HttpCerts::authNotExists() - Code Metrics - Inspection of "kw_auth - separate user and cert data query, updat..." - alex-kalanis/kw_auth - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 4eab39...4163e3 )

by Petr

created 2024-01-30 01:12 UTC

HttpCerts::authNotExists() A

↳ Parent: HttpCerts

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes	1
Bugs	0	Features	1

Metric	Value
cc	1
eloc	2
c	1
b	0
f	1
nc	1
nop	0
dl	0
loc	4
ccs	0
cts	3
cp	0
crap	2
rs	10

<?php

namespace kalanis\kw_auth\Methods;


use ArrayAccess;
use kalanis\kw_accounts\Interfaces\IAuthCert;
use kalanis\kw_address_handler\Handler;


/**
 * Class HttpCerts
 * @package kalanis\kw_auth\AuthMethods
 * Authenticate via http certificates
 * - public on server, private on client whom manage the site
 */
class HttpCerts extends AMethods
{
    const INPUT_NAME = 'PHP_AUTH_USER';
    const INPUT_PASS = 'PHP_AUTH_DIGEST';
    const INPUT_SALT = 'salt';

    /** @var IAuthCert */
    protected $authenticator;
    /** @var Handler */
    protected $uriHandler = null;
    /** @var ArrayAccess<string, string|int> */
    protected $server = null;

    /**
     * @param IAuthCert $authenticator
     * @param AMethods|null $nextOne
     * @param Handler $uriHandler
     * @param ArrayAccess<string, string|int> $server
     */
    public function __construct(IAuthCert $authenticator, ?AMethods $nextOne, Handler $uriHandler, ArrayAccess $server)
    {
        parent::__construct($authenticator, $nextOne);
        $this->uriHandler = $uriHandler;
        $this->server = $server;
    }

    public function process(\ArrayAccess $credentials): void
    {
        $name = $this->server->offsetExists(static::INPUT_NAME) ? strval($this->server->offsetGet(static::INPUT_NAME)) : '' ;
        $digest = $this->server->offsetExists(static::INPUT_PASS) ? strval($this->server->offsetGet(static::INPUT_PASS)) : '' ;
        $wantedUser = $this->authenticator->getDataOnly(strval($name));
        $wantedCert = $this->authenticator->getCertData(strval($name));
        if ($wantedUser && $wantedCert && $digest) {
            // now we have public key and salt from our storage, so it's time to check it

            // salt in
            $this->uriHandler->getParams()->offsetSet(static::INPUT_SALT, $wantedCert->getSalt());
            $data = strval($this->uriHandler->getAddress());

            // verify
            $result = openssl_verify($data, base64_decode(rawurldecode(strval($digest))), $wantedCert->getPubKey(), OPENSSL_ALGO_SHA256);
            if (1 === $result) {
                // OK
                $this->loggedUser = $wantedUser;
            }
        }
    }

    /**
     * @codeCoverageIgnore headers
     */
    public function remove(): void
    {
        $this->authNotExists();
    }

    /**
     * @codeCoverageIgnore headers
     */
    public function authNotExists(): void
    {
        header('HTTP/1.1 401 Unauthorized');
        header('WWW-Authenticate: DigestCert');
    }
}


1		<?php
2
3		namespace kalanis\kw_auth\Methods;
4
5
6		use ArrayAccess;
7		use kalanis\kw_accounts\Interfaces\IAuthCert;
8		use kalanis\kw_address_handler\Handler;
9
10
11		/**
12		* Class HttpCerts
13		* @package kalanis\kw_auth\AuthMethods
14		* Authenticate via http certificates
15		* - public on server, private on client whom manage the site
16		*/
17		class HttpCerts extends AMethods
18		{
19		const INPUT_NAME = 'PHP_AUTH_USER';
20		const INPUT_PASS = 'PHP_AUTH_DIGEST';
21		const INPUT_SALT = 'salt';
22
23		/** @var IAuthCert */
24		protected $authenticator;
25		/** @var Handler */
26		protected $uriHandler = null;
27		/** @var ArrayAccess<string, string\|int> */
28		protected $server = null;
29
30		/**
31		* @param IAuthCert $authenticator
32		* @param AMethods\|null $nextOne
33		* @param Handler $uriHandler
34		* @param ArrayAccess<string, string\|int> $server
35		*/
36	1	public function __construct(IAuthCert $authenticator, ?AMethods $nextOne, Handler $uriHandler, ArrayAccess $server)
37		{
38	1	parent::__construct($authenticator, $nextOne);
39	1	$this->uriHandler = $uriHandler;
40	1	$this->server = $server;
41	1	}
42
43	1	public function process(\ArrayAccess $credentials): void
44		{
45	1	$name = $this->server->offsetExists(static::INPUT_NAME) ? strval($this->server->offsetGet(static::INPUT_NAME)) : '' ;
46	1	$digest = $this->server->offsetExists(static::INPUT_PASS) ? strval($this->server->offsetGet(static::INPUT_PASS)) : '' ;
47	1	$wantedUser = $this->authenticator->getDataOnly(strval($name));
48	1	$wantedCert = $this->authenticator->getCertData(strval($name));
49	1	if ($wantedUser && $wantedCert && $digest) {
50		// now we have public key and salt from our storage, so it's time to check it
51
52		// salt in
53	1	$this->uriHandler->getParams()->offsetSet(static::INPUT_SALT, $wantedCert->getSalt());
54	1	$data = strval($this->uriHandler->getAddress());
55
56		// verify
57	1	$result = openssl_verify($data, base64_decode(rawurldecode(strval($digest))), $wantedCert->getPubKey(), OPENSSL_ALGO_SHA256);
58	1	if (1 === $result) {
59		// OK
60	1	$this->loggedUser = $wantedUser;
61		}
62		}
63	1	}
64
65		/**
66		* @codeCoverageIgnore headers
67		*/
68		public function remove(): void
69		{
70		$this->authNotExists();
71		}
72
73		/**
74		* @codeCoverageIgnore headers
75		*/
76		public function authNotExists(): void
77		{
78		header('HTTP/1.1 401 Unauthorized');
79		header('WWW-Authenticate: DigestCert');
80		}
81		}
82

alex-kalanis / kw_auth

Push — master ( 4eab39...4163e3 )

HttpCerts::authNotExists() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like