ExternalApplication::authenticate() - Code Metrics - Inspection of "Issue #512" - cross-solution/YAWIK - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#521)

unknown

created 2018-11-22 04:24 UTC

ExternalApplication::authenticate() B

↳ Parent: ExternalApplication

Complexity

Conditions	11
Paths	17

Size

Total Lines	65
Code Lines	43

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
eloc	43
dl	0
loc	65
rs	7.3166
c	0
b	0
f	0
cc	11
nc	17
nop	0

How to fix Long Method Complexity

<?php

namespace Auth\Adapter;

use Interop\Container\ContainerInterface;
use Zend\Authentication\Adapter\AbstractAdapter;
use Zend\Authentication\Result;
use Auth\Entity\Filter\CredentialFilter;
use Zend\ServiceManager\ServiceLocatorInterface;

/**
 * This class allows an external application to authenticate via a pre-shared application key and to
 * push job openings via Rest Calls
 *
 * Class ExternalApplication
 * @package Auth\Adapter
 */
class ExternalApplication extends AbstractAdapter
{
    
    protected $applicationKey;

    /* @var $repository \Auth\Repository\User */

    protected $repository;

    protected $applicationKeys = array();

    /* @var  $serviceManager ServiceLocatorInterface */

    protected $serviceManager;

    /**
     * @param $repository
     * @param null $identity

     * @param null $credential

     * @param null $applicationKey

     */
    public function __construct($repository, $identity = null, $credential = null, $applicationKey = null)
    {
        $this->repository = $repository;
        $this->setIdentity($identity);
        $this->setCredential($credential);
        $this->setApplicationKey($applicationKey);
    }
	
	/**
	 * @param ContainerInterface $serviceManager
	 */
    public function setServiceLocator(ContainerInterface $serviceManager)
    {
        $this->serviceManager = $serviceManager;
    }

    /**
     * @return \Auth\Repository\User
     */
    public function getRepository()
    {
        return $this->repository;
    }

    /**
     * @param $applicationKey
     * @return $this
     */
    public function setApplicationKey($applicationKey)
    {
        $this->applicationKey = $applicationKey;
        return $this;
    }

    /**
     * @return mixed
     */
    public function getApplicationKey()
    {
        return $this->applicationKey;
    }

    /**
     * @return null
     */
    public function getApplicationIdentifier()
    {
        $keys = $this->getApplicationKeys();
        $ids  = array_flip($keys);
        $key  = $this->getApplicationKey();
        
        return isset($ids[$key]) ? $ids[$key] : null;
    }

    /**
     * @param array $applicationKeys
     * @return $this
     */
    public function setApplicationKeys(array $applicationKeys)
    {
        $this->applicationKeys = $applicationKeys;
        return $this;
    }

    /**
     * @return array
     */
    public function getApplicationKeys()
    {
        return $this->applicationKeys;
    }

    /**
     * @return Result
     */
    public function authenticate()
    {
        if (!in_array($this->getApplicationKey(), $this->getApplicationKeys())) {
            return new Result(Result::FAILURE, $this->getIdentity(), array('Invalid application key'));
        }
                
        $identity      = $this->getIdentity();
        $applicationId = '@' . $this->getApplicationIdentifier();
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {
        $applicationIdIndex = strrpos($identity, $applicationId);
        //$login         = (0 < $applicationIdIndex &&  strlen($identity) - strlen($applicationId) == $applicationIdIndex)?substr($identity, 0, $applicationIdIndex):$identity;
        $login         = $identity;
        $users         = $this->getRepository();
        /* @var \Auth\Entity\User $user */
        $user          = $users->findByLogin($login, ['allowDeactivated' => true]);
        $filter        = new CredentialFilter();
        $credential    = $this->getCredential();
        
