UsersModuleTest - Code Metrics - Inspection of "add more TOTP tests" - eduVPN/vpn-server-api - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 5e2f22...1daca3 )

by François

created 2016-12-06 22:39 UTC

UsersModuleTest A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	326
Duplicated Lines	42.64 %

Coupling/Cohesion

Components	1
Dependencies	9

Importance

Changes

Metric	Value
wmc	17
lcom	1
cbo	9
dl	139
loc	326
rs	10
c	0
b	0
f	0

15 Methods

Rating	Name	Duplication	Size	Complexity
B	setUp()	0	42	1
B	testListUsers()	0	26	1
A	testSetTotpSecret()	20	20	1
A	testVerifyOtpKey()	19	19	1
B	testVerifyOtpKeyWrong()	0	24	1
A	testVerifyOtpKeyReplay()	0	22	1
A	testHasTotpSecret()	0	14	1
A	testDeleteTotpSecret()	14	14	1
A	testSetVootToken()	0	15	1
A	testDeleteVootToken()	14	14	1
A	testDisableUser()	14	14	1
A	testEnableUser()	14	14	1
A	testDeleteUser()	14	14	1
B	testUserGroups()	0	24	1
B	makeRequest()	30	30	3

How to fix Duplicated Code

<?php
/**
 *  Copyright (C) 2016 SURFnet.
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU Affero General Public License as
 *  published by the Free Software Foundation, either version 3 of the
 *  License, or (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Affero General Public License for more details.
 *
 *  You should have received a copy of the GNU Affero General Public License
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

namespace SURFnet\VPN\Server\Api;

use Base32\Base32;
use DateTime;
use Otp\Otp;
use PDO;
use PHPUnit_Framework_TestCase;
use SURFnet\VPN\Common\Config;
use SURFnet\VPN\Common\Http\BasicAuthenticationHook;
use SURFnet\VPN\Common\Http\Request;
use SURFnet\VPN\Common\Http\Service;
use SURFnet\VPN\Server\Acl\Provider\StaticProvider;
use SURFnet\VPN\Server\Storage;

class UsersModuleTest extends PHPUnit_Framework_TestCase
{
    /** @var \SURFnet\VPN\Common\Http\Service */
    private $service;

    public function setUp()
    {
        $storage = new Storage(
            new PDO('sqlite::memory:')
        );
        $storage->init();

        $storage->addCertificate('foo', 'abcd1234', 'ABCD1234', 12345678, 23456789);

        $storage->disableUser('bar');
        $storage->setTotpSecret('bar', 'CN2XAL23SIFTDFXZ');
        $storage->setVootToken('bar', '123456');

        // user "baz" has a secret, and already used a key for replay testing
        $storage->setTotpSecret('baz', 'SWIXJ4V7VYALWH6E');
        $otp = new Otp();
        $storage->recordTotpKey('baz', $otp->totp(Base32::decode('SWIXJ4V7VYALWH6E')), new DateTime('now'));

        $config = Config::fromFile(sprintf('%s/data/user_groups_config.yaml', __DIR__));
        $groupProviders = [
            new StaticProvider(
                new Config($config->v('groupProviders', 'StaticProvider'))
            ),
        ];

        $this->service = new Service();
        $this->service->addModule(
            new UsersModule(
                $storage,
                $groupProviders
            )
        );

        $bearerAuthentication = new BasicAuthenticationHook(
            [
                'vpn-user-portal' => 'aabbcc',
                'vpn-admin-portal' => 'bbccdd',
            ]
        );

        $this->service->addBeforeHook('auth', $bearerAuthentication);
    }

    public function testListUsers()
    {
        $this->assertSame(
            [
                [
                    'user_id' => 'foo',
                    'is_disabled' => false,
                ],
                [
                    'user_id' => 'bar',
                    'is_disabled' => true,
                ],
                [
                    'user_id' => 'baz',
                    'is_disabled' => false,
                ],
            ],
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'GET',
                'user_list',
                ['profile_id' => 'internet'],
                []
            )
        );
    }

    public function testSetTotpSecret()

    {
        $otp = new Otp();
        $totpSecret = 'MM7TTLHPA7WZOJFB';
        $totpKey = $otp->totp(Base32::decode($totpSecret));

        $this->assertTrue(
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'POST',
                'set_totp_secret',
                [],
                [
                    'user_id' => 'foo',
                    'totp_secret' => $totpSecret,
                    'totp_key' => $totpKey,
                ]
            )
        );
    }

    public function testVerifyOtpKey()

    {
        $otp = new Otp();
        $totpSecret = 'CN2XAL23SIFTDFXZ';
        $totpKey = $otp->totp(Base32::decode($totpSecret));

