AzineHybridAuth - Code Metrics - Inspection of "Issue/17136 linkedin api migration" - azine/AzineHybridAuthBundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#14)

by Dominik

created 2019-06-25 11:17 UTC

AzineHybridAuth A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	273
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	9

Test Coverage

Coverage

14.85%

Importance

Changes

Metric	Value
wmc	33
lcom	1
cbo	9
dl	0
loc	273
ccs	15
cts	101
cp	0.1485
rs	9.76
c	0
b	0
f	0

11 Methods

Rating	Name	Size	Complexity
A	__construct()	15	2
D	getInstance()	49	13
A	storeHybridAuthSessionData()	10	2
A	deleteSession()	10	3
A	saveAuthSessionData()	19	4
A	getCookieName()	4	1
A	getProvider()	9	3
A	isConnected()	8	1
A	getLinkedIn()	4	1
A	getLinkedInApi()	4	1
A	isExpiredSession()	8	2

<?php

namespace Azine\HybridAuthBundle\Services;

use Azine\HybridAuthBundle\DependencyInjection\AzineHybridAuthExtension;
use Azine\HybridAuthBundle\Entity\HybridAuthSessionData;
use Doctrine\Common\Persistence\ObjectManager;
use Hybridauth\Hybridauth;
use Symfony\Component\HttpFoundation\Cookie;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\User\UserInterface;

class AzineHybridAuth
{
    /**
     * ID of the sessionDataCookie.
     */
    const cookieName = 'azine_hybridauth_session';

    /**
     * @var ObjectManager
     */
    private $objectManager;

    /**
     * @var UserInterface
     */
    private $currentUser;

    /**
     * @var bool
     */
    private $storeForUser;

    /**
     * @var bool
     */
    private $storeAsCookie;

    /**
     * @var int
     */
    private $expiresInDays;

    /**
     * Configured Instances of HybridAuth.
     *
     * @var array or HybridAuth
     */
    private $instances = array();

    /**
     * HybridAuth configuration.
     *
     * @var array
     */
    private $config;

    /**
     * @param UrlGeneratorInterface $router
     * @param TokenStorageInterface $tokenStorage
     * @param ObjectManager         $manager
     * @param array                 $config
     * @param bool                  $storeForUser
     * @param $storeAsCookie
     * @param $expiresInDays
     */
    public function __construct(UrlGeneratorInterface $router, TokenStorageInterface $tokenStorage, ObjectManager $manager, $config, $storeForUser, $storeAsCookie, $expiresInDays)
    {
        $base_url = $router->generate($config[AzineHybridAuthExtension::ENDPOINT_ROUTE], array(), UrlGeneratorInterface::ABSOLUTE_URL);
        $config[AzineHybridAuthExtension::BASE_URL] = $base_url;
        $this->config = $config;
        $this->config['callback'] = $base_url;
        $this->objectManager = $manager;
        $this->storeForUser = $storeForUser;
        $this->storeAsCookie = $storeAsCookie;
        $user = $tokenStorage->getToken()->getUser();
        if ($user instanceof UserInterface) {
            $this->currentUser = $user;
        }
        $this->expiresInDays = $expiresInDays;
    }

    /**
     * Get a AdapterInterface instance initialised for the given provider.
     * HybridAuthSessions will be restored from DB and/or cookies, according to the bundle configuration.
     *
     * @param $cookieSessionData
     * @param $provider
     *
     * @return \Hybridauth\Adapter\AdapterInterface
     */
    public function getInstance($cookieSessionData, $provider)
    {
        if (array_key_exists($provider, $this->instances)) {
            $hybridAuth = $this->instances[$provider];
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        } else {
            $hybridAuth = new Hybridauth($this->config);
            $this->instances[$provider] = $hybridAuth;
        }

        $adapter = $this->instances[$provider]->getAdapter($provider);
if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) {
    throw new \InvalidArgumentException('This input is not allowed.');
}
        $restoredFromDB = false;
        $sessionData = null;
        $isExpiredSession = false;

        $result = null;
        if ($this->currentUser instanceof UserInterface) {
            $result = $this->objectManager->getRepository('AzineHybridAuthBundle:HybridAuthSessionData')->findOneBy(array('username' => $this->currentUser->getUsername(), 'provider' => $provider));
        }

        if ($result instanceof HybridAuthSessionData) {
            $isExpiredSession = $this->isExpiredSession($result);
        }

        if ($isExpiredSession) {
            $this->deleteSession($provider);
        }

        if (!$isExpiredSession && $this->storeForUser && $this->currentUser instanceof UserInterface) {
            // try from database
            if ($result) {
                $sessionData = $result->getSessionData();
                $restoredFromDB = true;
            }
        }
        if (null === $sessionData && null !== $cookieSessionData) {
            // try from cookie
            $sessionData = gzinflate($cookieSessionData);

