UsersModule::init() - Code Metrics - Inspection of "fix OTP validation" - eduVPN/vpn-server-api - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( aff5f5...d962fa )

by François

created 2016-12-02 16:02 UTC

UsersModule::init() C

↳ Parent: UsersModule

Complexity

Conditions	7
Paths	1

Size

Total Lines	181
Code Lines	99

Duplication

Lines	55
Ratio	30.39 %

Importance

Changes

Metric	Value
dl	55
loc	181
rs	6.4589
c	0
b	0
f	0
cc	7
eloc	99
nc	1
nop	1

How to fix Long Method

<?php
/**
 *  Copyright (C) 2016 SURFnet.
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU Affero General Public License as
 *  published by the Free Software Foundation, either version 3 of the
 *  License, or (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Affero General Public License for more details.
 *
 *  You should have received a copy of the GNU Affero General Public License
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

namespace SURFnet\VPN\Server\Api;

use Base32\Base32;
use Otp\Otp;
use SURFnet\VPN\Common\Http\ApiErrorResponse;
use SURFnet\VPN\Common\Http\ApiResponse;
use SURFnet\VPN\Common\Http\AuthUtils;
use SURFnet\VPN\Common\Http\InputValidation;
use SURFnet\VPN\Common\Http\Request;
use SURFnet\VPN\Common\Http\Service;
use SURFnet\VPN\Common\Http\ServiceModuleInterface;
use SURFnet\VPN\Server\Storage;

class UsersModule implements ServiceModuleInterface
{
    /** @var \SURFnet\VPN\Server\Storage */
    private $storage;

    /** @var array */
    private $groupProviders;

    public function __construct(Storage $storage, array $groupProviders)
    {
        $this->storage = $storage;
        $this->groupProviders = $groupProviders;
    }

    public function init(Service $service)
    {
        $service->get(
            '/user_list',
            function (Request $request, array $hookData) {
                AuthUtils::requireUser($hookData, ['vpn-admin-portal']);

                return new ApiResponse('user_list', $this->storage->getUsers());
            }
        );

        $service->post(
            '/set_totp_secret',
            function (Request $request, array $hookData) {
                AuthUtils::requireUser($hookData, ['vpn-user-portal']);

                $userId = InputValidation::userId($request->getPostParameter('user_id'));
                $totpSecret = InputValidation::totpSecret($request->getPostParameter('totp_secret'));
                $totpKey = InputValidation::totpKey($request->getPostParameter('totp_key'));

                $otp = new Otp();
                if (false === $otp->checkTotp(Base32::decode($totpSecret), $totpKey)) {
                    // wrong otp key
                    return new ApiErrorResponse('set_totp_secret', 'invalid OTP key');
                }

                // XXX use DateTime here, easier for testing

                // XXX check if all these things worked!

                if (false === $this->storage->recordTotpKey($userId, $totpKey, time())) {

                    return new ApiErrorResponse('set_totp_secret', 'OTP key replay');
                }
                $this->storage->setTotpSecret($userId, $totpSecret);

                return new ApiResponse('set_totp_secret');
            }
        );

        $service->post(
            '/verify_totp_key',
            function (Request $request, array $hookData) {
                AuthUtils::requireUser($hookData, ['vpn-user-portal', 'vpn-admin-portal']);

                $userId = InputValidation::userId($request->getPostParameter('user_id'));
                $totpKey = InputValidation::totpKey($request->getPostParameter('totp_key'));

                if (!$this->storage->hasTotpSecret($userId)) {
                    return new ApiErrorResponse('verify_totp_key', 'user has no OTP secret');
                }
                $totpSecret = $this->storage->getTotpSecret($userId);

                $otp = new Otp();
                if (!$otp->checkTotp(Base32::decode($totpSecret), $totpKey)) {
                    return new ApiErrorResponse('verify_totp_key', 'invalid OTP key');
                }

                if (false === $this->storage->recordTotpKey($userId, $totpKey, time())) {

                    return new ApiErrorResponse('verify_totp_key', 'OTP key replay');
                }

                return new ApiResponse('verify_totp_key');
            }
        );

        $service->get(
            '/has_totp_secret',
            function (Request $request, array $hookData) {

                AuthUtils::requireUser($hookData, ['vpn-user-portal', 'vpn-admin-portal']);

