ExternalApplication::setApplicationKey() - Code Metrics - Inspection of "Remove branch-alias for release-0.32.0" - cross-solution/YAWIK - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — develop ( 28c299...928e2a )

by Mathias

created 2018-11-28 16:39 UTC

ExternalApplication::setApplicationKey() A

↳ Parent: ExternalApplication

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	3
CRAP Score	1

Importance

Changes

Metric	Value
eloc	2
dl	0
loc	4
c	0
b	0
f	0
ccs	3
cts	3
cp	1
rs	10
cc	1
nc	1
nop	1
crap	1

<?php

namespace Auth\Adapter;

use Interop\Container\ContainerInterface;
use Zend\Authentication\Adapter\AbstractAdapter;
use Zend\Authentication\Result;
use Auth\Entity\Filter\CredentialFilter;
use Zend\ServiceManager\ServiceLocatorInterface;

/**
 * This class allows an external application to authenticate via a pre-shared application key and to
 * push job openings via Rest Calls
 *
 * Class ExternalApplication
 * @package Auth\Adapter
 */
class ExternalApplication extends AbstractAdapter
{
    
    protected $applicationKey;

    /* @var $repository \Auth\Repository\User */

    protected $repository;

    protected $applicationKeys = array();

    /* @var  $serviceManager ServiceLocatorInterface */

    protected $serviceManager;

    /**
     * @param $repository
     * @param null $identity

     * @param null $credential

     * @param null $applicationKey

     */
    public function __construct($repository, $identity = null, $credential = null, $applicationKey = null)
    {
        $this->repository = $repository;
        $this->setIdentity($identity);
        $this->setCredential($credential);
        $this->setApplicationKey($applicationKey);
    }
	
	/**
	 * @param ContainerInterface $serviceManager
	 */
    public function setServiceLocator(ContainerInterface $serviceManager)
    {
        $this->serviceManager = $serviceManager;
    }

    /**
     * @return \Auth\Repository\User
     */
    public function getRepository()
    {
        return $this->repository;
    }

    /**
     * @param $applicationKey
     * @return $this
     */
    public function setApplicationKey($applicationKey)
    {
        $this->applicationKey = $applicationKey;
        return $this;
    }

    /**
     * @return mixed
     */
    public function getApplicationKey()
    {
        return $this->applicationKey;
    }

    /**
     * @return null
     */
    public function getApplicationIdentifier()
    {
        $keys = $this->getApplicationKeys();
        $ids  = array_flip($keys);
        $key  = $this->getApplicationKey();
        
        return isset($ids[$key]) ? $ids[$key] : null;
    }

    /**
     * @param array $applicationKeys
     * @return $this
     */
    public function setApplicationKeys(array $applicationKeys)
    {
        $this->applicationKeys = $applicationKeys;
        return $this;
    }

    /**
     * @return array
     */
    public function getApplicationKeys()
    {
        return $this->applicationKeys;
    }

    /**
     * @return Result
     */
    public function authenticate()
    {
        if (!in_array($this->getApplicationKey(), $this->getApplicationKeys())) {
            return new Result(Result::FAILURE, $this->getIdentity(), array('Invalid application key'));
        }
                
        $identity      = $this->getIdentity();
        $applicationId = '@' . $this->getApplicationIdentifier();
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {
        $applicationIdIndex = strrpos($identity, $applicationId);
        //$login         = (0 < $applicationIdIndex &&  strlen($identity) - strlen($applicationId) == $applicationIdIndex)?substr($identity, 0, $applicationIdIndex):$identity;
        $login         = $identity;
        $users         = $this->getRepository();
        /* @var \Auth\Entity\User $user */
        $user          = $users->findByLogin($login, ['allowDeactivated' => true]);
        $filter        = new CredentialFilter();
        $credential    = $this->getCredential();
        