            // user is looged in but auth session is not yet stored in db => store now
            if (!$restoredFromDB) {
                $this->saveAuthSessionData($sessionData, $provider);
            }
        }
        if ($sessionData) {

            $adapter->setAccessToken(json_decode($sessionData, true));
        }
        return $adapter;
    }

    /**
     * @param Request $request
     * @param $provider
     * @param $sessionData
     *
     * @return Cookie | null
     */
    public function storeHybridAuthSessionData(Request $request, $provider, $sessionData)
    {
        $this->saveAuthSessionData($sessionData, $provider);

        if ($this->storeAsCookie) {
            return new Cookie($this->getCookieName($provider), gzdeflate($sessionData), new \DateTime($this->expiresInDays.' days'), '/', $request->getHost(), $request->isSecure(), true);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
        }

        return null;
    }

    /**
     * Delete the HybridAuthSessionData entity from the database.
     *
     * @param $provider
     */
    public function deleteSession($provider)
    {
        if ($this->currentUser instanceof UserInterface) {
            $result = $this->objectManager->getRepository('AzineHybridAuthBundle:HybridAuthSessionData')->findOneBy(array('username' => $this->currentUser->getUsername(), 'provider' => $provider));
            if ($result) {
                $this->objectManager->remove($result);
                $this->objectManager->flush();
            }
        }
    }

    /**
     * Save as HybridAuthSessionData entity to the database.
     * Checks the bundle configuration before saving.
     *
     * @param $sessionData
     * @param $provider
     */
    private function saveAuthSessionData($sessionData, $provider)
    {
        if ($this->storeForUser && $this->currentUser instanceof UserInterface) {
            $hybridAuthData = $this->objectManager->getRepository('AzineHybridAuthBundle:HybridAuthSessionData')->findOneBy(array('username' => $this->currentUser->getUsername(), 'provider' => strtolower($provider)));
            if (!$hybridAuthData) {
                $hybridAuthData = new HybridAuthSessionData();
                $hybridAuthData->setUserName($this->currentUser->getUsername());
                $hybridAuthData->setProvider(strtolower($provider));

                $expirationDate = new \DateTime();
                $expirationDate->modify('+ '.$this->expiresInDays.' day');

                $hybridAuthData->setExpiresAt($expirationDate);
                $this->objectManager->persist($hybridAuthData);
            }
            $hybridAuthData->setSessionData($sessionData);
            $this->objectManager->flush();
        }
    }

    public function getCookieName($provider)
    {
        return self::cookieName.'_'.strtolower($provider);
    }

    /**
     * Use this function to get access to a \Hybridauth\Adapter\AdapterInterface instance.
     *
     * Calling this method will log the user in (make a roundtrip to the providers site and back to your site again)
     * and call the page again that you came from.
     *
     * When logged (allready) it will return the hybridAuth provider.
     *
     * @param $authSessionData
     * @param string $provider_id
     * @param bool   $require_login
     *
     * @return \Hybridauth\Adapter\AdapterInterface
     */
    public function getProvider($authSessionData, $provider_id, $require_login = true)
    {
        $adapter = $this->getInstance($authSessionData, $provider_id);
        if ($require_login && !$adapter->isConnected()) {
            $adapter->login();

        }

        return $adapter;
    }

    /**
     * Check if the current user has allowed access to the given provider.
     *
     * @param Request $request
     * @param string  $provider_id
     *
     * @return bool true if access to the provider is granted for this app
     */
    public function isConnected(Request $request, $provider_id)
    {
        $sessionData = $request->cookies->get($this->getCookieName($provider_id));
        $adapter = $this->getInstance($sessionData, $provider_id);
        $connected = $adapter->isConnected();

        return $connected;
    }

    /**
     * Get the LinkedIn Adapter.
     *
     * @return \Hybrid_Providers_LinkedIn
     */
    public function getLinkedIn()
    {
        return $this->getProvider(null, 'linkedin');
    }