                $userId = InputValidation::userId($request->getQueryParameter('user_id'));

                return new ApiResponse('has_totp_secret', $this->storage->hasTotpSecret($userId));
            }
        );

        $service->post(
            '/delete_totp_secret',
            function (Request $request, array $hookData) {

                AuthUtils::requireUser($hookData, ['vpn-admin-portal']);

                $userId = InputValidation::userId($request->getPostParameter('user_id'));

                return new ApiResponse('delete_totp_secret', $this->storage->deleteTotpSecret($userId));
            }
        );

        $service->post(
            '/set_voot_token',
            function (Request $request, array $hookData) {
                AuthUtils::requireUser($hookData, ['vpn-user-portal']);

                $userId = InputValidation::userId($request->getPostParameter('user_id'));
                $vootToken = InputValidation::vootToken($request->getPostParameter('voot_token'));

                return new ApiResponse('set_voot_token', $this->storage->setVootToken($userId, $vootToken));
            }
        );

        $service->post(
            '/delete_voot_token',
            function (Request $request, array $hookData) {

                AuthUtils::requireUser($hookData, ['vpn-admin-portal']);

                $userId = InputValidation::userId($request->getPostParameter('user_id'));

                return new ApiResponse('delete_voot_token', $this->storage->deleteVootToken($userId));
            }
        );

        $service->get(
            '/has_voot_token',
            function (Request $request, array $hookData) {

                AuthUtils::requireUser($hookData, ['vpn-user-portal', 'vpn-admin-portal']);

                $userId = InputValidation::userId($request->getQueryParameter('user_id'));

                return new ApiResponse('has_voot_token', $this->storage->hasVootToken($userId));
            }
        );

        $service->get(
            '/is_disabled_user',
            function (Request $request, array $hookData) {

                AuthUtils::requireUser($hookData, ['vpn-admin-portal', 'vpn-user-portal']);

                $userId = InputValidation::userId($request->getQueryParameter('user_id'));

                return new ApiResponse('is_disabled_user', $this->storage->isDisabledUser($userId));
            }
        );

        $service->post(
            '/disable_user',
            function (Request $request, array $hookData) {

                AuthUtils::requireUser($hookData, ['vpn-admin-portal']);

                $userId = InputValidation::userId($request->getPostParameter('user_id'));

                return new ApiResponse('disable_user', $this->storage->disableUser($userId));
            }
        );

        $service->post(
            '/enable_user',
            function (Request $request, array $hookData) {
                AuthUtils::requireUser($hookData, ['vpn-admin-portal']);

                $userId = InputValidation::userId($request->getPostParameter('user_id'));

                return new ApiResponse('enable_user', $this->storage->enableUser($userId));
            }
        );

        $service->post(
            '/delete_user',
            function (Request $request, array $hookData) {

                AuthUtils::requireUser($hookData, ['vpn-admin-portal']);

                $userId = InputValidation::userId($request->getPostParameter('user_id'));

                return new ApiResponse('delete_user', $this->storage->deleteUser($userId));
            }
        );

        $service->get(
            '/user_groups',
            function (Request $request, array $hookData) {
                AuthUtils::requireUser($hookData, ['vpn-user-portal']);

                $userId = $request->getQueryParameter('user_id');

                $userGroups = [];
                foreach ($this->groupProviders as $groupProvider) {
                    $userGroups = array_merge($userGroups, $groupProvider->getGroups($userId));
                }

                return new ApiResponse('user_groups', $userGroups);
            }
        );
    }
}


