AuthenticationMiddleware::AdminUserAuth() - Code Metrics - Inspection of "Merge pull request #376 from bakaphp/development" - bakaphp/canvas-core - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( 05d004...385b2f )

by Maximo

created 2020-05-14 14:16 UTC

AuthenticationMiddleware::AdminUserAuth() A

↳ Parent: AuthenticationMiddleware

Complexity

Conditions	2
Paths	1

Size

Total Lines	18
Code Lines	9

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	6

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	2
eloc	9
nc	1
nop	2
dl	0
loc	18
ccs	0
cts	0
cp	0
crap	6
rs	9.9666
c	1
b	0
f	0

<?php

declare(strict_types=1);

namespace Canvas\Middleware;

use Baka\Auth\Models\Sessions;
filter:
    dependency_paths: ["lib/*"]
use Canvas\Constants\Flags;
use Canvas\Http\Exception\UnauthorizedException;
use Canvas\Http\Exception\NotFoundException;
use Canvas\Models\AppsKeys;
use Canvas\Models\Apps;
use Canvas\Models\Users;
use Phalcon\Config;
use Phalcon\Http\RequestInterface;
use Phalcon\Mvc\Micro;
filter:
    dependency_paths: ["lib/*"]

/**
 * Class AuthenticationMiddleware.
 *
 * @package Canvas\Middleware
 */
class AuthenticationMiddleware extends TokenBase
{
    /**
     * Call me.
     *
     * @param Micro $api
     *
     * @todo need to check section for auth here
     *
     * @return bool
     */
    public function call(Micro $api)
    {
        $config = $api->getService('config');
        $request = $api->getService('request');

        /**
         * This is where we will find if the user exists based on
         * the token passed using Bearer Authentication.
         */
        if (!empty($request->getBearerTokenFromHeader())) {
            $token = $this->getToken($request->getBearerTokenFromHeader());
        } elseif ($request->hasHeader('Client-Id') && $request->hasHeader('Client-Secret-Id') && $request->hasHeader('KanvasKey')) {
            // Functions that authenticates user by client id, client secret id and app key
            $this->AdminUserAuth($api, $request);

            return true;
        } else {
            throw new UnauthorizedException('Missing Token');
        }

        $this->sessionUser($api, $config, $token, $request);

        return true;
    }

    /**
     * Get the real from the JWT Token.
     *
     * @param Micro $api
     * @param Config $config
     * @param string $token
     * @param RequestInterface $request
     *
     * @throws UnauthorizedException
     *
     * @return void
     */
    protected function sessionUser(Micro $api, Config $config, object $token, RequestInterface $request) : void
    {
        $api->getDI()->setShared(
            'userData',
            function () use ($config, $token, $request) {
                $session = new Sessions();

                //all is empty and is dev, ok take use the first user
                if (empty($token->getClaim('sessionId')) && strtolower($config->app->env) == Flags::DEVELOPMENT) {
                    return Users::findFirst(1);
                }

                if (!empty($token->getClaim('sessionId'))) {
                    //user
                    if (!$user = Users::getByEmail($token->getClaim('email'))) {
                        throw new UnauthorizedException('User not found');
                    }

                    $ip = !defined('API_TESTS') ? $request->getClientAddress() : '127.0.0.1';
                    return $session->check($user, $token->getClaim('sessionId'), (string) $ip, 1);
                } else {
                    throw new UnauthorizedException('User not found');
                }
            }
        );

        /**
         * This is where we will validate the token that was sent to us
         * using Bearer Authentication.
         *
         * Find the user attached to this token
         */
        if (!$token->validate(Users::getValidationData($token->getHeader('jti')))) {
            throw new UnauthorizedException('Invalid Token');
        }
    }

    /**
     * Anonymous user from token.
     *
     * @param Micro $api
     * @param Config $config
     * @param mixed $token
     * @param RequestInterface $request
     *
     * @return void
     */
    protected function anonymousUser(Micro $api, Config $config, $token, RequestInterface $request) : void
    {
        $api->getDI()->setShared(
            'userData',
            function () use ($config) {
                /**
                 * @todo we need to track session for anonymous user
                 */
                if ($anonymous = Users::findFirst('-1')) {
                    return $anonymous;
                }

                throw new UnauthorizedException(
                    strtolower($config->app->env) == Flags::DEVELOPMENT ?
                    'No anonymous user configured in the app' :
                    'Missing Token'
                );
            }
        );
    }

    /**
     * Authenticate Admin user by client id, client sercret id and apps keys.
     *
     * @param Micro $api
     * @param RequestInterface $request
     *
     * @return void
     *
     * @todo Add users validation by client id, client secret id, apps_id
     */
    protected function AdminUserAuth(Micro $api, RequestInterface $request) : void
    {
        $api->getDI()->setShared(
            'userData',
            function () use ($request) {

                //Get App record by its key
                $app = Apps::findFirstByKey($request->getHeader('KanvasKey'));

                if (!$app){
                    throw new NotFoundException(
                        'No app found with given key'
                    );
                }