    /**
     * Get the LinkedIn api (LinkedIn PHP-client).
     *
     * @return \LinkedIn
     */
    public function getLinkedInApi()
    {
        return $this->getLinkedIn()->api();

    }

    /**
     * Get if auth token is expired.
     *
     * @param HybridAuthSessionData $data
     *
     * @return bool
     */
    public function isExpiredSession(HybridAuthSessionData $data)
    {
        if ($data->getExpiresAt() < new \DateTime()) {
            return true;
        }

        return false;
    }
}


Pull Request — master (#14)

AzineHybridAuth A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

11 Methods

4 paths for user data to reach this point

General Strategies to prevent injection

1		<?php
2
3		namespace Azine\HybridAuthBundle\Services;
4
5		use Azine\HybridAuthBundle\DependencyInjection\AzineHybridAuthExtension;
6		use Azine\HybridAuthBundle\Entity\HybridAuthSessionData;
7		use Doctrine\Common\Persistence\ObjectManager;
8		use Hybridauth\Hybridauth;
9		use Symfony\Component\HttpFoundation\Cookie;
10		use Symfony\Component\HttpFoundation\Request;
11		use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
12		use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
13		use Symfony\Component\Security\Core\User\UserInterface;
14
15		class AzineHybridAuth
16		{
17		/**
18		* ID of the sessionDataCookie.
19		*/
20		const cookieName = 'azine_hybridauth_session';
21
22		/**
23		* @var ObjectManager
24		*/
25		private $objectManager;
26
27		/**
28		* @var UserInterface
29		*/
30		private $currentUser;
31
32		/**
33		* @var bool
34		*/
35		private $storeForUser;
36
37		/**
38		* @var bool
39		*/
40		private $storeAsCookie;
41
42		/**
43		* @var int
44		*/
45		private $expiresInDays;
46
47		/**
48		* Configured Instances of HybridAuth.
49		*
50		* @var array or HybridAuth
51		*/
52		private $instances = array();
53
54		/**
55		* HybridAuth configuration.
56		*
57		* @var array
58		*/
59		private $config;
60
61		/**
62		* @param UrlGeneratorInterface $router
63		* @param TokenStorageInterface $tokenStorage
64		* @param ObjectManager $manager
65		* @param array $config
66		* @param bool $storeForUser
67	2	* @param $storeAsCookie
68	2	* @param $expiresInDays
69	2	*/
70	2	public function __construct(UrlGeneratorInterface $router, TokenStorageInterface $tokenStorage, ObjectManager $manager, $config, $storeForUser, $storeAsCookie, $expiresInDays)
71	2	{
72	2	$base_url = $router->generate($config[AzineHybridAuthExtension::ENDPOINT_ROUTE], array(), UrlGeneratorInterface::ABSOLUTE_URL);
73	2	$config[AzineHybridAuthExtension::BASE_URL] = $base_url;
74	2	$this->config = $config;
75	2	$this->config['callback'] = $base_url;
76		$this->objectManager = $manager;
77		$this->storeForUser = $storeForUser;
78	2	$this->storeAsCookie = $storeAsCookie;
79	2	$user = $tokenStorage->getToken()->getUser();
80		if ($user instanceof UserInterface) {
81		$this->currentUser = $user;
82		}
83		$this->expiresInDays = $expiresInDays;
84		}
85
86		/**
87		* Get a AdapterInterface instance initialised for the given provider.
88		* HybridAuthSessions will be restored from DB and/or cookies, according to the bundle configuration.
89		*
90		* @param $cookieSessionData
91		* @param $provider
92		*
93		* @return \Hybridauth\Adapter\AdapterInterface
94		*/
95		public function getInstance($cookieSessionData, $provider)
96		{
97		if (array_key_exists($provider, $this->instances)) {
98		$hybridAuth = $this->instances[$provider];
		0 ignored issues – show Unused Code introduced 2019-02-26 12:15 UTC by Report Bug Copy Issue Report `$hybridAuth` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
99		} else {
100		$hybridAuth = new Hybridauth($this->config);
101		$this->instances[$provider] = $hybridAuth;
102		}
103
104		$adapter = $this->instances[$provider]->getAdapter($provider);
