This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | declare(strict_types = 1); |
||
4 | |||
5 | /* |
||
6 | * This file is part of the AppleApnPush package |
||
7 | * |
||
8 | * (c) Vitaliy Zhuk <[email protected]> |
||
9 | * |
||
10 | * For the full copyright and license information, please view the LICENSE |
||
11 | * file that was distributed with this source code |
||
12 | */ |
||
13 | |||
14 | namespace Apple\ApnPush\Jwt; |
||
15 | |||
16 | /** |
||
17 | * The JWT token with content for certificate. You can use this certificate, if you save content to database |
||
18 | * or another storage. Before get certificate file, this system create a temporary file certificate |
||
19 | * and returns path to it. After close connection (destruct), the temporary file |
||
20 | * will be removed. |
||
21 | */ |
||
22 | class ContentJwt implements JwtInterface |
||
23 | { |
||
24 | /** |
||
25 | * @var string |
||
26 | */ |
||
27 | private $teamId; |
||
28 | |||
29 | /** |
||
30 | * @var string |
||
31 | */ |
||
32 | private $key; |
||
33 | |||
34 | /** |
||
35 | * @var string |
||
36 | */ |
||
37 | private $content; |
||
38 | |||
39 | /** |
||
40 | * @var string |
||
41 | */ |
||
42 | private $tmpDir; |
||
43 | |||
44 | /** |
||
45 | * @var string |
||
46 | */ |
||
47 | private $certificateFilePath; |
||
48 | |||
49 | /** |
||
50 | * Constructor. |
||
51 | * |
||
52 | * @param string $teamId |
||
53 | * @param string $key |
||
54 | * @param string $content |
||
55 | * @param string $tmpDir |
||
56 | */ |
||
57 | public function __construct(string $teamId, string $key, string $content, string $tmpDir) |
||
58 | { |
||
59 | $this->teamId = $teamId; |
||
60 | $this->key = $key; |
||
61 | $this->content = $content; |
||
62 | $this->tmpDir = $tmpDir; |
||
63 | } |
||
64 | |||
65 | /** |
||
66 | * Implement __destruct |
||
67 | * Remove temporary file |
||
68 | */ |
||
69 | public function __destruct() |
||
70 | { |
||
71 | if ($this->certificateFilePath) { |
||
72 | $this->removeTemporaryFile($this->certificateFilePath); |
||
73 | } |
||
74 | } |
||
75 | |||
76 | /** |
||
77 | * {@inheritdoc} |
||
78 | */ |
||
79 | public function getTeamId(): string |
||
80 | { |
||
81 | return $this->teamId; |
||
82 | } |
||
83 | |||
84 | /** |
||
85 | * {@inheritdoc} |
||
86 | */ |
||
87 | public function getKey(): string |
||
88 | { |
||
89 | return $this->key; |
||
90 | } |
||
91 | |||
92 | /** |
||
93 | * {@inheritdoc} |
||
94 | */ |
||
95 | View Code Duplication | public function getPath(): string |
|
0 ignored issues
–
show
|
|||
96 | { |
||
97 | if ($this->certificateFilePath) { |
||
98 | $this->removeTemporaryFile($this->certificateFilePath); |
||
99 | } |
||
100 | |||
101 | $this->certificateFilePath = $this->createTemporaryFile(); |
||
102 | \file_put_contents($this->certificateFilePath, $this->content); |
||
103 | |||
104 | return $this->certificateFilePath; |
||
105 | } |
||
106 | |||
107 | /** |
||
108 | * Create a temporary file |
||
109 | * |
||
110 | * @return string Path to temporary file |
||
111 | * |
||
112 | * @throws \RuntimeException |
||
113 | */ |
||
114 | View Code Duplication | private function createTemporaryFile(): string |
|
0 ignored issues
–
show
This method seems to be duplicated in your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
115 | { |
||
116 | $tmpDir = $this->tmpDir; |
||
117 | |||
118 | $tmpFileName = \md5(\uniqid((string) \mt_rand(), true)).'.p8'; |
||
119 | |||
120 | $tmpFilePath = $tmpDir.'/'.$tmpFileName; |
||
121 | |||
122 | $errorCode = $errorMessage = null; |
||
123 | |||
124 | \set_error_handler(function ($errCode, $errMessage) use (&$errorCode, &$errorMessage) { |
||
125 | $errorCode = $errCode; |
||
126 | $errorMessage = $errMessage; |
||
127 | }); |
||
128 | |||
129 | if (!\file_exists($tmpDir)) { |
||
130 | \mkdir($tmpDir, 0600, true); |
||
131 | |||
132 | if ($errorCode || $errorMessage) { |
||
133 | \restore_error_handler(); |
||
134 | |||
135 | // Error create directory |
||
136 | throw new \RuntimeException(sprintf( |
||
137 | 'Can not create temporary directory "%s". Error: %s [%d].', |
||
138 | $tmpDir, |
||
139 | $errorMessage ?: 'Undefined', |
||
140 | $errorCode ?: '0' |
||
141 | )); |
||
142 | } |
||
143 | } |
||
144 | |||
145 | \touch($tmpFilePath); |
||
146 | |||
147 | if ($errorCode || $errorMessage) { |
||
148 | \restore_error_handler(); |
||
149 | |||
150 | // Error create file |
||
151 | throw new \RuntimeException(sprintf( |
||
152 | 'Can not create temporary certificate file "%s". Error: %s [%d].', |
||
153 | $tmpFilePath, |
||
154 | $errorMessage ?: 'Undefined', |
||
155 | $errorCode ?: '0' |
||
156 | )); |
||
157 | } |
||
158 | |||
159 | \restore_error_handler(); |
||
160 | |||
161 | return $tmpFilePath; |
||
162 | } |
||
163 | |||
164 | /** |
||
165 | * Remove temporary file |
||
166 | * |
||
167 | * @param string $filePath |
||
168 | */ |
||
169 | private function removeTemporaryFile($filePath): void |
||
170 | { |
||
171 | // Set custom error handler for suppress error |
||
172 | \set_error_handler(function () { |
||
173 | }); |
||
174 | |||
175 | \unlink($filePath); |
||
176 | |||
177 | \restore_error_handler(); |
||
178 | } |
||
179 | } |
||
180 |
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.