Basic - Code Metrics - colindev/auth-basic - Measure and Improve Code Quality continuously with Scrutinizer

Basic A
last analyzed 2016-09-08 15:47 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	61
Duplicated Lines	0 %

Coupling/Cohesion

Components	2
Dependencies	0

Test Coverage

Coverage

27.27%

Importance

Changes	5
Bugs	0	Features	0

Metric	Value
wmc	16
c	5
b	0
f	0
lcom	2
cbo	0
dl	0
loc	61
ccs	9
cts	33
cp	0.2727
rs	10

6 Methods

Rating	Name	Size	Complexity
B	__construct()	13	5
A	realm()	4	1
B	isAuthorized()	18	6
A	challenge()	6	1
A	buildAuthentication()	4	2
A	logout()	5	1

<?php namespace Rde\Auth;

use Closure;

class Basic
{
    protected $rule = null;
    protected $realm;

    public function __construct($config)
    {
        if (is_array($config)) {
            $this->rule = function($username, $password) use($config) {

                return is_string($username) &&
                isset($config[$username]) &&
                password_verify($password, $config[$username]);
            };
        } elseif ($config instanceof Closure) {
            $this->rule = $config;
        }
    }

    public function realm($name)
    {
        $this->realm = $name;
    }

    public function isAuthorized()
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}
    {
        if ($this->rule instanceof Closure) {

            if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
                $authorization = preg_replace('/^Basic\s/', '', $_SERVER['HTTP_AUTHORIZATION']);
                $authorization = base64_decode($authorization);

                if (preg_match('/^(\w*):(.*)$/', $authorization, $params)) {
                    return true === call_user_func($this->rule, $params[1], $params[2]);
                }
            } elseif (isset($_SERVER['PHP_AUTH_PW']) && isset($_SERVER['PHP_AUTH_USER'])) {
                return true === call_user_func($this->rule, $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
            }
        }

        return false;
    }

    public function challenge()
    {
        header($this->buildAuthentication());
        header('HTTP/1.1 401 Unauthorized');
        exit;

    }

    public function buildAuthentication()
    {
        return sprintf('WWW-Authenticate: Basic realm="%s"', $this->realm ?: 'admin realm');
    }

    public function logout()
    {
        header('HTTP/1.1 401 Unauthorized');
        exit;

    }
}


1		<?php namespace Rde\Auth;
2
3		use Closure;
4
5		class Basic
6		{
7		protected $rule = null;
8		protected $realm;
9
10	1	public function __construct($config)
11		{
12	1	if (is_array($config)) {
13		$this->rule = function($username, $password) use($config) {
14
15		return is_string($username) &&
16		isset($config[$username]) &&
17		password_verify($password, $config[$username]);
18		};
19	1	} elseif ($config instanceof Closure) {
20		$this->rule = $config;
21		}
22	1	}
23
24	1	public function realm($name)
25		{
26	1	$this->realm = $name;
27	1	}
28
29		public function isAuthorized()
		0 ignored issues – show Coding Style introduced 2016-09-08 15:47 UTC by Report Bug Copy Issue Report `isAuthorized` uses the super-global variable `$_SERVER` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
30		{
31		if ($this->rule instanceof Closure) {
32
33		if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
34		$authorization = preg_replace('/^Basic\s/', '', $_SERVER['HTTP_AUTHORIZATION']);
35		$authorization = base64_decode($authorization);
36
37		if (preg_match('/^(\w):(.)$/', $authorization, $params)) {
38		return true === call_user_func($this->rule, $params[1], $params[2]);
39		}
40		} elseif (isset($_SERVER['PHP_AUTH_PW']) && isset($_SERVER['PHP_AUTH_USER'])) {
41		return true === call_user_func($this->rule, $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
42		}
43		}
44
45		return false;
46		}
47
48		public function challenge()
49		{
50		header($this->buildAuthentication());
51		header('HTTP/1.1 401 Unauthorized');
52		exit;
		0 ignored issues – show Coding Style Compatibility introduced 2016-09-08 15:47 UTC by Report Bug Copy Issue Report The method `challenge()` contains an exit expression. An exit expression should only be used in rare cases. For example, if you write a short command line script. In most cases however, using an `exit` expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage. Loading history...
53		}
54
55	1	public function buildAuthentication()
56		{
57	1	return sprintf('WWW-Authenticate: Basic realm="%s"', $this->realm ?: 'admin realm');
58		}
59
60		public function logout()
61		{
62		header('HTTP/1.1 401 Unauthorized');
63		exit;
		0 ignored issues – show Coding Style Compatibility introduced 2016-09-08 15:47 UTC by Report Bug Copy Issue Report The method `logout()` contains an exit expression. An exit expression should only be used in rare cases. For example, if you write a short command line script. In most cases however, using an `exit` expression makes the code untestable and often causes incompatibilities with other libraries. Thus, unless you are absolutely sure it is required here, we recommend to refactor your code to avoid its usage. Loading history...
64		}
65		}
66

colindev / auth-basic

Basic A last analyzed 2016-09-08 15:47 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

6 Methods

Duplication Side-by-Side

Filter issues like

Basic A
last analyzed 2016-09-08 15:47 UTC