Issues in SSOSessionCheck.php - All Issues - Inspection of "Merge pull request #110 from tmilos/limit_symfony_..." - aerialship/SamlSPBundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( d5bbb9...ab4758 )

by Milos

created 2016-01-03 08:15 UTC

AerialShip/SamlSPBundle/Bridge/SSOSessionCheck.php (1 issue)

Labels

Best Practice 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace AerialShip\SamlSPBundle\Bridge;

use AerialShip\SamlSPBundle\Error\SSOSessionException;
use AerialShip\SamlSPBundle\RelyingParty\RelyingPartyInterface;
use AerialShip\SamlSPBundle\Security\Core\Authentication\Token\SamlSpToken;
use AerialShip\SamlSPBundle\State\SSO\SSOStateStoreInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Http\HttpUtils;

class SSOSessionCheck implements RelyingPartyInterface
{
    /** @var  string */
    protected $providerKey;

    /** @var \Symfony\Component\Security\Core\SecurityContextInterface  */
    protected $securityContext;

    /** @var \AerialShip\SamlSPBundle\State\SSO\SSOStateStoreInterface  */
    protected $ssoStore;

    /** @var \Symfony\Component\Security\Http\HttpUtils  */
    protected $httpUtils;


    function __construct($providerKey, SecurityContextInterface $securityContext, SSOStateStoreInterface $ssoStore, HttpUtils $httpUtils)

    {
        $this->providerKey = $providerKey;
        $this->securityContext = $securityContext;
        $this->ssoStore = $ssoStore;
        $this->httpUtils = $httpUtils;
    }



    /**
     * @param \Symfony\Component\HttpFoundation\Request $request
     * @return bool
     */
    public function supports(Request $request)
    {
        if ($this->httpUtils->checkRequestPath($request, $request->attributes->get('failure_path'))) {
            return false;
        }
        $token = $this->securityContext->getToken();
        $result = $token != null
                && $token->isAuthenticated()
                && $token instanceof SamlSpToken
                && $token->getSamlSpInfo() != null
                && $token->getSamlSpInfo()->getAuthnStatement() != null
        ;
        return $result;
    }


    /**
     * @param \Symfony\Component\HttpFoundation\Request $request
     * @throws \AerialShip\SamlSPBundle\Error\SSOSessionException
     * @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo|null
     */
    public function manage(Request $request)
    {
        /** @var SamlSpToken $token */
        $token = $this->securityContext->getToken();
        $samlSpInfo = $token->getSamlSpInfo();

        $ssoState = $this->ssoStore->getOneByNameIDSessionIndex(
            $token->getProviderKey(),
            $samlSpInfo->getAuthenticationServiceID(),
            $samlSpInfo->getNameID()->getValue(),
            $samlSpInfo->getAuthnStatement()->getSessionIndex()
        );
        if ($ssoState == null || $ssoState->getNameID() != $samlSpInfo->getNameID()->getValue()) {
            $this->securityContext->setToken(new AnonymousToken($this->providerKey, 'anon.'));
            $ex = new SSOSessionException('SSO session has expired');
            $ex->setToken($token);
            throw $ex;
        }

        return null;
    }
} 


1			<?php
2
3			namespace AerialShip\SamlSPBundle\Bridge;
4
5			use AerialShip\SamlSPBundle\Error\SSOSessionException;
6			use AerialShip\SamlSPBundle\RelyingParty\RelyingPartyInterface;
7			use AerialShip\SamlSPBundle\Security\Core\Authentication\Token\SamlSpToken;
8			use AerialShip\SamlSPBundle\State\SSO\SSOStateStoreInterface;
9			use Symfony\Component\HttpFoundation\Request;
10			use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
11			use Symfony\Component\Security\Core\SecurityContextInterface;
12			use Symfony\Component\Security\Http\HttpUtils;
13
14			class SSOSessionCheck implements RelyingPartyInterface
15			{
16			/** @var string */
17			protected $providerKey;
18
19			/** @var \Symfony\Component\Security\Core\SecurityContextInterface */
20			protected $securityContext;
21
22			/** @var \AerialShip\SamlSPBundle\State\SSO\SSOStateStoreInterface */
23			protected $ssoStore;
24
25			/** @var \Symfony\Component\Security\Http\HttpUtils */
26			protected $httpUtils;
27
28
29			function __construct($providerKey, SecurityContextInterface $securityContext, SSOStateStoreInterface $ssoStore, HttpUtils $httpUtils)
			0 ignored issues – show Best Practice introduced 2016-01-03 07:59 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
30			{
31			$this->providerKey = $providerKey;
32			$this->securityContext = $securityContext;
33			$this->ssoStore = $ssoStore;
34			$this->httpUtils = $httpUtils;
35			}
36
37
38
39			/**
40			* @param \Symfony\Component\HttpFoundation\Request $request
41			* @return bool
42			*/
43			public function supports(Request $request)
44			{
45			if ($this->httpUtils->checkRequestPath($request, $request->attributes->get('failure_path'))) {
46			return false;
47			}
48			$token = $this->securityContext->getToken();
49			$result = $token != null
50			&& $token->isAuthenticated()
51			&& $token instanceof SamlSpToken
52			&& $token->getSamlSpInfo() != null
53			&& $token->getSamlSpInfo()->getAuthnStatement() != null
54			;
55			return $result;
56			}
57
58
59			/**
60			* @param \Symfony\Component\HttpFoundation\Request $request
61			* @throws \AerialShip\SamlSPBundle\Error\SSOSessionException
62			* @return \Symfony\Component\HttpFoundation\Response\|SamlSpInfo\|null
63			*/
64			public function manage(Request $request)
65			{
66			/** @var SamlSpToken $token */
67			$token = $this->securityContext->getToken();
68			$samlSpInfo = $token->getSamlSpInfo();
69
70			$ssoState = $this->ssoStore->getOneByNameIDSessionIndex(
71			$token->getProviderKey(),
72			$samlSpInfo->getAuthenticationServiceID(),
73			$samlSpInfo->getNameID()->getValue(),
74			$samlSpInfo->getAuthnStatement()->getSessionIndex()
75			);
76			if ($ssoState == null \|\| $ssoState->getNameID() != $samlSpInfo->getNameID()->getValue()) {
77			$this->securityContext->setToken(new AnonymousToken($this->providerKey, 'anon.'));
78			$ex = new SSOSessionException('SSO session has expired');
79			$ex->setToken($token);
80			throw $ex;
81			}
82
83			return null;
84			}
85			}
86

aerialship / SamlSPBundle

Push — master ( d5bbb9...ab4758 )

AerialShip/SamlSPBundle/Bridge/SSOSessionCheck.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like