Application - Code Metrics - bedita/manager - Measure and Improve Code Quality continuously with Scrutinizer

Application A
last analyzed 2025-11-07 05:53 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	214
Duplicated Lines	0 %

Importance

Changes

Metric	Value
eloc	80
c	0
b	0
f	0
dl	0
loc	214
rs	10
wmc	18

7 Methods

Rating	Name	Size	Complexity
A	middleware()	49	1
A	loadPluginsFromConfig()	8	4
A	bootstrapCli()	6	1
A	getAuthenticationService()	44	4
A	csrfMiddleware()	14	2
A	bootstrap()	21	3
A	loadProjectConfig()	9	3

<?php
/**
 * BEdita, API-first content management framework
 * Copyright 2022 ChannelWeb Srl, Chialab Srl
 *
 * This file is part of BEdita: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published
 * by the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * See LICENSE.LGPL or <http://gnu.org/licenses/lgpl-3.0.html> for more details.
 */
namespace App;

use App\Event\TreeCacheEventHandler;
use App\Identifier\ApiIdentifier;
use App\Middleware\ConfigurationMiddleware;
use App\Middleware\ProjectMiddleware;
use App\Middleware\RecoveryMiddleware;
use App\Middleware\StatusMiddleware;
use Authentication\AuthenticationService;
use Authentication\AuthenticationServiceInterface;
use Authentication\AuthenticationServiceProviderInterface;
use Authentication\Identifier\IdentifierInterface;
use Authentication\Middleware\AuthenticationMiddleware;
use BEdita\I18n\Middleware\I18nMiddleware;
use BEdita\WebTools\Middleware\OAuth2Middleware;
use Cake\Core\Configure;
use Cake\Core\Configure\Engine\PhpConfig;
use Cake\Error\Middleware\ErrorHandlerMiddleware;
use Cake\Event\EventManager;
use Cake\Http\BaseApplication;
use Cake\Http\Middleware\BodyParserMiddleware;
use Cake\Http\Middleware\CsrfProtectionMiddleware;
use Cake\Http\MiddlewareQueue;
use Cake\Routing\Middleware\AssetMiddleware;
use Cake\Routing\Middleware\RoutingMiddleware;
use Psr\Http\Message\ServerRequestInterface;

/**
 * Application class.
 */
class Application extends BaseApplication implements AuthenticationServiceProviderInterface
{
    /**
     * Default plugin options
     *
     * @var array
     */
    protected const PLUGIN_DEFAULTS = [
        'debugOnly' => false,
        'autoload' => false,
        'bootstrap' => true,
        'routes' => true,
        'ignoreMissing' => true,
    ];

    /**
     * @inheritDoc
     */
    public function bootstrap(): void
    {
        parent::bootstrap();

        if (PHP_SAPI === 'cli') {
            $this->bootstrapCli();
        }

        /*
         * Only try to load DebugKit in development mode
         * Debug Kit should not be installed on a production system
         */
        if (Configure::read('debug')) {
            $this->addOptionalPlugin('DebugKit');
        }

        $this->addPlugin('BEdita/WebTools');
        $this->addPlugin('BEdita/I18n');
        $this->addPlugin('Authentication');

        EventManager::instance()->on(new TreeCacheEventHandler());
    }

    /**
     * Load CLI plugins
     *
     * @return void
     */
    protected function bootstrapCli(): void
    {
        $this->addOptionalPlugin('Bake');
        $this->addOptionalPlugin('IdeHelper');
        $this->addOptionalPlugin('Cake/Repl');
        $this->loadPluginsFromConfig();
    }

    /**
     * Load plugins from 'Plugins' configuration.
     * This method will be invoked by `ProjectMiddleware`.
     * Should not be invoked in `bootstrap`, to avoid duplicate plugin bootstratp calls.
     *
     * @return void
     */
    public function loadPluginsFromConfig(): void
    {
        $plugins = (array)Configure::read('Plugins');
        foreach ($plugins as $plugin => $options) {
            $options = array_merge(static::PLUGIN_DEFAULTS, $options);
            if (!$options['debugOnly'] || Configure::read('debug')) {
                $this->addPlugin($plugin, $options);
                $this->plugins->get($plugin)->bootstrap($this);
            }
        }
    }

    /**
     * @inheritDoc
     */
    public function middleware($middlewareQueue): MiddlewareQueue
    {
        $middlewareQueue
            // Catch any exceptions in the lower layers,
            // and make an error page/response
            ->add(new ErrorHandlerMiddleware(Configure::read('Error')))

