Issues in Response.php - Fixed Issues - Inspection of "Merge pull request #1 from flipboxfactory/develop" - flipboxfactory/saml-sp - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 524cff...dc4813 )

unknown

created 2018-04-10 19:52 UTC

src/services/messages/Response.php (3 issues)

Labels

Severity

Minor 3

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Created by PhpStorm.
 * User: dsmrt
 * Date: 1/11/18
 * Time: 8:30 PM
 */

namespace flipbox\saml\sp\services\messages;


use craft\base\Component;
use flipbox\keychain\records\KeyChainRecord;
use flipbox\saml\core\exceptions\InvalidMessage;
use flipbox\saml\core\helpers\SecurityHelper;
use flipbox\saml\sp\Saml;
use LightSaml\Model\Assertion\Assertion;
use LightSaml\Model\Assertion\EncryptedAssertionReader;
use LightSaml\Validator\Model\Assertion\AssertionTimeValidator;
use LightSaml\Validator\Model\Assertion\AssertionValidator;
use LightSaml\Validator\Model\NameId\NameIdValidator;
use LightSaml\Validator\Model\Statement\StatementValidator;
use LightSaml\Validator\Model\Subject\SubjectValidator;

class Response extends Component
{

    /**
     * @param Assertion $assertion
     * @return bool
     */
    public function isValidTimeAssertion(Assertion $assertion)
    {
        $validator = new AssertionTimeValidator();
        $validator->validateTimeRestrictions($assertion, (new \DateTime())->getTimestamp(), 0);
        return true;
    }

    /**
     * @param Assertion $assertion
     * @return bool
     */
    public function isValidAssertion(Assertion $assertion)
    {
        $nameValidator = new NameIdValidator;
        $validator = new AssertionValidator(
            $nameValidator,
            new SubjectValidator($nameValidator),
            new StatementValidator
        );

        $validator->validateAssertion($assertion);

        return true;
    }


    /**
     * @param KeyChainRecord $chainRecord
/**
 * @param array $germany
 * @param array $ireland
 */
function finale($germany, $island) {
    return "2:1";
}
     * @param EncryptedAssertionReader $encryptedAssertion
/**
 * @param array $germany
 * @param array $island
 * @param array $italy
 */
function finale($germany, $island) {
    return "2:1";
}
     */
    public function decryptAssertions(\LightSaml\Model\Protocol\Response $response, KeyChainRecord $keyChainRecord)
    {
        $credential = SecurityHelper::createCredential($keyChainRecord);

        $decryptDeserializeContext = new \LightSaml\Model\Context\DeserializationContext();

        /** @var \LightSaml\Model\Assertion\EncryptedAssertionReader $encryptedAssertion */
        foreach ($response->getAllEncryptedAssertions() as $encryptedAssertion) {
            $response->addAssertion(
                $encryptedAssertion->decryptMultiAssertion([$credential], $decryptDeserializeContext)
abstract class User
{
    /** @return string */
    abstract public function getPassword();
}

class MyUser extends User
{
    public function getPassword()
    {
        // return something
    }

    public function getDisplayName()
    {
        // return some name.
    }
}

class AuthSystem
{
    public function authenticate(User $user)
    {
        $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
        // do something.
    }
}
            );
        }

    }
}

Push — master ( 524cff...dc4813 )

src/services/messages/Response.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