        $this->assertTrue(
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'POST',
                'verify_totp_key',
                [],
                [
                    'user_id' => 'bar',
                    'totp_key' => $totpKey,
                ]
            )
        );
    }

    public function testVerifyOtpKeyWrong()
    {
        $otp = new Otp();
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        $totpSecret = 'CN2XAL23SIFTDFXZ';
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}

        // in theory this totp_key, 123456 could be correct at one point in
        // time... then this test will fail!
        $this->assertSame(
            [
                'ok' => false,
                'error' => 'invalid OTP key',
            ],
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'POST',
                'verify_totp_key',
                [],
                [
                    'user_id' => 'bar',
                    'totp_key' => '123456',
                ]
            )
        );
    }

    public function testVerifyOtpKeyReplay()
    {
        $otp = new Otp();
        $totpKey = $otp->totp(Base32::decode('SWIXJ4V7VYALWH6E'));

        $this->assertSame(
            [
                'ok' => false,
                'error' => 'OTP key replay',
            ],
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'POST',
                'verify_totp_key',
                [],
                [
                    'user_id' => 'baz',
                    'totp_key' => $totpKey,
                ]
            )
        );
    }

    public function testHasTotpSecret()
    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'GET',
                'has_totp_secret',
                [
                    'user_id' => 'bar',
                ],
                []
            )
        );
    }

    public function testDeleteTotpSecret()

    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'POST',
                'delete_totp_secret',
                [],
                [
                    'user_id' => 'bar',
                ]
            )
        );
    }

    public function testSetVootToken()
    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'POST',
                'set_voot_token',
                [],
                [
                    'user_id' => 'foo',
                    'voot_token' => 'bar',
                ]
            )
        );
    }

    public function testDeleteVootToken()

    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'POST',
                'delete_voot_token',
                [],
                [
                    'user_id' => 'bar',
                ]
            )
        );
    }

    public function testDisableUser()

    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'POST',
                'disable_user',
                [],
                [
                    'user_id' => 'foo',
                ]
            )
        );
    }

    public function testEnableUser()

    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'POST',
                'enable_user',
                [],
                [
                    'user_id' => 'bar',
                ]
            )
        );
    }

    public function testDeleteUser()

    {
        $this->assertTrue(
            $this->makeRequest(
                ['vpn-admin-portal', 'bbccdd'],
                'POST',
                'delete_user',
                [],
                [
                    'user_id' => 'foo',
                ]
            )
        );
    }

    public function testUserGroups()
    {
        $this->assertSame(
            [
                [
                    'id' => 'all',
                    'displayName' => 'All',
                ],
                [
                    'id' => 'employees',
                    'displayName' => 'Employees',
                ],
            ],
            $this->makeRequest(
                ['vpn-user-portal', 'aabbcc'],
                'GET',
                'user_groups',
                [
                    'user_id' => 'bar',
                ],
                []
            )
        );
    }

    private function makeRequest(array $basicAuth, $requestMethod, $pathInfo, array $getData = [], array $postData = [])

    {
        $response = $this->service->run(
            new Request(
                [
                    'SERVER_PORT' => 80,
                    'SERVER_NAME' => 'vpn.example',
                    'REQUEST_METHOD' => $requestMethod,
                    'PATH_INFO' => sprintf('/%s', $pathInfo),
                    'REQUEST_URI' => sprintf('/%s', $pathInfo),
                    'PHP_AUTH_USER' => $basicAuth[0],
                    'PHP_AUTH_PW' => $basicAuth[1],
                ],
                $getData,
                $postData
            )
        );

        $responseArray = json_decode($response->getBody(), true)[$pathInfo];
        if ($responseArray['ok']) {
            if (array_key_exists('data', $responseArray)) {
                return $responseArray['data'];
            }