            // Load current project configuration if `multiproject` instance
            // Manager plugins will also be loaded here via `loadPluginsFromConfig()`
            ->add(new ProjectMiddleware($this))

            // Provides a `GET /status` endpoint. This must be
            ->add(new StatusMiddleware())

            // Load configuration from API for the current project.
            ->add(new ConfigurationMiddleware())

            // Handle plugin/theme assets like CakePHP normally does.
            ->add(new AssetMiddleware([
                'cacheTime' => Configure::read('Asset.cacheTime'),
            ]))

            // Add I18n middleware.
            ->add(new I18nMiddleware([
                'cookie' => Configure::read('I18n.cookie'),
                'switchLangUrl' => Configure::read('I18n.switchLangUrl'),
            ]))

            // Add routing middleware.
            ->add(new RoutingMiddleware($this))

            // Csrf Middleware
            ->add($this->csrfMiddleware())

            // Authentication middleware.
            ->add(new AuthenticationMiddleware($this))

            // Authentication middleware.
            ->add(new OAuth2Middleware())

            // Recovery middleware
            ->add(new RecoveryMiddleware())

            // Parse various types of encoded request bodies so that they are
            // available as array through $request->getData()
            // https://book.cakephp.org/4/en/controllers/middleware.html#body-parser-middleware
            ->add(new BodyParserMiddleware());

        return $middlewareQueue;
    }

    /**
     * Get internal Csrf Middleware
     *
     * @return \Cake\Http\Middleware\CsrfProtectionMiddleware
     */
    protected function csrfMiddleware(): CsrfProtectionMiddleware
    {
        // Csrf Middleware
        $csrf = new CsrfProtectionMiddleware(['httponly' => true]);
        // Token check will be skipped when callback returns `true`.
        $csrf->skipCheckCallback(function ($request) {
            $actions = (array)Configure::read(sprintf('CsrfExceptions.%s', $request->getParam('controller')));
            // Skip token check for API URLs.
            if (in_array($request->getParam('action'), $actions)) {
                return true;
            }
        });

        return $csrf;
    }

    /**
     * Load project configuration if corresponding config file is found
     *
     * @param string|null $project The project name.
     * @param string $projectsPath The project configuration files base path.
     * @return void
     */
    public static function loadProjectConfig(?string $project, string $projectsPath): void
    {
        if (empty($project)) {
            return;
        }

        if (file_exists($projectsPath . $project . '.php')) {
            Configure::config('projects', new PhpConfig($projectsPath));
            Configure::load($project, 'projects');
        }
    }

    /**
     * @inheritDoc
     */
    public function getAuthenticationService(ServerRequestInterface $request): AuthenticationServiceInterface
    {
        $service = new AuthenticationService([
            'unauthenticatedRedirect' => '/login',
            'queryParam' => 'redirect',
        ]);

        $path = $request->getUri()->getPath();
        $query = $request->getQueryParams();
        if (strpos($path, '/ext/login') === 0) {
            $providers = (array)Configure::read('OAuth2Providers');
            $service->loadIdentifier('BEdita/WebTools.OAuth2', compact('providers'));
            $service->loadAuthenticator('BEdita/WebTools.OAuth2', compact('providers') + [
                'redirect' => ['_name' => 'login:oauth2'],
            ]);

            if (empty($query)) {
                return $service;
            }
        }

        $service->loadAuthenticator('Authentication.Session', [
            'sessionKey' => 'BEditaManagerAuth',
            'fields' => [
                IdentifierInterface::CREDENTIAL_TOKEN => 'token',
            ],
        ]);

        $service->loadIdentifier(ApiIdentifier::class, [
                'timezoneField' => 'timezone',
        ]);

        if ($path === '/login') {
            $service->loadAuthenticator('Authentication.Form', [
                'loginUrl' => '/login',
                'fields' => [
                    IdentifierInterface::CREDENTIAL_USERNAME => 'username',
                    IdentifierInterface::CREDENTIAL_PASSWORD => 'password',
                    'timezone' => 'timezone_offset',
                ],
            ]);
        }