1		<?php
2		/**
3		* Copyright (C) 2016 SURFnet.
4		*
5		* This program is free software: you can redistribute it and/or modify
6		* it under the terms of the GNU Affero General Public License as
7		* published by the Free Software Foundation, either version 3 of the
8		* License, or (at your option) any later version.
9		*
10		* This program is distributed in the hope that it will be useful,
11		* but WITHOUT ANY WARRANTY; without even the implied warranty of
12		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13		* GNU Affero General Public License for more details.
14		*
15		* You should have received a copy of the GNU Affero General Public License
16		* along with this program. If not, see <http://www.gnu.org/licenses/>.
17		*/
18
19		namespace SURFnet\VPN\Server\Api;
20
21		use Base32\Base32;
22		use Otp\Otp;
23		use SURFnet\VPN\Common\Http\ApiErrorResponse;
24		use SURFnet\VPN\Common\Http\ApiResponse;
25		use SURFnet\VPN\Common\Http\AuthUtils;
26		use SURFnet\VPN\Common\Http\InputValidation;
27		use SURFnet\VPN\Common\Http\Request;
28		use SURFnet\VPN\Common\Http\Service;
29		use SURFnet\VPN\Common\Http\ServiceModuleInterface;
30		use SURFnet\VPN\Server\Storage;
31
32		class UsersModule implements ServiceModuleInterface
33		{
34		/** @var \SURFnet\VPN\Server\Storage */
35		private $storage;
36
37		/** @var array */
38		private $groupProviders;
39
40		public function __construct(Storage $storage, array $groupProviders)
41		{
42		$this->storage = $storage;
43		$this->groupProviders = $groupProviders;
44		}
45
46		public function init(Service $service)
47		{
48		$service->get(
49		'/user_list',
50		function (Request $request, array $hookData) {
51		AuthUtils::requireUser($hookData, ['vpn-admin-portal']);
52
53		return new ApiResponse('user_list', $this->storage->getUsers());
54		}
55		);
56
57		$service->post(
58		'/set_totp_secret',
59		function (Request $request, array $hookData) {
60		AuthUtils::requireUser($hookData, ['vpn-user-portal']);
61
62		$userId = InputValidation::userId($request->getPostParameter('user_id'));
63		$totpSecret = InputValidation::totpSecret($request->getPostParameter('totp_secret'));
64		$totpKey = InputValidation::totpKey($request->getPostParameter('totp_key'));
65
66		$otp = new Otp();
67		if (false === $otp->checkTotp(Base32::decode($totpSecret), $totpKey)) {
68		// wrong otp key
69		return new ApiErrorResponse('set_totp_secret', 'invalid OTP key');
70		}
71
72		// XXX use DateTime here, easier for testing
73
74		// XXX check if all these things worked!
75
76	View Code Duplication	if (false === $this->storage->recordTotpKey($userId, $totpKey, time())) {
		0 ignored issues – show Duplication introduced 2016-12-02 16:04 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
77		return new ApiErrorResponse('set_totp_secret', 'OTP key replay');
78		}
79		$this->storage->setTotpSecret($userId, $totpSecret);
80
81		return new ApiResponse('set_totp_secret');
82		}
83		);
84
85		$service->post(
86		'/verify_totp_key',
87		function (Request $request, array $hookData) {
88		AuthUtils::requireUser($hookData, ['vpn-user-portal', 'vpn-admin-portal']);
89
90		$userId = InputValidation::userId($request->getPostParameter('user_id'));
91		$totpKey = InputValidation::totpKey($request->getPostParameter('totp_key'));
92
93		if (!$this->storage->hasTotpSecret($userId)) {
94		return new ApiErrorResponse('verify_totp_key', 'user has no OTP secret');
95		}
96		$totpSecret = $this->storage->getTotpSecret($userId);
97
98		$otp = new Otp();
99		if (!$otp->checkTotp(Base32::decode($totpSecret), $totpKey)) {
100		return new ApiErrorResponse('verify_totp_key', 'invalid OTP key');
101		}
102
103	View Code Duplication	if (false === $this->storage->recordTotpKey($userId, $totpKey, time())) {
		0 ignored issues – show Duplication introduced 2016-12-02 16:04 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
104		return new ApiErrorResponse('verify_totp_key', 'OTP key replay');
105		}
106
107		return new ApiResponse('verify_totp_key');
108		}
109		);
110
111		$service->get(
112		'/has_totp_secret',
113	View Code Duplication	function (Request $request, array $hookData) {
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
114		AuthUtils::requireUser($hookData, ['vpn-user-portal', 'vpn-admin-portal']);
115
116		$userId = InputValidation::userId($request->getQueryParameter('user_id'));
117
118		return new ApiResponse('has_totp_secret', $this->storage->hasTotpSecret($userId));
119		}
120		);
121
122		$service->post(
