MailAccount - Code Metrics - Inspection of "Mail scanner rebuild (support for OAuth2) (#16638..." - YetiForceCompany/YetiForceCRM - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — developer ( 4e3135...f5c82a )

by Radosław

created 2022-11-08 11:43 UTC

MailAccount A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	84
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
wmc	18
eloc	48
dl	0
loc	84
rs	10
c	1
b	0
f	0

5 Methods

Rating	Name	Size	Complexity
B	get()	38	9
A	checkPermission()	7	5
A	updateSession()	2	1
A	checkPermissionToModule()	2	1
A	setLogs()	14	2

<?php
/**
 * OAuth mail authorization api file.
 *
 * @package API
 *
 * @copyright YetiForce S.A.
 * @license YetiForce Public License 5.0 (licenses/LicenseEN.txt or yetiforce.com)
 * @author Radosław Skrzypczak <[email protected]>
 */

namespace Api\OAuth\BaseAction;

class MailAccount extends \Api\Core\BaseAction
{
	/** {@inheritdoc}  */
	public $allowedMethod = ['GET'];

	/** @var string Module name */
	private $moduleName = 'MailAccount';

	/** {@inheritdoc}  */
	protected function checkPermission(): void
	{
		\App\Session::init();
		$state = $this->controller->request->get('state');
		$hash = $state ? sha1($state) : '';
		if (!$state || !\App\Session::has("OAuth.State.{$hash}") || $state !== \App\Session::get("OAuth.State.{$hash}")['state']) {
			throw new \Api\Core\Exception('No permission or wrong data', 401);
		}
	}

	/** {@inheritdoc} */
	public function updateSession(array $data = []): void
	{
	}

	/** {@inheritdoc}  */
	protected function checkPermissionToModule(): void
	{
	}

	public function get()
	{
		$code = $this->controller->request->getRaw('code');
		$state = $this->controller->request->get('state');
		$hash = $state ? sha1($state) : '';
		$key = "OAuth.State.{$hash}";

		$data = \App\Session::get($key);
		\App\Session::delete($key);
		$recordId = $data['recordId'];

		try {
			if ($this->controller->request->get('error') && !$code) {
				$message = $this->controller->request->get('error_description') ?: 'Authentication error';
				$this->setLogs($recordId, $message);
			} else {
				$mailAccount = \App\Mail\Account::getInstanceById($recordId);
				$mailAccount->getAccessToken(['code' => $code]);
				$provider = $mailAccount->getOAuthProvider();
				$resourceOwner = $provider->getResourceOwner();
				if (($aud = $resourceOwner->toArray()['aud'] ?? '') && $aud !== $mailAccount->getServer()->get('client_id')) {
					$this->setLogs($recordId, 'Attempted to authenticate the wrong data aud: ' . $aud);
				} else {
					$mailAccount->update();
				}
			}

			$redirectUri = $data['redirectUri'];
			header('location: ' . $redirectUri);
			exit;
		} catch (\Throwable $th) {
			$message = $th->getMessage();
			if ($th instanceof \App\Exceptions\AppException) {
				$message = $th->getDisplayMessage();
			}
			$url = $this->setLogs($recordId, $message);
			header('location: ' . \App\Config::main('site_URL') . $url);
			exit;
		}
	}

	private function setLogs(int $recordId, string $message): string
	{
		$recordModel = \Vtiger_Record_Model::getInstanceById($recordId, $this->moduleName);
		$fieldModel = $recordModel->getField('logs');
		$fieldModelStatus = $recordModel->getField('mailaccount_status');
		$status = 'PLL_LOCKED';
		if (mb_strlen($message) > $fieldModel->getMaxValue()) {
			$message = substr($message, 0, $fieldModel->getMaxValue());
		}
		$recordModel->set($fieldModel->getName(), $message)->setDataForSave([$fieldModel->getTableName() => [$fieldModel->getColumnName() => $message]]);
		$recordModel->set($fieldModelStatus->getName(), $status)->setDataForSave([$fieldModelStatus->getTableName() => [$fieldModelStatus->getColumnName() => $status]]);
		$recordModel->save();

