Issues in Response.php - Fixed Issues - Inspection of "Merge pull request #1 from flipboxfactory/develop" - flipboxfactory/saml-sp - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 524cff...dc4813 )

unknown

created 2018-04-10 19:52 UTC

src/services/messages/Response.php (1 issue)

Showing only issues like (Show All)

strict.coding_against_specific_subtype

Bug Minor

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Created by PhpStorm.
 * User: dsmrt
 * Date: 1/11/18
 * Time: 8:30 PM
 */

namespace flipbox\saml\sp\services\messages;


use craft\base\Component;
use flipbox\keychain\records\KeyChainRecord;
use flipbox\saml\core\exceptions\InvalidMessage;
use flipbox\saml\core\helpers\SecurityHelper;
use flipbox\saml\sp\Saml;
use LightSaml\Model\Assertion\Assertion;
use LightSaml\Model\Assertion\EncryptedAssertionReader;
use LightSaml\Validator\Model\Assertion\AssertionTimeValidator;
use LightSaml\Validator\Model\Assertion\AssertionValidator;
use LightSaml\Validator\Model\NameId\NameIdValidator;
use LightSaml\Validator\Model\Statement\StatementValidator;
use LightSaml\Validator\Model\Subject\SubjectValidator;

class Response extends Component
{

    /**
     * @param Assertion $assertion
     * @return bool
     */
    public function isValidTimeAssertion(Assertion $assertion)
    {
        $validator = new AssertionTimeValidator();
        $validator->validateTimeRestrictions($assertion, (new \DateTime())->getTimestamp(), 0);
        return true;
    }

    /**
     * @param Assertion $assertion
     * @return bool
     */
    public function isValidAssertion(Assertion $assertion)
    {
        $nameValidator = new NameIdValidator;
        $validator = new AssertionValidator(
            $nameValidator,
            new SubjectValidator($nameValidator),
            new StatementValidator
        );

        $validator->validateAssertion($assertion);

        return true;
    }


    /**
     * @param KeyChainRecord $chainRecord
     * @param EncryptedAssertionReader $encryptedAssertion
     */
    public function decryptAssertions(\LightSaml\Model\Protocol\Response $response, KeyChainRecord $keyChainRecord)
    {
        $credential = SecurityHelper::createCredential($keyChainRecord);

        $decryptDeserializeContext = new \LightSaml\Model\Context\DeserializationContext();

        /** @var \LightSaml\Model\Assertion\EncryptedAssertionReader $encryptedAssertion */
        foreach ($response->getAllEncryptedAssertions() as $encryptedAssertion) {
            $response->addAssertion(
                $encryptedAssertion->decryptMultiAssertion([$credential], $decryptDeserializeContext)
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
            );
        }

    }
}

Push — master ( 524cff...dc4813 )

src/services/messages/Response.php (1 issue)

Showing only issues like (Show All)

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

1			<?php
2			/**
3			* Created by PhpStorm.
4			* User: dsmrt
5			* Date: 1/11/18
6			* Time: 8:30 PM
7			*/
8
9			namespace flipbox\saml\sp\services\messages;
10
11
12			use craft\base\Component;
13			use flipbox\keychain\records\KeyChainRecord;
14			use flipbox\saml\core\exceptions\InvalidMessage;
15			use flipbox\saml\core\helpers\SecurityHelper;
16			use flipbox\saml\sp\Saml;
17			use LightSaml\Model\Assertion\Assertion;
18			use LightSaml\Model\Assertion\EncryptedAssertionReader;
19			use LightSaml\Validator\Model\Assertion\AssertionTimeValidator;
20			use LightSaml\Validator\Model\Assertion\AssertionValidator;
21			use LightSaml\Validator\Model\NameId\NameIdValidator;
22			use LightSaml\Validator\Model\Statement\StatementValidator;
23			use LightSaml\Validator\Model\Subject\SubjectValidator;
24
25			class Response extends Component
26			{
27
28			/**
29			* @param Assertion $assertion
30			* @return bool
31			*/
32			public function isValidTimeAssertion(Assertion $assertion)
33			{
34			$validator = new AssertionTimeValidator();
35			$validator->validateTimeRestrictions($assertion, (new \DateTime())->getTimestamp(), 0);
36			return true;
37			}
38
39			/**
40			* @param Assertion $assertion
41			* @return bool
42			*/
43			public function isValidAssertion(Assertion $assertion)
44			{
45			$nameValidator = new NameIdValidator;
46			$validator = new AssertionValidator(
47			$nameValidator,
48			new SubjectValidator($nameValidator),
49			new StatementValidator
50			);
51
52			$validator->validateAssertion($assertion);
53
54			return true;
55			}
56
57
58			/**
59			* @param KeyChainRecord $chainRecord
60			* @param EncryptedAssertionReader $encryptedAssertion
61			*/
62			public function decryptAssertions(\LightSaml\Model\Protocol\Response $response, KeyChainRecord $keyChainRecord)
63			{
64			$credential = SecurityHelper::createCredential($keyChainRecord);
65
66			$decryptDeserializeContext = new \LightSaml\Model\Context\DeserializationContext();
67
68			/** @var \LightSaml\Model\Assertion\EncryptedAssertionReader $encryptedAssertion */
69			foreach ($response->getAllEncryptedAssertions() as $encryptedAssertion) {
70			$response->addAssertion(
71			$encryptedAssertion->decryptMultiAssertion([$credential], $decryptDeserializeContext)
			0 ignored issues – show Bug introduced 2018-04-10 19:48 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you code against a specific sub-type and not the parent class `LightSaml\Model\Assertion\EncryptedElement` as the method `decryptMultiAssertion()` does only exist in the following sub-classes of `LightSaml\Model\Assertion\EncryptedElement`: `LightSaml\Model\Assertion\EncryptedAssertionReader`. Maybe you want to `instanceof` check for one of these explicitly? Let’s take a look at an example: abstract class User { /** @return string / abstract public function getPassword(); } class MyUser extends User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the parent class: abstract class User { /** @return string / abstract public function getPassword(); /* @return string */ abstract public function getDisplayName(); } Loading history...
72			);
73			}
74
75			}
76			}

flipboxfactory / saml-sp

Push — master ( 524cff...dc4813 )

src/services/messages/Response.php (1 issue)

Showing only issues like (Show All)

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

Duplication Side-by-Side

Filter issues like