RepositoryAuthenticationProvider - Code Metrics - Inspection of "EZP-30962: Dropped deprecated permission-related m..." - ezsystems/ezpublish-kernel - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( eae1ea...9d8891 )

by Łukasz

created 2019-09-24 11:06 UTC

RepositoryAuthenticationProvider A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	45
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	7

Importance

Changes

Metric	Value
dl	0
loc	45
rs	10
c	0
b	0
f	0
wmc	7
lcom	1
cbo	7

3 Methods

Rating	Name	Size	Complexity
A	setPermissionResolver()	4	1
A	setUserService()	4	1
A	checkAuthentication()	26	5

<?php

/**
 * File containing the RepositoryAuthenticationProvider class.
 *
 * @copyright Copyright (C) eZ Systems AS. All rights reserved.
 * @license For full copyright and license information view LICENSE file distributed with this source code.
 */
namespace eZ\Publish\Core\MVC\Symfony\Security\Authentication;

use eZ\Publish\API\Repository\Exceptions\NotFoundException;
use eZ\Publish\API\Repository\PermissionResolver;
use eZ\Publish\API\Repository\UserService;
use eZ\Publish\Core\MVC\Symfony\Security\UserInterface as EzUserInterface;
use Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\User\UserInterface;

class RepositoryAuthenticationProvider extends DaoAuthenticationProvider
{
    /** @var \eZ\Publish\API\Repository\PermissionResolver */
    private $permissionResolver;

    /** @var \eZ\Publish\API\Repository\UserService */
    private $userService;

    public function setPermissionResolver(PermissionResolver $permissionResolver)
    {
        $this->permissionResolver = $permissionResolver;
    }

    public function setUserService(UserService $userService)
    {
        $this->userService = $userService;
    }

    protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
    {
        if (!$user instanceof EzUserInterface) {
            return parent::checkAuthentication($user, $token);
        }

        // $currentUser can either be an instance of UserInterface or just the username (e.g. during form login).
        /** @var EzUserInterface|string $currentUser */
        $currentUser = $token->getUser();
        if ($currentUser instanceof UserInterface) {
            if ($currentUser->getAPIUser()->passwordHash !== $user->getAPIUser()->passwordHash) {
                throw new BadCredentialsException('The credentials were changed from another session.');
            }

            $apiUser = $currentUser->getAPIUser();
        } else {
            try {
                $apiUser = $this->userService->loadUserByCredentials($token->getUsername(), $token->getCredentials());
            } catch (NotFoundException $e) {
                throw new BadCredentialsException('Invalid credentials', 0, $e);
            }
        }

        // Finally inject current user in the Repository
        $this->permissionResolver->setCurrentUserReference($apiUser);
    }
}


1			<?php
2
3			/**
4			* File containing the RepositoryAuthenticationProvider class.
5			*
6			* @copyright Copyright (C) eZ Systems AS. All rights reserved.
7			* @license For full copyright and license information view LICENSE file distributed with this source code.
8			*/
9			namespace eZ\Publish\Core\MVC\Symfony\Security\Authentication;
10
11			use eZ\Publish\API\Repository\Exceptions\NotFoundException;
12			use eZ\Publish\API\Repository\PermissionResolver;
13			use eZ\Publish\API\Repository\UserService;
14			use eZ\Publish\Core\MVC\Symfony\Security\UserInterface as EzUserInterface;
15			use Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider;
16			use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
17			use Symfony\Component\Security\Core\Exception\BadCredentialsException;
18			use Symfony\Component\Security\Core\User\UserInterface;
19
20			class RepositoryAuthenticationProvider extends DaoAuthenticationProvider
21			{
22			/** @var \eZ\Publish\API\Repository\PermissionResolver */
23			private $permissionResolver;
24
25			/** @var \eZ\Publish\API\Repository\UserService */
26			private $userService;
27
28			public function setPermissionResolver(PermissionResolver $permissionResolver)
29			{
30			$this->permissionResolver = $permissionResolver;
31			}
32
33			public function setUserService(UserService $userService)
34			{
35			$this->userService = $userService;
36			}
37
38			protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
39			{
40			if (!$user instanceof EzUserInterface) {
41			return parent::checkAuthentication($user, $token);
42			}
43
44			// $currentUser can either be an instance of UserInterface or just the username (e.g. during form login).
45			/** @var EzUserInterface\|string $currentUser */
46			$currentUser = $token->getUser();
47			if ($currentUser instanceof UserInterface) {
48			if ($currentUser->getAPIUser()->passwordHash !== $user->getAPIUser()->passwordHash) {
49			throw new BadCredentialsException('The credentials were changed from another session.');
50			}
51
52			$apiUser = $currentUser->getAPIUser();
53			} else {
54			try {
55			$apiUser = $this->userService->loadUserByCredentials($token->getUsername(), $token->getCredentials());
56			} catch (NotFoundException $e) {
57			throw new BadCredentialsException('Invalid credentials', 0, $e);
58			}
59			}
60
61			// Finally inject current user in the Repository
62			$this->permissionResolver->setCurrentUserReference($apiUser);
63			}
64			}
65

ezsystems / ezpublish-kernel

Push — master ( eae1ea...9d8891 )

RepositoryAuthenticationProvider A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

3 Methods

Duplication Side-by-Side

Filter issues like