HandleSamlRequestSubscriber - Code Metrics - SchulIT/idp - Measure and Improve Code Quality continuously with Scrutinizer

HandleSamlRequestSubscriber A
last analyzed 2023-04-26 09:21 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	36
Duplicated Lines	0 %

Test Coverage

Coverage

100%

Importance

Changes

Metric	Value
eloc	15
c	0
b	0
f	0
dl	0
loc	36
ccs	16
cts	16
cp	1
rs	10
wmc	12

3 Methods

Rating	Name	Size	Complexity
A	__construct()	2	1
A	getSubscribedEvents()	3	1
B	onRequest()	24	10

<?php

namespace App\EventSubscriber;

use Scheb\TwoFactorBundle\Security\Authentication\Token\TwoFactorToken;
use SchulIT\LightSamlIdpBundle\RequestStorage\RequestStorageInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;

/**
 * Listener which checks whether there is a SAMLRequest pending from before login. If so, the listener redirects to the
 * SSO controller in order to send the SAMLResponse (and redirect the user to the requested service).
 */
class HandleSamlRequestSubscriber implements EventSubscriberInterface {

    public function __construct(private TokenStorageInterface $tokenStorage, private RequestStorageInterface $samlRequestStorage, private UrlGeneratorInterface $urlGenerator)
    {
    }

    public function onRequest(RequestEvent $event) {
        $request = $event->getRequest();
        $route = $request->get('_route');

        if(!$event->isMainRequest()) {
            // prevent loops
            return;
        }

        /** @var TokenInterface|null $token */
        $token = $this->tokenStorage->getToken();

        if($route === 'idp_saml') {
            $event->stopPropagation(); // stop other events from possibly redirecting
        }

        if($token === null || $token->getUser() === null || $token instanceof TwoFactorToken || $route === 'idp_saml' || $route === 'show_privacy_policy') {
            // prevent loops
            return;
        }

        if($this->samlRequestStorage->has() && $event->hasResponse() === false) {
            $response = new RedirectResponse($this->urlGenerator->generate('idp_saml'));
            $event->setResponse($response);
        }
    }

    public static function getSubscribedEvents(): array {
        return [
            RequestEvent::class => ['onRequest', -5]
        ];
    }
}

1		<?php
2
3		namespace App\EventSubscriber;
4
5		use Scheb\TwoFactorBundle\Security\Authentication\Token\TwoFactorToken;
6		use SchulIT\LightSamlIdpBundle\RequestStorage\RequestStorageInterface;
7		use Symfony\Component\EventDispatcher\EventSubscriberInterface;
8		use Symfony\Component\HttpFoundation\RedirectResponse;
9		use Symfony\Component\HttpKernel\Event\RequestEvent;
10		use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
11		use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
12		use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
13		use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
14
15		/**
16		* Listener which checks whether there is a SAMLRequest pending from before login. If so, the listener redirects to the
17		* SSO controller in order to send the SAMLResponse (and redirect the user to the requested service).
18		*/
19		class HandleSamlRequestSubscriber implements EventSubscriberInterface {
20
21		public function __construct(private TokenStorageInterface $tokenStorage, private RequestStorageInterface $samlRequestStorage, private UrlGeneratorInterface $urlGenerator)
22		{
23		}
24
25		public function onRequest(RequestEvent $event) {
26		$request = $event->getRequest();
27	20	$route = $request->get('_route');
28	20
29	20	if(!$event->isMainRequest()) {
30	20	// prevent loops
31	20	return;
32		}
33	18
34	18	/** @var TokenInterface\|null $token */
35	18	$token = $this->tokenStorage->getToken();
36
37	18	if($route === 'idp_saml') {
38		$event->stopPropagation(); // stop other events from possibly redirecting
39	2	}
40
41		if($token === null \|\| $token->getUser() === null \|\| $token instanceof TwoFactorToken \|\| $route === 'idp_saml' \|\| $route === 'show_privacy_policy') {
42		// prevent loops
43	17	return;
44		}
45	17
46	2	if($this->samlRequestStorage->has() && $event->hasResponse() === false) {
47		$response = new RedirectResponse($this->urlGenerator->generate('idp_saml'));
48		$event->setResponse($response);
49	17	}
50		}
51	13
52		public static function getSubscribedEvents(): array {
53		return [
54	9	RequestEvent::class => ['onRequest', -5]
55	2	];
56		}
57		}

SchulIT / idp

HandleSamlRequestSubscriber A last analyzed 2023-04-26 09:21 UTC

Complexity

Size/Duplication

Test Coverage

Importance

3 Methods

Duplication Side-by-Side

Filter issues like

HandleSamlRequestSubscriber A
last analyzed 2023-04-26 09:21 UTC