Issues in MyProxy.php - All Issues - Inspection of "Check if incoming $storetype is null before crushi..." - cilogon/service-lib - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 562ec1...c64a31 )

by Terrence

created 2020-12-10 20:07 UTC

src/Service/MyProxy.php (5 issues)

Labels

Bug 5

Severity

Major 5

<?php

namespace CILogon\Service;

use CILogon\Service\Util;

/**
 * MyProxy
 */
class MyProxy
{
    /**
     * getMyProxyCredential
     *
     * This function gets an X.509 credential (as a string) for a user.
     *
     * @param string $username The MyProxy user name (-l)
     * @param string $passphrase (Optional) The MyProxy password for the
     *        username (-S). Defaults to empty string.  NOTE: If $passphrase
     *        is non-empty, you CANNOT set a $certreq.
     * @param string $server (Optional) The MyProxy server to connect to (-s).
     *        Defaults to MYPROXY_HOST.
     * @param int $port (Optional) The port for the MyProxy server (-p).
     *        Defaults to MYPROXY_PORT.
     * @param int $lifetime (Optional) The life of the proxy in hours (-t).
     *        Defaults to MYPROXY_LIFETIME hours.
     * @param string $usercert (Optional) The X509_USER_CERT environment
     *        variable, OR the X509_USER_PROXY environment variable if
     *        $userkey is set to the empty string.  Defaults to empty string.
     * @param string $userkey (Optional) The X509_USER_KEY environment
     *        variable. Defaults to empty string.
     * @param string $certreq (Optional) A certificate request created by the
     *        openssl req command (--certreq).  Defaults to empty string.
     *        NOTE: If $certreq is non-empty, you CANNOT set a $passphrase.
     * @param string $env (Optional) Extra environment variables in the form
     *        of space-separated 'key=value' pairs.
     * @return string An X509 credential in a string upon success, or
     *         an empty string upon failure.
     */
    public static function getMyProxyCredential(
        $username,
        $passphrase = '',
        $server = MYPROXY_HOST,

        $port = MYPROXY_PORT,

        $lifetime = MYPROXY_LIFETIME,

        $usercert = '',
        $userkey = '',
        $certreq = '',
        $env = ''
    ) {
        $retstr = '';

        // Verify the myproxy-logon binary has been configured
        if ((!defined('MYPROXY_LOGON')) || (empty(MYPROXY_LOGON))) {

            Util::sendErrorAlert(
                'getMyProxyCredential Error',
                'MyProxy Error = myproxy-logon binary not configured'
            );
            return $retstr;
        }

        // Make sure the username passed in is not empty
        if (strlen($username) == 0) {
            Util::sendErrorAlert(
                'getMyProxyCredential Error',
                'MyProxy Error = Missing MyProxy username'
            );
            return $retstr;
        }

        // Don't allow weird port numbers, i.e. negative or over 65535
        if (($port < 0) || ($port > 65535)) {
            $port = MYPROXY_PORT;
        }

        // Don't allow weird lifetimes, i.e. negative or over 5 years
        if (($lifetime < 0) || ($lifetime > 43800)) {
            $lifetime = MYPROXY_LIFETIME;
        }

        // If the usercert (X509_USER_CERT) is specified, check to see if
        // the userkey (X509_USER_KEY) was as well.  If not, set userkey to
        // usercert, in effect making usercert act like X509_USER_PROXY. Then,
        // set the USER_CERT_ENV variable to bundle the two parameters into a
        // single variable holding the two X509_USER_* environment variables.
        $USER_CERT_ENV = '';
        if (strlen($usercert) > 0) {
            if (strlen($userkey) == 0) {
                $userkey = $usercert;
            }
            $USER_CERT_ENV = 'X509_USER_CERT=' . escapeshellarg($usercert) .
                             ' ' .
                             'X509_USER_KEY='  . escapeshellarg($userkey);
        }