        return $service;
    }
}


1			<?php
2			/**
3			* BEdita, API-first content management framework
4			* Copyright 2022 ChannelWeb Srl, Chialab Srl
5			*
6			* This file is part of BEdita: you can redistribute it and/or modify
7			* it under the terms of the GNU Lesser General Public License as published
8			* by the Free Software Foundation, either version 3 of the License, or
9			* (at your option) any later version.
10			*
11			* See LICENSE.LGPL or <http://gnu.org/licenses/lgpl-3.0.html> for more details.
12			*/
13			namespace App;
14
15			use App\Event\TreeCacheEventHandler;
16			use App\Identifier\ApiIdentifier;
17			use App\Middleware\ConfigurationMiddleware;
18			use App\Middleware\ProjectMiddleware;
19			use App\Middleware\RecoveryMiddleware;
20			use App\Middleware\StatusMiddleware;
21			use Authentication\AuthenticationService;
22			use Authentication\AuthenticationServiceInterface;
23			use Authentication\AuthenticationServiceProviderInterface;
24			use Authentication\Identifier\IdentifierInterface;
25			use Authentication\Middleware\AuthenticationMiddleware;
26			use BEdita\I18n\Middleware\I18nMiddleware;
27			use BEdita\WebTools\Middleware\OAuth2Middleware;
28			use Cake\Core\Configure;
29			use Cake\Core\Configure\Engine\PhpConfig;
30			use Cake\Error\Middleware\ErrorHandlerMiddleware;
31			use Cake\Event\EventManager;
32			use Cake\Http\BaseApplication;
33			use Cake\Http\Middleware\BodyParserMiddleware;
34			use Cake\Http\Middleware\CsrfProtectionMiddleware;
35			use Cake\Http\MiddlewareQueue;
36			use Cake\Routing\Middleware\AssetMiddleware;
37			use Cake\Routing\Middleware\RoutingMiddleware;
38			use Psr\Http\Message\ServerRequestInterface;
39
40			/**
41			* Application class.
42			*/
43			class Application extends BaseApplication implements AuthenticationServiceProviderInterface
44			{
45			/**
46			* Default plugin options
47			*
48			* @var array
49			*/
50			protected const PLUGIN_DEFAULTS = [
51			'debugOnly' => false,
52			'autoload' => false,
53			'bootstrap' => true,
54			'routes' => true,
55			'ignoreMissing' => true,
56			];
57
58			/**
59			* @inheritDoc
60			*/
61			public function bootstrap(): void
62			{
63			parent::bootstrap();
64
65			if (PHP_SAPI === 'cli') {
66			$this->bootstrapCli();
67			}
68
69			/*
70			* Only try to load DebugKit in development mode
71			* Debug Kit should not be installed on a production system
72			*/
73			if (Configure::read('debug')) {
74			$this->addOptionalPlugin('DebugKit');
75			}
76
77			$this->addPlugin('BEdita/WebTools');
78			$this->addPlugin('BEdita/I18n');
79			$this->addPlugin('Authentication');
80
81			EventManager::instance()->on(new TreeCacheEventHandler());
82			}
83
84			/**
85			* Load CLI plugins
86			*
87			* @return void
88			*/
89			protected function bootstrapCli(): void
90			{
91			$this->addOptionalPlugin('Bake');
92			$this->addOptionalPlugin('IdeHelper');
93			$this->addOptionalPlugin('Cake/Repl');
94			$this->loadPluginsFromConfig();
95			}
96
97			/**
98			* Load plugins from 'Plugins' configuration.
99			* This method will be invoked by `ProjectMiddleware`.
100			* Should not be invoked in `bootstrap`, to avoid duplicate plugin bootstratp calls.
101			*
102			* @return void
103			*/
104			public function loadPluginsFromConfig(): void
105			{
106			$plugins = (array)Configure::read('Plugins');
107			foreach ($plugins as $plugin => $options) {
108			$options = array_merge(static::PLUGIN_DEFAULTS, $options);
109			if (!$options['debugOnly'] \|\| Configure::read('debug')) {
110			$this->addPlugin($plugin, $options);
111			$this->plugins->get($plugin)->bootstrap($this);
112			}
113			}
114			}
115
116			/**
117			* @inheritDoc
118			*/
119			public function middleware($middlewareQueue): MiddlewareQueue
120			{
121			$middlewareQueue
122			// Catch any exceptions in the lower layers,
123			// and make an error page/response
124			->add(new ErrorHandlerMiddleware(Configure::read('Error')))
125
126			// Load current project configuration if `multiproject` instance
127			// Manager plugins will also be loaded here via `loadPluginsFromConfig()`
128			->add(new ProjectMiddleware($this))
129
130			// Provides a `GET /status` endpoint. This must be