		return $recordModel->getDetailViewUrl();
	}
}


1			<?php
2			/**
3			* OAuth mail authorization api file.
4			*
5			* @package API
6			*
7			* @copyright YetiForce S.A.
8			* @license YetiForce Public License 5.0 (licenses/LicenseEN.txt or yetiforce.com)
9			* @author Radosław Skrzypczak <[email protected]>
10			*/
11
12			namespace Api\OAuth\BaseAction;
13
14			class MailAccount extends \Api\Core\BaseAction
15			{
16			/** {@inheritdoc} */
17			public $allowedMethod = ['GET'];
18
19			/** @var string Module name */
20			private $moduleName = 'MailAccount';
21
22			/** {@inheritdoc} */
23			protected function checkPermission(): void
24			{
25			\App\Session::init();
26			$state = $this->controller->request->get('state');
27			$hash = $state ? sha1($state) : '';
28			if (!$state \|\| !\App\Session::has("OAuth.State.{$hash}") \|\| $state !== \App\Session::get("OAuth.State.{$hash}")['state']) {
29			throw new \Api\Core\Exception('No permission or wrong data', 401);
30			}
31			}
32
33			/** {@inheritdoc} */
34			public function updateSession(array $data = []): void
35			{
36			}
37
38			/** {@inheritdoc} */
39			protected function checkPermissionToModule(): void
40			{
41			}
42
43			public function get()
44			{
45			$code = $this->controller->request->getRaw('code');
46			$state = $this->controller->request->get('state');
47			$hash = $state ? sha1($state) : '';
48			$key = "OAuth.State.{$hash}";
49
50			$data = \App\Session::get($key);
51			\App\Session::delete($key);
52			$recordId = $data['recordId'];
53
54			try {
55			if ($this->controller->request->get('error') && !$code) {
56			$message = $this->controller->request->get('error_description') ?: 'Authentication error';
57			$this->setLogs($recordId, $message);
58			} else {
59			$mailAccount = \App\Mail\Account::getInstanceById($recordId);
60			$mailAccount->getAccessToken(['code' => $code]);
61			$provider = $mailAccount->getOAuthProvider();
62			$resourceOwner = $provider->getResourceOwner();
63			if (($aud = $resourceOwner->toArray()['aud'] ?? '') && $aud !== $mailAccount->getServer()->get('client_id')) {
64			$this->setLogs($recordId, 'Attempted to authenticate the wrong data aud: ' . $aud);
65			} else {
66			$mailAccount->update();
67			}
68			}
69
70			$redirectUri = $data['redirectUri'];
71			header('location: ' . $redirectUri);
72			exit;
73			} catch (\Throwable $th) {
74			$message = $th->getMessage();
75			if ($th instanceof \App\Exceptions\AppException) {
76			$message = $th->getDisplayMessage();
77			}
78			$url = $this->setLogs($recordId, $message);
79			header('location: ' . \App\Config::main('site_URL') . $url);
80			exit;
81			}
82			}
83
84			private function setLogs(int $recordId, string $message): string
85			{
86			$recordModel = \Vtiger_Record_Model::getInstanceById($recordId, $this->moduleName);
87			$fieldModel = $recordModel->getField('logs');
88			$fieldModelStatus = $recordModel->getField('mailaccount_status');
89			$status = 'PLL_LOCKED';
90			if (mb_strlen($message) > $fieldModel->getMaxValue()) {
91			$message = substr($message, 0, $fieldModel->getMaxValue());
92			}
93			$recordModel->set($fieldModel->getName(), $message)->setDataForSave([$fieldModel->getTableName() => [$fieldModel->getColumnName() => $message]]);
94			$recordModel->set($fieldModelStatus->getName(), $status)->setDataForSave([$fieldModelStatus->getTableName() => [$fieldModelStatus->getColumnName() => $status]]);
95			$recordModel->save();
96
97			return $recordModel->getDetailViewUrl();
98			}
99			}
100

YetiForceCompany / YetiForceCRM

Push — developer ( 4e3135...f5c82a )

MailAccount A

Complexity

Size/Duplication

Importance

5 Methods

Duplication Side-by-Side

Filter issues like