        // Run the myproxy-logon command and capture the output and any error
        $output = array();
        $cmd = '/bin/env ' .
               $USER_CERT_ENV . ' ' .
               $env . ' ' .
               'MYPROXY_SOCKET_TIMEOUT=1 ' .
               MYPROXY_LOGON . ' ' .
               ' -s ' . escapeshellarg($server) .
               " -p $port" .
               " -t $lifetime" .
               ' -l ' . escapeshellarg($username) .
               ' -S -o -' .
               ((strlen($certreq) > 0) ?
                   (' --certreq - <<< ' . escapeshellarg($certreq)) : '') .
               ((strlen($passphrase) > 0) ?
                   (' <<< ' . escapeshellarg($passphrase)) : ' -n') .
               ' 2>&1';
        exec($cmd, $output, $return_val);
        $retstr = implode("\n", $output);

        if ($return_val > 0) {
            Util::sendErrorAlert(
                'getMyProxyCredential Error',
                "MyProxy Error = $return_val\nMyProxy Output= $retstr"
            );
            $retstr = '';
        }

        return $retstr;
    }

    /**
     * getDefaultLifetime
     *
     * This function returns the value of the class defined
     * MYPROXY_LIFETIME as an int, which may be needed in '/secure/getuser'
     * when getting a certificate.
     *
     * @return int The value of MYPROXY_LIFETIME
     */
    public static function getDefaultLifetime()
    {
        return (int)MYPROXY_LIFETIME;