            return true;
        }

        // in case of errors...
        return $responseArray;
    }
}


1		<?php
2		/**
3		* Copyright (C) 2016 SURFnet.
4		*
5		* This program is free software: you can redistribute it and/or modify
6		* it under the terms of the GNU Affero General Public License as
7		* published by the Free Software Foundation, either version 3 of the
8		* License, or (at your option) any later version.
9		*
10		* This program is distributed in the hope that it will be useful,
11		* but WITHOUT ANY WARRANTY; without even the implied warranty of
12		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13		* GNU Affero General Public License for more details.
14		*
15		* You should have received a copy of the GNU Affero General Public License
16		* along with this program. If not, see <http://www.gnu.org/licenses/>.
17		*/
18
19		namespace SURFnet\VPN\Server\Api;
20
21		use Base32\Base32;
22		use DateTime;
23		use Otp\Otp;
24		use PDO;
25		use PHPUnit_Framework_TestCase;
26		use SURFnet\VPN\Common\Config;
27		use SURFnet\VPN\Common\Http\BasicAuthenticationHook;
28		use SURFnet\VPN\Common\Http\Request;
29		use SURFnet\VPN\Common\Http\Service;
30		use SURFnet\VPN\Server\Acl\Provider\StaticProvider;
31		use SURFnet\VPN\Server\Storage;
32
33		class UsersModuleTest extends PHPUnit_Framework_TestCase
34		{
35		/** @var \SURFnet\VPN\Common\Http\Service */
36		private $service;
37
38		public function setUp()
39		{
40		$storage = new Storage(
41		new PDO('sqlite::memory:')
42		);
43		$storage->init();
44
45		$storage->addCertificate('foo', 'abcd1234', 'ABCD1234', 12345678, 23456789);
46
47		$storage->disableUser('bar');
48		$storage->setTotpSecret('bar', 'CN2XAL23SIFTDFXZ');
49		$storage->setVootToken('bar', '123456');
50
51		// user "baz" has a secret, and already used a key for replay testing
52		$storage->setTotpSecret('baz', 'SWIXJ4V7VYALWH6E');
53		$otp = new Otp();
54		$storage->recordTotpKey('baz', $otp->totp(Base32::decode('SWIXJ4V7VYALWH6E')), new DateTime('now'));
55
56		$config = Config::fromFile(sprintf('%s/data/user_groups_config.yaml', __DIR__));
57		$groupProviders = [
58		new StaticProvider(
59		new Config($config->v('groupProviders', 'StaticProvider'))
60		),
61		];
62
63		$this->service = new Service();
64		$this->service->addModule(
65		new UsersModule(
66		$storage,
67		$groupProviders
68		)
69		);
70
71		$bearerAuthentication = new BasicAuthenticationHook(
72		[
73		'vpn-user-portal' => 'aabbcc',
74		'vpn-admin-portal' => 'bbccdd',
75		]
76		);
77
78		$this->service->addBeforeHook('auth', $bearerAuthentication);
79		}
80
81		public function testListUsers()
82		{
83		$this->assertSame(
84		[
85		[
86		'user_id' => 'foo',
87		'is_disabled' => false,
88		],
89		[
90		'user_id' => 'bar',
91		'is_disabled' => true,
92		],
93		[
94		'user_id' => 'baz',
95		'is_disabled' => false,
96		],
97		],
98		$this->makeRequest(
99		['vpn-admin-portal', 'bbccdd'],
100		'GET',
101		'user_list',
102		['profile_id' => 'internet'],
103		[]
104		)
105		);
106		}
107
108	View Code Duplication	public function testSetTotpSecret()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
109		{
110		$otp = new Otp();
111		$totpSecret = 'MM7TTLHPA7WZOJFB';
112		$totpKey = $otp->totp(Base32::decode($totpSecret));
113
114		$this->assertTrue(
115		$this->makeRequest(
116		['vpn-user-portal', 'aabbcc'],
117		'POST',
118		'set_totp_secret',
119		[],
120		[
121		'user_id' => 'foo',
122		'totp_secret' => $totpSecret,
123		'totp_key' => $totpKey,
124		]
125		)
126		);
127		}
128
129	View Code Duplication	public function testVerifyOtpKey()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
130		{
131		$otp = new Otp();
132		$totpSecret = 'CN2XAL23SIFTDFXZ';
133		$totpKey = $otp->totp(Base32::decode($totpSecret));
134
135		$this->assertTrue(
136		$this->makeRequest(
137		['vpn-user-portal', 'aabbcc'],
138		'POST',
139		'verify_totp_key',
140		[],
141		[
142		'user_id' => 'bar',
143		'totp_key' => $totpKey,
144		]
145		)
146		);
147		}
148
149		public function testVerifyOtpKeyWrong()
150		{
151		$otp = new Otp();
		0 ignored issues – show Unused Code introduced 2016-12-06 22:41 UTC by Report Bug Copy Issue Report `$otp` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
152		$totpSecret = 'CN2XAL23SIFTDFXZ';
		0 ignored issues – show Unused Code introduced 2016-12-06 22:41 UTC by Report Bug Copy Issue Report `$totpSecret` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
153