131			->add(new StatusMiddleware())
132
133			// Load configuration from API for the current project.
134			->add(new ConfigurationMiddleware())
135
136			// Handle plugin/theme assets like CakePHP normally does.
137			->add(new AssetMiddleware([
138			'cacheTime' => Configure::read('Asset.cacheTime'),
139			]))
140
141			// Add I18n middleware.
142			->add(new I18nMiddleware([
143			'cookie' => Configure::read('I18n.cookie'),
144			'switchLangUrl' => Configure::read('I18n.switchLangUrl'),
145			]))
146
147			// Add routing middleware.
148			->add(new RoutingMiddleware($this))
149
150			// Csrf Middleware
151			->add($this->csrfMiddleware())
152
153			// Authentication middleware.
154			->add(new AuthenticationMiddleware($this))
155
156			// Authentication middleware.
157			->add(new OAuth2Middleware())
158
159			// Recovery middleware
160			->add(new RecoveryMiddleware())
161
162			// Parse various types of encoded request bodies so that they are
163			// available as array through $request->getData()
164			// https://book.cakephp.org/4/en/controllers/middleware.html#body-parser-middleware
165			->add(new BodyParserMiddleware());
166
167			return $middlewareQueue;
168			}
169
170			/**
171			* Get internal Csrf Middleware
172			*
173			* @return \Cake\Http\Middleware\CsrfProtectionMiddleware
174			*/
175			protected function csrfMiddleware(): CsrfProtectionMiddleware
176			{
177			// Csrf Middleware
178			$csrf = new CsrfProtectionMiddleware(['httponly' => true]);
179			// Token check will be skipped when callback returns `true`.
180			$csrf->skipCheckCallback(function ($request) {
181			$actions = (array)Configure::read(sprintf('CsrfExceptions.%s', $request->getParam('controller')));
182			// Skip token check for API URLs.
183			if (in_array($request->getParam('action'), $actions)) {
184			return true;
185			}
186			});
187
188			return $csrf;
189			}
190
191			/**
192			* Load project configuration if corresponding config file is found
193			*
194			* @param string\|null $project The project name.
195			* @param string $projectsPath The project configuration files base path.
196			* @return void
197			*/
198			public static function loadProjectConfig(?string $project, string $projectsPath): void
199			{
200			if (empty($project)) {
201			return;
202			}
203
204			if (file_exists($projectsPath . $project . '.php')) {
205			Configure::config('projects', new PhpConfig($projectsPath));
206			Configure::load($project, 'projects');
207			}
208			}
209
210			/**
211			* @inheritDoc
212			*/
213			public function getAuthenticationService(ServerRequestInterface $request): AuthenticationServiceInterface
214			{
215			$service = new AuthenticationService([
216			'unauthenticatedRedirect' => '/login',
217			'queryParam' => 'redirect',
218			]);
219
220			$path = $request->getUri()->getPath();
221			$query = $request->getQueryParams();
222			if (strpos($path, '/ext/login') === 0) {
223			$providers = (array)Configure::read('OAuth2Providers');
224			$service->loadIdentifier('BEdita/WebTools.OAuth2', compact('providers'));
225			$service->loadAuthenticator('BEdita/WebTools.OAuth2', compact('providers') + [
226			'redirect' => ['_name' => 'login:oauth2'],
227			]);
228
229			if (empty($query)) {
230			return $service;
231			}
232			}
233
234			$service->loadAuthenticator('Authentication.Session', [
235			'sessionKey' => 'BEditaManagerAuth',
236			'fields' => [
237			IdentifierInterface::CREDENTIAL_TOKEN => 'token',
238			],
239			]);
240
241			$service->loadIdentifier(ApiIdentifier::class, [
242			'timezoneField' => 'timezone',
243			]);
244
245			if ($path === '/login') {
246			$service->loadAuthenticator('Authentication.Form', [
247			'loginUrl' => '/login',
248			'fields' => [
249			IdentifierInterface::CREDENTIAL_USERNAME => 'username',
250			IdentifierInterface::CREDENTIAL_PASSWORD => 'password',
251			'timezone' => 'timezone_offset',
252			],
253			]);
254			}
255
256			return $service;
257			}
258			}
259

bedita / manager

Application A last analyzed 2025-11-07 05:53 UTC

Complexity

Size/Duplication

Importance

7 Methods

Duplication Side-by-Side

Filter issues like

Application A
last analyzed 2025-11-07 05:53 UTC