		0 ignored issues – show Security Code Execution introduced 2019-02-26 12:15 UTC by Report Bug Copy Issue Report `$provider` can contain request data and is used in code execution context(s) leading to a potential security vulnerability. 4 paths for user data to reach this point 1. Path: Entered via action parameter `$provider` in Controller/AzineHybridAuthJsonController.php on line 45 Entered via action parameter `$provider` in vendor/Controller/AzineHybridAuthJsonController.php on line 45 `$provider` is passed to AzineHybridAuth::getInstance() in Controller/AzineHybridAuthJsonController.php on line 53 2. Path: Entered via action parameter `$provider` in Controller/AzineHybridAuthJsonController.php on line 97 Entered via action parameter `$provider` in vendor/Controller/AzineHybridAuthJsonController.php on line 97 `$provider` is passed to AzineHybridAuth::getProvider() in Controller/AzineHybridAuthJsonController.php on line 101 `$provider_id` is passed to AzineHybridAuth::getInstance() in Services/AzineHybridAuth.php on line 227 3. Path: Entered via action parameter `$provider` in Controller/AzineHybridAuthJsonController.php on line 141 Entered via action parameter `$provider` in vendor/Controller/AzineHybridAuthJsonController.php on line 141 `$provider` is passed to AzineHybridAuth::getProvider() in Controller/AzineHybridAuthJsonController.php on line 144 `$provider_id` is passed to AzineHybridAuth::getInstance() in Services/AzineHybridAuth.php on line 227 4. Path: Entered via action parameter `$provider` in Controller/AzineHybridAuthJsonController.php on line 23 Entered via action parameter `$provider` in vendor/Controller/AzineHybridAuthJsonController.php on line 23 `$provider` is passed to AzineHybridAuth::isConnected() in Controller/AzineHybridAuthJsonController.php on line 26 `$provider_id` is passed to AzineHybridAuth::getInstance() in Services/AzineHybridAuth.php on line 246 General Strategies to prevent injection In general, it is advisable to prevent any user-data to reach this point. This can be done by white-listing certain values: if ( ! in_array($value, array('this-is-allowed', 'and-this-too'), true)) { throw new \InvalidArgumentException('This input is not allowed.'); } For numeric data, we recommend to explicitly cast the data: $sanitized = (integer) $tainted; Loading history...
105		$restoredFromDB = false;
106		$sessionData = null;
107		$isExpiredSession = false;
108
109		$result = null;
110		if ($this->currentUser instanceof UserInterface) {
111		$result = $this->objectManager->getRepository('AzineHybridAuthBundle:HybridAuthSessionData')->findOneBy(array('username' => $this->currentUser->getUsername(), 'provider' => $provider));
112		}
113
114		if ($result instanceof HybridAuthSessionData) {
115		$isExpiredSession = $this->isExpiredSession($result);
116		}
117
118		if ($isExpiredSession) {
119		$this->deleteSession($provider);
120		}
121
122		if (!$isExpiredSession && $this->storeForUser && $this->currentUser instanceof UserInterface) {
123		// try from database
124		if ($result) {
125		$sessionData = $result->getSessionData();
126		$restoredFromDB = true;
127		}
128		}
129		if (null === $sessionData && null !== $cookieSessionData) {
130		// try from cookie
131		$sessionData = gzinflate($cookieSessionData);
132
133		// user is looged in but auth session is not yet stored in db => store now
134		if (!$restoredFromDB) {
135		$this->saveAuthSessionData($sessionData, $provider);
136		}
137		}
138		if ($sessionData) {
139
140		$adapter->setAccessToken(json_decode($sessionData, true));
141		}
142		return $adapter;
143		}
144
145		/**
146		* @param Request $request
147		* @param $provider
148		* @param $sessionData
149		*
150		* @return Cookie \| null
151		*/
152		public function storeHybridAuthSessionData(Request $request, $provider, $sessionData)
153		{
154		$this->saveAuthSessionData($sessionData, $provider);
155
156		if ($this->storeAsCookie) {
157		return new Cookie($this->getCookieName($provider), gzdeflate($sessionData), new \DateTime($this->expiresInDays.' days'), '/', $request->getHost(), $request->isSecure(), true);
		0 ignored issues – show Documentation introduced 2017-02-28 13:30 UTC by Report Bug Copy Issue Report `new \DateTime($this->expiresInDays . ' days')` is of type `object<DateTime>`, but the function expects a `integer`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
158		}
159
160		return null;
161		}
162
163		/**
164		* Delete the HybridAuthSessionData entity from the database.
165		*
166		* @param $provider
167		*/
168		public function deleteSession($provider)
169		{
170		if ($this->currentUser instanceof UserInterface) {
171		$result = $this->objectManager->getRepository('AzineHybridAuthBundle:HybridAuthSessionData')->findOneBy(array('username' => $this->currentUser->getUsername(), 'provider' => $provider));
