UrlHash   A
last analyzed

Complexity

Total Complexity 11

Size/Duplication

Total Lines 56
Duplicated Lines 0 %

Test Coverage

Coverage 100%

Importance

Changes 1
Bugs 0 Features 1
Metric Value
eloc 26
c 1
b 0
f 1
dl 0
loc 56
ccs 21
cts 21
cp 1
rs 10
wmc 11

3 Methods

Rating   Name   Duplication   Size   Complexity  
A remove() 0 2 1
B process() 0 21 9
A __construct() 0 6 1
1
<?php
2
3
namespace kalanis\kw_auth\Methods;
4
5
6
use kalanis\kw_accounts\Interfaces\IAuthCert;
7
use kalanis\kw_address_handler\Handler;
8
use kalanis\kw_auth\Traits\TStamp;
9
10
11
/**
12
 * Class UrlHash
13
 * @package kalanis\kw_auth\AuthMethods
14
 * Authenticate via hashed values
15
 *
16
 * query:
17
 * //dummy/u:whoami/?pass=asdf123ghjk456&timestamp=123456&digest=poiuztrewq
18
 *
19
 * makes following call:
20
 * hash($algorithm = <md5 | sha256 | ...> , $key = 'mnbvcx987' . $data = '//dummy/u:whoami/?pass=asdf123ghjk456&timestamp=123456&salt=789' , $signature = 'poiuztrewq'
21
 *
22
 * - it removed digest value and added locally stored salt
23
 */
24
class UrlHash extends AMethods
25
{
26
    use TStamp;
27
28
    public const INPUT_NAME = 'name';
29
    public const INPUT_NAME2 = 'user';
30
    public const INPUT_STAMP = 'timestamp';
31
    public const INPUT_DIGEST = 'digest';
32
    public const INPUT_SALT = 'salt';
33
34
    protected IAuthCert $certAuthenticator;
35
    protected Handler $uriHandler;
36
    protected string $algorithm = '';
37
38
    /**
39
     * @param IAuthCert $authenticator
40
     * @param AMethods|null $nextOne
41
     * @param Handler $uriHandler
42
     * @param string $algorithm for hash function
43
     * @link https://php.net/manual/en/function.hash.php
44
     */
45 5
    public function __construct(IAuthCert $authenticator, ?AMethods $nextOne, Handler $uriHandler, string $algorithm)
46
    {
47 5
        parent::__construct($authenticator, $nextOne);
48 5
        $this->certAuthenticator = $authenticator;
49 5
        $this->uriHandler = $uriHandler;
50 5
        $this->algorithm = $algorithm;
51 5
    }
52
53 5
    public function process(\ArrayAccess $credentials): void
54
    {
55 5
        $name = $credentials->offsetExists(static::INPUT_NAME) ? strval($credentials->offsetGet(static::INPUT_NAME)) : '' ;
56 5
        $name = $credentials->offsetExists(static::INPUT_NAME2) ? strval($credentials->offsetGet(static::INPUT_NAME2) ): $name ;
57 5
        $stamp = $credentials->offsetExists(static::INPUT_STAMP) ? intval(strval($credentials->offsetGet(static::INPUT_STAMP))) : 0 ;
58
59 5
        $wantedUser = $this->certAuthenticator->getDataOnly(strval($name));
60 5
        $wantedCert = $this->certAuthenticator->getCertData(strval($name));
61 5
        if ($wantedUser && $wantedCert && !empty($stamp) && $this->checkStamp($stamp)) {
62
            // now we have private salt from our storage, so it's time to check it
63
64
            // digest out, salt in
65 1
            $digest = strval($this->uriHandler->getParams()->offsetGet(static::INPUT_DIGEST));
66 1
            $this->uriHandler->getParams()->offsetUnset(static::INPUT_DIGEST);
67 1
            $this->uriHandler->getParams()->offsetSet(static::INPUT_SALT, $wantedCert->getSalt());
68 1
            $data = strval($this->uriHandler->getAddress());
69
70
            // verify
71 1
            if (hash($this->algorithm, $wantedCert->getPubKey() . $data) == $digest) {
72
                // OK
73 1
                $this->loggedUser = $wantedUser;
74
            }
75
        }
76 5
    }
77
78 5
    public function remove(): void
79
    {
80 5
    }
81
}
82