Tiqr_OcraService_Tiqr::verifyResponseWithSecret() - Code Metrics - Inspection of "Merge branch 'develop'" - Tiqr/tiqr-server-libphp - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 35fb8a...2dccb2 )

by Pieter van der

created 2022-10-17 13:35 UTC

Tiqr_OcraService_Tiqr::verifyResponseWithSecret() A

↳ Parent: Project

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	3
CRAP Score	1

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
eloc	2
c	1
b	0
f	0
dl	0
loc	4
ccs	3
cts	3
cp	1
rs	10
cc	1
nc	1
nop	4
crap	1

<?php

require_once __DIR__ . '/../OATH/OCRA.php';

/**
 * This file is part of the tiqr project.
 *
 * The tiqr project aims to provide an open implementation for
 * authentication using mobile devices. It was initiated by
 * SURFnet and developed by Egeniq.
 *
 * More information: http://www.tiqr.org
 *
 * @author Ivo Jansch <[email protected]>
 *
 * @package tiqr
 *
 * @license New BSD License - See LICENSE file for details.
 *
 * @copyright (C) 2010-2012 SURFnet BV
 */

/**
 * The implementation for the tiqr ocra service class.
 *
 * @author lineke
 *
 */
class Tiqr_OcraService_Tiqr extends Tiqr_OcraService_Abstract
{

    /**
     *  @see Tiqr_OcraService_Interface::verifyResponse()
     */
    public function verifyResponse(String $response, String $userId, String $userSecret, String $challenge, String $sessionInformation): bool
    {
        // Calculate the response. Because we have the same information as the client this should result in the same
        // response as the client calculated.
        try {
            $expected = OCRA::generateOCRA($this->_ocraSuite, $userSecret, "", $challenge, "", $sessionInformation, "");
        }
        catch (Exception $e) {
            $this->logger->warning(sprintf('Error calculating OCRA response for user "%s"', $userId), array('exception'=>$e));
            return false;
        }

        if (strlen($expected) != strlen($response)) {
            $this->logger->warning('verifyResponse: calculated and expected response have different lengths');
        }
        // Use constant time compare
        return $this->_ocraParser->constEqual($expected, $response);
    }
}


1		<?php
2
3		require_once __DIR__ . '/../OATH/OCRA.php';
4
5		/**
6		* This file is part of the tiqr project.
7		*
8		* The tiqr project aims to provide an open implementation for
9		* authentication using mobile devices. It was initiated by
10		* SURFnet and developed by Egeniq.
11		*
12		* More information: http://www.tiqr.org
13		*
14		* @author Ivo Jansch <[email protected]>
15		*
16		* @package tiqr
17		*
18		* @license New BSD License - See LICENSE file for details.
19		*
20		* @copyright (C) 2010-2012 SURFnet BV
21		*/
22
23		/**
24		* The implementation for the tiqr ocra service class.
25		*
26		* @author lineke
27		*
28		*/
29		class Tiqr_OcraService_Tiqr extends Tiqr_OcraService_Abstract
30		{
31
32		/**
33		* @see Tiqr_OcraService_Interface::verifyResponse()
34		*/
35	3	public function verifyResponse(String $response, String $userId, String $userSecret, String $challenge, String $sessionInformation): bool
36		{
37		// Calculate the response. Because we have the same information as the client this should result in the same
38		// response as the client calculated.
39		try {
40	3	$expected = OCRA::generateOCRA($this->_ocraSuite, $userSecret, "", $challenge, "", $sessionInformation, "");
41		}
42		catch (Exception $e) {
43		$this->logger->warning(sprintf('Error calculating OCRA response for user "%s"', $userId), array('exception'=>$e));
44		return false;
45		}
46
47	3	if (strlen($expected) != strlen($response)) {
48	1	$this->logger->warning('verifyResponse: calculated and expected response have different lengths');
49		}
50		// Use constant time compare
51	3	return $this->_ocraParser->constEqual($expected, $response);
52		}
53		}
54

Tiqr / tiqr-server-libphp

Push — master ( 35fb8a...2dccb2 )

Tiqr_OcraService_Tiqr::verifyResponseWithSecret() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like