    }
}


1			<?php
2
3			namespace CILogon\Service;
4
5			use CILogon\Service\Util;
6
7			/**
8			* MyProxy
9			*/
10			class MyProxy
11			{
12			/**
13			* getMyProxyCredential
14			*
15			* This function gets an X.509 credential (as a string) for a user.
16			*
17			* @param string $username The MyProxy user name (-l)
18			* @param string $passphrase (Optional) The MyProxy password for the
19			* username (-S). Defaults to empty string. NOTE: If $passphrase
20			* is non-empty, you CANNOT set a $certreq.
21			* @param string $server (Optional) The MyProxy server to connect to (-s).
22			* Defaults to MYPROXY_HOST.
23			* @param int $port (Optional) The port for the MyProxy server (-p).
24			* Defaults to MYPROXY_PORT.
25			* @param int $lifetime (Optional) The life of the proxy in hours (-t).
26			* Defaults to MYPROXY_LIFETIME hours.
27			* @param string $usercert (Optional) The X509_USER_CERT environment
28			* variable, OR the X509_USER_PROXY environment variable if
29			* $userkey is set to the empty string. Defaults to empty string.
30			* @param string $userkey (Optional) The X509_USER_KEY environment
31			* variable. Defaults to empty string.
32			* @param string $certreq (Optional) A certificate request created by the
33			* openssl req command (--certreq). Defaults to empty string.
34			* NOTE: If $certreq is non-empty, you CANNOT set a $passphrase.
35			* @param string $env (Optional) Extra environment variables in the form
36			* of space-separated 'key=value' pairs.
37			* @return string An X509 credential in a string upon success, or
38			* an empty string upon failure.
39			*/
40			public static function getMyProxyCredential(
41			$username,
42			$passphrase = '',
43			$server = MYPROXY_HOST,
			0 ignored issues – show Bug introduced 2019-11-19 22:36 UTC by Report Bug Copy Issue Report Show Similar Issues like this The constant `CILogon\Service\MYPROXY_HOST` was not found. Maybe you did not declare it correctly or list all dependencies? Loading history...
44			$port = MYPROXY_PORT,
			0 ignored issues – show Bug introduced 2019-11-19 22:36 UTC by Report Bug Copy Issue Report Show Similar Issues like this The constant `CILogon\Service\MYPROXY_PORT` was not found. Maybe you did not declare it correctly or list all dependencies? Loading history...
45			$lifetime = MYPROXY_LIFETIME,
			0 ignored issues – show Bug introduced 2019-11-19 22:36 UTC by Report Bug Copy Issue Report Show Similar Issues like this The constant `CILogon\Service\MYPROXY_LIFETIME` was not found. Maybe you did not declare it correctly or list all dependencies? Loading history...
46			$usercert = '',
47			$userkey = '',
48			$certreq = '',
49			$env = ''
50			) {
51			$retstr = '';
52
53			// Verify the myproxy-logon binary has been configured
54			if ((!defined('MYPROXY_LOGON')) \|\| (empty(MYPROXY_LOGON))) {
			0 ignored issues – show Bug introduced 2019-11-19 22:36 UTC by Report Bug Copy Issue Report Show Similar Issues like this The constant `CILogon\Service\MYPROXY_LOGON` was not found. Maybe you did not declare it correctly or list all dependencies? Loading history...
55			Util::sendErrorAlert(
56			'getMyProxyCredential Error',
57			'MyProxy Error = myproxy-logon binary not configured'
58			);
59			return $retstr;
60			}
61
62			// Make sure the username passed in is not empty
63			if (strlen($username) == 0) {
64			Util::sendErrorAlert(
65			'getMyProxyCredential Error',
66			'MyProxy Error = Missing MyProxy username'
67			);
68			return $retstr;
69			}
70
71			// Don't allow weird port numbers, i.e. negative or over 65535
72			if (($port < 0) \|\| ($port > 65535)) {
73			$port = MYPROXY_PORT;
74			}
75
76			// Don't allow weird lifetimes, i.e. negative or over 5 years
77			if (($lifetime < 0) \|\| ($lifetime > 43800)) {
78			$lifetime = MYPROXY_LIFETIME;
79			}
80
81			// If the usercert (X509_USER_CERT) is specified, check to see if
82			// the userkey (X509_USER_KEY) was as well. If not, set userkey to
83			// usercert, in effect making usercert act like X509_USER_PROXY. Then,
84			// set the USER_CERT_ENV variable to bundle the two parameters into a
85			// single variable holding the two X509_USER_* environment variables.
86			$USER_CERT_ENV = '';
87			if (strlen($usercert) > 0) {
88			if (strlen($userkey) == 0) {
89			$userkey = $usercert;
90			}
91			$USER_CERT_ENV = 'X509_USER_CERT=' . escapeshellarg($usercert) .
92			' ' .
93			'X509_USER_KEY=' . escapeshellarg($userkey);
94			}
95
96			// Run the myproxy-logon command and capture the output and any error
97			$output = array();
98			$cmd = '/bin/env ' .
99			$USER_CERT_ENV . ' ' .
100			$env . ' ' .
101			'MYPROXY_SOCKET_TIMEOUT=1 ' .
102			MYPROXY_LOGON . ' ' .
103			' -s ' . escapeshellarg($server) .
104			" -p $port" .
105			" -t $lifetime" .
106			' -l ' . escapeshellarg($username) .
107			' -S -o -' .
108			((strlen($certreq) > 0) ?
109			(' --certreq - <<< ' . escapeshellarg($certreq)) : '') .
110			((strlen($passphrase) > 0) ?
111			(' <<< ' . escapeshellarg($passphrase)) : ' -n') .
112			' 2>&1';
113			exec($cmd, $output, $return_val);
114			$retstr = implode("\n", $output);
115
116			if ($return_val > 0) {
117			Util::sendErrorAlert(
118			'getMyProxyCredential Error',
119			"MyProxy Error = $return_val\nMyProxy Output= $retstr"
120			);
121			$retstr = '';
122			}
123
124			return $retstr;
125			}
126
127			/**
128			* getDefaultLifetime
129			*
130			* This function returns the value of the class defined
131			* MYPROXY_LIFETIME as an int, which may be needed in '/secure/getuser'
132			* when getting a certificate.
133			*
134			* @return int The value of MYPROXY_LIFETIME
135			*/
136			public static function getDefaultLifetime()
137			{
138			return (int)MYPROXY_LIFETIME;
			0 ignored issues – show Bug introduced 2019-11-19 22:36 UTC by Report Bug Copy Issue Report Show Similar Issues like this The constant `CILogon\Service\MYPROXY_LIFETIME` was not found. Maybe you did not declare it correctly or list all dependencies? Loading history...
139			}
140			}
141

cilogon / service-lib

Push — master ( 562ec1...c64a31 )

src/Service/MyProxy.php (5 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like