TwoFactorModule::init() - Code Metrics - eduvpn/vpn-lib-common - Measure and Improve Code Quality continuously with Scrutinizer

TwoFactorModule::init() B
last analyzed 2017-08-17 16:32 UTC

↳ Parent: TwoFactorModule

Complexity

Conditions	5
Paths	1

Size

Total Lines	80
Code Lines	49

Duplication

Lines	70
Ratio	87.5 %

Importance

Changes

Metric	Value
dl	70
loc	80
rs	8.4041
c	0
b	0
f	0
cc	5
eloc	49
nc	1
nop	1

How to fix Long Method

<?php

/**
 * eduVPN - End-user friendly VPN.
 *
 * Copyright: 2016-2017, The Commons Conservancy eduVPN Programme
 * SPDX-License-Identifier: AGPL-3.0+
 */

namespace SURFnet\VPN\Common\Http;

use fkooman\SeCookie\SessionInterface;
use SURFnet\VPN\Common\Http\Exception\HttpException;
use SURFnet\VPN\Common\HttpClient\Exception\ApiException;
use SURFnet\VPN\Common\HttpClient\ServerClient;
use SURFnet\VPN\Common\TplInterface;

class TwoFactorModule implements ServiceModuleInterface
{
    /** @var \SURFnet\VPN\Common\HttpClient\ServerClient */
    private $serverClient;

    /** @var \fkooman\SeCookie\SessionInterface; */
    private $session;

    /** @var \SURFnet\VPN\Common\TplInterface */
    private $tpl;

    public function __construct(ServerClient $serverClient, SessionInterface $session, TplInterface $tpl)
    {
        $this->serverClient = $serverClient;
        $this->session = $session;
        $this->tpl = $tpl;
    }

    public function init(Service $service)
    {
        $service->post(
            '/_two_factor/auth/verify/totp',
            function (Request $request, array $hookData) {

                if (!array_key_exists('auth', $hookData)) {
                    throw new HttpException('authentication hook did not run before', 500);
                }
                $userId = $hookData['auth'];

                $this->session->delete('_two_factor_verified');

                $totpKey = InputValidation::totpKey($request->getPostParameter('_two_factor_auth_totp_key'));
                $redirectTo = $request->getPostParameter('_two_factor_auth_redirect_to');
                self::validateRedirectTo($request, $redirectTo);

                try {
                    $this->serverClient->post('verify_totp_key', ['user_id' => $userId, 'totp_key' => $totpKey]);
                    $this->session->regenerate(true);
                    $this->session->set('_two_factor_verified', $userId);

                    return new RedirectResponse($redirectTo, 302);
                } catch (ApiException $e) {
                    // unable to validate the OTP
                    $response = new Response(200, 'text/html');
                    $response->setBody(
                        $this->tpl->render(
                            'twoFactorTotp',
                            [
                                '_two_factor_auth_invalid' => true,
                                '_two_factor_auth_error_msg' => $e->getMessage(),
                                '_two_factor_auth_redirect_to' => $redirectTo,
                            ]
                        )
                    );

                    return $response;
                }
            }
        );

        $service->post(
            '/_two_factor/auth/verify/yubi',
            function (Request $request, array $hookData) {

                if (!array_key_exists('auth', $hookData)) {
                    throw new HttpException('authentication hook did not run before', 500);
                }
                $userId = $hookData['auth'];

                $this->session->delete('_two_factor_verified');

                $yubiKeyOtp = InputValidation::yubiKeyOtp($request->getPostParameter('_two_factor_auth_yubi_key_otp'));
                $redirectTo = $request->getPostParameter('_two_factor_auth_redirect_to');
                self::validateRedirectTo($request, $redirectTo);

                try {
                    $this->serverClient->post('verify_yubi_key_otp', ['user_id' => $userId, 'yubi_key_otp' => $yubiKeyOtp]);
                    $this->session->regenerate(true);
                    $this->session->set('_two_factor_verified', $userId);

                    return new RedirectResponse($redirectTo, 302);
                } catch (ApiException $e) {
                    // unable to validate the OTP
                    $response = new Response(200, 'text/html');
                    $response->setBody(
                        $this->tpl->render(
                            'twoFactorYubiKeyOtp',
                            [
                                '_two_factor_auth_invalid' => true,
                                '_two_factor_auth_error_msg' => $e->getMessage(),
                                '_two_factor_auth_redirect_to' => $redirectTo,
                            ]
                        )
                    );

                    return $response;
                }
            }
        );
    }

    private static function validateRedirectTo(Request $request, $redirectTo)
    {
        // validate the URL
        if (false === filter_var($redirectTo, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED | FILTER_FLAG_HOST_REQUIRED | FILTER_FLAG_PATH_REQUIRED)) {

            throw new HttpException('invalid redirect_to URL', 400);
        }

        // extract the "host" part of the URL
        if (false === $redirectToHost = parse_url($redirectTo, PHP_URL_HOST)) {

            throw new HttpException('invalid redirect_to URL, unable to extract host', 400);
        }
        if ($request->getServerName() !== $redirectToHost) {
            throw new HttpException('redirect_to does not match expected host', 400);
        }
    }
}