                $appkeys = AppsKeys::validateAppsKeys($request->getHeader('Client-Id'), $request->getHeader('Client-Secret-Id'), $app->getId());

                return Users::findFirst($appkeys->users_id);
            }
        );
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace Canvas\Middleware;
6
7			use Baka\Auth\Models\Sessions;
			0 ignored issues – show Bug introduced 2020-05-14 14:09 UTC by Report Bug Copy Issue Report The type `Baka\Auth\Models\Sessions` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
8			use Canvas\Constants\Flags;
9			use Canvas\Http\Exception\UnauthorizedException;
10			use Canvas\Http\Exception\NotFoundException;
11			use Canvas\Models\AppsKeys;
12			use Canvas\Models\Apps;
13			use Canvas\Models\Users;
14			use Phalcon\Config;
15			use Phalcon\Http\RequestInterface;
16			use Phalcon\Mvc\Micro;
			0 ignored issues – show Bug introduced 2020-05-14 14:09 UTC by Report Bug Copy Issue Report The type `Phalcon\Mvc\Micro` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
17
18			/**
19			* Class AuthenticationMiddleware.
20			*
21			* @package Canvas\Middleware
22			*/
23			class AuthenticationMiddleware extends TokenBase
24			{
25			/**
26			* Call me.
27			*
28			* @param Micro $api
29			*
30			* @todo need to check section for auth here
31			*
32			* @return bool
33			*/
34			public function call(Micro $api)
35			{
36			$config = $api->getService('config');
37			$request = $api->getService('request');
38
39			/**
40			* This is where we will find if the user exists based on
41			* the token passed using Bearer Authentication.
42			*/
43			if (!empty($request->getBearerTokenFromHeader())) {
44			$token = $this->getToken($request->getBearerTokenFromHeader());
45			} elseif ($request->hasHeader('Client-Id') && $request->hasHeader('Client-Secret-Id') && $request->hasHeader('KanvasKey')) {
46			// Functions that authenticates user by client id, client secret id and app key
47			$this->AdminUserAuth($api, $request);
48
49			return true;
50			} else {
51			throw new UnauthorizedException('Missing Token');
52			}
53
54			$this->sessionUser($api, $config, $token, $request);
55
56			return true;
57			}
58
59			/**
60			* Get the real from the JWT Token.
61			*
62			* @param Micro $api
63			* @param Config $config
64			* @param string $token
65			* @param RequestInterface $request
66			*
67			* @throws UnauthorizedException
68			*
69			* @return void
70			*/
71			protected function sessionUser(Micro $api, Config $config, object $token, RequestInterface $request) : void
72			{
73			$api->getDI()->setShared(
74			'userData',
75			function () use ($config, $token, $request) {
76			$session = new Sessions();
77
78			//all is empty and is dev, ok take use the first user
79			if (empty($token->getClaim('sessionId')) && strtolower($config->app->env) == Flags::DEVELOPMENT) {
80			return Users::findFirst(1);
81			}
82
83			if (!empty($token->getClaim('sessionId'))) {
84			//user
85			if (!$user = Users::getByEmail($token->getClaim('email'))) {
86			throw new UnauthorizedException('User not found');
87			}
88
89			$ip = !defined('API_TESTS') ? $request->getClientAddress() : '127.0.0.1';
90			return $session->check($user, $token->getClaim('sessionId'), (string) $ip, 1);
91			} else {
92			throw new UnauthorizedException('User not found');
93			}
94			}
95			);
96
97			/**
98			* This is where we will validate the token that was sent to us
99			* using Bearer Authentication.
100			*
101			* Find the user attached to this token
102			*/
103			if (!$token->validate(Users::getValidationData($token->getHeader('jti')))) {
104			throw new UnauthorizedException('Invalid Token');
105			}
106			}
107
108			/**
109			* Anonymous user from token.
110			*
111			* @param Micro $api
112			* @param Config $config
113			* @param mixed $token
114			* @param RequestInterface $request
115			*
116			* @return void
117			*/
118			protected function anonymousUser(Micro $api, Config $config, $token, RequestInterface $request) : void
119			{
120			$api->getDI()->setShared(
121			'userData',
122			function () use ($config) {
123			/**
124			* @todo we need to track session for anonymous user
125			*/
126			if ($anonymous = Users::findFirst('-1')) {
127			return $anonymous;
128			}
129
130			throw new UnauthorizedException(
131			strtolower($config->app->env) == Flags::DEVELOPMENT ?
132			'No anonymous user configured in the app' :
133			'Missing Token'
134			);
135			}
136			);
137			}
138
139			/**
140			* Authenticate Admin user by client id, client sercret id and apps keys.
141			*
142			* @param Micro $api
143			* @param RequestInterface $request
144			*
145			* @return void
146			*
147			* @todo Add users validation by client id, client secret id, apps_id
148			*/
149			protected function AdminUserAuth(Micro $api, RequestInterface $request) : void
150			{
151			$api->getDI()->setShared(
152			'userData',
153			function () use ($request) {
154
155			//Get App record by its key
156			$app = Apps::findFirstByKey($request->getHeader('KanvasKey'));
157
158			if (!$app){
159			throw new NotFoundException(
160			'No app found with given key'
161			);
162			}
163
164			$appkeys = AppsKeys::validateAppsKeys($request->getHeader('Client-Id'), $request->getHeader('Client-Secret-Id'), $app->getId());
165
166			return Users::findFirst($appkeys->users_id);
167			}
168			);
169			}
170			}
171

bakaphp / canvas-core

Push — master ( 05d004...385b2f )

AuthenticationMiddleware::AdminUserAuth() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like