HttpBasicAuthenticationPlugin::getCredentials() - Code Metrics - Vectorface/SnappyRouter - Measure and Improve Code Quality continuously with Scrutinizer

HttpBasicAuthenticationPlugin::getCredentials() A
last analyzed 2019-04-06 15:14 UTC

↳ Parent: HttpBasicAuthenticationPlugin

Complexity

Conditions	2
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	4
CRAP Score	2

Importance

Changes

Metric	Value
cc	2
nc	2
nop	0
dl	0
loc	7
ccs	4
cts	4
cp	1
crap	2
rs	10
c	0
b	0
f	0

<?php

namespace Vectorface\SnappyRouter\Plugin\Authentication;

use Vectorface\SnappyRouter\Exception\UnauthorizedException;
use Vectorface\SnappyRouter\Handler\AbstractHandler;

/**
 * A plugin to make use of PHP's built-in Auth support to provide HTTP/Basic authentication.
 *
 * Note: This class expects the AuthMechanism DI key set to an AuthenticatorInterface instance.
 *
 * @copyright Copyright (c) 2014, VectorFace, Inc.
 * @author J. Anderson <[email protected]>
 * @author Dan Bruce   <[email protected]>
 */
class HttpBasicAuthenticationPlugin extends AbstractAuthenticationPlugin
{
    /** The authentication realm, usually presented to the user in a
        username/password dialog box. */
    private $realm = "Authentication Required";

    /**
     * Create a new HTTP/Basic Authentication plugin.
     *
     * @param array $options An associative array of options. Supports AuthMechanism and realm options.
     */
    public function __construct($options)
    {
        parent::__construct($options);

        if (!empty($options['realm'])) {
            $this->realm = $options['realm'];
        }
    }

    /**
     * Invoked directly after the router decides which handler will be used.
     * @param AbstractHandler $handler The handler selected by the router.
     */
    public function afterHandlerSelected(AbstractHandler $handler)
    {
        try {
            parent::afterHandlerSelected($handler);
        } catch (UnauthorizedException $e) {
            @header(sprintf('WWW-Authenticate: Basic realm="%s"', $this->realm));
// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}
            throw $e;
        }
    }

    /**
     * Extract credentials from the request, PHP's PHP_AUTH_(USER|PW) server variables in this case.
     *
     * @return mixed An array of credentials; A username and password pair, or false if credentials aren't available
     */
    public function getCredentials()
    {
        if (isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
            return array($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
        }
        return false;
    }
}


1		<?php
2
3		namespace Vectorface\SnappyRouter\Plugin\Authentication;
4
5		use Vectorface\SnappyRouter\Exception\UnauthorizedException;
6		use Vectorface\SnappyRouter\Handler\AbstractHandler;
7
8		/**
9		* A plugin to make use of PHP's built-in Auth support to provide HTTP/Basic authentication.
10		*
11		* Note: This class expects the AuthMechanism DI key set to an AuthenticatorInterface instance.
12		*
13		* @copyright Copyright (c) 2014, VectorFace, Inc.
14		* @author J. Anderson <[email protected]>
15		* @author Dan Bruce <[email protected]>
16		*/
17		class HttpBasicAuthenticationPlugin extends AbstractAuthenticationPlugin
18		{
19		/** The authentication realm, usually presented to the user in a
20		username/password dialog box. */
21		private $realm = "Authentication Required";
22
23		/**
24		* Create a new HTTP/Basic Authentication plugin.
25		*
26		* @param array $options An associative array of options. Supports AuthMechanism and realm options.
27		*/
28	1	public function __construct($options)
29		{
30	1	parent::__construct($options);
31
32	1	if (!empty($options['realm'])) {
33	1	$this->realm = $options['realm'];
34		}
35	1	}
36
37		/**
38		* Invoked directly after the router decides which handler will be used.
39		* @param AbstractHandler $handler The handler selected by the router.
40		*/
41	1	public function afterHandlerSelected(AbstractHandler $handler)
42		{
43		try {
44	1	parent::afterHandlerSelected($handler);
45	1	} catch (UnauthorizedException $e) {
46	1	@header(sprintf('WWW-Authenticate: Basic realm="%s"', $this->realm));
		0 ignored issues – show Security Best Practice introduced 2016-04-26 14:02 UTC by Report Bug Copy Issue Report It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended. If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of @mkdir($dir); // Better use if (@mkdir($dir) === false) { throw new \RuntimeException('The directory '.$dir.' could not be created.'); } Loading history...
47	1	throw $e;
48		}
49	1	}
50
51		/**
52		* Extract credentials from the request, PHP's PHP_AUTH_(USER\|PW) server variables in this case.
53		*
54		* @return mixed An array of credentials; A username and password pair, or false if credentials aren't available
55		*/
56	1	public function getCredentials()
57		{
58	1	if (isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
59	1	return array($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
60		}
61	1	return false;
62		}
63		}
64

Vectorface / SnappyRouter

HttpBasicAuthenticationPlugin::getCredentials() A last analyzed 2019-04-06 15:14 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

HttpBasicAuthenticationPlugin::getCredentials() A
last analyzed 2019-04-06 15:14 UTC