HttpCerts::remove() - Code Metrics - alex-kalanis/kw_auth - Measure and Improve Code Quality continuously with Scrutinizer

HttpCerts::remove() A
last analyzed 2024-04-08 22:40 UTC

↳ Parent: HttpCerts

Complexity

Conditions	1
Paths	1

Size

Total Lines	3
Code Lines	1

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes	1
Bugs	0	Features	1

Metric	Value
cc	1
eloc	1
c	1
b	0
f	1
nc	1
nop	0
dl	0
loc	3
ccs	0
cts	2
cp	0
crap	2
rs	10

<?php

namespace kalanis\kw_auth\Methods;


use ArrayAccess;
use kalanis\kw_accounts\Interfaces\IAuthCert;
use kalanis\kw_address_handler\Handler;


/**
 * Class HttpCerts
 * @package kalanis\kw_auth\AuthMethods
 * Authenticate via http certificates
 * - public on server, private on client whom manage the site
 */
class HttpCerts extends AMethods
{
    public const INPUT_NAME = 'PHP_AUTH_USER';
    public const INPUT_PASS = 'PHP_AUTH_DIGEST';
    public const INPUT_SALT = 'salt';

    protected IAuthCert $certAuthenticator;
    protected Handler $uriHandler;
    /** @var ArrayAccess<string, string|int> */
    protected ArrayAccess $server;

    /**
     * @param IAuthCert $authenticator
     * @param AMethods|null $nextOne
     * @param Handler $uriHandler
     * @param ArrayAccess<string, string|int> $server
     */
    public function __construct(IAuthCert $authenticator, ?AMethods $nextOne, Handler $uriHandler, ArrayAccess $server)
    {
        parent::__construct($authenticator, $nextOne);
        $this->certAuthenticator = $authenticator;
        $this->uriHandler = $uriHandler;
        $this->server = $server;
    }

    public function process(\ArrayAccess $credentials): void
    {
        $name = $this->server->offsetExists(static::INPUT_NAME) ? strval($this->server->offsetGet(static::INPUT_NAME)) : '' ;
        $digest = $this->server->offsetExists(static::INPUT_PASS) ? strval($this->server->offsetGet(static::INPUT_PASS)) : '' ;
        $wantedUser = $this->certAuthenticator->getDataOnly(strval($name));
        $wantedCert = $this->certAuthenticator->getCertData(strval($name));
        if ($wantedUser && $wantedCert && $digest) {
            // now we have public key and salt from our storage, so it's time to check it

            // salt in
            $this->uriHandler->getParams()->offsetSet(static::INPUT_SALT, $wantedCert->getSalt());
            $data = strval($this->uriHandler->getAddress());

            // verify
            $result = openssl_verify($data, base64_decode(rawurldecode(strval($digest))), $wantedCert->getPubKey(), OPENSSL_ALGO_SHA256);
            if (1 === $result) {
                // OK
                $this->loggedUser = $wantedUser;
            }
        }
    }

    /**
     * @codeCoverageIgnore headers
     */
    public function remove(): void
    {
        $this->authNotExists();
    }

    /**
     * @codeCoverageIgnore headers
     */
    public function authNotExists(): void
    {
        header('HTTP/1.1 401 Unauthorized');
        header('WWW-Authenticate: DigestCert');
    }
}


1		<?php
2
3		namespace kalanis\kw_auth\Methods;
4
5
6		use ArrayAccess;
7		use kalanis\kw_accounts\Interfaces\IAuthCert;
8		use kalanis\kw_address_handler\Handler;
9
10
11		/**
12		* Class HttpCerts
13		* @package kalanis\kw_auth\AuthMethods
14		* Authenticate via http certificates
15		* - public on server, private on client whom manage the site
16		*/
17		class HttpCerts extends AMethods
18		{
19		public const INPUT_NAME = 'PHP_AUTH_USER';
20		public const INPUT_PASS = 'PHP_AUTH_DIGEST';
21		public const INPUT_SALT = 'salt';
22
23		protected IAuthCert $certAuthenticator;
24		protected Handler $uriHandler;
25		/** @var ArrayAccess<string, string\|int> */
26		protected ArrayAccess $server;
27
28		/**
29		* @param IAuthCert $authenticator
30		* @param AMethods\|null $nextOne
31		* @param Handler $uriHandler
32		* @param ArrayAccess<string, string\|int> $server
33		*/
34	1	public function __construct(IAuthCert $authenticator, ?AMethods $nextOne, Handler $uriHandler, ArrayAccess $server)
35		{
36	1	parent::__construct($authenticator, $nextOne);
37	1	$this->certAuthenticator = $authenticator;
38	1	$this->uriHandler = $uriHandler;
39	1	$this->server = $server;
40	1	}
41
42	1	public function process(\ArrayAccess $credentials): void
43		{
44	1	$name = $this->server->offsetExists(static::INPUT_NAME) ? strval($this->server->offsetGet(static::INPUT_NAME)) : '' ;
45	1	$digest = $this->server->offsetExists(static::INPUT_PASS) ? strval($this->server->offsetGet(static::INPUT_PASS)) : '' ;
46	1	$wantedUser = $this->certAuthenticator->getDataOnly(strval($name));
47	1	$wantedCert = $this->certAuthenticator->getCertData(strval($name));
48	1	if ($wantedUser && $wantedCert && $digest) {
49		// now we have public key and salt from our storage, so it's time to check it
50
51		// salt in
52	1	$this->uriHandler->getParams()->offsetSet(static::INPUT_SALT, $wantedCert->getSalt());
53	1	$data = strval($this->uriHandler->getAddress());
54
55		// verify
56	1	$result = openssl_verify($data, base64_decode(rawurldecode(strval($digest))), $wantedCert->getPubKey(), OPENSSL_ALGO_SHA256);
57	1	if (1 === $result) {
58		// OK
59	1	$this->loggedUser = $wantedUser;
60		}
61		}
62	1	}
63
64		/**
65		* @codeCoverageIgnore headers
66		*/
67		public function remove(): void
68		{
69		$this->authNotExists();
70		}
71
72		/**
73		* @codeCoverageIgnore headers
74		*/
75		public function authNotExists(): void
76		{
77		header('HTTP/1.1 401 Unauthorized');
78		header('WWW-Authenticate: DigestCert');
79		}
80		}
81

alex-kalanis / kw_auth

HttpCerts::remove() A last analyzed 2024-04-08 22:40 UTC

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like

HttpCerts::remove() A
last analyzed 2024-04-08 22:40 UTC