        $loginSuccess = false;
        $loginResult = array();
        
        if (0 < $applicationIdIndex &&  strlen($identity) - strlen($applicationId) == $applicationIdIndex) {
            $this->serviceManager->get('Core/Log')->debug('User ' . $login . ', login with correct suffix: ');
            // the login ends with the applicationID, therefore use the secret key
            // the external login must be the form 'xxxxx@yyyy' where yyyy is the matching suffix to the external application key
            if (isset($user)) {
                if ($user->getSecret() == $filter->filter($credential)) {
                    $loginSuccess = true;
                } else {
                    $loginSuccess = false;
                    $this->serviceManager->get('Core/Log')->info('User ' . $login . ', secret: ' . $user->getSecret() . ' != loginPassword: ' . $filter->filter($credential) . ' (' . $credential . ')');
                }
            } else {
                $user = $users->create(
                    array(
                    'login' => $login,
                    'password' => $credential,
                    'secret' => $filter->filter($credential),
                    'role' => 'recruiter'
                    )
                );
                $users->store($user);
                $loginSuccess = true;
                $loginResult = array('firstLogin' => true);
            }
        } elseif (isset($user)) {
            $this->serviceManager->get('Core/Log')->debug('User ' . $login . ', login with incorrect suffix: ');
            if ($user->getCredential() == $filter->filter($credential)) {
                $this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials are equal');
                $loginSuccess = true;
            } elseif (!empty($applicationId)) {
                $this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials are not equal');
                // TODO: remove this code as soon as the secret key has been fully established
                // basically this does allow an external login with an applicationIndex match against the User-Password
                // the way it had been used in the start
                if ($user->getCredential() == $filter->filter($credential)) {
                    $this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials2 test');
                    $loginSuccess = true;
                }
            }
        }
        
        if (!$loginSuccess) {
            return new Result(Result::FAILURE_CREDENTIAL_INVALID, $identity, array('User not known or invalid credential'));
        }
        return new Result(Result::SUCCESS, $user->getId(), $loginResult);
    }
}


