Issues in U2FCredentialProvider.php - New Issues - Inspection of "fix database migration" - enwikipedia-acc/waca - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — newinternal ( b66232...216d62 )

by Simon

created 2020-05-09 21:44 UTC

CredentialProviders/U2FCredentialProvider.php (3 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/******************************************************************************
 * Wikipedia Account Creation Assistance tool                                 *
 *                                                                            *
 * All code in this file is released into the public domain by the ACC        *
 * Development Team. Please see team.json for a list of contributors.         *
 ******************************************************************************/

namespace Waca\Security\CredentialProviders;

use DateTimeImmutable;
use u2flib_server\Error;
use u2flib_server\U2F;
use Waca\DataObjects\User;
use Waca\Exceptions\ApplicationLogicException;
use Waca\Exceptions\OptimisticLockFailedException;
use Waca\PdoDatabase;
use Waca\SiteConfiguration;
use Waca\WebRequest;

class U2FCredentialProvider extends CredentialProviderBase
{
    /** @var U2F */
    private $u2f;

    /**
     * U2FCredentialProvider constructor.
     *
     * @param PdoDatabase       $database
     * @param SiteConfiguration $configuration
     */
    public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
    {
        parent::__construct($database, $configuration, 'u2f');

        $appId = 'https://' . WebRequest::httpHost();
        $this->u2f = new U2F($appId);
    }

    /**
     * Validates a user-provided credential
     *
     * @param User   $user The user to test the authentication against
     * @param string $data The raw credential data to be validated
     *
     * @return bool
     * @throws OptimisticLockFailedException
     */
    public function authenticate(User $user, $data)
    {
        if (!is_array($data)) {
            return false;
        }

        list($authenticate, $request, $isU2F) = $data;

        if ($isU2F !== 'u2f') {
            return false;
        }

        $storedData = $this->getCredentialData($user->getId(), false);
        $registrations = json_decode($storedData->getData());

        try {
            $updatedRegistration = $this->u2f->doAuthenticate($request, array($registrations), $authenticate);
            $storedData->setData(json_encode($updatedRegistration));
            $storedData->save();
        }
        catch (Error $ex) {
            return false;
        }

        return true;
    }

    public function enable(User $user, $request, $u2fData)
    {
        $registrationData = $this->u2f->doRegister($request, $u2fData);

        $storedData = $this->getCredentialData($user->getId(), true);

        if ($storedData === null) {
            throw new ApplicationLogicException('Credential data not found');
        }

        if ($storedData->getTimeout() > new DateTimeImmutable()) {
            $storedData->setData(json_encode($registrationData));
            $storedData->setDisabled(0);
            $storedData->setTimeout(null);
            $storedData->save();
        }
    }

    /**
     * @param User   $user   The user the credential belongs to
     * @param int    $factor The factor this credential provides
     * @param string $data   Unused here, due to multi-stage enrollment
     */
    public function setCredential(User $user, $factor, $data)
    {
        $storedData = $this->getCredentialData($user->getId(), null);
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);

        if ($storedData !== null) {
            $storedData->delete();
        }

        $storedData = $this->createNewCredential($user);

        $storedData->setData(null);
        $storedData->setFactor($factor);
        $storedData->setTimeout(new DateTimeImmutable('+ 1 hour'));
        $storedData->setDisabled(1);
        $storedData->setPriority(4);
        $storedData->setVersion(1);

        $storedData->save();
    }

    public function isPartiallyEnrolled(User $user)

    {
        $storedData = $this->getCredentialData($user->getId(), true);

        if ($storedData->getTimeout() < new DateTimeImmutable()) {
            $storedData->delete();

            return false;
        }

        if ($storedData === null) {

            return false;
        }

        return true;
    }

    public function getRegistrationData()
    {
        return $this->u2f->getRegisterData();
    }

    public function getAuthenticationData(User $user)
    {
        $storedData = $this->getCredentialData($user->getId(), false);
        $registrations = json_decode($storedData->getData());