        $loginSuccess = false;
        $loginResult = array();
        
        if (0 < $applicationIdIndex &&  strlen($identity) - strlen($applicationId) == $applicationIdIndex) {
            $this->serviceManager->get('Core/Log')->debug('User ' . $login . ', login with correct suffix: ');
            // the login ends with the applicationID, therefore use the secret key
            // the external login must be the form 'xxxxx@yyyy' where yyyy is the matching suffix to the external application key
            if (isset($user)) {
                if ($user->getSecret() == $filter->filter($credential)) {
                    $loginSuccess = true;
                } else {
                    $loginSuccess = false;
                    $this->serviceManager->get('Core/Log')->info('User ' . $login . ', secret: ' . $user->getSecret() . ' != loginPassword: ' . $filter->filter($credential) . ' (' . $credential . ')');
                }
            } else {
                $user = $users->create(
                    array(
                    'login' => $login,
                    'password' => $credential,
                    'secret' => $filter->filter($credential),
                    'role' => 'recruiter'
                    )
                );
                $users->store($user);
                $loginSuccess = true;
                $loginResult = array('firstLogin' => true);
            }
        } elseif (isset($user)) {
            $this->serviceManager->get('Core/Log')->debug('User ' . $login . ', login with incorrect suffix: ');
            if ($user->getCredential() == $filter->filter($credential)) {
                $this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials are equal');
                $loginSuccess = true;
            } elseif (!empty($applicationId)) {
                $this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials are not equal');
                // TODO: remove this code as soon as the secret key has been fully established
                // basically this does allow an external login with an applicationIndex match against the User-Password
                // the way it had been used in the start
                if ($user->getCredential() == $filter->filter($credential)) {
                    $this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials2 test');
                    $loginSuccess = true;
                }
            }
        }
        
        if (!$loginSuccess) {
            return new Result(Result::FAILURE_CREDENTIAL_INVALID, $identity, array('User not known or invalid credential'));
        }
        return new Result(Result::SUCCESS, $user->getId(), $loginResult);
    }
}


