Spomky-Labs /
u2f-php
| Conditions | 15 |
| Paths | 13 |
| Total Lines | 80 |
| Code Lines | 33 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 32 | public function isValid(PublicKeyCredential $publicKeyCredential, PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions, ?string $rpId = null): bool |
||
| 33 | { |
||
| 34 | /** @see 7.1.2 */ |
||
| 35 | $C = $publicKeyCredential->getResponse()->getClientDataJSON(); |
||
| 36 | |||
| 37 | /** @see 7.1.3 */ |
||
| 38 | if ('webauthn.create' !== $C->getType()) { |
||
| 39 | return false; |
||
| 40 | } |
||
| 41 | |||
| 42 | /** @see 7.1.4 */ |
||
| 43 | if (hash_equals($publicKeyCredentialCreationOptions->getChallenge(), $C->getChallenge())) { |
||
| 44 | return false; |
||
| 45 | } |
||
| 46 | |||
| 47 | /** @see 7.1.5 */ |
||
| 48 | if ($rpId === null && $publicKeyCredentialCreationOptions->getRp()->getId() === null) { |
||
| 49 | return false; |
||
| 50 | } |
||
| 51 | $rpId = $rpId ?? $publicKeyCredentialCreationOptions->getRp()->getId(); |
||
| 52 | if ($C->getOrigin() !== $rpId) { |
||
| 53 | return false; |
||
| 54 | } |
||
| 55 | |||
| 56 | /** @see 7.1.6 */ |
||
| 57 | if ($C->getTokenBinding()) { |
||
| 58 | throw new \InvalidArgumentException('Not supported'); |
||
| 59 | } |
||
| 60 | |||
| 61 | /** @see 7.1.7 */ |
||
| 62 | $getClientDataJSONHash = hash('sha256', $publicKeyCredential->getResponse()->getClientDataJSON()->getRawData()); |
||
|
Unused Code
introduced
by
|
|||
| 63 | |||
| 64 | /** @see 7.1.8 */ |
||
| 65 | $attestationObject = $publicKeyCredential->getResponse()->getAttestationObject(); |
||
| 66 | |||
| 67 | /** @see 7.1.9 */ |
||
| 68 | $rpIdHash = hash('sha256', $rpId); |
||
| 69 | if (hash_equals($rpIdHash, $attestationObject->getAuthData()->getRpIdHash())) { |
||
| 70 | return false; |
||
| 71 | } |
||
| 72 | |||
| 73 | /** @see 7.1.10 */ |
||
| 74 | if (!$attestationObject->getAuthData()->isUserPresent()) { |
||
| 75 | return false; |
||
| 76 | } |
||
| 77 | |||
| 78 | /** @see 7.1.11 */ |
||
| 79 | if ($publicKeyCredentialCreationOptions->getAuthenticatorSelection()->getUserVerification() === AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_REQUIRED && !$attestationObject->getAuthData()->isUserVerified()) { |
||
| 80 | return false; |
||
| 81 | } |
||
| 82 | |||
| 83 | /** @see 7.1.12 */ |
||
| 84 | if ($publicKeyCredentialCreationOptions->getExtensions()->count() !== 0) { |
||
| 85 | return false; |
||
| 86 | } |
||
| 87 | |||
| 88 | /** @see 7.1.13 */ |
||
| 89 | $fmt = $attestationObject->getAttStmt()->getFmt(); |
||
| 90 | if (!$this->attestationStatementSupportManager->has($fmt)) { |
||
| 91 | return false; |
||
| 92 | } |
||
| 93 | |||
| 94 | /** @see 7.1.14 */ |
||
| 95 | $attestationStatementSupport = $this->attestationStatementSupportManager->get($fmt); |
||
| 96 | if (!$attestationStatementSupport->isValid($attestationObject->getAttStmt(), $attestationObject->getAuthData(), $C)) { |
||
| 97 | return false; |
||
| 98 | } |
||
| 99 | |||
| 100 | /** @see 7.1.15 */ |
||
| 101 | /** @see 7.1.16 */ |
||
| 102 | /** @see 7.1.17 */ |
||
| 103 | $credentialId = $attestationObject->getAuthData()->getAttestedCredentialData()->getCredentialId(); |
||
| 104 | if ($this->credentialIdRepository->hasCredentialId($credentialId)) { |
||
| 105 | return false; |
||
| 106 | } |
||
| 107 | |||
| 108 | /** @see 7.1.18 */ |
||
| 109 | /** @see 7.1.19 */ |
||
| 110 | |||
| 111 | return true; |
||
| 112 | } |
||
| 114 |
Loading history...