TwoFactor - Code Metrics - Inspection of "make OTP checking more robust, limit number of att..." - eduVPN/vpn-server-api - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( c87823...3d2057 )

by François

created 2016-12-07 09:48 UTC

TwoFactor A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	41
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	4

Importance

Changes

Metric	Value
wmc	7
lcom	1
cbo	4
dl	0
loc	41
rs	10
c	0
b	0
f	0

2 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	5	1
B	verifyTotp()	0	26	6

<?php
/**
 *  Copyright (C) 2016 SURFnet.
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU Affero General Public License as
 *  published by the Free Software Foundation, either version 3 of the
 *  License, or (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Affero General Public License for more details.
 *
 *  You should have received a copy of the GNU Affero General Public License
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

namespace SURFnet\VPN\Server;

use Base32\Base32;
use DateTime;
use Otp\Otp;
use SURFnet\VPN\Server\Exception\TwoFactorException;

class TwoFactor
{
    /** @var Storage */
    private $storage;

    /** @var \DateTime */
    private $dateTime;

    public function __construct(Storage $storage, DateTime $dateTime)
    {
        $this->storage = $storage;
        $this->dateTime = $dateTime;
    }

    public function verifyTotp($userId, $totpKey, $totpSecret = null)
    {
        // for the enroll phase totpSecret is also provided, use that then
        // instead of fetching one from the DB
        if (is_null($totpSecret)) {
            if (!$this->storage->hasTotpSecret($userId)) {
                throw new TwoFactorException('user has no TOTP secret');
            }
            $totpSecret = $this->storage->getTotpSecret($userId);
        }

        // store the attempt even before validating it, to be able to count
        // the (failed) attempts
        if (false === $this->storage->recordTotpKey($userId, $totpKey, $this->dateTime)) {
            throw new TwoFactorException('TOTP key replay');
        }

        if (10 < $this->storage->getTotpAttemptCount($userId)) {
            throw new TwoFactorException('too many attempts at TOTP');
        }

        $otp = new Otp();
        if (!$otp->checkTotp(Base32::decode($totpSecret), $totpKey)) {
            throw new TwoFactorException('invalid TOTP key');
        }
    }
}


1			<?php
2			/**
3			* Copyright (C) 2016 SURFnet.
4			*
5			* This program is free software: you can redistribute it and/or modify
6			* it under the terms of the GNU Affero General Public License as
7			* published by the Free Software Foundation, either version 3 of the
8			* License, or (at your option) any later version.
9			*
10			* This program is distributed in the hope that it will be useful,
11			* but WITHOUT ANY WARRANTY; without even the implied warranty of
12			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13			* GNU Affero General Public License for more details.
14			*
15			* You should have received a copy of the GNU Affero General Public License
16			* along with this program. If not, see <http://www.gnu.org/licenses/>.
17			*/
18
19			namespace SURFnet\VPN\Server;
20
21			use Base32\Base32;
22			use DateTime;
23			use Otp\Otp;
24			use SURFnet\VPN\Server\Exception\TwoFactorException;
25
26			class TwoFactor
27			{
28			/** @var Storage */
29			private $storage;
30
31			/** @var \DateTime */
32			private $dateTime;
33
34			public function __construct(Storage $storage, DateTime $dateTime)
35			{
36			$this->storage = $storage;
37			$this->dateTime = $dateTime;
38			}
39
40			public function verifyTotp($userId, $totpKey, $totpSecret = null)
41			{
42			// for the enroll phase totpSecret is also provided, use that then
43			// instead of fetching one from the DB
44			if (is_null($totpSecret)) {
45			if (!$this->storage->hasTotpSecret($userId)) {
46			throw new TwoFactorException('user has no TOTP secret');
47			}
48			$totpSecret = $this->storage->getTotpSecret($userId);
49			}
50
51			// store the attempt even before validating it, to be able to count
52			// the (failed) attempts
53			if (false === $this->storage->recordTotpKey($userId, $totpKey, $this->dateTime)) {
54			throw new TwoFactorException('TOTP key replay');
55			}
56
57			if (10 < $this->storage->getTotpAttemptCount($userId)) {
58			throw new TwoFactorException('too many attempts at TOTP');
59			}
60
61			$otp = new Otp();
62			if (!$otp->checkTotp(Base32::decode($totpSecret), $totpKey)) {
63			throw new TwoFactorException('invalid TOTP key');
64			}
65			}
66			}
67

eduVPN / vpn-server-api

GitHub Access Token became invalid

Push — master ( c87823...3d2057 )

TwoFactor A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

2 Methods

Duplication Side-by-Side

Filter issues like