PasswordCredentialProvider - Code Metrics - Inspection of "OAuth refactoring and autocreation" - enwikipedia-acc/waca - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — newinternal (#527)

by Simon

created 2020-04-26 14:40 UTC

PasswordCredentialProvider A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	49
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	3

Importance

Changes

Metric	Value
dl	0
loc	49
rs	10
c	0
b	0
f	0
wmc	8
lcom	1
cbo	3

3 Methods

Rating	Name	Size	Complexity
A	__construct()	4	1
A	authenticate()	24	5
A	setCredential()	14	2

<?php
/******************************************************************************
 * Wikipedia Account Creation Assistance tool                                 *
 *                                                                            *
 * All code in this file is released into the public domain by the ACC        *
 * Development Team. Please see team.json for a list of contributors.         *
 ******************************************************************************/

namespace Waca\Security\CredentialProviders;

use Waca\DataObjects\User;
use Waca\PdoDatabase;
use Waca\SiteConfiguration;

class PasswordCredentialProvider extends CredentialProviderBase
{
    const PASSWORD_COST = 10;

    public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
    {
        parent::__construct($database, $configuration, 'password');
    }

    public function authenticate(User $user, $data)
    {
        $storedData = $this->getCredentialData($user->getId());
        if($storedData === null)
        {
            // No available credential matching these parameters
            return false;
        }

        if($storedData->getVersion() !== 2) {
            // Non-2 versions are not supported.
            return false;
        }

        if(password_verify($data, $storedData->getData())) {
            if(password_needs_rehash($storedData->getData(), PASSWORD_BCRYPT, array('cost' => self::PASSWORD_COST))){
                $this->setCredential($user, $storedData->getFactor(), $data);
            }

            return true;
        }

        return false;
    }

    public function setCredential(User $user, $factor, $password)
    {
        $storedData = $this->getCredentialData($user->getId());

        if($storedData === null){
            $storedData = $this->createNewCredential($user);
        }

        $storedData->setData(password_hash($password, PASSWORD_BCRYPT, array('cost' => self::PASSWORD_COST)));
        $storedData->setFactor($factor);
        $storedData->setVersion(2);

        $storedData->save();
    }
}

1			<?php
2			/******************************************************************************
3			* Wikipedia Account Creation Assistance tool *
4			* *
5			* All code in this file is released into the public domain by the ACC *
6			* Development Team. Please see team.json for a list of contributors. *
7			******************************************************************************/
8
9			namespace Waca\Security\CredentialProviders;
10
11			use Waca\DataObjects\User;
12			use Waca\PdoDatabase;
13			use Waca\SiteConfiguration;
14
15			class PasswordCredentialProvider extends CredentialProviderBase
16			{
17			const PASSWORD_COST = 10;
18
19			public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
20			{
21			parent::__construct($database, $configuration, 'password');
22			}
23
24			public function authenticate(User $user, $data)
25			{
26			$storedData = $this->getCredentialData($user->getId());
27			if($storedData === null)
28			{
29			// No available credential matching these parameters
30			return false;
31			}
32
33			if($storedData->getVersion() !== 2) {
34			// Non-2 versions are not supported.
35			return false;
36			}
37
38			if(password_verify($data, $storedData->getData())) {
39			if(password_needs_rehash($storedData->getData(), PASSWORD_BCRYPT, array('cost' => self::PASSWORD_COST))){
40			$this->setCredential($user, $storedData->getFactor(), $data);
41			}
42
43			return true;
44			}
45
46			return false;
47			}
48
49			public function setCredential(User $user, $factor, $password)
50			{
51			$storedData = $this->getCredentialData($user->getId());
52
53			if($storedData === null){
54			$storedData = $this->createNewCredential($user);
55			}
56
57			$storedData->setData(password_hash($password, PASSWORD_BCRYPT, array('cost' => self::PASSWORD_COST)));
58			$storedData->setFactor($factor);
59			$storedData->setVersion(2);
60
61			$storedData->save();
62			}
63			}

enwikipedia-acc / waca

Pull Request — newinternal (#527)

PasswordCredentialProvider A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

3 Methods

Duplication Side-by-Side

Filter issues like