1			<?php
2
3			namespace Auth\Adapter;
4
5			use Interop\Container\ContainerInterface;
6			use Zend\Authentication\Adapter\AbstractAdapter;
7			use Zend\Authentication\Result;
8			use Auth\Entity\Filter\CredentialFilter;
9			use Zend\ServiceManager\ServiceLocatorInterface;
10
11			/**
12			* This class allows an external application to authenticate via a pre-shared application key and to
13			* push job openings via Rest Calls
14			*
15			* Class ExternalApplication
16			* @package Auth\Adapter
17			*/
18			class ExternalApplication extends AbstractAdapter
19			{
20
21			protected $applicationKey;
22
23			/* @var $repository \Auth\Repository\User */
			0 ignored issues – show Documentation Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report The doc comment `$repository` at position `0` could not be parsed: Unknown type name '$repository' at position 0 in $repository. Loading history...
24			protected $repository;
25
26			protected $applicationKeys = array();
27
28			/* @var $serviceManager ServiceLocatorInterface */
			0 ignored issues – show Documentation Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report The doc comment `$serviceManager` at position `0` could not be parsed: Unknown type name '$serviceManager' at position 0 in $serviceManager. Loading history...
29			protected $serviceManager;
30
31			/**
32			* @param $repository
33			* @param null $identity
			0 ignored issues – show Documentation Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$identity` is correct as it would always require `null` to be passed? Loading history...
34			* @param null $credential
			0 ignored issues – show Documentation Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$credential` is correct as it would always require `null` to be passed? Loading history...
35			* @param null $applicationKey
			0 ignored issues – show Documentation Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report Are you sure the doc-type for parameter `$applicationKey` is correct as it would always require `null` to be passed? Loading history...
36			*/
37			public function __construct($repository, $identity = null, $credential = null, $applicationKey = null)
38			{
39			$this->repository = $repository;
40			$this->setIdentity($identity);
41			$this->setCredential($credential);
42			$this->setApplicationKey($applicationKey);
43			}
44
45			/**
46			* @param ContainerInterface $serviceManager
47			*/
48			public function setServiceLocator(ContainerInterface $serviceManager)
49			{
50			$this->serviceManager = $serviceManager;
51			}
52
53			/**
54			* @return \Auth\Repository\User
55			*/
56			public function getRepository()
57			{
58			return $this->repository;
59			}
60
61			/**
62			* @param $applicationKey
63			* @return $this
64			*/
65			public function setApplicationKey($applicationKey)
66			{
67			$this->applicationKey = $applicationKey;
68			return $this;
69			}
70
71			/**
72			* @return mixed
73			*/
74			public function getApplicationKey()
75			{
76			return $this->applicationKey;
77			}
78
79			/**
80			* @return null
81			*/
82			public function getApplicationIdentifier()
83			{
84			$keys = $this->getApplicationKeys();
85			$ids = array_flip($keys);
86			$key = $this->getApplicationKey();
87
88			return isset($ids[$key]) ? $ids[$key] : null;
89			}
90
91			/**
92			* @param array $applicationKeys
93			* @return $this
94			*/
95			public function setApplicationKeys(array $applicationKeys)
96			{
97			$this->applicationKeys = $applicationKeys;
98			return $this;
99			}
100
101			/**
102			* @return array
103			*/
104			public function getApplicationKeys()
105			{
106			return $this->applicationKeys;
107			}
108
109			/**
110			* @return Result
111			*/
112			public function authenticate()
113			{
114			if (!in_array($this->getApplicationKey(), $this->getApplicationKeys())) {
115			return new Result(Result::FAILURE, $this->getIdentity(), array('Invalid application key'));
116			}
117
118			$identity = $this->getIdentity();
119			$applicationId = '@' . $this->getApplicationIdentifier();
			0 ignored issues – show Bug introduced 2018-11-21 12:41 UTC by Report Bug Copy Issue Report Are you sure the usage of `$this->getApplicationIdentifier()` targeting `Auth\Adapter\ExternalApp...ApplicationIdentifier()` seems to always return null. This check looks for function or method calls that always return null and whose return value is used. class A { function getObject() { return null; } } $a = new A(); if ($a->getObject()) { The method `getObject()` can return nothing but null, so it makes no sense to use the return value. The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes. Loading history...
120			$applicationIdIndex = strrpos($identity, $applicationId);
121			//$login = (0 < $applicationIdIndex && strlen($identity) - strlen($applicationId) == $applicationIdIndex)?substr($identity, 0, $applicationIdIndex):$identity;
122			$login = $identity;
123			$users = $this->getRepository();
124			/* @var \Auth\Entity\User $user */
125			$user = $users->findByLogin($login, ['allowDeactivated' => true]);
126			$filter = new CredentialFilter();
127			$credential = $this->getCredential();
128
129			$loginSuccess = false;
130			$loginResult = array();
131
132			if (0 < $applicationIdIndex && strlen($identity) - strlen($applicationId) == $applicationIdIndex) {
133			$this->serviceManager->get('Core/Log')->debug('User ' . $login . ', login with correct suffix: ');
134			// the login ends with the applicationID, therefore use the secret key
135			// the external login must be the form 'xxxxx@yyyy' where yyyy is the matching suffix to the external application key
136			if (isset($user)) {
137			if ($user->getSecret() == $filter->filter($credential)) {
138			$loginSuccess = true;
139			} else {
140			$loginSuccess = false;
141			$this->serviceManager->get('Core/Log')->info('User ' . $login . ', secret: ' . $user->getSecret() . ' != loginPassword: ' . $filter->filter($credential) . ' (' . $credential . ')');
142			}
143			} else {
144			$user = $users->create(
145			array(
146			'login' => $login,
147			'password' => $credential,
148			'secret' => $filter->filter($credential),
149			'role' => 'recruiter'
150			)
151			);
152			$users->store($user);
153			$loginSuccess = true;
154			$loginResult = array('firstLogin' => true);
155			}
156			} elseif (isset($user)) {
157			$this->serviceManager->get('Core/Log')->debug('User ' . $login . ', login with incorrect suffix: ');
158			if ($user->getCredential() == $filter->filter($credential)) {
159			$this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials are equal');
160			$loginSuccess = true;
161			} elseif (!empty($applicationId)) {
162			$this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials are not equal');
163			// TODO: remove this code as soon as the secret key has been fully established
164			// basically this does allow an external login with an applicationIndex match against the User-Password
165			// the way it had been used in the start
166			if ($user->getCredential() == $filter->filter($credential)) {
167			$this->serviceManager->get('Core/Log')->debug('User ' . $login . ', credentials2 test');
168			$loginSuccess = true;
169			}
170			}
171			}
172
173			if (!$loginSuccess) {
174			return new Result(Result::FAILURE_CREDENTIAL_INVALID, $identity, array('User not known or invalid credential'));
175			}
176			return new Result(Result::SUCCESS, $user->getId(), $loginResult);
177			}
178			}
179

cross-solution / YAWIK

Pull Request — develop (#521)

ExternalApplication::authenticate() B

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like