ApiAuthenticate - Code Metrics - Inspection of "fix: csrf token in meta config (#722)" - bedita/manager - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( ecaee8...5e3cc7 )

by Stefano

created 2022-03-17 11:27 UTC

ApiAuthenticate A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	39
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
wmc	2
eloc	15
c	1
b	0
f	0
dl	0
loc	39
rs	10

1 Method

Rating	Name	Duplication	Size	Complexity
A	authenticate()	0	18	2

<?php
/**
 * BEdita, API-first content management framework
 * Copyright 2018 ChannelWeb Srl, Chialab Srl
 *
 * This file is part of BEdita: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published
 * by the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * See LICENSE.LGPL or <http://gnu.org/licenses/lgpl-3.0.html> for more details.
 */

namespace App\Auth;

use BEdita\WebTools\ApiClientProvider;
use Cake\Auth\BaseAuthenticate;
use Cake\Http\Response;
use Cake\Http\ServerRequest;
use Cake\Utility\Hash;

/**
 * An authentication adapter for authenticating using BEdita 4 API /auth endpoint.
 *
 * @see https://docs.bedita.net/en/latest/authorization.html#authentication
 */
class ApiAuthenticate extends BaseAuthenticate
{
    /**
     * Default config for this object.
     *
     * - `fields` The fields to use to perform classic authentication.
     *
     * @var array
     */
    protected $_defaultConfig = [
        'fields' => [
            'username' => 'username',
            'password' => 'password',
        ],
    ];

    /**
     * {@inheritDoc}
     *
     * Perform authentication via /auth
     */
    public function authenticate(ServerRequest $request, Response $response)
    {
        /** @var \BEdita\SDK\BEditaClient $apiClient */
        $apiClient = ApiClientProvider::getApiClient();

        $usernameField = (string)$this->getConfig('fields.username', 'username');
        $passwordField = (string)$this->getConfig('fields.password', 'password');

        $result = $apiClient->authenticate((string)$request->getData($usernameField), (string)$request->getData($passwordField));
        if (empty($result['meta'])) {
            return false;
        }

        $tokens = $result['meta'];
        $result = $apiClient->get('/auth/user', null, ['Authorization' => sprintf('Bearer %s', $tokens['jwt'])]);
        $roles = Hash::extract($result, 'included.{n}.attributes.name');

        return $result['data'] + compact('tokens') + compact('roles');
    }
}


1			<?php
2			/**
3			* BEdita, API-first content management framework
4			* Copyright 2018 ChannelWeb Srl, Chialab Srl
5			*
6			* This file is part of BEdita: you can redistribute it and/or modify
7			* it under the terms of the GNU Lesser General Public License as published
8			* by the Free Software Foundation, either version 3 of the License, or
9			* (at your option) any later version.
10			*
11			* See LICENSE.LGPL or <http://gnu.org/licenses/lgpl-3.0.html> for more details.
12			*/
13
14			namespace App\Auth;
15
16			use BEdita\WebTools\ApiClientProvider;
17			use Cake\Auth\BaseAuthenticate;
18			use Cake\Http\Response;
19			use Cake\Http\ServerRequest;
20			use Cake\Utility\Hash;
21
22			/**
23			* An authentication adapter for authenticating using BEdita 4 API /auth endpoint.
24			*
25			* @see https://docs.bedita.net/en/latest/authorization.html#authentication
26			*/
27			class ApiAuthenticate extends BaseAuthenticate
28			{
29			/**
30			* Default config for this object.
31			*
32			* - `fields` The fields to use to perform classic authentication.
33			*
34			* @var array
35			*/
36			protected $_defaultConfig = [
37			'fields' => [
38			'username' => 'username',
39			'password' => 'password',
40			],
41			];
42
43			/**
44			* {@inheritDoc}
45			*
46			* Perform authentication via /auth
47			*/
48			public function authenticate(ServerRequest $request, Response $response)
49			{
50			/** @var \BEdita\SDK\BEditaClient $apiClient */
51			$apiClient = ApiClientProvider::getApiClient();
52
53			$usernameField = (string)$this->getConfig('fields.username', 'username');
54			$passwordField = (string)$this->getConfig('fields.password', 'password');
55
56			$result = $apiClient->authenticate((string)$request->getData($usernameField), (string)$request->getData($passwordField));
57			if (empty($result['meta'])) {
58			return false;
59			}
60
61			$tokens = $result['meta'];
62			$result = $apiClient->get('/auth/user', null, ['Authorization' => sprintf('Bearer %s', $tokens['jwt'])]);
63			$roles = Hash::extract($result, 'included.{n}.attributes.name');
64
65			return $result['data'] + compact('tokens') + compact('roles');
66			}
67			}
68

bedita / manager

Push — master ( ecaee8...5e3cc7 )

ApiAuthenticate A

Complexity

Size/Duplication

Importance

1 Method

Duplication Side-by-Side

Filter issues like