154		// in theory this totp_key, 123456 could be correct at one point in
155		// time... then this test will fail!
156		$this->assertSame(
157		[
158		'ok' => false,
159		'error' => 'invalid OTP key',
160		],
161		$this->makeRequest(
162		['vpn-user-portal', 'aabbcc'],
163		'POST',
164		'verify_totp_key',
165		[],
166		[
167		'user_id' => 'bar',
168		'totp_key' => '123456',
169		]
170		)
171		);
172		}
173
174		public function testVerifyOtpKeyReplay()
175		{
176		$otp = new Otp();
177		$totpKey = $otp->totp(Base32::decode('SWIXJ4V7VYALWH6E'));
178
179		$this->assertSame(
180		[
181		'ok' => false,
182		'error' => 'OTP key replay',
183		],
184		$this->makeRequest(
185		['vpn-user-portal', 'aabbcc'],
186		'POST',
187		'verify_totp_key',
188		[],
189		[
190		'user_id' => 'baz',
191		'totp_key' => $totpKey,
192		]
193		)
194		);
195		}
196
197		public function testHasTotpSecret()
198		{
199		$this->assertTrue(
200		$this->makeRequest(
201		['vpn-user-portal', 'aabbcc'],
202		'GET',
203		'has_totp_secret',
204		[
205		'user_id' => 'bar',
206		],
207		[]
208		)
209		);
210		}
211
212	View Code Duplication	public function testDeleteTotpSecret()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
213		{
214		$this->assertTrue(
215		$this->makeRequest(
216		['vpn-admin-portal', 'bbccdd'],
217		'POST',
218		'delete_totp_secret',
219		[],
220		[
221		'user_id' => 'bar',
222		]
223		)
224		);
225		}
226
227		public function testSetVootToken()
228		{
229		$this->assertTrue(
230		$this->makeRequest(
231		['vpn-user-portal', 'aabbcc'],
232		'POST',
233		'set_voot_token',
234		[],
235		[
236		'user_id' => 'foo',
237		'voot_token' => 'bar',
238		]
239		)
240		);
241		}
242
243	View Code Duplication	public function testDeleteVootToken()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
244		{
245		$this->assertTrue(
246		$this->makeRequest(
247		['vpn-admin-portal', 'bbccdd'],
248		'POST',
249		'delete_voot_token',
250		[],
251		[
252		'user_id' => 'bar',
253		]
254		)
255		);
256		}
257
258	View Code Duplication	public function testDisableUser()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
259		{
260		$this->assertTrue(
261		$this->makeRequest(
262		['vpn-admin-portal', 'bbccdd'],
263		'POST',
264		'disable_user',
265		[],
266		[
267		'user_id' => 'foo',
268		]
269		)
270		);
271		}
272
273	View Code Duplication	public function testEnableUser()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
274		{
275		$this->assertTrue(
276		$this->makeRequest(
277		['vpn-admin-portal', 'bbccdd'],
278		'POST',
279		'enable_user',
280		[],
281		[
282		'user_id' => 'bar',
283		]
284		)
285		);
286		}
287
288	View Code Duplication	public function testDeleteUser()
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
289		{
290		$this->assertTrue(
291		$this->makeRequest(
292		['vpn-admin-portal', 'bbccdd'],
293		'POST',
294		'delete_user',
295		[],
296		[
297		'user_id' => 'foo',
298		]
299		)
300		);
301		}
302
303		public function testUserGroups()
304		{
305		$this->assertSame(
306		[
307		[
308		'id' => 'all',
309		'displayName' => 'All',
310		],
311		[
312		'id' => 'employees',
313		'displayName' => 'Employees',
314		],
315		],
316		$this->makeRequest(
317		['vpn-user-portal', 'aabbcc'],
318		'GET',
319		'user_groups',
320		[
321		'user_id' => 'bar',
322		],
323		[]
324		)
325		);
326		}
327
328	View Code Duplication	private function makeRequest(array $basicAuth, $requestMethod, $pathInfo, array $getData = [], array $postData = [])
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
329		{
330		$response = $this->service->run(
331		new Request(
332		[
333		'SERVER_PORT' => 80,
334		'SERVER_NAME' => 'vpn.example',
335		'REQUEST_METHOD' => $requestMethod,
336		'PATH_INFO' => sprintf('/%s', $pathInfo),
337		'REQUEST_URI' => sprintf('/%s', $pathInfo),
338		'PHP_AUTH_USER' => $basicAuth[0],
339		'PHP_AUTH_PW' => $basicAuth[1],
340		],
341		$getData,
342		$postData
343		)
344		);
345
346		$responseArray = json_decode($response->getBody(), true)[$pathInfo];
347		if ($responseArray['ok']) {
348		if (array_key_exists('data', $responseArray)) {
349		return $responseArray['data'];
350		}
351
352		return true;
353		}
354
355		// in case of errors...
356		return $responseArray;
357		}
358		}
359

eduVPN / vpn-server-api

GitHub Access Token became invalid

Push — master ( 5e2f22...1daca3 )

UsersModuleTest A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

15 Methods

How to fix Duplicated Code

Duplicated Code

Duplication Side-by-Side

Filter issues like