1		<?php
2
3		/**
4		* eduVPN - End-user friendly VPN.
5		*
6		* Copyright: 2016-2017, The Commons Conservancy eduVPN Programme
7		* SPDX-License-Identifier: AGPL-3.0+
8		*/
9
10		namespace SURFnet\VPN\Common\Http;
11
12		use fkooman\SeCookie\SessionInterface;
13		use SURFnet\VPN\Common\Http\Exception\HttpException;
14		use SURFnet\VPN\Common\HttpClient\Exception\ApiException;
15		use SURFnet\VPN\Common\HttpClient\ServerClient;
16		use SURFnet\VPN\Common\TplInterface;
17
18		class TwoFactorModule implements ServiceModuleInterface
19		{
20		/** @var \SURFnet\VPN\Common\HttpClient\ServerClient */
21		private $serverClient;
22
23		/** @var \fkooman\SeCookie\SessionInterface; */
24		private $session;
25
26		/** @var \SURFnet\VPN\Common\TplInterface */
27		private $tpl;
28
29		public function __construct(ServerClient $serverClient, SessionInterface $session, TplInterface $tpl)
30		{
31		$this->serverClient = $serverClient;
32		$this->session = $session;
33		$this->tpl = $tpl;
34		}
35
36		public function init(Service $service)
37		{
38		$service->post(
39		'/_two_factor/auth/verify/totp',
40	View Code Duplication	function (Request $request, array $hookData) {
		0 ignored issues – show Duplication introduced 2016-12-28 19:13 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
41		if (!array_key_exists('auth', $hookData)) {
42		throw new HttpException('authentication hook did not run before', 500);
43		}
44		$userId = $hookData['auth'];
45
46		$this->session->delete('_two_factor_verified');
47
48		$totpKey = InputValidation::totpKey($request->getPostParameter('_two_factor_auth_totp_key'));
49		$redirectTo = $request->getPostParameter('_two_factor_auth_redirect_to');
50		self::validateRedirectTo($request, $redirectTo);
51
52		try {
53		$this->serverClient->post('verify_totp_key', ['user_id' => $userId, 'totp_key' => $totpKey]);
54		$this->session->regenerate(true);
55		$this->session->set('_two_factor_verified', $userId);
56
57		return new RedirectResponse($redirectTo, 302);
58		} catch (ApiException $e) {
59		// unable to validate the OTP
60		$response = new Response(200, 'text/html');
61		$response->setBody(
62		$this->tpl->render(
63		'twoFactorTotp',
64		[
65		'_two_factor_auth_invalid' => true,
66		'_two_factor_auth_error_msg' => $e->getMessage(),
67		'_two_factor_auth_redirect_to' => $redirectTo,
68		]
69		)
70		);
71
72		return $response;
73		}
74		}
75		);
76
77		$service->post(
78		'/_two_factor/auth/verify/yubi',
79	View Code Duplication	function (Request $request, array $hookData) {
		0 ignored issues – show Duplication introduced 2016-12-28 19:13 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
80		if (!array_key_exists('auth', $hookData)) {
81		throw new HttpException('authentication hook did not run before', 500);
82		}
83		$userId = $hookData['auth'];
84
85		$this->session->delete('_two_factor_verified');
86
87		$yubiKeyOtp = InputValidation::yubiKeyOtp($request->getPostParameter('_two_factor_auth_yubi_key_otp'));
88		$redirectTo = $request->getPostParameter('_two_factor_auth_redirect_to');
89		self::validateRedirectTo($request, $redirectTo);
90
91		try {
92		$this->serverClient->post('verify_yubi_key_otp', ['user_id' => $userId, 'yubi_key_otp' => $yubiKeyOtp]);
93		$this->session->regenerate(true);
94		$this->session->set('_two_factor_verified', $userId);
95
96		return new RedirectResponse($redirectTo, 302);
97		} catch (ApiException $e) {
98		// unable to validate the OTP
99		$response = new Response(200, 'text/html');
100		$response->setBody(
101		$this->tpl->render(
102		'twoFactorYubiKeyOtp',
103		[
104		'_two_factor_auth_invalid' => true,
105		'_two_factor_auth_error_msg' => $e->getMessage(),
106		'_two_factor_auth_redirect_to' => $redirectTo,
107		]
108		)
109		);
110
111		return $response;
112		}
113		}
114		);
115		}
116
117		private static function validateRedirectTo(Request $request, $redirectTo)
118		{
119		// validate the URL
120	View Code Duplication	if (false === filter_var($redirectTo, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED \| FILTER_FLAG_HOST_REQUIRED \| FILTER_FLAG_PATH_REQUIRED)) {
		0 ignored issues – show Duplication introduced 2016-10-07 12:34 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
121		throw new HttpException('invalid redirect_to URL', 400);
122		}
123
124		// extract the "host" part of the URL
125	View Code Duplication	if (false === $redirectToHost = parse_url($redirectTo, PHP_URL_HOST)) {
		0 ignored issues – show Duplication introduced 2016-10-07 12:34 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
126		throw new HttpException('invalid redirect_to URL, unable to extract host', 400);
127		}
128		if ($request->getServerName() !== $redirectToHost) {
129		throw new HttpException('redirect_to does not match expected host', 400);
130		}
131		}
132		}
133

eduvpn / vpn-lib-common

GitHub Access Token became invalid

TwoFactorModule::init() B last analyzed 2017-08-17 16:32 UTC

Complexity

Size

Duplication

Importance

How to fix Long Method

Long Method

Duplication Side-by-Side

Filter issues like

TwoFactorModule::init() B
last analyzed 2017-08-17 16:32 UTC