        $authenticateData = $this->u2f->getAuthenticateData(array($registrations));

        return $authenticateData;
    }
}


1		<?php
2		/******************************************************************************
3		* Wikipedia Account Creation Assistance tool *
4		* *
5		* All code in this file is released into the public domain by the ACC *
6		* Development Team. Please see team.json for a list of contributors. *
7		******************************************************************************/
8
9		namespace Waca\Security\CredentialProviders;
10
11		use DateTimeImmutable;
12		use u2flib_server\Error;
13		use u2flib_server\U2F;
14		use Waca\DataObjects\User;
15		use Waca\Exceptions\ApplicationLogicException;
16		use Waca\Exceptions\OptimisticLockFailedException;
17		use Waca\PdoDatabase;
18		use Waca\SiteConfiguration;
19		use Waca\WebRequest;
20
21		class U2FCredentialProvider extends CredentialProviderBase
22		{
23		/** @var U2F */
24		private $u2f;
25
26		/**
27		* U2FCredentialProvider constructor.
28		*
29		* @param PdoDatabase $database
30		* @param SiteConfiguration $configuration
31		*/
32		public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
33		{
34		parent::__construct($database, $configuration, 'u2f');
35
36		$appId = 'https://' . WebRequest::httpHost();
37		$this->u2f = new U2F($appId);
38		}
39
40		/**
41		* Validates a user-provided credential
42		*
43		* @param User $user The user to test the authentication against
44		* @param string $data The raw credential data to be validated
45		*
46		* @return bool
47		* @throws OptimisticLockFailedException
48		*/
49		public function authenticate(User $user, $data)
50		{
51		if (!is_array($data)) {
52		return false;
53		}
54
55		list($authenticate, $request, $isU2F) = $data;
56
57		if ($isU2F !== 'u2f') {
58		return false;
59		}
60
61		$storedData = $this->getCredentialData($user->getId(), false);
62		$registrations = json_decode($storedData->getData());
63
64		try {
65		$updatedRegistration = $this->u2f->doAuthenticate($request, array($registrations), $authenticate);
66		$storedData->setData(json_encode($updatedRegistration));
67		$storedData->save();
68		}
69		catch (Error $ex) {
70		return false;
71		}
72
73		return true;
74		}
75
76		public function enable(User $user, $request, $u2fData)
77		{
78		$registrationData = $this->u2f->doRegister($request, $u2fData);
79
80		$storedData = $this->getCredentialData($user->getId(), true);
81
82		if ($storedData === null) {
83		throw new ApplicationLogicException('Credential data not found');
84		}
85
86		if ($storedData->getTimeout() > new DateTimeImmutable()) {
87		$storedData->setData(json_encode($registrationData));
88		$storedData->setDisabled(0);
89		$storedData->setTimeout(null);
90		$storedData->save();
91		}
92		}
93
94		/**
95		* @param User $user The user the credential belongs to
96		* @param int $factor The factor this credential provides
97		* @param string $data Unused here, due to multi-stage enrollment
98		*/
99		public function setCredential(User $user, $factor, $data)
100		{
101		$storedData = $this->getCredentialData($user->getId(), null);
		0 ignored issues – show Documentation introduced 2020-05-01 17:08 UTC by Report Bug Copy Issue Report Show Similar Issues like this `null` is of type `null`, but the function expects a `boolean`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
102
103		if ($storedData !== null) {
104		$storedData->delete();
105		}
106
107		$storedData = $this->createNewCredential($user);
108
109		$storedData->setData(null);
110		$storedData->setFactor($factor);
111		$storedData->setTimeout(new DateTimeImmutable('+ 1 hour'));
112		$storedData->setDisabled(1);
113		$storedData->setPriority(4);
114		$storedData->setVersion(1);
115
116		$storedData->save();
117		}
118
119	View Code Duplication	public function isPartiallyEnrolled(User $user)
		0 ignored issues – show Duplication introduced 2020-05-01 17:08 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
120		{
121		$storedData = $this->getCredentialData($user->getId(), true);
122
123		if ($storedData->getTimeout() < new DateTimeImmutable()) {
124		$storedData->delete();
125
126		return false;
127		}
128
129		if ($storedData === null) {
		0 ignored issues – show Unused Code introduced 2020-05-01 17:08 UTC by Report Bug Copy Issue Report Show Similar Issues like this This `if` statement, and the following `return` statement can be replaced with `return !($storedData === null);`. Loading history...
130		return false;
131		}
132
133		return true;
134		}
135
136		public function getRegistrationData()
137		{
138		return $this->u2f->getRegisterData();
139		}
140
141		public function getAuthenticationData(User $user)
142		{
143		$storedData = $this->getCredentialData($user->getId(), false);
144		$registrations = json_decode($storedData->getData());
145
146		$authenticateData = $this->u2f->getAuthenticateData(array($registrations));
147
148		return $authenticateData;
149		}
150		}
151

enwikipedia-acc / waca

Push — newinternal ( b66232...216d62 )

CredentialProviders/U2FCredentialProvider.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like