123		'/delete_totp_secret',
124	View Code Duplication	function (Request $request, array $hookData) {
		0 ignored issues – show Duplication introduced 2016-09-13 08:08 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
125		AuthUtils::requireUser($hookData, ['vpn-admin-portal']);
126
127		$userId = InputValidation::userId($request->getPostParameter('user_id'));
128
129		return new ApiResponse('delete_totp_secret', $this->storage->deleteTotpSecret($userId));
130		}
131		);
132
133		$service->post(
134		'/set_voot_token',
135		function (Request $request, array $hookData) {
136		AuthUtils::requireUser($hookData, ['vpn-user-portal']);
137
138		$userId = InputValidation::userId($request->getPostParameter('user_id'));
139		$vootToken = InputValidation::vootToken($request->getPostParameter('voot_token'));
140
141		return new ApiResponse('set_voot_token', $this->storage->setVootToken($userId, $vootToken));
142		}
143		);
144
145		$service->post(
146		'/delete_voot_token',
147	View Code Duplication	function (Request $request, array $hookData) {
		0 ignored issues – show Duplication introduced 2016-09-22 09:48 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
148		AuthUtils::requireUser($hookData, ['vpn-admin-portal']);
149
150		$userId = InputValidation::userId($request->getPostParameter('user_id'));
151
152		return new ApiResponse('delete_voot_token', $this->storage->deleteVootToken($userId));
153		}
154		);
155
156		$service->get(
157		'/has_voot_token',
158	View Code Duplication	function (Request $request, array $hookData) {
		0 ignored issues – show Duplication introduced 2016-11-30 13:21 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
159		AuthUtils::requireUser($hookData, ['vpn-user-portal', 'vpn-admin-portal']);
160
161		$userId = InputValidation::userId($request->getQueryParameter('user_id'));
162
163		return new ApiResponse('has_voot_token', $this->storage->hasVootToken($userId));
164		}
165		);
166
167		$service->get(
168		'/is_disabled_user',
169	View Code Duplication	function (Request $request, array $hookData) {
		0 ignored issues – show Duplication introduced 2016-11-29 22:01 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
170		AuthUtils::requireUser($hookData, ['vpn-admin-portal', 'vpn-user-portal']);
171
172		$userId = InputValidation::userId($request->getQueryParameter('user_id'));
173
174		return new ApiResponse('is_disabled_user', $this->storage->isDisabledUser($userId));
175		}
176		);
177
178		$service->post(
179		'/disable_user',
180	View Code Duplication	function (Request $request, array $hookData) {
		0 ignored issues – show Duplication introduced 2016-10-06 15:03 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
181		AuthUtils::requireUser($hookData, ['vpn-admin-portal']);
182
183		$userId = InputValidation::userId($request->getPostParameter('user_id'));
184
185		return new ApiResponse('disable_user', $this->storage->disableUser($userId));
186		}
187		);
188
189		$service->post(
190		'/enable_user',
191		function (Request $request, array $hookData) {
192		AuthUtils::requireUser($hookData, ['vpn-admin-portal']);
193
194		$userId = InputValidation::userId($request->getPostParameter('user_id'));
195
196		return new ApiResponse('enable_user', $this->storage->enableUser($userId));
197		}
198		);
199
200		$service->post(
201		'/delete_user',
202	View Code Duplication	function (Request $request, array $hookData) {
		0 ignored issues – show Duplication introduced 2016-11-30 11:55 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
203		AuthUtils::requireUser($hookData, ['vpn-admin-portal']);
204
205		$userId = InputValidation::userId($request->getPostParameter('user_id'));
206
207		return new ApiResponse('delete_user', $this->storage->deleteUser($userId));
208		}
209		);
210
211		$service->get(
212		'/user_groups',
213		function (Request $request, array $hookData) {
214		AuthUtils::requireUser($hookData, ['vpn-user-portal']);
215
216		$userId = $request->getQueryParameter('user_id');
217
218		$userGroups = [];
219		foreach ($this->groupProviders as $groupProvider) {
220		$userGroups = array_merge($userGroups, $groupProvider->getGroups($userId));
221		}
222
223		return new ApiResponse('user_groups', $userGroups);
224		}
225		);
226		}
227		}
228

eduVPN / vpn-server-api

GitHub Access Token became invalid

Push — master ( aff5f5...d962fa )

UsersModule::init() C

Complexity

Size

Duplication

Importance

How to fix Long Method

Long Method

Duplication Side-by-Side

Filter issues like