172		if ($result) {
173		$this->objectManager->remove($result);
174		$this->objectManager->flush();
175		}
176		}
177		}
178
179		/**
180		* Save as HybridAuthSessionData entity to the database.
181		* Checks the bundle configuration before saving.
182		*
183		* @param $sessionData
184		* @param $provider
185		*/
186		private function saveAuthSessionData($sessionData, $provider)
187		{
188		if ($this->storeForUser && $this->currentUser instanceof UserInterface) {
189		$hybridAuthData = $this->objectManager->getRepository('AzineHybridAuthBundle:HybridAuthSessionData')->findOneBy(array('username' => $this->currentUser->getUsername(), 'provider' => strtolower($provider)));
190		if (!$hybridAuthData) {
191		$hybridAuthData = new HybridAuthSessionData();
192		$hybridAuthData->setUserName($this->currentUser->getUsername());
193		$hybridAuthData->setProvider(strtolower($provider));
194
195		$expirationDate = new \DateTime();
196		$expirationDate->modify('+ '.$this->expiresInDays.' day');
197
198		$hybridAuthData->setExpiresAt($expirationDate);
199		$this->objectManager->persist($hybridAuthData);
200		}
201		$hybridAuthData->setSessionData($sessionData);
202		$this->objectManager->flush();
203		}
204		}
205
206		public function getCookieName($provider)
207		{
208		return self::cookieName.'_'.strtolower($provider);
209		}
210
211		/**
212		* Use this function to get access to a \Hybridauth\Adapter\AdapterInterface instance.
213		*
214		* Calling this method will log the user in (make a roundtrip to the providers site and back to your site again)
215		* and call the page again that you came from.
216		*
217		* When logged (allready) it will return the hybridAuth provider.
218		*
219		* @param $authSessionData
220		* @param string $provider_id
221		* @param bool $require_login
222		*
223		* @return \Hybridauth\Adapter\AdapterInterface
224		*/
225		public function getProvider($authSessionData, $provider_id, $require_login = true)
226		{
227		$adapter = $this->getInstance($authSessionData, $provider_id);
228		if ($require_login && !$adapter->isConnected()) {
229		$adapter->login();
		0 ignored issues – show Bug introduced 2019-02-26 12:15 UTC by Report Bug Copy Issue Report The method `login()` does not seem to exist on `object<Hybridauth\Adapter\AdapterInterface>`. This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed. Loading history...
230		}
231
232		return $adapter;
233		}
234
235		/**
236		* Check if the current user has allowed access to the given provider.
237		*
238		* @param Request $request
239		* @param string $provider_id
240		*
241		* @return bool true if access to the provider is granted for this app
242		*/
243		public function isConnected(Request $request, $provider_id)
244		{
245		$sessionData = $request->cookies->get($this->getCookieName($provider_id));
246		$adapter = $this->getInstance($sessionData, $provider_id);
247		$connected = $adapter->isConnected();
248
249		return $connected;
250		}
251
252		/**
253		* Get the LinkedIn Adapter.
254		*
255		* @return \Hybrid_Providers_LinkedIn
256		*/
257		public function getLinkedIn()
258		{
259		return $this->getProvider(null, 'linkedin');
260		}
261
262		/**
263		* Get the LinkedIn api (LinkedIn PHP-client).
264		*
265		* @return \LinkedIn
266		*/
267	2	public function getLinkedInApi()
268		{
269	2	return $this->getLinkedIn()->api();
		0 ignored issues – show Bug introduced 2019-02-26 12:15 UTC by Report Bug Copy Issue Report The method `api()` does not seem to exist on `object<Hybridauth\Adapter\AdapterInterface>`. This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed. Loading history...
270		}
271	1
272		/**
273		* Get if auth token is expired.
274	1	*
275		* @param HybridAuthSessionData $data
276		*
277		* @return bool
278		*/
279		public function isExpiredSession(HybridAuthSessionData $data)
280		{
281		if ($data->getExpiresAt() < new \DateTime()) {
282		return true;
283		}
284
285		return false;
286		}
287		}
288

azine / AzineHybridAuthBundle

Pull Request — master (#14)

AzineHybridAuth A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

11 Methods

4 paths for user data to reach this point

General Strategies to prevent injection

Duplication Side-by-Side

Filter issues like