1		<?php
2
3		namespace Auth\Adapter;
4
5		use Interop\Container\ContainerInterface;
6		use Zend\Authentication\Adapter\AbstractAdapter;
7		use Zend\Authentication\Result;
8		use Auth\Entity\Filter\CredentialFilter;
9		use Zend\ServiceManager\ServiceLocatorInterface;
10
11		/**
12		* This class allows an external application to authenticate via a pre-shared application key and to
13		* push job openings via Rest Calls
14		*
15		* Class ExternalApplication
16		* @package Auth\Adapter
17		*/
18		class ExternalApplication extends AbstractAdapter
19		{
20
21		protected $applicationKey;
22
23		/* @var $repository \Auth\Repository\User */
		0 ignored issues – show Documentation Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report The doc comment `$repository` at position `0` could not be parsed: Unknown type name '$repository' at position 0 in $repository. Loading history...
24		protected $repository;
25
26		protected $applicationKeys = array();
27
28		/* @var $serviceManager ServiceLocatorInterface */
		0 ignored issues – show Documentation Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report The doc comment `$serviceManager` at position `0` could not be parsed: Unknown type name '$serviceManager' at position 0 in $serviceManager. Loading history...
29		protected $serviceManager;
30
31		/**
32		* @param $repository
33		* @param null $identity
		0 ignored issues – show Documentation Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$identity` is correct as it would always require `null` to be passed? Loading history...
34		* @param null $credential
		0 ignored issues – show Documentation Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$credential` is correct as it would always require `null` to be passed? Loading history...
35		* @param null $applicationKey
		0 ignored issues – show Documentation Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$applicationKey` is correct as it would always require `null` to be passed? Loading history...
36		*/
37	2	public function __construct($repository, $identity = null, $credential = null, $applicationKey = null)
38		{
39	2	$this->repository = $repository;
40	2	$this->setIdentity($identity);
41	2	$this->setCredential($credential);
42	2	$this->setApplicationKey($applicationKey);
43	2	}
44
45		/**
46		* @param ContainerInterface $serviceManager
47		*/
48	2	public function setServiceLocator(ContainerInterface $serviceManager)
49		{
50	2	$this->serviceManager = $serviceManager;
51	2	}
52
53		/**
54		* @return \Auth\Repository\User
55		*/
56		public function getRepository()
57		{
58		return $this->repository;
59		}
60
61		/**
62		* @param $applicationKey
63		* @return $this
64		*/
65	2	public function setApplicationKey($applicationKey)
66		{
67	2	$this->applicationKey = $applicationKey;
68	2	return $this;
69		}
70
71		/**
72		* @return mixed
73		*/
74		public function getApplicationKey()
75		{
76		return $this->applicationKey;
77		}
78
79		/**
80		* @return null
81		*/
82		public function getApplicationIdentifier()
83		{
84		$keys = $this->getApplicationKeys();
85		$ids = array_flip($keys);
86		$key = $this->getApplicationKey();
87
88		return isset($ids[$key]) ? $ids[$key] : null;
89		}
90
91		/**
92		* @param array $applicationKeys
93		* @return $this
94		*/
95	2	public function setApplicationKeys(array $applicationKeys)
96		{
97	2	$this->applicationKeys = $applicationKeys;
98	2	return $this;
99		}
100
101		/**
102		* @return array
103		*/
104		public function getApplicationKeys()
105		{
106		return $this->applicationKeys;
107		}
108
109		/**
110		* @return Result
111		*/
112		public function authenticate()
113		{
114		if (!in_array($this->getApplicationKey(), $this->getApplicationKeys())) {
115		return new Result(Result::FAILURE, $this->getIdentity(), array('Invalid application key'));
116		}
117
118		$identity = $this->getIdentity();
119		$applicationId = '@' . $this->getApplicationIdentifier();
		0 ignored issues – show Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report Are you sure the usage of `$this->getApplicationIdentifier()` targeting `Auth\Adapter\ExternalApp...ApplicationIdentifier()` seems to always return null. This check looks for function or method calls that always return null and whose return value is used. class A { function getObject() { return null; } } $a = new A(); if ($a->getObject()) { The method `getObject()` can return nothing but null, so it makes no sense to use the return value. The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes. Loading history...
120		$applicationIdIndex = strrpos($identity, $applicationId);
121		//$login = (0 < $applicationIdIndex && strlen($identity) - strlen($applicationId) == $applicationIdIndex)?substr($identity, 0, $applicationIdIndex):$identity;
122		$login = $identity;
123		$users = $this->getRepository();
124		/* @var \Auth\Entity\User $user */
125		$user = $users->findByLogin($login, ['allowDeactivated' => true]);
126		$filter = new CredentialFilter();
127		$credential = $this->getCredential();
128
129		$loginSuccess = false;
130		$loginResult = array();
131
132		if (0 < $applicationIdIndex && strlen($identity) - strlen($applicationId) == $applicationIdIndex) {
133		$this->serviceManager->get('Core/Log')->debug('User ' . $login . ', login with correct suffix: ');
134		// the login ends with the applicationID, therefore use the secret key
135		// the external login must be the form 'xxxxx@yyyy' where yyyy is the matching suffix to the external application key
136		if (isset($user)) {
137		if ($user->getSecret() == $filter->filter($credential)) {
138		$loginSuccess = true;
139		} else {
140		$loginSuccess = false;
141		$this->serviceManager->get('Core/Log')->info('User ' . $login . ', secret: ' . $user->getSecret() . ' != loginPassword: ' . $filter->filter($credential) . ' (' . $credential . ')');
142		}
143		} else {
144		$user = $users->create(
145		array(
146		'login' => $login,
147		'password' => $credential,
148		'secret' => $filter->filter($credential),
149		'role' => 'recruiter'
150		)
151		);
152		$users->store($user);
153		$loginSuccess = true;
154		$loginResult = array('firstLogin' => true);
155		}
156		} elseif (isset($user)) {
157		$this->serviceManager->get('Core/Log')->debug('User ' . $login . ', login with incorrect suffix: ');
158		if ($user->getCredential() == $filter->filter($credential)) {
159		$this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials are equal');
160		$loginSuccess = true;
161		} elseif (!empty($applicationId)) {
162		$this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials are not equal');
163		// TODO: remove this code as soon as the secret key has been fully established
164		// basically this does allow an external login with an applicationIndex match against the User-Password
165		// the way it had been used in the start
166		if ($user->getCredential() == $filter->filter($credential)) {
167		$this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials2 test');
168		$loginSuccess = true;
169		}
170		}
171		}
172
173		if (!$loginSuccess) {
174		return new Result(Result::FAILURE_CREDENTIAL_INVALID, $identity, array('User not known or invalid credential'));
175		}
176		return new Result(Result::SUCCESS, $user->getId(), $loginResult);
177		}
178		}
179

cross-solution / YAWIK

Push — develop ( 28c299...928e2a )

ExternalApplication::setApplicationKey() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like