(01\|21\|ca)\|m\-cr\|me(rc\|ri)\|mi(o8\|oa\|ts)\|mmef\|mo(01\|02\|bi\|de\|do\|t(\-\| \|o\|v)\|zz)\|mt(50\|p1\|v )\|mwbp\|mywa\|n10[0-2]\|n20[2-3]\|n30(0\|2)\|n50(0\|2\|5)\|n7(0(0\|1)\|10)\|ne((c\|m)\-\|on\|tf\|wf\|wg\|wt)\|nok(6\|i)\|nzph\|o2im\|op(ti\|wv)\|oran\|owg1\|p800\|pan(a\|d\|t)\|pdxg\|pg(13\|\-([1-8]\|c))\|phil\|pire\|pl(ay\|uc)\|pn\-2\|po(ck\|rt\|se)\|prox\|psio\|pt\-g\|qa\-a\|qc(07\|12\|21\|32\|60\|\-[2-7]\|i\-)\|qtek\|r380\|r600\|raks\|rim9\|ro(ve\|zo)\|s55\/\|sa(ge\|ma\|mm\|ms\|ny\|va)\|sc(01\|h\-\|oo\|p\-)\|sdk\/\|se(c(\-\|0\|1)\|47\|mc\|nd\|ri)\|sgh\-\|shar\|sie(\-\|m)\|sk\-0\|sl(45\|id)\|sm(al\|ar\|b3\|it\|t5)\|so(ft\|ny)\|sp(01\|h\-\|v\-\|v )\|sy(01\|mb)\|t2(18\|50)\|t6(00\|10\|18)\|ta(gt\|lk)\|tcl\-\|tdg\-\|tel(i\|m)\|tim\-\|t\-mo\|to(pl\|sh)\|ts(70\|m\-\|m3\|m5)\|tx\-9\|up(\.b\|g1\|si)\|utst\|v400\|v750\|veri\|vi(rg\|te)\|vk(40\|5[0-3]\|\-v)\|vm40\|voda\|vulc\|vx(52\|53\|60\|61\|70\|80\|81\|83\|85\|98)\|w3c(\-\| )\|webc\|whit\|wi(g \|nc\|nw)\|wmlb\|wonu\|x700\|yas\-\|your\|zeto\|zte\-/i',substr($this->request->server->get("HTTP_USER_AGENT"),0,4))) {
88			$account_token_search = [
89			"token" => $token,
90			"userAgent" => $this->request->server->get("HTTP_USER_AGENT"),
91			];
92			}
93
94			$account_token = $em->getRepository(AccountToken::class)->findOneBy($account_token_search);
95
96			if (!$account_token) {
97			return false;
98			}
99
100			$this->account = $em->getRepository(Account::class)->findOneBy([
101			"id" => $account_token->getAccount()->getId(),
102			"isActive" => true,
103			]);
104
105			if (!$this->account) {
106			return false;
107			}
108
109			$this->account->setLastConnection(new \DateTime());
110			$em->persist($this->account);
111			$em->flush();
112
113			$this->getToken($this->account);
114			$this->session->set("jwt_infos", $jwt);
115			$this->session->set("account", $this->account);
116			$this->session->set("account_token", $account_token);
117
118			return true;
119			}
120
121			/**
122			* method that return the token for a account
123			* @param Account $account
124			* @return string
125			* @throws Exception
126			*/
127			public function getToken(Account $account): string
128			{
129			$account_token = $this->em->getRepository(AccountToken::class)->findOneBy([
130			"account" => $account,
131			"userAgent" => $this->request->server->get("HTTP_USER_AGENT"),
132			"ip" => $this->request->server->get("REMOTE_ADDR")
133			]);
134
135			$token = $account_token ? $account_token->getToken() : null;
136			$now = new \DateTime();
137
138			if ($token === null \|\| $account_token->getEndToken() < $now) {
139			return $this->setToken($account, $account_token);
140			}
141
142			return $token;
143			}
144
145			/**
146			* @param Account $account
147			* @param $account_token
148			* @return string
149			* method that set a token for the account
150			* @throws Exception
151			*/
152			public function setToken(Account $account, $account_token): string
153			{
154			$token = $this->generateToken();
155			$now = new \DateTime();
156			$end_token = $now->add(new \DateInterval("PT".$this->container->getParameter("ribs_admin.api_token_duration")."M"));
157
158			if (!$account_token) {
159			$account_token = new AccountToken();
160			}
161
162			$account_token->setToken($token);
163			$account_token->setUserAgent($this->request->server->get("HTTP_USER_AGENT"));
164			$account_token->setIp($this->request->server->get("REMOTE_ADDR"));
165			$account_token->setEndToken($end_token);
166			$account_token->setAccount($account);
167			$this->em->persist($account_token);
168			$this->em->flush();
169
170			$this->account = $account;
171			$this->session->set("account", $this->account);
172			$this->session->set("account_token", $account_token);
173
174			return $token;
175			}
176
177			/**
178			* generate a token for api
179			* @param int $length
180			* @return string
181			*/
182			public function generateToken(int $length = 200): string
183			{
184			$string = "abcdefghijklmnopqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ23456789";
185			$token = "";
186			srand((double)microtime() * 1000000);
187			for ($i = 0; $i < $length; $i++) {
188			$token .= $string[rand() % strlen($string)];
189			}
190
191			return $token;
192			}
193
194			/**
195			* method that encode an object to a json
196			* @param $object
197			* @param string $type
198			* @return mixed
199			* @throws ExceptionInterface
200			* @throws AnnotationException
201			*/
202			public function serializeObject($object, $type = "json")
203			{
204			$classMetadataFactory = new ClassMetadataFactory(new AnnotationLoader(new AnnotationReader()));
205			$serializer = new Serializer([new DateTimeNormalizer(), new ObjectNormalizer($classMetadataFactory)], [new XmlEncoder(), new JsonEncoder()]);
206
207			return $serializer->normalize($object, $type, [
208			'circular_reference_handler' => function ($object) {
209			return $object->getId();
210			},
211			'groups' => 'main'
212			]);
213			}
214			}
215

Piou-piou / RibsAdminBundle

Issues (62)

Service/Api.php (1 issue)

Severity

Introduced By

Duplication Side-by-Side

Filter issues like