Issues in Response.php - All Issues - Inspection of "Merge pull request #1 from flipboxfactory/develop" - flipboxfactory/saml-sp - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 524cff...dc4813 )

unknown

created 2018-04-10 19:52 UTC

src/services/messages/Response.php (1 issue)

Labels

Documentation 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Created by PhpStorm.
 * User: dsmrt
 * Date: 1/11/18
 * Time: 8:30 PM
 */

namespace flipbox\saml\sp\services\messages;


use craft\base\Component;
use flipbox\keychain\records\KeyChainRecord;
use flipbox\saml\core\exceptions\InvalidMessage;
use flipbox\saml\core\helpers\SecurityHelper;
use flipbox\saml\sp\Saml;
use LightSaml\Model\Assertion\Assertion;
use LightSaml\Model\Assertion\EncryptedAssertionReader;
use LightSaml\Validator\Model\Assertion\AssertionTimeValidator;
use LightSaml\Validator\Model\Assertion\AssertionValidator;
use LightSaml\Validator\Model\NameId\NameIdValidator;
use LightSaml\Validator\Model\Statement\StatementValidator;
use LightSaml\Validator\Model\Subject\SubjectValidator;

class Response extends Component
{

    /**
     * @param Assertion $assertion
     * @return bool
     */
    public function isValidTimeAssertion(Assertion $assertion)
    {
        $validator = new AssertionTimeValidator();
        $validator->validateTimeRestrictions($assertion, (new \DateTime())->getTimestamp(), 0);
        return true;
    }

    /**
     * @param Assertion $assertion
     * @return bool
     */
    public function isValidAssertion(Assertion $assertion)
    {
        $nameValidator = new NameIdValidator;
        $validator = new AssertionValidator(
            $nameValidator,
            new SubjectValidator($nameValidator),
            new StatementValidator
        );

        $validator->validateAssertion($assertion);

        return true;
    }


    /**
     * @param \LightSaml\Model\Protocol\Response $response
     * @param KeyChainRecord $keyChainRecord
     */
    public function decryptAssertions(\LightSaml\Model\Protocol\Response $response, KeyChainRecord $keyChainRecord)
    {
        $credential = SecurityHelper::createCredential($keyChainRecord);

        $decryptDeserializeContext = new \LightSaml\Model\Context\DeserializationContext();

        /** @var \LightSaml\Model\Assertion\EncryptedAssertionReader $encryptedAssertion */
        foreach ($response->getAllEncryptedAssertions() as $encryptedAssertion) {
            if ($encryptedAssertion instanceof EncryptedAssertionReader) {
                $response->addAssertion(
                    $encryptedAssertion->decryptMultiAssertion([$credential], $decryptDeserializeContext)
function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
                );
            }
        }

    }
}

1			<?php
2			/**
3			* Created by PhpStorm.
4			* User: dsmrt
5			* Date: 1/11/18
6			* Time: 8:30 PM
7			*/
8
9			namespace flipbox\saml\sp\services\messages;
10
11
12			use craft\base\Component;
13			use flipbox\keychain\records\KeyChainRecord;
14			use flipbox\saml\core\exceptions\InvalidMessage;
15			use flipbox\saml\core\helpers\SecurityHelper;
16			use flipbox\saml\sp\Saml;
17			use LightSaml\Model\Assertion\Assertion;
18			use LightSaml\Model\Assertion\EncryptedAssertionReader;
19			use LightSaml\Validator\Model\Assertion\AssertionTimeValidator;
20			use LightSaml\Validator\Model\Assertion\AssertionValidator;
21			use LightSaml\Validator\Model\NameId\NameIdValidator;
22			use LightSaml\Validator\Model\Statement\StatementValidator;
23			use LightSaml\Validator\Model\Subject\SubjectValidator;
24
25			class Response extends Component
26			{
27
28			/**
29			* @param Assertion $assertion
30			* @return bool
31			*/
32			public function isValidTimeAssertion(Assertion $assertion)
33			{
34			$validator = new AssertionTimeValidator();
35			$validator->validateTimeRestrictions($assertion, (new \DateTime())->getTimestamp(), 0);
36			return true;
37			}
38
39			/**
40			* @param Assertion $assertion
41			* @return bool
42			*/
43			public function isValidAssertion(Assertion $assertion)
44			{
45			$nameValidator = new NameIdValidator;
46			$validator = new AssertionValidator(
47			$nameValidator,
48			new SubjectValidator($nameValidator),
49			new StatementValidator
50			);
51
52			$validator->validateAssertion($assertion);
53
54			return true;
55			}
56
57
58			/**
59			* @param \LightSaml\Model\Protocol\Response $response
60			* @param KeyChainRecord $keyChainRecord
61			*/
62			public function decryptAssertions(\LightSaml\Model\Protocol\Response $response, KeyChainRecord $keyChainRecord)
63			{
64			$credential = SecurityHelper::createCredential($keyChainRecord);
65
66			$decryptDeserializeContext = new \LightSaml\Model\Context\DeserializationContext();
67
68			/** @var \LightSaml\Model\Assertion\EncryptedAssertionReader $encryptedAssertion */
69			foreach ($response->getAllEncryptedAssertions() as $encryptedAssertion) {
70			if ($encryptedAssertion instanceof EncryptedAssertionReader) {
71			$response->addAssertion(
72			$encryptedAssertion->decryptMultiAssertion([$credential], $decryptDeserializeContext)
			0 ignored issues – show Documentation introduced 2018-04-10 19:59 UTC by Report Bug Copy Issue Report Show Similar Issues like this `array($credential)` is of type `array<integer,object<Lig...ial\\X509Credential>"}>`, but the function expects a `array<integer,object<Rob...ecLibs\XMLSecurityKey>>`. It seems like the type of the argument is not accepted by the function/method which you are calling. In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug. We suggest to add an explicit type cast like in the following example: function acceptsInteger($int) { } $x = '123'; // string "123" // Instead of acceptsInteger($x); // we recommend to use acceptsInteger((integer) $x); Loading history...
73			);
74			}
75			}
76
77			}
78			}

flipboxfactory / saml-sp

Push — master ( 524cff...dc4813 )

src/services/messages/Response.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like