1			<?php
2			/**
3			* Created by PhpStorm.
4			* User: dsmrt
5			* Date: 1/11/18
6			* Time: 8:30 PM
7			*/
8
9			namespace flipbox\saml\sp\services\messages;
10
11
12			use craft\base\Component;
13			use flipbox\keychain\records\KeyChainRecord;
14			use flipbox\saml\core\exceptions\InvalidMessage;
15			use flipbox\saml\core\helpers\SecurityHelper;
16			use flipbox\saml\sp\Saml;
17			use LightSaml\Model\Assertion\Assertion;
18			use LightSaml\Model\Assertion\EncryptedAssertionReader;
19			use LightSaml\Validator\Model\Assertion\AssertionTimeValidator;
20			use LightSaml\Validator\Model\Assertion\AssertionValidator;
21			use LightSaml\Validator\Model\NameId\NameIdValidator;
22			use LightSaml\Validator\Model\Statement\StatementValidator;
23			use LightSaml\Validator\Model\Subject\SubjectValidator;
24
25			class Response extends Component
26			{
27
28			/**
29			* @param Assertion $assertion
30			* @return bool
31			*/
32			public function isValidTimeAssertion(Assertion $assertion)
33			{
34			$validator = new AssertionTimeValidator();
35			$validator->validateTimeRestrictions($assertion, (new \DateTime())->getTimestamp(), 0);
36			return true;
37			}
38
39			/**
40			* @param Assertion $assertion
41			* @return bool
42			*/
43			public function isValidAssertion(Assertion $assertion)
44			{
45			$nameValidator = new NameIdValidator;
46			$validator = new AssertionValidator(
47			$nameValidator,
48			new SubjectValidator($nameValidator),
49			new StatementValidator
50			);
51
52			$validator->validateAssertion($assertion);
53
54			return true;
55			}
56
57
58			/**
59			* @param KeyChainRecord $chainRecord
			0 ignored issues – show Documentation introduced 2018-04-10 19:48 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no parameter named `$chainRecord`. Did you maybe mean `$keyChainRecord`? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. It has, however, found a similar but not annotated parameter which might be a good fit. Consider the following example. The parameter `$ireland` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $ireland */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was changed, but the annotation was not. Loading history...
60			* @param EncryptedAssertionReader $encryptedAssertion
			0 ignored issues – show Bug introduced 2018-04-10 19:48 UTC by Report Bug Copy Issue Report Show Similar Issues like this There is no parameter named `$encryptedAssertion`. Was it maybe removed? This check looks for PHPDoc comments describing methods or function parameters that do not exist on the corresponding method or function. Consider the following example. The parameter `$italy` is not defined by the method `finale(...)`. /** * @param array $germany * @param array $island * @param array $italy */ function finale($germany, $island) { return "2:1"; } The most likely cause is that the parameter was removed, but the annotation was not. Loading history...
61			*/
62			public function decryptAssertions(\LightSaml\Model\Protocol\Response $response, KeyChainRecord $keyChainRecord)
63			{
64			$credential = SecurityHelper::createCredential($keyChainRecord);
65
66			$decryptDeserializeContext = new \LightSaml\Model\Context\DeserializationContext();
67
68			/** @var \LightSaml\Model\Assertion\EncryptedAssertionReader $encryptedAssertion */
69			foreach ($response->getAllEncryptedAssertions() as $encryptedAssertion) {
70			$response->addAssertion(
71			$encryptedAssertion->decryptMultiAssertion([$credential], $decryptDeserializeContext)
			0 ignored issues – show Bug introduced 2018-04-10 19:48 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you code against a specific sub-type and not the parent class `LightSaml\Model\Assertion\EncryptedElement` as the method `decryptMultiAssertion()` does only exist in the following sub-classes of `LightSaml\Model\Assertion\EncryptedElement`: `LightSaml\Model\Assertion\EncryptedAssertionReader`. Maybe you want to `instanceof` check for one of these explicitly? Let’s take a look at an example: abstract class User { /** @return string / abstract public function getPassword(); } class MyUser extends User { public function getPassword() { // return something } public function getDisplayName() { // return some name. } } class AuthSystem { public function authenticate(User $user) { $this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName())); // do something. } } In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes Change the type-hint for the parameter: class AuthSystem { public function authenticate(MyUser $user) { / ... / } } Add an additional type-check: class AuthSystem { public function authenticate(User $user) { if ($user instanceof MyUser) { $this->logger->info(/* ... /); } // or alternatively if ( ! $user instanceof MyUser) { throw new \LogicException( '$user must be an instance of MyUser, ' .'other instances are not supported.' ); } } } Note:* PHP Analyzer uses reverse abstract interpretation to narrow down the types inside the if block in such a case. Add the method to the parent class: abstract class User { /** @return string / abstract public function getPassword(); /* @return string */ abstract public function getDisplayName(); } Loading history...
72			);
73			}
74
75			}
76			}

flipboxfactory / saml-sp

Push — master ( 524cff...dc4813 )

src/services/messages/Response.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Available Fixes

Duplication Side-by-Side

Filter issues like